syzbot

 sign-in | mailing list | source | docs
🐞 Open [196]
🐞 Fixed [42]
🐞 Invalid [470]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
💬 Send us feedback

INFO: rcu detected stall in __xfrm_decode_session

Status: auto-closed as invalid on 2019/02/22 13:29
First crash: 2333d, last: 2333d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in __xfrm_decode_session net 2 2374d 2427d 0/28 auto-closed as invalid on 2019/02/22 10:26
android-44 INFO: rcu detected stall in __xfrm_decode_session syz 3 2297d 2002d 0/2 public: reported syz repro on 2019/04/14 08:51

Sample crash report:
netlink: 11 bytes leftover after parsing attributes in process `syz-executor5'.
INFO: rcu_preempt self-detected stall on CPU
	0-...: (1 GPs behind) idle=7b7/140000000000001/0 softirq=128029/128034 fqs=6245 
	 (t=12500 jiffies g=27606 c=27605 q=3646)
Task dump for CPU 0:
syz-executor1   R  running task    28288 28341   3864 0x0000000c
 ffff8801db206f90 ffffffff814225f9 ffff8801db221b80 0000000000000000
 dffffc0000000000 ffffffff846e0300 ffffffff846e0304 ffff8801db206fb0
 ffffffff8142291d ffffffff846e0280 0000000000000000 ffff8801db207018
Call Trace:
 <IRQ> [  991.461401]  [<ffffffff814225f9>] sched_show_task.cold.127+0x1c9/0x279 kernel/sched/core.c:5321
 [<ffffffff8142291d>] dump_cpu_task+0x79/0x7e kernel/sched/core.c:9046
 [<ffffffff8142cabe>] rcu_dump_cpu_stacks+0x191/0x1c1 kernel/rcu/tree.c:1303
 [<ffffffff8142d6fa>] print_cpu_stall kernel/rcu/tree.c:1446 [inline]
 [<ffffffff8142d6fa>] check_cpu_stall kernel/rcu/tree.c:1514 [inline]
 [<ffffffff8142d6fa>] __rcu_pending kernel/rcu/tree.c:3487 [inline]
 [<ffffffff8142d6fa>] rcu_pending kernel/rcu/tree.c:3551 [inline]
 [<ffffffff8142d6fa>] rcu_check_callbacks.cold.79+0x43a/0xd27 kernel/rcu/tree.c:2880
 [<ffffffff8129ea70>] update_process_times+0x30/0x70 kernel/time/timer.c:1629
 [<ffffffff812ca645>] tick_sched_handle.isra.14+0x55/0xf0 kernel/time/tick-sched.c:151
 [<ffffffff812cae62>] tick_sched_timer+0x72/0x120 kernel/time/tick-sched.c:1190
 [<ffffffff812a2725>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline]
 [<ffffffff812a2725>] __hrtimer_run_queues+0x375/0xe50 kernel/time/hrtimer.c:1319
 [<ffffffff812a3c61>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353
 [<ffffffff810b0594>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:935
 [<ffffffff839f9ddc>] smp_apic_timer_interrupt+0x7c/0xa0 arch/x86/kernel/apic/apic.c:959
 [<ffffffff839f5f70>] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:648
 [<ffffffff834f30d9>] __xfrm_decode_session+0x69/0x100 net/xfrm/xfrm_policy.c:2436
 [<ffffffff835d008e>] xfrm_decode_session_reverse include/net/xfrm.h:1110 [inline]
 [<ffffffff835d008e>] icmpv6_route_lookup+0x2ce/0x440 net/ipv6/icmp.c:362
 [<ffffffff835d1dff>] icmp6_send+0xebf/0x1c40 net/ipv6/icmp.c:515
 [<ffffffff83674f94>] icmpv6_send+0xb4/0x1b0 net/ipv6/ip6_icmp.c:42
 [<ffffffff8358f3cd>] ip6_pkt_drop+0x16d/0x430 net/ipv6/route.c:2566
 [<ffffffff8358f6ac>] ip6_pkt_discard+0x1c/0x20 net/ipv6/route.c:2573
 [<ffffffff8355f475>] dst_input include/net/dst.h:513 [inline]
 [<ffffffff8355f475>] ip6_rcv_finish+0x155/0x680 net/ipv6/ip6_input.c:69
 [<ffffffff835622c0>] NF_HOOK_THRESH include/linux/netfilter.h:232 [inline]
 [<ffffffff835622c0>] NF_HOOK include/linux/netfilter.h:255 [inline]
 [<ffffffff835622c0>] ipv6_rcv+0x1080/0x1fd0 net/ipv6/ip6_input.c:203
 [<ffffffff83078030>] __netif_receive_skb_core+0x12a0/0x2a20 net/core/dev.c:4267
 [<ffffffff8307980b>] __netif_receive_skb+0x5b/0x1b0 net/core/dev.c:4305
 [<ffffffff83079b66>] process_backlog+0x206/0x6a0 net/core/dev.c:4926
 [<ffffffff8307fbc4>] napi_poll net/core/dev.c:5227 [inline]
 [<ffffffff8307fbc4>] net_rx_action+0x3c4/0xde0 net/core/dev.c:5292
 [<ffffffff839fb1fb>] __do_softirq+0x20b/0x937 kernel/softirq.c:284
 [<ffffffff839f561c>] do_softirq_own_stack+0x1c/0x30 arch/x86/entry/entry_64.S:843
 <EOI> [  991.831348]  [<ffffffff81147619>] do_softirq.part.14+0x99/0xb0 kernel/softirq.c:328
 [<ffffffff81148e19>] do_softirq+0x19/0x20 kernel/softirq.c:331
 [<ffffffff8307d05d>] netif_rx_ni+0xbd/0x310 net/core/dev.c:3897
 [<ffffffff82812361>] tun_get_user+0xe21/0x2210 drivers/net/tun.c:1330
 [<ffffffff82813965>] tun_chr_write_iter+0xd5/0x190 drivers/net/tun.c:1353
 [<ffffffff8156c400>] new_sync_write fs/read_write.c:496 [inline]
 [<ffffffff8156c400>] __vfs_write+0x3e0/0x580 fs/read_write.c:509
 [<ffffffff815701f7>] vfs_write+0x187/0x530 fs/read_write.c:557
 [<ffffffff81574029>] SYSC_write fs/read_write.c:604 [inline]
 [<ffffffff81574029>] SyS_write+0xd9/0x1c0 fs/read_write.c:596
 [<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
 [<ffffffff839f4613>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/05/18 00:41 https://android.googlesource.com/kernel/common android-4.9 73fdfa38c59d 738d58ad .config console log report ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.