syzbot

 sign-in | mailing list | source | docs
🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: soft lockup in propagate_umount

Status: auto-closed as invalid on 2019/02/22 14:56
First crash: 2123d, last: 2123d

Sample crash report:
NMI watchdog: BUG: soft lockup - CPU#0 stuck for 134s! [syz-executor6:3830]
Modules linked in:
irq event stamp: 5466072
hardirqs last  enabled at (5466071): [<ffffffff839fa2a9>] restore_regs_and_iret+0x0/0x1d
hardirqs last disabled at (5466072): [<ffffffff839fb26b>] apic_timer_interrupt+0x9b/0xb0 arch/x86/entry/entry_64.S:648
softirqs last  enabled at (5437786): [<ffffffff83a0075c>] __do_softirq+0x46c/0x937 kernel/softirq.c:310
softirqs last disabled at (5434651): [<ffffffff8114b227>] invoke_softirq kernel/softirq.c:364 [inline]
softirqs last disabled at (5434651): [<ffffffff8114b227>] irq_exit+0x147/0x190 kernel/softirq.c:405
CPU: 0 PID: 3830 Comm: syz-executor6 Not tainted 4.9.109-g7cecc75 #54
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801b6a01800 task.stack: ffff88018df70000
RIP: 0010:[<ffffffff815e135b>]  [<ffffffff815e135b>] __lookup_mnt+0xab/0x120 fs/namespace.c:641
RSP: 0018:ffff88018df77ae8  EFLAGS: 00000246
RAX: 1ffff100386839c2 RBX: ffff8801c341ce00 RCX: 000000000000000e
RDX: 0000000000000000 RSI: ffffffff815e134b RDI: ffff8801c341ce10
RBP: ffff88018df77b08 R08: ffff88018df77c30 R09: 0000000000000001
R10: ffff8801b6a01800 R11: 1ffff10036d40422 R12: ffff8801c341cc20
R13: ffff8801b6521340 R14: dffffc0000000000 R15: dffffc0000000000
FS:  000000000293f940(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000a3c918 CR3: 000000018df44000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffff88018e222ec0 ffff88018e222ec0 ffff88018e223108 ffff8801c341cc00
 ffff88018df77c98 ffffffff8161158d ffff8801b6a020c0 ffff8801857bca18
 ffff88018df77d00 1ffff10031beef72 ffff88018df77c30 ffff8801857bc000
Call Trace:
 [<ffffffff8161158d>] propagate_umount+0x42d/0xe20 fs/pnode.c:568
 [<ffffffff815dc279>] umount_tree+0x699/0x820 fs/namespace.c:1486
 [<ffffffff815e011f>] do_umount+0x31f/0x830 fs/namespace.c:1600
 [<ffffffff815e27df>] SYSC_umount fs/namespace.c:1707 [inline]
 [<ffffffff815e27df>] SyS_umount+0x2ff/0x3f0 fs/namespace.c:1676
 [<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
 [<ffffffff839f9913>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: 48 89 d8 48 c1 e8 03 42 80 3c 30 00 75 65 48 8b 1b 48 85 db 74 52 e8 f5 d5 d7 ff 48 8d 7b 10 48 89 f8 48 c1 e8 03 42 80 3c 30 00 <75> 3f 48 8b 43 10 48 83 c0 20 49 39 c4 75 c1 e8 d1 d5 d7 ff 48 
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 25643 Comm: syz-executor2 Not tainted 4.9.109-g7cecc75 #54
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8801d8458000 task.stack: ffff8801b7728000
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] __read_once_size include/linux/compiler.h:243 [inline]
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] __read_seqcount_begin include/linux/seqlock.h:112 [inline]
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] raw_read_seqcount_begin include/linux/seqlock.h:147 [inline]
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] read_seqcount_begin include/linux/seqlock.h:164 [inline]
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] read_seqbegin include/linux/seqlock.h:433 [inline]
RIP: 0010:[<ffffffff815a05a0>] c [<ffffffff815a05a0>] path_init+0x1050/0x1580 fs/namei.c:2189
RSP: 0018:ffff8801b772fbc0  EFLAGS: 00000293
RAX: ffff8801d8458000 RBX: ffff8801b772fcf0 RCX: 1ffffffff08c1bc8
RDX: 0000000000000000 RSI: ffffffff815a0599 RDI: 0000000000000246
RBP: ffff8801b772fc58 R08: ffff8801d84588e8 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: fffffbfff08c1bc8
R13: ffff88016188c41c R14: 0000000000000043 R15: ffffffff8460de40
FS:  0000000000eae940(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f9c9316e000 CR3: 000000018f13a000 CR4: 00000000001606f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Stack:
 ffffffff815a39eac ffff8801d8458918c 0000000000000024c 0000000000000002c
 ffff8801d84588b4c 0000000000000000c ffff8801b772fdb0c ffffffff812367b4c
 0000000000000001c ffff8801b772fcc0c 0000000000000246c ffffffff846defa0c
Call Trace:
 [<ffffffff815a39ea>] path_lookupat.isra.41+0x2a/0x410 fs/namei.c:2277
 [<ffffffff815a95f7>] filename_lookup.part.55+0x177/0x370 fs/namei.c:2317
 [<ffffffff815a99b3>] filename_lookup fs/namei.c:2310 [inline]
 [<ffffffff815a99b3>] user_path_at_empty+0x53/0x70 fs/namei.c:2578
 [<ffffffff8156c3ab>] user_path_at include/linux/namei.h:55 [inline]
 [<ffffffff8156c3ab>] SYSC_chdir fs/open.c:452 [inline]
 [<ffffffff8156c3ab>] SyS_chdir+0x9b/0x1c0 fs/open.c:446
 [<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
 [<ffffffff839f9913>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: c41 c89 cd5 ce9 c21 cfa cff cff c48 cba c00 c00 c00 c00 c00 cfc cff cdf c49 c89 cc4 c49 c89 cc7 c49 cc1 cec c03 c49 c01 cd4 ce8 ca7 ce3 cdb cff cf3 c90 c41 c0f cb6 c14 c24 c<84> cd2 c74 c09 c80 cfa c03 c0f c8e c4c c04 c00 c00 c41 c8b c07 ca8 c01 c75 ce0 c41 c

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/06/24 01:57 https://android.googlesource.com/kernel/common android-4.9 7cecc756ceae 2064fc5c .config console log report ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.