syzbot

 sign-in | mailing list | source | docs
🐞 Open [721]
🐞 Fixed [117]
🐞 Invalid [734]
Missing Backports [75]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

possible deadlock in __dev_queue_xmit (3)

Status: upstream: reported on 2024/10/25 05:17
Reported-by: syzbot+1f5d85a41ae645abffc0@syzkaller.appspotmail.com
First crash: 193d, last: 2d20h
Similar bugs (12)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 possible deadlock in __dev_queue_xmit 4 2145d 2214d 0/3 auto-closed as invalid on 2019/10/25 08:36
upstream possible deadlock in __dev_queue_xmit (3) net C done inconclusive 1022 7d10h 1981d 0/28 upstream: reported C repro on 2019/12/03 09:55
linux-4.19 possible deadlock in __dev_queue_xmit C error 5 1322d 1740d 0/1 upstream: reported C repro on 2020/07/31 07:05
android-414 possible deadlock in __dev_queue_xmit 3 2203d 2214d 0/1 auto-closed as invalid on 2019/10/21 21:31
android-44 possible deadlock in __dev_queue_xmit 14 1980d 2042d 0/2 auto-closed as invalid on 2020/04/02 07:14
linux-6.1 possible deadlock in __dev_queue_xmit 98 564d 678d 0/3 auto-obsoleted due to no activity on 2023/12/28 22:22
linux-4.14 possible deadlock in __dev_queue_xmit 7 1690d 2135d 0/1 auto-closed as invalid on 2021/01/16 21:33
upstream possible deadlock in __dev_queue_xmit net 1 2303d 2303d 0/28 closed as invalid on 2019/03/10 18:51
linux-5.15 possible deadlock in __dev_queue_xmit 113 629d 765d 0/3 auto-obsoleted due to no activity on 2023/10/25 04:56
linux-6.1 possible deadlock in __dev_queue_xmit (2) 7 363d 473d 0/3 auto-obsoleted due to no activity on 2024/08/16 05:44
linux-5.15 possible deadlock in __dev_queue_xmit (2) origin:lts-only C done 57 11h42m 508d 0/3 upstream: reported C repro on 2023/12/15 02:11
upstream possible deadlock in __dev_queue_xmit (2) kernel 2 2115d 2231d 0/28 auto-closed as invalid on 2019/11/19 09:01

Sample crash report:
============================================
WARNING: possible recursive locking detected
6.1.134-syzkaller #0 Not tainted
--------------------------------------------
kworker/u4:1/14506 is trying to acquire lock:
ffff88807c49b218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:351 [inline]
ffff88807c49b218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_xmit_skb net/core/dev.c:3925 [inline]
ffff88807c49b218 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0x22db/0x3d50 net/core/dev.c:4300

but task is already holding lock:
ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: spin_trylock include/linux/spinlock.h:361 [inline]
ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: qdisc_run_begin include/net/sch_generic.h:195 [inline]
ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_xmit_skb net/core/dev.c:3882 [inline]
ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0x12c7/0x3d50 net/core/dev.c:4300

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock);
  lock(dev->qdisc_tx_busylock ?: &qdisc_tx_busylock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

7 locks held by kworker/u4:1/14506:
 #0: ffff88807ad21138 ((wq_completion)bond1#3){+.+.}-{0:0}, at: process_one_work+0x806/0x1260 kernel/workqueue.c:2267
 #1: ffffc90003117d20 ((work_completion)(&(&bond->alb_work)->work)){+.+.}-{0:0}, at: process_one_work+0x806/0x1260 kernel/workqueue.c:2267
 #2: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #2: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #2: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: bond_alb_monitor+0x10c/0x1750 drivers/net/bonding/bond_alb.c:1547
 #3: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #3: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_read_lock_bh include/linux/rcupdate.h:843 [inline]
 #3: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d6/0x3d50 net/core/dev.c:4257
 #4: ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: spin_trylock include/linux/spinlock.h:361 [inline]
 #4: ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: qdisc_run_begin include/net/sch_generic.h:195 [inline]
 #4: ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_xmit_skb net/core/dev.c:3882 [inline]
 #4: ffff8880586e2258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+.-.}-{2:2}, at: __dev_queue_xmit+0x12c7/0x3d50 net/core/dev.c:4300
 #5: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:350 [inline]
 #5: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:791 [inline]
 #5: ffffffff8d32e740 (rcu_read_lock){....}-{1:2}, at: ip_finish_output2+0x3ee/0x1270 net/ipv4/ip_output.c:221
 #6: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: local_bh_disable include/linux/bottom_half.h:20 [inline]
 #6: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: rcu_read_lock_bh include/linux/rcupdate.h:843 [inline]
 #6: ffffffff8d32e7a0 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x2d6/0x3d50 net/core/dev.c:4257

