[v5.15] BUG: soft lockup in garp_join_timer
1 view
Skip to first unread message
syzbot
Sep 16, 2023, 10:40:55 AM9/16/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: aff03380bda4 Linux 5.15.131
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=119f8f02680000
kernel config: https://syzkaller.appspot.com/x/.config?x=deb2c375928f6168
dashboard link: https://syzkaller.appspot.com/bug?extid=bd2e27cb6bb6eeebdee3
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a1b31fbb7be5/disk-aff03380.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/13a2ea527c11/vmlinux-aff03380.xz
kernel image: https://storage.googleapis.com/syzbot-assets/fc6620249c65/Image-aff03380.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bd2e27...@syzkaller.appspotmail.com
watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [kworker/u4:14:5103]
Modules linked in:
irq event stamp: 110193651
hardirqs last enabled at (110193650): [<ffff800011a3a728>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (110193650): [<ffff800011a3a728>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (110193651): [<ffff8000119630b8>] enter_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:227
softirqs last enabled at (98765510): [<ffff8000117bae5c>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (98765510): [<ffff8000117bae5c>] batadv_tt_global_purge net/batman-adv/translation-table.c:2299 [inline]
softirqs last enabled at (98765510): [<ffff8000117bae5c>] batadv_tt_purge+0x350/0x810 net/batman-adv/translation-table.c:3561
softirqs last disabled at (98765513): [<ffff8000081b56a0>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (98765513): [<ffff8000081b56a0>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (98765513): [<ffff8000081b56a0>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:637
CPU: 1 PID: 5103 Comm: kworker/u4:14 Not tainted 5.15.131-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
Workqueue: bat_events batadv_tt_purge
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
pc : _raw_spin_unlock_irqrestore+0xbc/0x158 kernel/locking/spinlock.c:194
lr : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
lr : _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
sp : ffff800008017940
x29: ffff800008017950 x28: 0000000100027a82 x27: 1ffff00001002f48
x26: 0000000000000000 x25: dfff800000000000 x24: dfff800000000000
x23: ffff0001b4818480 x22: ffff8000083b7098 x21: ffff0001b4818498
x20: ffff0001b4818480 x19: 0000000000000000 x18: 0000000000000101
x17: ff8080000ff59a20 x16: ffff8000082ea5b0 x15: ffff80000ff59a20
x14: 1ffff0000292006a x13: ffffffffffffffff x12: 0000000000000100
x11: ff8080000a9a72c4 x10: 0000000000000003 x9 : 0000000000000080
x8 : 00000000000000c0 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff800008045860
x2 : 0000000000000002 x1 : ffff800011abac40 x0 : ffff80019ffc7000
Call trace:
arch_local_irq_restore arch/arm64/include/asm/irqflags.h:122 [inline]
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
_raw_spin_unlock_irqrestore+0xbc/0x158 kernel/locking/spinlock.c:194
__mod_timer+0x960/0xd30 kernel/time/timer.c:1065
mod_timer+0x2c/0x3c kernel/time/timer.c:1108
garp_join_timer_arm net/802/garp.c:411 [inline]
garp_join_timer+0x124/0x13c net/802/garp.c:424
call_timer_fn+0x19c/0x8f0 kernel/time/timer.c:1421
expire_timers kernel/time/timer.c:1466 [inline]
__run_timers+0x554/0x718 kernel/time/timer.c:1737
run_timer_softirq+0x7c/0x114 kernel/time/timer.c:1750
__do_softirq+0x344/0xe20 kernel/softirq.c:558
do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
invoke_softirq kernel/softirq.c:439 [inline]
__irq_exit_rcu+0x28c/0x534 kernel/softirq.c:637
irq_exit+0x14/0x88 kernel/softirq.c:661
handle_domain_irq+0xf4/0x178 kernel/irq/irqdesc.c:710
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:758
call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
arch_local_irq_enable arch/arm64/include/asm/irqflags.h:35 [inline]
__local_bh_enable_ip+0x260/0x4d0 kernel/softirq.c:388
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:176 [inline]
_raw_spin_unlock_bh+0xf8/0x180 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:408 [inline]
batadv_tt_global_purge net/batman-adv/translation-table.c:2299 [inline]
batadv_tt_purge+0x350/0x810 net/batman-adv/translation-table.c:3561
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: aff03380bda4 Linux 5.15.131
