syzbot

 sign-in | mailing list | source | docs
🐞 Open [574] 🐞 Fixed [66] 🐞 Invalid [207] Missing Backports [40] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: soft lockup in tc_modify_qdisc

Status: fixed on 2023/07/10 11:22
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+3d5bc6a437ebce408b84@syzkaller.appspotmail.com
Fix commit: 1d37434ffc13 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
First crash: 337d, last: 337d
Fix bisection: fixed by (bisect log) :
commit 1d37434ffc1376306167dc61f37f78da18455b74
Author: Eric Dumazet <edumazet@google.com>
Date: Fri Jun 2 12:37:47 2023 +0000

  net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values

  
Bug presence (1)
Date Name Commit Repro Result
2023/06/04 upstream (ToT) e5282a7d8f6b C [report] BUG: soft lockup in tc_modify_qdisc
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-6-1 BUG: soft lockup in tc_modify_qdisc C done done 53 160d 192d 0/2 auto-obsoleted due to no activity on 2024/02/06 04:01
android-5-15 BUG: soft lockup in tc_modify_qdisc origin:lts C done done 254 249d 304d 0/2 auto-obsoleted due to no activity on 2023/11/09 01:01
linux-5.15 BUG: soft lockup in tc_modify_qdisc origin:upstream C error 1 338d 338d 0/3 auto-obsoleted due to no activity on 2023/09/11 01:53
android-5-10 BUG: soft lockup in tc_modify_qdisc C done done 314 251d 304d 0/2 auto-obsoleted due to no activity on 2023/11/07 07:54
upstream INFO: rcu detected stall in tc_modify_qdisc net C done 407 2h33m 1377d 0/26 upstream: reported C repro on 2020/07/29 05:53

Sample crash report:
watchdog: BUG: soft lockup - CPU#0 stuck for 22s! [syz-executor256:4302]
Modules linked in:
irq event stamp: 5009
hardirqs last  enabled at (5008): [<ffff8000120fb1c0>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:84 [inline]
hardirqs last  enabled at (5008): [<ffff8000120fb1c0>] exit_to_kernel_mode+0xe8/0x118 arch/arm64/kernel/entry-common.c:94
hardirqs last disabled at (5009): [<ffff8000120f8e9c>] __el1_irq arch/arm64/kernel/entry-common.c:468 [inline]
hardirqs last disabled at (5009): [<ffff8000120f8e9c>] el1_interrupt+0x24/0x68 arch/arm64/kernel/entry-common.c:486
softirqs last  enabled at (512): [<ffff8000103f7d94>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (518): [<ffff800010711c4c>] fq_pie_change+0x23c/0xda4 net/sched/sch_fq_pie.c:290
CPU: 0 PID: 4302 Comm: syz-executor256 Not tainted 6.1.31-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/28/2023
pstate: 00400005 (nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : queued_spin_lock_slowpath+0x15c/0xe48 kernel/locking/qspinlock.c:383
lr : queued_spin_lock_slowpath+0x168/0xe48 kernel/locking/qspinlock.c:383
sp : ffff80001dcd6b60
x29: ffff80001dcd6c00 x28: 1fffe0001b28461e x27: 1ffff00003b9ad78
x26: dfff800000000000 x25: 1fffe0001b284620 x24: ffff80001dcd6b80
x23: ffff80001dcd6bc0 x22: ffff700003b9ad70 x21: 0000000000000001
x20: 0000000000000001 x19: ffff0000d94230f0 x18: ffff0000cd6b0010
x17: 0000000000000000 x16: ffff80000896d2d4 x15: 0000000000000000
x14: 1ffff00002ab80b0 x13: dfff800000000000 x12: 0000000000000001
x11: 1fffe0001b28461e x10: 0000000000000000 x9 : 0000000000000000
x8 : 0000000000000101 x7 : ffff800010711c4c x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff8000121dcbf4
x2 : 0000000000000000 x1 : 0000000000000004 x0 : 0000000000000001
Call trace:
 __cmpwait_case_32 arch/arm64/include/asm/cmpxchg.h:252 [inline]
 __cmpwait arch/arm64/include/asm/cmpxchg.h:278 [inline]
 queued_spin_lock_slowpath+0x15c/0xe48 kernel/locking/qspinlock.c:383
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x330/0x358 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:127 [inline]
 _raw_spin_lock_bh+0x5c/0x6c kernel/locking/spinlock.c:178
 fq_pie_change+0x23c/0xda4 net/sched/sch_fq_pie.c:290
 fq_pie_init+0x2b0/0x714 net/sched/sch_fq_pie.c:411
 qdisc_create+0x6ac/0xde4 net/sched/sch_api.c:1277
 tc_modify_qdisc+0x954/0x16c0
 rtnetlink_rcv_msg+0x72c/0xd94 net/core/rtnetlink.c:6091
 netlink_rcv_skb+0x20c/0x3b8 net/netlink/af_netlink.c:2524
 rtnetlink_rcv+0x28/0x38 net/core/rtnetlink.c:6109
 netlink_unicast_kernel net/netlink/af_netlink.c:1328 [inline]
 netlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1354
 netlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1902
 sock_sendmsg_nosec net/socket.c:716 [inline]
 sock_sendmsg net/socket.c:736 [inline]
 ____sys_sendmsg+0x558/0x844 net/socket.c:2482
 ___sys_sendmsg net/socket.c:2536 [inline]
 __sys_sendmsg+0x26c/0x33c net/socket.c:2565
 __do_sys_sendmsg net/socket.c:2574 [inline]
 __se_sys_sendmsg net/socket.c:2572 [inline]
 __arm64_sys_sendmsg+0x80/0x94 net/socket.c:2572
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/04 07:32 linux-6.1.y d2869ace6eeb a4ae4f42 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: soft lockup in tc_modify_qdisc
* Struck through repros no longer work on HEAD.