syzbot


INFO: trying to register non-static key in del_timer_sync

Status: fixed on 2018/05/13 22:34
Subsystems: netfilter
[Documentation on labels]
Reported-by: syzbot+3659f05802671eb8af9c@syzkaller.appspotmail.com
Fix commit: 10414014bc08 netfilter: x_tables: fix missing timer initialization in xt_LED
First crash: 2136d, last: 2108d
Discussions (1)
Title Replies (including bot) Last reply
INFO: trying to register non-static key in del_timer_sync 1 (2) 2018/05/13 19:59
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: trying to register non-static key in del_timer_sync (2) wireless usb C 1206 1644d 1696d 17/25 fixed on 2020/11/16 12:12

Sample crash report:
audit: type=1400 audit(1517074079.617:7): avc:  denied  { map } for  pid=3685 comm="syzkaller985951" path="/root/syzkaller985951088" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 1 PID: 3685 Comm: syzkaller985951 Not tainted 4.15.0-rc9+ #283
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 register_lock_class+0x542/0x2cd0 kernel/locking/lockdep.c:752
 __lock_acquire+0x1de/0x3e00 kernel/locking/lockdep.c:3314
 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3914
 del_timer_sync+0xba/0x240 kernel/time/timer.c:1275
 led_tg_destroy+0x2dd/0x3f0 net/netfilter/xt_LED.c:185
 cleanup_entry+0x218/0x350 net/ipv4/netfilter/ip_tables.c:659
 __do_replace+0x7d7/0xa90 net/ipv4/netfilter/ip_tables.c:1096
 do_replace net/ipv4/netfilter/ip_tables.c:1152 [inline]
 do_ipt_set_ctl+0x40f/0x5f0 net/ipv4/netfilter/ip_tables.c:1682
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ip_setsockopt+0xa1/0xb0 net/ipv4/ip_sockglue.c:1256
 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2875
 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1831 [inline]
 SyS_setsockopt+0x189/0x360 net/socket.c:1810
 entry_SYSCALL_64_fastpath+0x29/0xa0
RIP: 0033:0x4449fa
RSP: 002b:00007ffee653a948 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00000000006cd0fc RCX: 00000000004449fa
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00000000006cd0fc R08: 00000000000002d8 R09: 000000000117c880
R10: 00000000006cd528 R11: 0000000000000206 R12: 0000000000000003
R13: 00000000006d00a4 R14: 00000000006d0050 R15: 00000000004a39ae
------------[ cut here ]------------
ODEBUG: assert_init not available (active state 0) object type: timer_list hint:           (null)
WARNING: CPU: 1 PID: 3685 at lib/debugobjects.c:291 debug_print_object+0x166/0x220 lib/debugobjects.c:288
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 3685 Comm: syzkaller985951 Not tainted 4.15.0-rc9+ #283
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 panic+0x1e4/0x41c kernel/panic.c:183
 __warn+0x1dc/0x200 kernel/panic.c:547
 report_bug+0x211/0x2d0 lib/bug.c:184
 fixup_bug.part.11+0x37/0x80 arch/x86/kernel/traps.c:178
 fixup_bug arch/x86/kernel/traps.c:247 [inline]
 do_error_trap+0x2d7/0x3e0 arch/x86/kernel/traps.c:296
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:315
 invalid_op+0x22/0x40 arch/x86/entry/entry_64.S:1096
RIP: 0010:debug_print_object+0x166/0x220 lib/debugobjects.c:288
RSP: 0018:ffff8801d9adf7d0 EFLAGS: 00010282
RAX: dffffc0000000008 RBX: 0000000000000005 RCX: ffffffff8159ebae
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000293
RBP: ffff8801d9adf810 R08: 0000000000000000 R09: 1ffff1003b35be97
R10: ffff8801d9adf6d0 R11: ffffffff86b38678 R12: 0000000000000001
R13: ffffffff86b49d00 R14: ffffffff86010440 R15: ffffffff815f1530
 debug_object_assert_init+0x303/0x570 lib/debugobjects.c:654
 debug_timer_assert_init kernel/time/timer.c:707 [inline]
 debug_assert_init kernel/time/timer.c:759 [inline]
 try_to_del_timer_sync+0x74/0x130 kernel/time/timer.c:1215
 del_timer_sync+0x18a/0x240 kernel/time/timer.c:1285
 led_tg_destroy+0x2dd/0x3f0 net/netfilter/xt_LED.c:185
 cleanup_entry+0x218/0x350 net/ipv4/netfilter/ip_tables.c:659
 __do_replace+0x7d7/0xa90 net/ipv4/netfilter/ip_tables.c:1096
 do_replace net/ipv4/netfilter/ip_tables.c:1152 [inline]
 do_ipt_set_ctl+0x40f/0x5f0 net/ipv4/netfilter/ip_tables.c:1682
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ip_setsockopt+0xa1/0xb0 net/ipv4/ip_sockglue.c:1256
 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2875
 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1831 [inline]
 SyS_setsockopt+0x189/0x360 net/socket.c:1810
