diff options
Diffstat (limited to 'pkg/report/testdata/linux')
95 files changed, 5243 insertions, 184 deletions
diff --git a/pkg/report/testdata/linux/guilty/30 b/pkg/report/testdata/linux/guilty/30 new file mode 100644 index 000000000..fb4b044f6 --- /dev/null +++ b/pkg/report/testdata/linux/guilty/30 @@ -0,0 +1,51 @@ +FILE: net/ipv4/netfilter/ipt_CLUSTERIP.c + +------------[ cut here ]------------ +proc_dir_entry 'ipt_CLUSTERIP/172.20.0.170' already registered +WARNING: CPU: 1 PID: 4074 at fs/proc/generic.c:330 proc_register+0x2a4/0x370 fs/proc/generic.c:329 +Kernel panic - not syncing: panic_on_warn set ... + +CPU: 1 PID: 4074 Comm: syzkaller105937 Not tainted 4.15.0+ #221 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +Call Trace: + __dump_stack lib/dump_stack.c:17 [inline] + dump_stack+0x194/0x257 lib/dump_stack.c:53 + panic+0x1e4/0x41c kernel/panic.c:183 + __warn+0x1dc/0x200 kernel/panic.c:547 + report_bug+0x211/0x2d0 lib/bug.c:184 + fixup_bug.part.11+0x37/0x80 arch/x86/kernel/traps.c:178 + fixup_bug arch/x86/kernel/traps.c:247 [inline] + do_error_trap+0x2d7/0x3e0 arch/x86/kernel/traps.c:296 + do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:315 + invalid_op+0x22/0x40 arch/x86/entry/entry_64.S:1097 +RIP: 0010:proc_register+0x2a4/0x370 fs/proc/generic.c:329 +RSP: 0018:ffff8801da886e20 EFLAGS: 00010286 +RAX: dffffc0000000008 RBX: ffff8801d21cc7b8 RCX: ffffffff815a57ae +RDX: 0000000000000000 RSI: 1ffff1003b510d74 RDI: 1ffff1003b510d49 +RBP: ffff8801da886e70 R08: 1ffff1003b510d0b R09: 0000000000000000 +R10: ffff8801da886cd8 R11: 0000000000000000 R12: ffff8801cbf66440 +R13: dffffc0000000000 R14: ffff8801ca2fa348 R15: ffff8801cbf66501 + proc_create_data+0xf8/0x180 fs/proc/generic.c:494 + clusterip_config_init net/ipv4/netfilter/ipt_CLUSTERIP.c:250 [inline] + clusterip_tg_check+0xf9c/0x16d0 net/ipv4/netfilter/ipt_CLUSTERIP.c:488 + xt_check_target+0x22c/0x7d0 net/netfilter/x_tables.c:850 + check_target net/ipv4/netfilter/ip_tables.c:513 [inline] + find_check_entry.isra.8+0x8c8/0xcb0 net/ipv4/netfilter/ip_tables.c:554 + translate_table+0xed1/0x1610 net/ipv4/netfilter/ip_tables.c:725 + do_replace net/ipv4/netfilter/ip_tables.c:1141 [inline] + do_ipt_set_ctl+0x370/0x5f0 net/ipv4/netfilter/ip_tables.c:1675 + nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] + nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 + ip_setsockopt+0x97/0xa0 net/ipv4/ip_sockglue.c:1259 + sctp_setsockopt+0x2b6/0x61d0 net/sctp/socket.c:4104 + sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 + SYSC_setsockopt net/socket.c:1849 [inline] + SyS_setsockopt+0x189/0x360 net/socket.c:1828 + entry_SYSCALL_64_fastpath+0x29/0xa0 +RIP: 0033:0x44afa9 +RSP: 002b:00007f43f70edce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 +RAX: ffffffffffffffda RBX: 00000000006e0c3c RCX: 000000000044afa9 +RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 +RBP: 00000000006e0c38 R08: 0000000000000348 R09: 0000000000000000 +R10: 0000000020013c90 R11: 0000000000000246 R12: 0000000000000000 +R13: 00007ffe194fe84f R14: 00007f43f70ee9c0 R15: 0000000000000005 diff --git a/pkg/report/testdata/linux/guilty/31 b/pkg/report/testdata/linux/guilty/31 new file mode 100644 index 000000000..074c11c5b --- /dev/null +++ b/pkg/report/testdata/linux/guilty/31 @@ -0,0 +1,58 @@ +FILE: net/bridge/br_if.c + +------------[ cut here ]------------ +WARNING: CPU: 1 PID: 3485 at lib/kobject.c:244 kobject_add_internal+0x3f6/0xbc0 lib/kobject.c:242 +Kernel panic - not syncing: panic_on_warn set ... + +CPU: 1 PID: 3485 Comm: syz-executor6 Not tainted 4.14.0-rc4+ #80 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +Call Trace: + __dump_stack lib/dump_stack.c:16 [inline] + dump_stack+0x194/0x257 lib/dump_stack.c:52 + panic+0x1e4/0x417 kernel/panic.c:181 + __warn+0x1c4/0x1d9 kernel/panic.c:542 + report_bug+0x211/0x2d0 lib/bug.c:183 + fixup_bug+0x40/0x90 arch/x86/kernel/traps.c:178 + do_trap_no_signal arch/x86/kernel/traps.c:212 [inline] + do_trap+0x260/0x390 arch/x86/kernel/traps.c:261 + do_error_trap+0x120/0x390 arch/x86/kernel/traps.c:298 + do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:311 + invalid_op+0x18/0x20 arch/x86/entry/entry_64.S:905 +RIP: 0010:kobject_add_internal+0x3f6/0xbc0 lib/kobject.c:242 +RSP: 0018:ffff8801bf816900 EFLAGS: 00010282 +RAX: 0000000000000040 RBX: ffff8801c09b4620 RCX: 0000000000000000 +RDX: 0000000000000040 RSI: ffffffff8158d38e RDI: ffffed0037f02d14 +RBP: ffff8801bf8169f8 R08: ffff8801bf816070 R09: 0000000000000000 +R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10037f02d26 +R13: 00000000fffffff4 R14: ffff8801cb9b0b30 R15: ffff8801cd01c000 + kobject_add_varg lib/kobject.c:366 [inline] + kobject_init_and_add+0xf9/0x150 lib/kobject.c:438 + br_add_if+0x786/0x1990 net/bridge/br_if.c:533 + br_add_slave+0x29/0x30 net/bridge/br_device.c:349 + do_set_master+0x19c/0x1f0 net/core/rtnetlink.c:1986 + do_setlink+0xa98/0x38e0 net/core/rtnetlink.c:2119 + rtnl_newlink+0xf0d/0x1a40 net/core/rtnetlink.c:2661 + rtnetlink_rcv_msg+0x733/0x1090 net/core/rtnetlink.c:4301 + netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2409 + rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4313 + netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] + netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 + netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 + sock_sendmsg_nosec net/socket.c:633 [inline] + sock_sendmsg+0xca/0x110 net/socket.c:643 + sock_write_iter+0x320/0x5e0 net/socket.c:912 + call_write_iter include/linux/fs.h:1770 [inline] + do_iter_readv_writev+0x531/0x7f0 fs/read_write.c:673 + do_iter_write+0x15a/0x540 fs/read_write.c:952 + vfs_writev+0x18a/0x340 fs/read_write.c:997 + do_writev+0xfc/0x2a0 fs/read_write.c:1032 + SYSC_writev fs/read_write.c:1105 [inline] + SyS_writev+0x27/0x30 fs/read_write.c:1102 + entry_SYSCALL_64_fastpath+0x1f/0xbe +RIP: 0033:0x4520a9 +RSP: 002b:00007f4633db3c08 EFLAGS: 00000216 ORIG_RAX: 0000000000000014 +RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 +RDX: 0000000000000001 RSI: 00000000205d9000 RDI: 0000000000000005 +RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 +R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004b6c37 +R13: 00007f4633db3b48 R14: 00000000004b6c47 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/guilty/32 b/pkg/report/testdata/linux/guilty/32 new file mode 100644 index 000000000..15420b982 --- /dev/null +++ b/pkg/report/testdata/linux/guilty/32 @@ -0,0 +1,57 @@ +FILE: net/tipc/name_table.c + +list_del corruption. prev->next should be 00000000bc6553ca, but was 0000000038fa8131 +------------[ cut here ]------------ +kernel BUG at lib/list_debug.c:53! +invalid opcode: 0000 [#1] SMP KASAN +Dumping ftrace buffer: + (ftrace buffer empty) +Modules linked in: +CPU: 1 PID: 3200 Comm: syz-executor4 Not tainted 4.15.0-rc8+ #264 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +RIP: 0010:__list_del_entry_valid+0xef/0x150 lib/list_debug.c:51 +RSP: 0018:ffff8801be95eb20 EFLAGS: 00010286 +RAX: 0000000000000054 RBX: ffff8801d359f240 RCX: 0000000000000000 +RDX: 0000000000000054 RSI: 1ffff10039af2dca RDI: ffffed0037d2bd58 +RBP: ffff8801be95eb38 R08: 1ffff10037d2bcfc R09: 0000000000000000 +R10: ffff8801be95ea00 R11: 0000000000000000 R12: ffff8801d50e4900 +R13: ffff8801be95ecd8 R14: ffff8801c29ac860 R15: ffff8801bd76aa80 +FS: 00007f70eee26700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +CR2: 00000000010bad18 CR3: 0000000006822006 CR4: 00000000001606e0 +Call Trace: + __list_del_entry include/linux/list.h:117 [inline] + list_del_init include/linux/list.h:159 [inline] + tipc_nametbl_unsubscribe+0x318/0x990 net/tipc/name_table.c:851 + tipc_subscrb_subscrp_delete+0x1e9/0x460 net/tipc/subscr.c:208 + tipc_subscrb_delete net/tipc/subscr.c:238 [inline] + tipc_subscrb_release_cb+0x17/0x30 net/tipc/subscr.c:316 + tipc_close_conn+0x171/0x270 net/tipc/server.c:204 + tipc_topsrv_kern_unsubscr+0x213/0x340 net/tipc/server.c:532 + tipc_group_delete+0x2c0/0x3d0 net/tipc/group.c:206 + tipc_sk_leave+0x10b/0x200 net/tipc/socket.c:2780 + tipc_release+0x154/0xfe0 net/tipc/socket.c:575 + sock_release+0x8d/0x1e0 net/socket.c:602 + sock_close+0x16/0x20 net/socket.c:1131 + __fput+0x327/0x7e0 fs/file_table.c:210 + ____fput+0x15/0x20 fs/file_table.c:244 + task_work_run+0x199/0x270 kernel/task_work.c:113 + exit_task_work include/linux/task_work.h:22 [inline] + do_exit+0x9bb/0x1ad0 kernel/exit.c:865 + do_group_exit+0x149/0x400 kernel/exit.c:968 + get_signal+0x73f/0x16c0 kernel/signal.c:2335 + do_signal+0x90/0x1eb0 arch/x86/kernel/signal.c:809 + exit_to_usermode_loop+0x214/0x310 arch/x86/entry/common.c:158 + prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] + syscall_return_slowpath+0x490/0x550 arch/x86/entry/common.c:264 + entry_SYSCALL_64_fastpath+0x9e/0xa0 +RIP: 0033:0x452df9 +RSP: 002b:00007f70eee25c88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452df9 +RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +RBP: 0000000000000573 R08: 0000000000000000 R09: 0000000000000000 +R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 +R13: 0000000000000014 R14: 00007f70eee266d4 R15: ffffffffffffffff +Code: 4c 89 e2 48 c7 c7 c0 fb e0 85 e8 95 26 fe fe 0f 0b 48 c7 c7 20 fc e0 85 e8 87 26 fe fe 0f 0b 48 c7 c7 80 fc e0 85 e8 79 26 fe fe <0f> 0b 48 c7 c7 e0 fc e0 85 e8 6b 26 fe fe 0f 0b 48 89 df 48 89 +RIP: __list_del_entry_valid+0xef/0x150 lib/list_debug.c:51 RSP: ffff8801be95eb20 +---[ end trace 0c495e0cee371de9 ]--- diff --git a/pkg/report/testdata/linux/report/0 b/pkg/report/testdata/linux/report/0 index 9dd9c834b..7e92c7be8 100644 --- a/pkg/report/testdata/linux/report/0 +++ b/pkg/report/testdata/linux/report/0 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel paging request in __memset +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 772.918915] BUG: unable to handle kernel paging request at ffff88002bde1e40 diff --git a/pkg/report/testdata/linux/report/100 b/pkg/report/testdata/linux/report/100 index 3027f7872..5016e3bad 100644 --- a/pkg/report/testdata/linux/report/100 +++ b/pkg/report/testdata/linux/report/100 @@ -1,4 +1,4 @@ -TITLE: general protection fault +TITLE: general protection fault: 0000 [#1] SMP KASAN CORRUPTED: Y [ 1722.511384] kasan: CONFIG_KASAN_INLINE enabled diff --git a/pkg/report/testdata/linux/report/102 b/pkg/report/testdata/linux/report/102 index fd88c7392..74473eac3 100644 --- a/pkg/report/testdata/linux/report/102 +++ b/pkg/report/testdata/linux/report/102 @@ -1,4 +1,4 @@ -TITLE: BUG: bad unlock balance +TITLE: BUG: bad unlock balance detected! ] CORRUPTED: Y [ 46.415093] syz2: link speed 10 Mbps diff --git a/pkg/report/testdata/linux/report/103 b/pkg/report/testdata/linux/report/103 index dcfedf133..727ff8dfa 100644 --- a/pkg/report/testdata/linux/report/103 +++ b/pkg/report/testdata/linux/report/103 @@ -1,4 +1,4 @@ -TITLE: divide error +TITLE: divide error: 0000 [#1] SMP KASAN CORRUPTED: Y [ 89.659427] netlink: 13 bytes leftover after parsing attributes in process syz-executor5'. diff --git a/pkg/report/testdata/linux/report/11 b/pkg/report/testdata/linux/report/11 index 68ad9467c..f4a92fff0 100644 --- a/pkg/report/testdata/linux/report/11 +++ b/pkg/report/testdata/linux/report/11 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel paging request +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 1581.999813] BUG: unable to handle kernel paging request at ffffea0000f0e440 diff --git a/pkg/report/testdata/linux/report/110 b/pkg/report/testdata/linux/report/110 index b31e7b2d8..65055e371 100644 --- a/pkg/report/testdata/linux/report/110 +++ b/pkg/report/testdata/linux/report/110 @@ -1,4 +1,4 @@ -TITLE: KASAN: slab-out-of-bounds Read in __lock_acquire +TITLE: KASAN: slab-out-of-bounds Read in sg_remove_request [ 190.154802] ================================================================== [ 190.154802] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x2eff/0x3640 at addr ffff8801a751e6f8 diff --git a/pkg/report/testdata/linux/report/112 b/pkg/report/testdata/linux/report/112 index 55161b059..75a5ccb40 100644 --- a/pkg/report/testdata/linux/report/112 +++ b/pkg/report/testdata/linux/report/112 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel NULL pointer dereference +TITLE: BUG: unable to handle kernel NULL pointer dereference in process_one_work [ 190.154802] BUG: unable to handle kernel NULL pointer dereference at 0000000000000286 [ 190.154802] IP: 0x286 diff --git a/pkg/report/testdata/linux/report/114 b/pkg/report/testdata/linux/report/114 index 1661d39dc..24077a2ef 100644 --- a/pkg/report/testdata/linux/report/114 +++ b/pkg/report/testdata/linux/report/114 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage +TITLE: WARNING: suspicious RCU usage CORRUPTED: Y [ 161.498638] ============================= diff --git a/pkg/report/testdata/linux/report/115 b/pkg/report/testdata/linux/report/115 index 93c7016fa..32110e1bd 100644 --- a/pkg/report/testdata/linux/report/115 +++ b/pkg/report/testdata/linux/report/115 @@ -1,5 +1,4 @@ -TITLE: BUG: bad unlock balance in dump_stack -CORRUPTED: Y +TITLE: BUG: bad unlock balance in ipmr_mfc_seq_stop [ 76.640408] binder: undelivered TRANSACTION_ERROR: 29189 [ 76.649866] [ BUG: bad unlock balance detected! ] diff --git a/pkg/report/testdata/linux/report/126 b/pkg/report/testdata/linux/report/126 index 2d1c6fbde..197cc7d41 100644 --- a/pkg/report/testdata/linux/report/126 +++ b/pkg/report/testdata/linux/report/126 @@ -1,6 +1,7 @@ -TITLE: unreferenced object +TITLE: BUG: memory leak CORRUPTED: Y -[0.0] unreferenced object -[0.0] backtrace: -[0.0] +2018/01/09 14:28:48 BUG: memory leak +unreferenced object + backtrace: + diff --git a/pkg/report/testdata/linux/report/134 b/pkg/report/testdata/linux/report/134 index 170419cfe..6d755c841 100644 --- a/pkg/report/testdata/linux/report/134 +++ b/pkg/report/testdata/linux/report/134 @@ -1,5 +1,4 @@ -TITLE: BUG: using __this_cpu_read() in preemptible code -CORRUPTED: Y +TITLE: BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state [ 45.818290] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/6729 [ 45.826891] caller is __this_cpu_preempt_check+0x1c/0x20 diff --git a/pkg/report/testdata/linux/report/136 b/pkg/report/testdata/linux/report/136 index dca96557d..f2267e640 100644 --- a/pkg/report/testdata/linux/report/136 +++ b/pkg/report/testdata/linux/report/136 @@ -1,6 +1,5 @@ -# TODO: this must be marked as corrupted: stack is truncated and the guilty -# function must be the next one after check_preemption_disabled. -TITLE: BUG: using __this_cpu_read() in preemptible code in check_preemption_disabled +TITLE: BUG: using __this_cpu_read() in preemptible [ADDR] code: syz-executor +CORRUPTED: Y [ 62.873963] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/11203 [ 62.882637] caller is __this_cpu_preempt_check+0x1c/0x20 diff --git a/pkg/report/testdata/linux/report/137 b/pkg/report/testdata/linux/report/137 index 1397b26b7..b66e057c7 100644 --- a/pkg/report/testdata/linux/report/137 +++ b/pkg/report/testdata/linux/report/137 @@ -1,5 +1,4 @@ -# TODO: this should be "in ipcomp_init_state" -TITLE: BUG: using __this_cpu_read() in preemptible code in __this_cpu_preempt_check +TITLE: BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state [ 45.718728] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/6976 [ 45.727291] caller is __this_cpu_preempt_check+0x1c/0x20 @@ -10,7 +9,9 @@ TITLE: BUG: using __this_cpu_read() in preemptible code in __this_cpu_preempt_ch [ 45.765691] ffffffff81df79f4 ffff8801ce54f730 ffffffff83f42ec0 dffffc0000000000 [ 45.773790] Call Trace: [ 45.776364] [<ffffffff81d90a29>] dump_stack+0xc1/0x128 +[ 45.793029] sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; [ 45.781730] [<ffffffff81df79f4>] check_preemption_disabled+0x1d4/0x200 +[ 45.793029] program syz-executor0 not setting count and/or reply_len properly [ 45.788474] [<ffffffff81df7a5c>] __this_cpu_preempt_check+0x1c/0x20 [ 45.793029] sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; [ 45.793029] program syz-executor0 not setting count and/or reply_len properly diff --git a/pkg/report/testdata/linux/report/138 b/pkg/report/testdata/linux/report/138 index 455e44960..8cb418200 100644 --- a/pkg/report/testdata/linux/report/138 +++ b/pkg/report/testdata/linux/report/138 @@ -1,5 +1,5 @@ -# TODO: this must be marked as corrupted -TITLE: INFO: task hung in __schedule +TITLE: INFO: task syz-executor blocked for more than 120 seconds. +CORRUPTED: Y [ 369.632194] INFO: task syz-executor1:12659 blocked for more than 120 seconds. [ 369.639544] Not tainted 4.15.0-rc2+ #152 diff --git a/pkg/report/testdata/linux/report/139 b/pkg/report/testdata/linux/report/139 index 051deba88..71fa0e91b 100644 --- a/pkg/report/testdata/linux/report/139 +++ b/pkg/report/testdata/linux/report/139 @@ -1,5 +1,4 @@ -# TODO: this must be "in hash_sendmsg" -TITLE: BUG: unable to handle kernel paging request +TITLE: BUG: unable to handle kernel paging request in hash_sendmsg [ 70.687256] sctp: [Deprecated]: syz-executor5 (pid 16777) Use of int in maxseg socket option. [ 70.687256] Use struct sctp_assoc_value instead diff --git a/pkg/report/testdata/linux/report/142 b/pkg/report/testdata/linux/report/142 index 011905e95..eb583169b 100644 --- a/pkg/report/testdata/linux/report/142 +++ b/pkg/report/testdata/linux/report/142 @@ -1,4 +1,3 @@ -# TODO: this is not actually corrupted. TITLE: WARNING in __switch_to CORRUPTED: Y diff --git a/pkg/report/testdata/linux/report/143 b/pkg/report/testdata/linux/report/143 index 646a58f7e..8d70a82dc 100644 --- a/pkg/report/testdata/linux/report/143 +++ b/pkg/report/testdata/linux/report/143 @@ -1,42 +1,25 @@ -# TODO: this does not look corrupted, we should allow output before kernel output. -# This also happens with login prompt. TITLE: kernel panic: Attempted to kill init! -CORRUPTED: Y -INIT: PANIC: segmentation violation! sleeping for 30 s[ 30.441874] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b -[ 30.441874] -econds. -[ 30.451507] CPU: 1 PID: 1 Comm: init Not tainted 4.15.0-rc3-next-20171214+ #67 -[ 30.459608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 -[ 30.468929] Call Trace: -[ 30.471489] __dump_stack lib/dump_stack.c:17 [inline] -[ 30.471489] dump_stack+0xe9/0x14b lib/dump_stack.c:53 -[ 30.475002] panic+0x10e/0x2f8 kernel/panic.c:183 -[ 30.478170] ? find_child_reaper kernel/exit.c:578 [inline] -[ 30.478170] ? forget_original_parent kernel/exit.c:674 [inline] -[ 30.478170] ? exit_notify kernel/exit.c:710 [inline] -[ 30.478170] ? do_exit+0x1036/0x1050 kernel/exit.c:889 -[ 30.481855] find_child_reaper kernel/exit.c:578 [inline] -[ 30.481855] forget_original_parent kernel/exit.c:674 [inline] -[ 30.481855] exit_notify kernel/exit.c:710 [inline] -[ 30.481855] do_exit+0x1045/0x1050 kernel/exit.c:889 -[ 30.485372] do_group_exit+0x60/0x100 kernel/exit.c:972 -[ 30.489145] get_signal+0x36c/0xad0 kernel/signal.c:2337 -[ 30.492752] do_signal+0x23/0x670 arch/x86/kernel/signal.c:809 -[ 30.496177] ? __bad_area_nosemaphore+0x149/0x270 arch/x86/mm/fault.c:931 -[ 30.500997] ? __do_page_fault+0x246/0x6b0 arch/x86/mm/fault.c:1409 -[ 30.505208] exit_to_usermode_loop+0x13c/0x160 arch/x86/entry/common.c:161 -[ 30.509758] prepare_exit_to_usermode+0x102/0x110 arch/x86/entry/common.c:195 -[ 30.514569] ? page_fault+0x36/0x60 arch/x86/entry/entry_64.S:1243 -[ 30.518165] retint_user+0x8/0x18 -[ 30.521584] RIP: 0033: (null) -[ 30.525439] RSP: 002b:00007fff53eb9f30 EFLAGS: 00010286 -[ 30.530772] RAX: ffffffffffffffff RBX: 00007fe983f5a6a0 RCX: ffffffffffffff00 -[ 30.538012] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000 -[ 30.545248] RBP: 0000000000000004 R08: 00007fff53eb9f30 R09: 0000000000000001 -[ 30.552488] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff -[ 30.559728] R13: 00007fff53ebacc0 R14: 0000000000000000 R15: 0000000000000000 -[ 30.567500] Dumping ftrace buffer: -[ 30.571039] (ftrace buffer empty) -[ 30.574716] Kernel Offset: disabled -[ 30.578307] Rebooting in 86400 seconds.. +INIT: PANIC: segmentation violation! sleeping for 30 seconds. +[ 19.171696] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b +[ 19.171696] +[ 19.180969] CPU: 1 PID: 1 Comm: init Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 19.188300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 19.197627] Call Trace: +[ 19.200192] dump_stack+0xe9/0x14b +[ 19.203711] panic+0x10e/0x2f8 +[ 19.206877] ? do_exit+0x1036/0x1050 +[ 19.210569] do_exit+0x1045/0x1050 +[ 19.214089] do_group_exit+0x60/0x100 +[ 19.217864] get_signal+0x36c/0xad0 +[ 19.221474] do_signal+0x23/0x670 +[ 19.224911] ? __bad_area_nosemaphore+0x149/0x270 +[ 19.229741] ? __do_page_fault+0x246/0x6b0 +[ 19.233957] exit_to_usermode_loop+0x13c/0x160 +[ 19.238514] prepare_exit_to_usermode+0x102/0x110 +[ 19.243674] ? page_fault+0x36/0x60 +[ 19.247272] retint_user+0x8/0x18 +[ 19.250694] RIP: 0033: (null) +[ 19.254549] RSP: 002b:00007ffe8c9df0b0 EFLAGS: 00010286 +Connection to kasan-2 closed by remote host. +[ 19.259884] RAX: ffffffffffffffff diff --git a/pkg/report/testdata/linux/report/145 b/pkg/report/testdata/linux/report/145 index 9f5cecbb2..6a7348bf7 100644 --- a/pkg/report/testdata/linux/report/145 +++ b/pkg/report/testdata/linux/report/145 @@ -1,5 +1,4 @@ -# TODO: this must be "INFO: rcu detected stall in __xfrm_decode_session" -TITLE: INFO: rcu detected stall in do_softirq +TITLE: INFO: rcu detected stall in __xfrm_decode_session [ 323.830017] INFO: rcu_sched detected stalls on CPUs/tasks: [ 323.835676] (detected by 0, t=125007 jiffies, g=66299, c=66298, q=40) @@ -68,6 +67,7 @@ TITLE: INFO: rcu detected stall in do_softirq [ 324.126371] ? do_timer+0x50/0x50 [ 324.129800] ? do_raw_spin_trylock+0x190/0x190 [ 324.134365] hrtimer_interrupt+0x1c2/0x5e0 +[ 324.172031] ? apic_timer_interrupt+0xa9/0xb0 [ 324.138588] smp_apic_timer_interrupt+0x14a/0x700 [ 324.143401] ? smp_call_function_single_interrupt+0x640/0x640 [ 324.149252] ? smp_call_function_single_interrupt+0x640/0x640 diff --git a/pkg/report/testdata/linux/report/146 b/pkg/report/testdata/linux/report/146 index 8615499b4..da5beb83e 100644 --- a/pkg/report/testdata/linux/report/146 +++ b/pkg/report/testdata/linux/report/146 @@ -1,8 +1,4 @@ -# TODO: this must be "in remove_wait_queue". -# We need to skip all *lock_acquire/release functions, -# as they produce unuseful title and sometimes duplicates for -# __lock_acquire vs perf_trace_lock_acquire. -TITLE: BUG: unable to handle kernel paging request in __lock_acquire +TITLE: BUG: unable to handle kernel paging request in remove_wait_queue [ 19.572672] BUG: unable to handle kernel paging request at 0000000100000137 [ 19.572683] IP: __lock_acquire+0xd8/0x1430 diff --git a/pkg/report/testdata/linux/report/147 b/pkg/report/testdata/linux/report/147 index b6b2eeeeb..12f8f46e3 100644 --- a/pkg/report/testdata/linux/report/147 +++ b/pkg/report/testdata/linux/report/147 @@ -1,5 +1,4 @@ -# TODO: this must be "in remove_wait_queue". See TODO in 146. -TITLE: KASAN: use-after-free Read in __lock_acquire +TITLE: KASAN: use-after-free Read in remove_wait_queue [ 19.121820] ================================================================== [ 19.121834] BUG: KASAN: use-after-free in __lock_acquire+0x3c41/0x3cf0 diff --git a/pkg/report/testdata/linux/report/148 b/pkg/report/testdata/linux/report/148 index 1719364ab..7b4e8556f 100644 --- a/pkg/report/testdata/linux/report/148 +++ b/pkg/report/testdata/linux/report/148 @@ -1,5 +1,4 @@ -# TODO: this must be "in tipc_subscrb_subscrp_delete". See TODO in 146. -TITLE: general protection fault in __lock_acquire +TITLE: general protection fault in tipc_subscrb_subscrp_delete [ 41.864973] kasan: CONFIG_KASAN_INLINE enabled [ 41.869549] kasan: GPF could be caused by NULL-ptr deref or user memory access diff --git a/pkg/report/testdata/linux/report/149 b/pkg/report/testdata/linux/report/149 index 219f1737c..27df468ca 100644 --- a/pkg/report/testdata/linux/report/149 +++ b/pkg/report/testdata/linux/report/149 @@ -1,8 +1,4 @@ -# TODO: Ideally, this should be something like -# "KASAN: use-after-free Read in work_is_static_object in strp_check_rcv" -# because work_is_static_object is a generic function and different bugs -# can manifest this way. -TITLE: KASAN: use-after-free Read in work_is_static_object +TITLE: KASAN: use-after-free Read in __queue_work [ 1140.689311] ================================================================== [ 1140.696784] BUG: KASAN: use-after-free in work_is_static_object+0x39/0x40 diff --git a/pkg/report/testdata/linux/report/150 b/pkg/report/testdata/linux/report/150 index ab9966b84..0c863bcfa 100644 --- a/pkg/report/testdata/linux/report/150 +++ b/pkg/report/testdata/linux/report/150 @@ -1,5 +1,4 @@ -# TODO: This should be "WARNING: held lock freed! in __sk_destruct" -TITLE: WARNING: held lock freed! +TITLE: WARNING: held lock freed in sctp_wait_for_sndbuf [ 25.058100] ========================= [ 25.061864] WARNING: held lock freed! diff --git a/pkg/report/testdata/linux/report/152 b/pkg/report/testdata/linux/report/152 index 78c4ffd91..915a3a826 100644 --- a/pkg/report/testdata/linux/report/152 +++ b/pkg/report/testdata/linux/report/152 @@ -1,4 +1,4 @@ -TITLE: possible deadlock +TITLE: WARNING: possible circular locking dependency detected CORRUPTED: Y [....] Starting enhanced syslogd: rsyslogd[ 12.037795] audit: type=1400 audit(1515564630.515:5): avc: denied { syslog } for pid=3348 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 diff --git a/pkg/report/testdata/linux/report/153 b/pkg/report/testdata/linux/report/153 index d180f4c68..822b2188d 100644 --- a/pkg/report/testdata/linux/report/153 +++ b/pkg/report/testdata/linux/report/153 @@ -1,6 +1,4 @@ -# TODO: this should be "WARNING in kmalloc_slab in relay_open_buf". -# The root cause is in the caller of kmalloc, so lots of bugs gets glued together. -TITLE: WARNING in kmalloc_slab +TITLE: WARNING: kmalloc bug in relay_open_buf syzkaller login: [ 50.946624] WARNING: CPU: 0 PID: 3081 at mm/slab_common.c:971 kmalloc_slab+0x5d/0x70 [ 50.947754] Kernel panic - not syncing: panic_on_warn set ... diff --git a/pkg/report/testdata/linux/report/154 b/pkg/report/testdata/linux/report/154 index 5866a4c7c..3302bdff4 100644 --- a/pkg/report/testdata/linux/report/154 +++ b/pkg/report/testdata/linux/report/154 @@ -1,5 +1,5 @@ -# TODO: this must be detected as corrupted -TITLE: BUG: unable to handle kernel paging request +# TODO: must be corrupted (report in report) +TITLE: BUG: unable to handle kernel paging request in print_address_description [ 85.149573] BUG: unable to handle kernel paging request at ffffffff0001eea6 [ 85.153038] ================================================================== diff --git a/pkg/report/testdata/linux/report/156 b/pkg/report/testdata/linux/report/156 index b4d1bc9e1..5ae5bd04a 100644 --- a/pkg/report/testdata/linux/report/156 +++ b/pkg/report/testdata/linux/report/156 @@ -1,6 +1,4 @@ -# TODO: this does not look corrupted. TITLE: WARNING: bad unlock balance in ipmr_mfc_seq_stop -CORRUPTED: Y [ 123.238569] ===================================== [ 123.243391] WARNING: bad unlock balance detected! diff --git a/pkg/report/testdata/linux/report/157 b/pkg/report/testdata/linux/report/157 index f725b6983..2bd30bafe 100644 --- a/pkg/report/testdata/linux/report/157 +++ b/pkg/report/testdata/linux/report/157 @@ -1,6 +1,4 @@ -# TODO: must be "WARNING in sctp_wfree", or "WARNING in refcount_sub_and_test in sctp_wfree", -# or "WARNING: refcount bug in sctp_wfree". -TITLE: WARNING in refcount_sub_and_test +TITLE: WARNING: refcount bug in sctp_wfree [ 44.461565] refcount_t: underflow; use-after-free. [ 44.466577] ------------[ cut here ]------------ diff --git a/pkg/report/testdata/linux/report/158 b/pkg/report/testdata/linux/report/158 index afe9ccbec..a9768d624 100644 --- a/pkg/report/testdata/linux/report/158 +++ b/pkg/report/testdata/linux/report/158 @@ -1,5 +1,4 @@ -# TODO: must be "WARNING: refcount bug in dev_activate". -TITLE: WARNING in refcount_inc +TITLE: WARNING: refcount bug in dev_activate [ 359.890494] refcount_t: increment on 0; use-after-free. [ 359.914113] ------------[ cut here ]------------ diff --git a/pkg/report/testdata/linux/report/159 b/pkg/report/testdata/linux/report/159 index beef78dd8..e211b1d23 100644 --- a/pkg/report/testdata/linux/report/159 +++ b/pkg/report/testdata/linux/report/159 @@ -1,5 +1,4 @@ -# TODO: must be "WARNING: refcount bug in l2tp_session_register". -TITLE: WARNING in refcount_inc +TITLE: WARNING: refcount bug in l2tp_session_register [ 40.530345] ------------[ cut here ]------------ [ 40.535205] refcount_t: increment on 0; use-after-free. diff --git a/pkg/report/testdata/linux/report/160 b/pkg/report/testdata/linux/report/160 new file mode 100644 index 000000000..678075c7e --- /dev/null +++ b/pkg/report/testdata/linux/report/160 @@ -0,0 +1,112 @@ +TITLE: BUG: unable to handle kernel paging request in __run_timers + +[ 190.751093] BUG: unable to handle kernel paging request at ffffffffffffffff +[ 190.757101] IP: 0xffffffffffffffff +[ 190.757101] PGD 7e10067 +[ 190.757101] P4D 7e10067 +[ 190.757101] PUD 7e12067 +[ 190.757101] PMD 0 +[ 190.757101] +[ 190.757101] Oops: 0010 [#1] SMP +[ 190.757101] Dumping ftrace buffer: +[ 190.757101] (ftrace buffer empty) +[ 190.757101] Modules linked in: +[ 190.757101] CPU: 1 PID: 12327 Comm: syz-executor5 Tainted: G B 4.13.0+ #35 +[ 190.757101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 190.757101] task: ffff8801deb8d880 task.stack: ffff8801aa900000 +[ 190.757101] RIP: 0010:0xffffffffffffffff +[ 190.757101] RSP: 0018:ffff88021fd07d10 EFLAGS: 00010006 +[ 190.757101] RAX: 0000000000000000 RBX: 0000000080000100 RCX: 0000000000000000 +[ 190.757101] RDX: ffff8802030b2f48 RSI: aaaaaaaaaaaab000 RDI: ffffffffffffffff +[ 190.757101] RBP: ffff88021fd07d90 R08: 0000000001080020 R09: 0000000000000002 +[ 190.757101] R10: ffff88021fd07cc8 R11: 0000000000000000 R12: ffffffffffffffff +[ 190.757101] R13: ffffffff885293b0 R14: 0000000000000000 R15: ffff88021fd19b48 +[ 190.757101] FS: 00007f80206db700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 +[ 190.757101] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 190.757101] CR2: ffffffffffffffff CR3: 0000000007e0f000 CR4: 00000000001406e0 +[ 190.757101] DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 190.757101] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 +[ 190.757101] Call Trace: +[ 190.757101] <IRQ> +[ 190.757101] ? call_timer_fn+0x2b1/0x630 +[ 190.757101] __run_timers+0xeef/0x1390 +[ 190.757101] ? irq_exit+0x203/0x240 +[ 190.757101] run_timer_softirq+0x45/0xb0 +[ 190.757101] ? timers_dead_cpu+0xef0/0xef0 +[ 190.757101] __do_softirq+0x5bb/0xa08 +[ 190.757101] irq_exit+0x203/0x240 +[ 190.757101] exiting_irq+0xe/0x10 +[ 190.757101] smp_apic_timer_interrupt+0x5a/0x80 +[ 190.757101] apic_timer_interrupt+0x86/0x90 +[ 190.757101] RIP: 0010:kmsan_get_origin_address_noruntime+0x163/0x260 +[ 190.757101] RSP: 0018:ffff8801aa906f20 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff10 +[ 190.757101] RAX: ffff88022a907120 RBX: 0000000000000000 RCX: ffffea0000000000 +[ 190.757101] RDX: 000077ff80000000 RSI: 0000000000000000 RDI: ffff8801aa907120 +[ 190.757101] RBP: ffff8801aa906f58 R08: 0000000001080020 R09: 0000000000000002 +[ 190.757101] R10: ffff8801aa906ff8 R11: 000000008022000e R12: 0000000000000004 +[ 190.757101] R13: 00000000f780000e R14: ffff8801aa907120 R15: 0000000000000000 +[ 190.757101] </IRQ> +[ 190.757101] kmsan_set_origin_inline+0x6b/0x120 +[ 190.757101] __msan_poison_alloca+0x15c/0x1d0 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] ? kfree+0x7f/0x2f40 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] ? __msan_get_context_state+0x20/0xf0 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] kfree+0x7f/0x2f40 +[ 190.757101] ? kernfs_put+0x7e8/0xc40 +[ 190.757101] ? kmsan_set_origin_inline+0x6b/0x120 +[ 190.757101] ? __msan_poison_alloca+0x15c/0x1d0 +[ 190.757101] ? __kernfs_remove+0x12a2/0x13a0 +[ 190.757101] kernfs_put+0x759/0xc40 +[ 190.757101] ? _cond_resched+0x2b/0xc0 +[ 190.757101] __kernfs_remove+0x12a2/0x13a0 +[ 190.757101] ? kernfs_find_ns+0x974/0x9e0 +[ 190.757101] kernfs_remove_by_name_ns+0x115/0x200 +[ 190.757101] sysfs_remove_group+0x38c/0x770 +[ 190.757101] netdev_queue_update_kobjects+0x754/0x870 +[ 190.757101] netdev_unregister_kobject+0x231/0x340 +[ 190.757101] rollback_registered_many+0x150c/0x1ab0 +[ 190.757101] unregister_netdevice_queue+0x55e/0xa80 +[ 190.757101] __tun_detach+0x1681/0x2070 +[ 190.757101] ? __msan_get_context_state+0x20/0xf0 +[ 190.757101] tun_chr_close+0x6a/0xb0 +[ 190.757101] __fput+0x49a/0xc10 +[ 190.757101] ____fput+0x37/0x40 +[ 190.757101] ? fput+0x2d0/0x2d0 +[ 190.757101] task_work_run+0x193/0x300 +[ 190.757101] do_exit+0x1217/0x3f20 +[ 190.757101] ? __msan_metadata_ptr_for_store_4+0x13/0x20 +[ 190.757101] ? dequeue_signal+0x356/0xb70 +[ 190.757101] do_group_exit+0x1d3/0x3b0 +[ 190.757101] get_signal+0x17ad/0x2150 +[ 190.757101] ? syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] ? syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] do_signal+0xb7/0x1c70 +[ 190.757101] ? put_task_struct+0x41/0xd0 +[ 190.757101] ? __msan_metadata_ptr_for_load_8+0x10/0x20 +[ 190.757101] ? balance_callback+0x4a/0x2c0 +[ 190.757101] ? finish_task_switch+0x15e/0x230 +[ 190.757101] ? __schedule+0x6dd/0x780 +[ 190.757101] ? schedule+0x1dc/0x320 +[ 190.757101] ? __msan_metadata_ptr_for_load_1+0x10/0x20 +[ 190.757101] ? syscall_return_slowpath+0x31a/0x9d0 +[ 190.757101] syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] ? SyS_futex+0x89/0xb0 +[ 190.757101] entry_SYSCALL_64_fastpath+0x92/0x94 +[ 190.757101] RIP: 0033:0x452cf9 +[ 190.757101] RSP: 002b:00007f80206dac88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 190.757101] RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452cf9 +[ 190.757101] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +[ 190.757101] RBP: 0000000000000355 R08: 0000000000000000 R09: 0000000000000355 +[ 190.757101] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006f3098 +[ 190.757101] R13: 00000000ffffffff R14: 00007f80206db6d4 R15: 0000000000000000 +[ 190.757101] Code: Bad RIP value. +[ 190.757101] RIP: 0xffffffffffffffff RSP: ffff88021fd07d10 +[ 190.757101] CR2: ffffffffffffffff +[ 190.757101] ---[ end trace fec0af60af9149a6 ]--- +[ 190.757101] Kernel panic - not syncing: Fatal exception in interrupt +[ 190.757101] Dumping ftrace buffer: +[ 190.757101] (ftrace buffer empty) +[ 190.757101] Kernel Offset: disabled +[ 190.757101] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/161 b/pkg/report/testdata/linux/report/161 new file mode 100644 index 000000000..3ac9dce57 --- /dev/null +++ b/pkg/report/testdata/linux/report/161 @@ -0,0 +1,90 @@ +TITLE: WARNING: locking bug in destroy_unused_super + +[ 151.124617] ------------[ cut here ]------------ +[ 151.124619] DEBUG_LOCKS_WARN_ON(depth <= 0) +[ 151.124680] WARNING: CPU: 1 PID: 21689 at kernel/locking/lockdep.c:3676 lock_release+0x6e6/0xa40 +[ 151.124684] Kernel panic - not syncing: panic_on_warn set ... +[ 151.124684] +[ 151.124689] CPU: 1 PID: 21689 Comm: syz-executor4 Not tainted 4.15.0-rc3+ #224 +[ 151.124693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 151.124694] Call Trace: +[ 151.124702] dump_stack+0x194/0x257 +[ 151.124711] ? arch_local_irq_restore+0x53/0x53 +[ 151.124719] ? vsnprintf+0x1ed/0x1900 +[ 151.124727] panic+0x1e4/0x41c +[ 151.124734] ? refcount_error_report+0x214/0x214 +[ 151.124741] ? show_regs_print_info+0x18/0x18 +[ 151.124749] ? __warn+0x1c1/0x200 +[ 151.124757] ? lock_release+0x6e6/0xa40 +[ 151.124763] __warn+0x1dc/0x200 +[ 151.124769] ? lock_release+0x6e6/0xa40 +[ 151.124778] report_bug+0x211/0x2d0 +[ 151.124788] fixup_bug.part.11+0x37/0x80 +[ 151.124795] do_error_trap+0x2d7/0x3e0 +[ 151.124803] ? math_error+0x400/0x400 +[ 151.124809] ? vprintk_emit+0x3ea/0x590 +[ 151.124822] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 151.124834] do_invalid_op+0x1b/0x20 +[ 151.124841] invalid_op+0x18/0x20 +[ 151.124847] RIP: 0010:lock_release+0x6e6/0xa40 +[ 151.124850] RSP: 0018:ffff8801c829f780 EFLAGS: 00010086 +[ 151.124856] RAX: dffffc0000000008 RBX: ffffffff8747a180 RCX: ffffffff8159a88e +[ 151.124860] RDX: 0000000000010000 RSI: ffffc90002835000 RDI: 0000000000000000 +[ 151.124863] RBP: ffff8801c829f8b0 R08: 0000000000000001 R09: 0000000000000000 +[ 151.124866] R10: 0000000000000000 R11: fffffbfff0e872ef R12: ffff8801c829f888 +[ 151.124869] R13: ffff8801d09980c0 R14: ffff8801c829f7c8 R15: 1ffff10039053ef5 +[ 151.124878] ? vprintk_func+0x5e/0xc0 +[ 151.124889] ? destroy_unused_super.part.7+0x18/0xd0 +[ 151.124896] ? lock_downgrade+0x980/0x980 +[ 151.124904] ? __kmalloc+0x46e/0x760 +[ 151.124911] ? lockdep_init_map+0x9/0x10 +[ 151.124918] ? up_read+0x1a/0x40 +[ 151.124924] ? memcg_put_cache_ids+0x10/0x20 +[ 151.124933] ? __list_lru_init+0x35c/0x750 +[ 151.124941] up_write+0x6b/0x120 +[ 151.124947] ? up_read+0x40/0x40 +[ 151.124954] ? __lockdep_init_map+0xe4/0x650 +[ 151.124963] destroy_unused_super.part.7+0x18/0xd0 +[ 151.124969] sget_userns+0x909/0xe20 +[ 151.124975] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.124984] ? destroy_unused_super.part.7+0xd0/0xd0 +[ 151.124991] ? cred_has_capability+0x1a0/0x3d0 +[ 151.124998] ? selinux_ipv4_output+0x40/0x40 +[ 151.125013] ? free_pages+0x51/0x90 +[ 151.125021] ? selinux_sb_copy_data+0x403/0x610 +[ 151.125030] ? selinux_capable+0x36/0x40 +[ 151.125039] ? security_capable+0x8e/0xc0 +[ 151.125046] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.125051] ? ns_capable_common+0xcf/0x160 +[ 151.125058] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.125064] sget+0xd2/0x120 +[ 151.125070] ? __get_fs_type+0x8a/0xc0 +[ 151.125077] ? shmem_remount_fs+0x6c0/0x6c0 +[ 151.125084] mount_nodev+0x37/0x100 +[ 151.125091] shmem_mount+0x2c/0x40 +[ 151.125098] mount_fs+0x66/0x2d0 +[ 151.125107] vfs_kern_mount.part.26+0xc6/0x4a0 +[ 151.125115] ? may_umount+0xa0/0xa0 +[ 151.125121] ? _raw_read_unlock+0x22/0x30 +[ 151.125127] ? __get_fs_type+0x8a/0xc0 +[ 151.125135] do_mount+0xea4/0x2bb0 +[ 151.125144] ? copy_mount_string+0x40/0x40 +[ 151.125150] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 151.125157] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 151.125165] ? retint_kernel+0x10/0x10 +[ 151.125174] ? copy_mount_options+0x18b/0x2e0 +[ 151.125182] ? copy_mount_options+0x190/0x2e0 +[ 151.125188] ? copy_mount_options+0x1f4/0x2e0 +[ 151.125195] SyS_mount+0xab/0x120 +[ 151.125202] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 151.125205] RIP: 0033:0x452a39 +[ 151.125208] RSP: 002b:00007f207292dc58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 +[ 151.125214] RAX: ffffffffffffffda RBX: 00007f207292daa0 RCX: 0000000000452a39 +[ 151.125217] RDX: 00000000204df000 RSI: 00000000209e5000 RDI: 00000000209dd000 +[ 151.125220] RBP: 00007f207292da90 R08: 0000000020000000 R09: 0000000000000000 +[ 151.125222] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b75fb +[ 151.125225] R13: 00007f207292dbc8 R14: 00000000004b75fb R15: 0000000000000000 +[ 151.125609] Dumping ftrace buffer: +[ 151.125612] (ftrace buffer empty) +[ 151.125614] Kernel Offset: disabled +[ 151.833421] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/162 b/pkg/report/testdata/linux/report/162 new file mode 100644 index 000000000..34bcb6394 --- /dev/null +++ b/pkg/report/testdata/linux/report/162 @@ -0,0 +1,63 @@ +TITLE: general protection fault in sg_remove_request + +[ 27.258999] ================================================================== +[ 27.260623] kasan: CONFIG_KASAN_INLINE enabled +[ 27.260630] kasan: GPF could be caused by NULL-ptr deref or user memory access +[ 27.260634] general protection fault: 0000 [#1] PREEMPT SMP KASAN +[ 27.260638] Dumping ftrace buffer: +[ 27.260641] (ftrace buffer empty) +[ 27.260644] Modules linked in: +[ 27.260651] CPU: 1 PID: 3377 Comm: syzkaller685434 Not tainted 4.4.107-g610c835 #4 +[ 27.260654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 27.260658] task: ffff8800b823c740 task.stack: ffff8801d94c8000 +[ 27.260671] RIP: 0010:[<ffffffff8123487f>] [<ffffffff8123487f>] __lock_acquire+0x61f/0x4b50 +[ 27.260675] RSP: 0018:ffff8801d94cf880 EFLAGS: 00010086 +[ 27.260678] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff81237ade +[ 27.260682] RDX: 1ffff1003a313890 RSI: 0000000000000008 RDI: ffff8801d189c480 +[ 27.260685] RBP: ffff8801d94cfa20 R08: 0000000000000001 R09: 0000000000000001 +[ 27.260688] R10: 0000000000000001 R11: 1ffff1003b299f22 R12: 0000000000000000 +[ 27.260692] R13: ffff8800b823c740 R14: ffff8801d189c478 R15: 0000000000000000 +[ 27.260697] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f47d3b40 +[ 27.260701] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 +[ 27.260704] CR2: 00000000206f6000 CR3: 00000001d0a15000 CR4: 00000000001406e0 +[ 27.260713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 27.260717] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 27.260718] Stack: +[ 27.260725] ffff8801d0ee0818 ffff8800b4b59d90 ffff8801d94cfa00 ffffffff8149e232 +[ 27.260733] ffff8801d94cf8b0 ffffffff00000000 ffff8800b823c740 ffff8800b823cfb0 +[ 27.260739] 0000000000000288 ffff8800b823c740 0000000000000002 0000000000000002 +[ 27.260741] Call Trace: +[ 27.260751] [<ffffffff8149e232>] ? handle_mm_fault+0x3f2/0x3190 +[ 27.260758] [<ffffffff81234260>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260764] [<ffffffff8148979e>] ? vmacache_update+0xfe/0x130 +[ 27.260772] [<ffffffff810db470>] ? __do_page_fault+0x380/0xa00 +[ 27.260778] [<ffffffff8123a61e>] lock_acquire+0x15e/0x460 +[ 27.260787] [<ffffffff825b8a89>] ? sg_remove_request+0x69/0x110 +[ 27.260794] [<ffffffff83773a1e>] _raw_write_lock_irqsave+0x4e/0x70 +[ 27.260800] [<ffffffff825b8a89>] ? sg_remove_request+0x69/0x110 +[ 27.260806] [<ffffffff825b8a89>] sg_remove_request+0x69/0x110 +[ 27.260813] [<ffffffff825b9095>] sg_finish_rem_req+0x295/0x340 +[ 27.260819] [<ffffffff825baed1>] sg_read+0xa21/0x1490 +[ 27.260825] [<ffffffff825ba4b0>] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 27.260832] [<ffffffff81234260>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260838] [<ffffffff825ba4b0>] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 27.260845] [<ffffffff8151aa73>] __vfs_read+0x103/0x440 +[ 27.260851] [<ffffffff81234260>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260857] [<ffffffff8151a970>] ? vfs_iter_write+0x2d0/0x2d0 +[ 27.260863] [<ffffffff815e878d>] ? fsnotify+0x5ad/0xee0 +[ 27.260868] [<ffffffff815e90c0>] ? fsnotify+0xee0/0xee0 +[ 27.260877] [<ffffffff81b4d4f9>] ? avc_policy_seqno+0x9/0x20 +[ 27.260883] [<ffffffff81b5ebe8>] ? selinux_file_permission+0x348/0x460 +[ 27.260890] [<ffffffff81b443e9>] ? security_file_permission+0x89/0x1e0 +[ 27.260896] [<ffffffff8151c600>] ? rw_verify_area+0x100/0x2f0 +[ 27.260902] [<ffffffff8151c913>] vfs_read+0x123/0x3a0 +[ 27.260909] [<ffffffff8151f259>] SyS_read+0xd9/0x1b0 +[ 27.260915] [<ffffffff8151f180>] ? do_sendfile+0xd30/0xd30 +[ 27.260922] [<ffffffff81006b47>] ? do_fast_syscall_32+0xd7/0x890 +[ 27.260928] [<ffffffff8151f180>] ? do_sendfile+0xd30/0xd30 +[ 27.260933] [<ffffffff81006d84>] do_fast_syscall_32+0x314/0x890 +[ 27.260940] [<ffffffff837754d7>] sysenter_flags_fixed+0xd/0x17 +[ 27.261026] Code: 00 fc ff df 44 89 e3 49 8d 7c de 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b6 37 00 00 49 8b 5c de 08 48 85 db 0f 84 28 fb ff ff <f0> ff 83 98 01 00 00 49 8d 85 68 08 00 00 48 89 c2 48 89 44 24 +[ 27.261032] RIP [<ffffffff8123487f>] __lock_acquire+0x61f/0x4b50 +[ 27.261034] RSP <ffff8801d94cf880> +[ 27.261040] ---[ end trace ba8c3c110e6701ba ]--- diff --git a/pkg/report/testdata/linux/report/163 b/pkg/report/testdata/linux/report/163 new file mode 100644 index 000000000..59d1a43f7 --- /dev/null +++ b/pkg/report/testdata/linux/report/163 @@ -0,0 +1,75 @@ +TITLE: WARNING: locking bug in sg_remove_request + +[ 32.851928] ------------[ cut here ]------------ +[ 32.851948] WARNING: CPU: 1 PID: 4085 at kernel/locking/lockdep.c:3190 __lock_acquire+0x23b3/0x4b50() +[ 32.851955] DEBUG_LOCKS_WARN_ON(id >= MAX_LOCKDEP_KEYS) +[ 32.851955] Kernel panic - not syncing: panic_on_warn set ... +[ 32.851955] +[ 32.851963] CPU: 1 PID: 4085 Comm: syzkaller160734 Not tainted 4.4.107-g79f138a #2 +[ 32.851967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 32.851976] 0000000000000000 fac66347bd2b1d29 ffff8800b6a470c0 ffffffff81d03a1d +[ 32.851983] ffffffff838429a0 ffff8800b6a47198 ffffffff83854820 0000000000000009 +[ 32.851990] 0000000000000c76 ffff8800b6a47188 ffffffff81416dca 0000000041b58ab3 +[ 32.851992] Call Trace: +[ 32.852004] [<ffffffff81d03a1d>] dump_stack+0xc1/0x124 +[ 32.852013] [<ffffffff81416dca>] panic+0x1aa/0x388 +[ 32.852020] [<ffffffff81416c20>] ? percpu_up_read.constprop.46+0xe1/0xe1 +[ 32.852028] [<ffffffff8112ad7a>] ? warn_slowpath_common+0x10a/0x140 +[ 32.852034] [<ffffffff8112ad95>] warn_slowpath_common+0x125/0x140 +[ 32.852039] [<ffffffff812361f3>] ? __lock_acquire+0x23b3/0x4b50 +[ 32.852045] [<ffffffff8112ae71>] warn_slowpath_fmt+0xc1/0x110 +[ 32.852051] [<ffffffff8112adb0>] ? warn_slowpath_common+0x140/0x140 +[ 32.852056] [<ffffffff8122d870>] ? save_trace+0xe0/0x270 +[ 32.852064] [<ffffffff81016bec>] ? dump_trace+0x14c/0x350 +[ 32.852069] [<ffffffff8123260e>] ? mark_lock+0x45e/0xfd0 +[ 32.852075] [<ffffffff812361f3>] __lock_acquire+0x23b3/0x4b50 +[ 32.852083] [<ffffffff814fa193>] ? save_stack+0xa3/0xd0 +[ 32.852092] [<ffffffff81035c86>] ? save_stack_trace+0x26/0x50 +[ 32.852098] [<ffffffff814fa133>] ? save_stack+0x43/0xd0 +[ 32.852104] [<ffffffff814fa3fd>] ? kasan_kmalloc+0xad/0xe0 +[ 32.852110] [<ffffffff814f63b0>] ? kmem_cache_alloc_trace+0x100/0x2b0 +[ 32.852119] [<ffffffff825b6c38>] ? sg_read+0xb48/0x1490 +[ 32.852125] [<ffffffff81233e40>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852131] [<ffffffff81233e40>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852137] [<ffffffff8151cdb8>] ? vfs_readv+0x78/0xb0 +[ 32.852146] [<ffffffff815b863a>] ? default_file_splice_read+0x4fa/0x8e0 +[ 32.852152] [<ffffffff815b4365>] ? do_splice_to+0xf5/0x140 +[ 32.852158] [<ffffffff815ba599>] ? SyS_splice+0x1009/0x14b0 +[ 32.852164] [<ffffffff81006d84>] ? do_fast_syscall_32+0x314/0x890 +[ 32.852171] [<ffffffff83771357>] ? sysenter_flags_fixed+0xd/0x17 +[ 32.852177] [<ffffffff8123a1fe>] lock_acquire+0x15e/0x460 +[ 32.852183] [<ffffffff825b46c9>] ? sg_remove_request+0x69/0x110 +[ 32.852189] [<ffffffff825b6c38>] ? sg_read+0xb48/0x1490 +[ 32.852196] [<ffffffff8376f89e>] _raw_write_lock_irqsave+0x4e/0x70 +[ 32.852202] [<ffffffff825b46c9>] ? sg_remove_request+0x69/0x110 +[ 32.852208] [<ffffffff825b46c9>] sg_remove_request+0x69/0x110 +[ 32.852214] [<ffffffff825b4cd5>] sg_finish_rem_req+0x295/0x340 +[ 32.852219] [<ffffffff825b6b11>] sg_read+0xa21/0x1490 +[ 32.852226] [<ffffffff815128b4>] ? __check_object_size+0x154/0x35b +[ 32.852231] [<ffffffff810002b8>] ? 0xffffffff810002b8 +[ 32.852237] [<ffffffff825b60f0>] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852244] [<ffffffff815e8650>] ? fsnotify+0xee0/0xee0 +[ 32.852252] [<ffffffff81b4ca39>] ? avc_policy_seqno+0x9/0x20 +[ 32.852258] [<ffffffff8151a8e1>] do_loop_readv_writev+0x141/0x1e0 +[ 32.852265] [<ffffffff81b43929>] ? security_file_permission+0x89/0x1e0 +[ 32.852275] [<ffffffff825b60f0>] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852281] [<ffffffff825b60f0>] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852287] [<ffffffff8151cc3d>] do_readv_writev+0x5dd/0x6e0 +[ 32.852293] [<ffffffff8151c660>] ? vfs_write+0x530/0x530 +[ 32.852300] [<ffffffff81434690>] ? __alloc_pages_direct_compact+0x250/0x250 +[ 32.852307] [<ffffffff8151cdb8>] vfs_readv+0x78/0xb0 +[ 32.852314] [<ffffffff815b863a>] default_file_splice_read+0x4fa/0x8e0 +[ 32.852321] [<ffffffff815b8140>] ? generic_file_splice_read+0x1c0/0x1c0 +[ 32.852328] [<ffffffff815b3650>] ? page_cache_pipe_buf_release+0x70/0x70 +[ 32.852339] [<ffffffff8123499f>] ? __lock_acquire+0xb5f/0x4b50 +[ 32.852345] [<ffffffff81233e40>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852353] [<ffffffff8151bba0>] ? rw_verify_area+0x100/0x2f0 +[ 32.852359] [<ffffffff815b8140>] ? generic_file_splice_read+0x1c0/0x1c0 +[ 32.852365] [<ffffffff815b4365>] do_splice_to+0xf5/0x140 +[ 32.852372] [<ffffffff815ba599>] SyS_splice+0x1009/0x14b0 +[ 32.852377] [<ffffffff8123360b>] ? trace_hardirqs_on_caller+0x38b/0x590 +[ 32.852384] [<ffffffff815b9590>] ? compat_SyS_vmsplice+0x240/0x240 +[ 32.852390] [<ffffffff81006b47>] ? do_fast_syscall_32+0xd7/0x890 +[ 32.852396] [<ffffffff815b9590>] ? compat_SyS_vmsplice+0x240/0x240 +[ 32.852402] [<ffffffff81006d84>] do_fast_syscall_32+0x314/0x890 +[ 32.852408] [<ffffffff83771357>] sysenter_flags_fixed+0xd/0x17 diff --git a/pkg/report/testdata/linux/report/164 b/pkg/report/testdata/linux/report/164 new file mode 100644 index 000000000..96545ce05 --- /dev/null +++ b/pkg/report/testdata/linux/report/164 @@ -0,0 +1,69 @@ +TITLE: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath at addr ADDR +CORRUPTED: Y + +[ 46.284905] ================================================================== +** 2977 printk messages dropped ** [ 46.292061] [<ffffffff814f873b>] ? rw_verify_area+0xbb/0x2c0 +** 3764 printk messages dropped ** [ 46.300984] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5762 printk messages dropped ** [ 46.314596] [<ffffffff814fb2c0>] ? do_sendfile+0xf40/0xf40 +** 3692 printk messages dropped ** [ 46.323313] ___slab_alloc.constprop.78+0x4c6/0x530 +** 3400 printk messages dropped ** [ 46.331342] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4922 printk messages dropped ** [ 46.342991] INFO: Allocated in fasync_helper+0x29/0x90 age=6 cpu=0 pid=6756 +** 4288 printk messages dropped ** [ 46.353225] run_ksoftirqd+0x20/0x60 +** 2843 printk messages dropped ** [ 46.359933] INFO: Freed in fasync_free_rcu+0x14/0x20 age=7 cpu=0 pid=3 +** 4111 printk messages dropped ** [ 46.369656] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5713 printk messages dropped ** [ 46.383149] __slab_free+0x18c/0x2b0 +** 2818 printk messages dropped ** [ 46.389866] [<ffffffff81223871>] ? __lock_is_held+0xa1/0xf0 +** 3718 printk messages dropped ** [ 46.398717] Object ffff8800b7eb5780: ff ff ff ff ff ff ff ff 80 e3 70 85 ff ff ff ff ..........p..... +** 5181 printk messages dropped ** [ 46.411008] 0000000000000000 263dc65b38caca23 ffff8801d2e979b0 ffffffff81cc9b4f +** 4420 printk messages dropped ** [ 46.421691] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5248 printk messages dropped ** [ 46.434131] Object ffff8800b7eb57a0: 00 50 8b 83 ff ff ff ff 01 46 00 00 07 00 00 00 .P.......F...... +** 5252 printk messages dropped ** [ 46.446625] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4982 printk messages dropped ** [ 46.458438] [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76 +** 4071 printk messages dropped ** [ 46.468040] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3303 printk messages dropped ** [ 46.475819] fasync_free_rcu+0x14/0x20 +** 2914 printk messages dropped ** [ 46.482677] ___slab_alloc.constprop.78+0x4c6/0x530 +** 3327 printk messages dropped ** [ 46.490514] 0000000000000000 263dc65b38caca23 ffff8801d2e979b0 ffffffff81cc9b4f +** 4472 printk messages dropped ** [ 46.501243] __slab_alloc.isra.74.constprop.77+0x50/0xa0 +** 3565 printk messages dropped ** [ 46.509661] [<ffffffff82564a50>] ? sg_remove_request+0x60/0x100 +** 3881 printk messages dropped ** [ 46.518862] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5287 printk messages dropped ** [ 46.531333] ffff8800b7eb5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 +** 4399 printk messages dropped ** [ 46.541703] [<ffffffff814db589>] __asan_report_load4_noabort+0x29/0x30 +** 4144 printk messages dropped ** [ 46.551481] [<ffffffff814fb2c0>] ? do_sendfile+0xf40/0xf40 +** 3701 printk messages dropped ** [ 46.560195] kmem_cache_free+0x1f1/0x300 +** 2941 printk messages dropped ** [ 46.567116] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4977 printk messages dropped ** [ 46.579020] [<ffffffff814f873b>] ? rw_verify_area+0xbb/0x2c0 +** 3782 printk messages dropped ** [ 46.587934] __do_softirq+0x24d/0xa60 +** 2872 printk messages dropped ** [ 46.594689] [<ffffffff814db1f7>] kasan_report.part.2+0x227/0x530 +** 3916 printk messages dropped ** [ 46.603948] [<ffffffff81223871>] ? __lock_is_held+0xa1/0xf0 +** 3684 printk messages dropped ** [ 46.612655] ffff8800b7eb5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 +** 4285 printk messages dropped ** [ 46.622887] ----------------------------------------------------------------------------- +[ 46.622887] +** 5380 printk messages dropped ** [ 46.635852] [<ffffffff814f873b>] ? rw_verify_area+0xbb/0x2c0 +** 3744 printk messages dropped ** [ 46.644772] [<ffffffff814f6d8a>] __vfs_read+0xda/0x3e0 +** 3495 printk messages dropped ** [ 46.653074] Object ffff8800b7eb5770: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N.......... +** 5151 printk messages dropped ** [ 46.665447] BUG fasync_cache (Tainted: G B ): kasan: bad access detected +** 4450 printk messages dropped ** [ 46.676199] Object ffff8800b7eb57a0: 00 50 8b 83 ff ff ff ff 01 46 00 00 07 00 00 00 .P.......F...... +** 5028 printk messages dropped ** [ 46.688511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +** 5080 printk messages dropped ** [ 46.701115] __slab_free+0x18c/0x2b0 +** 2823 printk messages dropped ** [ 46.708033] [<ffffffff814fb2c0>] ? do_sendfile+0xf40/0xf40 +** 3709 printk messages dropped ** [ 46.716853] INFO: Slab 0xffffea0002dfad00 objects=20 used=3 fp=0xffff8800b7eb5a90 flags=0x4000000000004080 +** 5386 printk messages dropped ** [ 46.729553] sg_fasync+0x66/0xb0 +** 2713 printk messages dropped ** [ 46.736033] INFO: Object 0xffff8800b7eb5770 @offset=6000 fp=0xdead4ead00000000 +[ 46.736033] +** 5012 printk messages dropped ** [ 46.747833] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3299 printk messages dropped ** [ 46.755632] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3287 printk messages dropped ** [ 46.763372] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5759 printk messages dropped ** [ 46.776952] [<ffffffff814f873b>] ? rw_verify_area+0xbb/0x2c0 +** 3782 printk messages dropped ** [ 46.785872] __do_softirq+0x24d/0xa60 +** 2886 printk messages dropped ** [ 46.792668] [<ffffffff814f6d8a>] __vfs_read+0xda/0x3e0 +** 3551 printk messages dropped ** [ 46.801035] __slab_alloc.isra.74.constprop.77+0x50/0xa0 +** 3575 printk messages dropped ** [ 46.809466] [<ffffffff81223871>] ? __lock_is_held+0xa1/0xf0 +** 3733 printk messages dropped ** [ 46.818289] [<ffffffff8123648d>] ? native_queued_spin_lock_slowpath+0x5ad/0x660 +** 4487 printk messages dropped ** [ 46.828863] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5283 printk messages dropped ** [ 46.841301] [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14 +** 3974 printk messages dropped ** [ 46.850709] [<ffffffff81003044>] ? lockdep_sys_exit_thunk+0x12/0x14 +** 4039 printk messages dropped ** [ 46.860329] [<ffffffff8122ab40>] ? debug_check_no_locks_freed+0x2c0/0x2c0 +** 4250 printk messages dropped ** [ 46.870327] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5284 printk messages dropped ** [ 46.882803] [<ffffffff8374ab36>] entry_SYSCALL_64_fastpath+0x16/0x76 +** 4009 printk messages dropped ** [ 46.892231] Bytes b4 ffff8800b7eb5760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +** 5323 printk messages dropped ** [ 46.904922] INFO: Object 0xffff8800b7eb5770 @offset=6000 fp=0xdead4ead00000000 diff --git a/pkg/report/testdata/linux/report/165 b/pkg/report/testdata/linux/report/165 new file mode 100644 index 000000000..4a4a5aa7a --- /dev/null +++ b/pkg/report/testdata/linux/report/165 @@ -0,0 +1,89 @@ +TITLE: KASAN: use-after-free Read in shmem_disband_hugehead + +[ 176.379525] ================================================================== +[ 176.386974] BUG: KASAN: use-after-free in __lock_acquire+0x462f/0x49f0 at addr ffff8800b5a9f8c0 +[ 176.395804] Read of size 8 by task syz-executor7/20709 +[ 176.401162] CPU: 0 PID: 20709 Comm: syz-executor7 Not tainted 4.3.5+ #11 +[ 176.407993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 176.417350] 0000000000000000 ffff8800b9e4b778 ffffffff81d985d2 ffff8801d8df6d00 +[ 176.425400] ffff8800b5a9f590 ffff8800b5a9fa20 0000000000000001 ffff8800b5a9f8c0 +[ 176.433465] ffff8800b9e4b7a0 ffffffff817c20a1 ffff8800b9e4b828 ffff8800b5a9f590 +[ 176.441544] Call Trace: +[ 176.444128] [<ffffffff81d985d2>] dump_stack+0xf6/0x184 +[ 176.449487] [<ffffffff817c20a1>] kasan_object_err+0x21/0x70 +[ 176.455278] [<ffffffff817c2317>] kasan_report_error+0x1b7/0x490 +[ 176.461418] [<ffffffff817c2723>] __asan_report_load8_noabort+0x43/0x50 +[ 176.468167] [<ffffffff8143418f>] ? __lock_acquire+0x462f/0x49f0 +[ 176.474295] [<ffffffff8143418f>] __lock_acquire+0x462f/0x49f0 +[ 176.480246] [<ffffffff813cd9ec>] ? set_next_entity+0x27c/0xc50 +[ 176.486293] [<ffffffff8142fb60>] ? debug_check_no_locks_freed+0x370/0x370 +[ 176.493293] [<ffffffff8138b0b5>] ? finish_task_switch+0x485/0x620 +[ 176.499588] [<ffffffff8138b0a5>] ? finish_task_switch+0x475/0x620 +[ 176.505972] [<ffffffff8138b0b5>] ? finish_task_switch+0x485/0x620 +[ 176.512266] [<ffffffff8138b0a5>] ? finish_task_switch+0x475/0x620 +[ 176.518566] [<ffffffff8138b0b5>] ? finish_task_switch+0x485/0x620 +[ 176.524861] [<ffffffff8138b0a5>] ? finish_task_switch+0x475/0x620 +[ 176.531156] [<ffffffff8138b0b5>] ? finish_task_switch+0x485/0x620 +[ 176.537449] [<ffffffff8138b0a5>] ? finish_task_switch+0x475/0x620 +[ 176.543750] [<ffffffff8138b0b5>] ? finish_task_switch+0x485/0x620 +[ 176.550241] [<ffffffff8138b0a5>] ? finish_task_switch+0x475/0x620 +[ 176.556543] [<ffffffff8138ad24>] ? finish_task_switch+0xf4/0x620 +[ 176.562758] [<ffffffff813928ea>] ? context_switch+0x54a/0xe60 +[ 176.568710] [<ffffffff81392950>] ? context_switch+0x5b0/0xe60 +[ 176.574660] [<ffffffff81435e1d>] lock_acquire+0x13d/0x300 +[ 176.580258] [<ffffffff816e7d3d>] ? shmem_disband_hugehead+0x1ed/0x610 +[ 176.586919] [<ffffffff81011456>] _raw_spin_lock_irqsave+0x56/0x70 +[ 176.593213] [<ffffffff816e7d3d>] ? shmem_disband_hugehead+0x1ed/0x610 +[ 176.599862] [<ffffffff816e7d3d>] shmem_disband_hugehead+0x1ed/0x610 +[ 176.606337] [<ffffffff816e7b50>] ? shmem_clear_tag_hugehole+0x130/0x130 +[ 176.613148] [<ffffffff816e3140>] ? shmem_put_recovery_page+0x20/0x20 +[ 176.619701] [<ffffffff816f13c4>] shmem_disband_hugeteam+0x1b4/0x360 +[ 176.626171] [<ffffffff816f1210>] ? shmem_huge_mapping+0xf0/0xf0 +[ 176.632293] [<ffffffff8138ed45>] ? __might_sleep+0x95/0x1a0 +[ 176.638066] [<ffffffff816f7ac5>] shmem_recovery_finalize_team+0x305/0x4b0 +[ 176.645072] [<ffffffff816fdf0b>] shmem_huge_migrate_pages+0x65b/0x11e0 +[ 176.651812] [<ffffffff817b205a>] do_mbind+0x49a/0xd10 +[ 176.657069] [<ffffffff8154e0fb>] ? kcov_ioctl+0x5b/0x1a0 +[ 176.662596] [<ffffffff81824575>] ? fput+0x25/0x150 +[ 176.667595] [<ffffffff816e45c0>] ? shmem_mmap+0xa0/0xa0 +[ 176.673033] [<ffffffff817b1bc0>] ? __mpol_equal+0x2c0/0x2c0 +[ 176.678816] [<ffffffff81735d99>] ? __might_fault+0x119/0x1d0 +[ 176.684681] [<ffffffff817c1354>] ? kasan_check_write+0x14/0x20 +[ 176.690714] [<ffffffff817aa1f7>] ? get_nodes+0x177/0x1e0 +[ 176.696232] [<ffffffff817b2c50>] SyS_mbind+0x140/0x150 +[ 176.701569] [<ffffffff817b2b10>] ? compat_SyS_mbind+0x240/0x240 +[ 176.707691] [<ffffffff81016017>] ? trace_hardirqs_on_thunk+0x17/0x19 +[ 176.714247] [<ffffffff82dff840>] sysenter_dispatch+0xf/0x32 +[ 176.720019] Object at ffff8800b5a9f590, in cache shmem_inode_cache size: 1168 +[ 176.727269] Allocated: +[ 176.729734] PID = 20706 +[ 176.732286] [<ffffffff8124895b>] save_stack_trace+0x2b/0x50 +[ 176.738179] [<ffffffff817c13e3>] save_stack+0x43/0xd0 +[ 176.743575] [<ffffffff817c165d>] kasan_kmalloc+0xad/0xe0 +[ 176.749218] [<ffffffff817c1c02>] kasan_slab_alloc+0x12/0x20 +[ 176.755122] [<ffffffff817ba0eb>] kmem_cache_alloc+0x14b/0x7a0 +[ 176.761202] [<ffffffff816e5470>] shmem_alloc_inode+0x20/0x50 +[ 176.767185] [<ffffffff81872efa>] alloc_inode+0x6a/0x190 +[ 176.772733] [<ffffffff81878a4c>] new_inode_pseudo+0x1c/0xe0 +[ 176.778644] [<ffffffff81878b31>] new_inode+0x21/0x50 +[ 176.783947] [<ffffffff816e5734>] shmem_get_inode+0x134/0xb50 +[ 176.789937] [<ffffffff816eacf2>] __shmem_file_setup.part.40+0x302/0x430 +[ 176.796883] [<ffffffff817001e8>] SyS_memfd_create+0x178/0x3b0 +[ 176.802981] [<ffffffff82dff840>] sysenter_dispatch+0xf/0x32 +[ 176.808882] Freed: +[ 176.811003] PID = 20702 +[ 176.813556] [<ffffffff8124895b>] save_stack_trace+0x2b/0x50 +[ 176.819447] [<ffffffff817c13e3>] save_stack+0x43/0xd0 +[ 176.824822] [<ffffffff817c1c82>] kasan_slab_free+0x72/0xc0 +[ 176.830647] [<ffffffff817bebf8>] kmem_cache_free+0xe8/0x2d0 +[ 176.837315] [<ffffffff816e543f>] shmem_destroy_callback+0x4f/0x60 +[ 176.843733] [<ffffffff81475dac>] rcu_process_callbacks+0x7bc/0x16e0 +[ 176.850320] [<ffffffff81013053>] __do_softirq+0x243/0x8c4 +[ 176.856045] Memory state around the buggy address: +[ 176.860948] ffff8800b5a9f780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.868279] ffff8800b5a9f800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.875621] >ffff8800b5a9f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.882964] ^ +[ 176.888387] ffff8800b5a9f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.895717] ffff8800b5a9f980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.903055] ================================================================== diff --git a/pkg/report/testdata/linux/report/166 b/pkg/report/testdata/linux/report/166 new file mode 100644 index 000000000..9b82afd24 --- /dev/null +++ b/pkg/report/testdata/linux/report/166 @@ -0,0 +1,118 @@ +TITLE: WARNING: suspicious RCU usage in bpf_prog_array_copy_info + +[ 24.271604] ============================= +[ 24.275791] WARNING: suspicious RCU usage +[ 24.279952] 4.15.0+ #10 Not tainted +[ 24.283625] ----------------------------- +[ 24.287794] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! +[ 24.297101] +[ 24.297101] other info that might help us debug this: +[ 24.297101] +[ 24.305269] +[ 24.305269] rcu_scheduler_active = 2, debug_locks = 1 +[ 24.311963] 3 locks held by syzkaller076311/4159: +[ 24.316826] #0: (&ctx->mutex){+.+.}, at: [<0000000027c8872d>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 24.326332] #1: (bpf_event_mutex){+.+.}, at: [<0000000092294d8c>] perf_event_query_prog_array+0x10e/0x280 +[ 24.336270] #2: (rcu_read_lock){....}, at: [<000000002b518ca0>] bpf_prog_array_copy_to_user+0x0/0x4d0 +[ 24.345854] +[ 24.345854] stack backtrace: +[ 24.350373] CPU: 0 PID: 4159 Comm: syzkaller076311 Not tainted 4.15.0+ #10 +[ 24.357363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 24.366690] Call Trace: +[ 24.369257] dump_stack+0x194/0x257 +[ 24.372863] ? arch_local_irq_restore+0x53/0x53 +[ 24.377529] lockdep_rcu_suspicious+0x123/0x170 +[ 24.382181] ___might_sleep+0x385/0x470 +[ 24.386133] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 24.392013] __might_sleep+0x95/0x190 +[ 24.395790] ? __lock_is_held+0xb6/0x140 +[ 24.399834] __might_fault+0xab/0x1d0 +[ 24.403613] _copy_to_user+0x2c/0xc0 +[ 24.407327] bpf_prog_array_copy_to_user+0x217/0x4d0 +[ 24.412412] ? bpf_prog_array_length+0x2d0/0x2d0 +[ 24.417152] ? __might_sleep+0x95/0x190 +[ 24.421117] ? kasan_check_read+0x11/0x20 +[ 24.425241] ? _copy_to_user+0xa2/0xc0 +[ 24.429110] bpf_prog_array_copy_info+0x17b/0x1c0 +[ 24.433936] ? bpf_prog_array_copy+0x370/0x370 +[ 24.438515] perf_event_query_prog_array+0x196/0x280 +[ 24.443597] ? perf_event_detach_bpf_prog+0x3d0/0x3d0 +[ 24.448766] ? handle_mm_fault+0x248/0x8d0 +[ 24.452990] perf_ioctl+0x3e1/0x1480 +[ 24.456687] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.461503] ? __do_page_fault+0x5f7/0xc90 +[ 24.465722] ? lock_downgrade+0x980/0x980 +[ 24.470243] ? handle_mm_fault+0x410/0x8d0 +[ 24.474453] ? down_read_trylock+0xdb/0x170 +[ 24.478747] ? __do_page_fault+0x32d/0xc90 +[ 24.482958] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 24.487511] ? vmacache_find+0x5f/0x280 +[ 24.491485] ? up_read+0x1a/0x40 +[ 24.494827] ? __do_page_fault+0x3d6/0xc90 +[ 24.499072] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.503889] do_vfs_ioctl+0x1b1/0x1520 +[ 24.507761] ? ioctl_preallocate+0x2b0/0x2b0 +[ 24.512151] ? selinux_capable+0x40/0x40 +[ 24.516228] ? security_file_ioctl+0x89/0xb0 +[ 24.520621] SyS_ioctl+0x8f/0xc0 +[ 24.523974] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 24.528712] RIP: 0033:0x43ffd9 +[ 24.531876] RSP: 002b:00007ffde8594aa8 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 +[ 24.539560] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ffd9 +[ 24.546802] RDX: 0000000020a40000 RSI: 00000000c008240a RDI: 0000000000000004 +[ 24.554071] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 +[ 24.561317] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401900 +[ 24.568560] R13: 0000000000401990 R14: 0000000000000000 R15: 0000000000000000 +[ 24.575983] BUG: sleeping function called from invalid context at lib/usercopy.c:25 +[ 24.583814] in_atomic(): 1, irqs_disabled(): 0, pid: 4159, name: syzkaller076311 +[ 24.591379] 3 locks held by syzkaller076311/4159: +[ 24.596249] #0: (&ctx->mutex){+.+.}, at: [<0000000027c8872d>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 24.605750] #1: (bpf_event_mutex){+.+.}, at: [<0000000092294d8c>] perf_event_query_prog_array+0x10e/0x280 +[ 24.615699] #2: (rcu_read_lock){....}, at: [<000000002b518ca0>] bpf_prog_array_copy_to_user+0x0/0x4d0 +[ 24.625296] CPU: 0 PID: 4159 Comm: syzkaller076311 Not tainted 4.15.0+ #10 +[ 24.632293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 24.641635] Call Trace: +[ 24.644205] dump_stack+0x194/0x257 +[ 24.647814] ? arch_local_irq_restore+0x53/0x53 +[ 24.652461] ? print_lock+0x9f/0xa2 +[ 24.656066] ? lockdep_print_held_locks+0xc4/0x130 +[ 24.660983] ___might_sleep+0x2b2/0x470 +[ 24.664931] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 24.670810] __might_sleep+0x95/0x190 +[ 24.674586] ? __lock_is_held+0xb6/0x140 +[ 24.678630] __might_fault+0xab/0x1d0 +[ 24.682412] _copy_to_user+0x2c/0xc0 +[ 24.686109] bpf_prog_array_copy_to_user+0x217/0x4d0 +[ 24.691203] ? bpf_prog_array_length+0x2d0/0x2d0 +[ 24.695934] ? __might_sleep+0x95/0x190 +[ 24.699897] ? kasan_check_read+0x11/0x20 +[ 24.704032] ? _copy_to_user+0xa2/0xc0 +[ 24.707902] bpf_prog_array_copy_info+0x17b/0x1c0 +[ 24.712731] ? bpf_prog_array_copy+0x370/0x370 +[ 24.717313] perf_event_query_prog_array+0x196/0x280 +[ 24.722396] ? perf_event_detach_bpf_prog+0x3d0/0x3d0 +[ 24.727564] ? handle_mm_fault+0x248/0x8d0 +[ 24.731790] perf_ioctl+0x3e1/0x1480 +[ 24.735484] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.740301] ? __do_page_fault+0x5f7/0xc90 +[ 24.744512] ? lock_downgrade+0x980/0x980 +[ 24.748651] ? handle_mm_fault+0x410/0x8d0 +[ 24.752865] ? down_read_trylock+0xdb/0x170 +[ 24.757160] ? __do_page_fault+0x32d/0xc90 +[ 24.761371] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 24.765924] ? vmacache_find+0x5f/0x280 +[ 24.769887] ? up_read+0x1a/0x40 +[ 24.773230] ? __do_page_fault+0x3d6/0xc90 +[ 24.777458] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.782275] do_vfs_ioctl+0x1b1/0x1520 +[ 24.786151] ? ioctl_preallocate+0x2b0/0x2b0 +[ 24.790540] ? selinux_capable+0x40/0x40 +[ 24.794617] ? security_file_ioctl+0x89/0xb0 +[ 24.799019] SyS_ioctl+0x8f/0xc0 +[ 24.802381] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 24.807122] RIP: 0033:0x43ffd9 +[ 24.810285] RSP: 002b:00007ffde8594aa8 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 +[ 24.817968] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ffd9 +[ 24.825213] RDX: 0000000020a40000 RSI: 00000000c008240a RDI: 0000000000000004 +[ 24.832455] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 +[ 24.839700] R10: 0000000000000000 R11: 0000000000 diff --git a/pkg/report/testdata/linux/report/167 b/pkg/report/testdata/linux/report/167 new file mode 100644 index 000000000..d9dcc94e0 --- /dev/null +++ b/pkg/report/testdata/linux/report/167 @@ -0,0 +1,69 @@ +TITLE: BUG: unable to handle kernel paging request in snd_pcm_oss_write + +[ 522.218303] BUG: unable to handle kernel paging request at ffffc90001691000 +[ 522.225453] IP: memset_erms+0x9/0x10 +[ 522.229149] PGD 1dad2c067 P4D 1dad2c067 PUD 1dad2d067 PMD 1c6a8f067 PTE 0 +[ 522.236059] Oops: 0002 [#1] SMP KASAN +[ 522.239836] Dumping ftrace buffer: +[ 522.243356] (ftrace buffer empty) +[ 522.247074] Modules linked in: +[ 522.250283] CPU: 1 PID: 5739 Comm: syzkaller592073 Not tainted 4.15.0-rc8-mm1+ #57 +[ 522.257973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +executing program +executing program +[ 522.267311] RIP: 0010:memset_erms+0x9/0x10 +[ 522.271526] RSP: 0018:ffff8801cbbdfb78 EFLAGS: 00010246 +[ 522.276881] RAX: fffff520002d3f00 RBX: ffffc90001691000 RCX: 000000000000ee51 +[ 522.284145] RDX: 000000000000ee51 RSI: 0000000000000000 RDI: ffffc90001691000 +[ 522.291415] RBP: ffff8801cbbdfb98 R08: fffff520002d3fcb R09: ffffc90001691000 +[ 522.298677] R10: 0000000000001dcb R11: fffff520002d3fca R12: 000000000000ee51 +[ 522.305946] R13: 0000000000000000 R14: 00007ffffffff000 R15: 000000002001be51 +executing program +executing program +executing program +executing program +[ 522.313211] FS: 00007f88ae7d7700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 522.321460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 522.327365] CR2: ffffc90001691000 CR3: 00000001ccefa005 CR4: 00000000001606e0 +[ 522.334660] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 522.341921] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 522.349186] Call Trace: +[ 522.351767] ? memset+0x31/0x40 +[ 522.355053] _copy_from_user+0xe9/0x110 +[ 522.359035] snd_pcm_oss_write+0x438/0x880 +[ 522.363274] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +executing program +[ 522.368115] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 522.372949] __vfs_write+0xef/0x970 +[ 522.376572] ? rcu_note_context_switch+0x710/0x710 +[ 522.381498] ? kernel_read+0x120/0x120 +[ 522.385376] ? __might_sleep+0x95/0x190 +[ 522.389349] ? _cond_resched+0x14/0x30 +[ 522.393234] ? __inode_security_revalidate+0xd9/0x130 +[ 522.398412] ? avc_policy_seqno+0x9/0x20 +[ 522.402471] ? selinux_file_permission+0x82/0x460 +[ 522.407308] ? security_file_permission+0x89/0x1e0 +[ 522.412226] ? rw_verify_area+0xe5/0x2b0 +[ 522.416284] ? __fdget_raw+0x20/0x20 +[ 522.419989] vfs_write+0x189/0x510 +[ 522.423518] SyS_write+0xef/0x220 +[ 522.426977] ? SyS_read+0x220/0x220 +[ 522.430594] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 522.436898] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 522.441658] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 522.446401] RIP: 0033:0x44a559 +[ 522.449578] RSP: 002b:00007f88ae7d6da8 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 +[ 522.457274] RAX: ffffffffffffffda RBX: 00000000006dcc24 RCX: 000000000044a559 +[ 522.464535] RDX: 000000000000fe51 RSI: 000000002000c000 RDI: 0000000000000003 +[ 522.471787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 522.479030] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc20 +[ 522.486271] R13: 7073642f7665642f R14: 00800000c0045006 R15: 0000000000000001 +[ 522.493521] Code: 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 <f3> aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 +[ 522.512622] RIP: memset_erms+0x9/0x10 RSP: ffff8801cbbdfb78 +[ 522.518301] CR2: ffffc90001691000 +[ 522.521730] ---[ end trace 8f421641f3e10f44 ]--- +[ 522.526455] Kernel panic - not syncing: Fatal exception +[ 522.532270] Dumping ftrace buffer: +[ 522.535780] (ftrace buffer empty) +[ 522.539475] Kernel Offset: disabled +[ 522.543071] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/168 b/pkg/report/testdata/linux/report/168 new file mode 100644 index 000000000..d13f1cead --- /dev/null +++ b/pkg/report/testdata/linux/report/168 @@ -0,0 +1,100 @@ +TITLE: WARNING: ODEBUG bug in pppol2tp_release + +[ 34.186906] ------------[ cut here ]------------ +[ 34.192768] ODEBUG: activate active (active state 1) object type: rcu_head hint: (null) +[ 34.201856] WARNING: CPU: 0 PID: 5989 at lib/debugobjects.c:291 debug_print_object+0x166/0x220 +[ 34.210575] Kernel panic - not syncing: panic_on_warn set ... +[ 34.210575] +[ 34.217913] CPU: 0 PID: 5989 Comm: syzkaller148927 Not tainted 4.15.0+ #290 +[ 34.224982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 34.234310] Call Trace: +[ 34.236879] dump_stack+0x194/0x257 +[ 34.240482] ? arch_local_irq_restore+0x53/0x53 +[ 34.245129] ? vsnprintf+0x1ed/0x1900 +[ 34.248914] panic+0x1e4/0x41c +[ 34.252081] ? refcount_error_report+0x214/0x214 +[ 34.256815] ? show_regs_print_info+0x18/0x18 +[ 34.261291] ? __warn+0x1c1/0x200 +[ 34.264724] ? debug_print_object+0x166/0x220 +[ 34.269192] __warn+0x1dc/0x200 +[ 34.272449] ? debug_print_object+0x166/0x220 +[ 34.276925] report_bug+0x211/0x2d0 +[ 34.280532] fixup_bug.part.11+0x37/0x80 +[ 34.284569] do_error_trap+0x2d7/0x3e0 +[ 34.288436] ? math_error+0x400/0x400 +[ 34.292215] ? vprintk_emit+0x3ea/0x590 +[ 34.296174] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 34.300995] do_invalid_op+0x1b/0x20 +[ 34.304684] invalid_op+0x22/0x40 +[ 34.308111] RIP: 0010:debug_print_object+0x166/0x220 +[ 34.313186] RSP: 0018:ffff8801d82df400 EFLAGS: 00010082 +[ 34.318522] RAX: dffffc0000000008 RBX: 0000000000000003 RCX: ffffffff815a4e0e +[ 34.325764] RDX: 0000000000000000 RSI: 1ffff1003b05be3b RDI: ffff8801db41f6d0 +[ 34.333009] RBP: ffff8801d82df440 R08: 0000000000000000 R09: 1ffff1003b05be0d +[ 34.340255] R10: ffff8801d82df300 R11: ffffffff86b39018 R12: 0000000000000001 +[ 34.347510] R13: ffffffff86b41f20 R14: ffffffff86012ae0 R15: 0000000000000000 +[ 34.354770] ? vprintk_func+0x5e/0xc0 +[ 34.359843] debug_object_activate+0x49b/0x730 +[ 34.364408] ? mutex_lock_io_nested+0x1900/0x1900 +[ 34.369228] ? debug_object_assert_init+0x570/0x570 +[ 34.374219] ? __is_insn_slot_addr+0x1fc/0x330 +[ 34.378786] ? find_held_lock+0x35/0x1d0 +[ 34.382830] ? pppol2tp_session_destruct+0x110/0x110 +[ 34.387909] __call_rcu.constprop.67+0xf2/0xef0 +[ 34.392556] ? __call_rcu.constprop.67+0xf2/0xef0 +[ 34.397374] ? lock_downgrade+0x980/0x980 +[ 34.401499] ? check_noncircular+0x20/0x20 +[ 34.405711] ? rcu_process_callbacks+0x17f0/0x17f0 +[ 34.410615] ? lock_downgrade+0x980/0x980 +[ 34.414749] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 34.419572] ? wait_for_completion+0x770/0x770 +[ 34.424128] ? pppol2tp_release+0x1ae/0x560 +[ 34.428426] ? lock_downgrade+0x980/0x980 +[ 34.432573] call_rcu_sched+0x12/0x20 +[ 34.436351] pppol2tp_release+0x34d/0x560 +[ 34.440475] ? pppol2tp_sendmsg+0x670/0x670 +[ 34.444776] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 34.449339] sock_release+0x8d/0x1e0 +[ 34.453028] ? sock_alloc_file+0x560/0x560 +[ 34.457235] sock_close+0x16/0x20 +[ 34.460664] __fput+0x327/0x7e0 +[ 34.463923] ? fput+0x140/0x140 +[ 34.467178] ? _raw_spin_unlock_irq+0x27/0x70 +[ 34.471655] ____fput+0x15/0x20 +[ 34.474912] task_work_run+0x199/0x270 +[ 34.478774] ? task_work_cancel+0x210/0x210 +[ 34.483083] ? _raw_spin_unlock+0x22/0x30 +[ 34.487205] ? switch_task_namespaces+0x87/0xc0 +[ 34.491856] do_exit+0x9bb/0x1ad0 +[ 34.495289] ? mm_update_next_owner+0x930/0x930 +[ 34.499935] ? pppol2tp_connect+0x91a/0x1dd0 +[ 34.504328] ? pppol2tp_recv_payload_hook+0x1b0/0x1b0 +[ 34.509499] ? selinux_netlbl_socket_connect+0x76/0x1b0 +[ 34.514842] ? selinux_socket_connect+0x311/0x730 +[ 34.519659] ? lock_downgrade+0x980/0x980 +[ 34.523787] ? selinux_socket_setsockopt+0x80/0x80 +[ 34.528689] ? lock_release+0xa40/0xa40 +[ 34.532640] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 34.538760] ? __check_object_size+0x25d/0x4f0 +[ 34.543325] ? __might_sleep+0x95/0x190 +[ 34.547289] ? security_socket_connect+0x89/0xb0 +[ 34.552027] ? SYSC_connect+0x2e0/0x4a0 +[ 34.555977] ? SYSC_bind+0x410/0x410 +[ 34.559672] ? do_page_fault+0xee/0x720 +[ 34.563622] ? __do_page_fault+0xc90/0xc90 +[ 34.567839] do_group_exit+0x149/0x400 +[ 34.571703] ? SyS_socket+0x12d/0x1d0 +[ 34.575480] ? SyS_exit+0x30/0x30 +[ 34.578914] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 34.583910] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 34.588746] SyS_exit_group+0x1d/0x20 +[ 34.592529] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 34.597261] RIP: 0033:0x440cc9 +[ 34.600426] RSP: 002b:00007ffefac52e48 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 +[ 34.608109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440cc9 +[ 34.615357] RDX: 0000000000440cc9 RSI: 000000000000002e RDI: 0000000000000000 +[ 34.622615] RBP: 0000000000008561 R08: 0000000000000000 R09: 0000000000001759 +[ 34.629898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 +[ 34.637145] R13: 0000000000000003 R14: 00000000006cf050 R15: 00000000004a260e +[ 34.644409] +[ 34.644412] ====================================================== diff --git a/pkg/report/testdata/linux/report/169 b/pkg/report/testdata/linux/report/169 new file mode 100644 index 000000000..4e4ae6eed --- /dev/null +++ b/pkg/report/testdata/linux/report/169 @@ -0,0 +1,87 @@ +TITLE: WARNING: bad usercopy in put_cmsg + +[ 54.568476] ------------[ cut here ]------------ +[ 54.573431] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLAB object 'skbuff_head_cache' (offset 64, size 16)! +[ 54.586790] WARNING: CPU: 1 PID: 6747 at mm/usercopy.c:81 usercopy_warn+0xdb/0x100 +[ 54.594511] Kernel panic - not syncing: panic_on_warn set ... +[ 54.594511] +[ 54.601905] CPU: 1 PID: 6747 Comm: syz-executor3 Not tainted 4.15.0+ #296 +[ 54.608826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 54.618165] Call Trace: +[ 54.620739] dump_stack+0x194/0x257 +[ 54.624347] ? arch_local_irq_restore+0x53/0x53 +[ 54.628999] ? vsnprintf+0x1ed/0x1900 +[ 54.632789] panic+0x1e4/0x41c +[ 54.636405] ? refcount_error_report+0x214/0x214 +[ 54.641143] ? show_regs_print_info+0x18/0x18 +[ 54.645626] ? __warn+0x1c1/0x200 +[ 54.649066] ? usercopy_warn+0xdb/0x100 +[ 54.653029] __warn+0x1dc/0x200 +[ 54.656294] ? usercopy_warn+0xdb/0x100 +[ 54.660263] report_bug+0x211/0x2d0 +[ 54.663882] fixup_bug.part.11+0x37/0x80 +[ 54.667927] do_error_trap+0x2d7/0x3e0 +[ 54.671793] ? vprintk_default+0x28/0x30 +[ 54.675834] ? math_error+0x400/0x400 +[ 54.679612] ? printk+0xaa/0xca +[ 54.682871] ? show_regs_print_info+0x18/0x18 +[ 54.687353] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 54.692180] do_invalid_op+0x1b/0x20 +[ 54.695873] invalid_op+0x22/0x40 +[ 54.699305] RIP: 0010:usercopy_warn+0xdb/0x100 +[ 54.703862] RSP: 0018:ffff8801d829f6e8 EFLAGS: 00010282 +[ 54.709201] RAX: dffffc0000000008 RBX: ffffffff86800b47 RCX: ffffffff815a57ae +[ 54.716446] RDX: 0000000000005d41 RSI: ffffc90003dca000 RDI: 1ffff1003b053e62 +[ 54.723691] RBP: ffff8801d829f740 R08: 0000000000000000 R09: 0000000000000000 +[ 54.730938] R10: 00000000000001a6 R11: 0000000000000000 R12: ffffffff86402580 +[ 54.738184] R13: ffffffff85f2d440 R14: 0000000000000040 R15: 0000000000000010 +[ 54.745448] ? vprintk_func+0x5e/0xc0 +[ 54.749236] ? usercopy_warn+0xdb/0x100 +[ 54.753199] __check_heap_object+0x89/0xc0 +[ 54.757410] __check_object_size+0x272/0x530 +[ 54.761800] ? usercopy_abort+0xd0/0xd0 +[ 54.765765] ? copy_user_generic_unrolled+0x89/0xc0 +[ 54.770764] ? _copy_to_user+0xa2/0xc0 +[ 54.774634] put_cmsg+0x233/0x3f0 +[ 54.778071] ? __scm_send+0x11a0/0x11a0 +[ 54.782029] ? trace_hardirqs_on+0xd/0x10 +[ 54.786161] ? sock_dequeue_err_skb+0x2b1/0x420 +[ 54.790817] sock_recv_errqueue+0x200/0x3e0 +[ 54.795116] ? rw_copy_check_uvector+0x1be/0x280 +[ 54.799867] packet_recvmsg+0xb2e/0x17a0 +[ 54.803915] ? packet_getname_spkt+0x2b0/0x2b0 +[ 54.808486] ? copy_msghdr_from_user+0x3a6/0x590 +[ 54.813230] ? selinux_socket_recvmsg+0x36/0x40 +[ 54.817876] ? security_socket_recvmsg+0x91/0xc0 +[ 54.822614] ? packet_getname_spkt+0x2b0/0x2b0 +[ 54.827175] sock_recvmsg+0xc9/0x110 +[ 54.830870] ? __sock_recv_wifi_status+0x210/0x210 +[ 54.835779] ___sys_recvmsg+0x2a4/0x640 +[ 54.839739] ? ___sys_sendmsg+0x8b0/0x8b0 +[ 54.843866] ? sock_sendmsg+0x4f/0x110 +[ 54.847738] ? sock_sendmsg+0x110/0x110 +[ 54.851695] ? __fget_light+0x297/0x380 +[ 54.855651] ? fget_raw+0x20/0x20 +[ 54.859091] ? schedule+0xf5/0x430 +[ 54.862611] ? __schedule+0x2060/0x2060 +[ 54.866558] ? __vfs_write+0xf7/0x970 +[ 54.870339] ? kernel_read+0x120/0x120 +[ 54.874202] ? bpf_fd_pass+0x280/0x280 +[ 54.878073] ? __fdget+0x18/0x20 +[ 54.881423] __sys_recvmsg+0xe2/0x210 +[ 54.885198] ? __sys_recvmsg+0xe2/0x210 +[ 54.889156] ? SyS_sendmmsg+0x60/0x60 +[ 54.892963] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 54.897964] SyS_recvmsg+0x2d/0x50 +[ 54.901487] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.906235] RIP: 0033:0x453299 +[ 54.909402] RSP: 002b:00007f0d00020c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002f +[ 54.917087] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 54.924331] RDX: 0000000000002000 RSI: 0000000020006fc8 RDI: 0000000000000013 +[ 54.931577] RBP: 0000000000000654 R08: 0000000000000000 R09: 0000000000000000 +[ 54.938825] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f8880 +[ 54.946070] R13: 00000000ffffffff R14: 00007f0d000216d4 R15: 0000000000000000 +[ 54.954066] Dumping ftrace buffer: +[ 54.957699] (ftrace buffer empty) +[ 54.961386] Kernel Offset: disabled +[ 54.964991] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/170 b/pkg/report/testdata/linux/report/170 new file mode 100644 index 000000000..575aaa755 --- /dev/null +++ b/pkg/report/testdata/linux/report/170 @@ -0,0 +1,77 @@ +TITLE: WARNING: suspicious RCU usage in tipc_bearer_find + +[ 91.193205] ============================= +[ 91.193207] WARNING: suspicious RCU usage +[ 91.193218] 4.15.0-rc9+ #284 Not tainted +[ 91.193220] ----------------------------- +[ 91.193225] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! +[ 91.193227] +[ 91.193227] other info that might help us debug this: +[ 91.193227] +[ 91.193231] +[ 91.193231] rcu_scheduler_active = 2, debug_locks = 1 +[ 91.193234] 2 locks held by syz-executor4/13218: +[ 91.193237] #0: (cb_lock){++++}, at: [<00000000173fa719>] genl_rcv+0x19/0x40 +[ 91.193262] #1: (genl_mutex){+.+.}, at: [<000000001168bed6>] genl_rcv_msg+0x115/0x140 +[ 91.193278] +[ 91.193278] stack backtrace: +[ 91.193285] CPU: 1 PID: 13218 Comm: syz-executor4 Not tainted 4.15.0-rc9+ #284 +[ 91.193290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 91.193293] Call Trace: +[ 91.193307] dump_stack+0x194/0x257 +[ 91.193321] ? arch_local_irq_restore+0x53/0x53 +[ 91.193350] lockdep_rcu_suspicious+0x123/0x170 +[ 91.193366] tipc_bearer_find+0x2b4/0x3b0 +[ 91.193378] ? tipc_media_addr_printf+0x3a0/0x3a0 +[ 91.193405] tipc_nl_compat_link_set+0x329/0x9f0 +[ 91.193423] tipc_nl_compat_doit+0x15b/0x670 +[ 91.193434] ? security_capable+0x8e/0xc0 +[ 91.193445] ? tipc_nl_compat_link_stat_dump+0x3000/0x3000 +[ 91.193457] ? ns_capable_common+0xcf/0x160 +[ 91.193468] ? ns_capable+0x22/0x30 +[ 91.193478] ? __netlink_ns_capable+0xe1/0x120 +[ 91.193497] tipc_nl_compat_recv+0x1135/0x18f0 +[ 91.193512] ? tipc_nl_compat_doit+0x670/0x670 +[ 91.193520] ? tipc_nl_node_dump+0x1290/0x1290 +[ 91.193528] ? tipc_nl_compat_bearer_enable+0x5c0/0x5c0 +[ 91.193535] ? trace_event_raw_event_lock+0x340/0x340 +[ 91.193581] genl_family_rcv_msg+0x7b7/0xfb0 +[ 91.193613] ? genl_rcv+0x40/0x40 +[ 91.193628] ? netlink_deliver_tap+0x148/0xcf0 +[ 91.193639] ? lock_downgrade+0x980/0x980 +[ 91.193689] genl_rcv_msg+0xb2/0x140 +[ 91.193703] netlink_rcv_skb+0x14b/0x380 +[ 91.193714] ? genl_family_rcv_msg+0xfb0/0xfb0 +[ 91.193726] ? netlink_ack+0xa10/0xa10 +[ 91.193732] ? genl_rcv+0x19/0x40 +[ 91.193744] ? netlink_skb_destructor+0x1d0/0x1d0 +[ 91.193758] ? selinux_nlmsg_lookup+0x32b/0x430 +[ 91.193772] genl_rcv+0x28/0x40 +[ 91.193781] netlink_unicast+0x4ee/0x700 +[ 91.193799] ? netlink_attachskb+0x8a0/0x8a0 +[ 91.193815] ? security_netlink_send+0x81/0xb0 +[ 91.193829] netlink_sendmsg+0xa4a/0xe60 +[ 91.193849] ? netlink_unicast+0x700/0x700 +[ 91.193864] ? security_socket_sendmsg+0x89/0xb0 +[ 91.193873] ? netlink_unicast+0x700/0x700 +[ 91.193886] sock_sendmsg+0xca/0x110 +[ 91.193898] ___sys_sendmsg+0x767/0x8b0 +[ 91.193915] ? copy_msghdr_from_user+0x590/0x590 +[ 91.193938] ? lock_downgrade+0x980/0x980 +[ 91.193961] ? __fget_light+0x297/0x380 +[ 91.193972] ? fget_raw+0x20/0x20 +[ 91.193983] ? schedule+0xf5/0x430 +[ 91.193995] ? __schedule+0x2060/0x2060 +[ 91.194007] ? __fd_install+0x288/0x740 +[ 91.194020] ? get_unused_fd_flags+0x190/0x190 +[ 91.194040] ? __fdget+0x18/0x20 +[ 91.194056] __sys_sendmsg+0xe5/0x210 +[ 91.194062] ? __sys_sendmsg+0xe5/0x210 +[ 91.194074] ? SyS_shutdown+0x290/0x290 +[ 91.194084] ? selinux_capable+0x40/0x40 +[ 91.194124] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 91.194142] SyS_sendmsg+0x2d/0x50 +[ 91.194154] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 91.194160] RIP: 0033:0x453299 +[ 91.194164] RSP: 002b:00007f6513cd9c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e +[ 91.194172] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 diff --git a/pkg/report/testdata/linux/report/171 b/pkg/report/testdata/linux/report/171 new file mode 100644 index 000000000..cceb2a3f0 --- /dev/null +++ b/pkg/report/testdata/linux/report/171 @@ -0,0 +1,130 @@ +TITLE: INFO: rcu detected stall in mulaw_decode + +[ 196.114026] INFO: rcu_sched detected stalls on CPUs/tasks: +[ 196.119690] (detected by 0, t=125002 jiffies, g=15654, c=15653, q=133) +[ 196.126427] All QSes seen, last rcu_sched kthread activity 125002 (4294863411-4294738409), jiffies_till_next_fqs=3, root ->qsmask 0x0 +[ 196.138535] syz-executor1 R running task 24936 11943 3739 0x0000000c +[ 196.145712] Call Trace: +[ 196.148271] <IRQ> +[ 196.150403] sched_show_task+0x4a3/0x5e0 +[ 196.154447] ? can_nice.part.83+0x20/0x20 +[ 196.158577] ? vprintk_func+0x5e/0xc0 +[ 196.162354] ? printk+0xaa/0xca +[ 196.165610] ? show_regs_print_info+0x18/0x18 +[ 196.170080] ? show_regs_print_info+0x18/0x18 +[ 196.174578] print_other_cpu_stall+0x996/0x1090 +[ 196.179228] ? __lock_is_held+0xb6/0x140 +[ 196.183282] ? rcu_stall_kick_kthreads.part.48+0x770/0x770 +[ 196.188879] ? check_noncircular+0x20/0x20 +[ 196.193092] ? print_irqtrace_events+0x270/0x270 +[ 196.197837] ? print_irqtrace_events+0x270/0x270 +[ 196.202579] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.207744] ? check_noncircular+0x20/0x20 +[ 196.211962] ? print_irqtrace_events+0x270/0x270 +[ 196.216697] ? print_irqtrace_events+0x270/0x270 +[ 196.221440] ? __lock_acquire+0x664/0x3e00 +[ 196.225662] ? rcu_read_lock_sched_held+0x108/0x120 +[ 196.230657] ? update_cfs_rq_load_avg.part.69+0x23d/0x2d0 +[ 196.236196] check_cpu_stall.isra.61+0x6e6/0x15b0 +[ 196.241015] ? check_noncircular+0x20/0x20 +[ 196.245241] ? rcu_lockdep_current_cpu_online+0x190/0x190 +[ 196.250756] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.255942] ? find_held_lock+0x35/0x1d0 +[ 196.259996] ? check_noncircular+0x20/0x20 +[ 196.264213] ? lock_downgrade+0x980/0x980 +[ 196.268340] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.273513] ? lock_release+0xa40/0xa40 +[ 196.277475] ? check_noncircular+0x20/0x20 +[ 196.281699] ? check_noncircular+0x20/0x20 +[ 196.285922] ? cpuacct_account_field+0x1e4/0x3b0 +[ 196.290662] ? check_noncircular+0x20/0x20 +[ 196.294870] ? find_held_lock+0x35/0x1d0 +[ 196.298911] ? __acct_update_integrals+0x339/0x4d0 +[ 196.303825] ? __lock_is_held+0xb6/0x140 +[ 196.307884] rcu_check_callbacks+0x256/0xd00 +[ 196.312279] ? rcu_cpu_stall_reset+0x260/0x260 +[ 196.316843] ? trace_hardirqs_off+0xd/0x10 +[ 196.321054] ? raise_softirq+0x325/0x490 +[ 196.325095] ? raise_softirq_irqoff+0x320/0x320 +[ 196.329745] ? read_boot_clock64+0x70/0x70 +[ 196.333961] ? lock_downgrade+0x980/0x980 +[ 196.338085] ? lock_downgrade+0x980/0x980 +[ 196.342218] ? run_local_timers+0x18d/0x200 +[ 196.346515] ? timer_clear_idle+0x50/0x50 +[ 196.350644] ? account_process_tick+0xd4/0x3e0 +[ 196.355210] ? thread_group_cputime+0xef0/0xef0 +[ 196.359859] ? ktime_get_resolution_ns+0x300/0x300 +[ 196.364779] update_process_times+0x30/0x60 +[ 196.369080] tick_sched_handle+0x85/0x160 +[ 196.373206] tick_sched_timer+0x42/0x120 +[ 196.377249] __hrtimer_run_queues+0x358/0xe20 +[ 196.381733] ? tick_sched_do_timer+0xe0/0xe0 +[ 196.386122] ? hrtimer_fixup_init+0x70/0x70 +[ 196.390435] ? pvclock_read_flags+0x160/0x160 +[ 196.394924] ? kvm_clock_get_cycles+0x25/0x30 +[ 196.399397] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 196.404747] ? do_timer+0x50/0x50 +[ 196.408179] ? native_apic_msr_write+0x5c/0x80 +[ 196.412739] ? do_raw_spin_trylock+0x190/0x190 +[ 196.417301] ? lapic_next_event+0x54/0x80 +[ 196.421436] ? clockevents_program_event+0x108/0x2e0 +[ 196.426526] hrtimer_interrupt+0x1c2/0x5e0 +[ 196.430767] smp_apic_timer_interrupt+0x14a/0x700 +[ 