syzbot


WARNING in print_bfs_bug

Status: upstream: reported C repro on 2023/04/30 23:10
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+1e6500b4776e4010efdf@syzkaller.appspotmail.com
First crash: 412d, last: 113d
Fix bisection: failed (error log, bisect log)
  
Bug presence (1)
Date Name Commit Repro Result
2024/02/24 upstream (ToT) 603c04e27c3e C [report] WARNING in print_bfs_bug
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in print_bfs_bug (2) kernel C done 282 6d01h 535d 0/27 upstream: reported C repro on 2022/12/29 15:51
linux-6.1 WARNING in print_bfs_bug origin:upstream C 3 15d 413d 0/3 upstream: reported C repro on 2023/04/30 07:54
upstream WARNING in print_bfs_bug C done 14759 1339d 1692d 15/27 fixed on 2020/11/16 12:12
Fix bisection attempts (4)
Created Duration User Patch Repo Result
2024/01/06 17:13 1m fix candidate upstream error job log (0)
2023/12/07 10:26 23m fix candidate upstream error job log (0)
2023/09/23 21:04 0m bisect fix linux-5.15.y error job log (0)
2023/06/23 04:55 42m bisect fix linux-5.15.y job log (0) log

Sample crash report:
------------[ cut here ]------------
lockdep bfs error:-1
WARNING: CPU: 1 PID: 8651 at kernel/locking/lockdep.c:2022 print_bfs_bug+0x22/0x30 kernel/locking/lockdep.c:2022
Modules linked in:
CPU: 1 PID: 8651 Comm: syz-executor104 Not tainted 5.15.149-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
RIP: 0010:print_bfs_bug+0x22/0x30 kernel/locking/lockdep.c:2022
Code: ff ff e8 11 d5 b9 08 90 55 53 89 fb e8 a7 0a a1 02 89 c5 e8 e0 1e ff ff 85 ed 74 10 48 c7 c7 80 2d 8b 8a 89 de e8 5e c1 e8 ff <0f> 0b 5b 5d c3 66 0f 1f 84 00 00 00 00 00 55 41 57 41 56 41 55 41
RSP: 0018:ffffc9000c92e188 EFLAGS: 00010046
RAX: f493f003b50a1a00 RBX: 00000000ffffffff RCX: ffff888072099dc0
RDX: 0000000000000000 RSI: 0000000080000004 RDI: 0000000000000000
RBP: 0000000000000001 R08: ffffffff8166625c R09: ffffed1017364f24
R10: 0000000000000000 R11: dffffc0000000001 R12: ffffffff912177d8
R13: 0000000000030e01 R14: ffffffff8f9c0670 R15: ffffffff912176f8
FS:  0000555555d79380(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000564de25e8778 CR3: 0000000037454000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 check_irq_usage kernel/locking/lockdep.c:2747 [inline]
 check_prev_add kernel/locking/lockdep.c:3057 [inline]
 check_prevs_add kernel/locking/lockdep.c:3172 [inline]
 validate_chain+0x40f1/0x5930 kernel/locking/lockdep.c:3788
 __lock_acquire+0x1295/0x1ff0 kernel/locking/lockdep.c:5012
 lock_acquire+0x1db/0x4f0 kernel/locking/lockdep.c:5623
 do_write_seqcount_begin_nested include/linux/seqlock.h:519 [inline]
 do_write_seqcount_begin include/linux/seqlock.h:545 [inline]
 psi_group_change+0x11b/0x1180 kernel/sched/psi.c:710
 psi_enqueue kernel/sched/stats.h:104 [inline]
 enqueue_task+0x2fe/0x3a0 kernel/sched/core.c:1973
 activate_task kernel/sched/core.c:2005 [inline]
 ttwu_do_activate+0x1cf/0x430 kernel/sched/core.c:3614
 ttwu_queue kernel/sched/core.c:3823 [inline]
 try_to_wake_up+0x795/0x1300 kernel/sched/core.c:4146
 swake_up_locked kernel/sched/swait.c:30 [inline]
 swake_up_one+0x65/0x150 kernel/sched/swait.c:53
 rcu_report_unblock_qs_rnp kernel/rcu/tree.c:2275 [inline]
 rcu_preempt_deferred_qs_irqrestore+0x9f2/0xc50 kernel/rcu/tree_plugin.h:552
 rcu_read_unlock_special+0x43f/0x520 kernel/rcu/tree_plugin.h:670
 __rcu_read_unlock+0x92/0x100 kernel/rcu/tree_plugin.h:422
 rcu_read_unlock include/linux/rcupdate.h:728 [inline]
 is_bpf_text_address+0x24a/0x260 kernel/bpf/core.c:723
 kernel_text_address kernel/extable.c:151 [inline]
 __kernel_text_address+0x94/0x100 kernel/extable.c:105
 unwind_get_return_address+0x49/0x80 arch/x86/kernel/unwind_orc.c:323
 arch_stack_walk+0xf3/0x140 arch/x86/kernel/stacktrace.c:26
 stack_trace_save+0x113/0x1c0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc+0xba/0xf0 mm/kasan/common.c:513
 kasan_kmalloc include/linux/kasan.h:264 [inline]
 __kmalloc+0x168/0x300 mm/slub.c:4407
 kmalloc_array include/linux/slab.h:631 [inline]
 kcalloc include/linux/slab.h:660 [inline]
 __team_options_register drivers/net/team/team.c:261 [inline]
 team_options_register+0x41/0xc40 drivers/net/team/team.c:343
 __team_change_mode+0x2df/0x510 drivers/net/team/team.c:580
 team_change_mode drivers/net/team/team.c:614 [inline]
 team_mode_option_set+0x32c/0x3a0 drivers/net/team/team.c:1385
 team_option_set drivers/net/team/team.c:376 [inline]
 team_nl_cmd_options_set+0xbda/0x1240 drivers/net/team/team.c:2679
 genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline]
 genl_family_rcv_msg net/netlink/genetlink.c:775 [inline]
 genl_rcv_msg+0xfbd/0x14a0 net/netlink/genetlink.c:792
 netlink_rcv_skb+0x1cf/0x410 net/netlink/af_netlink.c:2505
 genl_rcv+0x24/0x40 net/netlink/genetlink.c:803
 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline]
 netlink_unicast+0x7b6/0x980 net/netlink/af_netlink.c:1356
 netlink_sendmsg+0xa30/0xd60 net/netlink/af_netlink.c:1924
 sock_sendmsg_nosec net/socket.c:704 [inline]
 __sock_sendmsg net/socket.c:716 [inline]
 ____sys_sendmsg+0x59e/0x8f0 net/socket.c:2431
 ___sys_sendmsg+0x252/0x2e0 net/socket.c:2485
 __sys_sendmsg net/socket.c:2514 [inline]
 __do_sys_sendmsg net/socket.c:2523 [inline]
 __se_sys_sendmsg+0x19a/0x260 net/socket.c:2521
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7f575856cc59
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 71 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffec17dba48 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f575856cc59
RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000006
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
 </TASK>

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/02/24 02:07 linux-5.15.y 458ce51d0356 8d446f15 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING in print_bfs_bug
2023/04/30 23:10 linux-5.15.y f48aeeaaa64c 62df2017 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING in print_bfs_bug
2023/05/23 11:12 linux-5.15.y 9d6bde853685 4bce1a3e .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING in print_bfs_bug
2023/07/13 01:31 linux-5.15.y d54cfc420586 979d5fe2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan WARNING in print_bfs_bug
* Struck through repros no longer work on HEAD.