syzbot


possible deadlock in __stack_map_get

Status: upstream: reported C repro on 2024/04/18 20:00
Subsystems: bpf
[Documentation on labels]
Reported-by: syzbot+dddd99ae26c656485d89@syzkaller.appspotmail.com
First crash: 310d, last: 12h54m
Cause bisection: failed (error log, bisect log)
  
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly bpf report (Oct 2024) 0 (1) 2024/10/15 21:53
[syzbot] [bpf?] possible deadlock in __stack_map_get 2 (5) 2024/04/19 14:12
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 possible deadlock in __stack_map_get origin:upstream missing-backport C 11 20d 312d 0/3 upstream: reported C repro on 2024/04/12 22:39
Last patch testing requests (12)
Created Duration User Patch Repo Result
2025/02/14 01:45 23m retest repro net report log
2025/02/13 23:51 18m retest repro net-next report log
2025/01/31 13:42 16m retest repro bpf report log
2025/01/31 13:42 55m retest repro bpf OK log
2025/01/31 13:42 1h03m retest repro bpf OK log
2025/01/15 01:33 16m retest repro bpf-next report log
2025/01/01 01:07 19m retest repro bpf-next report log
2025/01/01 01:09 11m retest repro upstream report log
2024/12/05 23:28 16m retest repro net report log
2024/12/05 23:28 14m retest repro net-next report log
2024/04/19 11:03 1h35m hdanton@sina.com patch https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git f99c5f563c17 OK log
2024/04/18 23:09 2h20m hdanton@sina.com patch https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git f99c5f563c17 report log

Sample crash report:
============================================
WARNING: possible recursive locking detected
6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0 Not tainted
--------------------------------------------
syz-executor155/6728 is trying to acquire lock:
ffff88802545c1e0 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 kernel/bpf/queue_stack_maps.c:140

but task is already holding lock:
ffff88801252f1e0 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 kernel/bpf/queue_stack_maps.c:140

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(&qs->lock);
  lock(&qs->lock);

 *** DEADLOCK ***

 May be due to missing lock nesting notation

4 locks held by syz-executor155/6728:
 #0: ffffffff8e23c028 (tracepoints_mutex){+.+.}-{4:4}, at: tracepoint_probe_unregister+0x9c/0xd70 kernel/tracepoint.c:501
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #1: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403
 #2: ffff88801252f1e0 (&qs->lock){-.-.}-{2:2}, at: __stack_map_get+0x2a8/0x350 kernel/bpf/queue_stack_maps.c:140
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: __bpf_trace_run kernel/trace/bpf_trace.c:2361 [inline]
 #3: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 kernel/trace/bpf_trace.c:2403

stack backtrace:
CPU: 3 UID: 0 PID: 6728 Comm: syz-executor155 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_deadlock_bug+0x2e3/0x410 kernel/locking/lockdep.c:3037
 check_deadlock kernel/locking/lockdep.c:3089 [inline]
 validate_chain kernel/locking/lockdep.c:3891 [inline]
 __lock_acquire+0x2117/0x3c40 kernel/locking/lockdep.c:5226
 lock_acquire.part.0+0x11b/0x380 kernel/locking/lockdep.c:5849
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
 _raw_spin_lock_irqsave+0x3a/0x60 kernel/locking/spinlock.c:162
 __stack_map_get+0x2a8/0x350 kernel/bpf/queue_stack_maps.c:140
 bpf_prog_7a16b54e5ee857f9+0x43/0x47
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end.constprop.0+0xf0/0x170 include/trace/events/lock.h:122
 __pv_queued_spin_lock_slowpath+0x27e/0xc90 kernel/locking/qspinlock.c:557
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:584 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:114 [inline]
 do_raw_spin_lock+0x210/0x2c0 kernel/locking/spinlock_debug.c:116
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0x42/0x60 kernel/locking/spinlock.c:162
 __stack_map_get+0x2a8/0x350 kernel/bpf/queue_stack_maps.c:140
 bpf_prog_7a16b54e5ee857f9+0x43/0x47
 bpf_dispatcher_nop_func include/linux/bpf.h:1290 [inline]
 __bpf_prog_run include/linux/filter.h:701 [inline]
 bpf_prog_run include/linux/filter.h:708 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2362 [inline]
 bpf_trace_run2+0x231/0x590 kernel/trace/bpf_trace.c:2403
 __bpf_trace_contention_end+0xca/0x110 include/trace/events/lock.h:122
 __traceiter_contention_end+0x5a/0xa0 include/trace/events/lock.h:122
 trace_contention_end+0xd2/0x140 include/trace/events/lock.h:122
 __mutex_lock_common kernel/locking/mutex.c:594 [inline]
 __mutex_lock+0x1c2/0xa60 kernel/locking/mutex.c:735
 tracepoint_probe_unregister+0x9c/0xd70 kernel/tracepoint.c:501
 bpf_raw_tp_link_release+0x35/0x70 kernel/bpf/syscall.c:3610
 bpf_link_free+0xe9/0x390 kernel/bpf/syscall.c:3132
 bpf_link_put_direct kernel/bpf/syscall.c:3175 [inline]
 bpf_link_release+0x5d/0x80 kernel/bpf/syscall.c:3182
 __fput+0x3f8/0xb60 fs/file_table.c:450
 task_work_run+0x14e/0x250 kernel/task_work.c:239
 exit_task_work include/linux/task_work.h:43 [inline]
 do_exit+0xadd/0x2d70 kernel/exit.c:938
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087
 __do_sys_exit_group kernel/exit.c:1098 [inline]
 __se_sys_exit_group kernel/exit.c:1096 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1096
 x64_sys_call+0x151f/0x1720 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f938fa0a0f9
Code: Unable to access opcode bytes at 0x7f938fa0a0cf.
RSP: 002b:00007fff8e242588 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f938fa0a0f9
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 00007f938fa852b0 R08: ffffffffffffffb8 R09: 00000000000000a0
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f938fa852b0
R13: 0000000000000000 R14: 00007f938fa85d20 R15: 00007f938f9db2a0
 </TASK>

Crashes (52):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/18 00:54 upstream 59dbb9d81adf a0626d3a .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in __stack_map_get
2024/05/11 05:05 bpf 3e9bc0472b91 9026e142 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/04/15 11:26 net f99c5f563c17 c8349e48 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce possible deadlock in __stack_map_get
2024/10/22 05:04 bpf-next d39100d01ce1 a93682b3 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/31 23:22 bpf-next 3f8fde319524 3113787f .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/14 18:22 net-next 5c1672705a1a fdb4c10c .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/11/07 16:16 upstream ff7afaeca1a1 c069283c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in __stack_map_get
2024/09/09 09:35 upstream da3ea35007d0 9750182a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __stack_map_get
2024/06/24 14:41 upstream f2661062f16b edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root possible deadlock in __stack_map_get
2024/06/24 14:40 upstream f2661062f16b edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __stack_map_get
2024/04/25 10:15 upstream e88c4cfcb7b8 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root possible deadlock in __stack_map_get
2024/04/25 03:19 upstream e88c4cfcb7b8 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root possible deadlock in __stack_map_get
2024/09/07 13:23 upstream b31c44928842 9750182a .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream possible deadlock in __stack_map_get
2024/09/09 17:10 upstream da3ea35007d0 8f722c94 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in __stack_map_get
2024/06/15 20:34 upstream 2ccbdf43d5e7 c2e07261 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in __stack_map_get
2024/06/15 08:46 upstream 2ccbdf43d5e7 c2e07261 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 possible deadlock in __stack_map_get
2024/10/05 01:47 bpf bcd28cfd04eb d7906eff .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/09/18 00:20 bpf b831f83e40a2 c673ca06 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/07/27 12:00 bpf 225990c487c1 46eb10b7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/06/24 14:38 net 058722ee350c edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce possible deadlock in __stack_map_get
2024/06/24 14:38 net 058722ee350c edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce possible deadlock in __stack_map_get
2024/06/15 07:51 bpf 36534d3c5453 8d849073 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/06/11 08:13 bpf 93792130a938 048c640a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/05/26 11:34 bpf 95348e463eab a10a183e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/05/04 04:00 bpf 3e9bc0472b91 610f2a54 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/04/27 23:21 net b2ff42c6d3ab 07b455f9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce possible deadlock in __stack_map_get
2024/04/20 11:09 bpf 443574b03387 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2024/04/14 19:51 bpf 443574b03387 c8349e48 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-bpf-kasan-gce possible deadlock in __stack_map_get
2025/02/19 00:14 bpf-next 0fc6025c95c8 9a14138f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2025/02/18 00:43 bpf-next 4eb93fea5919 9be4ace3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/09/23 08:09 net-next 151ac45348af 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/08/09 07:43 net-next 91d516d4de48 61405512 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/08/05 07:49 net-next 3608d6aca5e7 1786a2a8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/07/21 06:02 bpf-next 0986ac1408ab b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/07/18 16:06 net-next 51835949dda3 7403ec00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/06/24 14:39 bpf-next 5a532459aa91 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/06/24 02:34 bpf-next 5a532459aa91 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/06/23 15:58 net-next 84562f9953ec edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/06/18 13:03 bpf-next f6afdaf72af7 639d6cdf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/26 11:30 bpf-next f980f13e4eb2 a10a183e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/24 20:37 net-next 4b377b4868ef 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce possible deadlock in __stack_map_get
2024/05/16 04:09 bpf-next 5c1672705a1a ef5d53ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/15 01:35 bpf-next 5c1672705a1a fdb4c10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/14 18:32 bpf-next 5c1672705a1a fdb4c10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/14 16:13 bpf-next 5c1672705a1a fdb4c10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/13 15:08 bpf-next ba39486d2c43 9026e142 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/13 01:30 bpf-next 20a759df3bba 9026e142 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/11 05:05 bpf-next fcd1ed89a043 9026e142 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/10 14:34 bpf-next fcd1ed89a043 f7c35481 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/09 16:36 bpf-next 009367099eb6 de979bc2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-bpf-next-kasan-gce possible deadlock in __stack_map_get
2024/05/15 21:18 linux-next 82d92a9a1b9e 0b3dad46 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root possible deadlock in __stack_map_get
* Struck through repros no longer work on HEAD.