196.435592] ? smp_call_function_single_interrupt+0x640/0x640 +[ 196.441455] ? _raw_spin_lock+0x32/0x40 +[ 196.445410] ? _raw_spin_unlock+0x22/0x30 +[ 196.449533] ? handle_edge_irq+0x2b4/0x7c0 +[ 196.453747] ? task_prio+0x40/0x40 +[ 196.457279] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 196.462113] apic_timer_interrupt+0xa9/0xb0 +[ 196.466405] </IRQ> +[ 196.468619] RIP: 0010:check_memory_region+0x38/0x190 +[ 196.473693] RSP: 0000:ffff8801bd2ff868 EFLAGS: 00000212 ORIG_RAX: ffffffffffffff11 +[ 196.481384] RAX: ffff7fffffffffff RBX: ffffc9000160020b RCX: ffffffff841fceaf +[ 196.488632] RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffffc9000160020a +[ 196.495875] RBP: ffff8801bd2ff878 R08: ffffc9000160020a R09: dffffc0000000000 +[ 196.503120] R10: 0000000000000001 R11: ffffed0037a5ff2e R12: ffffc9000160020a +[ 196.510365] R13: ffff8801bd2ff970 R14: dffffc0000000000 R15: ffffc9000160020a +[ 196.517632] ? mulaw_decode+0x52f/0x770 +[ 196.521592] ? check_noncircular+0x20/0x20 +[ 196.525806] memcpy+0x37/0x50 +[ 196.528895] mulaw_decode+0x52f/0x770 +[ 196.532706] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 196.537960] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 196.543305] ? io_src_channels+0x10a/0x210 +[ 196.547525] mulaw_transfer+0x222/0x270 +[ 196.551473] ? lock_release+0xa40/0xa40 +[ 196.555431] ? mulaw_encode+0x7c0/0x7c0 +[ 196.559384] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 196.564475] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 196.570164] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 196.575419] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 196.581116] snd_pcm_oss_write2+0x260/0x420 +[ 196.585425] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 196.589913] snd_pcm_oss_write+0x5fe/0x830 +[ 196.594157] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 196.598991] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 196.603813] __vfs_write+0xef/0x970 +[ 196.607418] ? rcu_note_context_switch+0x710/0x710 +[ 196.612327] ? kernel_read+0x120/0x120 +[ 196.616193] ? __might_sleep+0x95/0x190 +[ 196.620146] ? _cond_resched+0x14/0x30 +[ 196.624010] ? __inode_security_revalidate+0xd9/0x130 +[ 196.629180] ? avc_policy_seqno+0x9/0x20 +[ 196.633218] ? selinux_file_permission+0x82/0x460 +[ 196.638045] ? security_file_permission+0x89/0x1e0 +[ 196.642956] ? rw_verify_area+0xe5/0x2b0 +[ 196.646991] ? __fdget_raw+0x20/0x20 +[ 196.650693] vfs_write+0x189/0x510 +[ 196.654218] SyS_write+0xef/0x220 +[ 196.657656] ? SyS_read+0x220/0x220 +[ 196.661258] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 196.666256] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 196.670999] entry_SYSCALL_64_fastpath+0x23/0x9a +[ 196.675728] RIP: 0033:0x452ac9 +[ 196.678895] RSP: 002b:00007fa354a13c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 +[ 196.686582] RAX: ffffffffffffffda RBX: cccccccccccccccd RCX: 0000000000452ac9 +[ 196.693825] RDX: 00000000fffffeb2 RSI: 0000000020083fc6 RDI: 0000000000000014 +[ 196.701069] RBP: 00000000000005b5 R08: 0000000000000000 R09: 0000000000000000 +[ 196.708322] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6998 +[ 196.715566] R13: 00000000ffffffff R14: 00007fa354a146d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/172 b/pkg/report/testdata/linux/report/172 new file mode 100644 index 000000000..f0094a554 --- /dev/null +++ b/pkg/report/testdata/linux/report/172 @@ -0,0 +1,192 @@ +TITLE: KASAN: stack-out-of-bounds Read in xfrm_selector_match + +[ 396.956335] ================================================================== +[ 396.963769] BUG: KASAN: stack-out-of-bounds in memcmp+0xe3/0x160 +[ 396.969914] Read of size 1 at addr ffff8801c19175d0 by task syz-executor6/18562 +[ 396.977522] +[ 396.979147] CPU: 0 PID: 18562 Comm: syz-executor6 Not tainted 4.15.0-rc5+ #172 +[ 396.986497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 396.995841] Call Trace: +[ 396.998428] dump_stack+0x194/0x257 +[ 397.002054] ? arch_local_irq_restore+0x53/0x53 +2018/01/02 18:20:06 executing program 3: +mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x11f}) +mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = bpf$PROG_LOAD(0x5, &(0x7f0000003000-0x48)={0xb, 0x11, &(0x7f000000a000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x1, 0x3, 0x1, 0xf, 0x9, 0xfffffff8, 0xfffffffffffffff0}, @ldst={0x3, 0x3, 0x6, 0x5, 0x7, 0xfffffffc, 0x0}, @map={0x18, 0x6, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, @alu={0x0, 0x0, 0xd, 0xe, 0x5, 0x80, 0xfffffffffffffffc}, @generic={0x1, 0x4, 0x1000, 0xc444}, @initr0={0x18, 0x0, 0x0, 0x0, 0x17cc9c48, 0x0, 0x0, 0x0, 0x2}, @alu={0x4, 0x9, 0xd, 0xa, 0x8, 0x10, 0xfffffffffffffffc}], {0x95, 0x0, 0x0, 0x0}}, &(0x7f000000b000-0xa)='syzkaller\x00', 0x0, 0xec, &(0x7f0000005000-0xec)=""/236, 0x0, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x48) +r1 = socket(0x5, 0x0, 0x8001) +mmap(&(0x7f000000b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000005000)=@assoc_id=<r2=>0x0, &(0x7f000000b000)=0x4) +getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000002000)={r2, @in6={{0xa, 0x1, 0x1, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1}, 0x5}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x5, 0x8}, &(0x7f0000007000)=0x98) +bpf$OBJ_PIN_PROG(0x6, &(0x7f0000008000)={&(0x7f0000008000)='./file0\x00', r0}, 0xc) +bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9}, [@jmp={0x4, 0x0, 0x3, 0x5, 0x0, 0x0, 0xfffffffffffffff8}], {0x95, 0x0, 0x0, 0x0}}, &(0x7f0000004000-0xa)='syzkaller\x00', 0x3, 0xc3, &(0x7f0000386000)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x48) +2018/01/02 18:20:06 executing program 2: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00001b1000)={0x0, <r0=>0x0}) +accept(r0, &(0x7f000003b000)=@nfc={0x0, 0x0, 0x0, 0x0}, &(0x7f0000b24000-0x4)=0x10) +r1 = socket(0x1f, 0x2, 0x400000000000c) +write(r1, &(0x7f0000731000-0x90)="1f0000000206ffdde200f49ff60f0000000200000900018005ffffe5000051", 0x1f) +2018/01/02 18:20:06 executing program 0: +mmap(&(0x7f0000000000/0xaf6000)=nil, 0xaf6000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +socketpair$inet(0x2, 0x5, 0x8, &(0x7f00001c6000)={0x0, <r0=>0x0}) +mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000a9c000-0x6)={<r1=>0x0, 0x80000001}, &(0x7f0000af6000)=0x6) +mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000281000)=@assoc_value={r1, 0x7}, &(0x7f0000af6000)=0x8) +r2 = socket$alg(0x26, 0x5, 0x0) +bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x80000000002, 0x0, 'michael_mic\x00'}, 0x58) +setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000af2000)="8be3000000010000", 0x8) +r3 = accept$alg(r2, 0x0, 0x0) +sendmsg$alg(r3, &(0x7f0000276000-0x38)={0x0, 0x0, &(0x7f0000738000-0x30)=[{&(0x7f0000592000-0x1b)="7be46a321d3b4acad0ed11080957", 0x2}], 0x1, &(0x7f0000211000)=[], 0x0, 0x0}, 0x0) +2018/01/02 18:20:06 executing program 1: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = socket$alg(0x26, 0x5, 0x0) +bind$alg(r0, &(0x7f0000660000-0x58)={0x26, 'aead\x00', 0x4, 0x0, 'gcm(aes)\x00'}, 0x58) +setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000a2c000-0x10)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) +r1 = accept$alg(r0, 0x0, 0x0) +r2 = epoll_create(0x7) +epoll_pwait(r2, &(0x7f00007cf000)=[{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x7, 0xe67, &(0x7f0000a56000-0x8)={0x3}, 0x8) +sendmsg$alg(r1, &(0x7f0000913000-0x38)={0x0, 0x0, &(0x7f000078f000-0x30)=[{&(0x7f000086a000-0x1000)="5216eee325f6251ccf391f3bf5e545ba5168bc129c8930595ff0b417d0f2f65ae96616dad58cc195eb900d7fef58483296fdd14f58a574e252f118bdbc0c2c93ad61f447f963a18d92ba8fef602d3950e93d15c32afecc60dceea83ca340f33724723b4dee52f78c3ef46669ee7b8a3895d2bd7231842c7e1d495d11b8ff448ae5c5949bcbf7004a8c9355c4f26e0c73085f5277deec7b6ac3eca10a826cb7975fec8349f5376084a4d7ad57fb36df257d85735150223103ff8dc1c5829c7ab9b11ff5ab9c2711b21569d4224f9e8cf9b01dd7352acab0c3521011f454760c00dd76ce319330a81b4b5af18ea2a0a417462c338efc4322a9174cfd1288ab2d10d52cc1c2b295aea5d3c24d5dae8e77e81efc75a1a6b7701dd03e2ec304ceed79c4e777aa5365b7fcbb5394ceee2675f5af0c653301681441961cb1d7260623136ecef4826e38aabbccfafa3be7addf875675f4c3b2874b71eebd0825d10a9bfb1957aa769b83540495d5386155921fa34a87a92bd4c37d32659a5601f227ae0526de7f4ae9e564ed5ec336f23c20d54aa83fe3b6ed894f171f711be31ef88c1b0b80c4e9a90069a77e49e8c60fc56f1ce6474706ecde9b016114d0734508cb5ee4a0a8ee519aaf1d71bba892e653ee910ab598bb325ae72fae836ff68610f2ae46b107b115f33e4715497fde885aecfaa3481673406bc23bf52a3e8aa9fe225415a7d506aafa72e53376772875d22054303d7dbc123d640a3f99bdbf21e6d16b18eb26c85d07191f2a2ef188422101be989f8678f622bbb3e0ac646542e530188b7abd8f608c678f7e48515f34fdd94bc5079a1be2fa5ebffe3a5a59b476a4329e455819b9d7a31aab0ef9fe0b17c5ed63d66a4700ccddb4f549ec08534bec080a61617fb7965968c3721945593a5a4403f72ed7ef5ec7b7df7781f2ff68b383ab9c87dd1a8f17e2d1ae617c10574976592043eee77560469626858c0602fc948e22943559e46adaf6c87dbeeed0416130a213da727d18cd66cecc60912bded3579f5163b233a473c2034761659383fa0e9828e59e915e0233b654024a3ff24ce727920baaa0ef6713a28239c08924a0d988f82529dbfd7172f53cfac5f08bd27426e919e323f07a7314bb0c5dade08189ef2151930dca6b2f3b2346ff4f21df3567d019a99f3d060dd23a0706e6fc7744bf09b9d283367edc7c5ad90b610eaf7886c94cb090a032814c9809e72c5fc32f13e7fed02af57358d9d2fdccf89189d4db81bdacb8c899078918db2fc8419c146f9563e8ccd7f08575493f4c7d4dc812f7799c109a1993b1d9b268a0dfef09f89f6039646501069fd9d33387ac5263ce0397df723c7af51cce88db1e26a5461b384d68f9d616cf744dc970e69dd56740b0edfdbfd76b76919dc10880677586133a563eed024ac3e5dee6655af2af8e7bd381d1e50739dd4b1c7c64c7ba5cd9932e2e7ee946a2517be315c7428ce70941827749bfd9f96e2c1b87234eb38295870ce21b74ca529efde30b421c505c263291a13745d155dfb5af1aaca1eb49c5284bdb10856bda32314b5ce405283b111e1ac5b3b4456869f553a4d0ab2cb63fecf542dc8a149adfcb3f0bbaf0b89877af56dc4406ea491fa24a62141fceb72a285b5377df686ba9456bef5ac05fe1cd17d1fef6ef4f5b5539d6d47d3d26c912cfad125c976e5918ce0c3267df45118e4e51b819110780ac1498d8df4b4c99b639384b98ab50f06f3f08d7db270b2eafa77db805fe533fda418e9223ab40e1d85f6e87dd5b868f4aee128fc17134ea20239a1870cd04e41c71475af7bca36808afbfc16947464ed003d0a88366c34feafb2763876254209919f9a1049783ed18ab545ceac7d8a6603df97c184e2c86d935d870954f183e15a2444470d5a04b6bbf5b763fc8a3d388960ab165ec933731edba5785b075d3edd5b3841d6e2ac9159a1640ee8fb1b7db5f314d69c136fe2a66d60f26ff7a8e0ef3874b6867d03a2167d0a76f52d156795bc590616341adec92f974fc171d6f787b8072f541bdd6268c208bd17925ce37d194b0dfde4cd5419999f9c3ec37a0db6466151a933e0840a2364f8944077bd986e696a4d8dcd66e91bbf6f85074e9f7f958e307a468a7431e3ce0a0d1d644c44f8bcedfa0f909f4d0d80b977775194123a07b30a0613ee3c083d47cd6cf0a83f6457ae1a30f06360c479f34a5c13c6a9f8cabc7a90b096b2349905d5d792395e6e26a88a26deb2dc899521bc2334f38fdff01fc80c3b399148b175d9799dc24f388a99e62842ec63e412d5c4702801ea5126e791f486dca5f1b3941cc53c64ed1eb7ac6a956330a97126000c78920e3f6e6549b1c43cc863748f284f052198cf1fec968b8c4f76db30807ec41a7b10b297572314cad07d6386d09f968f150a0c4d864781e7ccff44051d44016e18fc38b76655b0b958cc237db7584d787176c1a702006d22bb6b8977e7a56748d261d23e8fbb5728f07fec9e533d561bb1d2e63e8b2a4668536be151d32d0ef2d2b7d9b23080c06690cd8a1e335a206d18de84d56075a75b2ef8d34789de584577b1f1cce24c62d3dc5406f57df4b8495317c737668d3d2d8bab1e8db4e8eb19d546524790515c983464a9c5077ada2517d3d4a8dc072316ae4d6342cfce5617bb54d6c4d806642cb8cde8600aa74a395d284ef4d96d43c6e3368f2c2a29c95edecdf4873f0124a976edf5ff3fd28d96ee95edd72fea3c8a31c025ea7dd419c2f67bcd0366f9e09032fb7c82948d09014304716dbda5ec583def4908ff3ba6f3bdf255349f6d3a2e7916a0b814063f2cebdeef5d8df269209c0f298470175ff66960bf366d888d70d4d1e883eedcc28ca0782e3b4495ef7207c99f83ee24af3d03499afd6ddf3623dabc2dea1eeabf5bd65fd114b03e758dbaba5729ba721d9a7acf24e63709a997ef391c38402e1ecff310106b373fca203ac57fb65502fbf6d8d2ad4567d0c3b791bd9eec97b2065f562a3f0f259a60ed2781723a7e8ee23bc93a1dec6bd61d46f4ea45a08a8d2b46cffab92e72e24764902982525355036dfff71109b143fe046d956b282200016b982d2c2b2fb928036c43779b10fbf5b29a6e65ddf6f7f667b3d308d760474db78535a447ad5d12237ca6ef8f5868fd21033d55a8554faa6324e3d10cad1bf0d358ab110ce109f29d6f2297c6c8207ed12b2b4d44a74fc6a5e90f73a8acbf2c719f28709bccf914dce7a0026902b2e74d9d630f855e5950cfef6b40701384a3c4371f872134efc703132ec13b2e1058d8580f07477a70e7ce59de281e71f7ea9f013c7626f6943c650368a0f3dda776f131c55e90168e58caa02763c2e3bb2ebdc9cf01386fbe492713831f6209a6a4d9172fdc7f9fe5f0f1bab19fa5849eec0b0a4e0f7e5203314c3fd821df7ed2d2a308c1c7ab7ad5c613c8971f00570b9e6685b72e8786ee7189bf7c2310111d19d6a1ea64bc7c8c416c6806087f05fb111d967f1731e52a1e94a52715c8a5b66f091c6c0a8c5e1179daf16506ea36a2925a5952323f05a9069d99b4100b26666acf914d32400e15a3797b6521d79945b75d6708f26d3ed3c9f8661ef9f17cc68222fd5c3bd795bd8957d86432a6e60bc43a421ec0bd3b3aa19eaf28744fabba7861c68c54268e7f1e4029b3e6e5416d3d34b7375c9539d39183dd7362a835d1ee53ffb062d3bf84050146ebec9fd0a02417795ff09336060060844fab41f782e8220764bc6f07a5e223e3416d2e5cc8f27b38e8449cae0573abbc01db4a27a23966da3f3446880bab10754c0061fd9da2c5b3193cfedb450600e9484d741342f2773932fc96585aa603475e68cac2176c6ff0d0f99a46dd7968edea4076fdf826da47a45b73080261138efac79055d10d3ef3d59a7d6e958619f473b76a4f4a1092416a6be38303ad743304dc321b37c1f2fccd6861f936190fbce2f042c39ef841cbcce6e965253b8dcb7ee65a48ca7e17689193e934b7d1060eb7e38b1fe33cd777a7b7260cd59dd6828025115bac9dc11cd7993520810c8d72c18aaf05b03e685ff48bf3d500898a83412c0f5762437d8c705c3fdcd450fcb15944ff52c7edc18a78e55efc86c5efdbd4bfced69b471f419e85f15edea8f542b48c9b4eb5a15a8a302fbf0d85d3cd89d4105d3202414a9340562aeab460be79264fee19748ed49b01b9438d340fa6384d0b312f3200cc464a6b6c54a171c98656b0626176f0739fdd40898047df242a8d9fc515e9f331285722bd86494e90eba0ca466338740600cb71154334b94ea113840e65dda096497fe1e2d1f48d6cf06614ed5f251e73dd6189e4ee4a928115c561f64de4ac8eb0d2fecc0383c9e0a4d1479c10b7c38a73631df20aae82d26b15a22a3da23d8629b9e6bccf0373378a928b5b87c67c3f1e4f17a75ac3fa87e2949913e4bd1da5715251cac7aef8ff997d42a8c5e98540c9c857f1ed563c2950e3f03afb17023fd05b361089ae25750850245b895f0d1d9b95b514607d1ed2b92999ce088bfa5891d6c56992af19a140ec8c562f2066410b062415beffc5b79a65b6208e4d8bf8349ba4ef598d9493e5e39f02b40764082102b9730236c5650af3851d3b63e2296bd469fe8ef3e39b35f5c7b7774f50dd705cadaab92159b3ecec12c7d415fe372f3dba4c5a49359286fe9797516854d9c946164a4d7807d4bb5920e704bb950f44c70bd0c267b3807b564c6fee74cef4331c4606ce649748db6c71ad6d1de6c7501dd08c8780b88756227fe1744e348ef085ad69c07c87b63c56d4a69359b968fc86a110dd73d3b77ad2e76ca2dd0ed962583bc6e0032cc46e8fd78b6343f0edd26da18ca9ce5c3ae1447f001e37ee89e7877142f62774a7f53d717ff8172029e524dad5957cfa819433c8af8e46e45a4d1ddaaa6a1c299cf26cfbd3b8729df2b16735f0ea1fec7700ef5508f87c0f067119ea91761f6d706895a265ae0b16a5a6b7040841bb3c0819879ec3c2ecbe6c699b93777462c17d7f564309c9b899e41dd677886f29dfd2da3cda3c3c62fa8948d881478069ef6ddf922fb6d962249b2424a26aebcf418e2b7bcb925df53f24ec95508c18a18bde0e0b2b5259e1b5e75b55c9cc400d0572f995a2d4d5d123f782d12313c130cf69aada30e5cf14e48dfed2787f6e5dd9781c514423cba1cd96da867b9f6b7004e97cdcd925415f6bcfac61244f4ab9f3c1a5a61be83336ce7440f05fbc3b3c90c750837ebcb24bbe0833ce443046695eff4a8098f94674563e690ccc25a99ff4ed262d57ad6c9bec65acaee8a249631bb31a3515b1cd3db367bb0959135716493d6af12a502ffabbef51b73a643f9b8475c08cf13bb4ab18b23b5bcb6485508df531b355974fbd3550433ef536169e041259fbac723a200994ea41ec367824d17a48905d5879b86b2f24edc7dac5250dd5416e94e3be3d7a559ddd97b4a1b1244c81a088f6f6402e9b094683df800c3cc1c3d5b2a2a1aabf2633f90072eda9c0e26f0c5d86fac40843253d2d8d5cf6c356583271924e13feadc4152cb5f7662284c14d3848ef50b1126dd6574e071ef0704fc93cc79a10439edbf277e2b3d1f2cf3e1753790629fe2e82118ce73cf3b3e6e9c064e2faf6caae9dd13814a", 0xfaa}, {&(0x7f00000a0000-0x2f)="ed4e3110c91e5e96fedb93dd410744be3b4bc88269cce08425179ac1816ef7c6b3b8edcfcbb816faccd7cab2f39489", 0x2f}], 0x2, &(0x7f0000e9e000-0x18)=[], 0x0, 0x40000}, 0x0) +recvmsg(r1, &(0x7f0000b2e000-0x38)={&(0x7f00007ec000-0x6)=@hci={0x0, 0x0, 0x0}, 0x6, &(0x7f0000f75000)=[{&(0x7f000074b000)=""/149, 0x95}, {&(0x7f0000f12000-0x1000)=""/4096, 0x1000}], 0x2, &(0x7f0000ec7000)=""/107, 0x6b, 0x0}, 0x0) +[ 397.006717] ? show_regs_print_info+0x18/0x18 +[ 397.011223] ? find_held_lock+0x35/0x1d0 +[ 397.015282] ? memcmp+0xe3/0x160 +[ 397.018669] print_address_description+0x73/0x250 +[ 397.023536] ? memcmp+0xe3/0x160 +[ 397.026901] kasan_report+0x25b/0x340 +[ 397.030702] __asan_report_load1_noabort+0x14/0x20 +[ 397.035630] memcmp+0xe3/0x160 +[ 397.038832] xfrm_selector_match+0x1bc/0xe00 +[ 397.043255] xfrm_state_look_at.constprop.30+0x113/0x360 +[ 397.048721] xfrm_state_find+0x1595/0x3210 +[ 397.052994] ? xfrm_state_afinfo_get_rcu+0x160/0x160 +[ 397.058105] ? ipv6_get_saddr_eval+0xee0/0xee0 +[ 397.062693] ? __lock_is_held+0xb6/0x140 +[ 397.066770] ? check_noncircular+0x20/0x20 +[ 397.071013] ? cleanup_prefix_route+0x1e0/0x1e0 +[ 397.075685] ? check_noncircular+0x20/0x20 +[ 397.079920] ? lock_downgrade+0x980/0x980 +[ 397.084080] ? lock_acquire+0x1d5/0x580 +[ 397.088057] ? lock_acquire+0x1d5/0x580 +[ 397.092062] ? find_held_lock+0x35/0x1d0 +[ 397.096135] ? xfrm_tmpl_resolve+0x598/0xc40 +[ 397.100628] ? lock_downgrade+0x980/0x980 +[ 397.104784] ? rcu_read_lock_held+0xa9/0xc0 +[ 397.109101] ? xfrm_policy_get_afinfo+0x13d/0x290 +[ 397.113948] ? xfrm6_get_saddr+0xd6/0x110 +[ 397.118098] xfrm_tmpl_resolve+0x2ee/0xc40 +[ 397.122338] ? __xfrm_decode_session+0x110/0x110 +[ 397.127077] ? save_stack+0xa3/0xd0 +[ 397.130687] ? save_stack+0x43/0xd0 +[ 397.134292] ? find_held_lock+0x35/0x1d0 +[ 397.138345] ? rt_add_uncached_list+0x1b7/0x240 +[ 397.143002] xfrm_resolve_and_create_bundle+0x184/0x28d0 +[ 397.148438] ? lock_release+0xa40/0xa40 +[ 397.152391] ? __local_bh_enable_ip+0x121/0x230 +[ 397.157044] ? check_noncircular+0x20/0x20 +[ 397.161268] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.166275] ? trace_hardirqs_on+0xd/0x10 +[ 397.170398] ? _raw_spin_unlock_bh+0x30/0x40 +[ 397.174788] ? xfrm_tmpl_resolve+0xc40/0xc40 +[ 397.179167] ? ip_rt_bug+0x20/0x20 +[ 397.182701] ? find_held_lock+0x35/0x1d0 +[ 397.188320] ? xfrm_sk_policy_lookup+0x34c/0x4e0 +[ 397.193055] ? lock_downgrade+0x980/0x980 +[ 397.197186] ? lock_release+0xa40/0xa40 +[ 397.201139] ? refcount_inc_not_zero+0xfe/0x180 +[ 397.205784] ? selinux_xfrm_policy_lookup+0xac/0xd0 +[ 397.210774] ? security_xfrm_policy_lookup+0x92/0xc0 +[ 397.215863] ? xfrm_sk_policy_lookup+0x375/0x4e0 +[ 397.220610] ? xfrm_selector_match+0xe00/0xe00 +[ 397.225168] ? print_irqtrace_events+0x270/0x270 +[ 397.229902] xfrm_lookup+0x15b2/0x24f0 +[ 397.233759] ? xfrm_lookup+0x15b2/0x24f0 +[ 397.237799] ? xfrm_policy_lookup+0x70/0x70 +[ 397.242106] ? find_held_lock+0x35/0x1d0 +[ 397.246152] ? ip_route_output_key_hash+0x229/0x370 +[ 397.251146] ? lock_downgrade+0x980/0x980 +[ 397.255265] ? lock_release+0xa40/0xa40 +[ 397.259213] ? find_held_lock+0x35/0x1d0 +[ 397.263259] ? ip_route_output_key_hash+0x252/0x370 +[ 397.268247] ? ip_route_output_key_hash_rcu+0x2c20/0x2c20 +[ 397.273753] ? lock_release+0xa40/0xa40 +[ 397.277705] xfrm_lookup_route+0x39/0x1a0 +[ 397.281832] ip_route_output_flow+0x7c/0xa0 +[ 397.286128] udp_sendmsg+0x19d3/0x2ce0 +[ 397.290002] ? ip_reply_glue_bits+0xb0/0xb0 +[ 397.294312] ? udp_lib_get_port+0x1b30/0x1b30 +[ 397.298785] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 397.303945] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 397.309112] ? print_irqtrace_events+0x270/0x270 +[ 397.313853] ? lock_downgrade+0x980/0x980 +[ 397.317986] ? mark_held_locks+0xaf/0x100 +[ 397.322111] ? refcount_inc_not_zero+0xfe/0x180 +[ 397.326750] ? __local_bh_enable_ip+0x121/0x230 +[ 397.331389] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.336376] ? udp_lib_get_port+0x785/0x1b30 +[ 397.340752] ? trace_hardirqs_on+0xd/0x10 +[ 397.344868] ? check_noncircular+0x20/0x20 +[ 397.349079] udpv6_sendmsg+0x757/0x3400 +[ 397.353037] ? check_noncircular+0x20/0x20 +[ 397.357248] ? udpv6_setsockopt+0x80/0x80 +[ 397.361378] ? reacquire_held_locks+0x1f9/0x3e0 +[ 397.366021] ? reacquire_held_locks+0x1f9/0x3e0 +[ 397.370671] ? find_held_lock+0x35/0x1d0 +[ 397.374709] ? release_sock+0x1d4/0x2a0 +[ 397.378655] ? lock_downgrade+0x980/0x980 +[ 397.382780] ? __local_bh_enable_ip+0x121/0x230 +[ 397.387422] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.392406] ? release_sock+0x1d4/0x2a0 +[ 397.396348] ? trace_hardirqs_on+0xd/0x10 +[ 397.400464] ? __local_bh_enable_ip+0x121/0x230 +[ 397.405104] ? _raw_spin_unlock_bh+0x30/0x40 +[ 397.409486] ? release_sock+0x1d4/0x2a0 +[ 397.413431] ? __release_sock+0x360/0x360 +[ 397.417552] ? udp_v6_get_port+0x355/0x600 +[ 397.421876] inet_sendmsg+0x11f/0x5e0 +[ 397.425649] ? inet_sendmsg+0x11f/0x5e0 +[ 397.429593] ? copy_msghdr_from_user+0x3a6/0x590 +[ 397.434320] ? inet_recvmsg+0x5f0/0x5f0 +[ 397.438354] ? selinux_socket_sendmsg+0x36/0x40 +[ 397.442995] ? security_socket_sendmsg+0x89/0xb0 +[ 397.447727] ? inet_recvmsg+0x5f0/0x5f0 +[ 397.451683] sock_sendmsg+0xca/0x110 +[ 397.455376] ___sys_sendmsg+0x767/0x8b0 +[ 397.459325] ? copy_msghdr_from_user+0x590/0x590 +[ 397.464064] ? lock_downgrade+0x980/0x980 +[ 397.468199] ? __fget_light+0x297/0x380 +[ 397.472148] ? fget_raw+0x20/0x20 +[ 397.475576] ? schedule+0xf5/0x430 +[ 397.479117] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 397.484456] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 397.490148] ? __fdget+0x18/0x20 +[ 397.493499] __sys_sendmsg+0xe5/0x210 +[ 397.497269] ? __sys_sendmsg+0xe5/0x210 +[ 397.501217] ? SyS_shutdown+0x290/0x290 +[ 397.505197] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.510189] SyS_sendmsg+0x2d/0x50 +[ 397.513704] entry_SYSCALL_64_fastpath+0x23/0x9a +[ 397.518429] RIP: 0033:0x452ac9 +[ 397.521586] RSP: 002b:00007f6372138c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e +[ 397.529262] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452ac9 +[ 397.536500] RDX: 0000000000000000 RSI: 00000000201f1000 RDI: 0000000000000013 +[ 397.543739] RBP: 00000000000004a8 R08: 0000000000000000 R09: 0000000000000000 +[ 397.550977] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f5060 +[ 397.558219] R13: 00000000ffffffff R14: 00007f63721396d4 R15: 0000000000000000 +[ 397.565479] +[ 397.567080] The buggy address belongs to the page: +[ 397.571984] page:00000000f9ea28ea count:0 mapcount:0 mapping: (null) index:0x0 +[ 397.580103] flags: 0x2fffc0000000000() +[ 397.583964] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff +[ 397.591816] raw: 0000000000000000 dead000000000200 0000000000000000 0000000000000000 +[ 397.599662] page dumped because: kasan: bad access detected +[ 397.605344] +[ 397.606950] Memory state around the buggy address: +[ 397.611854] ffff8801c1917480: f1 f1 f1 04 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 +[ 397.619191] ffff8801c1917500: f2 f2 f2 f8 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 f2 +[ 397.626530] >ffff8801c1917580: f2 f2 f2 00 00 00 00 00 00 00 f2 f2 f2 f2 f2 00 +[ 397.633861] ^ +[ 397.639801] ffff8801c1917600: 00 00 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 +[ 397.647132] ffff8801c1917680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +[ 397.654459] ================================================================== diff --git a/pkg/report/testdata/linux/report/173 b/pkg/report/testdata/linux/report/173 new file mode 100644 index 000000000..41b163fb7 --- /dev/null +++ b/pkg/report/testdata/linux/report/173 @@ -0,0 +1,114 @@ +TITLE: WARNING: ODEBUG bug in unreserve_psock + +[ 162.195589] ------------[ cut here ]------------ +[ 162.201255] ODEBUG: free active (active state 0) object type: work_struct hint: strp_work+0x0/0xf0 +[ 162.210402] WARNING: CPU: 1 PID: 3502 at lib/debugobjects.c:291 debug_print_object+0x166/0x220 +[ 162.219115] Kernel panic - not syncing: panic_on_warn set ... +[ 162.219115] +[ 162.226440] CPU: 1 PID: 3502 Comm: kworker/u4:4 Not tainted 4.15.0-rc5+ #170 +[ 162.233589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 162.242911] Workqueue: kkcmd kcm_tx_work +[ 162.246935] Call Trace: +[ 162.249490] dump_stack+0x194/0x257 +[ 162.253088] ? arch_local_irq_restore+0x53/0x53 +[ 162.257727] ? vsnprintf+0x1ed/0x1900 +[ 162.261501] panic+0x1e4/0x41c +[ 162.264659] ? refcount_error_report+0x214/0x214 +[ 162.269378] ? show_regs_print_info+0x18/0x18 +[ 162.273845] ? __warn+0x1c1/0x200 +[ 162.277266] ? debug_print_object+0x166/0x220 +[ 162.281725] __warn+0x1dc/0x200 +[ 162.284985] ? console_unlock+0x983/0xd80 +[ 162.289099] ? debug_print_object+0x166/0x220 +[ 162.293563] report_bug+0x211/0x2d0 +[ 162.297164] fixup_bug.part.11+0x37/0x80 +[ 162.301191] do_error_trap+0x2d7/0x3e0 +[ 162.305045] ? __down_trylock_console_sem+0x10d/0x1e0 +[ 162.310205] ? math_error+0x400/0x400 +[ 162.313972] ? vprintk_emit+0x3ea/0x590 +[ 162.317918] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.322903] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 162.327715] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.332697] do_invalid_op+0x1b/0x20 +[ 162.336379] invalid_op+0x22/0x40 +[ 162.339799] RIP: 0010:debug_print_object+0x166/0x220 +[ 162.344867] RSP: 0018:ffff8801c0ee7068 EFLAGS: 00010086 +[ 162.350197] RAX: dffffc0000000008 RBX: 0000000000000003 RCX: ffffffff8159bc3e +[ 162.357433] RDX: 0000000000000000 RSI: 1ffff100381dcdc8 RDI: ffff8801db317dd0 +[ 162.364669] RBP: ffff8801c0ee70a8 R08: 0000000000000000 R09: 1ffff100381dcd9a +[ 162.371905] R10: ffffed00381dce3c R11: ffffffff86137ad8 R12: 0000000000000001 +[ 162.379139] R13: ffffffff86113480 R14: ffffffff8560dc40 R15: ffffffff8146e5f0 +[ 162.386377] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.391363] ? vprintk_func+0x5e/0xc0 +[ 162.395132] ? debug_print_object+0x166/0x220 +[ 162.399596] debug_check_no_obj_freed+0x662/0xf1f +[ 162.404412] ? free_obj_work+0x690/0x690 +[ 162.408440] ? lock_acquire+0x1d5/0x580 +[ 162.412380] ? lock_acquire+0x1d5/0x580 +[ 162.416319] ? unreserve_psock+0x9e/0x780 +[ 162.420436] ? lock_release+0xa40/0xa40 +[ 162.424378] ? find_held_lock+0x35/0x1d0 +[ 162.428405] ? refcount_sub_and_test+0x115/0x1b0 +[ 162.433130] ? debug_check_no_locks_freed+0x264/0x3c0 +[ 162.438289] kmem_cache_free+0x253/0x2a0 +[ 162.442319] unreserve_psock+0x5a1/0x780 +[ 162.446347] ? kcm_setsockopt+0x6a0/0x6a0 +[ 162.450469] kcm_write_msgs+0xbae/0x1b80 +[ 162.454501] ? print_irqtrace_events+0x270/0x270 +[ 162.459222] ? find_held_lock+0x35/0x1d0 +[ 162.463254] ? lock_acquire+0x1d5/0x580 +[ 162.467192] ? lock_acquire+0x1d5/0x580 +[ 162.471134] ? kcm_release+0x860/0x860 +[ 162.474993] ? mark_held_locks+0xaf/0x100 +[ 162.479105] ? do_raw_spin_trylock+0x190/0x190 +[ 162.483657] ? __local_bh_enable_ip+0x121/0x230 +[ 162.488292] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.493274] ? lock_sock_nested+0x91/0x110 +[ 162.497475] ? trace_hardirqs_on+0xd/0x10 +[ 162.501589] ? __local_bh_enable_ip+0x121/0x230 +[ 162.506229] kcm_tx_work+0x2e/0x190 +[ 162.509825] process_one_work+0xbbf/0x1b10 +[ 162.514026] ? trace_hardirqs_on+0xd/0x10 +[ 162.518149] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 162.522790] ? __schedule+0x8f3/0x2060 +[ 162.526644] ? _raw_spin_unlock_irqrestore+0xa6/0xba +[ 162.531721] ? check_noncircular+0x20/0x20 +[ 162.535940] ? __wake_up_common_lock+0x1c2/0x310 +[ 162.540663] ? lock_downgrade+0x980/0x980 +[ 162.544781] ? do_wait_intr_irq+0x3e0/0x3e0 +[ 162.549077] ? lock_acquire+0x1d5/0x580 +[ 162.553018] ? lock_acquire+0x1d5/0x580 +[ 162.556957] ? worker_thread+0x4a3/0x1990 +[ 162.561071] ? lock_downgrade+0x980/0x980 +[ 162.565194] ? lock_release+0xa40/0xa40 +[ 162.569136] ? retint_kernel+0x10/0x10 +[ 162.572990] ? do_raw_spin_trylock+0x190/0x190 +[ 162.577547] worker_thread+0x223/0x1990 +[ 162.581504] ? process_one_work+0x1b10/0x1b10 +[ 162.585974] ? _raw_spin_unlock_irq+0x27/0x70 +[ 162.590440] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.595422] ? trace_hardirqs_on+0xd/0x10 +[ 162.599535] ? _raw_spin_unlock_irq+0x27/0x70 +[ 162.603997] ? finish_task_switch+0x1d3/0x740 +[ 162.608456] ? finish_task_switch+0x1aa/0x740 +[ 162.612933] ? copy_overflow+0x20/0x20 +[ 162.616823] ? __schedule+0x8f3/0x2060 +[ 162.620689] ? retint_kernel+0x10/0x10 +[ 162.624547] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.629534] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 162.634271] ? retint_kernel+0x10/0x10 +[ 162.638140] ? __schedule+0x2060/0x2060 +[ 162.642078] ? do_wait_intr_irq+0x3e0/0x3e0 +[ 162.646368] ? __lockdep_init_map+0xe4/0x650 +[ 162.650747] ? do_raw_spin_trylock+0x190/0x190 +[ 162.655295] ? lockdep_init_map+0x9/0x10 +[ 162.659325] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 162.664396] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.669380] ? trace_hardirqs_on+0xd/0x10 +[ 162.673493] ? __kthread_parkme+0x175/0x240 +[ 162.677783] kthread+0x33c/0x400 +[ 162.681117] ? process_one_work+0x1b10/0x1b10 +[ 162.685575] ? kthread_stop+0x7a0/0x7a0 +[ 162.689518] ret_from_fork+0x24/0x30 +[ 162.693208] +[ 162.693211] ====================================================== diff --git a/pkg/report/testdata/linux/report/174 b/pkg/report/testdata/linux/report/174 new file mode 100644 index 000000000..8f72231c2 --- /dev/null +++ b/pkg/report/testdata/linux/report/174 @@ -0,0 +1,72 @@ +TITLE: BUG: unable to handle kernel NULL pointer dereference in rtnl_dump_ifinfo + +[ 218.951194] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 +[ 218.959174] IP: strlen+0x0/0x30 +[ 218.962422] PGD 1fa2a3067 P4D 1fa2a3067 PUD 2156db067 PMD 0 +[ 218.968196] Oops: 0000 [#1] SMP +[ 218.971442] Dumping ftrace buffer: +[ 218.974947] (ftrace buffer empty) +[ 218.978622] Modules linked in: +[ 218.981784] CPU: 0 PID: 25068 Comm: syz-executor5 Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 218.990234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 218.999558] RIP: 0010:strlen+0x0/0x30 +[ 219.003321] RSP: 0018:ffffc90000f63728 EFLAGS: 00010202 +[ 219.008648] RAX: 0000000000010000 RBX: ffff880215647500 RCX: ffffffff820f1e86 +[ 219.015882] RDX: 0000000000003b6e RSI: ffffc90004536000 RDI: 0000000000000010 +[ 219.023120] RBP: ffffc90000f637a8 R08: 0000000000000000 R09: ffff88020d91707d +[ 219.030354] R10: ffffc90000f636b8 R11: 0000000000000002 R12: ffff8801fba87000 +[ 219.037590] R13: 0000000000000010 R14: 0000000000000000 R15: ffff88020d917000 +[ 219.044829] FS: 00007f7abdffd700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 +[ 219.053022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 219.058867] CR2: 0000000000000010 CR3: 000000020f0fe005 CR4: 00000000001606f0 +[ 219.066108] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 219.073343] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 +[ 219.080574] Call Trace: +[ 219.083128] ? rtnl_fill_ifinfo+0x476/0x15b0 +[ 219.087506] rtnl_dump_ifinfo+0x37c/0x570 +[ 219.091638] netlink_dump+0x14e/0x360 +[ 219.095405] __netlink_dump_start+0x1bb/0x210 +[ 219.099863] rtnetlink_rcv_msg+0x44f/0x5d0 +[ 219.104061] ? rtnl_getlink+0x2d0/0x2d0 +[ 219.107998] ? rtnl_getlink+0x2d0/0x2d0 +[ 219.111940] ? validate_linkmsg+0x470/0x470 +[ 219.116227] netlink_rcv_skb+0x92/0x160 +[ 219.120167] rtnetlink_rcv+0x1c/0x20 +[ 219.123843] netlink_unicast+0x1d4/0x290 +[ 219.127877] netlink_sendmsg+0x345/0x470 +[ 219.131915] sock_sendmsg+0x51/0x70 +[ 219.135507] sock_write_iter+0xa4/0x100 +[ 219.139451] do_iter_readv_writev+0x17d/0x1f0 +[ 219.143915] do_iter_write+0xbc/0x210 +[ 219.147681] vfs_writev+0xa1/0x120 +[ 219.151188] ? __fget+0x160/0x290 +[ 219.154606] ? finish_task_switch+0x60/0x210 +[ 219.158980] do_writev+0x5e/0x100 +[ 219.162395] ? do_writev+0x5e/0x100 +[ 219.165987] SyS_writev+0x27/0x30 +[ 219.169408] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 219.174125] RIP: 0033:0x452a09 +[ 219.177281] RSP: 002b:00007f7abdffcc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000014 +[ 219.184953] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452a09 +[ 219.192187] RDX: 0000000000000001 RSI: 00000000206f6000 RDI: 0000000000000013 +[ 219.199422] RBP: 000000000000056f R08: 0000000000000000 R09: 0000000000000000 +[ 219.206655] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f5308 +[ 219.213892] R13: 00000000ffffffff R14: 00007f7abdffd6d4 R15: 0000000000000000 +[ 219.221131] Code: 89 f8 48 89 fa 48 89 e5 74 09 48 83 c2 01 80 3a 00 75 f7 48 83 c6 01 0f b6 4e ff 48 83 c2 01 84 c9 88 4a ff 75 ed 5d c3 0f 1f 00 <80> 3f 00 55 48 89 e5 74 14 48 89 f8 48 83 c7 01 80 3f 00 75 f7 +2017/12/19 12:31:44 executing program 7: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = socket(0x40000000015, 0x5, 0x3) +getgid() +bind$inet(r0, &(0x7f0000004000-0x10)={0x2, 0x0, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +sendto$inet(r0, &(0x7f00003da000)="b4ceb8df5437ccd2e12038967c3763260b229b5c4833a5589d3330709b2d4540b8b87b1a9c25b16400aec83e5ba56a18d5913094de50983d474f6ee0c59f13762e0efb16f74a2b83be6c8a31702f77adadc08eeaeaac8cfd0fee2d313170f7a64bfae673a0defab0634dd714303efa00eddb01b7748f6f5b", 0x78, 0x800, &(0x7f0000003000-0x10)={0x2, 0x0, @multicast1=0xe0000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1=0xe0000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +r1 = syz_open_dev$vcsa(&(0x7f0000009000-0xb)='/dev/vcsa#\x00', 0x4, 0x200000) +ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f000042f000-0x50)={0x4, 0x6, 0x4, 0x0, 0xd, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) +[ 219.240181] RIP: strlen+0x0/0x30 RSP: ffffc90000f63728 +[ 219.245420] CR2: 0000000000000010 +[ 219.248925] ---[ end trace 72499b0f3e5056d0 ]--- +[ 219.253970] Kernel panic - not syncing: Fatal exception +[ 219.259755] Dumping ftrace buffer: +[ 219.263263] (ftrace buffer empty) +[ 219.266936] Kernel Offset: disabled +[ 219.270524] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/175 b/pkg/report/testdata/linux/report/175 new file mode 100644 index 000000000..e814e5a71 --- /dev/null +++ b/pkg/report/testdata/linux/report/175 @@ -0,0 +1,41 @@ +TITLE: BUG: unable to handle kernel paging request in ipcget + +[ 83.458005] BUG: unable to handle kernel paging request at ffffffffffffffd8 +[ 83.465166] IP: memcmp+0x9/0x40 +[ 83.468420] PGD 3021067 P4D 3021067 PUD 3023067 PMD 0 +[ 83.473680] Oops: 0000 [#1] SMP +[ 83.476929] Dumping ftrace buffer: +[ 83.480436] (ftrace buffer empty) +[ 83.484118] Modules linked in: +[ 83.487284] CPU: 0 PID: 18580 Comm: syz-executor3 Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 83.495741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 83.505077] RIP: 0010:memcmp+0x9/0x40 +[ 83.508843] RSP: 0018:ffffc90000f13ea0 EFLAGS: 00010202 +[ 83.514176] RAX: 0000000000000000 RBX: ffffffffffffffd8 RCX: 0000000000000004 +[ 83.521419] RDX: 0000000000000004 RSI: ffffc90000f13eec RDI: ffffffffffffffd8 +[ 83.528667] RBP: ffffc90000f13ea0 R08: 0000000000000001 R09: 0000000000000002 +[ 83.535914] R10: ffffc90000f13e38 R11: 0000000000000002 R12: ffff8801fd3109f0 +[ 83.543161] R13: ffffc90000f13f28 R14: ffff8801fd2dec00 R15: 0000000000000068 +[ 83.550402] FS: 00007fd1a2fd1700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 +[ 83.558595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 83.564444] CR2: ffffffffffffffd8 CR3: 00000001ffb69003 CR4: 00000000001626f0 +[ 83.571686] Call Trace: +[ 83.574244] ipcget+0x1a2/0x620 +[ 83.577503] SyS_msgget+0x48/0x60 +[ 83.580930] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 83.585652] RIP: 0033:0x452a09 +[ 83.588814] RSP: 002b:00007fd1a2fd0c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000044 +[ 83.596491] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452a09 +[ 83.603730] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000798e7462 +[ 83.610968] RBP: 00000000000003f2 R08: 0000000000000000 R09: 0000000000000000 +[ 83.618206] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f2f50 +[ 83.625533] R13: 00000000ffffffff R14: 00007fd1a2fd16d4 R15: 0000000000000000 +[ 83.632793] Code: 74 1a 48 01 fa 48 89 f8 eb 07 0f b6 08 39 f1 74 09 48 83 c0 01 48 39 d0 75 f0 5d c3 48 89 f8 5d c3 90 55 48 85 d2 48 89 e5 74 2e <0f> b6 07 0f b6 0e 29 c8 75 1e 48 01 fa eb 0c 0f b6 0f 44 0f b6 +[ 83.651930] RIP: memcmp+0x9/0x40 RSP: ffffc90000f13ea0 +[ 83.657187] CR2: ffffffffffffffd8 +[ 83.660621] ---[ end trace a28e6436c6f945bb ]--- +[ 83.665352] Kernel panic - not syncing: Fatal exception +[ 83.671219] Dumping ftrace buffer: +[ 83.674735] (ftrace buffer empty) +[ 83.678412] Kernel Offset: disabled +[ 83.682010] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/176 b/pkg/report/testdata/linux/report/176 new file mode 100644 index 000000000..c809b0c1e --- /dev/null +++ b/pkg/report/testdata/linux/report/176 @@ -0,0 +1,83 @@ +TITLE: INFO: task hung in do_exit + +[ 246.752196] INFO: task syz-executor0:10244 blocked for more than 120 seconds. +[ 246.759582] Not tainted 4.15.0-rc8+ #269 +[ 246.764192] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 246.772168] syz-executor0 D23984 10244 4352 0x80000004 +[ 246.777823] Call Trace: +[ 246.780435] __schedule+0x8eb/0x2060 +[ 246.784180] ? __sched_text_start+0x8/0x8 +[ 246.788352] ? check_noncircular+0x20/0x20 +[ 246.792606] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 246.797849] ? print_irqtrace_events+0x270/0x270 +[ 246.802631] schedule+0xf5/0x430 +[ 246.806033] ? lock_downgrade+0x980/0x980 +[ 246.810191] ? __schedule+0x2060/0x2060 +[ 246.814184] ? lock_release+0xa40/0xa40 +[ 246.818204] ? mark_held_locks+0xaf/0x100 +[ 246.822368] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.826872] ? rwsem_down_read_failed+0x3fc/0x6e0 +[ 246.831729] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 246.836776] ? rwsem_down_read_failed+0x3fc/0x6e0 +[ 246.841630] rwsem_down_read_failed+0x401/0x6e0 +[ 246.846320] ? rt_mutex_futex_unlock+0x110/0x110 +[ 246.851121] ? lock_acquire+0x1d5/0x580 +[ 246.855100] ? lock_acquire+0x1d5/0x580 +[ 246.859109] ? __might_sleep+0x95/0x190 +[ 246.863104] call_rwsem_down_read_failed+0x18/0x30 +[ 246.868040] ? call_rwsem_down_read_failed+0x18/0x30 +[ 246.873269] down_read+0xa4/0x150 +[ 246.876727] ? do_exit+0x4b0/0x1ad0 +[ 246.880365] ? __down_interruptible+0x6b0/0x6b0 +[ 246.885080] ? trace_hardirqs_on+0xd/0x10 +[ 246.889260] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.893783] ? sync_mm_rss+0x113/0x180 +[ 246.897704] do_exit+0x4b0/0x1ad0 +[ 246.901194] ? try_to_wake_up+0xf9/0x1600 +[ 246.905370] ? mm_update_next_owner+0x930/0x930 +[ 246.910069] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 246.915297] ? print_irqtrace_events+0x270/0x270 +[ 246.920091] ? __rwsem_down_write_failed_common+0x100d/0x1530 +[ 246.926048] ? perf_trace_lock_acquire+0xe3/0x980 +[ 246.930926] ? perf_trace_lock+0x900/0x900 +[ 246.935185] ? check_noncircular+0x20/0x20 +[ 246.939451] ? __rwsem_down_write_failed_common+0x1015/0x1530 +[ 246.945382] ? rwsem_spin_on_owner+0x7e0/0x7e0 +[ 246.950044] ? find_held_lock+0x35/0x1d0 +[ 246.954141] ? get_signal+0x7ae/0x16c0 +[ 246.958055] ? lock_downgrade+0x980/0x980 +[ 246.962244] do_group_exit+0x149/0x400 +[ 246.966158] ? do_raw_spin_trylock+0x190/0x190 +[ 246.970774] ? SyS_exit+0x30/0x30 +[ 246.974255] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.978775] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 246.983826] get_signal+0x73f/0x16c0 +[ 246.987614] ? ptrace_notify+0x130/0x130 +[ 246.991714] ? exit_robust_list+0x240/0x240 +[ 246.996051] ? find_held_lock+0x35/0x1d0 +[ 247.000163] ? find_held_lock+0x35/0x1d0 +[ 247.004277] do_signal+0x90/0x1eb0 +[ 247.007844] ? vm_mmap_pgoff+0x198/0x280 +[ 247.011929] ? lock_downgrade+0x980/0x980 +[ 247.016107] ? lock_release+0xa40/0xa40 +[ 247.020106] ? setup_sigcontext+0x7d0/0x7d0 +[ 247.024476] ? rwsem_down_write_failed_killable+0xe/0x10 +[ 247.029957] ? call_rwsem_down_write_failed_killable+0x17/0x30 +[ 247.035972] ? down_read_killable+0x180/0x180 +[ 247.040614] ? security_mmap_file+0x143/0x180 +[ 247.045157] ? exit_to_usermode_loop+0x8c/0x310 +[ 247.049860] exit_to_usermode_loop+0x214/0x310 +[ 247.054577] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 247.060172] syscall_return_slowpath+0x490/0x550 +[ 247.064958] ? prepare_exit_to_usermode+0x340/0x340 +[ 247.069996] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 247.074960] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 247.080010] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 247.084836] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 247.089613] RIP: 0033:0x452f3a +[ 247.092814] RSP: 002b:0000000000a2f728 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 +[ 247.100553] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000452f3a +[ 247.107852] RDX: 0000000000000003 RSI: 0000000000021000 RDI: 0000000000000000 +[ 247.115144] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 +[ 247.122428] R10: 0000000000020022 R11: 0000000000000246 R12: 0000000000000000 +[ 247.129725] R13: 0000000000021000 R14: 0000000000020022 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/177 b/pkg/report/testdata/linux/report/177 new file mode 100644 index 000000000..a04907eaa --- /dev/null +++ b/pkg/report/testdata/linux/report/177 @@ -0,0 +1,203 @@ +TITLE: KASAN: use-after-free Read in selinux_inode_free_security + +[ 70.363639] ================================================================== +[ 70.371158] BUG: KASAN: use-after-free in do_raw_spin_lock+0x1aa/0x1e0 +[ 70.377908] Read of size 4 at addr ffff8801c5b1ddec by task syz-executor6/3887 +[ 70.385251] +[ 70.386868] CPU: 1 PID: 3887 Comm: syz-executor6 Not tainted 4.14.0-rc5+ #136 +[ 70.394123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 70.403464] Call Trace: +[ 70.406045] dump_stack+0x194/0x257 +[ 70.409671] ? arch_local_irq_restore+0x53/0x53 +[ 70.414330] ? show_regs_print_info+0x65/0x65 +[ 70.418820] ? perf_trace_lock_acquire+0xfe/0x900 +[ 70.423656] ? do_raw_spin_lock+0x1aa/0x1e0 +[ 70.427972] print_address_description+0x73/0x250 +[ 70.432808] ? do_raw_spin_lock+0x1aa/0x1e0 +[ 70.437123] kasan_report+0x25b/0x340 +[ 70.440924] __asan_report_load4_noabort+0x14/0x20 +[ 70.445846] do_raw_spin_lock+0x1aa/0x1e0 +[ 70.449994] _raw_spin_lock+0x32/0x40 +[ 70.453784] ? selinux_inode_free_security+0x12a/0x410 +[ 70.459044] selinux_inode_free_security+0x12a/0x410 +[ 70.464125] ? check_noncircular+0x20/0x20 +[ 70.468334] ? selinux_socket_create+0x740/0x740 +[ 70.473073] ? inode_has_buffers+0x60/0xd0 +[ 70.477280] ? nobh_write_end+0x5d0/0x5d0 +[ 70.481408] security_inode_free+0x50/0x90 +[ 70.485617] __destroy_inode+0x287/0x650 +[ 70.489651] ? inode_sb_list_add+0x320/0x320 +[ 70.494036] ? evict+0x576/0x920 +[ 70.497379] ? lock_downgrade+0x990/0x990 +[ 70.501507] ? do_raw_spin_trylock+0x190/0x190 +[ 70.506064] destroy_inode+0xe7/0x200 +[ 70.509839] ? __destroy_inode+0x650/0x650 +[ 70.514061] evict+0x57e/0x920 +[ 70.517234] ? destroy_inode+0x200/0x200 +[ 70.521274] ? iput+0x7b1/0xaf0 +[ 70.524526] ? lock_downgrade+0x990/0x990 +[ 70.528655] ? do_raw_spin_trylock+0x190/0x190 +[ 70.533211] ? _atomic_dec_and_lock+0x125/0x196 +[ 70.537851] ? _atomic_dec_and_lock+0xe8/0x196 +[ 70.542407] ? cpumask_local_spread+0x250/0x250 +[ 70.547050] ? lock_acquire+0x1d5/0x580 +[ 70.550993] ? _atomic_dec_and_lock+0x125/0x196 +[ 70.555644] iput+0x7b9/0xaf0 +[ 70.558724] ? find_inode_nowait+0x180/0x180 +[ 70.563107] ? evict_inodes+0x580/0x580 +[ 70.567052] ? fsnotify_put_mark+0x4c1/0x730 +[ 70.571434] ? lock_downgrade+0x990/0x990 +[ 70.575559] ? do_raw_spin_trylock+0x190/0x190 +[ 70.580112] ? __fsnotify_recalc_mask+0x340/0x340 +[ 70.584928] ? _atomic_dec_and_lock+0xe8/0x196 +[ 70.589479] ? put_ucounts+0x1ee/0x2d0 +[ 70.593340] ? cpumask_local_spread+0x250/0x250 +[ 70.597984] ? inotify_handle_event+0x22d/0x470 +[ 70.602635] fsnotify_put_mark+0x4d0/0x730 +[ 70.606846] ? fsnotify_recalc_mask+0x30/0x30 +[ 70.611314] ? inotify_handle_event+0x1df/0x470 +[ 70.615967] ? inotify_ignored_and_remove_idr+0x70/0x80 +[ 70.621305] ? inotify_freeing_mark+0x1d/0x30 +[ 70.625772] ? inotify_free_event+0x20/0x20 +[ 70.630071] fsnotify_clear_marks_by_group+0x19a/0x5f0 +[ 70.635330] ? fsnotify_find_mark+0x160/0x160 +[ 70.639794] ? fsnotify_destroy_group+0xd1/0x3f0 +[ 70.644524] ? lock_downgrade+0x990/0x990 +[ 70.648653] ? do_raw_spin_trylock+0x190/0x190 +[ 70.653238] fsnotify_destroy_group+0xde/0x3f0 +[ 70.657801] ? fsnotify_put_group+0xa0/0xa0 +[ 70.662091] ? locks_remove_file+0x3fa/0x5a0 +[ 70.666474] ? fcntl_setlk+0x10c0/0x10c0 +[ 70.670512] ? __fsnotify_parent+0xb4/0x3a0 +[ 70.674812] ? fsnotify+0x1af0/0x1af0 +[ 70.678583] ? dput.part.24+0x2a/0x740 +[ 70.682452] ? idr_callback+0xc0/0xc0 +[ 70.686223] inotify_release+0x37/0x50 +[ 70.690083] __fput+0x327/0x7e0 +[ 70.693343] ? fput+0x140/0x140 +[ 70.696599] ? check_same_owner+0x320/0x320 +[ 70.700891] ? _raw_spin_unlock_irq+0x27/0x70 +[ 70.705366] ____fput+0x15/0x20 +[ 70.708617] task_work_run+0x199/0x270 +[ 70.712480] ? task_work_cancel+0x210/0x210 +[ 70.716772] ? _raw_spin_unlock+0x22/0x30 +[ 70.720892] ? switch_task_namespaces+0x87/0xc0 +[ 70.725540] do_exit+0x9b5/0x1ad0 +[ 70.728961] ? perf_trace_lock_acquire+0xfe/0x900 +[ 70.733785] ? mm_update_next_owner+0x930/0x930 +[ 70.738432] ? perf_trace_lock+0x860/0x860 +[ 70.742640] ? check_same_owner+0x320/0x320 +[ 70.746935] ? lock_acquire+0x1d5/0x580 +[ 70.750882] ? futex_wait_setup+0x14a/0x3d0 +[ 70.755180] ? __might_sleep+0x95/0x190 +[ 70.759136] ? find_held_lock+0x35/0x1d0 +[ 70.763182] ? futex_wait+0x402/0x990 +[ 70.766958] ? perf_trace_lock+0xf1/0x860 +[ 70.771088] ? check_noncircular+0x20/0x20 +[ 70.775296] ? perf_trace_lock+0x860/0x860 +[ 70.779508] ? perf_event_sync_stat+0x5c0/0x5c0 +[ 70.784157] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 70.789232] ? futex_wait+0x69e/0x990 +[ 70.793022] ? find_held_lock+0x35/0x1d0 +[ 70.797070] ? get_signal+0x7ae/0x16d0 +[ 70.800929] ? lock_downgrade+0x990/0x990 +[ 70.805065] do_group_exit+0x149/0x400 +[ 70.808924] ? __lock_is_held+0xb6/0x140 +[ 70.812954] ? SyS_exit+0x30/0x30 +[ 70.816380] ? _raw_spin_unlock_irq+0x27/0x70 +[ 70.820850] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 70.825844] get_signal+0x73f/0x16d0 +[ 70.829547] ? ptrace_notify+0x130/0x130 +[ 70.833591] ? __schedule+0x8f3/0x2060 +[ 70.837460] ? exit_robust_list+0x240/0x240 +[ 70.841750] ? __sched_text_start+0x8/0x8 +[ 70.845872] ? perf_trace_lock+0xf1/0x860 +[ 70.849990] ? finish_task_switch+0x1aa/0x740 +[ 70.854470] do_signal+0x94/0x1ee0 +[ 70.857989] ? find_held_lock+0x35/0x1d0 +[ 70.862038] ? setup_sigcontext+0x7d0/0x7d0 +[ 70.866331] ? mntput_no_expire+0x130/0xa90 +[ 70.870624] ? lock_downgrade+0x990/0x990 +[ 70.874751] ? schedule+0xf5/0x430 +[ 70.878269] ? __schedule+0x2060/0x2060 +[ 70.882227] ? lock_downgrade+0x990/0x990 +[ 70.886355] ? mntput_no_expire+0x15e/0xa90 +[ 70.890645] ? check_same_owner+0x320/0x320 +[ 70.894936] ? exit_to_usermode_loop+0x8c/0x310 +[ 70.899587] exit_to_usermode_loop+0x214/0x310 +[ 70.904145] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 70.909654] ? dput.part.24+0x2a/0x740 +[ 70.913517] ? dput.part.24+0x175/0x740 +[ 70.917479] syscall_return_slowpath+0x42f/0x510 +[ 70.922209] ? prepare_exit_to_usermode+0x2d0/0x2d0 +[ 70.927199] ? entry_SYSCALL_64_fastpath+0x91/0xbe +[ 70.932102] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 70.937091] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 70.941831] entry_SYSCALL_64_fastpath+0xbc/0xbe +[ 70.946556] RIP: 0033:0x452779 +[ 70.949715] RSP: 002b:00007f6815b25ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 70.957392] RAX: fffffffffffffe00 RBX: 00000000007581a0 RCX: 0000000000452779 +[ 70.964633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000007581a0 +[ 70.971875] RBP: 00000000007581a0 R08: 000000000000018e R09: 0000000000758180 +[ 70.979117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 +[ 70.986359] R13: 0000000000a6f7ff R14: 00007f6815b269c0 R15: 000000000000001e +[ 70.993627] +[ 70.995226] Allocated by task 3873: +[ 70.998823] save_stack_trace+0x16/0x20 +[ 71.002765] save_stack+0x43/0xd0 +[ 71.006189] kasan_kmalloc+0xad/0xe0 +[ 71.009872] kmem_cache_alloc_trace+0x136/0x750 +[ 71.014513] selinux_sb_alloc_security+0x93/0x2e0 +[ 71.019325] security_sb_alloc+0x6d/0xa0 +[ 71.023354] sget_userns+0x36a/0xe20 +[ 71.027036] sget+0xd2/0x120 +[ 71.030028] mount_nodev+0x37/0x100 +[ 71.033623] ramfs_mount+0x2c/0x40 +[ 71.037131] mount_fs+0x66/0x2d0 +[ 71.040467] vfs_kern_mount.part.26+0xc6/0x4a0 +[ 71.045019] do_mount+0xea1/0x2bb0 +[ 71.048528] SyS_mount+0xab/0x120 +[ 71.051949] entry_SYSCALL_64_fastpath+0x1f/0xbe +[ 71.056670] +[ 71.058265] Freed by task 3873: +[ 71.061514] save_stack_trace+0x16/0x20 +[ 71.065456] save_stack+0x43/0xd0 +[ 71.068896] kasan_slab_free+0x71/0xc0 +[ 71.072753] kfree+0xca/0x250 +[ 71.075828] selinux_sb_free_security+0x42/0x50 +[ 71.080466] security_sb_free+0x48/0x80 +[ 71.084408] destroy_super+0x93/0x200 +[ 71.088178] __put_super.part.6+0x1a4/0x2a0 +[ 71.092469] put_super+0x53/0x70 +[ 71.095805] deactivate_locked_super+0xb0/0xd0 +[ 71.100356] deactivate_super+0x141/0x1b0 +[ 71.104473] cleanup_mnt+0xb2/0x150 +[ 71.108070] __cleanup_mnt+0x16/0x20 +[ 71.111754] task_work_run+0x199/0x270 +[ 71.115610] do_exit+0x9b5/0x1ad0 +[ 71.119032] do_group_exit+0x149/0x400 +[ 71.122887] get_signal+0x73f/0x16d0 +[ 71.126570] do_signal+0x94/0x1ee0 +[ 71.130081] exit_to_usermode_loop+0x214/0x310 +[ 71.134632] syscall_return_slowpath+0x42f/0x510 +[ 71.139358] entry_SYSCALL_64_fastpath+0xbc/0xbe +[ 71.144081] +[ 71.145679] The buggy address belongs to the object at ffff8801c5b1dd40 +[ 71.145679] which belongs to the cache kmalloc-256 of size 256 +[ 71.158305] The buggy address is located 172 bytes inside of +[ 71.158305] 256-byte region [ffff8801c5b1dd40, ffff8801c5b1de40) +[ 71.170148] The buggy address belongs to the page: +[ 71.175046] page:ffffea000716c740 count:1 mapcount:0 mapping:ffff8801c5b1d0c0 index:0x0 +[ 71.183161] flags: 0x200000000000100(slab) +[ 71.187369] raw: 0200000000000100 ffff8801c5b1d0c0 0000000000000000 000000010000000c +[ 71.195219] raw: ffffea0007155de0 ffffea0007130ae0 ffff8801dac007c0 0000000000000000 +[ 71.203066] page dumped because: kasan: bad access detected +[ 71.208743] +[ 71.210338] Memory state around the buggy address: +[ 71.215235] ffff8801c5b1dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.222563] ffff8801c5b1dd00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb +[ 71.229892] >ffff8801c5b1dd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.237217] ^ +[ 71.243936] ffff8801c5b1de00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc +[ 71.251265] ffff8801c5b1de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.258590] ================================================================== diff --git a/pkg/report/testdata/linux/report/178 b/pkg/report/testdata/linux/report/178 new file mode 100644 index 000000000..bbe1a4583 --- /dev/null +++ b/pkg/report/testdata/linux/report/178 @@ -0,0 +1,14 @@ +TITLE: INFO: task syz-executor blocked for more than 120 seconds. +CORRUPTED: Y + +[ 861.152227] INFO: task syz-executor3:10976 blocked for more than 120 seconds. +[ 861.159591] Not tainted 4.15.0-rc7+ #192 +[ 861.164179] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 861.172159] syz-executor3 D23920 10976 4681 0x00000004 +[ 861.177810] Call Trace: +[ 861.180416] __schedule+0x8eb/0x2060 +[ 861.184145] ? __sched_text_start+0x8/0x8 +[ 861.188302] ? check_noncircular+0x20/0x20 +[ 861.192550] ? __queue_work+0x5b9/0x1230 +[ 861.196618] ? insert_work+0x5f0/0x5f0 +[ 861.200518] ? save_packet_write_wait: Connection to 216.239.38.127 port 9600: Broken pipe diff --git a/pkg/report/testdata/linux/report/179 b/pkg/report/testdata/linux/report/179 new file mode 100644 index 000000000..4e9d711de --- /dev/null +++ b/pkg/report/testdata/linux/report/179 @@ -0,0 +1,112 @@ +TITLE: INFO: task hung in input_close_device + +[ 369.632214] INFO: task syz-executor4:8442 blocked for more than 120 seconds. +[ 369.639487] Not tainted 4.15.0-rc7-next-20180115+ #97 +[ 369.645214] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 369.653184] syz-executor4 D21856 8442 4763 0x80000002 +[ 369.658821] Call Trace: +[ 369.661423] __schedule+0x8eb/0x2060 +[ 369.665150] ? __sched_text_start+0x8/0x8 +[ 369.669304] ? lock_downgrade+0x980/0x980 +[ 369.673461] ? lock_release+0xa40/0xa40 +[ 369.677449] ? mark_held_locks+0xaf/0x100 +[ 369.681611] ? check_noncircular+0x20/0x20 +[ 369.685872] ? trace_hardirqs_on+0xd/0x10 +[ 369.690041] ? check_noncircular+0x20/0x20 +[ 369.694288] schedule+0xf5/0x430 +[ 369.697702] ? debug_object_deactivate+0x560/0x560 +[ 369.702648] ? __schedule+0x2060/0x2060 +[ 369.706634] ? print_irqtrace_events+0x270/0x270 +[ 369.711401] ? wait_for_completion+0x40d/0x770 +[ 369.715990] ? lock_downgrade+0x980/0x980 +[ 369.720147] schedule_timeout+0x1a3/0x230 +[ 369.724301] ? usleep_range+0x190/0x190 +[ 369.728284] ? mark_held_locks+0xaf/0x100 +[ 369.732437] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.736937] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 369.741965] wait_for_completion+0x415/0x770 +[ 369.746390] ? wait_for_completion_interruptible+0x7e0/0x7e0 +[ 369.752198] ? __lockdep_init_map+0xe4/0x650 +[ 369.756614] ? lockdep_init_map+0x9/0x10 +[ 369.760718] ? __init_waitqueue_head+0x97/0x140 +[ 369.765422] ? wake_up_q+0xe0/0xe0 +[ 369.768965] ? kasan_slab_free+0xe/0x10 +[ 369.772940] ? kfree+0xd9/0x260 +[ 369.776225] ? mousedev_release+0x68/0xb0 +[ 369.780371] ? __fput+0x327/0x7e0 +[ 369.783824] ? ____fput+0x15/0x20 +[ 369.787288] __wait_rcu_gp+0x221/0x340 +[ 369.791195] synchronize_sched.part.64+0xac/0x100 +[ 369.796044] ? synchronize_sched_expedited+0xf0/0xf0 +[ 369.801153] ? call_rcu_bh+0x20/0x20 +[ 369.804883] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.810780] ? trace_raw_output_rcu_utilization+0xb0/0xb0 +[ 369.816333] ? __might_sleep+0x95/0x190 +[ 369.825883] synchronize_sched+0x76/0xf0 +[ 369.829995] input_close_device+0xf6/0x130 +[ 369.834241] ? mousedev_detach_client+0x260/0x260 +[ 369.839088] mousedev_close_device+0x94/0xb0 +[ 369.843501] mixdev_close_devices+0xe0/0x120 +[ 369.847917] mousedev_release+0x8f/0xb0 +[ 369.851895] __fput+0x327/0x7e0 +[ 369.855186] ? fput+0x140/0x140 +[ 369.858473] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.864361] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.868892] ____fput+0x15/0x20 +[ 369.872175] task_work_run+0x199/0x270 +[ 369.876073] ? task_work_cancel+0x210/0x210 +[ 369.880401] ? _raw_spin_unlock+0x22/0x30 +[ 369.884556] ? switch_task_namespaces+0x87/0xc0 +[ 369.889284] do_exit+0x9bb/0x1ad0 +[ 369.892754] ? mm_update_next_owner+0x930/0x930 +[ 369.897445] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 369.902648] ? lock_release+0xa40/0xa40 +[ 369.906639] ? do_raw_spin_trylock+0x190/0x190 +[ 369.911229] ? perf_trace_lock+0xd6/0x900 +[ 369.915452] ? perf_trace_lock+0xd6/0x900 +[ 369.919607] ? check_noncircular+0x20/0x20 +[ 369.923851] ? trace_event_raw_event_lock+0x340/0x340 +[ 369.929051] ? check_noncircular+0x20/0x20 +[ 369.933312] ? find_held_lock+0x35/0x1d0 +[ 369.937393] ? find_held_lock+0x35/0x1d0 +[ 369.941481] ? get_signal+0x7ae/0x16c0 +[ 369.945374] ? lock_downgrade+0x980/0x980 +[ 369.949537] do_group_exit+0x149/0x400 +[ 369.953448] ? do_raw_spin_trylock+0x190/0x190 +[ 369.958038] ? SyS_exit+0x30/0x30 +[ 369.961494] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.966030] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 369.971062] get_signal+0x73f/0x16c0 +[ 369.974799] ? ptrace_notify+0x130/0x130 +[ 369.978870] ? __schedule+0x2060/0x2060 +[ 369.982857] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.988751] ? dl_cpu_busy+0x370/0x370 +[ 369.992648] ? __might_sleep+0x95/0x190 +[ 369.996640] do_signal+0x90/0x1eb0 +[ 370.000200] ? mousedev_disconnect+0x3c0/0x3c0 +[ 370.004798] ? _raw_spin_unlock_irqrestore+0xa6/0xba +[ 370.009906] ? setup_sigcontext+0x7d0/0x7d0 +[ 370.014232] ? prepare_to_wait+0x4d0/0x4d0 +[ 370.018483] ? mousedev_disconnect+0x3c0/0x3c0 +[ 370.023065] ? __vfs_read+0xf7/0xa00 +[ 370.026796] ? vfs_copy_file_range+0x940/0x940 +[ 370.031391] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 370.035979] ? exit_to_usermode_loop+0x8c/0x2f0 +[ 370.040667] exit_to_usermode_loop+0x258/0x2f0 +[ 370.045257] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 370.050803] ? rw_verify_area+0xe5/0x2b0 +[ 370.054870] ? __fdget_raw+0x20/0x20 +[ 370.058600] syscall_return_slowpath+0x490/0x550 +[ 370.063365] ? prepare_exit_to_usermode+0x340/0x340 +[ 370.068391] ? SyS_read+0x184/0x220 +[ 370.072118] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 370.077057] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 370.082079] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 370.086850] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 370.091610] RIP: 0033:0x452df9 +[ 370.094803] RSP: 002b:00007fc30d193c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 +[ 370.102516] RAX: fffffffffffffe00 RBX: 000000000071bea0 RCX: 0000000000452df9 +[ 370.109791] RDX: 0000000000000000 RSI: 00000000204fa000 RDI: 0000000000000013 +[ 370.117064] RBP: 000000000000043f R08: 0000000000000000 R09: 0000000000000000 +[ 370.124338] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f4688 +[ 370.131625] R13: 00000000ffffffff R14: 00007fc30d1946d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/180 b/pkg/report/testdata/linux/report/180 new file mode 100644 index 000000000..6241fc753 --- /dev/null +++ b/pkg/report/testdata/linux/report/180 @@ -0,0 +1,162 @@ +# TODO: must be corrupted (report in report). +TITLE: BUG: unable to handle kernel paging request in print_address_description + +[ 85.149573] BUG: unable to handle kernel paging request at ffffffff0001eea6 +[ 85.153038] ================================================================== +[ 85.153056] BUG: KASAN: use-after-free in rb_first_postorder+0x7c/0xa0 +[ 85.153063] Read of size 8 at addr ffff8801d92ca840 by task syz-executor3/13991 +[ 85.153065] +[ 85.153074] CPU: 0 PID: 13991 Comm: syz-executor3 Not tainted 4.15.0-rc7-next-20180115+ #97 +[ 85.153080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 85.153082] Call Trace: +[ 85.153098] dump_stack+0x194/0x257 +[ 85.153111] ? arch_local_irq_restore+0x53/0x53 +[ 85.153121] ? show_regs_print_info+0x18/0x18 +[ 85.153134] ? rb_first_postorder+0x7c/0xa0 +[ 85.153144] print_address_description+0x73/0x250 +[ 85.153151] ? rb_first_postorder+0x7c/0xa0 +[ 85.153158] kasan_report+0x23b/0x360 +[ 85.153168] __asan_report_load8_noabort+0x14/0x20 +[ 85.153175] rb_first_postorder+0x7c/0xa0 +[ 85.153185] tipc_group_join+0x120/0x2d0 +[ 85.153195] ? tipc_group_update_member+0x740/0x740 +[ 85.153201] ? tipc_sk_publish+0x388/0x4b0 +[ 85.153215] ? tipc_nametbl_build_group+0x2a0/0x3a0 +[ 85.153227] tipc_setsockopt+0x67e/0xcc0 +[ 85.153238] ? tipc_sk_leave+0x200/0x200 +[ 85.153261] ? security_socket_setsockopt+0x89/0xb0 +[ 85.153273] SyS_setsockopt+0x189/0x360 +[ 85.153285] ? SyS_recv+0x40/0x40 +[ 85.153297] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 85.153311] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 85.153324] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153330] RIP: 0033:0x452cf9 +[ 85.153333] RSP: 002b:00007f88b463ac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 85.153340] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452cf9 +[ 85.153344] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000015 +[ 85.153348] RBP: 000000000000004d R08: 0000000000000010 R09: 0000000000000000 +[ 85.153352] R10: 0000000020f38000 R11: 0000000000000212 R12: 00000000006ee7d8 +[ 85.153356] R13: 00000000ffffffff R14: 00007f88b463b6d4 R15: 0000000000000000 +[ 85.153370] +[ 85.153373] Allocated by task 13991: +[ 85.153381] save_stack+0x43/0xd0 +[ 85.153387] kasan_kmalloc+0xad/0xe0 +[ 85.153394] kmem_cache_alloc_trace+0x136/0x750 +[ 85.153400] tipc_group_create+0x144/0x900 +[ 85.153405] tipc_setsockopt+0x274/0xcc0 +[ 85.153411] SyS_setsockopt+0x189/0x360 +[ 85.153418] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153419] +[ 85.153421] Freed by task 13991: +[ 85.153427] save_stack+0x43/0xd0 +[ 85.153433] __kasan_slab_free+0x11a/0x170 +[ 85.153439] kasan_slab_free+0xe/0x10 +[ 85.153445] kfree+0xd9/0x260 +[ 85.153451] tipc_group_delete+0x2c8/0x3d0 +[ 85.153457] tipc_setsockopt+0xba3/0xcc0 +[ 85.153462] SyS_setsockopt+0x189/0x360 +[ 85.153469] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153470] +[ 85.153475] The buggy address belongs to the object at ffff8801d92ca840 +[ 85.153475] which belongs to the cache kmalloc-128 of size 128 +[ 85.153480] The buggy address is located 0 bytes inside of +[ 85.153480] 128-byte region [ffff8801d92ca840, ffff8801d92ca8c0) +[ 85.153482] The buggy address belongs to the page: +[ 85.153488] page:ffffea000764b280 count:1 mapcount:0 mapping:ffff8801d92ca000 index:0x0 +[ 85.153494] flags: 0x2fffc0000000100(slab) +[ 85.153504] raw: 02fffc0000000100 ffff8801d92ca000 0000000000000000 0000000100000015 +[ 85.153512] raw: ffffea0007639820 ffffea0007639460 ffff8801dac00640 0000000000000000 +[ 85.153515] page dumped because: kasan: bad access detected +[ 85.153516] +[ 85.153518] Memory state around the buggy address: +[ 85.153523] ffff8801d92ca700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc +[ 85.153528] ffff8801d92ca780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +[ 85.153533] >ffff8801d92ca800: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb +[ 85.153536] ^ +[ 85.153541] ffff8801d92ca880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc +[ 85.153546] ffff8801d92ca900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 85.153548] ================================================================== +[ 85.153572] Kernel panic - not syncing: panic_on_warn set ... +[ 85.153572] +[ 85.536900] IP: dst_release+0x1e/0x90 +[ 85.540682] PGD 6825067 P4D 6825067 PUD 0 +[ 85.544904] Oops: 0002 [#1] SMP KASAN +[ 85.548684] Dumping ftrace buffer: +[ 85.552205] (ftrace buffer empty) +[ 85.555894] Modules linked in: +[ 85.559069] CPU: 1 PID: 13996 Comm: syz-executor5 Tainted: G B 4.15.0-rc7-next-20180115+ #97 +[ 85.568839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 85.578183] RIP: 0010:dst_release+0x1e/0x90 +[ 85.582480] RSP: 0018:ffff8801c247f598 EFLAGS: 00010246 +[ 85.587837] RAX: 0000000000010000 RBX: ffff8801c247f720 RCX: 00000000ffffffff +[ 85.595090] RDX: 0000000000010000 RSI: ffffc90001c77000 RDI: ffffffff0001ee66 +[ 85.602344] RBP: ffff8801c247f5a8 R08: 0000000000000000 R09: 0000000000000000 +[ 85.609596] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff0001ee66 +[ 85.616852] R13: ffffffff0001ee66 R14: ffff8801c247f648 R15: ffff8801c247f7c8 +[ 85.624123] FS: 00007fd191c53700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 85.632351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 85.638218] CR2: ffffffff0001eea6 CR3: 00000001bce8d005 CR4: 00000000001606e0 +[ 85.645474] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 85.652731] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 85.659985] Call Trace: +[ 85.662562] ip6_cork_release.isra.43+0x1bb/0x2c0 +[ 85.667389] ip6_make_skb+0x4f1/0x5a0 +[ 85.671172] ? ip_reply_glue_bits+0xb0/0xb0 +[ 85.675479] ? ip6_push_pending_frames+0xe0/0xe0 +[ 85.680217] ? ip6_dst_hoplimit+0x26c/0x420 +[ 85.684524] ? lock_downgrade+0x980/0x980 +[ 85.688658] ? lock_release+0xa40/0xa40 +[ 85.692614] ? __lock_is_held+0xb6/0x140 +[ 85.696668] ? ip6_dst_hoplimit+0xc1/0x420 +[ 85.700898] ? ip6_find_1stfragopt+0x260/0x260 +[ 85.705473] udpv6_sendmsg+0x27fc/0x3400 +[ 85.709535] ? ip_reply_glue_bits+0xb0/0xb0 +[ 85.713849] ? udpv6_setsockopt+0x80/0x80 +[ 85.717987] ? reacquire_held_locks+0x1f9/0x3e0 +[ 85.722638] ? reacquire_held_locks+0x1f9/0x3e0 +[ 85.727295] ? find_held_lock+0x35/0x1d0 +[ 85.731351] ? release_sock+0x1d4/0x2a0 +[ 85.735308] ? lock_downgrade+0x980/0x980 +[ 85.739438] ? lock_downgrade+0x980/0x980 +[ 85.743573] ? __local_bh_enable_ip+0x121/0x230 +[ 85.748225] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 85.753237] ? release_sock+0x1d4/0x2a0 +[ 85.757192] ? trace_hardirqs_on+0xd/0x10 +[ 85.761323] ? __local_bh_enable_ip+0x121/0x230 +[ 85.765975] ? _raw_spin_unlock_bh+0x30/0x40 +[ 85.770366] ? release_sock+0x1d4/0x2a0 +[ 85.774338] inet_sendmsg+0x11f/0x5e0 +[ 85.778122] ? inet_sendmsg+0x11f/0x5e0 +[ 85.782078] ? __might_sleep+0x95/0x190 +[ 85.786034] ? inet_create+0xf50/0xf50 +[ 85.789904] ? selinux_socket_sendmsg+0x36/0x40 +[ 85.794555] ? security_socket_sendmsg+0x89/0xb0 +[ 85.799310] ? inet_create+0xf50/0xf50 +[ 85.803186] sock_sendmsg+0xca/0x110 +[ 85.806900] SYSC_sendto+0x361/0x5c0 +[ 85.810597] ? SYSC_connect+0x4a0/0x4a0 +[ 85.814554] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 85.819379] ? vfs_write+0x374/0x510 +[ 85.823080] ? wait_for_completion+0x770/0x770 +[ 85.827650] ? __lock_is_held+0xb6/0x140 +[ 85.831714] ? fput+0xd2/0x140 +[ 85.834888] ? SyS_write+0x184/0x220 +[ 85.838585] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 85.843416] SyS_sendto+0x40/0x50 +[ 85.846857] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.851594] RIP: 0033:0x452cf9 +[ 85.854761] RSP: 002b:00007fd191c52c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c +[ 85.862450] RAX: ffffffffffffffda RBX: 00007fd191c52aa0 RCX: 0000000000452cf9 +[ 85.869705] RDX: 0000000000000555 RSI: 00000000204ce000 RDI: 0000000000000013 +[ 85.876958] RBP: 00007fd191c52a90 R08: 0000000020e26fe4 R09: 000000000000001c +[ 85.884210] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c +[ 85.891463] R13: 00007fd191c52bc8 R14: 00000000004b798c R15: 0000000000000000 +[ 85.898731] Code: f7 ff 31 c0 5b 5d c3 66 0f 1f 44 00 00 55 48 89 e5 41 54 53 49 89 fc e8 b1 77 30 fd 4d 85 e4 74 21 e8 a7 77 30 fd b9 ff ff ff ff <f0> 41 0f c1 4c 24 40 89 cb 83 eb 01 78 33 e8 8f 77 30 fd 85 db +[ 85.917879] RIP: dst_release+0x1e/0x90 RSP: ffff8801c247f598 +[ 85.923673] CR2: ffffffff0001eea6 +[ 85.927129] ---[ end trace b421a5a363a9c4fd ]--- +[ 86.211221] Shutting down cpus with NMI +[ 86.215778] Dumping ftrace buffer: +[ 86.219299] (ftrace buffer empty) +[ 86.223002] Kernel Offset: disabled +[ 86.226619] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/181 b/pkg/report/testdata/linux/report/181 new file mode 100644 index 000000000..fe3197a90 --- /dev/null +++ b/pkg/report/testdata/linux/report/181 @@ -0,0 +1,128 @@ +TITLE: WARNING: proc registration bug in clusterip_tg_check + +[ 126.768183] ------------[ cut here ]------------ +[ 126.773124] proc_dir_entry 'ipt_CLUSTERIP/172.20.0.170' already registered +[ 126.780219] WARNING: CPU: 1 PID: 4074 at fs/proc/generic.c:330 proc_register+0x2a4/0x370 +[ 126.788421] Kernel panic - not syncing: panic_on_warn set ... +[ 126.788421] +[ 126.795777] CPU: 1 PID: 4074 Comm: syzkaller105937 Not tainted 4.15.0+ #221 +[ 126.802846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 126.812171] Call Trace: +[ 126.814739] dump_stack+0x194/0x257 +[ 126.818340] ? arch_local_irq_restore+0x53/0x53 +[ 126.822990] ? vsnprintf+0x1ed/0x1900 +[ 126.826768] panic+0x1e4/0x41c +[ 126.829933] ? refcount_error_report+0x214/0x214 +[ 126.834664] ? show_regs_print_info+0x18/0x18 +[ 126.839136] ? __warn+0x1c1/0x200 +[ 126.842565] ? proc_register+0x2a4/0x370 +[ 126.846596] __warn+0x1dc/0x200 +[ 126.849849] ? proc_register+0x2a4/0x370 +[ 126.853885] report_bug+0x211/0x2d0 +[ 126.857493] fixup_bug.part.11+0x37/0x80 +[ 126.861528] do_error_trap+0x2d7/0x3e0 +[ 126.865387] ? vprintk_default+0x28/0x30 +[ 126.869422] ? math_error+0x400/0x400 +[ 126.873192] ? printk+0xaa/0xca +[ 126.876445] ? show_regs_print_info+0x18/0x18 +[ 126.880924] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 126.885744] do_invalid_op+0x1b/0x20 +[ 126.889432] invalid_op+0x22/0x40 +[ 126.892860] RIP: 0010:proc_register+0x2a4/0x370 +[ 126.897499] RSP: 0018:ffff8801da886e20 EFLAGS: 00010286 +[ 126.902834] RAX: dffffc0000000008 RBX: ffff8801d21cc7b8 RCX: ffffffff815a57ae +[ 126.910075] RDX: 0000000000000000 RSI: 1ffff1003b510d74 RDI: 1ffff1003b510d49 +[ 126.917320] RBP: ffff8801da886e70 R08: 1ffff1003b510d0b R09: 0000000000000000 +[ 126.924563] R10: ffff8801da886cd8 R11: 0000000000000000 R12: ffff8801cbf66440 +[ 126.932597] R13: dffffc0000000000 R14: ffff8801ca2fa348 R15: ffff8801cbf66501 +[ 126.939857] ? vprintk_func+0x5e/0xc0 +[ 126.943647] proc_create_data+0xf8/0x180 +[ 126.947687] clusterip_tg_check+0xf9c/0x16d0 +[ 126.952072] ? arp_mangle+0x550/0x550 +[ 126.955847] ? xt_find_target+0x150/0x1e0 +[ 126.959970] ? lock_downgrade+0x980/0x980 +[ 126.964091] ? rcu_read_lock_sched_held+0x108/0x120 +[ 126.969080] ? pcpu_alloc+0x146/0x10e0 +[ 126.972950] ? pcpu_free_area+0xa00/0xa00 +[ 126.977081] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 126.981899] ? kernel_text_address+0x102/0x140 +[ 126.986460] ? wait_for_completion+0x770/0x770 +[ 126.991025] ? unwind_get_return_address+0x61/0xa0 +[ 126.995928] ? __save_stack_trace+0x7e/0xd0 +[ 127.000226] ? arp_mangle+0x550/0x550 +[ 127.004004] xt_check_target+0x22c/0x7d0 +[ 127.008052] ? xt_target_seq_next+0x30/0x30 +[ 127.012352] ? save_stack+0xa3/0xd0 +[ 127.015956] ? save_stack+0x43/0xd0 +[ 127.019556] ? kasan_slab_free+0x71/0xc0 +[ 127.023587] ? kfree+0xd6/0x260 +[ 127.026844] ? mutex_unlock+0xd/0x10 +[ 127.030530] ? xt_find_target+0x17b/0x1e0 +[ 127.034664] find_check_entry.isra.8+0x8c8/0xcb0 +[ 127.039411] ? ipt_do_table+0x1950/0x1950 +[ 127.043545] ? trace_hardirqs_off+0xd/0x10 +[ 127.047752] ? quarantine_put+0xeb/0x190 +[ 127.051785] ? kfree+0xf0/0x260 +[ 127.055042] ? trace_hardirqs_on+0xd/0x10 +[ 127.059165] translate_table+0xed1/0x1610 +[ 127.063300] ? alloc_counters.isra.11+0x7d0/0x7d0 +[ 127.068118] ? kasan_check_write+0x14/0x20 +[ 127.072327] ? _copy_from_user+0x99/0x110 +[ 127.076537] do_ipt_set_ctl+0x370/0x5f0 +[ 127.080488] ? translate_compat_table+0x1b90/0x1b90 +[ 127.085496] ? mutex_unlock+0xd/0x10 +[ 127.089181] ? nf_sockopt_find.constprop.0+0x1a7/0x220 +[ 127.094438] nf_setsockopt+0x67/0xc0 +[ 127.098128] ip_setsockopt+0x97/0xa0 +[ 127.101826] sctp_setsockopt+0x2b6/0x61d0 +[ 127.105950] ? sctp_setsockopt_paddr_thresholds+0x550/0x550 +[ 127.111647] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 127.116814] ? lru_cache_add+0x1c7/0x3a0 +[ 127.120858] ? mem_cgroup_css_offline+0x510/0x510 +[ 127.125685] ? check_noncircular+0x20/0x20 +[ 127.129892] ? __mem_cgroup_threshold+0x8f0/0x8f0 +[ 127.134710] ? mark_held_locks+0xaf/0x100 +[ 127.138835] ? find_held_lock+0x35/0x1d0 +[ 127.142878] ? check_noncircular+0x20/0x20 +[ 127.147086] ? lock_downgrade+0x980/0x980 +[ 127.151207] ? check_noncircular+0x20/0x20 +[ 127.155424] ? lock_release+0xa40/0xa40 +[ 127.159388] ? find_held_lock+0x35/0x1d0 +[ 127.163434] ? avc_has_perm+0x35e/0x680 +[ 127.167382] ? lock_downgrade+0x980/0x980 +[ 127.171506] ? lock_release+0xa40/0xa40 +[ 127.175451] ? lock_downgrade+0x980/0x980 +[ 127.179583] ? __pmd_alloc+0x4e0/0x4e0 +[ 127.183446] ? lock_release+0xa40/0xa40 +[ 127.187395] ? __lock_is_held+0xb6/0x140 +[ 127.191436] ? avc_has_perm+0x43e/0x680 +[ 127.195387] ? avc_has_perm_noaudit+0x520/0x520 +[ 127.200036] ? iterate_fd+0x3f0/0x3f0 +[ 127.203895] ? lock_downgrade+0x980/0x980 +[ 127.208026] ? handle_mm_fault+0x476/0x930 +[ 127.212229] ? down_read_trylock+0xdb/0x170 +[ 127.216523] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 127.221073] ? vmacache_find+0x5f/0x280 +[ 127.225023] ? sock_has_perm+0x2a4/0x420 +[ 127.229059] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 127.234396] ? __do_page_fault+0x3d6/0xc90 +[ 127.238609] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 127.244291] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 127.249563] sock_common_setsockopt+0x95/0xd0 +[ 127.254034] SyS_setsockopt+0x189/0x360 +[ 127.257985] ? SyS_recv+0x40/0x40 +[ 127.261419] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 127.266235] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.271224] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 127.275957] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 127.280685] RIP: 0033:0x44afa9 +[ 127.283845] RSP: 002b:00007f43f70edce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 +[ 127.291525] RAX: ffffffffffffffda RBX: 00000000006e0c3c RCX: 000000000044afa9 +[ 127.298766] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 +[ 127.306007] RBP: 00000000006e0c38 R08: 0000000000000348 R09: 0000000000000000 +[ 127.313246] R10: 0000000020013c90 R11: 0000000000000246 R12: 0000000000000000 +[ 127.320488] R13: 00007ffe194fe84f R14: 00007f43f70ee9c0 R15: 0000000000000005 +[ 127.328274] Dumping ftrace buffer: +[ 127.331883] (ftrace buffer empty) +[ 127.335568] Kernel Offset: disabled +[ 127.339172] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/182 b/pkg/report/testdata/linux/report/182 new file mode 100644 index 000000000..8796d3438 --- /dev/null +++ b/pkg/report/testdata/linux/report/182 @@ -0,0 +1,136 @@ +TITLE: WARNING: kobject bug in br_add_if + +[ 179.154721] kobject_add_internal failed for brport (error: -12 parent: syz6) +[ 179.154909] ------------[ cut here ]------------ +[ 179.154920] WARNING: CPU: 1 PID: 3485 at lib/kobject.c:244 kobject_add_internal+0x3f6/0xbc0 +[ 179.154926] Kernel panic - not syncing: panic_on_warn set ... +[ 179.154926] +[ 179.154934] CPU: 1 PID: 3485 Comm: syz-executor6 Not tainted 4.14.0-rc4+ #80 +[ 179.154939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 179.154943] Call Trace: +[ 179.154951] dump_stack+0x194/0x257 +[ 179.154964] ? arch_local_irq_restore+0x53/0x53 +[ 179.154989] panic+0x1e4/0x417 +[ 179.154998] ? __warn+0x1d9/0x1d9 +[ 179.155011] ? show_regs_print_info+0x65/0x65 +[ 179.155035] ? __warn+0x1a9/0x1d9 +[ 179.155057] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155068] __warn+0x1c4/0x1d9 +[ 179.155081] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155096] report_bug+0x211/0x2d0 +[ 179.155119] fixup_bug+0x40/0x90 +[ 179.155134] do_trap+0x260/0x390 +[ 179.155157] do_error_trap+0x120/0x390 +[ 179.155171] ? trace_hardirqs_on+0xd/0x10 +[ 179.155192] ? do_trap+0x390/0x390 +[ 179.155206] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155215] ? vprintk_emit+0x3ea/0x590 +[ 179.155232] ? rds_tcp_laddr_check+0x40/0x40 +[ 179.155251] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 179.155274] do_invalid_op+0x1b/0x20 +[ 179.155285] invalid_op+0x18/0x20 +[ 179.155295] RIP: 0010:kobject_add_internal+0x3f6/0xbc0 +[ 179.155301] RSP: 0018:ffff8801bf816900 EFLAGS: 00010282 +[ 179.155311] RAX: 0000000000000040 RBX: ffff8801c09b4620 RCX: 0000000000000000 +[ 179.155318] RDX: 0000000000000040 RSI: ffffffff8158d38e RDI: ffffed0037f02d14 +[ 179.155324] RBP: ffff8801bf8169f8 R08: ffff8801bf816070 R09: 0000000000000000 +[ 179.155331] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10037f02d26 +[ 179.155338] R13: 00000000fffffff4 R14: ffff8801cb9b0b30 R15: ffff8801cd01c000 +[ 179.155364] ? vprintk_func+0x5e/0xc0 +[ 179.155392] ? kobj_ns_type_registered+0x50/0x50 +[ 179.155406] ? kfree_const+0x31/0x40 +[ 179.155419] ? rcu_read_lock_sched_held+0x108/0x120 +[ 179.155431] ? kfree+0x1e7/0x250 +[ 179.155449] ? kfree_const+0x36/0x40 +[ 179.155471] kobject_init_and_add+0xf9/0x150 +[ 179.155488] ? kset_create_and_add+0x170/0x170 +[ 179.155510] ? __dev_set_allmulti+0x21b/0x2c0 +[ 179.155522] ? __dev_set_allmulti+0x1cb/0x2c0 +[ 179.155552] br_add_if+0x786/0x1990 +[ 179.155562] ? dev_set_allmulti+0x30/0x30 +[ 179.155589] ? br_features_recompute+0x250/0x250 +[ 179.155601] ? netdev_master_upper_dev_get+0x157/0x200 +[ 179.155616] ? __dev_get_by_flags+0x180/0x180 +[ 179.155627] ? proc_pident_instantiate+0x1de/0x290 +[ 179.155649] br_add_slave+0x29/0x30 +[ 179.155663] ? br_del_slave+0x30/0x30 +[ 179.155673] do_set_master+0x19c/0x1f0 +[ 179.155690] do_setlink+0xa98/0x38e0 +[ 179.155720] ? rtnl_register+0x70/0x70 +[ 179.155738] ? __lock_acquire+0x732/0x4620 +[ 179.155777] ? __lock_acquire+0x732/0x4620 +[ 179.155791] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 179.155801] ? __read_once_size_nocheck.constprop.8+0x10/0x10 +[ 179.155814] ? __alloc_skb+0x13b/0x780 +[ 179.155830] ? print_usage_bug+0x480/0x480 +[ 179.155862] ? rtnl_is_locked+0x54/0xb0 +[ 179.155874] ? rtnl_kfree_skbs+0x70/0x70 +[ 179.155887] ? validate_nla+0x1a7/0x5a0 +[ 179.155912] ? netdev_master_upper_dev_get+0x157/0x200 +[ 179.155927] ? __dev_get_by_flags+0x180/0x180 +[ 179.155942] ? avc_has_perm_noaudit+0xbe/0x520 +[ 179.155964] rtnl_newlink+0xf0d/0x1a40 +[ 179.155975] ? __mutex_lock+0x16f/0x19d0 +[ 179.156014] ? rtnl_link_unregister+0x330/0x330 +[ 179.156037] ? avc_has_extended_perms+0x12c0/0x12c0 +[ 179.156050] ? check_noncircular+0x20/0x20 +[ 179.156062] ? avc_has_extended_perms+0x12c0/0x12c0 +[ 179.156076] ? unwind_get_return_address+0x61/0xa0 +[ 179.156105] ? do_iter_readv_writev+0x531/0x7f0 +[ 179.156129] ? find_held_lock+0x39/0x1d0 +[ 179.156225] ? rtnl_link_unregister+0x330/0x330 +[ 179.156241] rtnetlink_rcv_msg+0x733/0x1090 +[ 179.156251] ? check_noncircular+0x20/0x20 +[ 179.156275] ? rtnl_calcit.isra.24+0x4f0/0x4f0 +[ 179.156315] ? find_held_lock+0x39/0x1d0 +[ 179.156349] ? lock_downgrade+0x990/0x990 +[ 179.156391] ? lock_release+0xd70/0xd70 +[ 179.156405] ? netlink_lookup+0x620/0xa90 +[ 179.156430] ? rtnl_link_unregister+0x330/0x330 +[ 179.156440] ? netlink_connect+0x4e0/0x4e0 +[ 179.156465] ? netlink_deliver_tap+0x176/0xb60 +[ 179.156480] ? iov_iter_advance+0x2a1/0x13f0 +[ 179.156502] netlink_rcv_skb+0x216/0x440 +[ 179.156514] ? rtnl_calcit.isra.24+0x4f0/0x4f0 +[ 179.156529] ? netlink_ack+0xab0/0xab0 +[ 179.156550] ? netlink_skb_destructor+0x1d0/0x1d0 +[ 179.156567] ? selinux_nlmsg_lookup+0x32b/0x430 +[ 179.156587] rtnetlink_rcv+0x1c/0x20 +[ 179.156600] netlink_unicast+0x4e8/0x6f0 +[ 179.156624] ? netlink_attachskb+0x8a0/0x8a0 +[ 179.156646] ? security_netlink_send+0x81/0xb0 +[ 179.156663] netlink_sendmsg+0xa4a/0xe70 +[ 179.156689] ? netlink_unicast+0x6f0/0x6f0 +[ 179.156711] ? security_socket_sendmsg+0x89/0xb0 +[ 179.156722] ? netlink_unicast+0x6f0/0x6f0 +[ 179.156740] sock_sendmsg+0xca/0x110 +[ 179.156759] sock_write_iter+0x320/0x5e0 +[ 179.156777] ? sock_sendmsg+0x110/0x110 +[ 179.156806] ? selinux_capset+0x100/0x100 +[ 179.156819] ? __might_sleep+0x6c/0x190 +[ 179.156842] do_iter_readv_writev+0x531/0x7f0 +[ 179.156866] ? vfs_dedupe_file_range+0x900/0x900 +[ 179.156894] ? rw_verify_area+0xe5/0x2b0 +[ 179.156916] do_iter_write+0x15a/0x540 +[ 179.156929] ? dup_iter+0x260/0x260 +[ 179.156964] vfs_writev+0x18a/0x340 +[ 179.156976] ? __fget_light+0x29d/0x390 +[ 179.156995] ? vfs_iter_write+0xb0/0xb0 +[ 179.157012] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 179.157028] ? kernel_read+0x120/0x120 +[ 179.157075] ? __fdget_pos+0x136/0x1a0 +[ 179.157091] ? __fdget_raw+0x20/0x20 +[ 179.157122] do_writev+0xfc/0x2a0 +[ 179.157135] ? do_writev+0xfc/0x2a0 +[ 179.157158] ? vfs_writev+0x340/0x340 +[ 179.157169] ? entry_SYSCALL_64_fastpath+0x5/0xbe +[ 179.157191] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 179.157215] SyS_writev+0x27/0x30 +[ 179.157232] entry_SYSCALL_64_fastpath+0x1f/0xbe +[ 179.157241] RIP: 0033:0x4520a9 +[ 179.157249] RSP: 002b:00007f4633db3c08 EFLAGS: 00000216 ORIG_RAX: 0000000000000014 +[ 179.157264] RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 +[ 179.157271] RDX: 0000000000000001 RSI: 00000000205d9000 RDI: 0000000000000005 +[ 179.157278] RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 +[ 179.157284] R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004b6c37 +[ 179.157291] R13: 00007f4633db3b48 R14: 00000000004b6c47 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/183 b/pkg/report/testdata/linux/report/183 new file mode 100644 index 000000000..ee7d8dd36 --- /dev/null +++ b/pkg/report/testdata/linux/report/183 @@ -0,0 +1,138 @@ +TITLE: BUG: corrupted list in tipc_nametbl_unsubscribe + +[ 440.811510] list_del corruption. prev->next should be 00000000bc6553ca, but was 0000000038fa8131 +[ 440.811620] ------------[ cut here ]------------ +[ 440.811625] kernel BUG at lib/list_debug.c:53! +[ 440.811637] invalid opcode: 0000 [#1] SMP KASAN +[ 440.811642] Dumping ftrace buffer: +[ 440.811646] (ftrace buffer empty) +[ 440.811649] Modules linked in: +[ 440.811658] CPU: 1 PID: 3200 Comm: syz-executor4 Not tainted 4.15.0-rc8+ #264 +[ 440.811662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 440.811673] RIP: 0010:__list_del_entry_valid+0xef/0x150 +[ 440.811677] RSP: 0018:ffff8801be95eb20 EFLAGS: 00010286 +[ 440.811683] RAX: 0000000000000054 RBX: ffff8801d359f240 RCX: 0000000000000000 +[ 440.811686] RDX: 0000000000000054 RSI: 1ffff10039af2dca RDI: ffffed0037d2bd58 +[ 440.811690] RBP: ffff8801be95eb38 R08: 1ffff10037d2bcfc R09: 0000000000000000 +[ 440.811694] R10: ffff8801be95ea00 R11: 0000000000000000 R12: ffff8801d50e4900 +[ 440.811698] R13: ffff8801be95ecd8 R14: ffff8801c29ac860 R15: ffff8801bd76aa80 +[ 440.811704] FS: 00007f70eee26700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 440.811708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 440.811712] CR2: 00000000010bad18 CR3: 0000000006822006 CR4: 00000000001606e0 +[ 440.811718] Call Trace: +[ 440.811727] ? _raw_spin_lock_bh+0x39/0x40 +[ 440.811737] tipc_nametbl_unsubscribe+0x318/0x990 +[ 440.811751] ? tipc_nametbl_subscribe+0xc10/0xc10 +[ 440.811764] ? lock_acquire+0x1d5/0x580 +[ 440.811770] ? lock_acquire+0x1d5/0x580 +[ 440.811777] ? tipc_subscrb_subscrp_delete+0x8f/0x460 +[ 440.811785] ? __radix_tree_lookup+0x435/0x5e0 +[ 440.811797] ? lock_release+0xa40/0xa40 +[ 440.811806] ? print_irqtrace_events+0x270/0x270 +[ 440.811815] ? find_held_lock+0x35/0x1d0 +[ 440.811828] ? tipc_subscrb_subscrp_delete+0x8f/0x460 +[ 440.811843] tipc_subscrb_subscrp_delete+0x1e9/0x460 +[ 440.811857] ? tipc_subscrp_put+0x360/0x360 +[ 440.811866] ? __local_bh_enable_ip+0x121/0x230 +[ 440.811876] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.811884] ? tipc_conn_lookup+0x74/0x90 +[ 440.811891] ? tipc_subscrb_subscrp_delete+0x460/0x460 +[ 440.811901] tipc_subscrb_release_cb+0x17/0x30 +[ 440.811910] tipc_close_conn+0x171/0x270 +[ 440.811922] tipc_topsrv_kern_unsubscr+0x213/0x340 +[ 440.811928] ? tipc_dest_del+0x350/0x350 +[ 440.811937] ? tipc_topsrv_kern_subscr+0x850/0x850 +[ 440.811947] ? tipc_node_distr_xmit+0x212/0x2b0 +[ 440.811964] tipc_group_delete+0x2c0/0x3d0 +[ 440.811975] ? print_irqtrace_events+0x270/0x270 +[ 440.811984] ? tipc_group_create+0x9c0/0x9c0 +[ 440.811993] ? __tipc_shutdown+0x916/0xc80 +[ 440.811999] ? find_held_lock+0x35/0x1d0 +[ 440.812020] ? tipc_sk_respond+0x550/0x550 +[ 440.812038] tipc_sk_leave+0x10b/0x200 +[ 440.812049] ? tipc_sk_withdraw+0x6b0/0x6b0 +[ 440.812062] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812071] ? lock_sock_nested+0x91/0x110 +[ 440.812080] ? __local_bh_enable_ip+0x121/0x230 +[ 440.812096] tipc_release+0x154/0xfe0 +[ 440.812114] ? kernel_text_address+0x102/0x140 +[ 440.812124] ? tipc_sk_backlog_rcv+0x390/0x390 +[ 440.812132] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812140] ? perf_trace_lock+0xd6/0x900 +[ 440.812147] ? __save_stack_trace+0x7e/0xd0 +[ 440.812156] ? check_noncircular+0x20/0x20 +[ 440.812167] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812183] ? locks_remove_file+0x3fa/0x5a0 +[ 440.812194] ? fcntl_setlk+0x10c0/0x10c0 +[ 440.812200] ? fsnotify+0x7b3/0x1140 +[ 440.812219] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 440.812240] sock_release+0x8d/0x1e0 +[ 440.812249] ? sock_alloc_file+0x560/0x560 +[ 440.812257] sock_close+0x16/0x20 +[ 440.812268] __fput+0x327/0x7e0 +[ 440.812284] ? fput+0x140/0x140 +[ 440.812295] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812311] ____fput+0x15/0x20 +[ 440.812320] task_work_run+0x199/0x270 +[ 440.812333] ? task_work_cancel+0x210/0x210 +[ 440.812342] ? _raw_spin_unlock+0x22/0x30 +[ 440.812351] ? switch_task_namespaces+0x87/0xc0 +[ 440.812365] do_exit+0x9bb/0x1ad0 +[ 440.812374] ? try_to_wake_up+0xf9/0x1600 +[ 440.812389] ? mm_update_next_owner+0x930/0x930 +[ 440.812400] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 440.812408] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 440.812418] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812425] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812438] ? __lock_is_held+0xb6/0x140 +[ 440.812463] ? perf_trace_lock+0xd6/0x900 +[ 440.812479] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812488] ? __perf_event_task_sched_out+0x266/0x1490 +[ 440.812500] ? check_noncircular+0x20/0x20 +[ 440.812516] ? perf_event_sync_stat+0x5b0/0x5b0 +[ 440.812525] ? __perf_event_task_sched_in+0x200/0xc20 +[ 440.812549] ? find_held_lock+0x35/0x1d0 +[ 440.812567] ? get_signal+0x7ae/0x16c0 +[ 440.812577] ? lock_downgrade+0x980/0x980 +[ 440.812595] do_group_exit+0x149/0x400 +[ 440.812604] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812612] ? SyS_exit+0x30/0x30 +[ 440.812620] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812631] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812645] get_signal+0x73f/0x16c0 +[ 440.812664] ? ptrace_notify+0x130/0x130 +[ 440.812678] ? __schedule+0x8f3/0x2060 +[ 440.812685] ? exit_robust_list+0x240/0x240 +[ 440.812701] ? __sched_text_start+0x8/0x8 +[ 440.812719] ? find_held_lock+0x35/0x1d0 +[ 440.812731] do_signal+0x90/0x1eb0 +[ 440.812742] ? task_work_run+0x16c/0x270 +[ 440.812751] ? lock_downgrade+0x980/0x980 +[ 440.812758] ? mntput+0x66/0x90 +[ 440.812769] ? setup_sigcontext+0x7d0/0x7d0 +[ 440.812787] ? schedule+0xf5/0x430 +[ 440.812794] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812804] ? __schedule+0x2060/0x2060 +[ 440.812816] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812824] ? task_work_run+0x1f4/0x270 +[ 440.812837] ? task_work_cancel+0x210/0x210 +[ 440.812849] ? exit_to_usermode_loop+0x8c/0x310 +[ 440.812865] exit_to_usermode_loop+0x214/0x310 +[ 440.812878] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 440.812899] syscall_return_slowpath+0x490/0x550 +[ 440.812908] ? prepare_exit_to_usermode+0x340/0x340 +[ 440.812914] ? SyS_write+0x184/0x220 +[ 440.812924] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 440.812935] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812944] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 440.812961] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 440.812967] RIP: 0033:0x452df9 +[ 440.812971] RSP: 002b:00007f70eee25c88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 440.812978] RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452df9 +[ 440.812983] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +[ 440.812987] RBP: 0000000000000573 R08: 0000000000000000 R09: 0000000000000000 +[ 440.812991] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 +[ 440.812995] R13: 0000000000000014 R14: 00007f70eee266d4 R15: ffffffffffffffff +[ 440.813016] Code: 4c 89 e2 48 c7 c7 c0 fb e0 85 e8 95 26 fe fe 0f 0b 48 c7 c7 20 fc e0 85 e8 87 26 fe fe 0f 0b 48 c7 c7 80 fc e0 85 e8 79 26 fe fe <0f> 0b 48 c7 c7 e0 fc e0 85 e8 6b 26 fe fe 0f 0b 48 89 df 48 89 +[ 440.813159] RIP: __list_del_entry_valid+0xef/0x150 RSP: ffff8801be95eb20 +[ 440.813194] ---[ end trace 0c495e0cee371de9 ]--- diff --git a/pkg/report/testdata/linux/report/184 b/pkg/report/testdata/linux/report/184 new file mode 100644 index 000000000..2770a2186 --- /dev/null +++ b/pkg/report/testdata/linux/report/184 @@ -0,0 +1,52 @@ +TITLE: BUG: corrupted list in __dev_remove_pack + +[ 50.710530] list_del corruption. next->prev should be ffff8801d8caa528, but was ffffffff868a8010 +[ 50.719785] ------------[ cut here ]------------ +[ 50.724628] kernel BUG at lib/list_debug.c:56! +[ 50.729330] invalid opcode: 0000 [#1] SMP +[ 50.733500] Dumping ftrace buffer: +[ 50.737039] (ftrace buffer empty) +[ 50.740755] Modules linked in: +[ 50.743989] CPU: 1 PID: 4654 Comm: syzkaller396097 Tainted: G B 4.12.0+ #7 +[ 50.752136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 50.761509] task: ffff8801cd500000 task.stack: ffff8801d1060000 +[ 50.767597] RIP: 0010:__list_del_entry_valid+0x370/0x390 +[ 50.773063] RSP: 0018:ffff8801d1067968 EFLAGS: 00010292 +[ 50.778450] RAX: 0000000000000054 RBX: 0000000000000000 RCX: 0000000000000000 +[ 50.785740] RDX: 0000000000000000 RSI: ffffea000cbee828 RDI: ffff88021fd15ac0 +[ 50.793030] RBP: ffff8801d10679c8 R08: 0000000000000002 R09: ffff8801d10673f0 +[ 50.800323] R10: 000000003e6d70ea R11: 0000ff0000000000 R12: ffff8801ddca3870 +[ 50.807630] R13: ffff8801d8caa528 R14: ffffffff868a8010 R15: 0000000000000000 +[ 50.814927] FS: 0000000000dd1940(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 +[ 50.823170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 50.829071] CR2: 00007ff2dc3d7db8 CR3: 00000001d6160000 CR4: 00000000001406e0 +[ 50.836366] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 50.843663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 50.850936] Call Trace: +[ 50.853563] __dev_remove_pack+0x2cf/0x490 +[ 50.857828] __unregister_prot_hook+0x2f6/0x470 +[ 50.862526] ? __msan_load_shadow_origin_1+0x5d/0xe0 +[ 50.867663] packet_release+0x3dd/0x1340 +[ 50.871758] ? __msan_load_shadow_origin_4+0x5d/0xe0 +[ 50.876892] ? packet_rcv_spkt+0x6b0/0x6b0 +[ 50.881152] sock_close+0xd3/0x2d0 +[ 50.884725] ? sock_mmap+0xf0/0xf0 +[ 50.888293] __fput+0x3a2/0x8f0 +[ 50.891604] ____fput+0x28/0x40 +[ 50.894905] ? fput+0x2a0/0x2a0 +[ 50.898206] task_work_run+0x17f/0x2b0 +[ 50.902121] do_exit+0xf45/0x32f0 +[ 50.905617] do_group_exit+0x19a/0x320 +[ 50.909533] SYSC_exit_group+0x22/0x30 +[ 50.913445] SyS_exit_group+0x25/0x30 +[ 50.917277] entry_SYSCALL_64_fastpath+0x13/0x94 +[ 50.922048] RIP: 0033:0x447529 +[ 50.925256] RSP: 002b:00007ffe8dca8c98 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 +[ 50.932996] RAX: ffffffffffffffda RBX: 00007ff2db3d6700 RCX: 0000000000447529 +[ 50.940281] RDX: 0000000000445c41 RSI: 0000000000000000 RDI: 0000000000000000 +[ 50.947568] RBP: 00007ffe8dca8c40 R08: 00000000006db1c0 R09: 0000000000000000 +[ 50.954855] R10: 00000000006db144 R11: 0000000000000206 R12: 0000000000000000 +[ 50.962140] R13: 00007ffe8dca8c3f R14: 00007ff2db3d69c0 R15: 0000000000000000 +[ 50.969415] Code: 00 00 48 c7 80 60 09 00 00 00 00 00 00 c7 80 20 03 00 00 00 00 00 00 48 c7 c7 f8 87 43 86 31 c0 4c 89 ee 4c 89 f2 e8 c0 09 d1 fe <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 +[ 50.989516] RIP: __list_del_entry_valid+0x370/0x390 RSP: ffff8801d1067968 +[ 50.996557] ---[ end trace 1b9e265517f5d9ac ]--- diff --git a/pkg/report/testdata/linux/report/185 b/pkg/report/testdata/linux/report/185 new file mode 100644 index 000000000..331c92914 --- /dev/null +++ b/pkg/report/testdata/linux/report/185 @@ -0,0 +1,153 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ip_setsockopt + +[ 36.345030] ====================================================== +[ 36.351334] WARNING: possible circular locking dependency detected +[ 36.357637] 4.15.0+ #221 Not tainted +[ 36.357648] xt_TCPMSS: Only works on TCP SYN packets +[ 36.361324] ------------------------------------------------------ +[ 36.361330] syz-executor5/5807 is trying to acquire lock: +[ 36.361332] (sk_lock-AF_INET){+.