syzbot


WARNING: locking bug in __queue_work

Status: upstream: reported C repro on 2018/12/12 11:11
Reported-by: syzbot+6174a6c5eba4b3cdd606@syzkaller.appspotmail.com
First crash: 1299d, last: 778d

Cause bisection: introduced by (bisect log) :
commit 52dfae5c85a4c1078e9f1d5e8947d4a25f73dd81
Author: Jon Maloy <jon.maloy@ericsson.com>
Date: Thu Mar 22 19:42:52 2018 +0000

  tipc: obtain node identity from interface by default

Crash: inconsistent lock state in rhashtable_walk_enter (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) :
commit ea22eee4e6027d8927099de344f7fff43c507ef9
Author: Bob Peterson <rpeterso@redhat.com>
Date: Wed Apr 29 13:45:54 2020 +0000

  gfs2: Allow lock_nolock mount to specify jid=X


Sample crash report:
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(class_idx > MAX_LOCKDEP_KEYS)
WARNING: CPU: 1 PID: 0 at kernel/locking/lockdep.c:3673 __lock_acquire+0x1887/0x3fb0 kernel/locking/lockdep.c:3673
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.1.0-rc5+ #73
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 panic+0x2cb/0x65c kernel/panic.c:214
 __warn.cold+0x20/0x45 kernel/panic.c:571
 report_bug+0x263/0x2b0 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:179 [inline]
 fixup_bug arch/x86/kernel/traps.c:174 [inline]
 do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:272
 do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:291
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973
RIP: 0010:__lock_acquire+0x1887/0x3fb0 kernel/locking/lockdep.c:3673
Code: d2 0f 85 7b 1f 00 00 44 8b 3d 29 0d 07 08 45 85 ff 0f 85 20 f3 ff ff 48 c7 c6 80 3f 6b 87 48 c7 c7 c0 15 6b 87 e8 67 e3 eb ff <0f> 0b e9 09 f3 ff ff 0f 0b e9 41 f1 ff ff 8b 1d c5 32 05 09 85 db
RSP: 0018:ffff8880ae907a98 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffffffff815afcb6 RDI: ffffed1015d20f45
RBP: ffff8880ae907bd0 R08: ffff8880aa28c340 R09: fffffbfff11335fd
R10: fffffbfff11335fc R11: ffffffff8899afe3 R12: 0000000066c4c36e
R13: 0000000000000023 R14: 00000000000c236e R15: 0000000000000000
 lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:4211
 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
 _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:144
 spin_lock include/linux/spinlock.h:329 [inline]
 __queue_work+0x99f/0x10e0 kernel/workqueue.c:1446
 delayed_work_timer_fn+0x5d/0x90 kernel/workqueue.c:1616
 call_timer_fn+0x190/0x720 kernel/time/timer.c:1325
 expire_timers kernel/time/timer.c:1358 [inline]
 __run_timers kernel/time/timer.c:1681 [inline]
 __run_timers kernel/time/timer.c:1649 [inline]
 run_timer_softirq+0x44c/0x1700 kernel/time/timer.c:1694
 __do_softirq+0x266/0x95a kernel/softirq.c:293
 invoke_softirq kernel/softirq.c:374 [inline]
 irq_exit+0x180/0x1d0 kernel/softirq.c:414
 exiting_irq arch/x86/include/asm/apic.h:536 [inline]
 smp_apic_timer_interrupt+0x14a/0x570 arch/x86/kernel/apic/apic.c:1062
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807
 </IRQ>
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x54/0x90 kernel/locking/spinlock.c:192
Code: c0 c0 96 92 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 33 48 83 3d 45 1a 82 01 00 74 20 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 62 5c 3d fa 65 8b 05 fb 70 f1 78 85 c0 74 06 41
RSP: 0018:ffff8880aa29fc70 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff11252d8 RBX: ffff8880aa28c340 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffff8880aa28cbbc
RBP: ffff8880aa29fc78 R08: ffff8880aa28c340 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880ae92cf80
R13: ffff8880a680c540 R14: 0000000000000000 R15: 0000000000000001
 finish_lock_switch kernel/sched/core.c:2627 [inline]
 finish_task_switch+0x146/0x780 kernel/sched/core.c:2727
 context_switch kernel/sched/core.c:2880 [inline]
 __schedule+0x81b/0x1cc0 kernel/sched/core.c:3518
 schedule_idle+0x58/0x80 kernel/sched/core.c:3589
 do_idle+0x192/0x560 kernel/sched/idle.c:286
 cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:353
 start_secondary+0x360/0x4d0 arch/x86/kernel/smpboot.c:267
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (37):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2019/04/18 09:32 upstream fe5cdef29e41 b0e8efcb .config log report syz C
ci-upstream-kasan-gce 2019/03/26 11:58 upstream a3ac7917b730 55684ce1 .config log report syz C
ci-upstream-kasan-gce-root 2019/03/12 17:18 upstream ea295481b6e3 a71bfb62 .config log report syz C
ci-upstream-kasan-gce 2019/02/15 16:36 upstream cb5b020a8d38 f6f233c0 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/04/12 05:27 upstream 2d06b235815e 13030ef8 .config log report syz
ci-upstream-kasan-gce-selinux-root 2019/03/26 11:49 upstream a3ac7917b730 55684ce1 .config log report syz
ci-upstream-kasan-gce-root 2018/12/11 21:46 upstream f5d582777bcb 7795ae03 .config log report syz
ci-upstream-kasan-gce-selinux-root 2018/12/11 21:28 upstream f5d582777bcb 7795ae03 .config log report syz
ci-upstream-kasan-gce-386 2019/05/07 11:56 upstream 71ae5fc87c34 d28f4ce5 .config log report syz
ci-upstream-kasan-gce-386 2019/04/12 02:51 upstream 2d06b235815e 13030ef8 .config log report syz
ci-upstream-kasan-gce-386 2019/02/27 06:50 upstream 7d762d69145a f2468c12 .config log report syz
ci-upstream-net-kasan-gce 2019/05/07 10:07 net-next 54516da1ea85 d28f4ce5 .config log report syz
ci-upstream-kasan-gce-smack-root 2019/03/26 19:26 upstream a3ac7917b730 55684ce1 .config log report
ci-upstream-kasan-gce-386 2019/05/31 04:29 upstream 20f944965601 d9aaf3c2 .config log report
ci-upstream-kasan-gce-386 2019/05/24 21:42 upstream c50bbf615f2f 85c57315 .config log report
ci-upstream-kasan-gce-386 2019/02/23 22:11 upstream e60b5f79bd75 7a06e792 .config log report
ci-upstream-net-this-kasan-gce 2019/06/01 21:59 net e8d67fa5696e 53c81ea5 .config log report
ci-upstream-net-this-kasan-gce 2019/05/25 12:30 net ce8d24f9a596 85c57315 .config log report
ci-upstream-net-this-kasan-gce 2019/04/29 05:06 net 21f1b8a6636c b617407b .config log report
ci-upstream-net-this-kasan-gce 2019/04/12 17:38 net e30584509659 8916f5e1 .config log report
ci-upstream-net-this-kasan-gce 2019/04/12 03:57 net 988dc4a9a3b6 13030ef8 .config log report
ci-upstream-net-this-kasan-gce 2019/03/08 23:54 net f98ec788511b 12365b99 .config log report
ci-upstream-net-this-kasan-gce 2019/03/03 10:41 net 46b1c18f9deb 1c0e457a .config log report
ci-upstream-net-this-kasan-gce 2019/02/28 15:40 net 5578de4834fe 09aeeba4 .config log report
ci-upstream-net-kasan-gce 2019/05/31 07:31 net-next 517f4c49aafc d9aaf3c2 .config log report
ci-upstream-net-kasan-gce 2019/05/29 01:41 net-next c7ae09253cb8 6bd61501 .config log report
ci-upstream-net-kasan-gce 2019/05/28 19:16 net-next c7ae09253cb8 6bd61501 .config log report
ci-upstream-net-kasan-gce 2019/05/25 10:28 net-next af5136f95045 85c57315 .config log report
ci-upstream-net-kasan-gce 2019/03/30 15:02 net-next 35f861e3c58e c35ee0ea .config log report
ci-upstream-net-kasan-gce 2019/03/24 01:01 net-next 3b0f31f2b8c9 a2cef203 .config log report
ci-upstream-net-kasan-gce 2019/03/17 06:53 net-next 3b319ee220a8 bab43553 .config log report
ci-upstream-net-kasan-gce 2019/03/13 00:24 net-next d9862cfbe209 a71bfb62 .config log report
ci-upstream-net-kasan-gce 2019/02/21 05:50 net-next 418e897e0716 c95f0707 .config log report
ci-upstream-net-kasan-gce 2019/02/06 23:39 net-next 5661f29ade24 d25487bc .config log report
ci-upstream-net-kasan-gce 2019/01/21 17:08 net-next 28f9d1a3d4fe badbbeee .config log report
ci-upstream-net-kasan-gce 2019/01/17 11:02 net-next bdbe8cc1a30c c2faf9b2 .config log report
ci-upstream-net-kasan-gce 2019/01/17 00:15 net-next 590ce401c207 d538790b .config log report