syzbot


WARNING in __percpu_ref_exit (2)

Status: fixed on 2021/11/10 00:50
Reported-by: syzbot+d6218cb2fae0b2411e9d@syzkaller.appspotmail.com
Fix commit: a298232ee6b9 io_uring: fix link timeout refs
First crash: 561d, last: 322d

Cause bisection: failed (bisect log)

Fix bisection: fixed by (bisect log) :
commit 43016d02cf6e46edfc4696452251d34bba0c0435
Author: Florian Westphal <fw@strlen.de>
Date: Mon May 3 11:51:15 2021 +0000

  netfilter: arptables: use pernet ops struct during unregister

similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in __percpu_ref_exit 15 568d 664d 0/24 closed as dup on 2020/12/23 23:15
Patch testing requests:
Created Duration User Patch Repo Result
2021/09/16 13:18 12m asml.silence@gmail.com https://github.com/isilence/linux.git syz_test_quiesce_files OK
2021/04/19 12:07 19m asml.silence@gmail.com git://git.kernel.dk/linux-block for-5.13/io_uring OK

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 169 at lib/percpu-refcount.c:113 __percpu_ref_exit+0x98/0x100 lib/percpu-refcount.c:113
Modules linked in:
CPU: 1 PID: 169 Comm: kworker/u4:3 Not tainted 5.12.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events_unbound io_ring_exit_work
RIP: 0010:__percpu_ref_exit+0x98/0x100 lib/percpu-refcount.c:113
Code: fd 49 8d 7c 24 10 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 61 49 83 7c 24 10 00 74 07 e8 a8 4a ab fd <0f> 0b e8 a1 4a ab fd 48 89 ef e8 69 f0 d9 fd 48 89 da 48 b8 00 00
RSP: 0018:ffffc90001077b48 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff88802d5ca000 RCX: 0000000000000000
RDX: ffff88801217a1c0 RSI: ffffffff83c7db28 RDI: ffff88801d58f010
RBP: 0000607f4607bcb8 R08: 0000000000000000 R09: ffffffff8fa9f977
R10: ffffffff83c7dac8 R11: 0000000000000009 R12: ffff88801d58f000
R13: 000000010002865e R14: ffff88801d58f000 R15: ffff88802d5ca8b0
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000044 CR3: 0000000015c02000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 percpu_ref_exit+0x3b/0x140 lib/percpu-refcount.c:134
 io_ring_ctx_free fs/io_uring.c:8483 [inline]
 io_ring_exit_work+0xa64/0x12d0 fs/io_uring.c:8620
 process_one_work+0x98d/0x1600 kernel/workqueue.c:2275
 worker_thread+0x64c/0x1120 kernel/workqueue.c:2421
 kthread+0x3b1/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Crashes (31):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2021/04/18 19:29 upstream c98ff1d013d2 7e2b734b .config log report syz C WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-root 2021/04/26 17:23 upstream 9f4ad9e425a1 e60b7df1 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-selinux-root 2021/04/18 10:51 upstream c98ff1d013d2 7e2b734b .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-selinux-root 2021/04/12 15:15 upstream d434405aaab7 bfeda1b1 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce 2021/04/08 00:36 upstream 3a22981230f9 6a81331a .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce 2021/04/07 22:56 upstream 3a22981230f9 6a81331a .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-selinux-root 2021/04/01 05:43 upstream d19cc4bfbff1 6a81331a .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-selinux-root 2021/03/28 20:37 upstream 81b1d39fd39a a8529b82 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-selinux-root 2021/03/26 21:46 upstream db24726bfefa a8529b82 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce 2021/03/26 08:11 upstream db24726bfefa 6a383ecf .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/11/09 04:13 upstream bf152b0b41dc 8ab17e57 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/10/26 15:43 upstream bf152b0b41dc d50eb50a .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/10/21 23:28 upstream bf152b0b41dc c5cb7da8 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/09/30 19:18 upstream bf152b0b41dc 0f01403d .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/09/15 14:25 upstream bf152b0b41dc 07e953c1 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/08/14 04:44 upstream bf152b0b41dc 2489ab88 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/07/15 02:41 upstream bf152b0b41dc b9a2f64e .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/05/29 05:49 upstream bf152b0b41dc 858ea628 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/04/28 15:46 upstream acd3d2859453 77e2b668 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm32 2021/04/22 04:37 upstream bf152b0b41dc 2bc8999a .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm64-mte 2021/04/21 12:41 upstream 1fe5501ba1ab 95777977 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/04/20 14:51 upstream 7af08140979a c0ced557 .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm64-mte 2021/04/16 19:39 upstream 2f7b98d1e55c 7e2b734b .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm64-mte 2021/04/15 04:20 upstream 7f75285ca572 fcdb12ba .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/04/05 20:52 upstream 0a50438c8436 6a81331a .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/03/30 02:58 upstream 1e43c377a79f 6a81331a .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm64-mte 2021/03/29 12:24 upstream a5e13c6df0e4 a8529b82 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/03/28 08:52 upstream 0f4498cef9f5 a8529b82 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/03/23 19:59 upstream 7acac4b3196c e613994b .config log report info WARNING in __percpu_ref_exit
ci-qemu2-arm64-mte 2021/03/18 20:34 upstream bf152b0b41dc c3a46f82 .config log report info WARNING in __percpu_ref_exit
ci-upstream-kasan-gce-386 2021/03/15 11:44 upstream 75013c6c52d8 cc1cff8f .config log report info WARNING in __percpu_ref_exit
* Struck through repros no longer work on HEAD.