syzbot

 sign-in | mailing list | source | docs
🐞 Open [674]
🐞 Fixed [61]
🐞 Invalid [704]
Missing Backports [73]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

WARNING in ip_rt_bug

Status: upstream: reported on 2025/01/06 01:15
Reported-by: syzbot+8dd6912e348f90eb4ddd@syzkaller.appspotmail.com
First crash: 9d07h, last: 9d07h
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 WARNING in ip_rt_bug C error 2 1199d 1747d 0/1 upstream: reported C repro on 2020/04/03 11:53
linux-4.14 WARNING in ip_rt_bug C inconclusive 1 1676d 1736d 0/1 upstream: reported C repro on 2020/04/15 03:43
linux-6.1 WARNING in ip_rt_bug (2) 1 286d 286d 0/3 auto-obsoleted due to no activity on 2024/07/13 04:22
linux-6.1 WARNING in ip_rt_bug 1 517d 517d 0/3 auto-obsoleted due to no activity on 2023/11/25 06:32
upstream WARNING in ip_rt_bug (2) net C done error 364 8h58m 825d 0/28 upstream: reported C repro on 2022/10/12 18:26
upstream WARNING in ip_rt_bug net 1 2480d 2473d 0/28 auto-closed as invalid on 2019/02/22 10:34
linux-6.1 WARNING in ip_rt_bug (3) 2 5d20h 25d 0/3 upstream: reported on 2024/12/21 00:20

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 3644 at net/ipv4/route.c:1260 kfree_skb include/linux/skbuff.h:1118 [inline]
WARNING: CPU: 0 PID: 3644 at net/ipv4/route.c:1260 ip_rt_bug+0x30/0x100 net/ipv4/route.c:1259
Modules linked in:
CPU: 0 PID: 3644 Comm: udevd Not tainted 5.15.175-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : ip_rt_bug+0x30/0x100 include/linux/skbuff.h:1118
lr : kfree_skb include/linux/skbuff.h:1118 [inline]
lr : ip_rt_bug+0x30/0x100 net/ipv4/route.c:1259
sp : ffff800008007530
x29: ffff800008007530 x28: 1fffe00018f82123 x27: ffff800008007800
x26: dfff800000000000 x25: 1fffe0001cf96fc3 x24: dfff800000000000
x23: ffff0000e841de00 x22: ffff0000e841de30 x21: ffff0000c7c10680
x20: ffff0000e7cb7dc0 x19: ffff0000e7cb7dc0 x18: 0000000000000303
x17: 0000000000000000 x16: ffff800011b4eaf8 x15: ffff8000083bd5a4
x14: ffff8000083bd904
 x13: ffff80000ffd1640 x12: 0000000000000003
x11: 0000000000000304 x10: 0000000000000003 x9 : f8f6bed45f89d500
x8 : f8f6bed45f89d500 x7 : 0000000000000000 x6 : ffff8000083bb0c8
x5 : ffff0000d8ff3330 x4 : 0000000000000000 x3 : ffff8000136c51e0
x2 : 0000000000000002 x1 : ffff800012165740 x0 : 0000000000000001
Call trace:
 kfree_skb include/linux/skbuff.h:1118 [inline]
 ip_rt_bug+0x30/0x100 net/ipv4/route.c:1259
 dst_output include/net/dst.h:443 [inline]
 ip_local_out net/ipv4/ip_output.c:126 [inline]
 ip_send_skb+0x134/0x2f8 net/ipv4/ip_output.c:1581
 ip_push_pending_frames+0x68/0x84 net/ipv4/ip_output.c:1601
 icmp_push_reply+0x3a4/0x4d4 net/ipv4/icmp.c:396
 __icmp_send+0xb74/0x1020 net/ipv4/icmp.c:777
 ipv4_send_dest_unreach net/ipv4/route.c:1240 [inline]
 ipv4_link_failure+0x554/0x8d4 net/ipv4/route.c:1247
 dst_link_failure include/net/dst.h:422 [inline]
 arp_error_report+0x11c/0x16c net/ipv4/arp.c:295
 neigh_invalidate+0x2c0/0x514 net/core/neighbour.c:1001
 neigh_timer_handler+0x630/0xe1c net/core/neighbour.c:1088
 call_timer_fn+0x19c/0x8f0 kernel/time/timer.c:1451
 expire_timers kernel/time/timer.c:1496 [inline]
 __run_timers+0x554/0x718 kernel/time/timer.c:1767
 run_timer_softirq+0x7c/0x114 kernel/time/timer.c:1780
 handle_softirqs+0x384/0xdbc kernel/softirq.c:558
 __do_softirq kernel/softirq.c:592 [inline]
 do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
 invoke_softirq kernel/softirq.c:439 [inline]
 __irq_exit_rcu+0x268/0x4d8 kernel/softirq.c:641
 irq_exit+0x14/0x88 kernel/softirq.c:665
 handle_domain_irq+0xf4/0x178 kernel/irq/irqdesc.c:711
 gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:765
 call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:899
 do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
 el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:454
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:470
 el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:522
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:122 [inline]
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
 _raw_spin_unlock_irqrestore+0xbc/0x158 kernel/locking/spinlock.c:194
 spin_unlock_irqrestore include/linux/spinlock.h:418 [inline]
 get_partial_node+0x260/0x2e4 mm/slub.c:2152
 get_partial mm/slub.c:2232 [inline]
 ___slab_alloc+0x39c/0xdbc mm/slub.c:3003
 __slab_alloc mm/slub.c:3095 [inline]
 slab_alloc_node mm/slub.c:3186 [inline]
 slab_alloc mm/slub.c:3228 [inline]
 kmem_cache_alloc+0x2d8/0x45c mm/slub.c:3233
 getname_flags+0xd0/0x480 fs/namei.c:138
 user_path_at_empty+0x40/0x1a4 fs/namei.c:2882
 user_path_at include/linux/namei.h:57 [inline]
 vfs_statx+0xf8/0x378 fs/stat.c:221
 vfs_fstatat fs/stat.c:243 [inline]
 __do_sys_newfstatat fs/stat.c:411 [inline]
 __se_sys_newfstatat fs/stat.c:405 [inline]
 __arm64_sys_newfstatat+0x110/0x194 fs/stat.c:405
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
 el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
 el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
 el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 3078043
hardirqs last  enabled at (3078042): [<ffff8000088d68d0>] kasan_quarantine_put+0xdc/0x204 mm/kasan/quarantine.c:231
hardirqs last disabled at (3078043): [<ffff800011b4a1ac>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:396
softirqs last  enabled at (3077474): [<ffff8000081b691c>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last  enabled at (3077474): [<ffff8000081b691c>] handle_softirqs+0xb88/0xdbc kernel/softirq.c:586
softirqs last disabled at (3077883): [<ffff8000081b6fb4>] __do_softirq kernel/softirq.c:592 [inline]
softirqs last disabled at (3077883): [<ffff8000081b6fb4>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (3077883): [<ffff8000081b6fb4>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (3077883): [<ffff8000081b6fb4>] __irq_exit_rcu+0x268/0x4d8 kernel/softirq.c:641
---[ end trace 40b5718169433a5a ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/01/06 01:15 linux-5.15.y 91786f140358 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING in ip_rt_bug
* Struck through repros no longer work on HEAD.