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=119f8f02680000
kernel config: https://syzkaller.appspot.com/x/.config?x=deb2c375928f6168
dashboard link: https://syzkaller.appspot.com/bug?extid=bd2e27cb6bb6eeebdee3
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a1b31fbb7be5/disk-aff03380.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/13a2ea527c11/vmlinux-aff03380.xz
kernel image: https://storage.googleapis.com/syzbot-assets/fc6620249c65/Image-aff03380.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bd2e27...@syzkaller.appspotmail.com
watchdog: BUG: soft lockup - CPU#1 stuck for 23s! [kworker/u4:14:5103]
Modules linked in:
irq event stamp: 110193651
hardirqs last enabled at (110193650): [<ffff800011a3a728>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (110193650): [<ffff800011a3a728>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (110193651): [<ffff8000119630b8>] enter_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:227
softirqs last enabled at (98765510): [<ffff8000117bae5c>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (98765510): [<ffff8000117bae5c>] batadv_tt_global_purge net/batman-adv/translation-table.c:2299 [inline]
softirqs last enabled at (98765510): [<ffff8000117bae5c>] batadv_tt_purge+0x350/0x810 net/batman-adv/translation-table.c:3561
softirqs last disabled at (98765513): [<ffff8000081b56a0>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (98765513): [<ffff8000081b56a0>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (98765513): [<ffff8000081b56a0>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:637
CPU: 1 PID: 5103 Comm: kworker/u4:14 Not tainted 5.15.131-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023
Workqueue: bat_events batadv_tt_purge
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
pc : _raw_spin_unlock_irqrestore+0xbc/0x158 kernel/locking/spinlock.c:194
lr : __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
lr : _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
sp : ffff800008017940
x29: ffff800008017950 x28: 0000000100027a82 x27: 1ffff00001002f48
x26: 0000000000000000 x25: dfff800000000000 x24: dfff800000000000
x23: ffff0001b4818480 x22: ffff8000083b7098 x21: ffff0001b4818498
x20: ffff0001b4818480 x19: 0000000000000000 x18: 0000000000000101
x17: ff8080000ff59a20 x16: ffff8000082ea5b0 x15: ffff80000ff59a20
x14: 1ffff0000292006a x13: ffffffffffffffff x12: 0000000000000100
x11: ff8080000a9a72c4 x10: 0000000000000003 x9 : 0000000000000080
x8 : 00000000000000c0 x7 : 0000000000000000 x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000000 x3 : ffff800008045860
x2 : 0000000000000002 x1 : ffff800011abac40 x0 : ffff80019ffc7000
Call trace:
arch_local_irq_restore arch/arm64/include/asm/irqflags.h:122 [inline]
__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
_raw_spin_unlock_irqrestore+0xbc/0x158 kernel/locking/spinlock.c:194
__mod_timer+0x960/0xd30 kernel/time/timer.c:1065
mod_timer+0x2c/0x3c kernel/time/timer.c:1108
garp_join_timer_arm net/802/garp.c:411 [inline]
garp_join_timer+0x124/0x13c net/802/garp.c:424
call_timer_fn+0x19c/0x8f0 kernel/time/timer.c:1421
expire_timers kernel/time/timer.c:1466 [inline]
__run_timers+0x554/0x718 kernel/time/timer.c:1737
run_timer_softirq+0x7c/0x114 kernel/time/timer.c:1750
__do_softirq+0x344/0xe20 kernel/softirq.c:558
do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
invoke_softirq kernel/softirq.c:439 [inline]
__irq_exit_rcu+0x28c/0x534 kernel/softirq.c:637
irq_exit+0x14/0x88 kernel/softirq.c:661
handle_domain_irq+0xf4/0x178 kernel/irq/irqdesc.c:710
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:758
call_on_irq_stack+0x24/0x4c arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
arch_local_irq_enable arch/arm64/include/asm/irqflags.h:35 [inline]
__local_bh_enable_ip+0x260/0x4d0 kernel/softirq.c:388
__raw_spin_unlock_bh include/linux/spinlock_api_smp.h:176 [inline]
_raw_spin_unlock_bh+0xf8/0x180 kernel/locking/spinlock.c:210
spin_unlock_bh include/linux/spinlock.h:408 [inline]
batadv_tt_global_purge net/batman-adv/translation-table.c:2299 [inline]
batadv_tt_purge+0x350/0x810 net/batman-adv/translation-table.c:3561
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Dec 25, 2023, 9:40:16 AM12/25/23
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages