INFO: task hung in team_vlan_rx_add_vid
4 views
Skip to first unread message
syzbot
Aug 10, 2018, 1:59:03 PM8/10/18
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 981467033a37 tc-testing: remove duplicate spaces in skbedi..
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=16bccee8400000
kernel config: https://syzkaller.appspot.com/x/.config?x=bfbfdcdce794e943
dashboard link: https://syzkaller.appspot.com/bug?extid=d82b230706e7c4ce2f3b
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
CC: [da...@davemloft.net ji...@resnulli.us
linux-...@vger.kernel.org net...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d82b23...@syzkaller.appspotmail.com
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor4'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor4'.
INFO: task syz-executor2:1320 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D19944 1320 4365 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
team_vlan_rx_add_vid+0x3b/0x1e0 drivers/net/team/team.c:1864
vlan_add_rx_filter_info+0x14a/0x1d0 net/8021q/vlan_core.c:210
__vlan_vid_add net/8021q/vlan_core.c:278 [inline]
vlan_vid_add+0x63e/0x9d0 net/8021q/vlan_core.c:308
vlan_device_event.cold.12+0x2a/0x2f net/8021q/vlan.c:381
notifier_call_chain+0x180/0x390 kernel/notifier.c:93
__raw_notifier_call_chain kernel/notifier.c:394 [inline]
raw_notifier_call_chain+0x2d/0x40 kernel/notifier.c:401
call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1734
call_netdevice_notifiers net/core/dev.c:1752 [inline]
dev_open+0x173/0x1b0 net/core/dev.c:1432
team_port_add drivers/net/team/team.c:1214 [inline]
team_add_slave+0xa8b/0x1c30 drivers/net/team/team.c:1944
do_set_master+0x1c9/0x220 net/core/rtnetlink.c:2294
do_setlink+0xba4/0x3de0 net/core/rtnetlink.c:2428
rtnl_setlink+0x2a2/0x3f0 net/core/rtnetlink.c:2682
rtnetlink_rcv_msg+0x46e/0xc30 net/core/rtnetlink.c:4711
netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:640 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:650
___sys_sendmsg+0x7fd/0x930 net/socket.c:2133
__sys_sendmsg+0x11d/0x290 net/socket.c:2171
__do_sys_sendmsg net/socket.c:2180 [inline]
__se_sys_sendmsg net/socket.c:2178 [inline]
__x64_sys_sendmsg+0x78/0xb0 net/socket.c:2178
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fdfcf4acc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fdfcf4ad6d4 RCX: 0000000000456cb9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000014
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d37c8 R14: 00000000004c84b3 R15: 0000000000000000
INFO: task syz-executor2:1398 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D25528 1398 4365 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock net/core/rtnetlink.c:77 [inline]
rtnetlink_rcv_msg+0x412/0xc30 net/core/rtnetlink.c:4708
netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:640 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:650
___sys_sendmsg+0x7fd/0x930 net/socket.c:2133
__sys_sendmsg+0x11d/0x290 net/socket.c:2171
__do_sys_sendmsg net/socket.c:2180 [inline]
__se_sys_sendmsg net/socket.c:2178 [inline]
__x64_sys_sendmsg+0x78/0xb0 net/socket.c:2178
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fdfcf46ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fdfcf46b6d4 RCX: 0000000000456cb9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d37c8 R14: 00000000004c84b3 R15: 0000000000000002
INFO: task syz-executor6:1319 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25000 1319 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f98271cec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f98271cf6d4 RCX: 0000000000456cb9
RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000016
RBP: 00000000009300a0 R08: 0000000000000108 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d41b8 R14: 00000000004bfe40 R15: 0000000000000000
INFO: task syz-executor6:1324 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25104 1324 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f98271adc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f98271ae6d4 RCX: 0000000000456cb9
RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000016
RBP: 0000000000930140 R08: 0000000000000108 R09: 0000000000000000
R10: 0000000020000440 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d41b8 R14: 00000000004bfe40 R15: 0000000000000001
INFO: task syz-executor6:1330 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25000 1330 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f982718cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f982718d6d4 RCX: 0000000000456cb9
RDX: 000000000000002a RSI: 0000000000000029 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000088 R09: 0000000000000000
R10: 0000000020fca000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d40b0 R14: 00000000004bfd80 R15: 0000000000000002
INFO: task syz-executor5:1334 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D25408 1334 4359 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f830fbe9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f830fbea6d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000013
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000000
INFO: task syz-executor5:1342 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D24544 1342 4359 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f830fbc8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f830fbc96d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000015
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: task syz-executor7:1374 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor7 D20272 1374 4360 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fba5ff88c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fba5ff896d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: task syz-executor7:1404 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor7 D20272 1404 4360 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fba5ff67c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fba5ff686d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000002
INFO: task syz-executor3:1390 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor3 D18336 1390 27308 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fe796ca2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fe796ca36d4 RCX: 0000000000456cb9
RDX: 0000000020000080 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 PID: 773 Comm: khungtaskd Not tainted 4.18.0-rc8+ #173
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
nmi_cpu_backtrace.cold.5+0x19/0xce lib/nmi_backtrace.c:103
nmi_trigger_cpumask_backtrace+0x151/0x192 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:138 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x9c4/0xf80 kernel/hung_task.c:252
kthread+0x345/0x410 kernel/kthread.c:246
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10
arch/x86/include/asm/irqflags.h:54
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot found the following crash on:
HEAD commit: 981467033a37 tc-testing: remove duplicate spaces in skbedi..
