syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
[25296] 0 25296 18178 8749 26 4 0 1000 syz-executor.3 [25350] 0 25350 18145 8746 26 4 0 1000 syz-executor.4 [25388] 0 25384 18244 5 27 4 0 1000 syz-executor.1 Out of memory: Kill process 2379 (syz-executor.0) score 1005 or sacrifice child Killed process 2379 (syz-executor.0) total-vm:72580kB, anon-rss:180kB, file-rss:34816kB, shmem-rss:0kB INFO: rcu_preempt detected stalls on CPUs/tasks: Tasks blocked on level-0 rcu_node (CPUs 0-1): P25389 (detected by 0, t=10502 jiffies, g=44549, c=44548, q=10286) syz-executor.1 R running task 26168 25389 2098 0x00000004 ffff8801db607c60 ffffffff813fa6fd ffffffff813fa504 ffff8801d985c740 ffffffff830cd6c0 0000000000000096 ffff8801d985cb20 dffffc0000000000 ffff8801db607c98 ffffffff81404e39 000000000000ae04 000000000000282e Call Trace: <IRQ> [<ffffffff813fa6fd>] sched_show_task.cold.35+0x279/0x31f kernel/sched/core.c:5317 [<ffffffff81404e39>] rcu_print_detail_task_stall_rnp+0xc2/0xfe kernel/rcu/tree_plugin.h:530 [<ffffffff81405f5f>] rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:543 [inline] [<ffffffff81405f5f>] print_other_cpu_stall kernel/rcu/tree.c:1408 [inline] [<ffffffff81405f5f>] check_cpu_stall kernel/rcu/tree.c:1520 [inline] [<ffffffff81405f5f>] __rcu_pending kernel/rcu/tree.c:3487 [inline] [<ffffffff81405f5f>] rcu_pending kernel/rcu/tree.c:3551 [inline] [<ffffffff81405f5f>] rcu_check_callbacks.cold.69+0x757/0xd27 kernel/rcu/tree.c:2880 [<ffffffff81267470>] update_process_times+0x30/0x70 kernel/time/timer.c:1629 [<ffffffff8129641a>] tick_sched_handle.isra.5+0x4a/0xf0 kernel/time/tick-sched.c:151 [<ffffffff81296536>] tick_sched_timer+0x76/0x130 kernel/time/tick-sched.c:1190 [<ffffffff8126a197>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline] [<ffffffff8126a197>] __hrtimer_run_queues+0x357/0xe30 kernel/time/hrtimer.c:1319 [<ffffffff8126c681>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353 [<ffffffff810912d4>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:937 [<ffffffff8281b76c>] smp_apic_timer_interrupt+0x7c/0xb0 arch/x86/kernel/apic/apic.c:961 [<ffffffff8281902d>] apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:648 <EOI> [<ffffffff812270c8>] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1908 [<ffffffff81227438>] vprintk+0x28/0x30 kernel/printk/printk.c:1918 [<ffffffff8122745d>] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1919 [<ffffffff81402f9f>] vprintk_func kernel/printk/internal.h:36 [inline] [<ffffffff81402f9f>] printk+0xaf/0xd7 kernel/printk/printk.c:1980 [<ffffffff8222d9e8>] lowmem_scan.cold.1+0x1f9/0x35b drivers/staging/android/lowmemorykiller.c:177 [<ffffffff81449cc6>] do_shrink_slab mm/vmscan.c:398 [inline] [<ffffffff81449cc6>] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [<ffffffff814557fd>] shrink_slab mm/vmscan.c:465 [inline] [<ffffffff814557fd>] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [<ffffffff814560c7>] shrink_zones mm/vmscan.c:2749 [inline] [<ffffffff814560c7>] do_try_to_free_pages mm/vmscan.c:2791 [inline] [<ffffffff814560c7>] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [<ffffffff81428a01>] __perform_reclaim mm/page_alloc.c:3324 [inline] [<ffffffff81428a01>] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [<ffffffff81428a01>] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [<ffffffff81428a01>] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [<ffffffff814c9e8b>] __alloc_pages include/linux/gfp.h:433 [inline] [<ffffffff814c9e8b>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<ffffffff814c9e8b>] alloc_pages_node