syzbot


BUG: sleeping function called from invalid context in lock_sock_nested (2)
Status: upstream: reported C repro on 2020/02/22 15:08
Reported-by: syzbot+a5df189917e79d5e59c9@syzkaller.appspotmail.com
Fix commit: e04480920d1e Bluetooth: defer cleanup of resources in hci_unregister_dev() Bluetooth: defer cleanup of resources in hci_unregister_dev()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 609d, last: 69d

Cause bisection: introduced by (bisect log) :
commit 5ac6badc5aa057ceb1d50c93326a81db6e89ad2f
Author: Daniel Mack <daniel@zonque.org>
Date: Thu Jul 11 12:45:03 2019 +0000

  device-tree: bindinds: add NXP PCT2075 as compatible device to LM75

Crash: KASAN: use-after-free Read in sk_psock_unlink (log)
Repro: syz .config

Fix bisection: failed (bisect log)
similar bugs (6):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 BUG: sleeping function called from invalid context in lock_sock_nested (2) C done 3909 38d 131d 1/1 fixed on 2021/10/12 13:38
linux-4.14 BUG: sleeping function called from invalid context in lock_sock_nested 1 840d 840d 0/1 auto-closed as invalid on 2019/10/30 11:24
linux-4.14 BUG: sleeping function called from invalid context in lock_sock_nested (2) syz done 1 624d 684d 1/1 fixed on 2020/03/04 10:17
linux-4.19 BUG: sleeping function called from invalid context in lock_sock_nested syz done 1 654d 684d 1/1 fixed on 2020/02/05 13:33
upstream BUG: sleeping function called from invalid context in lock_sock_nested C 1232 609d 684d 16/22 fixed on 2020/02/18 14:31
linux-4.14 BUG: sleeping function called from invalid context in lock_sock_nested (3) syz 143 5d08h 131d 0/1 upstream: reported syz repro on 2021/06/10 20:33
Patch testing requests:
Created Duration User Patch Repo Result
2021/08/02 14:07 37m penguin-kernel@i-love.sakura.ne.jp patch upstream OK
2021/07/26 20:45 20m penguin-kernel@i-love.sakura.ne.jp patch upstream OK
2021/07/13 01:45 19m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/09 15:41 19m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/09 10:41 19m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/09 10:37 18m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/08 11:32 18m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/08 10:46 19m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/08 04:09 15m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 error
2021/07/07 06:30 19m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 3dbdb38e286903ec220aaf1fb29a8d94297da246 OK
2021/07/07 06:09 17m penguin-kernel@i-love.sakura.ne.jp patch upstream error
2021/06/27 11:13 18m penguin-kernel@i-love.sakura.ne.jp patch upstream OK

Sample crash report:

Crashes (19391):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce 2021/08/04 03:23 upstream d5ad8ec3cfb5 6c236867 .config log report syz C BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/07/26 03:50 upstream d8079fac1681 4d1b57d4 .config log report syz C BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/06/25 02:10 upstream 4a09d388f2ab 0edbbe31 .config log report syz C BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2020/02/19 08:27 upstream 0a44cac81050 135c18aa .config log report syz C
ci-upstream-kasan-gce-selinux-root 2021/08/05 17:39 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/05 17:29 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/08/05 15:17 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce 2021/08/05 04:33 upstream 251a1524293d b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/08/05 04:14 upstream 251a1524293d b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/05 03:20 upstream 251a1524293d b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/08/05 00:30 upstream 251a1524293d b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/04 21:36 upstream d5ad8ec3cfb5 b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/04 20:37 upstream d5ad8ec3cfb5 b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/08/04 20:21 upstream d5ad8ec3cfb5 b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/04 13:12 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/04 12:56 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce 2021/08/04 11:25 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/04 09:20 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce 2021/08/04 08:02 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/04 07:04 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce 2021/08/03 22:29 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/03 20:28 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-selinux-root 2021/08/03 19:54 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/03 19:32 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/05 15:57 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/05 15:37 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/05 14:32 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/05 12:50 upstream 251a1524293d 7f7bb950 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/05 04:15 upstream 251a1524293d b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/04 09:21 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/04 04:05 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/04 02:52 upstream d5ad8ec3cfb5 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/03 21:19 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/03 20:31 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-386 2021/08/03 20:09 upstream c500bee1c5b2 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/09 12:21 bpf c4eb1f403243 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/09 11:23 bpf c4eb1f403243 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 17:06 bpf c4eb1f403243 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/07 06:26 bpf ccd37ad9ef0a 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-this-kasan-gce 2021/08/06 01:03 net 6bb5318ce501 d2d6e680 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-this-kasan-gce 2021/08/05 00:45 net 6b67d4d63ede b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/03 21:54 bpf a02215ce72a3 6c236867 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/11 07:17 bpf-next 874be05f525e 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 00:59 bpf-next c83ae15dc947 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 11:15 bpf-next c83ae15dc947 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 07:46 bpf-next c83ae15dc947 6972b106 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-kasan-gce 2021/08/06 01:40 net-next 23809a726c0d d2d6e680 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-kasan-gce 2021/08/05 02:44 net-next c2eecaa193ff b97d64c9 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-linux-next-kasan-gce-root 2021/07/29 01:46 linux-next 42d0b5f52c9b 9a4781d4 .config log report syz BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-kasan-gce 2020/02/18 16:42 net-next b182a66792fe 012fbc32 .config log report syz
ci-qemu-upstream 2021/08/05 20:10 upstream 251a1524293d d2d6e680 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-root 2021/08/05 19:18 upstream 251a1524293d d2d6e680 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce-smack-root 2021/08/05 17:53 upstream 251a1524293d d2d6e680 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-kasan-gce 2021/08/05 05:42 upstream 251a1524293d 7f7bb950 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-qemu-upstream-386 2021/08/05 18:20 upstream 251a1524293d d2d6e680 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/09 09:05 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 23:16 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 14:34 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 10:15 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 07:59 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 06:38 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/08 03:25 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/07 23:18 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/07 21:03 bpf c4eb1f403243 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/07 07:39 bpf ccd37ad9ef0a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/07 05:34 bpf ccd37ad9ef0a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-kasan-gce 2021/08/06 22:19 bpf a02215ce72a3 f9e341e3 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-this-kasan-gce 2021/08/06 07:50 net 6bb5318ce501 d2d6e680 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/11 05:25 bpf-next 874be05f525e 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/11 04:09 bpf-next 874be05f525e 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/11 02:44 bpf-next 874be05f525e 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/11 01:13 bpf-next 874be05f525e 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 17:17 bpf-next 874be05f525e 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 12:40 bpf-next 6aab1c81b98a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 09:54 bpf-next 6aab1c81b98a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 03:10 bpf-next 6aab1c81b98a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/10 02:46 bpf-next 6aab1c81b98a 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 18:07 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 16:42 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 11:05 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 05:07 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 04:02 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 03:01 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/09 00:22 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/08 19:56 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/08 12:28 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/08 11:16 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/08 01:36 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/08 00:31 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 19:03 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 14:50 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 10:48 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 08:56 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 05:41 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/07 03:26 bpf-next c83ae15dc947 6972b106 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/06 23:56 bpf-next 579345e7f219 f9e341e3 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-bpf-next-kasan-gce 2021/08/06 20:50 bpf-next 579345e7f219 f9e341e3 .config log report info BUG: sleeping function called from invalid context in lock_sock_nested
ci-upstream-net-kasan-gce 2020/02/18 15:03 net-next b182a66792fe 012fbc32 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/04/03 11:57 linux-next 770fbb32d34e 5ed396e6 .config log report