Hello,
syzbot found the following crash on:
HEAD commit: 9a9de33a Linux 4.19.63
git tree: linux-4.19.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=1622f6d8600000
kernel config:
https://syzkaller.appspot.com/x/.config?x=92b8e10c68c8329
dashboard link:
https://syzkaller.appspot.com/bug?extid=45bb3012919c888fa10d
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by:
syzbot+45bb30...@syzkaller.appspotmail.com
rxrpc: AF_RXRPC: Leaked local 0000000026e8b237 {0}
------------[ cut here ]------------
kernel BUG at net/rxrpc/local_object.c:497!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 10821 Comm: kworker/u4:8 Not tainted 4.19.63 #37
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: netns cleanup_net
RIP: 0010:rxrpc_destroy_all_locals+0xf2/0x174 net/rxrpc/local_object.c:497
Code: 00 49 bf 00 00 00 00 00 fc ff df 48 83 eb 20 e8 d4 59 13 fb 4c 8d 6b
20 4d 39 ec 75 19 e8 c6 59 13 fb 4c 89 f7 e8 fe a9 9a 00 <0f> 0b 4c 89 e7
e8 c4 ec 49 fb eb c4 e8 ad 59 13 fb 48 8d 7b 10 be
RSP: 0018:ffff8880539a7bb0 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff888076871ed8 RCX: ffffffff86f29c38
RDX: 0000000000000001 RSI: 1ffff1100a734f61 RDI: ffff888076871f08
RBP: ffff8880539a7be0 R08: 1ffff1100ed0e3e1 R09: ffffed100ed0e3e2
R10: ffffed100ed0e3e1 R11: ffff888076871f0f R12: ffff888076871ef8
R13: ffff888076871ef8 R14: ffff888076871f08 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000009493f000 CR4: 00000000001406f0
Call Trace:
rxrpc_exit_net+0x1d2/0x310 net/rxrpc/net_ns.c:125
ops_exit_list.isra.0+0xaa/0x150 net/core/net_namespace.c:153
cleanup_net+0x3fb/0x960 net/core/net_namespace.c:552
process_one_work+0x989/0x1750 kernel/workqueue.c:2153
worker_thread+0x98/0xe40 kernel/workqueue.c:2296
kthread+0x354/0x420 kernel/kthread.c:246
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Modules linked in:
---[ end trace 7f6765a77d7613fc ]---
RIP: 0010:rxrpc_destroy_all_locals+0xf2/0x174 net/rxrpc/local_object.c:497
Code: 00 49 bf 00 00 00 00 00 fc ff df 48 83 eb 20 e8 d4 59 13 fb 4c 8d 6b
20 4d 39 ec 75 19 e8 c6 59 13 fb 4c 89 f7 e8 fe a9 9a 00 <0f> 0b 4c 89 e7
e8 c4 ec 49 fb eb c4 e8 ad 59 13 fb 48 8d 7b 10 be
RSP: 0018:ffff8880539a7bb0 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff888076871ed8 RCX: ffffffff86f29c38
RDX: 0000000000000001 RSI: 1ffff1100a734f61 RDI: ffff888076871f08
RBP: ffff8880539a7be0 R08: 1ffff1100ed0e3e1 R09: ffffed100ed0e3e2
R10: ffffed100ed0e3e1 R11: ffff888076871f0f R12: ffff888076871ef8
R13: ffff888076871ef8 R14: ffff888076871f08 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000014cd3d8 CR3: 0000000088572000 CR4: 00000000001406e0