stack backtrace:
CPU: 0 PID: 14506 Comm: kworker/u4:1 Not tainted 6.1.134-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: bond1 bond_alb_monitor
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1e3/0x2cb lib/dump_stack.c:106
 print_deadlock_bug kernel/locking/lockdep.c:2983 [inline]
 check_deadlock kernel/locking/lockdep.c:3026 [inline]
 validate_chain+0x4711/0x5950 kernel/locking/lockdep.c:3812
 __lock_acquire+0x125b/0x1f80 kernel/locking/lockdep.c:5049
 lock_acquire+0x1f8/0x5a0 kernel/locking/lockdep.c:5662
 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
 _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:154
 spin_lock include/linux/spinlock.h:351 [inline]
 __dev_xmit_skb net/core/dev.c:3925 [inline]
 __dev_queue_xmit+0x22db/0x3d50 net/core/dev.c:4300
 dev_queue_xmit include/linux/netdevice.h:3051 [inline]
 neigh_hh_output include/net/neighbour.h:528 [inline]
 neigh_output include/net/neighbour.h:542 [inline]
 ip_finish_output2+0xd6e/0x1270 net/ipv4/ip_output.c:228
 iptunnel_xmit+0x51a/0x920 net/ipv4/ip_tunnel_core.c:82
 ip_tunnel_xmit+0x1b52/0x2550 net/ipv4/ip_tunnel.c:858
 __gre_xmit net/ipv4/ip_gre.c:474 [inline]
 gre_tap_xmit+0x4eb/0x6e0 net/ipv4/ip_gre.c:751
 __netdev_start_xmit include/linux/netdevice.h:4896 [inline]
 netdev_start_xmit include/linux/netdevice.h:4910 [inline]
 xmit_one net/core/dev.c:3658 [inline]
 dev_hard_start_xmit+0x261/0x8c0 net/core/dev.c:3674
 sch_direct_xmit+0x2b2/0x5e0 net/sched/sch_generic.c:342
 __dev_xmit_skb net/core/dev.c:3895 [inline]
 __dev_queue_xmit+0x1a7a/0x3d50 net/core/dev.c:4300
 alb_send_learning_packets+0x197/0x370 drivers/net/bonding/bond_alb.c:1012
 bond_alb_monitor+0x3ef/0x1750 drivers/net/bonding/bond_alb.c:1564
 process_one_work+0x917/0x1260 kernel/workqueue.c:2292
 worker_thread+0xa47/0x1200 kernel/workqueue.c:2439
 kthread+0x28d/0x320 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog

Crashes (41):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/24 22:11 linux-6.1.y 420102835862 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/04/23 01:05 linux-6.1.y 420102835862 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/04/08 14:02 linux-6.1.y 3dfebb87d7eb a775275d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/03/30 13:05 linux-6.1.y 8e60a714ba3b d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/03/24 17:36 linux-6.1.y 344a09659766 875573af .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/03/22 09:58 linux-6.1.y 344a09659766 c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/03/18 22:08 linux-6.1.y 344a09659766 22a6c2b1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/02/21 04:38 linux-6.1.y 0cbb5f65e52f 0808a665 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/02/18 04:04 linux-6.1.y 0cbb5f65e52f 429ea007 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/02/14 01:20 linux-6.1.y 0cbb5f65e52f a98a8417 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/31 20:21 linux-6.1.y 75cefdf153f5 aa47157c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/29 16:55 linux-6.1.y 75cefdf153f5 136953f1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/29 16:54 linux-6.1.y 75cefdf153f5 136953f1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/29 16:39 linux-6.1.y 75cefdf153f5 136953f1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/29 05:01 linux-6.1.y 75cefdf153f5 865ef71e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/29 04:51 linux-6.1.y 75cefdf153f5 865ef71e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/25 10:44 linux-6.1.y 75cefdf153f5 9fbd772e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/23 04:43 linux-6.1.y f4f677285b38 a44b0418 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/18 22:13 linux-6.1.y 60ceadf9247e f2cb035c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/01/16 23:53 linux-6.1.y c63962be84ef f9e07a6e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan possible deadlock in __dev_queue_xmit
2025/05/03 21:11 linux-6.1.y b6736e03756f b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/04/25 04:14 linux-6.1.y 420102835862 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/04/15 20:14 linux-6.1.y 420102835862 23b969b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/04/15 08:44 linux-6.1.y 420102835862 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/04/03 12:04 linux-6.1.y 8e60a714ba3b 996a9618 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/23 12:14 linux-6.1.y 344a09659766 4e8d3850 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/20 18:53 linux-6.1.y 344a09659766 9209bc22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/09 10:04 linux-6.1.y 6ae7ac5c4251 163f510d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/08 19:45 linux-6.1.y 6ae7ac5c4251 7e3bd60d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/05 19:31 linux-6.1.y 3a8358583626 60f5d8d9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/03/01 19:10 linux-6.1.y 3a8358583626 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/02/27 02:32 linux-6.1.y 3a8358583626 6a8fcbc4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/02/25 12:22 linux-6.1.y 3a8358583626 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/02/12 13:14 linux-6.1.y 0cbb5f65e52f b27c2402 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/02/09 06:49 linux-6.1.y 0cbb5f65e52f ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/01/21 00:18 linux-6.1.y f4f677285b38 6e87cfa2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/01/15 00:03 linux-6.1.y c63962be84ef f310a27d .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/01/10 15:02 linux-6.1.y c63962be84ef 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2025/01/07 11:15 linux-6.1.y 7dc732d24ff7 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2024/12/11 07:27 linux-6.1.y e4d90d63d385 cfc402b4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
2024/10/25 05:16 linux-6.1.y 7ec6f9fa3d97 c79b8ca5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 possible deadlock in __dev_queue_xmit
* Struck through repros no longer work on HEAD.