syzbot


WARNING in fib6_del

Status: fixed on 2017/11/06 08:47
Fix commit: 7483cea79957 ipv6: fib: Unlink replaced routes from their nodes
First crash: 2384d, last: 2370d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 WARNING in fib6_del (2) C 6 1572d 1586d 0/3 public: reported C repro on 2019/10/30 15:36
android-49 WARNING in fib6_del 281 2346d 2384d 1/3 fixed on 2017/10/22 12:47

Sample crash report:
netlink: 1 bytes leftover after parsing attributes in process `syz-executor7'.
------------[ cut here ]------------
WARNING: CPU: 1 PID: 8 at net/ipv6/ip6_fib.c:1490 fib6_del+0x9d7/0xd50 net/ipv6/ip6_fib.c:1490
Kernel panic - not syncing: panic_on_warn set ...

CPU: 1 PID: 8 Comm: rcu_sched Not tainted 4.13.0+ #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:16 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:52
 panic+0x1e4/0x417 kernel/panic.c:181
 __warn+0x1c4/0x1d9 kernel/panic.c:542
 report_bug+0x211/0x2d0 lib/bug.c:183
 fixup_bug+0x40/0x90 arch/x86/kernel/traps.c:178
 do_trap_no_signal arch/x86/kernel/traps.c:212 [inline]
 do_trap+0x260/0x390 arch/x86/kernel/traps.c:261
 do_error_trap+0x120/0x390 arch/x86/kernel/traps.c:298
 do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:311
 invalid_op+0x18/0x20 arch/x86/entry/entry_64.S:905
RIP: 0010:fib6_del+0x9d7/0xd50 net/ipv6/ip6_fib.c:1490
RSP: 0018:ffff8801db307338 EFLAGS: 00010206
RAX: ffff8801d9f30200 RBX: ffff8801c91efa80 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffff8801cf6ea0b0 RDI: ffff8801c91efae4
RBP: ffff8801db307450 R08: ffff8801db306db0 R09: ffff8801db306da8
R10: ffff8801db306d20 R11: 1ffff1003b3e62d3 R12: dffffc0000000000
R13: ffff8801db3074b0 R14: ffff88019b670140 R15: 1ffff1003b660e71
 __ip6_del_rt+0xc7/0x120 net/ipv6/route.c:2146
 ip6_del_rt+0x132/0x1a0 net/ipv6/route.c:2159
 ip6_link_failure+0x1a6/0x580 net/ipv6/route.c:1362
 dst_link_failure include/net/dst.h:454 [inline]
 ndisc_error_report+0xae/0x180 net/ipv6/ndisc.c:682
 neigh_invalidate+0x22b/0x540 net/core/neighbour.c:883
 neigh_timer_handler+0x883/0xca0 net/core/neighbour.c:969
 call_timer_fn+0x246/0x850 kernel/time/timer.c:1281
 expire_timers kernel/time/timer.c:1320 [inline]
 __run_timers+0x7fd/0xb90 kernel/time/timer.c:1620
 run_timer_softirq+0x4c/0xb0 kernel/time/timer.c:1646
 __do_softirq+0x2bb/0xbd0 kernel/softirq.c:284
 invoke_softirq kernel/softirq.c:364 [inline]
 irq_exit+0x1d3/0x210 kernel/softirq.c:405
 exiting_irq arch/x86/include/asm/apic.h:638 [inline]
 smp_apic_timer_interrupt+0x177/0x710 arch/x86/kernel/apic/apic.c:1048
 apic_timer_interrupt+0x9d/0xb0 arch/x86/entry/entry_64.S:770
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:814 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x5e/0xba kernel/locking/spinlock.c:191
RSP: 0018:ffff8801d9f3f5e8 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
RAX: dffffc0000000000 RBX: 0000000000000282 RCX: 0000000000000000
RDX: 1ffffffff0b59435 RSI: 0000000000000001 RDI: 0000000000000282
RBP: ffff8801d9f3f5f8 R08: ffff8801db31af58 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801db31af40
R13: 0000000000000000 R14: ffff8801d9f3f668 R15: dffffc0000000000
 try_to_del_timer_sync+0xd1/0x120 kernel/time/timer.c:1184
 del_timer_sync+0x18a/0x240 kernel/time/timer.c:1247
 schedule_timeout+0x158/0x250 kernel/time/timer.c:1744
 rcu_gp_kthread+0x9ef/0x1940 kernel/rcu/tree.c:2237
 kthread+0x39c/0x470 kernel/kthread.c:231
 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431
Dumping ftrace buffer:
   (ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (24):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/09/06 12:28 upstream e7d0c41ecc2e 0ed1da4a .config console log report ci-upstream-kasan-gce
2017/09/04 03:27 upstream 5e3b19d8165c a54dce00 .config console log report ci-upstream-kasan-gce
2017/09/03 19:38 upstream 5e3b19d8165c a54dce00 .config console log report ci-upstream-kasan-gce
2017/09/03 04:05 upstream d0d6ab53c9ab a54dce00 .config console log report ci-upstream-kasan-gce
2017/09/02 11:27 upstream 54f70f52e3b3 aa51461a .config console log report ci-upstream-kasan-gce
2017/09/01 23:06 upstream 3e1d79c8111a 70ab363e .config console log report ci-upstream-kasan-gce
2017/09/01 04:01 upstream e89ce1f89f62 70ab363e .config console log report ci-upstream-kasan-gce
2017/08/31 03:49 upstream 42ff72cf2702 4ccdd782 .config console log report ci-upstream-kasan-gce
2017/08/31 01:43 upstream 42ff72cf2702 4ccdd782 .config console log report ci-upstream-kasan-gce
2017/08/30 14:14 upstream 36fde05f3fb5 1d000225 .config console log report ci-upstream-kasan-gce
2017/08/30 09:51 upstream 36fde05f3fb5 1d000225 .config console log report ci-upstream-kasan-gce
2017/08/30 02:17 upstream 785373b4c387 be291771 .config console log report ci-upstream-kasan-gce
2017/08/29 22:41 upstream 785373b4c387 be291771 .config console log report ci-upstream-kasan-gce
2017/08/29 18:30 upstream 785373b4c387 be291771 .config console log report ci-upstream-kasan-gce
2017/08/29 01:32 upstream cc4a41fe5541 0b652d72 .config console log report ci-upstream-kasan-gce
2017/08/28 20:22 upstream cc4a41fe5541 0b652d72 .config console log report ci-upstream-kasan-gce
2017/08/28 18:48 upstream cc4a41fe5541 0b652d72 .config console log report ci-upstream-kasan-gce
2017/08/28 14:08 upstream cc4a41fe5541 0b652d72 .config console log report ci-upstream-kasan-gce
2017/08/28 14:04 upstream cc4a41fe5541 0b652d72 .config console log report ci-upstream-kasan-gce
2017/08/23 13:31 upstream 98b9f8a45499 f238fbd4 .config console log report ci-upstream-kasan-gce
* Struck through repros no longer work on HEAD.