+.}, at: [<0000000046bbd7df>] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.361358] +[ 36.361358] but task is already holding lock: +[ 36.361360] (rtnl_mutex){+.+.}, at: [<00000000366b10e7>] rtnl_lock+0x17/0x20 +[ 36.361378] +[ 36.361378] which lock already depends on the new lock. +[ 36.361378] +[ 36.361380] +[ 36.361380] the existing dependency chain (in reverse order) is: +[ 36.361382] +[ 36.361382] -> #2 (rtnl_mutex){+.+.}: +[ 36.421860] __mutex_lock+0x16f/0x1a80 +[ 36.426252] mutex_lock_nested+0x16/0x20 +[ 36.430819] rtnl_lock+0x17/0x20 +[ 36.434693] unregister_netdevice_notifier+0x91/0x4e0 +[ 36.440382] clusterip_tg_destroy+0x389/0x6e0 +[ 36.445370] cleanup_entry+0x218/0x350 +[ 36.449755] __do_replace+0x79d/0xa50 +[ 36.454049] do_ipt_set_ctl+0x40f/0x5f0 +[ 36.458514] nf_setsockopt+0x67/0xc0 +[ 36.462717] ip_setsockopt+0x97/0xa0 +[ 36.466920] tcp_setsockopt+0x82/0xd0 +[ 36.471210] sock_common_setsockopt+0x95/0xd0 +[ 36.476198] SyS_setsockopt+0x189/0x360 +[ 36.480666] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.485909] +[ 36.485909] -> #1 (&xt[i].mutex){+.+.}: +[ 36.491343] __mutex_lock+0x16f/0x1a80 +[ 36.495724] mutex_lock_nested+0x16/0x20 +[ 36.500282] xt_find_table_lock+0x3e/0x3e0 +[ 36.505016] xt_request_find_table_lock+0x28/0xc0 +[ 36.510357] get_info+0x154/0x690 +[ 36.514303] do_ipt_get_ctl+0x159/0xac0 +[ 36.518767] nf_getsockopt+0x6a/0xc0 +[ 36.522973] ip_getsockopt+0x15c/0x220 +[ 36.527357] tcp_getsockopt+0x82/0xd0 +[ 36.531657] sock_common_getsockopt+0x95/0xd0 +[ 36.536644] SyS_getsockopt+0x178/0x340 +[ 36.541108] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.546349] +[ 36.546349] -> #0 (sk_lock-AF_INET){+.+.}: +[ 36.552040] lock_acquire+0x1d5/0x580 +[ 36.556332] lock_sock_nested+0xc2/0x110 +[ 36.560883] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.566302] ip_setsockopt+0x3a/0xa0 +[ 36.570505] raw_setsockopt+0xb7/0xd0 +[ 36.574796] sock_common_setsockopt+0x95/0xd0 +[ 36.579784] SyS_setsockopt+0x189/0x360 +[ 36.584247] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.589488] +[ 36.589488] other info that might help us debug this: +[ 36.589488] +[ 36.597597] Chain exists of: +[ 36.597597] sk_lock-AF_INET --> &xt[i].mutex --> rtnl_mutex +[ 36.597597] +[ 36.607798] Possible unsafe locking scenario: +[ 36.607798] +[ 36.613823] CPU0 CPU1 +[ 36.618462] ---- ---- +[ 36.623095] lock(rtnl_mutex); +[ 36.626343] lock(&xt[i].mutex); +[ 36.632282] lock(rtnl_mutex); +[ 36.638050] lock(sk_lock-AF_INET); +[ 36.641735] +[ 36.641735] *** DEADLOCK *** +[ 36.641735] +[ 36.647767] 1 lock held by syz-executor5/5807: +[ 36.652314] #0: (rtnl_mutex){+.+.}, at: [<00000000366b10e7>] rtnl_lock+0x17/0x20 +[ 36.660004] +[ 36.660004] stack backtrace: +[ 36.664481] CPU: 0 PID: 5807 Comm: syz-executor5 Not tainted 4.15.0+ #221 +[ 36.671375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 36.680701] Call Trace: +[ 36.683264] dump_stack+0x194/0x257 +[ 36.686868] ? arch_local_irq_restore+0x53/0x53 +[ 36.691519] print_circular_bug.isra.38+0x2cd/0x2dc +[ 36.696505] ? save_trace+0xe0/0x2b0 +[ 36.700192] __lock_acquire+0x30a8/0x3e00 +[ 36.704321] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 36.709487] ? rtnl_lock+0x17/0x20 +[ 36.713000] ? __mutex_lock+0x16f/0x1a80 +[ 36.717038] ? rtnl_lock+0x17/0x20 +[ 36.720549] ? rtnl_lock+0x17/0x20 +[ 36.724059] ? __lock_acquire+0x664/0x3e00 +[ 36.728264] ? mutex_lock_io_nested+0x1900/0x1900 +[ 36.733076] ? print_irqtrace_events+0x270/0x270 +[ 36.737809] ? check_noncircular+0x20/0x20 +[ 36.742028] ? print_irqtrace_events+0x270/0x270 +[ 36.746755] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 36.751914] ? do_raw_spin_trylock+0x190/0x190 +[ 36.756464] ? do_raw_spin_trylock+0x190/0x190 +[ 36.761022] ? check_noncircular+0x20/0x20 +[ 36.765234] ? check_noncircular+0x20/0x20 +[ 36.769439] ? find_held_lock+0x35/0x1d0 +[ 36.773472] lock_acquire+0x1d5/0x580 +[ 36.777244] ? lock_sock_nested+0xa3/0x110 +[ 36.781447] ? lock_acquire+0x1d5/0x580 +[ 36.785392] ? do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.790467] ? lock_release+0xa40/0xa40 +[ 36.794411] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 36.800263] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 36.806116] ? do_raw_spin_trylock+0x190/0x190 +[ 36.810670] ? lock_sock_nested+0x44/0x110 +[ 36.814876] lock_sock_nested+0xc2/0x110 +[ 36.818908] ? do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.823984] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.828884] ? ip_ra_control+0x5c0/0x5c0 +[ 36.832920] ? check_noncircular+0x20/0x20 +[ 36.837127] ? compat_start_thread+0x80/0x80 +[ 36.841505] ? do_raw_spin_trylock+0x190/0x190 +[ 36.846059] ? find_held_lock+0x35/0x1d0 +[ 36.850094] ? avc_has_perm+0x35e/0x680 +[ 36.854039] ? lock_downgrade+0x980/0x980 +[ 36.858158] ? lock_release+0xa40/0xa40 +[ 36.862100] ? lock_downgrade+0x980/0x980 +[ 36.866218] ? lock_release+0xa40/0xa40 +[ 36.870162] ? __lock_is_held+0xb6/0x140 +[ 36.874198] ? avc_has_perm+0x43e/0x680 +[ 36.878143] ? avc_has_perm_noaudit+0x520/0x520 +[ 36.882812] ? iterate_fd+0x3f0/0x3f0 +[ 36.886590] ? lock_downgrade+0x980/0x980 +[ 36.890714] ? __lock_is_held+0xb6/0x140 +[ 36.894755] ? schedule+0xf5/0x430 +[ 36.898275] ? sock_has_perm+0x2a4/0x420 +[ 36.902307] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 36.907651] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 36.913333] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 36.918582] ? alloc_file+0x27e/0x390 +[ 36.922357] ip_setsockopt+0x3a/0xa0 +[ 36.926045] raw_setsockopt+0xb7/0xd0 +[ 36.929819] sock_common_setsockopt+0x95/0xd0 +[ 36.934287] SyS_setsockopt+0x189/0x360 +[ 36.938234] ? SyS_recv+0x40/0x40 +[ 36.941656] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 36.946469] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 36.951456] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 36.956183] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.960907] RIP: 0033:0x453299 +[ 36.964070] RSP: 002b:00007f5666182c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 36.971749] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 36.978990] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000013 +[ 36.986231] RBP: 00000000000005c9 R08: 0000000000000004 R09: 0000000000000000 +[ 36.993468] R10: 0000000020000000 R11: 0000000000000212 R12: 00000000006f7b78 +[ 37.000707] R13: 00000000ffffffff R14: 00007f56661836d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/186 b/pkg/report/testdata/linux/report/186 new file mode 100644 index 000000000..1a6c8afc7 --- /dev/null +++ b/pkg/report/testdata/linux/report/186 @@ -0,0 +1,155 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ipv6_setsockopt + +[ 53.842308] ====================================================== +[ 53.848617] WARNING: possible circular locking dependency detected +[ 53.854929] 4.15.0+ #221 Not tainted +[ 53.858633] ------------------------------------------------------ +[ 53.864938] syz-executor3/5627 is trying to acquire lock: +[ 53.870468] (sk_lock-AF_INET6){+.+.}, at: [<000000005bcb19be>] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 53.879944] +[ 53.879944] but task is already holding lock: +[ 53.885893] (rtnl_mutex){+.+.}, at: [<000000001f0e7db0>] rtnl_lock+0x17/0x20 +[ 53.893173] +[ 53.893173] which lock already depends on the new lock. +[ 53.893173] +[ 53.901483] +[ 53.901483] the existing dependency chain (in reverse order) is: +[ 53.909081] +[ 53.909081] -> #2 (rtnl_mutex){+.+.}: +[ 53.914395] __mutex_lock+0x16f/0x1a80 +[ 53.918789] mutex_lock_nested+0x16/0x20 +[ 53.923353] rtnl_lock+0x17/0x20 +[ 53.927224] unregister_netdevice_notifier+0x91/0x4e0 +[ 53.932921] clusterip_tg_destroy+0x389/0x6e0 +[ 53.937916] cleanup_entry+0x218/0x350 +[ 53.942305] __do_replace+0x79d/0xa50 +[ 53.946603] do_ipt_set_ctl+0x40f/0x5f0 +[ 53.951071] nf_setsockopt+0x67/0xc0 +[ 53.955277] ip_setsockopt+0x97/0xa0 +[ 53.959482] tcp_setsockopt+0x82/0xd0 +[ 53.963786] sock_common_setsockopt+0x95/0xd0 +[ 53.968783] SyS_setsockopt+0x189/0x360 +[ 53.973254] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 53.978498] +[ 53.978498] -> #1 (&xt[i].mutex){+.+.}: +[ 53.983939] __mutex_lock+0x16f/0x1a80 +[ 53.988318] mutex_lock_nested+0x16/0x20 +[ 53.992872] xt_find_table_lock+0x3e/0x3e0 +[ 53.997596] xt_request_find_table_lock+0x28/0xc0 +[ 54.002948] get_info+0x154/0x690 +[ 54.006899] do_ip6t_get_ctl+0x159/0xaf0 +[ 54.011454] nf_getsockopt+0x6a/0xc0 +[ 54.015661] ipv6_getsockopt+0x1df/0x2e0 +[ 54.020215] tcp_getsockopt+0x82/0xd0 +[ 54.024511] sock_common_getsockopt+0x95/0xd0 +[ 54.029521] SyS_getsockopt+0x178/0x340 +[ 54.034019] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.039289] +[ 54.039289] -> #0 (sk_lock-AF_INET6){+.+.}: +[ 54.045095] lock_acquire+0x1d5/0x580 +[ 54.049404] lock_sock_nested+0xc2/0x110 +[ 54.053975] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.059482] ipv6_setsockopt+0xd7/0x130 +[ 54.063949] rawv6_setsockopt+0x4a/0xf0 +[ 54.068425] sock_common_setsockopt+0x95/0xd0 +[ 54.073415] SyS_setsockopt+0x189/0x360 +[ 54.077879] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.083122] +[ 54.083122] other info that might help us debug this: +[ 54.083122] +[ 54.091320] Chain exists of: +[ 54.091320] sk_lock-AF_INET6 --> &xt[i].mutex --> rtnl_mutex +[ 54.091320] +[ 54.101614] Possible unsafe locking scenario: +[ 54.101614] +[ 54.107654] CPU0 CPU1 +[ 54.112299] ---- ---- +[ 54.116940] lock(rtnl_mutex); +[ 54.120195] lock(&xt[i].mutex); +[ 54.126138] lock(rtnl_mutex); +[ 54.131908] lock(sk_lock-AF_INET6); +[ 54.135683] +[ 54.135683] *** DEADLOCK *** +[ 54.135683] +[ 54.141717] 1 lock held by syz-executor3/5627: +[ 54.146270] #0: (rtnl_mutex){+.+.}, at: [<000000001f0e7db0>] rtnl_lock+0x17/0x20 +[ 54.153968] +[ 54.153968] stack backtrace: +[ 54.158438] CPU: 0 PID: 5627 Comm: syz-executor3 Not tainted 4.15.0+ #221 +[ 54.165346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 54.174686] Call Trace: +[ 54.177254] dump_stack+0x194/0x257 +[ 54.180856] ? arch_local_irq_restore+0x53/0x53 +[ 54.185512] print_circular_bug.isra.38+0x2cd/0x2dc +[ 54.190524] ? save_trace+0xe0/0x2b0 +[ 54.194214] __lock_acquire+0x30a8/0x3e00 +[ 54.198353] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 54.203528] ? rtnl_lock+0x17/0x20 +[ 54.207054] ? __mutex_lock+0x16f/0x1a80 +[ 54.211090] ? rtnl_lock+0x17/0x20 +[ 54.214607] ? rtnl_lock+0x17/0x20 +[ 54.218122] ? print_irqtrace_events+0x270/0x270 +[ 54.222857] ? __lock_acquire+0x664/0x3e00 +[ 54.227069] ? print_irqtrace_events+0x270/0x270 +[ 54.231804] ? check_noncircular+0x20/0x20 +[ 54.236020] ? print_irqtrace_events+0x270/0x270 +[ 54.240759] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 54.245923] ? check_noncircular+0x20/0x20 +[ 54.250131] ? __lock_acquire+0x664/0x3e00 +[ 54.254341] ? find_held_lock+0x35/0x1d0 +[ 54.258377] lock_acquire+0x1d5/0x580 +[ 54.262160] ? lock_sock_nested+0xa3/0x110 +[ 54.266373] ? lock_acquire+0x1d5/0x580 +[ 54.270321] ? do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.275490] ? lock_release+0xa40/0xa40 +[ 54.279442] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 54.285297] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 54.291156] ? do_raw_spin_trylock+0x190/0x190 +[ 54.295716] ? __enqueue_entity+0x109/0x1e0 +[ 54.300019] ? lock_sock_nested+0x44/0x110 +[ 54.304241] lock_sock_nested+0xc2/0x110 +[ 54.308291] ? do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.313455] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.318444] ? ipv6_update_options+0x330/0x330 +[ 54.323000] ? lock_downgrade+0x980/0x980 +[ 54.327128] ? check_noncircular+0x20/0x20 +[ 54.331333] ? load_balance+0x34c0/0x34c0 +[ 54.335452] ? check_noncircular+0x20/0x20 +[ 54.339657] ? compat_start_thread+0x80/0x80 +[ 54.344041] ? do_raw_spin_trylock+0x190/0x190 +[ 54.348615] ? find_held_lock+0x35/0x1d0 +[ 54.352657] ? avc_has_perm+0x35e/0x680 +[ 54.356601] ? lock_downgrade+0x980/0x980 +[ 54.360719] ? lock_release+0xa40/0xa40 +[ 54.364665] ? lock_downgrade+0x980/0x980 +[ 54.368783] ? lock_release+0xa40/0xa40 +[ 54.372728] ? __lock_is_held+0xb6/0x140 +[ 54.376764] ? avc_has_perm+0x43e/0x680 +[ 54.380723] ? avc_has_perm_noaudit+0x520/0x520 +[ 54.385371] ? iterate_fd+0x3f0/0x3f0 +[ 54.389152] ? lock_downgrade+0x980/0x980 +[ 54.393272] ? __lock_is_held+0xb6/0x140 +[ 54.397304] ? schedule+0xf5/0x430 +[ 54.400818] ? sock_has_perm+0x2a4/0x420 +[ 54.404847] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 54.410180] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 54.415859] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 54.421103] ? alloc_file+0x27e/0x390 +[ 54.424874] ipv6_setsockopt+0xd7/0x130 +[ 54.428817] ? ipv6_setsockopt+0xd7/0x130 +[ 54.432936] rawv6_setsockopt+0x4a/0xf0 +[ 54.436883] sock_common_setsockopt+0x95/0xd0 +[ 54.441349] SyS_setsockopt+0x189/0x360 +[ 54.445294] ? SyS_recv+0x40/0x40 +[ 54.448720] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 54.453538] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 54.458530] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 54.463255] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.467980] RIP: 0033:0x453299 +[ 54.471138] RSP: 002b:00007f426abc9c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 54.478825] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 54.486067] RDX: 0000000000000001 RSI: 0000000000000029 RDI: 0000000000000013 +[ 54.493317] RBP: 00000000000005cd R08: 0000000000000004 R09: 0000000000000000 +[ 54.500565] R10: 000000002095affc R11: 0000000000000212 R12: 00000000006f7bd8 +[ 54.507812] R13: 00000000ffffffff R14: 00007f426abca6d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/187 b/pkg/report/testdata/linux/report/187 new file mode 100644 index 000000000..556766f49 --- /dev/null +++ b/pkg/report/testdata/linux/report/187 @@ -0,0 +1,145 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ip_getsockopt + +[ 37.884335] ====================================================== +[ 37.890648] WARNING: possible circular locking dependency detected +[ 37.896957] 4.15.0+ #221 Not tainted +[ 37.900664] ------------------------------------------------------ +[ 37.906977] syz-executor1/6283 is trying to acquire lock: +[ 37.912502] (sk_lock-AF_INET){+.+.}, at: [<0000000075c3d11e>] do_ip_getsockopt+0x1b3/0x2170 +[ 37.921085] +[ 37.921085] but task is already holding lock: +[ 37.927043] (rtnl_mutex){+.+.}, at: [<0000000058d7a825>] rtnl_lock+0x17/0x20 +[ 37.934327] +[ 37.934327] which lock already depends on the new lock. +[ 37.934327] +[ 37.942626] +[ 37.942626] the existing dependency chain (in reverse order) is: +[ 37.950234] +[ 37.950234] -> #2 (rtnl_mutex){+.+.}: +[ 37.955514] __mutex_lock+0x16f/0x1a80 +[ 37.959916] mutex_lock_nested+0x16/0x20 +[ 37.964489] rtnl_lock+0x17/0x20 +[ 37.968369] unregister_netdevice_notifier+0x91/0x4e0 +[ 37.974072] clusterip_tg_destroy+0x389/0x6e0 +[ 37.979083] cleanup_entry+0x218/0x350 +[ 37.983485] __do_replace+0x79d/0xa50 +[ 37.987787] do_ipt_set_ctl+0x40f/0x5f0 +[ 37.992268] nf_setsockopt+0x67/0xc0 +[ 37.996489] ip_setsockopt+0x97/0xa0 +[ 38.000713] tcp_setsockopt+0x82/0xd0 +[ 38.005018] sock_common_setsockopt+0x95/0xd0 +[ 38.010022] SyS_setsockopt+0x189/0x360 +[ 38.014511] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.019767] +[ 38.019767] -> #1 (&xt[i].mutex){+.+.}: +[ 38.025203] __mutex_lock+0x16f/0x1a80 +[ 38.029593] mutex_lock_nested+0x16/0x20 +[ 38.034182] xt_find_table_lock+0x3e/0x3e0 +[ 38.038908] xt_request_find_table_lock+0x28/0xc0 +[ 38.044246] get_info+0x154/0x690 +[ 38.048201] do_ipt_get_ctl+0x159/0xac0 +[ 38.052681] nf_getsockopt+0x6a/0xc0 +[ 38.056906] ip_getsockopt+0x15c/0x220 +[ 38.061305] tcp_getsockopt+0x82/0xd0 +[ 38.065606] sock_common_getsockopt+0x95/0xd0 +[ 38.070607] SyS_getsockopt+0x178/0x340 +[ 38.075080] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.080323] +[ 38.080323] -> #0 (sk_lock-AF_INET){+.+.}: +[ 38.086018] lock_acquire+0x1d5/0x580 +[ 38.090315] lock_sock_nested+0xc2/0x110 +[ 38.094870] do_ip_getsockopt+0x1b3/0x2170 +[ 38.099597] ip_getsockopt+0x90/0x220 +[ 38.103897] tcp_getsockopt+0x82/0xd0 +[ 38.108192] sock_common_getsockopt+0x95/0xd0 +[ 38.113176] SyS_getsockopt+0x178/0x340 +[ 38.117642] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.122886] +[ 38.122886] other info that might help us debug this: +[ 38.122886] +[ 38.130998] Chain exists of: +[ 38.130998] sk_lock-AF_INET --> &xt[i].mutex --> rtnl_mutex +[ 38.130998] +[ 38.141214] Possible unsafe locking scenario: +[ 38.141214] +[ 38.147241] CPU0 CPU1 +[ 38.151875] ---- ---- +[ 38.156510] lock(rtnl_mutex); +[ 38.159757] lock(&xt[i].mutex); +[ 38.165700] lock(rtnl_mutex); +[ 38.171474] lock(sk_lock-AF_INET); +[ 38.175156] +[ 38.175156] *** DEADLOCK *** +[ 38.175156] +[ 38.181182] 1 lock held by syz-executor1/6283: +[ 38.185730] #0: (rtnl_mutex){+.+.}, at: [<0000000058d7a825>] rtnl_lock+0x17/0x20 +[ 38.193418] +[ 38.193418] stack backtrace: +[ 38.197887] CPU: 0 PID: 6283 Comm: syz-executor1 Not tainted 4.15.0+ #221 +[ 38.204778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 38.214110] Call Trace: +[ 38.216679] dump_stack+0x194/0x257 +[ 38.220280] ? arch_local_irq_restore+0x53/0x53 +[ 38.224924] print_circular_bug.isra.38+0x2cd/0x2dc +[ 38.229912] ? save_trace+0xe0/0x2b0 +[ 38.233596] __lock_acquire+0x30a8/0x3e00 +[ 38.237725] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 38.242884] ? rtnl_lock+0x17/0x20 +[ 38.246394] ? rtnl_lock+0x17/0x20 +[ 38.249904] ? plist_add+0x5cb/0x760 +[ 38.253593] ? mutex_lock_io_nested+0x1900/0x1900 +[ 38.258411] ? print_irqtrace_events+0x270/0x270 +[ 38.263137] ? print_irqtrace_events+0x270/0x270 +[ 38.267862] ? check_noncircular+0x20/0x20 +[ 38.272069] ? check_noncircular+0x20/0x20 +[ 38.276276] ? futex_wait_queue_me+0x527/0x7e0 +[ 38.280834] lock_acquire+0x1d5/0x580 +[ 38.284610] ? lock_acquire+0x1d5/0x580 +[ 38.288557] ? do_ip_getsockopt+0x1b3/0x2170 +[ 38.292938] ? lock_release+0xa40/0xa40 +[ 38.296984] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 38.302842] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 38.308707] ? do_raw_spin_trylock+0x190/0x190 +[ 38.313268] ? mmdrop+0x18/0x30 +[ 38.316521] ? lock_sock_nested+0x44/0x110 +[ 38.320738] lock_sock_nested+0xc2/0x110 +[ 38.324775] ? do_ip_getsockopt+0x1b3/0x2170 +[ 38.329153] do_ip_getsockopt+0x1b3/0x2170 +[ 38.333365] ? rcu_read_lock+0x90/0x90 +[ 38.337242] ? finish_task_switch+0x1d3/0x740 +[ 38.341708] ? lock_downgrade+0x980/0x980 +[ 38.345828] ? check_noncircular+0x20/0x20 +[ 38.350041] ? check_noncircular+0x20/0x20 +[ 38.354254] ? compat_start_thread+0x80/0x80 +[ 38.358653] ? find_held_lock+0x35/0x1d0 +[ 38.362705] ? avc_has_perm+0x35e/0x680 +[ 38.366653] ? lock_downgrade+0x980/0x980 +[ 38.370783] ? __fget+0x333/0x570 +[ 38.374213] ? lock_release+0xa40/0xa40 +[ 38.378159] ? lock_release+0xa40/0xa40 +[ 38.382111] ? __lock_is_held+0xb6/0x140 +[ 38.386157] ? avc_has_perm+0x43e/0x680 +[ 38.390103] ? avc_has_perm_noaudit+0x520/0x520 +[ 38.394747] ? lock_downgrade+0x980/0x980 +[ 38.398874] ? handle_mm_fault+0x476/0x930 +[ 38.403083] ? down_read_trylock+0xdb/0x170 +[ 38.407380] ? schedule+0xf5/0x430 +[ 38.410895] ? vmacache_update+0xfe/0x130 +[ 38.415025] ip_getsockopt+0x90/0x220 +[ 38.418803] ? do_ip_getsockopt+0x2170/0x2170 +[ 38.423276] tcp_getsockopt+0x82/0xd0 +[ 38.427060] sock_common_getsockopt+0x95/0xd0 +[ 38.431545] SyS_getsockopt+0x178/0x340 +[ 38.435492] ? SyS_setsockopt+0x360/0x360 +[ 38.439617] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 38.444433] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 38.449421] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 38.454152] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.458877] RIP: 0033:0x453299 +[ 38.462040] RSP: 002b:00007fe19de99c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 +[ 38.469718] RAX: ffffffffffffffda RBX: 000000000071bf58 RCX: 0000000000453299 +[ 38.476957] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000013 +[ 38.484197] RBP: 000000000000052b R08: 0000000020a5b000 R09: 0000000000000000 +[ 38.491437] R10: 0000000020296000 R11: 0000000000000212 R12: 00000000006f6ca8 +[ 38.498678] R13: 00000000ffffffff R14: 00007fe19de9a6d4 R15: 0000000000000003 diff --git a/pkg/report/testdata/linux/report/188 b/pkg/report/testdata/linux/report/188 new file mode 100644 index 000000000..0d13aae4f --- /dev/null +++ b/pkg/report/testdata/linux/report/188 @@ -0,0 +1,181 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in rtnl_lock + +[ 82.159264] ====================================================== +[ 82.165575] WARNING: possible circular locking dependency detected +[ 82.171877] 4.15.0+ #221 Not tainted +[ 82.175574] ------------------------------------------------------ +[ 82.181875] syz-executor0/4217 is trying to acquire lock: +[ 82.187393] (rtnl_mutex){+.+.}, at: [<00000000ac220e5b>] rtnl_lock+0x17/0x20 +[ 82.194670] +[ 82.194670] but task is already holding lock: +[ 82.200628] (&xt[i].mutex){+.+.}, at: [<000000008835a5fc>] xt_find_table_lock+0x3e/0x3e0 +[ 82.208949] +[ 82.208949] which lock already depends on the new lock. +[ 82.208949] +[ 82.217245] +[ 82.217245] the existing dependency chain (in reverse order) is: +[ 82.224847] +[ 82.224847] -> #2 (&xt[i].mutex){+.+.}: +[ 82.230301] __mutex_lock+0x16f/0x1a80 +[ 82.234698] mutex_lock_nested+0x16/0x20 +[ 82.239270] xt_find_revision+0xc9/0x2b0 +[ 82.243836] do_ip6t_get_ctl+0x963/0xaf0 +[ 82.248402] nf_getsockopt+0x6a/0xc0 +[ 82.252628] ipv6_getsockopt+0x1df/0x2e0 +[ 82.257181] tcp_getsockopt+0x82/0xd0 +[ 82.261478] sock_common_getsockopt+0x95/0xd0 +[ 82.266465] SyS_getsockopt+0x178/0x340 +[ 82.270931] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.276178] +[ 82.276178] -> #1 (sk_lock-AF_INET6){+.+.}: +[ 82.281955] lock_sock_nested+0xc2/0x110 +[ 82.286511] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 82.292020] ipv6_setsockopt+0xd7/0x130 +[ 82.296485] rawv6_setsockopt+0x4a/0xf0 +[ 82.300951] sock_common_setsockopt+0x95/0xd0 +[ 82.305938] SyS_setsockopt+0x189/0x360 +[ 82.310404] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.315648] +[ 82.315648] -> #0 (rtnl_mutex){+.+.}: +[ 82.320904] lock_acquire+0x1d5/0x580 +[ 82.325195] __mutex_lock+0x16f/0x1a80 +[ 82.329577] mutex_lock_nested+0x16/0x20 +[ 82.334133] rtnl_lock+0x17/0x20 +[ 82.337991] unregister_netdevice_notifier+0x91/0x4e0 +[ 82.343677] clusterip_tg_destroy+0x389/0x6e0 +[ 82.348665] cleanup_entry+0x218/0x350 +[ 82.353041] __do_replace+0x79d/0xa50 +[ 82.357330] do_ipt_set_ctl+0x40f/0x5f0 +[ 82.361794] nf_setsockopt+0x67/0xc0 +[ 82.365998] ip_setsockopt+0x97/0xa0 +[ 82.370210] tcp_setsockopt+0x82/0xd0 +[ 82.374503] sock_common_setsockopt+0x95/0xd0 +[ 82.379488] SyS_setsockopt+0x189/0x360 +[ 82.383951] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.389194] +[ 82.389194] other info that might help us debug this: +[ 82.389194] +[ 82.397306] Chain exists of: +[ 82.397306] rtnl_mutex --> sk_lock-AF_INET6 --> &xt[i].mutex +[ 82.397306] +[ 82.407594] Possible unsafe locking scenario: +[ 82.407594] +[ 82.413618] CPU0 CPU1 +[ 82.418255] ---- ---- +[ 82.422888] lock(&xt[i].mutex); +[ 82.426310] lock(sk_lock-AF_INET6); +[ 82.432596] lock(&xt[i].mutex); +[ 82.438536] lock(rtnl_mutex); +[ 82.441786] +[ 82.441786] *** DEADLOCK *** +[ 82.441786] +[ 82.447816] 1 lock held by syz-executor0/4217: +[ 82.452362] #0: (&xt[i].mutex){+.+.}, at: [<000000008835a5fc>] xt_find_table_lock+0x3e/0x3e0 +[ 82.461090] +[ 82.461090] stack backtrace: +[ 82.465557] CPU: 1 PID: 4217 Comm: syz-executor0 Not tainted 4.15.0+ #221 +[ 82.472450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 82.481772] Call Trace: +[ 82.484336] dump_stack+0x194/0x257 +[ 82.487933] ? arch_local_irq_restore+0x53/0x53 +[ 82.492576] print_circular_bug.isra.38+0x2cd/0x2dc +[ 82.497565] ? save_trace+0xe0/0x2b0 +[ 82.501250] __lock_acquire+0x30a8/0x3e00 +[ 82.505369] ? print_irqtrace_events+0x270/0x270 +[ 82.510099] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.515261] ? print_irqtrace_events+0x270/0x270 +[ 82.519990] ? print_irqtrace_events+0x270/0x270 +[ 82.524718] ? __lock_acquire+0x664/0x3e00 +[ 82.528924] ? __lock_acquire+0x664/0x3e00 +[ 82.533130] ? __is_insn_slot_addr+0x1fc/0x330 +[ 82.537685] ? lock_downgrade+0x980/0x980 +[ 82.541808] ? lock_release+0xa40/0xa40 +[ 82.545754] ? bpf_prog_kallsyms_find+0xbd/0x440 +[ 82.550483] ? modules_open+0xa0/0xa0 +[ 82.554254] ? trace_raw_output_xdp_redirect_map_err+0x440/0x440 +[ 82.560369] ? lock_downgrade+0x980/0x980 +[ 82.564492] ? __free_insn_slot+0x5c0/0x5c0 +[ 82.568782] ? check_noncircular+0x20/0x20 +[ 82.572986] lock_acquire+0x1d5/0x580 +[ 82.576759] ? lock_acquire+0x1d5/0x580 +[ 82.580705] ? rtnl_lock+0x17/0x20 +[ 82.584218] ? lock_release+0xa40/0xa40 +[ 82.588707] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 82.594565] ? unwind_get_return_address+0x61/0xa0 +[ 82.599467] ? rcu_note_context_switch+0x710/0x710 +[ 82.604377] ? __might_sleep+0x95/0x190 +[ 82.608332] ? rtnl_lock+0x17/0x20 +[ 82.611847] __mutex_lock+0x16f/0x1a80 +[ 82.615706] ? rtnl_lock+0x17/0x20 +[ 82.619216] ? save_trace+0xe0/0x2b0 +[ 82.622903] ? rtnl_lock+0x17/0x20 +[ 82.626412] ? __lock_acquire+0x36c0/0x3e00 +[ 82.630709] ? mutex_lock_io_nested+0x1900/0x1900 +[ 82.635524] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.640685] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.645848] ? __free_insn_slot+0x5c0/0x5c0 +[ 82.650143] ? is_bpf_text_address+0xa4/0x120 +[ 82.654611] ? rcutorture_record_progress+0x10/0x10 +[ 82.659602] ? is_bpf_text_address+0xa4/0x120 +[ 82.664066] ? kernel_text_address+0x102/0x140 +[ 82.668618] ? __kernel_text_address+0xd/0x40 +[ 82.673084] ? unwind_get_return_address+0x61/0xa0 +[ 82.677988] ? depot_save_stack+0x12c/0x490 +[ 82.682284] ? check_noncircular+0x20/0x20 +[ 82.686491] ? check_noncircular+0x20/0x20 +[ 82.690702] ? save_stack+0x43/0xd0 +[ 82.694302] ? kasan_kmalloc+0xad/0xe0 +[ 82.698160] ? __kmalloc_node+0x47/0x70 +[ 82.702111] ? xt_replace_table+0x23c/0x9d0 +[ 82.706405] ? __do_replace+0x2e3/0xa50 +[ 82.710350] ? do_ipt_set_ctl+0x40f/0x5f0 +[ 82.714473] mutex_lock_nested+0x16/0x20 +[ 82.718504] ? mutex_lock_nested+0x16/0x20 +[ 82.722710] rtnl_lock+0x17/0x20 +[ 82.726050] unregister_netdevice_notifier+0x91/0x4e0 +[ 82.731212] ? clusterip_tg_destroy+0x36a/0x6e0 +[ 82.735852] ? lock_downgrade+0x980/0x980 +[ 82.739970] ? register_netdevice_notifier+0x860/0x860 +[ 82.745218] ? __lock_is_held+0xb6/0x140 +[ 82.749254] ? mark_held_locks+0xaf/0x100 +[ 82.753381] ? do_raw_spin_trylock+0x190/0x190 +[ 82.757944] ? __local_bh_enable_ip+0x121/0x230 +[ 82.762586] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 82.767574] ? clusterip_tg_destroy+0x350/0x6e0 +[ 82.772215] ? trace_hardirqs_on+0xd/0x10 +[ 82.776333] clusterip_tg_destroy+0x389/0x6e0 +[ 82.780799] ? free_modinfo_version+0x70/0x70 +[ 82.785264] ? clusterip_tg+0xa40/0xa40 +[ 82.789207] ? cpumask_next+0x24/0x30 +[ 82.792980] ? __lock_is_held+0xb6/0x140 +[ 82.797015] ? clusterip_tg+0xa40/0xa40 +[ 82.800967] cleanup_entry+0x218/0x350 +[ 82.804823] ? cleanup_match+0x220/0x220 +[ 82.808858] ? find_next_bit+0x27/0x30 +[ 82.812721] __do_replace+0x79d/0xa50 +[ 82.816495] ? compat_table_info+0x470/0x470 +[ 82.820879] ? kasan_check_write+0x14/0x20 +[ 82.825087] ? _copy_from_user+0x99/0x110 +[ 82.829207] do_ipt_set_ctl+0x40f/0x5f0 +[ 82.833153] ? translate_compat_table+0x1b90/0x1b90 +[ 82.838141] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 82.842701] ? mutex_unlock+0xd/0x10 +[ 82.846389] ? nf_sockopt_find.constprop.0+0x1a7/0x220 +[ 82.851640] nf_setsockopt+0x67/0xc0 +[ 82.855329] ip_setsockopt+0x97/0xa0 +[ 82.859017] tcp_setsockopt+0x82/0xd0 +[ 82.862792] sock_common_setsockopt+0x95/0xd0 +[ 82.867258] SyS_setsockopt+0x189/0x360 +[ 82.871203] ? SyS_recv+0x40/0x40 +[ 82.874629] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 82.879442] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 82.884436] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 82.889170] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.893895] RIP: 0033:0x455d8a +[ 82.897058] RSP: 002b:0000000000a2f598 EFLAGS: 00000206 ORIG_RAX: 0000000000000036 +[ 82.904739] RAX: ffffffffffffffda RBX: 00000000006f8a40 RCX: 0000000000455d8a +[ 82.911978] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000013 +[ 82.919220] RBP: 00000000006f8a40 R08: 00000000000002d8 R09: 0000000000000001 +[ 82.926461] R10: 00000000006f8e68 R11: 0000000000000206 R12: 0000000000000013 +[ 82.933703] R13: 00000000006fb9e8 R14: 00000000000140a1 R15: 0000000000000001 diff --git a/pkg/report/testdata/linux/report/189 b/pkg/report/testdata/linux/report/189 new file mode 100644 index 000000000..7e541feed --- /dev/null +++ b/pkg/report/testdata/linux/report/189 @@ -0,0 +1,168 @@ +# Note: 189-190 have the same root cause. +TITLE: possible deadlock in vcs_read + +[ 75.037355] ====================================================== +[ 75.037357] WARNING: possible circular locking dependency detected +[ 75.037363] 4.15.0-rc2+ #216 Not tainted +[ 75.037365] ------------------------------------------------------ +[ 75.037369] syz-executor7/8848 is trying to acquire lock: +[ 75.037371] (console_lock){+.