| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | WARNING: locking bug in __kernfs_remove kernfs | 1 | 994d | 990d | 0/26 | auto-closed as invalid on 2021/09/28 03:00 |
syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [979] ≡ Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] ⬇ Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
device veth0_macvtap left promiscuous mode device veth1_vlan left promiscuous mode device veth0_vlan left promiscuous mode ------------[ cut here ]------------ DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 1 PID: 6652 at kernel/locking/lockdep.c:203 hlock_class kernel/locking/lockdep.c:203 [inline] WARNING: CPU: 1 PID: 6652 at kernel/locking/lockdep.c:203 hlock_class kernel/locking/lockdep.c:192 [inline] WARNING: CPU: 1 PID: 6652 at kernel/locking/lockdep.c:203 check_wait_context kernel/locking/lockdep.c:4688 [inline] WARNING: CPU: 1 PID: 6652 at kernel/locking/lockdep.c:203 __lock_acquire+0xb7c/0x2d84 kernel/locking/lockdep.c:4965 Modules linked in: CPU: 1 PID: 6652 Comm: kworker/u4:6 Not tainted 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 Hardware name: riscv-virtio,qemu (DT) Workqueue: netns cleanup_net epc : hlock_class kernel/locking/lockdep.c:203 [inline] epc : hlock_class kernel/locking/lockdep.c:192 [inline] epc : check_wait_context kernel/locking/lockdep.c:4688 [inline] epc : __lock_acquire+0xb7c/0x2d84 kernel/locking/lockdep.c:4965 ra : hlock_class kernel/locking/lockdep.c:203 [inline] ra : hlock_class kernel/locking/lockdep.c:192 [inline] ra : check_wait_context kernel/locking/lockdep.c:4688 [inline] ra : __lock_acquire+0xb7c/0x2d84 kernel/locking/lockdep.c:4965 epc : ffffffff800d80cc ra : ffffffff800d80cc sp : ffffffe0229bf6b0 gp : ffffffff83f9a558 tp : ffffffe007f72f80 t0 : ffffffff83c62b60 t1 : ffffffc40b5bc914 t2 : 0000000000000000 s0 : ffffffe0229bf790 s1 : 0000000000001fff a0 : 0000000000000016 a1 : 00000000000f0000 a2 : 0000000000000002 a3 : ffffffff800e5d66 a4 : e57e64d13ac0ca00 a5 : e57e64d13ac0ca00 a6 : 0000000000f00000 a7 : ffffffe05ade48a3 s2 : 0000000084a4319d s3 : ffffffff83fb07c0 s4 : 0000000000000000 s5 : ffffffe007f73928 s6 : ffffffff83fb0590 s7 : ffffffe007f739d0 s8 : ffffffe007f72f80 s9 : 0000000000000994 s10: 0000000000001000 s11: 000000000004119d t3 : 000000002d2d2d2d t4 : ffffffc40b5bc914 t5 : ffffffc40b5bc915 t6 : ffffffe0229bf3b8 status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [<ffffffff800d80cc>] hlock_class kernel/locking/lockdep.c:203 [inline] [<ffffffff800d80cc>] hlock_class kernel/locking/lockdep.c:192 [inline] [<ffffffff800d80cc>] check_wait_context kernel/locking/lockdep.c:4688 [inline] [<ffffffff800d80cc>] __lock_acquire+0xb7c/0x2d84 kernel/locking/lockdep.c:4965 [<ffffffff800dafd4>] lock_acquire.part.0+0x15a/0x37c kernel/locking/lockdep.c:5625 [<ffffffff800db23a>] lock_acquire+0x44/0x5a kernel/locking/lockdep.c:5598 [<ffffffff805b92f2>] kernfs_drain fs/kernfs/dir.c:470 [inline] [<ffffffff805b92f2>] __kernfs_remove+0x686/0x730 fs/kernfs/dir.c:1339 [<ffffffff805bb55c>] kernfs_remove_by_name_ns+0x52/0xb8 fs/kernfs/dir.c:1532 [<ffffffff805c1094>] kernfs_remove_by_name include/linux/kernfs.h:598 [inline] [<ffffffff805c1094>] remove_files+0x66/0xf8 fs/sysfs/group.c:28 [<ffffffff805c118a>] sysfs_remove_group+0x64/0xee fs/sysfs/group.c:289 [<ffffffff805c2198>] sysfs_remove_groups fs/sysfs/group.c:313 [inline] [<ffffffff805c2198>] sysfs_remove_groups+0x50/0x78 fs/sysfs/group.c:305 [<ffffffff80fd9560>] device_remove_groups drivers/base/core.c:2445 [inline] [<ffffffff80fd9560>] device_remove_attrs+0xf4/0x10a drivers/base/core.c:2651 [<ffffffff80fdc16c>] device_del+0x2d4/0x6ce drivers/base/core.c:3545 [<ffffffff82293bc2>] netdev_unregister_kobject+0xf4/0x104 net/core/net-sysfs.c:1921 [<ffffffff822101d6>] unregister_netdevice_many+0x9b8/0xec0 net/core/dev.c:11066 [<ffffffff82210b6e>] default_device_exit_batch+0x228/0x258 net/core/dev.c:11569 [<ffffffff821ef57a>] ops_exit_list+0xb2/0xcc net/core/net_namespace.c:171 [<ffffffff821f0cf2>] cleanup_net+0x3ca/0x6b2 net/core/net_namespace.c:591 [<ffffffff80064612>] process_one_work+0x5e4/0xf5c kernel/workqueue.c:2297 [<ffffffff800652e0>] worker_thread+0x356/0x8e6 kernel/workqueue.c:2444 [<ffffffff800770a8>] kthread+0x25c/0x2c6 kernel/kthread.c:319 [<ffffffff800051aa>] ret_from_exception+0x0/0x14 irq event stamp: 305553 hardirqs last enabled at (305553): [<ffffffff803f293c>] kasan_quarantine_put+0x194/0x1f6 mm/kasan/quarantine.c:220 hardirqs last disabled at (305552): [<ffffffff803f284c>] kasan_quarantine_put+0xa4/0x1f6 mm/kasan/quarantine.c:193 softirqs last enabled at (305512): [<ffffffff82be4e78>] softirq_handle_end kernel/softirq.c:401 [inline] softirqs last enabled at (305512): [<ffffffff82be4e78>] __do_softirq+0x5f8/0x8dc kernel/softirq.c:587 softirqs last disabled at (305505): [<ffffffff80036abc>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline] softirqs last disabled at (305505): [<ffffffff80036abc>] invoke_softirq kernel/softirq.c:439 [inline] softirqs last disabled at (305505): [<ffffffff80036abc>] __irq_exit_rcu+0x142/0x1f8 kernel/softirq.c:636 ---[ end trace ffa6dadad644eee5 ]--- ================================================================== BUG: KASAN: null-ptr-deref in check_wait_context kernel/locking/lockdep.c:4688 [inline] BUG: KASAN: null-ptr-deref in __lock_acquire+0x2b8/0x2d84 kernel/locking/lockdep.c:4965 Read of size 1 at addr 00000000000000b8 by task kworker/u4:6/6652 CPU: 1 PID: 6652 Comm: kworker/u4:6 Tainted: G W 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 Hardware name: riscv-virtio,qemu (DT) Workqueue: netns cleanup_net Call Trace: [<ffffffff8000957e>] dump_backtrace+0x2e/0x3c arch/riscv/kernel/stacktrace.c:112 ================================================================== Unable to handle kernel NULL pointer dereference at virtual address 00000000000000b8 Oops [#1] Modules linked in: CPU: 1 PID: 6652 Comm: kworker/u4:6 Tainted: G B W 5.15.0-rc1-syzkaller-00001-g64a19591a293 #0 Hardware name: riscv-virtio,qemu (DT) Workqueue: netns cleanup_net epc : check_wait_context kernel/locking/lockdep.c:4688 [inline] epc : __lock_acquire+0x2bc/0x2d84 kernel/locking/lockdep.c:4965 ra : check_wait_context kernel/locking/lockdep.c:4688 [inline] ra : __lock_acquire+0x2b8/0x2d84 kernel/locking/lockdep.c:4965 epc : ffffffff800d780c ra : ffffffff800d7808 sp : ffffffe0229bf6b0 gp : ffffffff83f9a558 tp : ffffffe007f72f80 t0 : ffffffff852b6bd7 t1 : ffffffc7f07f366c t2 : 0000000000000000 s0 : ffffffe0229bf790 s1 : 0000000000000000 a0 : ffffffe007f739f0 a1 : 0000000000000007 a2 : 1ffffffc00fee5f0 a3 : ffffffff82be4084 a4 : 0000000000000000 a5 : ffffffe007f73f80 a6 : 0000000000f00000 a7 : ffffffff83f9b363 s2 : 0000000084a4319d s3 : ffffffff83fb07c0 s4 : 0000000000000000 s5 : ffffffe007f73928 s6 : ffffffff83fb0590 s7 : ffffffe007f739d0 s8 : ffffffe007f72f80 s9 : 0000000000000994 s10: 0000000000001000 s11: 000000000004119d t3 : 000000000000003d t4 : ffffffc7f07f366c t5 : ffffffc7f07f366d t6 : ffffffe0229bf328 status: 0000000000000100 badaddr: 00000000000000b8 cause: 000000000000000d [<ffffffff800d780c>] hlock_class kernel/locking/lockdep.c:194 [inline] [<ffffffff800d780c>] check_wait_context kernel/locking/lockdep.c:4689 [inline] [<ffffffff800d780c>] __lock_acquire+0x2bc/0x2d84 kernel/locking/lockdep.c:4965 [<ffffffff800dafd4>] lock_acquire.part.0+0x15a/0x37c kernel/locking/lockdep.c:5625 [<ffffffff800db23a>] lock_acquire+0x44/0x5a kernel/locking/lockdep.c:5598 [<ffffffff805b92f2>] kernfs_drain fs/kernfs/dir.c:470 [inline] [<ffffffff805b92f2>] __kernfs_remove+0x686/0x730 fs/kernfs/dir.c:1339 [<ffffffff805bb55c>] kernfs_remove_by_name_ns+0x52/0xb8 fs/kernfs/dir.c:1532 [<ffffffff805c1094>] kernfs_remove_by_name include/linux/kernfs.h:598 [inline] [<ffffffff805c1094>] remove_files+0x66/0xf8 fs/sysfs/group.c:28 [<ffffffff805c118a>] sysfs_remove_group+0x64/0xee fs/sysfs/group.c:289 [<ffffffff805c2198>] sysfs_remove_groups fs/sysfs/group.c:313 [inline] [<ffffffff805c2198>] sysfs_remove_groups+0x50/0x78 fs/sysfs/group.c:305 [<ffffffff80fd9560>] device_remove_groups drivers/base/core.c:2445 [inline] [<ffffffff80fd9560>] device_remove_attrs+0xf4/0x10a drivers/base/core.c:2651 [<ffffffff80fdc16c>] device_del+0x2d4/0x6ce drivers/base/core.c:3545 [<ffffffff82293bc2>] netdev_unregister_kobject+0xf4/0x104 net/core/net-sysfs.c:1921 [<ffffffff822101d6>] unregister_netdevice_many+0x9b8/0xec0 net/core/dev.c:11066 [<ffffffff82210b6e>] default_device_exit_batch+0x228/0x258 net/core/dev.c:11569 [<ffffffff821ef57a>] ops_exit_list+0xb2/0xcc net/core/net_namespace.c:171 [<ffffffff821f0cf2>] cleanup_net+0x3ca/0x6b2 net/core/net_namespace.c:591 [<ffffffff80064612>] process_one_work+0x5e4/0xf5c kernel/workqueue.c:2297 [<ffffffff800652e0>] worker_thread+0x356/0x8e6 kernel/workqueue.c:2444 [<ffffffff800770a8>] kthread+0x25c/0x2c6 kernel/kthread.c:319 [<ffffffff800051aa>] ret_from_exception+0x0/0x14 ---[ end trace ffa6dadad644eee6 ]---
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2022/02/05 02:44 | git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes | 64a19591a293 | e13a05ed | .config | console log | report | info | ci-qemu2-riscv64 | WARNING: locking bug in __kernfs_remove |