WARNING in pfkey_sock_destruct
9 views
Skip to first unread message
syzbot
Apr 14, 2019, 4:51:41 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 5541782c Merge 4.4.150 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=11dae961400000
kernel config: https://syzkaller.appspot.com/x/.config?x=84bf0e72c8eb0c7d
dashboard link: https://syzkaller.appspot.com/bug?extid=44c887b9422bcbb67c36
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+44c887...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 7446 at net/key/af_key.c:111
pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111()
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7446 Comm: syz-executor1 Not tainted 4.4.150-g5541782 #83
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
0000000000000000 a849bf03ea8d2f7b ffff8800a3b7fbc8 ffffffff81e14e2d
ffffffff83a44e40 ffff8801bdafe000 ffffffff83f40480 0000000000000009
000000000000006f ffff8800a3b7fc88 ffffffff8140d3c4 0000000041b58ab3
Call Trace:
[<ffffffff81e14e2d>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81e14e2d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
[<ffffffff8140d3c4>] panic+0x19e/0x38d kernel/panic.c:112
[<ffffffff8140d5e8>] warn_slowpath_common.cold.6+0x20/0x20
kernel/panic.c:455
[<ffffffff81133069>] warn_slowpath_null+0x29/0x30 kernel/panic.c:492
[<ffffffff8359dbf7>] pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111
[<ffffffff82f36e3c>] sk_destruct+0x4c/0x4c0 net/core/sock.c:1447
[<ffffffff82f372ff>] __sk_free+0x4f/0x220 net/core/sock.c:1480
[<ffffffff82f37500>] sk_free+0x30/0x40 net/core/sock.c:1491
[<ffffffff835882c3>] sock_put include/net/sock.h:1639 [inline]
[<ffffffff835882c3>] pfkey_release+0x263/0x2f0 net/key/af_key.c:194
[<ffffffff82f21c86>] sock_release+0x96/0x1c0 net/socket.c:587
[<ffffffff82f21dc6>] sock_close+0x16/0x20 net/socket.c:1038
[<ffffffff815277d5>] __fput+0x235/0x6f0 fs/file_table.c:208
[<ffffffff81527d15>] ____fput+0x15/0x20 fs/file_table.c:244
[<ffffffff8118ed2f>] task_work_run+0x10f/0x190 kernel/task_work.c:115
[<ffffffff8100362d>] tracehook_notify_resume include/linux/tracehook.h:191
[inline]
[<ffffffff8100362d>] exit_to_usermode_loop+0x13d/0x160
arch/x86/entry/common.c:253
[<ffffffff81006535>] prepare_exit_to_usermode arch/x86/entry/common.c:284
[inline]
[<ffffffff81006535>] syscall_return_slowpath+0x1b5/0x1f0
arch/x86/entry/common.c:349
[<ffffffff838cb235>] int_ret_from_sys_call+0x25/0xa3
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 5541782c Merge 4.4.150 into android-4.4
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=11dae961400000
kernel config: https://syzkaller.appspot.com/x/.config?x=84bf0e72c8eb0c7d
dashboard link: https://syzkaller.appspot.com/bug?extid=44c887b9422bcbb67c36
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+44c887...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 7446 at net/key/af_key.c:111
pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111()
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 7446 Comm: syz-executor1 Not tainted 4.4.150-g5541782 #83
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
0000000000000000 a849bf03ea8d2f7b ffff8800a3b7fbc8 ffffffff81e14e2d
ffffffff83a44e40 ffff8801bdafe000 ffffffff83f40480 0000000000000009
000000000000006f ffff8800a3b7fc88 ffffffff8140d3c4 0000000041b58ab3
Call Trace:
[<ffffffff81e14e2d>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81e14e2d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
[<ffffffff8140d3c4>] panic+0x19e/0x38d kernel/panic.c:112
[<ffffffff8140d5e8>] warn_slowpath_common.cold.6+0x20/0x20
kernel/panic.c:455
[<ffffffff81133069>] warn_slowpath_null+0x29/0x30 kernel/panic.c:492
[<ffffffff8359dbf7>] pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111
[<ffffffff82f36e3c>] sk_destruct+0x4c/0x4c0 net/core/sock.c:1447
[<ffffffff82f372ff>] __sk_free+0x4f/0x220 net/core/sock.c:1480
[<ffffffff82f37500>] sk_free+0x30/0x40 net/core/sock.c:1491
[<ffffffff835882c3>] sock_put include/net/sock.h:1639 [inline]
[<ffffffff835882c3>] pfkey_release+0x263/0x2f0 net/key/af_key.c:194
[<ffffffff82f21c86>] sock_release+0x96/0x1c0 net/socket.c:587
[<ffffffff82f21dc6>] sock_close+0x16/0x20 net/socket.c:1038
[<ffffffff815277d5>] __fput+0x235/0x6f0 fs/file_table.c:208
[<ffffffff81527d15>] ____fput+0x15/0x20 fs/file_table.c:244
[<ffffffff8118ed2f>] task_work_run+0x10f/0x190 kernel/task_work.c:115
[<ffffffff8100362d>] tracehook_notify_resume include/linux/tracehook.h:191
[inline]
[<ffffffff8100362d>] exit_to_usermode_loop+0x13d/0x160
arch/x86/entry/common.c:253
[<ffffffff81006535>] prepare_exit_to_usermode arch/x86/entry/common.c:284
[inline]
[<ffffffff81006535>] syscall_return_slowpath+0x1b5/0x1f0
arch/x86/entry/common.c:349
[<ffffffff838cb235>] int_ret_from_sys_call+0x25/0xa3
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 14, 2019, 4:52:10 AM4/14/19
to syzkaller-a...@googlegroups.com
syzbot
Apr 14, 2019, 5:30:15 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 0137ea21 ANDROID: arm64: Fix 4.9.114 merge
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=1301f064400000
kernel config: https://syzkaller.appspot.com/x/.config?x=4d2fe9f14f9ce685
dashboard link: https://syzkaller.appspot.com/bug?extid=af38f8966d90776bd0a8
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+af38f8...@syzkaller.appspotmail.com
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
keychord: using input dev Power Button for fevent
keychord: using input dev AT Translated Set 2 keyboard for fevent
IPVS: Creating netns size=2536 id=31
keychord: using input dev Power Button for fevent
keychord: using input dev AT Translated Set 2 keyboard for fevent
WARNING: CPU: 0 PID: 11361 at net/key/af_key.c:111
pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 11361 Comm: syz-executor4 Not tainted 4.9.116-g0137ea2 #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
ffff8801b2a27b88 ffffffff81eb46a9 ffffffff83c48980 00000000ffffffff
Google 01/01/2011
0000000000000000 0000000000000000 000000000000006f ffff8801b2a27c48
ffffffff81421a75 0000000041b58ab3 ffffffff843bbff8 ffffffff814218b6
Call Trace:
[<ffffffff81eb46a9>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81eb46a9>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81421a75>] panic+0x1bf/0x3bc kernel/panic.c:179
[<ffffffff81421d61>] __warn.cold.9+0xc1/0x17f kernel/panic.c:542
[<ffffffff8113683c>] warn_slowpath_null+0x2c/0x40 kernel/panic.c:585
[<ffffffff836b5067>] pfkey_sock_destruct+0x307/0x350 net/key/af_key.c:111
[<ffffffff83022095>] __sk_destruct+0x55/0x590 net/core/sock.c:1428
[<ffffffff83029b23>] sk_destruct+0x63/0x80 net/core/sock.c:1463
[<ffffffff83029b8f>] __sk_free+0x4f/0x220 net/core/sock.c:1471
[<ffffffff83029d8b>] sk_free+0x2b/0x40 net/core/sock.c:1482
[<ffffffff836a03ae>] sock_put include/net/sock.h:1588 [inline]
[<ffffffff836a03ae>] pfkey_release+0x25e/0x2f0 net/key/af_key.c:194
[<ffffffff83014ab6>] sock_release+0x96/0x1c0 net/socket.c:599
[<ffffffff83014bf6>] sock_close+0x16/0x20 net/socket.c:1046
[<ffffffff81578453>] __fput+0x263/0x700 fs/file_table.c:208
[<ffffffff81578975>] ____fput+0x15/0x20 fs/file_table.c:244
[<ffffffff8119838c>] task_work_run+0x10c/0x180 kernel/task_work.c:116
[<ffffffff8100559c>] tracehook_notify_resume include/linux/tracehook.h:191
[inline]
[<ffffffff8100559c>] exit_to_usermode_loop+0xfc/0x120
arch/x86/entry/common.c:161
[<ffffffff810064d4>] prepare_exit_to_usermode arch/x86/entry/common.c:191
[inline]
[<ffffffff810064d4>] syscall_return_slowpath arch/x86/entry/common.c:260
[inline]
[<ffffffff810064d4>] do_syscall_64+0x364/0x490 arch/x86/entry/common.c:287
[<ffffffff839fbc13>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
syzbot
Jun 26, 2019, 1:10:04 AM6/26/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
syzbot
Oct 25, 2019, 4:52:06 AM10/25/19
to syzkaller-a...@googlegroups.com
Reply all
Reply to author
Forward
0 new messages