syzbot

 sign-in | mailing list | source | docs
🐞 Open [1630]
Subsystems
🐞 Fixed [6115]
🐞 Invalid [15333]
Missing Backports [170]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING in posix_cpu_timer_del

Status: closed as invalid on 2019/08/31 03:15
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+654f89dafed9092dac4d@syzkaller.appspotmail.com
First crash: 2042d, last: 2038d
Cause bisection: the cause commit could be any of (bisect log):
  fc0a4de8e668 posix-cpu-timers: Provide array based access to expiry cache
  4cc121376363 posix-cpu-timers: Move expiry cache into struct posix_cputimers
  6f440f889147 posix-cpu-timers: Simplify timer queueing
  2fcd363a1a55 sched: Move struct task_cputime to types.h
  95c0e29afa2a posix-cpu-timers: Simplify set_process_cpu_timer()
  05c191a0cab4 posix-cpu-timers: Create a container struct
  ca2258d8695a posix-cpu-timers: Switch check_*_timers() to array cache
  080b31145ed2 posix-cpu-timers: Remove the odd field rename defines
  4663b7f47d8e posix-cpu-timers: Move prof/virt_ticks into caller
  c663b713eda5 posix-cpu-timers: Sample task times once in expiry check
  c96d6e594d1b posix-cpu-timers: Provide array based sample functions
  957d8bcaf4e1 posix-cpu-timers: Get rid of pointer indirection
  e762ac92cfd3 posix-cpu-timers: Make expiry checks array based
  8dc06959500c posix-cpu-timers: Remove cputime_expires
  9459311baf6b posix-cpu-timers: Simplify sample functions
  0102a96de44a posix-cpu-timers: Restructure expiry array
  9ebc1ad3b762 posix-cpu-timers: Remove pointless return value check
  8c768bb88f3f posix-cpu-timers: Use clock ID in posix_cpu_timer_rearm()
  8e8c6459bb44 posix-cpu-timers: Switch thread group sampling to array
  13aa8bba4a39 posix-cpu-timers: Use clock ID in posix_cpu_timer_get()
  d9f868a03b3f posix-cpu-timers: Respect INFINITY for hard RTTIME limit
  9336cd130321 rlimit: Rewrite non-sensical RLIMIT_CPU comment
  e70ad8c0fa69 posix-cpu-timers: Use clock ID in posix_cpu_timer_set()
  5786d249ef52 posix-cpu-timers: Get rid of zero checks
  b141b8de195f posix-cpu-timers: Consolidate thread group sample code
  8f8fb8af4a89 posix-cpu-timers: Rename thread_group_cputimer() and make it static
  ac1089cb1697 posix-cpu-timers: Consolidate timer expiry further
  c895a99d2e07 posix-cpu-timers: Sample directly in timer check
  c9401dda8e60 posix-cpu-timers: Get rid of 64bit divisions
  ae5366ec32e3 itimers: Use quick sample function
  f0610ad15b61 posix-cpu-timers: Remove pointless comparisons
  6add2f23f29f posix-cpu-timers: Provide quick sample function for itimer
  f4a2ed1b9d67 posix-cpu-timers: Deduplicate rlimit handling
  cc1f6a2ef0cf posix-cpu-timers: Move state tracking to struct posix_cputimers
  dd73866df531 posix-cpu-timers: Use common permission check in posix_cpu_timer_create()
  4d9b4bebb5e9 posix-cpu-timers: Use common permission check in posix_cpu_clock_get()
  ce709abdd2b9 posix-cpu-timers: Utilize timerqueue for storage
  5b67bc20a5e4 posix-cpu-timers: Provide task validation functions
  d1543e48a658 posix-cpu-timers: Fix build on !CONFIG_POSIX_TIMERS
  02c12a148262 Merge branch 'WIP.timers/core'
   
