syzbot

 sign-in | mailing list | source | docs
🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: rcu detected stall in _decode_session6

Status: auto-closed as invalid on 2019/02/22 14:56
First crash: 2133d, last: 2133d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in _decode_session6 net 4 2154d 2264d 0/26 closed as dup on 2018/02/12 15:26
android-44 INFO: rcu detected stall in _decode_session6 C 2 2134d 1838d 0/2 public: reported C repro on 2019/04/14 00:00

Sample crash report:
TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
IPVS: sync thread started: state = MASTER, mcast_ifn = syz_tun, syncid = 0, id = 0
IPVS: stopping master sync thread 12592 ...
IPVS: sync thread started: state = MASTER, mcast_ifn = syz_tun, syncid = 0, id = 0
INFO: rcu_preempt self-detected stall on CPU
	0-...: (12499 ticks this GP) idle=92f/140000000000001/0 softirq=73625/73625 fqs=6238 
	 (t=12500 jiffies g=21351 c=21350 q=1601)
Task dump for CPU 0:
syz-executor0   R  running task    28216 12539   3829 0x0000000c
 ffff8801db206f80 ffffffff81424689 ffff8801db221c00 0000000000000000
 dffffc0000000000 ffffffff846e0380 ffffffff846e0384 ffff8801db206fa0
 ffffffff814249ad ffffffff846e0300 0000000000000000 ffff8801db207008
Call Trace:
 <IRQ> [  596.111793]  [<ffffffff81424689>] sched_show_task.cold.127+0x1c9/0x279 kernel/sched/core.c:5321
 [<ffffffff814249ad>] dump_cpu_task+0x79/0x7e kernel/sched/core.c:9046
 [<ffffffff8142eb7a>] rcu_dump_cpu_stacks+0x191/0x1c1 kernel/rcu/tree.c:1303
 [<ffffffff8142f7b6>] print_cpu_stall kernel/rcu/tree.c:1446 [inline]
 [<ffffffff8142f7b6>] check_cpu_stall kernel/rcu/tree.c:1514 [inline]
 [<ffffffff8142f7b6>] __rcu_pending kernel/rcu/tree.c:3487 [inline]
 [<ffffffff8142f7b6>] rcu_pending kernel/rcu/tree.c:3551 [inline]
 [<ffffffff8142f7b6>] rcu_check_callbacks.cold.79+0x43a/0xd27 kernel/rcu/tree.c:2880
 [<ffffffff812a0990>] update_process_times+0x30/0x70 kernel/time/timer.c:1629
 [<ffffffff812cc565>] tick_sched_handle.isra.14+0x55/0xf0 kernel/time/tick-sched.c:151
 [<ffffffff812ccd82>] tick_sched_timer+0x72/0x120 kernel/time/tick-sched.c:1190
 [<ffffffff812a4645>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline]
 [<ffffffff812a4645>] __hrtimer_run_queues+0x375/0xe50 kernel/time/hrtimer.c:1319
 [<ffffffff812a5b81>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353
 [<ffffffff810b1d34>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:935
 [<ffffffff839ff15c>] smp_apic_timer_interrupt+0x7c/0xa0 arch/x86/kernel/apic/apic.c:959
 [<ffffffff839fb2f0>] apic_timer_interrupt+0xa0/0xb0 arch/x86/entry/entry_64.S:648
 [<ffffffff83630c54>] _decode_session6+0xbe4/0x14d0 net/ipv6/xfrm6_policy.c:150
 [<ffffffff834f7ce9>] __xfrm_decode_session+0x69/0x100 net/xfrm/xfrm_policy.c:2436
 [<ffffffff835d4e6e>] xfrm_decode_session_reverse include/net/xfrm.h:1110 [inline]
 [<ffffffff835d4e6e>] icmpv6_route_lookup+0x2ce/0x440 net/ipv6/icmp.c:362
 [<ffffffff835d6bdf>] icmp6_send+0xebf/0x1c40 net/ipv6/icmp.c:515
 [<ffffffff83679f84>] icmpv6_send+0xb4/0x1b0 net/ipv6/ip6_icmp.c:42
 [<ffffffff8359412d>] ip6_pkt_drop+0x16d/0x430 net/ipv6/route.c:2566
 [<ffffffff8359440c>] ip6_pkt_discard+0x1c/0x20 net/ipv6/route.c:2573
 [<ffffffff835641d5>] dst_input include/net/dst.h:513 [inline]
 [<ffffffff835641d5>] ip6_rcv_finish+0x155/0x680 net/ipv6/ip6_input.c:69
 [<ffffffff83567020>] NF_HOOK_THRESH include/linux/netfilter.h:232 [inline]
 [<ffffffff83567020>] NF_HOOK include/linux/netfilter.h:255 [inline]
 [<ffffffff83567020>] ipv6_rcv+0x1080/0x1fd0 net/ipv6/ip6_input.c:203
 [<ffffffff8307c100>] __netif_receive_skb_core+0x12a0/0x2a20 net/core/dev.c:4267
 [<ffffffff8307d8db>] __netif_receive_skb+0x5b/0x1b0 net/core/dev.c:4305
 [<ffffffff8307dc36>] process_backlog+0x206/0x6a0 net/core/dev.c:4926
 [<ffffffff83083c94>] napi_poll net/core/dev.c:5227 [inline]
 [<ffffffff83083c94>] net_rx_action+0x3c4/0xde0 net/core/dev.c:5292
 [<ffffffff83a0057b>] __do_softirq+0x20b/0x937 kernel/softirq.c:284
 [<ffffffff839fa99c>] do_softirq_own_stack+0x1c/0x30 arch/x86/entry/entry_64.S:843
 <EOI> [  596.480829]  [<ffffffff81149809>] do_softirq.part.14+0x99/0xb0 kernel/softirq.c:328
 [<ffffffff8114b009>] do_softirq+0x19/0x20 kernel/softirq.c:331
 [<ffffffff8308112d>] netif_rx_ni+0xbd/0x310 net/core/dev.c:3897
 [<ffffffff82815781>] tun_get_user+0xe21/0x2210 drivers/net/tun.c:1330
 [<ffffffff82816d85>] tun_chr_write_iter+0xd5/0x190 drivers/net/tun.c:1353
 [<ffffffff8156eb60>] new_sync_write fs/read_write.c:496 [inline]
 [<ffffffff8156eb60>] __vfs_write+0x3e0/0x580 fs/read_write.c:509
 [<ffffffff81572957>] vfs_write+0x187/0x530 fs/read_write.c:557
 [<ffffffff81576789>] SYSC_write fs/read_write.c:604 [inline]
 [<ffffffff81576789>] SyS_write+0xd9/0x1c0 fs/read_write.c:596
 [<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
 [<ffffffff839f9993>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/06/23 02:14 https://android.googlesource.com/kernel/common android-4.9 e7fd5b18769d c97f0d7a .config console log report ci-android-49-kasan-gce-root
* Struck through repros no longer work on HEAD.