WARNING: ODEBUG bug in __run_timers (2)
14 views
Skip to first unread message
syzbot
Jul 2, 2021, 12:37:25 PM7/2/21
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 62fb9874 Linux 5.13
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b05310300000
kernel config: https://syzkaller.appspot.com/x/.config?x=317f9d1d95b8a90
dashboard link: https://syzkaller.appspot.com/bug?extid=a25dc8056cd48a5c59a5
CC: [b...@alien8.de dw...@amazon.co.uk h...@zytor.com linux-...@vger.kernel.org mi...@redhat.com tg...@linutronix.de x...@kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a25dc8...@syzkaller.appspotmail.com
------------[ cut here ]------------
ODEBUG: deactivate not available (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x90 kernel/workqueue.c:1602
WARNING: CPU: 1 PID: 19491 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
CPU: 1 PID: 19491 Comm: syz-executor.5 Not tainted 5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 20 f8 c2 89 4c 89 ee 48 c7 c7 20 ec c2 89 e8 3d e7 01 05 <0f> 0b 83 05 75 23 f6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
RSP: 0018:ffffc90000dc0ce8 EFLAGS: 00010082
RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
RDX: ffff888033d00000 RSI: ffffffff815cdfb5 RDI: fffff520001b818f
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff815c7e1e R11: 0000000000000000 R12: ffffffff896d9920
R13: ffffffff89c2f040 R14: ffffffff8163bea0 R15: ffff888033462790
FS: 00007f89ccb75700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000014d1d4000 CR4: 00000000001526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
debug_object_deactivate lib/debugobjects.c:758 [inline]
debug_object_deactivate+0x1c0/0x300 lib/debugobjects.c:718
debug_timer_deactivate kernel/time/timer.c:732 [inline]
debug_deactivate kernel/time/timer.c:776 [inline]
detach_timer kernel/time/timer.c:823 [inline]
expire_timers kernel/time/timer.c:1465 [inline]
__run_timers.part.0+0x51a/0xa50 kernel/time/timer.c:1745
__run_timers kernel/time/timer.c:1726 [inline]
run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1758
__do_softirq+0x29b/0x9f6 kernel/softirq.c:559
invoke_softirq kernel/softirq.c:433 [inline]
__irq_exit_rcu+0x136/0x200 kernel/softirq.c:637
irq_exit_rcu+0x5/0x20 kernel/softirq.c:649
sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1100
</IRQ>
asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:647
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:27 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:163 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:197
Code: f0 4d 89 03 e9 f2 fc ff ff b9 ff ff ff ff ba 08 00 00 00 4d 8b 03 48 0f bd ca 49 8b 45 00 48 63 c9 e9 64 ff ff ff 0f 1f 40 00 <65> 8b 05 a9 15 8d 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
RSP: 0018:ffffc90017de7ae8 EFLAGS: 00000216
RAX: 000000000001ca1e RBX: 0000000000000000 RCX: ffffc90014e0c000
RDX: 0000000000040000 RSI: ffffffff815cad73 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff902288a7
R10: ffffffff815cad69 R11: 0000000000000000 R12: ffffffff84bbf9c0
R13: 0000000000000200 R14: dffffc0000000000 R15: ffffc90017de7b48
console_unlock+0x7c9/0xc40 kernel/printk/printk.c:2653
do_fb_ioctl+0x63b/0x690 drivers/video/fbdev/core/fbmem.c:1112
fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1185
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:1069 [inline]
__se_sys_ioctl fs/ioctl.c:1055 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:1055
do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4665d9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f89ccb75188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9
RDX: 0000000020000200 RSI: 0000000000004601 RDI: 0000000000000003
RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038
R13: 0000000000a9fb1f R14: 00007f89ccb75300 R15: 0000000000022000
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 62fb9874 Linux 5.13
