syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: cgroupfs: pids controller attempted to remove pending charge for Task ADDR, but task didn't have pending charges, (2)

Status: fixed on 2022/12/01 12:27
Fix commit: 62ddad611979 cgroupfs: Fix several races with task migration.
First crash: 757d, last: 757d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: cgroupfs: pids controller attempted to remove pending charge for Task ADDR, but task didn't have pending charges, 1 789d 788d 0/26 closed as invalid on 2022/10/20 22:26

Sample crash report:
panic: cgroupfs: pids controller attempted to remove pending charge for Task 0xc00670f500, but task didn't have pending charges, path: "/"

goroutine 1193697 [running]:
panic({0x1054c00, 0xc006c01db0})
	GOROOT/src/runtime/panic.go:941 +0x397 fp=0xc00431edf8 sp=0xc00431ed38 pc=0x4358b7
gvisor.dev/gvisor/pkg/sentry/fsimpl/cgroupfs.(*pidsController).Charge(0xc0079f8180, 0xc00670f500, 0x124ad6a?, 0x4?, 0xffffffffffffffff)
	pkg/sentry/fsimpl/cgroupfs/pids.go:212 +0x5e5 fp=0xc00431eef8 sp=0xc00431edf8 pc=0xda79a5
gvisor.dev/gvisor/pkg/sentry/fsimpl/cgroupfs.(*cgroupInode).Charge(0xc00528b800, 0x0?, 0x0?, {0x124ad6a, 0x4}, 0xc000e00c60?, 0xc0027a7a00?)
	pkg/sentry/fsimpl/cgroupfs/base.go:322 +0x10d fp=0xc00431ef80 sp=0xc00431eef8 pc=0xd9ba0d
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).chargeLocked(0xc00431f0d0?, 0x0?, {0x124ad6a, 0x4}, 0x0?, 0xc00670f500?)
	pkg/sentry/kernel/task_cgroup.go:236 +0xd9 fp=0xc00431f060 sp=0xc00431ef80 pc=0x9de6b9
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).ChargeForOnHierarchy(0xc007c0c000, 0xd7?, 0x38, {0x124ad6a, 0x4}, 0xc00431f1a0?, 0x0?)
	pkg/sentry/kernel/task_cgroup.go:257 +0x19a fp=0xc00431f148 sp=0xc00431f060 pc=0x9deafa
gvisor.dev/gvisor/pkg/sentry/kernel.(*TaskSet).newTask.func1()
	pkg/sentry/kernel/task_start.go:203 +0x48 fp=0xc00431f1a0 sp=0xc00431f148 pc=0x9fd768
gvisor.dev/gvisor/pkg/cleanup.clean({0xc0079084a0, 0xa0500f?, 0xc0004e8070?})
	pkg/cleanup/cleanup.go:59 +0x42 fp=0xc00431f1b8 sp=0xc00431f1a0 pc=0x8dc202
gvisor.dev/gvisor/pkg/cleanup.(*Cleanup).Clean(0xc00431f490)
	pkg/cleanup/cleanup.go:44 +0x36 fp=0xc00431f1e0 sp=0xc00431f1b8 pc=0x8dc036
gvisor.dev/gvisor/pkg/sentry/kernel.(*TaskSet).newTask.func2()
	pkg/sentry/kernel/task_start.go:180 +0x26 fp=0xc00431f1f8 sp=0xc00431f1e0 pc=0x9fd806
runtime.deferreturn()
	GOROOT/src/runtime/panic.go:436 +0x33 fp=0xc00431f238 sp=0xc00431f1f8 pc=0x4349d3
gvisor.dev/gvisor/pkg/sentry/kernel.(*TaskSet).newTask(0xc0004e8070, {0x14ab0d0?, 0xc007c0c000?}, 0xc00431f7d8)
	pkg/sentry/kernel/task_start.go:221 +0x95b fp=0xc00431f4b8 sp=0xc00431f238 pc=0x9fcf7b
gvisor.dev/gvisor/pkg/sentry/kernel.(*TaskSet).NewTask(0xc007c0c000?, {0x14ab0d0, 0xc007c0c000}, 0xc00431f7d8)
	pkg/sentry/kernel/task_start.go:127 +0xb5 fp=0xc00431f530 sp=0xc00431f4b8 pc=0x9fc435
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Clone(0xc007c0c000, 0xc00431f8b0)
	pkg/sentry/kernel/task_clone.go:224 +0x124f fp=0xc00431f8a0 sp=0xc00431f530 pc=0x9dff4f
gvisor.dev/gvisor/pkg/sentry/syscalls/linux.clone(0x63306?, 0x1?, 0xc00431f960?, 0x0?, 0x0?, 0x0?)
	pkg/sentry/syscalls/linux/sys_thread.go:208 +0x8d fp=0xc00431f918 sp=0xc00431f8a0 pc=0xaa85ad
gvisor.dev/gvisor/pkg/sentry/syscalls/linux.Clone(0x0?, {{0x3d0f00}, {0x7fe48bd7b2f0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b700}, {0x7fe48bd7b700}})
	pkg/sentry/syscalls/linux/sys_clone_amd64.go:36 +0x6e fp=0xc00431f958 sp=0xc00431f918 pc=0xa6f1ee
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc007c0c000, 0x38, {{0x3d0f00}, {0x7fe48bd7b2f0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b700}, {0x7fe48bd7b700}})
	pkg/sentry/kernel/task_syscall.go:142 +0x80b fp=0xc00431fc98 sp=0xc00431f958 pc=0x9ffb8b
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc007c0c000, 0x85?, {{0x3d0f00}, {0x7fe48bd7b2f0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b700}, {0x7fe48bd7b700}})
	pkg/sentry/kernel/task_syscall.go:322 +0x54 fp=0xc00431fcf8 sp=0xc00431fc98 pc=0xa01174
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0x89196f?, 0x1?, {{0x3d0f00}, {0x7fe48bd7b2f0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b9d0}, {0x7fe48bd7b700}, {0x7fe48bd7b700}})
	pkg/sentry/kernel/task_syscall.go:282 +0x85 fp=0xc00431fd58 sp=0xc00431fcf8 pc=0xa00d65
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc004a77860?)
	pkg/sentry/kernel/task_syscall.go:257 +0x3ac fp=0xc00431fe50 sp=0xc00431fd58 pc=0xa00a2c
gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0xc007c0c000?, 0xc007c0c000)
	pkg/sentry/kernel/task_run.go:253 +0x1125 fp=0xc00431ff60 sp=0xc00431fe50 pc=0x9f2925
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc007c0c000, 0xbca4)
	pkg/sentry/kernel/task_run.go:94 +0x1ec fp=0xc00431ffc0 sp=0xc00431ff60 pc=0x9f116c
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start.func1()
	pkg/sentry/kernel/task_start.go:380 +0x2a fp=0xc00431ffe0 sp=0xc00431ffc0 pc=0x9fe02a
runtime.goexit()
	src/runtime/asm_amd64.s:1571 +0x1 fp=0xc00431ffe8 sp=0xc00431ffe0 pc=0x4695c1
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start
	pkg/sentry/kernel/task_start.go:380 +0x105

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/10/31 07:27 gvisor 6b3b5493d0ea 2a71366b .config console log report info ci-gvisor-ptrace-3-cover panic: cgroupfs: pids controller attempted to remove pending charge for Task ADDR, but task didn't have pending charges,
* Struck through repros no longer work on HEAD.