Discussions (1)
Title Replies (including bot) Last reply
WARNING in posix_cpu_timer_del 1 (2) 2019/08/28 11:11
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in posix_cpu_timer_del (3) kernel C error 40 2022d 2034d 0/28 closed as invalid on 2019/10/04 07:44
upstream WARNING in posix_cpu_timer_del (2) kernel C done 76 2036d 2038d 0/28 closed as invalid on 2019/09/02 05:17

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 11100 at kernel/time/posix-cpu-timers.c:401 posix_cpu_timer_del+0x2f0/0x3b0 kernel/time/posix-cpu-timers.c:401
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 11100 Comm: syz-executor296 Not tainted 5.3.0-rc6-next-20190827 #74
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 panic+0x2dc/0x755 kernel/panic.c:220
 __warn.cold+0x2f/0x3c kernel/panic.c:581
 report_bug+0x289/0x300 lib/bug.c:195
 fixup_bug arch/x86/kernel/traps.c:179 [inline]
 fixup_bug arch/x86/kernel/traps.c:174 [inline]
 do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:272
 do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:291
 invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1028
RIP: 0010:posix_cpu_timer_del+0x2f0/0x3b0 kernel/time/posix-cpu-timers.c:401
Code: 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b5 00 00 00 48 83 bb c8 00 00 00 00 74 16 e8 10 58 0d 00 <0f> 0b e9 87 fe ff ff e8 b4 3e 48 00 e9 dd fd ff ff e8 fa 57 0d 00
RSP: 0018:ffff88808a65fc88 EFLAGS: 00010093
RAX: ffff88808af38500 RBX: ffff8880955e4000 RCX: 1ffff110115e71b2
RDX: 0000000000000000 RSI: ffffffff8164d5c0 RDI: ffff8880955e40c8
RBP: ffff88808a65fd18 R08: 0000000000000002 R09: ffff88808af38d98
R10: fffffbfff138b140 R11: ffffffff89c58a07 R12: ffff88809d0ee540
R13: 1ffff110114cbf92 R14: ffff88808a65fcf0 R15: ffff8880955e4058
 timer_delete_hook kernel/time/posix-timers.c:978 [inline]
 itimer_delete kernel/time/posix-timers.c:1021 [inline]
 exit_itimers+0xdb/0x2e0 kernel/time/posix-timers.c:1041
 do_exit+0x1980/0x2e60 kernel/exit.c:853
 do_group_exit+0x135/0x360 kernel/exit.c:983
 __do_sys_exit_group kernel/exit.c:994 [inline]
 __se_sys_exit_group kernel/exit.c:992 [inline]
 __x64_sys_exit_group+0x44/0x50 kernel/exit.c:992
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4452b8
Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00
RSP: 002b:00007ffd2bb230b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00000000004452b8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00000000004cc930 R08: 00000000000000e7 R09: ffffffffffffffd0
R10: 00007ffd2bb23110 R11: 0000000000000246 R12: 0000000000000001
R13: 00000000006e0320 R14: 000000000000002d R15: 20c49ba5e353f7cf
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (241):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/28 02:08 linux-next ed2393ca0910 fd37b39e .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/08/27 13:48 linux-next ed858b88e6cb d21c5d9d .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/08/27 07:05 linux-next ed858b88e6cb d21c5d9d .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/08/27 01:45 linux-next ed858b88e6cb d21c5d9d .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/08/31 02:41 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/31 02:33 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/31 01:31 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 22:24 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 20:59 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 19:06 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 19:04 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 17:35 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 15:35 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 13:54 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 12:42 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 11:41 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 10:30 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 10:17 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 08:54 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 07:33 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 06:02 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 05:23 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 03:50 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 02:11 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/30 00:31 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 23:25 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 23:03 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 21:52 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 20:38 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 19:19 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 18:02 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 16:20 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 16:02 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 12:53 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 11:51 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 08:12 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 07:10 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 06:17 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 04:24 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 02:40 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 01:17 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 00:14 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/29 00:14 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/28 22:40 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/28 21:35 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/26 14:53 linux-next ed858b88e6cb d21c5d9d .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.