syzbot |
sign-in | mailing list | source | docs |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| linux-5.15 | INFO: rcu detected stall in tcp_setsockopt | 1 | 81d | 81d | 0/3 | upstream: reported on 2024/06/27 09:05 | |||
| upstream | INFO: rcu detected stall in tcp_setsockopt netfilter | syz | error | 4 | 9h18m | 384d | 0/28 | upstream: reported syz repro on 2023/08/29 09:38 |
Free memory is -37040kB above reserved lowmemorykiller: Killing 'syz-executor.2' (3492) (tgid 3492), adj 1000, to free 34996kB on behalf of 'kswapd0' (33) because cache 136kB is below limit 6144kB for oom_score_adj 0 Free memory is -37008kB above reserved INFO: rcu_preempt detected stalls on CPUs/tasks: Tasks blocked on level-0 rcu_node (CPUs 0-1): P22439 (detected by 0, t=10502 jiffies, g=10718, c=10717, q=10959) syz-executor.1 R running task 26952 22439 2115 0x00000004 ffff8801db607c60 ffffffff813fa6fd ffffffff813fa504 ffff8801d3a1c740 ffffffff830cd6c0 0000000000000096 ffff8801d3a1cb20 dffffc0000000000 ffff8801db607c98 ffffffff81404e39 00000000000029dd 0000000000002acf Call Trace: <IRQ> [<ffffffff813fa6fd>] sched_show_task.cold.35+0x279/0x31f kernel/sched/core.c:5317 [<ffffffff81404e39>] rcu_print_detail_task_stall_rnp+0xc2/0xfe kernel/rcu/tree_plugin.h:530 [<ffffffff81405f5f>] rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:543 [inline] [<ffffffff81405f5f>] print_other_cpu_stall kernel/rcu/tree.c:1408 [inline] [<ffffffff81405f5f>] check_cpu_stall kernel/rcu/tree.c:1520 [inline] [<ffffffff81405f5f>] __rcu_pending kernel/rcu/tree.c:3487 [inline] [<ffffffff81405f5f>] rcu_pending kernel/rcu/tree.c:3551 [inline] [<ffffffff81405f5f>] rcu_check_callbacks.cold.69+0x757/0xd27 kernel/rcu/tree.c:2880 [<ffffffff81267470>] update_process_times+0x30/0x70 kernel/time/timer.c:1629 [<ffffffff8129641a>] tick_sched_handle.isra.5+0x4a/0xf0 kernel/time/tick-sched.c:151 [<ffffffff81296536>] tick_sched_timer+0x76/0x130 kernel/time/tick-sched.c:1190 [<ffffffff8126a197>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline] [<ffffffff8126a197>] __hrtimer_run_queues+0x357/0xe30 kernel/time/hrtimer.c:1319 [<ffffffff8126c681>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353 [<ffffffff810912d4>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:937 [<ffffffff8281b76c>] smp_apic_timer_interrupt+0x7c/0xb0 arch/x86/kernel/apic/apic.c:961 [<ffffffff8281902d>] apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:648 <EOI> [<ffffffff812270c8>] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1908 [<ffffffff81227438>] vprintk+0x28/0x30 kernel/printk/printk.c:1918 [<ffffffff8122745d>] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1919 [<ffffffff81402f9f>] vprintk_func kernel/printk/internal.h:36 [inline] [<ffffffff81402f9f>] printk+0xaf/0xd7 kernel/printk/printk.c:1980 [<ffffffff8222d9e8>] lowmem_scan.cold.1+0x1f9/0x35b drivers/staging/android/lowmemorykiller.c:177 [<ffffffff81449cc6>] do_shrink_slab mm/vmscan.c:398 [inline] [<ffffffff81449cc6>] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [<ffffffff814557fd>] shrink_slab mm/vmscan.c:465 [inline] [<ffffffff814557fd>] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [<ffffffff814560c7>] shrink_zones mm/vmscan.c:2749 [inline] [<ffffffff814560c7>] do_try_to_free_pages mm/vmscan.c:2791 [inline] [<ffffffff814560c7>] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [<ffffffff81428a01>] __perform_reclaim mm/page_alloc.c:3324 [inline] [<ffffffff81428a01>] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [<ffffffff81428a01>] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [<ffffffff81428a01>] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [<ffffffff814c9e8b>] __alloc_pages