 entry_SYSCALL_64_fastpath+0x29/0xa0
RIP: 0033:0x4449fa
RSP: 002b:00007ffee653a948 EFLAGS: 00000206 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00000000006cd0fc RCX: 00000000004449fa
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00000000006cd0fc R08: 00000000000002d8 R09: 000000000117c880
R10: 00000000006cd528 R11: 0000000000000206 R12: 0000000000000003
R13: 00000000006d00a4 R14: 00000000006d0050 R15: 00000000004a39ae
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (89):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/01/27 17:30 upstream c4e0ca7fa241 08146b1a .config console log report syz C ci-upstream-kasan-gce
2018/01/28 01:45 net-next-old 6bb46bc57c8e 08146b1a .config console log report syz ci-upstream-net-kasan-gce
2018/02/23 02:55 upstream af3e79d29555 8d8e2494 .config console log report ci-upstream-kasan-gce
2018/02/21 11:25 upstream af3e79d29555 04cbdbd1 .config console log report ci-upstream-kasan-gce
2018/02/20 03:36 upstream 91ab883eb213 c1f526e3 .config console log report ci-upstream-kasan-gce
2018/02/20 00:49 upstream 91ab883eb213 c1f526e3 .config console log report ci-upstream-kasan-gce
2018/02/19 13:12 upstream 91ab883eb213 833f78c7 .config console log report ci-upstream-kasan-gce
2018/02/18 13:11 upstream c786427f57b6 833f78c7 .config console log report ci-upstream-kasan-gce
2018/02/16 12:45 upstream 1388c80438e6 c8b3f7c1 .config console log report ci-upstream-kasan-gce
2018/02/13 20:03 upstream 61f14c015f5b 88bc17df .config console log report ci-upstream-kasan-gce
2018/02/13 12:38 upstream 178e834c47b0 88bc17df .config console log report ci-upstream-kasan-gce
2018/02/11 02:53 upstream d48fcbd864a0 4e9b726d .config console log report ci-upstream-kasan-gce
2018/02/11 00:25 upstream d48fcbd864a0 4e9b726d .config console log report ci-upstream-kasan-gce
2018/02/09 19:45 upstream f9f1e414128e 2b6b214c .config console log report ci-upstream-kasan-gce
2018/02/09 17:30 upstream f1517df8701c 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/08 18:46 upstream 581e400ff935 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/08 14:55 upstream 581e400ff935 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/08 14:01 upstream 581e400ff935 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/08 05:37 upstream 581e400ff935 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/07 18:21 upstream a2e5790d8416 9fb5ec43 .config console log report ci-upstream-kasan-gce
2018/02/07 03:34 upstream e237f98a9c13 66c15deb .config console log report ci-upstream-kasan-gce
2018/02/06 20:54 upstream e237f98a9c13 66c15deb .config console log report ci-upstream-kasan-gce
2018/02/06 18:30 upstream e237f98a9c13 66c15deb .config console log report ci-upstream-kasan-gce
2018/02/06 14:52 upstream e237f98a9c13 66c15deb .config console log report ci-upstream-kasan-gce
2018/02/06 08:01 upstream 2deb41b24532 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 19:51 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 16:39 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 16:24 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 09:20 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 05:06 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 02:54 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/05 02:52 upstream 35277995e179 a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/04 23:30 upstream 617aebe6a97e a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/04 16:01 upstream 617aebe6a97e a1bc9d40 .config console log report ci-upstream-kasan-gce
2018/02/04 01:55 upstream 23c35f48f5fb 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 21:15 upstream b89e32ccd1be 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 13:25 upstream b89e32ccd1be 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 13:04 upstream b89e32ccd1be 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 12:05 upstream b89e32ccd1be 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 02:10 upstream 03f51d4efa22 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/03 01:04 upstream 03f51d4efa22 632a8c2c .config console log report ci-upstream-kasan-gce
2018/02/02 14:17 upstream 4bf772b14675 826b35d6 .config console log report ci-upstream-kasan-gce
* Struck through repros no longer work on HEAD.