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12b05310300000
kernel config: https://syzkaller.appspot.com/x/.config?x=317f9d1d95b8a90
dashboard link: https://syzkaller.appspot.com/bug?extid=a25dc8056cd48a5c59a5
CC: [b...@alien8.de dw...@amazon.co.uk h...@zytor.com linux-...@vger.kernel.org mi...@redhat.com tg...@linutronix.de x...@kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a25dc8...@syzkaller.appspotmail.com
------------[ cut here ]------------
ODEBUG: deactivate not available (active state 0) object type: timer_list hint: delayed_work_timer_fn+0x0/0x90 kernel/workqueue.c:1602
WARNING: CPU: 1 PID: 19491 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
CPU: 1 PID: 19491 Comm: syz-executor.5 Not tainted 5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 20 f8 c2 89 4c 89 ee 48 c7 c7 20 ec c2 89 e8 3d e7 01 05 <0f> 0b 83 05 75 23 f6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
RSP: 0018:ffffc90000dc0ce8 EFLAGS: 00010082
RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000000000
RDX: ffff888033d00000 RSI: ffffffff815cdfb5 RDI: fffff520001b818f
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff815c7e1e R11: 0000000000000000 R12: ffffffff896d9920
R13: ffffffff89c2f040 R14: ffffffff8163bea0 R15: ffff888033462790
FS: 00007f89ccb75700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000014d1d4000 CR4: 00000000001526e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
debug_object_deactivate lib/debugobjects.c:758 [inline]
debug_object_deactivate+0x1c0/0x300 lib/debugobjects.c:718
debug_timer_deactivate kernel/time/timer.c:732 [inline]
debug_deactivate kernel/time/timer.c:776 [inline]
detach_timer kernel/time/timer.c:823 [inline]
expire_timers kernel/time/timer.c:1465 [inline]
__run_timers.part.0+0x51a/0xa50 kernel/time/timer.c:1745
__run_timers kernel/time/timer.c:1726 [inline]
run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1758
__do_softirq+0x29b/0x9f6 kernel/softirq.c:559
invoke_softirq kernel/softirq.c:433 [inline]
__irq_exit_rcu+0x136/0x200 kernel/softirq.c:637
irq_exit_rcu+0x5/0x20 kernel/softirq.c:649
sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1100
</IRQ>
asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:647
RIP: 0010:preempt_count arch/x86/include/asm/preempt.h:27 [inline]
RIP: 0010:check_kcov_mode kernel/kcov.c:163 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:197
Code: f0 4d 89 03 e9 f2 fc ff ff b9 ff ff ff ff ba 08 00 00 00 4d 8b 03 48 0f bd ca 49 8b 45 00 48 63 c9 e9 64 ff ff ff 0f 1f 40 00 <65> 8b 05 a9 15 8d 7e 89 c1 48 8b 34 24 81 e1 00 01 00 00 65 48 8b
RSP: 0018:ffffc90017de7ae8 EFLAGS: 00000216
RAX: 000000000001ca1e RBX: 0000000000000000 RCX: ffffc90014e0c000
RDX: 0000000000040000 RSI: ffffffff815cad73 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: ffffffff902288a7
R10: ffffffff815cad69 R11: 0000000000000000 R12: ffffffff84bbf9c0
R13: 0000000000000200 R14: dffffc0000000000 R15: ffffc90017de7b48
console_unlock+0x7c9/0xc40 kernel/printk/printk.c:2653
do_fb_ioctl+0x63b/0x690 drivers/video/fbdev/core/fbmem.c:1112
fb_ioctl+0xe7/0x150 drivers/video/fbdev/core/fbmem.c:1185
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:1069 [inline]
__se_sys_ioctl fs/ioctl.c:1055 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:1055
do_syscall_64+0x3a/0xb0 arch/x86/entry/common.c:47
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4665d9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f89ccb75188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c038 RCX: 00000000004665d9
RDX: 0000000020000200 RSI: 0000000000004601 RDI: 0000000000000003
RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c038
R13: 0000000000a9fb1f R14: 00007f89ccb75300 R15: 0000000000022000
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Oct 25, 2021, 7:37:18 AM10/25/21
to syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages