syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [106] 🐞 Fixed [1] 🐞 Invalid [166] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
audit: type=1400 audit(2000001007.777:87503): avc: denied { map } for pid=27443 comm="blkid" path="/lib/x86_64-linux-gnu/libuuid.so.1.3.0" dev="sda1" ino=2819 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
INFO: rcu_preempt detected stalls on CPUs/tasks:
Tasks blocked on level-0 rcu_node (CPUs 0-1): P27433
(detected by 0, t=10502 jiffies, g=58095, c=58094, q=2737)
syz-executor4 R running task 26808 27433 1858 0x00000004
Call Trace:
<IRQ>
sched_show_task.cold.31+0x342/0x3c0 kernel/sched/core.c:5230
rcu_print_detail_task_stall_rnp+0xbf/0xf8 kernel/rcu/tree_plugin.h:568
rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:581 [inline]
print_other_cpu_stall kernel/rcu/tree.c:1488 [inline]
check_cpu_stall kernel/rcu/tree.c:1616 [inline]
__rcu_pending kernel/rcu/tree.c:3382 [inline]
rcu_pending kernel/rcu/tree.c:3444 [inline]
rcu_check_callbacks.cold.56+0x7ad/0xd99 kernel/rcu/tree.c:2784
update_process_times+0x24/0x60 kernel/time/timer.c:1588
tick_sched_handle.isra.8+0x73/0x150 kernel/time/tick-sched.c:161
tick_sched_timer+0x7e/0x160 kernel/time/tick-sched.c:1321
__run_hrtimer kernel/time/hrtimer.c:1259 [inline]
__hrtimer_run_queues+0x2d0/0xc10 kernel/time/hrtimer.c:1323
hrtimer_interrupt+0x19a/0x440 kernel/time/hrtimer.c:1357
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x13a/0x600 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787
RIP: 0010:fib6_backtrack net/ipv6/route.c:857 [inline]
RIP: 0010:ip6_pol_route+0x600/0x27b0 net/ipv6/route.c:1122
RSP: 0018:ffff8881dba07638 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 1ffff11033600d20 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: 0000000000000006 RDI: ffff88819b006922
RBP: ffff8881dba077b0 R08: 0000000000000000 R09: ffff8881dba07700
R10: ffff88819dc1cf28 R11: 0000000000000001 R12: ffff888149bf5500
R13: ffff88819b006900 R14: dffffc0000000000 R15: ffff8881c3427b80
fib6_rule_lookup+0xe4/0x470 net/ipv6/fib6_rules.c:83
ip6_dst_lookup_tail+0x40a/0x1740 net/ipv6/ip6_output.c:995
ip6_dst_lookup_flow+0xaa/0x210 net/ipv6/ip6_output.c:1096
inet6_csk_route_socket+0x74e/0xca0 net/ipv6/inet6_connection_sock.c:110
inet6_csk_xmit+0xfa/0x4c0 net/ipv6/inet6_connection_sock.c:125
__tcp_transmit_skb+0x182e/0x2ce0 net/ipv4/tcp_output.c:1130
tcp_transmit_skb net/ipv4/tcp_output.c:1146 [inline]
tcp_write_xmit+0x5ec/0x49a0 net/ipv4/tcp_output.c:2368
tcp_tsq_handler+0x1cd/0x2f0 net/ipv4/tcp_output.c:752
tcp_tasklet_func+0x42d/0x5b0 net/ipv4/tcp_output.c:788
tasklet_action+0xf6/0x230 kernel/softirq.c:513
__do_softirq+0x20d/0x9bd kernel/softirq.c:288
invoke_softirq kernel/softirq.c:368 [inline]
irq_exit+0x117/0x150 kernel/softirq.c:409
exiting_irq arch/x86/include/asm/apic.h:648 [inline]
smp_apic_timer_interrupt+0x18c/0x600 arch/x86/kernel/apic/apic.c:1064
apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787
</IRQ>
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x2b/0x50 kernel/locking/spinlock.c:200
RSP: 0018:ffff88819c9ff530 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000007 RBX: ffff8881dba2a200 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88819dc1ced8 RDI: ffff88819dc1ceac
RBP: ffff88819c9ff588 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881daa41780