include/linux/gfp.h:433 [inline] [<ffffffff814c9e8b>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<ffffffff814c9e8b>] alloc_pages_node include/linux/gfp.h:460 [inline] [<ffffffff814c9e8b>] __vmalloc_area_node mm/vmalloc.c:1644 [inline] [<ffffffff814c9e8b>] __vmalloc_node_range+0x25b/0x600 mm/vmalloc.c:1702 [<ffffffff814ca71b>] __vmalloc_node mm/vmalloc.c:1745 [inline] [<ffffffff814ca71b>] __vmalloc_node_flags mm/vmalloc.c:1759 [inline] [<ffffffff814ca71b>] vmalloc+0x5b/0x70 mm/vmalloc.c:1774 [<ffffffff82450f79>] xt_alloc_table_info+0xc9/0x100 net/netfilter/x_tables.c:997 [<ffffffff82787355>] do_replace net/ipv6/netfilter/ip6_tables.c:1175 [inline] [<ffffffff82787355>] do_ip6t_set_ctl+0x235/0x470 net/ipv6/netfilter/ip6_tables.c:1712 [<ffffffff823e290d>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<ffffffff823e290d>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<ffffffff826f53f8>] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:922 [<ffffffff824deaa8>] tcp_setsockopt+0x88/0xe0 net/ipv4/tcp.c:2758 [<ffffffff822a747a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2706 [<ffffffff822a4d76>] SYSC_setsockopt net/socket.c:1785 [inline] [<ffffffff822a4d76>] SyS_setsockopt+0x166/0x260 net/socket.c:1764 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb syz-executor.1 R running task 26952 22439 2115 0x80000004 ffff8801db607c60 ffffffff813fa6fd ffffffff813fa504 ffff8801d3a1c740 ffffffff830cd6c0 0000000000000096 ffff8801d3a1cb20 dffffc0000000000 ffff8801db607c98 ffffffff81404e39 ffffffff830cda40 0000000000002acf Call Trace: <IRQ> [<ffffffff813fa6fd>] sched_show_task.cold.35+0x279/0x31f kernel/sched/core.c:5317 [<ffffffff81404e39>] rcu_print_detail_task_stall_rnp+0xc2/0xfe kernel/rcu/tree_plugin.h:530 [<ffffffff81405fb7>] rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:545 [inline] [<ffffffff81405fb7>] print_other_cpu_stall kernel/rcu/tree.c:1408 [inline] [<ffffffff81405fb7>] check_cpu_stall kernel/rcu/tree.c:1520 [inline] [<ffffffff81405fb7>] __rcu_pending kernel/rcu/tree.c:3487 [inline] [<ffffffff81405fb7>] rcu_pending kernel/rcu/tree.c:3551 [inline] [<ffffffff81405fb7>] rcu_check_callbacks.cold.69+0x7af/0xd27 kernel/rcu/tree.c:2880 [<ffffffff81267470>] update_process_times+0x30/0x70 kernel/time/timer.c:1629 [<ffffffff8129641a>] tick_sched_handle.isra.5+0x4a/0xf0 kernel/time/tick-sched.c:151 [<ffffffff81296536>] tick_sched_timer+0x76/0x130 kernel/time/tick-sched.c:1190 [<ffffffff8126a197>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline] [<ffffffff8126a197>] __hrtimer_run_queues+0x357/0xe30 kernel/time/hrtimer.c:1319 [<ffffffff8126c681>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353 [<ffffffff810912d4>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:937 [<ffffffff8281b76c>] smp_apic_timer_interrupt+0x7c/0xb0 arch/x86/kernel/apic/apic.c:961 [<ffffffff8281902d>] apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:648 <EOI> [<ffffffff812270c8>] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1908 [<ffffffff81227438>] vprintk+0x28/0x30 kernel/printk/printk.c:1918 [<ffffffff8122745d>] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1919 [<ffffffff81402f9f>] vprintk_func kernel/printk/internal.h:36 [inline] [<ffffffff81402f9f>] printk+0xaf/0xd7 kernel/printk/printk.c:1980 [<ffffffff8222d9e8>] lowmem_scan.cold.1+0x1f9/0x35b drivers/staging/android/lowmemorykiller.c:177 [<ffffffff81449cc6>] do_shrink_slab mm/vmscan.c:398 [inline] [<ffffffff81449cc6>] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [<ffffffff814557fd>] shrink_slab mm/vmscan.c:465 [inline] [<ffffffff814557fd>] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [<ffffffff814560c7>] shrink_zones mm/vmscan.c:2749 [inline] [<ffffffff814560c7>] do_try_to_free_pages mm/vmscan.c:2791 [inline] [<ffffffff814560c7>] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [<ffffffff81428a01>] __perform_reclaim mm/page_alloc.c:3324 [inline] [<ffffffff81428a01>] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [<ffffffff81428a01>] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [<ffffffff81428a01>] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [<ffffffff814c9e8b>] __alloc_pages include/linux/gfp.h:433 [inline] [<ffffffff814c9e8b>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<ffffffff814c9e8b>] alloc_pages_node include/linux/gfp.h:460 [inline] [<ffffffff814c9e8b>] __vmalloc_area_node mm/vmalloc.c:1644 [inline] [<ffffffff814c9e8b>] __vmalloc_node_range+0x25b/0x600 mm/vmalloc.c:1702 [<ffffffff814ca71b>] __vmalloc_node mm/vmalloc.c:1745 [inline] [<ffffffff814ca71b>] __vmalloc_node_flags mm/vmalloc.c:1759 [inline] [<ffffffff814ca71b>] vmalloc+0x5b/0x70 mm/vmalloc.c:1774 [<ffffffff82450f79>] xt_alloc_table_info+0xc9/0x100 net/netfilter/x_tables.c:997 [<ffffffff82787355>] do_replace net/ipv6/netfilter/ip6_tables.c:1175 [inline] [<ffffffff82787355>] do_ip6t_set_ctl+0x235/0x470 net/ipv6/netfilter/ip6_tables.c:1712 [<ffffffff823e290d>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<ffffffff823e290d>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<ffffffff826f53f8>] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:922 [<ffffffff824deaa8>] tcp_setsockopt+0x88/0xe0 net/ipv4/tcp.c:2758 [<ffffffff822a747a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2706 [<ffffffff822a4d76>] SYSC_setsockopt net/socket.c:1785 [inline] [<ffffffff822a4d76>] SyS_setsockopt+0x166/0x260 net/socket.c:1764 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb BUG: Bad rss-counter state mm:ffff8801c5521080 idx:0 val:3 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. audit: type=1400 audit(1555720881.306:200): avc: denied { relabelto } for pid=22520 comm="syz-executor.3" name="NETLINK" dev="sockfs" ino=82560 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:vhost_device_t:s0 tclass=netlink_route_socket permissive=1 netlink: 12 bytes leftover after parsing attributes in process `syz-executor.2'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65534 sclass=netlink_route_socket pig=22523 comm=syz-executor.3 audit: type=1400 audit(1555720881.486:201): avc: denied { write } for pid=22520 comm="syz-executor.3" path="socket:[82577]" dev="sockfs" ino=82577 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:vhost_device_t:s0 tclass=sock_file permissive=1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65534 sclass=netlink_route_socket pig=22530 comm=syz-executor.3 qtaguid: iface_stat: iface_check_stats_reset_and_adjust(lo): iface reset its stats unexpectedly SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22578 comm=syz-executor.1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=22580 comm=syz-executor.1 keychord: using input dev AT Translated Set 2 keyboard for fevent keychord: using input dev AT Translated Set 2 keyboard for fevent
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2019/04/20 00:41 | https://android.googlesource.com/kernel/common android-4.9 | 8fe428403e30 | b0e8efcb | .config | console log | report | ci-android-49-kasan-gce | |||||
| 2019/02/26 15:16 | https://android.googlesource.com/kernel/common android-4.9 | 8fe428403e30 | a36ecd98 | .config | console log | report | ci-android-49-kasan-gce |