git tree: net-next
console output: https://syzkaller.appspot.com/x/log.txt?x=16bccee8400000
kernel config: https://syzkaller.appspot.com/x/.config?x=bfbfdcdce794e943
dashboard link: https://syzkaller.appspot.com/bug?extid=d82b230706e7c4ce2f3b
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
CC: [da...@davemloft.net ji...@resnulli.us
linux-...@vger.kernel.org net...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d82b23...@syzkaller.appspotmail.com
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor4'.
netlink: 4 bytes leftover after parsing attributes in process
`syz-executor4'.
INFO: task syz-executor2:1320 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D19944 1320 4365 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
team_vlan_rx_add_vid+0x3b/0x1e0 drivers/net/team/team.c:1864
vlan_add_rx_filter_info+0x14a/0x1d0 net/8021q/vlan_core.c:210
__vlan_vid_add net/8021q/vlan_core.c:278 [inline]
vlan_vid_add+0x63e/0x9d0 net/8021q/vlan_core.c:308
vlan_device_event.cold.12+0x2a/0x2f net/8021q/vlan.c:381
notifier_call_chain+0x180/0x390 kernel/notifier.c:93
__raw_notifier_call_chain kernel/notifier.c:394 [inline]
raw_notifier_call_chain+0x2d/0x40 kernel/notifier.c:401
call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1734
call_netdevice_notifiers net/core/dev.c:1752 [inline]
dev_open+0x173/0x1b0 net/core/dev.c:1432
team_port_add drivers/net/team/team.c:1214 [inline]
team_add_slave+0xa8b/0x1c30 drivers/net/team/team.c:1944
do_set_master+0x1c9/0x220 net/core/rtnetlink.c:2294
do_setlink+0xba4/0x3de0 net/core/rtnetlink.c:2428
rtnl_setlink+0x2a2/0x3f0 net/core/rtnetlink.c:2682
rtnetlink_rcv_msg+0x46e/0xc30 net/core/rtnetlink.c:4711
netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:640 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:650
___sys_sendmsg+0x7fd/0x930 net/socket.c:2133
__sys_sendmsg+0x11d/0x290 net/socket.c:2171
__do_sys_sendmsg net/socket.c:2180 [inline]
__se_sys_sendmsg net/socket.c:2178 [inline]
__x64_sys_sendmsg+0x78/0xb0 net/socket.c:2178
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fdfcf4acc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fdfcf4ad6d4 RCX: 0000000000456cb9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000014
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d37c8 R14: 00000000004c84b3 R15: 0000000000000000
INFO: task syz-executor2:1398 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D25528 1398 4365 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock net/core/rtnetlink.c:77 [inline]
rtnetlink_rcv_msg+0x412/0xc30 net/core/rtnetlink.c:4708
netlink_rcv_skb+0x172/0x440 net/netlink/af_netlink.c:2454
rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4729
netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
netlink_unicast+0x5a0/0x760 net/netlink/af_netlink.c:1343
netlink_sendmsg+0xa18/0xfc0 net/netlink/af_netlink.c:1908
sock_sendmsg_nosec net/socket.c:640 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:650
___sys_sendmsg+0x7fd/0x930 net/socket.c:2133
__sys_sendmsg+0x11d/0x290 net/socket.c:2171
__do_sys_sendmsg net/socket.c:2180 [inline]
__se_sys_sendmsg net/socket.c:2178 [inline]
__x64_sys_sendmsg+0x78/0xb0 net/socket.c:2178
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fdfcf46ac78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007fdfcf46b6d4 RCX: 0000000000456cb9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d37c8 R14: 00000000004c84b3 R15: 0000000000000002
INFO: task syz-executor6:1319 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25000 1319 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f98271cec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f98271cf6d4 RCX: 0000000000456cb9
RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000016
RBP: 00000000009300a0 R08: 0000000000000108 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d41b8 R14: 00000000004bfe40 R15: 0000000000000000
INFO: task syz-executor6:1324 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25104 1324 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f98271adc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f98271ae6d4 RCX: 0000000000456cb9
RDX: 000000000000002b RSI: 0000000000000029 RDI: 0000000000000016
RBP: 0000000000930140 R08: 0000000000000108 R09: 0000000000000000
R10: 0000000020000440 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d41b8 R14: 00000000004bfe40 R15: 0000000000000001
INFO: task syz-executor6:1330 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor6 D25000 1330 4364 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
do_ipv6_setsockopt.isra.9+0x560/0x4610 net/ipv6/ipv6_sockglue.c:166
ipv6_setsockopt+0xbd/0x170 net/ipv6/ipv6_sockglue.c:933
udpv6_setsockopt+0x62/0xa0 net/ipv6/udp.c:1469
sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:3038
__sys_setsockopt+0x1c5/0x3b0 net/socket.c:1919
__do_sys_setsockopt net/socket.c:1930 [inline]
__se_sys_setsockopt net/socket.c:1927 [inline]
__x64_sys_setsockopt+0xbe/0x150 net/socket.c:1927
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f982718cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f982718d6d4 RCX: 0000000000456cb9
RDX: 000000000000002a RSI: 0000000000000029 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000088 R09: 0000000000000000
R10: 0000000020fca000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004d40b0 R14: 00000000004bfd80 R15: 0000000000000002
INFO: task syz-executor5:1334 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D25408 1334 4359 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f830fbe9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f830fbea6d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000013
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000000
INFO: task syz-executor5:1342 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D24544 1342 4359 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007f830fbc8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f830fbc96d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000015
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: task syz-executor7:1374 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor7 D20272 1374 4360 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fba5ff88c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fba5ff896d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: task syz-executor7:1404 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor7 D20272 1404 4360 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fba5ff67c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fba5ff686d4 RCX: 0000000000456cb9
RDX: 0000000020000280 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 00000000009301e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000002
INFO: task syz-executor3:1390 blocked for more than 140 seconds.
Not tainted 4.18.0-rc8+ #173
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor3 D18336 1390 27308 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2853 [inline]
__schedule+0x87c/0x1ec0 kernel/sched/core.c:3501
schedule+0xfb/0x450 kernel/sched/core.c:3545
schedule_preempt_disabled+0x10/0x20 kernel/sched/core.c:3603
__mutex_lock_common kernel/locking/mutex.c:834 [inline]
__mutex_lock+0xede/0x1820 kernel/locking/mutex.c:894
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:909
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:77
sock_do_ioctl+0x2ba/0x3e0 net/socket.c:981
sock_ioctl+0x30d/0x680 net/socket.c:1092
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x1de/0x1720 fs/ioctl.c:684
ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
__do_sys_ioctl fs/ioctl.c:708 [inline]
__se_sys_ioctl fs/ioctl.c:706 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:706
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x456cb9
Code: 18 85 c0 75 12 48 8b 44 24 20 48 89 08 48 8b 6c 24 28 48 83 c4 30 c3
48 8b 44 24 20 48 89 04 24 48 89 4c 24 08 e8 e7 ac fb ff <eb> e1 e8 f0 31
00 00 e9 7b ff ff ff cc cc cc cc cc cc cc cc cc cc
RSP: 002b:00007fe796ca2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fe796ca36d4 RCX: 0000000000456cb9
RDX: 0000000020000080 RSI: 0000000000008912 RDI: 0000000000000014
RBP: 0000000000930140 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000004ccb98 R14: 00000000004c38f7 R15: 0000000000000001
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 PID: 773 Comm: khungtaskd Not tainted 4.18.0-rc8+ #173
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
nmi_cpu_backtrace.cold.5+0x19/0xce lib/nmi_backtrace.c:103
nmi_trigger_cpumask_backtrace+0x151/0x192 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:138 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x9c4/0xf80 kernel/hung_task.c:252
kthread+0x345/0x410 kernel/kthread.c:246
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:412
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0x6/0x10
arch/x86/include/asm/irqflags.h:54
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot
Feb 22, 2019, 5:29:38 AM2/22/19
to syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages