syzbot

 sign-in | mailing list | source | docs
🐞 Open [948] 🐞 Fixed [4019] 🐞 Invalid [8930] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

WARNING: locking bug in inet_dgram_connect (2)

Status: upstream: reported syz repro on 2020/04/27 09:08
Reported-by: syzbot+02446910ced9f8b60c06@syzkaller.appspotmail.com
First crash: 888d, last: 325d

Cause bisection: the cause commit could be any of (bisect log):
  9211bfbff80a netfilter: add missing IS_ENABLED(CONFIG_BRIDGE_NETFILTER) checks to header-file.
  47e640af2e49 netfilter: add missing IS_ENABLED(CONFIG_NF_TABLES) check to header-file.
  a1b2f04ea527 netfilter: add missing includes to a number of header-files.
  0abc8bf4f284 netfilter: add missing IS_ENABLED(CONFIG_NF_CONNTRACK) checks to some header-files.
  bd96b4c75675 netfilter: inline four headers files into another one.
  43dd16efc7f2 netfilter: nf_tables: store data in offload context registers
  78458e3e08cd netfilter: add missing IS_ENABLED(CONFIG_NETFILTER) checks to some header-files.
  20a9379d9a03 netfilter: remove "#ifdef __KERNEL__" guards from some headers.
  bd8699e9e292 netfilter: nft_bitwise: add offload support
  2a475c409fe8 kbuild: remove all netfilter headers from header-test blacklist.
  7e59b3fea2a2 netfilter: remove unnecessary spaces
  1b90af292e71 ipvs: Improve robustness to the ipvs sysctl
  5785cf15fd74 netfilter: nf_tables: add missing prototypes.
  0a30ba509fde netfilter: nf_nat_proto: make tables static
  e84fb4b3666d netfilter: conntrack: use shared sysctl constants
  105333435b4f netfilter: connlabels: prefer static lock initialiser
  8c0bb7873815 netfilter: synproxy: rename mss synproxy_options field
  c162610c7db2 Merge git://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next
Fix bisection: failed (bisect log)
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING: locking bug in inet_dgram_connect 1 1066d 1062d 0/24 auto-closed as invalid on 2020/01/26 13:01

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 18350 at kernel/locking/lockdep.c:898 look_up_lock_class+0x110/0x120 kernel/locking/lockdep.c:888
Modules linked in:
CPU: 1 PID: 18350 Comm: syz-executor.0 Not tainted 5.15.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:look_up_lock_class+0x110/0x120 kernel/locking/lockdep.c:897
Code: 31 db 85 c0 74 af 83 3d d5 89 e1 03 00 75 a6 31 db 48 c7 c7 c0 ec 4e 8a 48 c7 c6 00 ed 4e 8a 31 c0 e8 94 1e 53 f7 0f 0b eb 8b <0f> 0b eb 87 e8 c7 fa ff ff 0f 1f 80 00 00 00 00 55 53 bd 01 00 00
RSP: 0018:ffffc9000485f8f8 EFLAGS: 00010006
RAX: ffffffff8f827ae0 RBX: ffffffff8f6ad5a0 RCX: 0000000000000527
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88801a4270a0
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: ffffed10173a64a2 R11: 0000000000000000 R12: ffff88801a4270a0
R13: ffffc9000485f9c0 R14: 1ffff9200090bf30 R15: dffffc0000000000
FS:  00007eff4b471700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000004 CR3: 0000000014ffb000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 register_lock_class+0x110/0x1390 kernel/locking/lockdep.c:1246
 __lock_acquire+0x149/0x2b00 kernel/locking/lockdep.c:4894
 lock_acquire+0x19f/0x4d0 kernel/locking/lockdep.c:5625
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline]
 _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:178
 spin_lock_bh include/linux/spinlock.h:368 [inline]
 lock_sock_nested+0x6e/0x100 net/core/sock.c:3206
 lock_sock include/net/sock.h:1615 [inline]
 inet_autobind net/ipv4/af_inet.c:180 [inline]
 inet_dgram_connect+0x13b/0x370 net/ipv4/af_inet.c:578
 __sys_connect_file net/socket.c:1896 [inline]
 __sys_connect+0x38a/0x410 net/socket.c:1913
 __do_sys_connect net/socket.c:1923 [inline]
 __se_sys_connect net/socket.c:1920 [inline]
 __x64_sys_connect+0x76/0x80 net/socket.c:1920
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7eff4bd1ca39
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007eff4b471188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 00007eff4be30020 RCX: 00007eff4bd1ca39
RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000005
RBP: 00007eff4bd76e8f R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fffc30e3daf R14: 00007eff4b471300 R15: 0000000000022000

Crashes (8):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-smack-root 2021/10/29 17:55 upstream 411a44c24a56 2353a3ec .config log report syz WARNING: locking bug in inet_dgram_connect
ci-upstream-kasan-gce-smack-root 2021/05/09 21:54 upstream b741596468b0 bc5434be .config log report syz WARNING: locking bug in inet_dgram_connect
ci-upstream-kasan-gce-smack-root 2021/02/14 02:30 upstream ac30d8ce28d6 98682e5e .config log report syz WARNING: locking bug in inet_dgram_connect
ci-upstream-kasan-gce-smack-root 2020/04/23 09:03 upstream c578ddb39e56 2e44d63e .config log report syz
ci-upstream-kasan-gce-smack-root 2021/11/07 05:36 upstream 512b7931ad05 4c1be0be .config log report info WARNING: locking bug in inet_dgram_connect
ci-upstream-kasan-gce-smack-root 2021/11/05 04:35 upstream 7ddb58cb0eca 4c1be0be .config log report info WARNING: locking bug in inet_dgram_connect
ci-upstream-kasan-gce-smack-root 2020/10/03 23:44 upstream 22fbc037cd32 1a3f9408 .config log report info
ci-upstream-kasan-gce-smack-root 2020/05/08 10:29 upstream 6e7f2eacf098 6c70a1c2 .config log report
* Struck through repros no longer work on HEAD.