WARNING in xfrm_state_fini
24 views
Skip to first unread message
syzbot
Apr 10, 2019, 8:00:16 PM4/10/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 47350a9f ANDROID: x86_64_cuttlefish_defconfig: Enable lz4 ..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=109a0151400000
kernel config: https://syzkaller.appspot.com/x/.config?x=10d236078f3378a3
dashboard link: https://syzkaller.appspot.com/bug?extid=57ddc5cc4954be1e328e
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13319d1e400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=105713a6400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+57ddc5...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 2920 at net/xfrm/xfrm_state.c:2337
xfrm_state_fini+0x1e4/0x250 net/xfrm/xfrm_state.c:2337
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 2920 Comm: kworker/u4:7 Not tainted 4.14.67+ #1
Workqueue: netns cleanup_net
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
panic+0x1bf/0x3a4 kernel/panic.c:181
__warn.cold.7+0x148/0x185 kernel/panic.c:542
report_bug+0x1f7/0x26c lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:177 [inline]
do_error_trap+0x1ba/0x2c0 arch/x86/kernel/traps.c:295
invalid_op+0x18/0x40 arch/x86/entry/entry_64.S:944
RIP: 0010:xfrm_state_fini+0x1e4/0x250 net/xfrm/xfrm_state.c:2337
RSP: 0018:ffff8801d338fbc0 EFLAGS: 00010297
RAX: ffff8801b6d21780 RBX: ffff8801d00d8000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff8801b6d22000 RDI: ffff8801b6d21fac
RBP: ffff8801d00d9200 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d338fce8
R13: ffffffff9adf6118 R14: dffffc0000000000 R15: fffffbfff35bec23
ops_exit_list.isra.3+0xa8/0x150 net/core/net_namespace.c:142
cleanup_net+0x3e9/0x880 net/core/net_namespace.c:483
process_one_work+0x86e/0x15c0 kernel/workqueue.c:2114
worker_thread+0xdc/0x1000 kernel/workqueue.c:2248
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: 0x17600000 from 0xffffffff81000000 (relocation range:
0xffffffff80000000-0xffffffffbfffffff)
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: 47350a9f ANDROID: x86_64_cuttlefish_defconfig: Enable lz4 ..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=109a0151400000
kernel config: https://syzkaller.appspot.com/x/.config?x=10d236078f3378a3
dashboard link: https://syzkaller.appspot.com/bug?extid=57ddc5cc4954be1e328e
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13319d1e400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=105713a6400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+57ddc5...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 1 PID: 2920 at net/xfrm/xfrm_state.c:2337
xfrm_state_fini+0x1e4/0x250 net/xfrm/xfrm_state.c:2337
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 2920 Comm: kworker/u4:7 Not tainted 4.14.67+ #1
Workqueue: netns cleanup_net
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
panic+0x1bf/0x3a4 kernel/panic.c:181
__warn.cold.7+0x148/0x185 kernel/panic.c:542
report_bug+0x1f7/0x26c lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:177 [inline]
do_error_trap+0x1ba/0x2c0 arch/x86/kernel/traps.c:295
invalid_op+0x18/0x40 arch/x86/entry/entry_64.S:944
RIP: 0010:xfrm_state_fini+0x1e4/0x250 net/xfrm/xfrm_state.c:2337
RSP: 0018:ffff8801d338fbc0 EFLAGS: 00010297
RAX: ffff8801b6d21780 RBX: ffff8801d00d8000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff8801b6d22000 RDI: ffff8801b6d21fac
RBP: ffff8801d00d9200 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801d338fce8
R13: ffffffff9adf6118 R14: dffffc0000000000 R15: fffffbfff35bec23
ops_exit_list.isra.3+0xa8/0x150 net/core/net_namespace.c:142
cleanup_net+0x3e9/0x880 net/core/net_namespace.c:483
process_one_work+0x86e/0x15c0 kernel/workqueue.c:2114
worker_thread+0xdc/0x1000 kernel/workqueue.c:2248
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Dumping ftrace buffer:
(ftrace buffer empty)
Kernel Offset: 0x17600000 from 0xffffffff81000000 (relocation range:
0xffffffff80000000-0xffffffffbfffffff)
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Apr 11, 2019, 8:00:34 PM4/11/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 5f5c1657 UPSTREAM: virt_wifi: Remove REGULATORY_WIPHY_SELF..
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=16c7c163200000
kernel config: https://syzkaller.appspot.com/x/.config?x=a99a3470ebe9a85e
dashboard link: https://syzkaller.appspot.com/bug?extid=91a1a0238c9215ea369d
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1253f937200000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=147f4ced200000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 2104 at net/xfrm/xfrm_state.c:2197
xfrm_state_fini+0x2a0/0x340 net/xfrm/xfrm_state.c:2197
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 2104 Comm: kworker/u4:2 Not tainted 4.9.166+ #35
Workqueue: netns cleanup_net
ffff8801d68cf900 ffffffff81b4ef81 0000000000000000 ffffffff82a39ba0
00000000ffffffff 0000000000000000 0000000000000009 ffff8801d68cf9e0
ffffffff813f91aa 0000000041b58ab3 ffffffff82e2ec1a ffffffff813f8fd1
Call Trace:
[<000000001f3b308d>] __dump_stack lib/dump_stack.c:15 [inline]
[<000000001f3b308d>] dump_stack+0xc1/0x120 lib/dump_stack.c:51
[<000000003e7971d3>] panic+0x1d9/0x3bd kernel/panic.c:180
[<00000000aa290d07>] __warn.cold+0x2f/0x2f kernel/panic.c:546
[<000000008d2f03ef>] warn_slowpath_null+0x2d/0x40 kernel/panic.c:589
[<000000009ad6c3cf>] xfrm_state_fini+0x2a0/0x340 net/xfrm/xfrm_state.c:2197
[<000000001bee132c>] xfrm_net_exit+0x2e/0x40 net/xfrm/xfrm_policy.c:3122
[<00000000b225c57a>] ops_exit_list.isra.0+0xb0/0x160
net/core/net_namespace.c:136
[<0000000087d7be6c>] cleanup_net+0x3d6/0x8a0 net/core/net_namespace.c:473
[<000000004c06eb0c>] process_one_work+0x88b/0x1600 kernel/workqueue.c:2114
[<0000000067658cbe>] worker_thread+0x5df/0x11d0 kernel/workqueue.c:2251
[<00000000d59feddd>] kthread+0x278/0x310 kernel/kthread.c:211
[<000000009b422dce>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Kernel Offset: disabled
syzbot
Apr 11, 2019, 8:00:41 PM4/11/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: f057ff93 Merge 4.4.148 into android-4.4
syzbot found the following crash on:
git tree: android-4.4
console output: https://syzkaller.appspot.com/x/log.txt?x=11e2d8ba400000
kernel config: https://syzkaller.appspot.com/x/.config?x=b72c2b16b5f35bf1
dashboard link: https://syzkaller.appspot.com/bug?extid=753d12b683e15c1db085
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=176b81f2400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14008616400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
------------[ cut here ]------------
WARNING: CPU: 1 PID: 6 at net/xfrm/xfrm_state.c:2139
xfrm_state_fini+0x297/0x330 net/xfrm/xfrm_state.c:2139()
Kernel panic - not syncing: panic_on_warn set ...
CPU: 1 PID: 6 Comm: kworker/u4:0 Not tainted 4.4.148-gf057ff9 #81
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: netns cleanup_net
0000000000000000 0a2f072abdd1482d ffff8801d9a17958 ffffffff81e1448d
ffffffff83a44e40 ffff8801d9a08000 ffffffff83f26620 0000000000000009
000000000000085b ffff8801d9a17a18 ffffffff8140ce24 0000000041b58ab3
Call Trace:
[<ffffffff81e1448d>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81e1448d>] dump_stack+0xc1/0x124 lib/dump_stack.c:51
[<ffffffff8140ce24>] panic+0x19e/0x38d kernel/panic.c:112
[<ffffffff8140d048>] warn_slowpath_common.cold.6+0x20/0x20
kernel/panic.c:455
[<ffffffff81132ac9>] warn_slowpath_null+0x29/0x30 kernel/panic.c:492
[<ffffffff833f21e7>] xfrm_state_fini+0x297/0x330 net/xfrm/xfrm_state.c:2139
[<ffffffff833ccd9d>] xfrm_net_exit+0x2d/0x30 net/xfrm/xfrm_policy.c:3038
[<ffffffff82f643d0>] ops_exit_list.isra.6+0xb0/0x160
net/core/net_namespace.c:134
[<ffffffff82f67391>] cleanup_net+0x321/0x600 net/core/net_namespace.c:452
[<ffffffff8118495f>] process_one_work+0x7df/0x1600 kernel/workqueue.c:2064
[<ffffffff81185859>] worker_thread+0xd9/0xfc0 kernel/workqueue.c:2196
[<ffffffff81193368>] kthread+0x268/0x300 kernel/kthread.c:211
[<ffffffff838caad5>] ret_from_fork+0x55/0x80 arch/x86/entry/entry_64.S:510
Dumping ftrace buffer:
(ftrace buffer empty)
(ftrace buffer empty)
Reply all
Reply to author
Forward
0 new messages