syzbot

 sign-in | mailing list | source | docs
🐞 Open [1569]
Subsystems
🐞 Fixed [5936]
🐞 Invalid [14430]
Missing Backports [102]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

suspicious RCU usage at ./include/linux/mm.h:LINE

Status: closed as dup on 2017/11/29 05:00
Subsystems: crypto
[Documentation on labels]
Reported-by: syzbot+7991df012bd9be52601c6e536addde6cefbfbde6@syzkaller.appspotmail.com
First crash: 2584d, last: 2563d
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
WARNING: suspicious RCU usage (3) mm 16 2579d 2579d

Sample crash report:
WARNING: suspicious RCU usage
4.15.0-rc2+ #216 Not tainted
device gre0 entered promiscuous mode
-----------------------------
kauditd_printk_skb: 259 callbacks suppressed
audit: type=1326 audit(1512972884.292:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.293:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.299:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=298 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.299:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.299:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.325:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=54 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.325:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.325:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.328:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=54 compat=0 ip=0x452a39 code=0x7ffc0000
audit: type=1326 audit(1512972884.328:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=8216 comm="syz-executor0" exe="/root/syz-executor0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452a39 code=0x7ffc0000
page:00000000a0651638 count:0 mapcount:0 mapping:          (null) index:0x0
flags: 0x2fffc0000000000()
raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff
raw: 0000000000000000 0000000100000001 0000000000000000 0000000000000000
page dumped because: VM_BUG_ON_PAGE(page_ref_count(page) == 0)
------------[ cut here ]------------
kernel BUG at ./include/linux/mm.h:483!
invalid opcode: 0000 [#1] SMP KASAN
Dumping ftrace buffer:
   (ftrace buffer empty)
Modules linked in:
CPU: 0 PID: 8222 Comm: syz-executor6 Not tainted 4.15.0-rc2+ #216
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:put_page_testzero include/linux/mm.h:483 [inline]
RIP: 0010:__free_pages+0x118/0x150 mm/page_alloc.c:4284
RSP: 0018:ffff8801bda17580 EFLAGS: 00010203
RAX: 0000000000000000 RBX: ffffea0006f685c0 RCX: 0000000000000000
RDX: 00000000001f0100 RSI: 1ffff10038595525 RDI: ffffed0037b42ea0
RBP: ffff8801bda17610 R08: 1ffff10037b42dd4 R09: 0000000000000000
R10: dffffc0000000000 R11: 0000000000000000 R12: 1ffff10037b42eb1
R13: 1ffff10037b42eb5 R14: 0000000000000000 R15: ffff8801bda175e8
FS:  00007f93df154700(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f93df0f1000 CR3: 00000001bf6f3000 CR4: 00000000001426f0
Call Trace:
 free_pages+0x51/0x90 mm/page_alloc.c:4298
 blkcipher_walk_done+0x767/0xde0 crypto/blkcipher.c:141
 encrypt+0x20e/0x540 arch/x86/crypto/salsa20_glue.c:79
 skcipher_crypt_blkcipher crypto/skcipher.c:622 [inline]
 skcipher_decrypt_blkcipher+0x213/0x310 crypto/skcipher.c:640
 crypto_skcipher_decrypt include/crypto/skcipher.h:463 [inline]
 _skcipher_recvmsg crypto/algif_skcipher.c:126 [inline]
 skcipher_recvmsg+0x739/0xf20 crypto/algif_skcipher.c:165
 skcipher_recvmsg_nokey+0x60/0x80 crypto/algif_skcipher.c:284
 sock_recvmsg_nosec net/socket.c:809 [inline]
 sock_recvmsg+0xc9/0x110 net/socket.c:816
 sock_read_iter+0x361/0x560 net/socket.c:893
 call_read_iter include/linux/fs.h:1766 [inline]
 aio_read+0x2b0/0x3a0 fs/aio.c:1501
 io_submit_one fs/aio.c:1611 [inline]
 do_io_submit+0xf99/0x14f0 fs/aio.c:1682
 SYSC_io_submit fs/aio.c:1707 [inline]
 SyS_io_submit+0x27/0x30 fs/aio.c:1704
 entry_SYSCALL_64_fastpath+0x1f/0x96
RIP: 0033:0x452a39
RSP: 002b:00007f93df153c58 EFLAGS: 00000212 ORIG_RAX: 00000000000000d1
RAX: ffffffffffffffda RBX: 0000000000758300 RCX: 0000000000452a39
RDX: 0000000020738000 RSI: 0000000000000002 RDI: 00007f93df0f1000
RBP: 000000000000039b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f3728
R13: 00000000ffffffff R14: 00007f93df1546d4 R15: 0000000000000000
Code: 20 08 00 00 00 00 48 83 c4 68 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 29 f5 ff ff eb cf 48 c7 c6 40 31 30 85 48 89 df e8 b8 61 0c 00 <0f> 0b 4c 89 ef 89 b5 74 ff ff ff e8 b8 f3 19 00 8b b5 74 ff ff 
RIP: put_page_testzero include/linux/mm.h:483 [inline] RSP: ffff8801bda17580
RIP: __free_pages+0x118/0x150 mm/page_alloc.c:4284 RSP: ffff8801bda17580
---[ end trace 8966a9459a6335b6 ]---

Crashes (89):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/12/11 06:14 upstream 51090c5d6de0 5ad0ce95 .config console log report ci-upstream-kasan-gce
2017/12/09 07:02 upstream 3625de4b2872 5ad0ce95 .config console log report ci-upstream-kasan-gce
2017/12/09 02:25 upstream 3625de4b2872 5ad0ce95 .config console log report ci-upstream-kasan-gce
2017/11/28 15:53 upstream 4fbd8d194f06 ac93d7e1 .config console log report ci-upstream-kasan-gce
2017/12/14 17:04 net-next-old 5c13e07580c8 ac20b98c .config console log report ci-upstream-net-kasan-gce
2017/12/13 09:30 net-next-old 48d79b49e168 ce7f2399 .config console log report ci-upstream-net-kasan-gce
2017/12/12 06:09 net-next-old a0b586fa75a6 da131727 .config console log report ci-upstream-net-kasan-gce
2017/12/11 21:29 net-next-old a0b586fa75a6 da131727 .config console log report ci-upstream-net-kasan-gce
2017/12/11 00:41 net-next-old 51e18a453f5f 5ad0ce95 .config console log report ci-upstream-net-kasan-gce
2017/12/11 00:05 net-next-old 51e18a453f5f 5ad0ce95 .config console log report ci-upstream-net-kasan-gce
2017/12/10 07:51 net-next-old 51e18a453f5f 5ad0ce95 .config console log report ci-upstream-net-kasan-gce
2017/12/09 15:26 net-next-old 5e54b3c12027 5ad0ce95 .config console log report ci-upstream-net-kasan-gce
2017/12/08 03:59 net-next-old 24e5992a6bae 5d643f8e .config console log report ci-upstream-net-kasan-gce
2017/12/03 13:23 net-next-old 75d0de8c7e70 48359b97 .config console log report ci-upstream-net-kasan-gce
2017/12/03 00:52 net-next-old c5f66a858997 48359b97 .config console log report ci-upstream-net-kasan-gce
2017/12/02 08:05 net-next-old 4c94cc2d3d57 2fa91450 .config console log report ci-upstream-net-kasan-gce
2017/12/02 06:46 net-next-old 4c94cc2d3d57 2fa91450 .config console log report ci-upstream-net-kasan-gce
2017/12/01 12:15 net-next-old 201c78e05c5a 16668351 .config console log report ci-upstream-net-kasan-gce
2017/11/30 13:14 net-next-old b9151761021e 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/30 01:09 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 22:55 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 18:14 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 16:42 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 15:04 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 14:58 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 10:08 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 10:07 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 02:42 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 02:33 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 00:42 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/29 00:12 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 21:36 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 20:17 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 19:48 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 18:43 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 17:06 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 14:47 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 13:40 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 10:52 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
2017/11/28 10:44 net-next-old 1d3b78bbc6e9 29b0fd90 .config console log report ci-upstream-net-kasan-gce
* Struck through repros no longer work on HEAD.