syzbot

 sign-in | mailing list | source | docs
🐞 Open [1646]
Subsystems
🐞 Fixed [6009]
🐞 Invalid [14804]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: suspicious RCU usage in alloc_netdev_mqs

Status: closed as invalid on 2018/09/03 05:00
Subsystems: kernel
[Documentation on labels]
First crash: 2340d, last: 2340d

Sample crash report:
1965969 pages RAM
0 pages HighMem/MovableOnly
335720 pages reserved
syz-executor3: vmalloc: allocation failure: 824632934400 bytes, mode:0x6084c0(GFP_KERNEL|__GFP_RETRY_MAYFAIL|__GFP_ZERO), nodemask=(null)
=============================
WARNING: suspicious RCU usage
syz-executor3 cpuset=
4.19.0-rc1+ #219 Not tainted
-----------------------------
kernel/pid.c:330 suspicious rcu_dereference_check() usage!

other info that might help us debug this:

syz3

rcu_scheduler_active = 2, debug_locks = 1
 mems_allowed=0
1 lock held by syz-executor7/30157:
 #0: 
CPU: 0 PID: 30158 Comm: syz-executor3 Not tainted 4.19.0-rc1+ #219
00000000f1b262be
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 (
 warn_alloc.cold.119+0xb7/0x1bd mm/page_alloc.c:3426
bpfilter_lock
){+.+.}
 __vmalloc_node_range+0x472/0x760 mm/vmalloc.c:1762
, at: __bpfilter_process_sockopt+0x1c5/0x39b net/bpfilter/bpfilter_kern.c:64

stack backtrace:
 __vmalloc_node mm/vmalloc.c:1791 [inline]
 __vmalloc_node_flags_caller+0x75/0x90 mm/vmalloc.c:1813
 kvmalloc_node+0xd7/0xf0 mm/util.c:432
 kvmalloc include/linux/mm.h:577 [inline]
 kvzalloc include/linux/mm.h:585 [inline]
 netif_alloc_rx_queues net/core/dev.c:8276 [inline]
 alloc_netdev_mqs+0xa1c/0x1000 net/core/dev.c:8935
 rtnl_create_link+0x16b/0x9c0 net/core/rtnetlink.c:2836
 rtnl_newlink+0xded/0x1d50 net/core/rtnetlink.c:3089
 rtnetlink_rcv_msg+0x46e/0xc30 net/core/rtnetlink.c:4711
 netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
 netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
 netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
 sock_sendmsg_nosec net/socket.c:621 [inline]
 sock_sendmsg+0xd5/0x120 net/socket.c:631
 ___sys_sendmsg+0x7fd/0x930 net/socket.c:2114
 __sys_sendmsg+0x11d/0x290 net/socket.c:2152
 __do_sys_sendmsg net/socket.c:2161 [inline]
 __se_sys_sendmsg net/socket.c:2159 [inline]
 __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2159
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457099
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fcf55492c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fcf554936d4 RCX: 0000000000457099
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000006
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d4890 R14: 00000000004c8ee5 R15: 0000000000000000
CPU: 1 PID: 30157 Comm: syz-executor7 Not tainted 4.19.0-rc1+ #219
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 lockdep_rcu_suspicious+0x14a/0x153 kernel/locking/lockdep.c:4537
 pid_task+0x1ce/0x200 kernel/pid.c:329
 shutdown_umh.constprop.0+0x33/0x7c net/bpfilter/bpfilter_kern.c:26
 __stop_umh net/bpfilter/bpfilter_kern.c:38 [inline]
 __bpfilter_process_sockopt.cold.1+0x9b/0xa0 net/bpfilter/bpfilter_kern.c:78
 bpfilter_mbox_request+0x4d/0xb0 net/ipv4/bpfilter/sockopt.c:25
 bpfilter_ip_get_sockopt+0x6b/0x90 net/ipv4/bpfilter/sockopt.c:42
 ip_getsockopt+0x247/0x2b0 net/ipv4/ip_sockglue.c:1566
 udp_getsockopt+0x62/0xa0 net/ipv4/udp.c:2574
 sock_common_getsockopt+0x9a/0xe0 net/core/sock.c:2997
 __sys_getsockopt+0x1ad/0x390 net/socket.c:1937
 __do_sys_getsockopt net/socket.c:1948 [inline]
 __se_sys_getsockopt net/socket.c:1945 [inline]
 __x64_sys_getsockopt+0xbe/0x150 net/socket.c:1945
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457099
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fba94ae8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00007fba94ae96d4 RCX: 0000000000457099
RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000007
RBP: 00000000009301e0 R08: 0000000020000000 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004cc550 R14: 00000000004c384d R15: 0000000000000002
syz-executor2: vmalloc: allocation failure: 824632934400 bytes, mode:0x6084c0(GFP_KERNEL|__GFP_RETRY_MAYFAIL|__GFP_ZERO), nodemask=(null)
syz-executor2 cpuset=syz2 mems_allowed=0
CPU: 1 PID: 30106 Comm: syz-executor2 Not tainted 4.19.0-rc1+ #219
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 warn_alloc.cold.119+0xb7/0x1bd mm/page_alloc.c:3426
 __vmalloc_node_range+0x472/0x760 mm/vmalloc.c:1762
 __vmalloc_node mm/vmalloc.c:1791 [inline]
 __vmalloc_node_flags_caller+0x75/0x90 mm/vmalloc.c:1813
 kvmalloc_node+0xd7/0xf0 mm/util.c:432
 kvmalloc include/linux/mm.h:577 [inline]
 kvzalloc include/linux/mm.h:585 [inline]
 netif_alloc_rx_queues net/core/dev.c:8276 [inline]
 alloc_netdev_mqs+0xa1c/0x1000 net/core/dev.c:8935
 rtnl_create_link+0x16b/0x9c0 net/core/rtnetlink.c:2836
 rtnl_newlink+0xded/0x1d50 net/core/rtnetlink.c:3089
 rtnetlink_rcv_msg+0x46e/0xc30 net/core/rtnetlink.c:4711
 netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
 rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
 netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
 netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
 sock_sendmsg_nosec net/socket.c:621 [inline]
 sock_sendmsg+0xd5/0x120 net/socket.c:631
 ___sys_sendmsg+0x7fd/0x930 net/socket.c:2114
 __sys_sendmsg+0x11d/0x290 net/socket.c:2152
 __do_sys_sendmsg net/socket.c:2161 [inline]
 __se_sys_sendmsg net/socket.c:2159 [inline]
 __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2159
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457099
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fe9892d9c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fe9892da6d4 RCX: 0000000000457099
RDX: 0000000000000000 RSI: 0000000020000200 RDI: 000000000000000c
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d4890 R14: 00000000004c8ee5 R15: 0000000000000001
warn_alloc_show_mem: 1 callbacks suppressed
Mem-Info:
active_anon:1103926 inactive_anon:182 isolated_anon:0
 active_file:5478 inactive_file:33329 isolated_file:0
 unevictable:0 dirty:143 writeback:0 unstable:0
 slab_reclaimable:10957 slab_unreclaimable:122762
 mapped:71494 shmem:214 pagetables:31630 bounce:0
 free:38157 free_pcp:1314 free_cma:0
Node 0 active_anon:4415704kB inactive_anon:728kB active_file:21912kB inactive_file:133316kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:285976kB dirty:572kB writeback:0kB shmem:856kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 3809280kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2842 6348 6348
Node 0 DMA32 free:68136kB min:30180kB low:37724kB high:45268kB active_anon:2379340kB inactive_anon:8kB active_file:644kB inactive_file:17084kB unevictable:0kB writepending:112kB present:3129292kB managed:2914220kB mlocked:0kB kernel_stack:18912kB pagetables:30052kB bounce:0kB free_pcp:2636kB local_pcp:1280kB free_cma:0kB
lowmem_reserve[]: 0 0 3506 3506
Node 0 Normal free:69456kB min:37236kB low:46544kB high:55852kB active_anon:2036340kB inactive_anon:720kB active_file:21268kB inactive_file:116232kB unevictable:0kB writepending:460kB present:4718592kB managed:3590868kB mlocked:0kB kernel_stack:48704kB pagetables:96172kB bounce:0kB free_pcp:2660kB local_pcp:1196kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 42*4kB (UME) 538*8kB (UME) 243*16kB (UME) 121*32kB (UME) 42*64kB (UM) 24*128kB (UME) 6*256kB (U) 3*512kB (UME) 2*1024kB (ME) 8*2048kB (UM) 7*4096kB (M) = 68168kB
Node 0 Normal: 656*4kB (UM) 18*8kB (UME) 992*16kB (UME) 641*32kB (UME) 4*64kB (UM) 3*128kB (M) 0*256kB 1*512kB (M) 23*1024kB (U) 3*2048kB (UM) 0*4096kB = 70000kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
39023 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
1965969 pages RAM
0 pages HighMem/MovableOnly
335720 pages reserved

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/09/02 22:27 upstream 899ba79553cf a4718693 .config console log report ci-upstream-kasan-gce
* Struck through repros no longer work on HEAD.