R13: ffff88819ada9b80 R14: 0000000000000001 R15: ffff88819dc1c680
finish_lock_switch kernel/sched/sched.h:1393 [inline]
finish_task_switch+0x1e6/0x610 kernel/sched/core.c:2726
context_switch kernel/sched/core.c:2862 [inline]
__schedule+0x731/0x1ed0 kernel/sched/core.c:3446
preempt_schedule_common+0x1f/0xc0 kernel/sched/core.c:3570
___preempt_schedule+0x16/0x18
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
_raw_spin_unlock_irqrestore+0x65/0x70 kernel/locking/spinlock.c:192
spin_unlock_irqrestore include/linux/spinlock.h:372 [inline]
avc_reclaim_node security/selinux/avc.c:539 [inline]
avc_alloc_node+0x30f/0x3b0 security/selinux/avc.c:557
avc_insert security/selinux/avc.c:668 [inline]
avc_compute_av+0x175/0x570 security/selinux/avc.c:974
avc_has_perm_noaudit security/selinux/avc.c:1110 [inline]
avc_has_perm_flags+0x35b/0x3a0 security/selinux/avc.c:1159
selinux_inode_follow_link+0x1df/0x290 security/selinux/hooks.c:3044
security_inode_follow_link+0xc5/0x110 security/security.c:693
get_link fs/namei.c:1094 [inline]
link_path_walk+0x5cc/0xf90 fs/namei.c:2174
path_lookupat.isra.11+0x1f0/0x890 fs/namei.c:2356
filename_lookup.part.19+0x177/0x370 fs/namei.c:2391
filename_lookup fs/namei.c:2384 [inline]
user_path_at_empty+0x4b/0x80 fs/namei.c:2652
user_path include/linux/namei.h:62 [inline]
do_mount+0x12c/0x26e0 fs/namespace.c:2843
SYSC_mount fs/namespace.c:3119 [inline]
SyS_mount+0xe5/0x100 fs/namespace.c:3096
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457759
RSP: 002b:00007f90afb3fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457759
RDX: 0000000020000280 RSI: 0000000020000040 RDI: 0000000020000400
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f90afb406d4
R13: 00000000004c32d8 R14: 00000000004d5d60 R15: 00000000ffffffff
syz-executor4 R running task 26808 27433 1858 0x00000004
Call Trace:
<IRQ>
sched_show_task.cold.31+0x342/0x3c0 kernel/sched/core.c:5230
rcu_print_detail_task_stall_rnp+0xbf/0xf8 kernel/rcu/tree_plugin.h:568
rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:583 [inline]
print_other_cpu_stall kernel/rcu/tree.c:1488 [inline]
check_cpu_stall kernel/rcu/tree.c:1616 [inline]
__rcu_pending kernel/rcu/tree.c:3382 [inline]
rcu_pending kernel/rcu/tree.c:3444 [inline]
rcu_check_callbacks.cold.56+0x805/0xd99 kernel/rcu/tree.c:2784
update_process_times+0x24/0x60 kernel/time/timer.c:1588
tick_sched_handle.isra.8+0x73/0x150 kernel/time/tick-sched.c:161
tick_sched_timer+0x7e/0x160 kernel/time/tick-sched.c:1321
__run_hrtimer kernel/time/hrtimer.c:1259 [inline]
__hrtimer_run_queues+0x2d0/0xc10 kernel/time/hrtimer.c:1323
hrtimer_interrupt+0x19a/0x440 kernel/time/hrtimer.c:1357
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x13a/0x600 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787
RIP: 0010:fib6_backtrack net/ipv6/route.c:857 [inline]
RIP: 0010:ip6_pol_route+0x600/0x27b0 net/ipv6/route.c:1122
RSP: 0018:ffff8881dba07638 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 1ffff11033600d20 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: 0000000000000006 RDI: ffff88819b006922
RBP: ffff8881dba077b0 R08: 0000000000000000 R09: ffff8881dba07700
R10: ffff88819dc1cf28 R11: 0000000000000001 R12: ffff888149bf5500
R13: ffff88819b006900 R14: dffffc0000000000 R15: ffff8881c3427b80
fib6_rule_lookup+0xe4/0x470 net/ipv6/fib6_rules.c:83
ip6_dst_lookup_tail+0x40a/0x1740 net/ipv6/ip6_output.c:995
ip6_dst_lookup_flow+0xaa/0x210 net/ipv6/ip6_output.c:1096
inet6_csk_route_socket+0x74e/0xca0 net/ipv6/inet6_connection_sock.c:110
inet6_csk_xmit+0xfa/0x4c0 net/ipv6/inet6_connection_sock.c:125
__tcp_transmit_skb+0x182e/0x2ce0 net/ipv4/tcp_output.c:1130
tcp_transmit_skb net/ipv4/tcp_output.c:1146 [inline]
tcp_write_xmit+0x5ec/0x49a0 net/ipv4/tcp_output.c:2368
tcp_tsq_handler+0x1cd/0x2f0 net/ipv4/tcp_output.c:752
tcp_tasklet_func+0x42d/0x5b0 net/ipv4/tcp_output.c:788
tasklet_action+0xf6/0x230 kernel/softirq.c:513
__do_softirq+0x20d/0x9bd kernel/softirq.c:288
invoke_softirq kernel/softirq.c:368 [inline]
irq_exit+0x117/0x150 kernel/softirq.c:409
exiting_irq arch/x86/include/asm/apic.h:648 [inline]
smp_apic_timer_interrupt+0x18c/0x600 arch/x86/kernel/apic/apic.c:1064
apic_timer_interrupt+0x84/0x90 arch/x86/entry/entry_64.S:787
</IRQ>
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x2b/0x50 kernel/locking/spinlock.c:200
RSP: 0018:ffff88819c9ff530 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000007 RBX: ffff8881dba2a200 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88819dc1ced8 RDI: ffff88819dc1ceac
RBP: ffff88819c9ff588 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881daa41780
R13: ffff88819ada9b80 R14: 0000000000000001 R15: ffff88819dc1c680
finish_lock_switch kernel/sched/sched.h:1393 [inline]
finish_task_switch+0x1e6/0x610 kernel/sched/core.c:2726
context_switch kernel/sched/core.c:2862 [inline]
__schedule+0x731/0x1ed0 kernel/sched/core.c:3446
preempt_schedule_common+0x1f/0xc0 kernel/sched/core.c:3570
___preempt_schedule+0x16/0x18
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
_raw_spin_unlock_irqrestore+0x65/0x70 kernel/locking/spinlock.c:192
spin_unlock_irqrestore include/linux/spinlock.h:372 [inline]
avc_reclaim_node security/selinux/avc.c:539 [inline]
avc_alloc_node+0x30f/0x3b0 security/selinux/avc.c:557
avc_insert security/selinux/avc.c:668 [inline]
avc_compute_av+0x175/0x570 security/selinux/avc.c:974
avc_has_perm_noaudit security/selinux/avc.c:1110 [inline]
avc_has_perm_flags+0x35b/0x3a0 security/selinux/avc.c:1159
selinux_inode_follow_link+0x1df/0x290 security/selinux/hooks.c:3044
security_inode_follow_link+0xc5/0x110 security/security.c:693
get_link fs/namei.c:1094 [inline]
link_path_walk+0x5cc/0xf90 fs/namei.c:2174
path_lookupat.isra.11+0x1f0/0x890 fs/namei.c:2356
filename_lookup.part.19+0x177/0x370 fs/namei.c:2391
filename_lookup fs/namei.c:2384 [inline]
user_path_at_empty+0x4b/0x80 fs/namei.c:2652
user_path include/linux/namei.h:62 [inline]
do_mount+0x12c/0x26e0 fs/namespace.c:2843
SYSC_mount fs/namespace.c:3119 [inline]
SyS_mount+0xe5/0x100 fs/namespace.c:3096
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457759
RSP: 002b:00007f90afb3fc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000457759
RDX: 0000000020000280 RSI: 0000000020000040 RDI: 0000000020000400
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f90afb406d4
R13: 00000000004c32d8 R14: 00000000004d5d60 R15: 00000000ffffffff
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2018/12/25 08:12 | android-4.14 | 815e34f802d8 | 8a41a0ad | .config | console log | report | ci-android-414-kasan-gce-root | |||||
| 2018/11/18 09:17 | android-4.14 | 4e76528bd48d | adf636a8 | .config | console log | report | ci-android-414-kasan-gce-root |