include/linux/gfp.h:460 [inline] [<ffffffff814c9e8b>] __vmalloc_area_node mm/vmalloc.c:1644 [inline] [<ffffffff814c9e8b>] __vmalloc_node_range+0x25b/0x600 mm/vmalloc.c:1702 [<ffffffff814ca71b>] __vmalloc_node mm/vmalloc.c:1745 [inline] [<ffffffff814ca71b>] __vmalloc_node_flags mm/vmalloc.c:1759 [inline] [<ffffffff814ca71b>] vmalloc+0x5b/0x70 mm/vmalloc.c:1774 [<ffffffff82450f79>] xt_alloc_table_info+0xc9/0x100 net/netfilter/x_tables.c:997 [<ffffffff82787355>] do_replace net/ipv6/netfilter/ip6_tables.c:1175 [inline] [<ffffffff82787355>] do_ip6t_set_ctl+0x235/0x470 net/ipv6/netfilter/ip6_tables.c:1712 [<ffffffff823e290d>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<ffffffff823e290d>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<ffffffff826f53f8>] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:922 [<ffffffff82709a3a>] udpv6_setsockopt+0x4a/0x90 net/ipv6/udp.c:1351 [<ffffffff822a747a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2706 [<ffffffff822a4d76>] SYSC_setsockopt net/socket.c:1785 [inline] [<ffffffff822a4d76>] SyS_setsockopt+0x166/0x260 net/socket.c:1764 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb syz-executor.1 R running task 26168 25389 2098 0x80000004 ffff8801db607c60 ffffffff813fa6fd ffffffff813fa504 ffff8801d985c740 ffffffff830cd6c0 0000000000000096 ffff8801d985cb20 dffffc0000000000 ffff8801db607c98 ffffffff81404e39 ffffffff830cda40 000000000000282e Call Trace: <IRQ> [<ffffffff813fa6fd>] sched_show_task.cold.35+0x279/0x31f kernel/sched/core.c:5317 [<ffffffff81404e39>] rcu_print_detail_task_stall_rnp+0xc2/0xfe kernel/rcu/tree_plugin.h:530 [<ffffffff81405fb7>] rcu_print_detail_task_stall kernel/rcu/tree_plugin.h:545 [inline] [<ffffffff81405fb7>] print_other_cpu_stall kernel/rcu/tree.c:1408 [inline] [<ffffffff81405fb7>] check_cpu_stall kernel/rcu/tree.c:1520 [inline] [<ffffffff81405fb7>] __rcu_pending kernel/rcu/tree.c:3487 [inline] [<ffffffff81405fb7>] rcu_pending kernel/rcu/tree.c:3551 [inline] [<ffffffff81405fb7>] rcu_check_callbacks.cold.69+0x7af/0xd27 kernel/rcu/tree.c:2880 [<ffffffff81267470>] update_process_times+0x30/0x70 kernel/time/timer.c:1629 [<ffffffff8129641a>] tick_sched_handle.isra.5+0x4a/0xf0 kernel/time/tick-sched.c:151 [<ffffffff81296536>] tick_sched_timer+0x76/0x130 kernel/time/tick-sched.c:1190 [<ffffffff8126a197>] __run_hrtimer kernel/time/hrtimer.c:1255 [inline] [<ffffffff8126a197>] __hrtimer_run_queues+0x357/0xe30 kernel/time/hrtimer.c:1319 [<ffffffff8126c681>] hrtimer_interrupt+0x1b1/0x430 kernel/time/hrtimer.c:1353 [<ffffffff810912d4>] local_apic_timer_interrupt+0x74/0xa0 arch/x86/kernel/apic/apic.c:937 [<ffffffff8281b76c>] smp_apic_timer_interrupt+0x7c/0xb0 arch/x86/kernel/apic/apic.c:961 [<ffffffff8281902d>] apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:648 <EOI> [<ffffffff812270c8>] vprintk_emit+0x448/0x790 kernel/printk/printk.c:1908 [<ffffffff81227438>] vprintk+0x28/0x30 kernel/printk/printk.c:1918 [<ffffffff8122745d>] vprintk_default+0x1d/0x30 kernel/printk/printk.c:1919 [<ffffffff81402f9f>] vprintk_func kernel/printk/internal.h:36 [inline] [<ffffffff81402f9f>] printk+0xaf/0xd7 kernel/printk/printk.c:1980 [<ffffffff8222d9e8>] lowmem_scan.cold.1+0x1f9/0x35b drivers/staging/android/lowmemorykiller.c:177 [<ffffffff81449cc6>] do_shrink_slab mm/vmscan.c:398 [inline] [<ffffffff81449cc6>] shrink_slab.part.8+0x3c6/0xa00 mm/vmscan.c:501 [<ffffffff814557fd>] shrink_slab mm/vmscan.c:465 [inline] [<ffffffff814557fd>] shrink_node+0x1ed/0x740 mm/vmscan.c:2602 [<ffffffff814560c7>] shrink_zones mm/vmscan.c:2749 [inline] [<ffffffff814560c7>] do_try_to_free_pages