syzbot


WARNING in add_event_to_ctx

Status: upstream: reported C repro on 2019/06/20 13:17
Reported-by: syzbot+704bfe2c7d156640ad7a@syzkaller.appspotmail.com
First crash: 1110d, last: 1098d

Cause bisection: introduced by (bisect log) :
commit 33ea4b24277b06dbc55d7f5772a46f029600255e
Author: Song Liu <songliubraving@fb.com>
Date: Wed Dec 6 22:45:16 2017 +0000

  perf/core: Implement the 'perf_uprobe' PMU

Crash: WARNING in perf_group_attach (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) :
commit 311633b604063a8a5d3fbc74d0565b42df721f68
Author: Cong Wang <xiyou.wangcong@gmail.com>
Date: Wed Jul 10 06:24:54 2019 +0000

  hsr: switch ->dellink() to ->ndo_uninit()

similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 WARNING in add_event_to_ctx C 13 949d 1033d 0/3 public: reported C repro on 2019/09/05 03:44
android-414 WARNING in add_event_to_ctx C 30 953d 1033d 0/1 public: reported C repro on 2019/09/05 03:08
Patch testing requests:
Created Duration User Patch Repo Result
2020/09/11 09:28 5m anant.thazhemadam@gmail.com https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master error

Sample crash report:
WARNING: CPU: 0 PID: 9457 at kernel/events/core.c:1835 perf_group_attach kernel/events/core.c:1835 [inline]
WARNING: CPU: 0 PID: 9457 at kernel/events/core.c:1835 add_event_to_ctx+0x1351/0x1630 kernel/events/core.c:2393
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 9457 Comm: syz-executor071 Not tainted 5.2.0-rc7 #12
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1d8/0x2f8 lib/dump_stack.c:113
 panic+0x28a/0x7c9 kernel/panic.c:219
 __warn+0x216/0x220 kernel/panic.c:576
 report_bug+0x190/0x290 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:179 [inline]
 do_error_trap+0xd7/0x450 arch/x86/kernel/traps.c:272
 do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:291
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:986
RIP: 0010:perf_group_attach kernel/events/core.c:1835 [inline]
RIP: 0010:add_event_to_ctx+0x1351/0x1630 kernel/events/core.c:2393
Code: ff e8 c3 18 e6 ff 0f 0b e9 88 ed ff ff e8 b7 18 e6 ff 0f 0b e9 42 ed ff ff e8 ab 18 e6 ff 0f 0b e9 4f f8 ff ff e8 9f 18 e6 ff <0f> 0b e9 d5 f8 ff ff 48 c7 c1 a0 32 dd 88 80 e1 07 80 c1 03 38 c1
RSP: 0018:ffff8880aea09e48 EFLAGS: 00010006
RAX: ffffffff818f9941 RBX: ffff88809ef81518 RCX: ffff888099870540
RDX: 0000000080010003 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffff8880aea09ed0 R08: ffffffff818f91aa R09: ffffffff891b1018
R10: ffffffff891b1010 R11: ffffffff891b1003 R12: dffffc0000000000
R13: ffff88809ef81300 R14: ffffe8ffffc15758 R15: ffff88808904e140
 __perf_install_in_context+0x54a/0x7e0 kernel/events/core.c:2544
 remote_function+0xeb/0x170 kernel/events/core.c:86
 flush_smp_call_function_queue+0x2c6/0x4f0 kernel/smp.c:244
 generic_smp_call_function_single_interrupt+0x13/0x20 kernel/smp.c:193
 smp_call_function_single_interrupt+0x7f/0x90 arch/x86/kernel/smp.c:294
 call_function_single_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:828
 </IRQ>
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x5f/0x80 kernel/locking/spinlock.c:199
Code: 00 00 00 00 fc ff df 80 3c 08 00 74 0c 48 c7 c7 a0 63 aa 88 e8 82 86 16 fa 48 83 3d fa 0e 12 01 00 74 26 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 c7 ca b9 f9 65 8b 05 8c a8 69 78 85 c0 74 03 5b
RSP: 0018:ffff888089b2f450 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff04
RAX: 1ffffffff1154c74 RBX: ffff8880aea35100 RCX: dffffc0000000000
RDX: 0000000040000000 RSI: ffffffff81535dd1 RDI: ffff888099870d68
RBP: ffff888089b2f458 R08: ffff888099870d80 R09: ffffed1015d46a21
R10: ffffed1015d46a21 R11: 1ffff11015d46a20 R12: ffff8880aea35100
R13: ffff888099870540 R14: dffffc0000000000 R15: ffff88809b2dc5c0
 finish_lock_switch+0x31/0x40 kernel/sched/core.c:2568
 finish_task_switch+0x251/0x560 kernel/sched/core.c:2668
 context_switch kernel/sched/core.c:2821 [inline]
 __schedule+0x660/0x9e0 kernel/sched/core.c:3445
 schedule+0x131/0x1d0 kernel/sched/core.c:3509
 freezable_schedule include/linux/freezer.h:172 [inline]
 futex_wait_queue_me+0x344/0x570 kernel/futex.c:2598
 futex_wait+0x2dd/0x7c0 kernel/futex.c:2713
 do_futex+0x557/0x3f40 kernel/futex.c:3637
 __do_sys_futex kernel/futex.c:3698 [inline]
 __se_sys_futex+0x31d/0x440 kernel/futex.c:3666
 __x64_sys_futex+0xe5/0x100 kernel/futex.c:3666
 do_syscall_64+0xfe/0x140 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x447489
Code: e8 3c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 ab 06 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffd2d456de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: ffffffffffffffda RBX: 00000000000134a5 RCX: 0000000000447489
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00000000006dcc3c
RBP: 00000000006dcc3c R08: 0000000000000000 R09: 0000000000000000
R10: 00007ffd2d456e00 R11: 0000000000000246 R12: 00000000006dcc30
R13: 0000000000000001 R14: 000000000000002d R15: 20c49ba5e353f7cf
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (7):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-smack-root 2019/07/01 20:16 upstream 6fbc7275c7a9 907bf746 .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/06/20 08:10 upstream abf02e2964b3 34bf9440 .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/07/02 14:00 upstream 6fbc7275c7a9 55565fa0 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/30 19:02 upstream 6fbc7275c7a9 699d6448 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/30 16:16 upstream 6fbc7275c7a9 7509bf36 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/28 00:39 upstream 249155c20f9b 7509bf36 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/20 07:25 upstream abf02e2964b3 34bf9440 .config log report