mm/vmscan.c:2791 [inline] [<ffffffff814560c7>] try_to_free_pages+0x377/0xb80 mm/vmscan.c:3002 [<ffffffff81428a01>] __perform_reclaim mm/page_alloc.c:3324 [inline] [<ffffffff81428a01>] __alloc_pages_direct_reclaim mm/page_alloc.c:3345 [inline] [<ffffffff81428a01>] __alloc_pages_slowpath mm/page_alloc.c:3697 [inline] [<ffffffff81428a01>] __alloc_pages_nodemask+0x981/0x1bd0 mm/page_alloc.c:3862 [<ffffffff814c9e8b>] __alloc_pages include/linux/gfp.h:433 [inline] [<ffffffff814c9e8b>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<ffffffff814c9e8b>] alloc_pages_node include/linux/gfp.h:460 [inline] [<ffffffff814c9e8b>] __vmalloc_area_node mm/vmalloc.c:1644 [inline] [<ffffffff814c9e8b>] __vmalloc_node_range+0x25b/0x600 mm/vmalloc.c:1702 [<ffffffff814ca71b>] __vmalloc_node mm/vmalloc.c:1745 [inline] [<ffffffff814ca71b>] __vmalloc_node_flags mm/vmalloc.c:1759 [inline] [<ffffffff814ca71b>] vmalloc+0x5b/0x70 mm/vmalloc.c:1774 [<ffffffff82450f79>] xt_alloc_table_info+0xc9/0x100 net/netfilter/x_tables.c:997 [<ffffffff82787355>] do_replace net/ipv6/netfilter/ip6_tables.c:1175 [inline] [<ffffffff82787355>] do_ip6t_set_ctl+0x235/0x470 net/ipv6/netfilter/ip6_tables.c:1712 [<ffffffff823e290d>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<ffffffff823e290d>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<ffffffff826f53f8>] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:922 [<ffffffff82709a3a>] udpv6_setsockopt+0x4a/0x90 net/ipv6/udp.c:1351 [<ffffffff822a747a>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2706 [<ffffffff822a4d76>] SYSC_setsockopt net/socket.c:1785 [inline] [<ffffffff822a4d76>] SyS_setsockopt+0x166/0x260 net/socket.c:1764 [<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285 [<ffffffff82817893>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb ip6_tunnel: 6tnl0 xmit: Local address not yet configured! BUG: Bad rss-counter state mm:ffff8801b249b180 idx:0 val:5 audit_printk_skb: 234 callbacks suppressed audit: type=1400 audit(1553322113.233:226242): avc: denied { net_raw } for pid=25410 comm="syz-executor.2" capability=13 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.243:226243): avc: denied { sys_admin } for pid=25409 comm="syz-executor.0" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.253:226244): avc: denied { create } for pid=25411 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1553322113.253:226245): avc: denied { write } for pid=25411 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1553322113.273:226246): avc: denied { sys_admin } for pid=25409 comm="syz-executor.0" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.293:226247): avc: denied { net_admin } for pid=25409 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.343:226248): avc: denied { sys_admin } for pid=25409 comm="syz-executor.0" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.343:226249): avc: denied { sys_admin } for pid=25409 comm="syz-executor.0" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.383:226250): avc: denied { sys_admin } for pid=25413 comm="syz-executor.3" capability=21 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1 audit: type=1400 audit(1553322113.473:226251): avc: denied { net_admin } for pid=25409 comm="syz-executor.0" capability=12 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=cap_userns permissive=1
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2019/03/23 06:21 | https://android.googlesource.com/kernel/common android-4.9 | 8fe428403e30 | 3361bde5 | .config | console log | report | ci-android-49-kasan-gce |