+.}, at: [<000000001c8cd30e>] vcs_read+0x129/0xae0 +[ 75.037394] +[ 75.037394] but task is already holding lock: +[ 75.037395] (&pipe->mutex/1){+.+.}, at: [<00000000dd7fc330>] pipe_lock+0x56/0x70 +[ 75.037414] +[ 75.037414] which lock already depends on the new lock. +[ 75.037414] +[ 75.037416] +[ 75.037416] the existing dependency chain (in reverse order) is: +[ 75.037418] +[ 75.037418] -> #3 (&pipe->mutex/1){+.+.}: +[ 75.037437] lock_acquire+0x1d5/0x580 +[ 75.037447] __mutex_lock+0x16f/0x1a80 +[ 75.037457] mutex_lock_nested+0x16/0x20 +[ 75.037463] pipe_lock+0x56/0x70 +[ 75.037473] iter_file_splice_write+0x264/0xf30 +[ 75.037480] SyS_splice+0x7d5/0x1630 +[ 75.037487] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037489] +[ 75.037489] -> #2 (sb_writers){.+.+}: +[ 75.037502] dput.part.23+0x492/0x830 +[ 75.037508] dput+0x1f/0x30 +[ 75.037521] done_path_create+0xad/0x110 +[ 75.037532] handle_create+0x196/0x760 +[ 75.037542] devtmpfsd+0x3b4/0x4b0 +[ 75.037544] +[ 75.037544] -> #1 ((completion)&req.done){+.+.}: +[ 75.037559] lock_acquire+0x1d5/0x580 +[ 75.037569] wait_for_completion+0xcb/0x7b0 +[ 75.037580] devtmpfs_create_node+0x32b/0x4a0 +[ 75.037589] device_add+0x120f/0x1640 +[ 75.037597] device_create_groups_vargs+0x1f3/0x250 +[ 75.037605] device_create+0xda/0x110 +[ 75.037612] vcs_make_sysfs+0x35/0x60 +[ 75.037621] vc_allocate+0x4b7/0x6b0 +[ 75.037630] con_install+0x52/0x440 +[ 75.037637] tty_init_dev+0xf6/0x4a0 +[ 75.037651] tty_open+0x608/0xab0 +[ 75.037662] chrdev_open+0x257/0x730 +[ 75.037673] do_dentry_open+0x682/0xd70 +[ 75.037682] vfs_open+0x107/0x230 +[ 75.037690] path_openat+0x1157/0x3530 +[ 75.037700] do_filp_open+0x25b/0x3b0 +[ 75.037708] do_sys_open+0x502/0x6d0 +[ 75.037716] SyS_open+0x2d/0x40 +[ 75.037724] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037726] +[ 75.037726] -> #0 (console_lock){+.+.}: +[ 75.037739] __lock_acquire+0x3498/0x47f0 +[ 75.037746] lock_acquire+0x1d5/0x580 +[ 75.037754] console_lock+0x4b/0x80 +[ 75.037760] vcs_read+0x129/0xae0 +[ 75.037768] do_iter_read+0x3db/0x5b0 +[ 75.037773] vfs_readv+0x121/0x1c0 +[ 75.037779] default_file_splice_read+0x508/0xae0 +[ 75.037784] do_splice_to+0x110/0x170 +[ 75.037790] SyS_splice+0x11a8/0x1630 +[ 75.037796] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037798] +[ 75.037798] other info that might help us debug this: +[ 75.037798] +[ 75.037800] Chain exists of: +[ 75.037800] console_lock --> sb_writers --> &pipe->mutex/1 +[ 75.037800] +[ 75.037809] Possible unsafe locking scenario: +[ 75.037809] +[ 75.037811] CPU0 CPU1 +[ 75.037812] ---- ---- +[ 75.037813] lock(&pipe->mutex/1); +[ 75.037818] lock(sb_writers); +[ 75.037822] lock(&pipe->mutex/1); +[ 75.037826] lock(console_lock); +[ 75.037829] +[ 75.037829] *** DEADLOCK *** +[ 75.037829] +[ 75.037832] 1 lock held by syz-executor7/8848: +[ 75.037833] #0: (&pipe->mutex/1){+.+.}, at: [<00000000dd7fc330>] pipe_lock+0x56/0x70 +[ 75.037843] +[ 75.037843] stack backtrace: +[ 75.037850] CPU: 0 PID: 8848 Comm: syz-executor7 Not tainted 4.15.0-rc2+ #216 +[ 75.037853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 75.037855] Call Trace: +[ 75.037864] dump_stack+0x194/0x257 +[ 75.037871] ? arch_local_irq_restore+0x53/0x53 +[ 75.037883] print_circular_bug+0x42d/0x610 +[ 75.037892] ? save_stack_trace+0x1a/0x20 +[ 75.037901] check_prev_add+0x666/0x15f0 +[ 75.037908] ? copy_trace+0x150/0x150 +[ 75.037916] ? check_usage+0xb60/0xb60 +[ 75.037922] ? __save_stack_trace+0x61/0xd0 +[ 75.037933] ? save_stack_trace+0x1a/0x20 +[ 75.037941] __lock_acquire+0x3498/0x47f0 +[ 75.037948] ? __lock_acquire+0x3498/0x47f0 +[ 75.037963] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 75.037970] ? check_noncircular+0x20/0x20 +[ 75.037977] ? perf_trace_lock+0xd6/0x900 +[ 75.037983] ? __lock_is_held+0xbc/0x140 +[ 75.037992] ? trace_event_raw_event_lock+0x340/0x340 +[ 75.038000] ? check_noncircular+0x20/0x20 +[ 75.038007] ? __lock_is_held+0xbc/0x140 +[ 75.038017] ? check_noncircular+0x20/0x20 +[ 75.038025] ? rcu_read_lock_sched_held+0x108/0x120 +[ 75.038033] ? find_held_lock+0x39/0x1d0 +[ 75.038042] ? print_usage_bug+0x3f0/0x3f0 +[ 75.038050] ? lock_downgrade+0x980/0x980 +[ 75.038060] lock_acquire+0x1d5/0x580 +[ 75.038066] ? vcs_read+0x129/0xae0 +[ 75.038073] ? lock_release+0xda0/0xda0 +[ 75.038080] ? lock_release+0xda0/0xda0 +[ 75.038086] ? mark_held_locks+0xb2/0x100 +[ 75.038093] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 75.038101] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 75.038107] ? trace_hardirqs_on+0xd/0x10 +[ 75.038116] console_lock+0x4b/0x80 +[ 75.038121] ? vcs_read+0x129/0xae0 +[ 75.038126] vcs_read+0x129/0xae0 +[ 75.038136] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 75.038145] ? selinux_file_permission+0x82/0x460 +[ 75.038151] ? vcs_poll+0x130/0x130 +[ 75.038157] ? security_file_permission+0x89/0x1f0 +[ 75.038165] ? rw_verify_area+0xe5/0x2b0 +[ 75.038174] do_iter_read+0x3db/0x5b0 +[ 75.038182] ? dup_iter+0x260/0x260 +[ 75.038192] vfs_readv+0x121/0x1c0 +[ 75.038200] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 +[ 75.038206] ? lock_acquire+0x1d5/0x580 +[ 75.038211] ? pipe_lock+0x56/0x70 +[ 75.038219] ? lock_release+0xda0/0xda0 +[ 75.038227] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 75.038235] ? rcu_note_context_switch+0x710/0x710 +[ 75.038242] ? __might_sleep+0x95/0x190 +[ 75.038247] ? pipe_lock+0x56/0x70 +[ 75.038256] ? __mutex_lock+0x16f/0x1a80 +[ 75.038260] ? pipe_lock+0x56/0x70 +[ 75.038269] default_file_splice_read+0x508/0xae0 +[ 75.038276] ? default_file_splice_read+0x508/0xae0 +[ 75.038287] ? do_splice_direct+0x3d0/0x3d0 +[ 75.038293] ? __lock_is_held+0xbc/0x140 +[ 75.038306] ? __lock_is_held+0xbc/0x140 +[ 75.038318] ? _raw_spin_unlock+0x22/0x30 +[ 75.038325] ? fsnotify+0x7b3/0x1140 +[ 75.038334] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 75.038343] ? avc_policy_seqno+0x9/0x20 +[ 75.038348] ? selinux_file_permission+0x82/0x460 +[ 75.038356] ? security_file_permission+0x89/0x1f0 +[ 75.038364] ? do_splice_direct+0x3d0/0x3d0 +[ 75.038370] do_splice_to+0x110/0x170 +[ 75.038375] ? do_splice_to+0x110/0x170 +[ 75.038383] SyS_splice+0x11a8/0x1630 +[ 75.038395] ? compat_SyS_vmsplice+0x250/0x250 +[ 75.038400] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 75.038410] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 75.038419] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.038424] RIP: 0033:0x452a39 +[ 75.038428] RSP: 002b:00007f2d70f0ac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 75.038434] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 +[ 75.038437] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000016 +[ 75.038441] RBP: 0000000000000307 R08: 0000000000000058 R09: 0000000000000000 +[ 75.038444] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f2948 +[ 75.038448] R13: 00000000ffffffff R14: 00007f2d70f0b6d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/190 b/pkg/report/testdata/linux/report/190 new file mode 100644 index 000000000..d5eea744e --- /dev/null +++ b/pkg/report/testdata/linux/report/190 @@ -0,0 +1,163 @@ +# Note: 189-190 have the same root cause. +TITLE: possible deadlock in vcs_write + +[ 127.343789] ====================================================== +[ 127.343792] WARNING: possible circular locking dependency detected +[ 127.343797] 4.15.0-rc2+ #209 Not tainted +[ 127.343799] ------------------------------------------------------ +[ 127.343803] syz-executor4/16108 is trying to acquire lock: +[ 127.343805] (console_lock){+.+.}, at: [<00000000ec170b5b>] vcs_write+0x14d/0xca0 +[ 127.343827] +[ 127.343827] but task is already holding lock: +[ 127.343828] (&pipe->mutex/1){+.+.}, at: [<0000000040ee4d01>] pipe_lock+0x56/0x70 +[ 127.343846] +[ 127.343846] which lock already depends on the new lock. +[ 127.343846] +[ 127.343848] +[ 127.343848] the existing dependency chain (in reverse order) is: +[ 127.343850] +[ 127.343850] -> #3 (&pipe->mutex/1){+.+.}: +[ 127.343867] lock_acquire+0x1d5/0x580 +[ 127.343879] __mutex_lock+0x16f/0x1a80 +[ 127.343889] mutex_lock_nested+0x16/0x20 +[ 127.343895] pipe_lock+0x56/0x70 +[ 127.343907] iter_file_splice_write+0x264/0xf30 +[ 127.343914] SyS_splice+0x7d5/0x1630 +[ 127.343923] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.343925] +[ 127.343925] -> #2 (sb_writers){.+.+}: +[ 127.343939] put_ucounts+0x71/0x2d0 +[ 127.343940] +[ 127.343940] -> #1 ((completion)&req.done){+.+.}: +[ 127.343953] lock_acquire+0x1d5/0x580 +[ 127.343961] wait_for_completion+0xcb/0x7b0 +[ 127.343971] devtmpfs_create_node+0x32b/0x4a0 +[ 127.343977] device_add+0x120f/0x1640 +[ 127.343985] device_create_groups_vargs+0x1f3/0x250 +[ 127.343991] device_create+0xda/0x110 +[ 127.343998] vcs_make_sysfs+0x35/0x60 +[ 127.344009] vc_allocate+0x4b7/0x6b0 +[ 127.344017] con_install+0x52/0x440 +[ 127.344024] tty_init_dev+0xf6/0x4a0 +[ 127.344030] tty_open+0x608/0xab0 +[ 127.344037] chrdev_open+0x257/0x730 +[ 127.344045] do_dentry_open+0x682/0xd70 +[ 127.344053] vfs_open+0x107/0x230 +[ 127.344060] path_openat+0x1157/0x3530 +[ 127.344067] do_filp_open+0x25b/0x3b0 +[ 127.344075] do_sys_open+0x502/0x6d0 +[ 127.344082] SyS_open+0x2d/0x40 +[ 127.344090] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344092] +[ 127.344092] -> #0 (console_lock){+.+.}: +[ 127.344113] __lock_acquire+0x3498/0x47f0 +[ 127.344121] lock_acquire+0x1d5/0x580 +[ 127.344129] console_lock+0x4b/0x80 +[ 127.344137] vcs_write+0x14d/0xca0 +[ 127.344144] __vfs_write+0xef/0x970 +[ 127.344151] __kernel_write+0xfe/0x350 +[ 127.344158] write_pipe_buf+0x175/0x220 +[ 127.344168] __splice_from_pipe+0x328/0x730 +[ 127.344176] splice_from_pipe+0x1e9/0x330 +[ 127.344184] default_file_splice_write+0x40/0x90 +[ 127.344191] SyS_splice+0x7d5/0x1630 +[ 127.344198] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344201] +[ 127.344201] other info that might help us debug this: +[ 127.344201] +[ 127.344202] Chain exists of: +[ 127.344202] console_lock --> sb_writers --> &pipe->mutex/1 +[ 127.344202] +[ 127.344214] Possible unsafe locking scenario: +[ 127.344214] +[ 127.344215] CPU0 CPU1 +[ 127.344217] ---- ---- +[ 127.344218] lock(&pipe->mutex/1); +[ 127.344224] lock(sb_writers); +[ 127.344228] lock(&pipe->mutex/1); +[ 127.344233] lock(console_lock); +[ 127.344238] +[ 127.344238] *** DEADLOCK *** +[ 127.344238] +[ 127.344243] 1 lock held by syz-executor4/16108: +[ 127.344244] #0: (&pipe->mutex/1){+.+.}, at: [<0000000040ee4d01>] pipe_lock+0x56/0x70 +[ 127.344258] +[ 127.344258] stack backtrace: +[ 127.344266] CPU: 0 PID: 16108 Comm: syz-executor4 Not tainted 4.15.0-rc2+ #209 +[ 127.344270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 127.344272] Call Trace: +[ 127.344281] dump_stack+0x194/0x257 +[ 127.344290] ? arch_local_irq_restore+0x53/0x53 +[ 127.344303] print_circular_bug+0x42d/0x610 +[ 127.344310] ? save_stack_trace+0x1a/0x20 +[ 127.344320] check_prev_add+0x666/0x15f0 +[ 127.344326] ? copy_trace+0x150/0x150 +[ 127.344335] ? check_usage+0xb60/0xb60 +[ 127.344344] ? print_usage_bug+0x3f0/0x3f0 +[ 127.344354] ? __lock_acquire+0x3498/0x47f0 +[ 127.344363] __lock_acquire+0x3498/0x47f0 +[ 127.344368] ? __lock_acquire+0x3498/0x47f0 +[ 127.344383] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 127.344391] ? check_noncircular+0x20/0x20 +[ 127.344399] ? perf_trace_lock+0xd6/0x900 +[ 127.344405] ? __lock_is_held+0xbc/0x140 +[ 127.344414] ? trace_event_raw_event_lock+0x340/0x340 +[ 127.344422] ? perf_trace_lock_acquire+0xe3/0x980 +[ 127.344427] ? check_noncircular+0x20/0x20 +[ 127.344437] ? perf_trace_lock+0x900/0x900 +[ 127.344444] ? check_noncircular+0x20/0x20 +[ 127.344451] ? rcu_read_lock_sched_held+0x108/0x120 +[ 127.344460] ? find_held_lock+0x39/0x1d0 +[ 127.344469] ? print_usage_bug+0x3f0/0x3f0 +[ 127.344477] ? lock_downgrade+0x980/0x980 +[ 127.344487] lock_acquire+0x1d5/0x580 +[ 127.344494] ? vcs_write+0x14d/0xca0 +[ 127.344500] ? lock_release+0xda0/0xda0 +[ 127.344508] ? lock_release+0xda0/0xda0 +[ 127.344516] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 127.344524] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.344531] ? trace_hardirqs_on+0xd/0x10 +[ 127.344540] console_lock+0x4b/0x80 +[ 127.344546] ? vcs_write+0x14d/0xca0 +[ 127.344552] vcs_write+0x14d/0xca0 +[ 127.344559] ? __might_sleep+0x95/0x190 +[ 127.344565] ? pipe_lock+0x56/0x70 +[ 127.344573] ? __mutex_lock+0x16f/0x1a80 +[ 127.344578] ? pipe_lock+0x56/0x70 +[ 127.344589] ? get_futex_key+0x1d50/0x1d50 +[ 127.344597] ? vcs_size+0x170/0x170 +[ 127.344604] ? mutex_lock_io_nested+0x1900/0x1900 +[ 127.344611] ? check_noncircular+0x20/0x20 +[ 127.344619] ? find_held_lock+0x39/0x1d0 +[ 127.344627] ? vcs_size+0x170/0x170 +[ 127.344632] __vfs_write+0xef/0x970 +[ 127.344638] ? kernel_read+0x120/0x120 +[ 127.344645] ? __lock_is_held+0xbc/0x140 +[ 127.344657] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 127.344667] ? rcu_note_context_switch+0x710/0x710 +[ 127.344675] __kernel_write+0xfe/0x350 +[ 127.344683] write_pipe_buf+0x175/0x220 +[ 127.344692] ? default_file_splice_read+0xae0/0xae0 +[ 127.344699] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 127.344706] ? splice_from_pipe_next.part.9+0x22e/0x2f0 +[ 127.344715] __splice_from_pipe+0x328/0x730 +[ 127.344723] ? default_file_splice_read+0xae0/0xae0 +[ 127.344733] splice_from_pipe+0x1e9/0x330 +[ 127.344740] ? default_file_splice_read+0xae0/0xae0 +[ 127.344747] ? splice_shrink_spd+0xb0/0xb0 +[ 127.344759] ? security_file_permission+0x89/0x1f0 +[ 127.344767] default_file_splice_write+0x40/0x90 +[ 127.344774] ? generic_splice_sendpage+0x50/0x50 +[ 127.344780] SyS_splice+0x7d5/0x1630 +[ 127.344786] ? SyS_futex+0x269/0x390 +[ 127.344796] ? compat_SyS_vmsplice+0x250/0x250 +[ 127.344801] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.344808] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 127.344817] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344822] RIP: 0033:0x452a39 +[ 127.344826] RSP: 002b:00007f78f0139c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 127.344832] RAX: ffffffffffffffda RBX: 00007f78f013a700 RCX: 0000000000452a39 +[ 127.344836] RDX: 0000000000000013 RSI: 0000000000000000 RDI: 0000000000000014 +[ 127.344840] RBP: 0000000000000000 R08: 00000000fffff5fc R09: 0000000000000000 +[ 127.344844] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 +[ 127.344847] R13: 0000000000a6f7ff R14: 00007f78f013a9c0 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/191 b/pkg/report/testdata/linux/report/191 new file mode 100644 index 000000000..517b03dd4 --- /dev/null +++ b/pkg/report/testdata/linux/report/191 @@ -0,0 +1,248 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_event_ctx_lock_nested + +[ 189.031888] ====================================================== +[ 189.038179] WARNING: possible circular locking dependency detected +[ 189.044467] 4.15.0-rc3+ #222 Not tainted +[ 189.048497] ------------------------------------------------------ +[ 189.054779] syz-executor5/24180 is trying to acquire lock: +[ 189.060366] (&ctx->mutex){+.+.}, at: [<00000000546c47e1>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.069358] +[ 189.069358] but task is already holding lock: +[ 189.075292] (&pipe->mutex/1){+.+.}, at: [<000000002090b936>] pipe_lock+0x56/0x70 +[ 189.082888] +[ 189.082888] which lock already depends on the new lock. +[ 189.082888] +[ 189.091166] +[ 189.091166] the existing dependency chain (in reverse order) is: +[ 189.098751] +[ 189.098751] -> #8 (&pipe->mutex/1){+.+.}: +[ 189.104353] lock_acquire+0x1d5/0x580 +[ 189.108648] __mutex_lock+0x16f/0x1a80 +[ 189.113028] mutex_lock_nested+0x16/0x20 +[ 189.117576] pipe_lock+0x56/0x70 +[ 189.121429] iter_file_splice_write+0x264/0xf30 +[ 189.126584] SyS_splice+0x7d5/0x1630 +[ 189.130783] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.136025] +[ 189.136025] -> #7 (sb_writers){.+.+}: +[ 189.141276] try_to_wake_up+0xbc/0x1600 +[ 189.145737] default_wake_function+0x30/0x50 +[ 189.150633] __wake_up_common+0x18e/0x780 +[ 189.155268] __wake_up_locked+0x11/0x20 +[ 189.159727] complete+0x5f/0x80 +[ 189.163490] +[ 189.163490] -> #6 ((completion)&req.done){+.+.}: +[ 189.169693] lock_acquire+0x1d5/0x580 +[ 189.173982] wait_for_completion+0xcb/0x7b0 +[ 189.178790] devtmpfs_create_node+0x32b/0x4a0 +[ 189.183774] device_add+0x120f/0x1640 +[ 189.188062] device_create_groups_vargs+0x1f3/0x250 +[ 189.193566] device_create+0xda/0x110 +[ 189.197854] msr_device_create+0x26/0x40 +[ 189.202402] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 189.207554] cpuhp_thread_fun+0x48e/0x7e0 +[ 189.212189] smpboot_thread_fn+0x450/0x7c0 +[ 189.216910] kthread+0x37a/0x440 +[ 189.220760] ret_from_fork+0x24/0x30 +[ 189.224956] +[ 189.224956] -> #5 (cpuhp_state-up){+.+.}: +[ 189.230553] lock_acquire+0x1d5/0x580 +[ 189.234838] cpuhp_issue_call+0x1e5/0x520 +[ 189.239470] __cpuhp_setup_state_cpuslocked+0x282/0x600 +[ 189.245322] __cpuhp_setup_state+0xb0/0x140 +[ 189.250131] page_writeback_init+0x4d/0x71 +[ 189.254851] pagecache_init+0x48/0x4f +[ 189.259139] start_kernel+0x6c1/0x754 +[ 189.263426] x86_64_start_reservations+0x2a/0x2c +[ 189.268665] x86_64_start_kernel+0x77/0x7a +[ 189.273387] secondary_startup_64+0xa5/0xb0 +[ 189.278189] +[ 189.278189] -> #4 (cpuhp_state_mutex){+.+.}: +[ 189.284045] lock_acquire+0x1d5/0x580 +[ 189.288331] __mutex_lock+0x16f/0x1a80 +[ 189.292702] mutex_lock_nested+0x16/0x20 +[ 189.297247] __cpuhp_setup_state_cpuslocked+0x5b/0x600 +[ 189.303012] __cpuhp_setup_state+0xb0/0x140 +[ 189.307822] kvm_guest_init+0x1f3/0x20f +[ 189.312282] setup_arch+0x17e8/0x1a02 +[ 189.316567] start_kernel+0xa5/0x754 +[ 189.320765] x86_64_start_reservations+0x2a/0x2c +[ 189.326006] x86_64_start_kernel+0x77/0x7a +[ 189.330730] secondary_startup_64+0xa5/0xb0 +[ 189.335535] +[ 189.335535] -> #3 (cpu_hotplug_lock.rw_sem){++++}: +[ 189.341912] lock_acquire+0x1d5/0x580 +[ 189.346198] cpus_read_lock+0x42/0x90 +[ 189.350485] static_key_slow_inc+0x9d/0x3c0 +[ 189.355296] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 189.361145] tracepoint_probe_register+0x2a/0x40 +[ 189.366386] trace_event_reg+0x167/0x320 +[ 189.370932] perf_trace_init+0x4ef/0xab0 +[ 189.375480] perf_tp_event_init+0x7d/0xf0 +[ 189.380114] perf_try_init_event+0xc9/0x1f0 +[ 189.384919] perf_event_alloc+0x1cc6/0x2b00 +[ 189.389725] SYSC_perf_event_open+0x84e/0x2e00 +[ 189.394792] SyS_perf_event_open+0x39/0x50 +[ 189.399513] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.404750] +[ 189.404750] -> #2 (tracepoints_mutex){+.+.}: +[ 189.410606] lock_acquire+0x1d5/0x580 +[ 189.414893] __mutex_lock+0x16f/0x1a80 +[ 189.419266] mutex_lock_nested+0x16/0x20 +[ 189.423813] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 189.429583] tracepoint_probe_register+0x2a/0x40 +[ 189.434824] trace_event_reg+0x167/0x320 +[ 189.439371] perf_trace_init+0x4ef/0xab0 +[ 189.443916] perf_tp_event_init+0x7d/0xf0 +[ 189.448550] perf_try_init_event+0xc9/0x1f0 +[ 189.453357] perf_event_alloc+0x1cc6/0x2b00 +[ 189.458163] SYSC_perf_event_open+0x84e/0x2e00 +[ 189.463232] SyS_perf_event_open+0x39/0x50 +[ 189.467952] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.473191] +[ 189.473191] -> #1 (event_mutex){+.+.}: +[ 189.478527] lock_acquire+0x1d5/0x580 +[ 189.482812] __mutex_lock+0x16f/0x1a80 +[ 189.487184] mutex_lock_nested+0x16/0x20 +[ 189.491733] perf_trace_init+0x58/0xab0 +[ 189.496196] perf_tp_event_init+0x7d/0xf0 +[ 189.500829] perf_try_init_event+0xc9/0x1f0 +[ 189.505636] perf_event_alloc+0x1005/0x2b00 +[ 189.510443] inherit_event.isra.92+0x15b/0x920 +[ 189.515514] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 189.521623] perf_event_init_task+0x348/0x890 +[ 189.526605] copy_process.part.36+0x173b/0x4ae0 +[ 189.531759] _do_fork+0x1ef/0xff0 +[ 189.535698] SyS_clone+0x37/0x50 +[ 189.539552] do_syscall_64+0x26c/0x920 +[ 189.543923] return_from_SYSCALL_64+0x0/0x75 +[ 189.548815] +[ 189.548815] -> #0 (&ctx->mutex){+.+.}: +[ 189.554152] __lock_acquire+0x3498/0x47f0 +[ 189.558785] lock_acquire+0x1d5/0x580 +[ 189.563072] __mutex_lock+0x16f/0x1a80 +[ 189.567444] mutex_lock_nested+0x16/0x20 +[ 189.571995] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.577500] perf_read+0xb9/0x970 +[ 189.581443] do_iter_read+0x3db/0x5b0 +[ 189.585730] vfs_readv+0x121/0x1c0 +[ 189.589759] default_file_splice_read+0x508/0xae0 +[ 189.595087] do_splice_to+0x110/0x170 +[ 189.599374] SyS_splice+0x11a8/0x1630 +[ 189.603662] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.608899] +[ 189.608899] other info that might help us debug this: +[ 189.608899] +[ 189.617005] Chain exists of: +[ 189.617005] &ctx->mutex --> sb_writers --> &pipe->mutex/1 +[ 189.617005] +[ 189.627034] Possible unsafe locking scenario: +[ 189.627034] +[ 189.633055] CPU0 CPU1 +[ 189.637683] ---- ---- +[ 189.642325] lock(&pipe->mutex/1); +[ 189.645919] lock(sb_writers); +[ 189.651681] lock(&pipe->mutex/1); +[ 189.657792] lock(&ctx->mutex); +[ 189.661121] +[ 189.661121] *** DEADLOCK *** +[ 189.661121] +[ 189.667148] 1 lock held by syz-executor5/24180: +[ 189.671777] #0: (&pipe->mutex/1){+.+.}, at: [<000000002090b936>] pipe_lock+0x56/0x70 +[ 189.679805] +[ 189.679805] stack backtrace: +[ 189.684270] CPU: 1 PID: 24180 Comm: syz-executor5 Not tainted 4.15.0-rc3+ #222 +[ 189.691592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 189.700909] Call Trace: +[ 189.703468] dump_stack+0x194/0x257 +[ 189.707063] ? arch_local_irq_restore+0x53/0x53 +[ 189.711700] print_circular_bug+0x42d/0x610 +[ 189.715989] ? save_stack_trace+0x1a/0x20 +[ 189.720104] check_prev_add+0x666/0x15f0 +[ 189.724132] ? copy_trace+0x150/0x150 +[ 189.727898] ? check_usage+0xb60/0xb60 +[ 189.731754] ? find_get_context.isra.83+0x670/0x670 +[ 189.736738] __lock_acquire+0x3498/0x47f0 +[ 189.740852] ? __lock_acquire+0x3498/0x47f0 +[ 189.745140] ? perf_trace_buf_update+0x66/0xb0 +[ 189.749693] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 189.754849] ? perf_tp_event+0xae0/0xae0 +[ 189.758878] ? memset+0x31/0x40 +[ 189.762124] ? perf_trace_lock_acquire+0x532/0x980 +[ 189.767032] ? print_usage_bug+0x3f0/0x3f0 +[ 189.771232] ? __kernel_text_address+0xd/0x40 +[ 189.775696] lock_acquire+0x1d5/0x580 +[ 189.779465] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.784623] ? lock_release+0xda0/0xda0 +[ 189.788562] ? perf_trace_lock+0xd6/0x900 +[ 189.792676] ? rcu_note_context_switch+0x710/0x710 +[ 189.797571] ? __might_sleep+0x95/0x190 +[ 189.801513] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.806667] __mutex_lock+0x16f/0x1a80 +[ 189.810522] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.815678] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 189.820834] ? perf_tp_event+0xae0/0xae0 +[ 189.824860] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.830021] ? mutex_lock_io_nested+0x1900/0x1900 +[ 189.834827] ? perf_trace_lock+0xd6/0x900 +[ 189.838944] ? trace_event_raw_event_lock+0x340/0x340 +[ 189.844102] ? check_noncircular+0x20/0x20 +[ 189.848300] ? perf_trace_lock+0x900/0x900 +[ 189.852503] ? __bpf_address_lookup+0x2b0/0x2b0 +[ 189.857139] ? check_noncircular+0x20/0x20 +[ 189.861339] ? lock_release+0xda0/0xda0 +[ 189.865280] ? find_held_lock+0x39/0x1d0 +[ 189.869311] ? lock_downgrade+0x980/0x980 +[ 189.873429] ? perf_event_ctx_lock_nested+0xaf/0x450 +[ 189.878498] ? lock_release+0xda0/0xda0 +[ 189.882443] mutex_lock_nested+0x16/0x20 +[ 189.886471] ? mutex_lock_nested+0x16/0x20 +[ 189.890672] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.895654] ? perf_iterate_ctx+0x770/0x770 +[ 189.899945] ? bpf_fd_pass+0x5c/0x280 +[ 189.903712] ? file_has_perm+0x1ee/0x5d0 +[ 189.907738] perf_read+0xb9/0x970 +[ 189.911158] ? perf_event_read_value+0x60/0x60 +[ 189.915705] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 189.920254] ? selinux_file_permission+0x82/0x460 +[ 189.925063] ? security_file_permission+0x89/0x1f0 +[ 189.929960] ? rw_verify_area+0xe5/0x2b0 +[ 189.933989] do_iter_read+0x3db/0x5b0 +[ 189.937757] ? dup_iter+0x260/0x260 +[ 189.941353] vfs_readv+0x121/0x1c0 +[ 189.944867] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 +[ 189.950197] ? lock_acquire+0x1d5/0x580 +[ 189.954136] ? pipe_lock+0x56/0x70 +[ 189.957644] ? lock_release+0xda0/0xda0 +[ 189.961584] ? rcu_note_context_switch+0x710/0x710 +[ 189.966477] ? __might_sleep+0x95/0x190 +[ 189.970418] ? pipe_lock+0x56/0x70 +[ 189.973926] ? __mutex_lock+0x16f/0x1a80 +[ 189.977949] ? pipe_lock+0x56/0x70 +[ 189.981456] default_file_splice_read+0x508/0xae0 +[ 189.986263] ? default_file_splice_read+0x508/0xae0 +[ 189.991249] ? do_splice_direct+0x3d0/0x3d0 +[ 189.995534] ? __lock_is_held+0xbc/0x140 +[ 189.999564] ? __lock_is_held+0xbc/0x140 +[ 190.003595] ? file_has_perm+0x1ee/0x5d0 +[ 190.007623] ? fsnotify+0x7b3/0x1140 +[ 190.011307] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 190.015855] ? selinux_file_permission+0x82/0x460 +[ 190.020663] ? security_file_permission+0x89/0x1f0 +[ 190.025558] ? do_splice_direct+0x3d0/0x3d0 +[ 190.029845] do_splice_to+0x110/0x170 +[ 190.033609] ? do_splice_to+0x110/0x170 +[ 190.037549] SyS_splice+0x11a8/0x1630 +[ 190.041319] ? SyS_futex+0x269/0x390 +[ 190.045004] ? compat_SyS_vmsplice+0x250/0x250 +[ 190.049555] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 190.054540] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 190.059263] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 190.063986] RIP: 0033:0x452a39 +[ 190.067141] RSP: 002b:00007f4f7d22fc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 190.074814] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 +[ 190.082048] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000013 +[ 190.089283] RBP: 000000000000039b R08: 00000000000000b9 R09: 0000000000000001 +[ 190.096517] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f3728 +[ 190.103753] R13: 00000000ffffffff R14: 00007f4f7d2306d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/192 b/pkg/report/testdata/linux/report/192 new file mode 100644 index 000000000..5e2041329 --- /dev/null +++ b/pkg/report/testdata/linux/report/192 @@ -0,0 +1,312 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_trace_init + +[ 49.707025] ====================================================== +[ 49.713322] WARNING: possible circular locking dependency detected +[ 49.719607] 4.15.0-rc2+ #122 Not tainted +[ 49.723630] ------------------------------------------------------ +[ 49.729910] syz-executor6/4896 is trying to acquire lock: +[ 49.735409] (event_mutex){+.+.}, at: [<000000009b3a8cd5>] perf_trace_init+0x58/0xab0 +[ 49.743358] +[ 49.743358] but task is already holding lock: +[ 49.749293] (&ctx->mutex){+.+.}, at: [<00000000935cf968>] perf_event_init_task+0x25b/0x890 +[ 49.757751] +[ 49.757751] which lock already depends on the new lock. +[ 49.757751] +[ 49.766030] +[ 49.766030] the existing dependency chain (in reverse order) is: +[ 49.773612] +[ 49.773612] -> #8 (&ctx->mutex){+.+.}: +[ 49.778947] lock_acquire+0x1d5/0x580 +[ 49.783234] __mutex_lock+0x16f/0x1a80 +[ 49.787609] mutex_lock_nested+0x16/0x20 +[ 49.792155] perf_event_ctx_lock_nested+0x21b/0x450 +[ 49.797654] perf_read+0xb9/0x970 +[ 49.801594] do_iter_read+0x3db/0x5b0 +[ 49.805878] vfs_readv+0x121/0x1c0 +[ 49.809903] default_file_splice_read+0x508/0xae0 +[ 49.815231] do_splice_to+0x110/0x170 +[ 49.819516] SyS_splice+0x11a8/0x1630 +[ 49.823803] do_fast_syscall_32+0x3ee/0xf9d +[ 49.828612] entry_SYSENTER_compat+0x51/0x60 +[ 49.833503] +[ 49.833503] -> #7 (&pipe->mutex/1){+.+.}: +[ 49.839105] lock_acquire+0x1d5/0x580 +[ 49.843391] __mutex_lock+0x16f/0x1a80 +[ 49.847763] mutex_lock_nested+0x16/0x20 +[ 49.852308] pipe_lock+0x56/0x70 +[ 49.856160] iter_file_splice_write+0x264/0xf30 +[ 49.861317] SyS_splice+0x7d5/0x1630 +[ 49.865516] do_fast_syscall_32+0x3ee/0xf9d +[ 49.870326] entry_SYSENTER_compat+0x51/0x60 +[ 49.875215] +[ 49.875215] -> #6 (sb_writers){.+.+}: +[ 49.880465] fs_reclaim_acquire+0x14/0x20 +[ 49.885100] kmem_cache_alloc+0x29/0x760 +[ 49.889648] __d_alloc+0xb3/0xbe0 +[ 49.893586] d_alloc+0x8e/0x340 +[ 49.897353] __lookup_hash+0x58/0x190 +[ 49.901635] +[ 49.901635] -> #5 ((completion)&req.done){+.+.}: +[ 49.907839] lock_acquire+0x1d5/0x580 +[ 49.912128] wait_for_completion+0xcb/0x7b0 +[ 49.916937] devtmpfs_create_node+0x32b/0x4a0 +[ 49.921916] device_add+0x120f/0x1640 +[ 49.926203] device_create_groups_vargs+0x1f3/0x250 +[ 49.931704] device_create+0xda/0x110 +[ 49.935991] msr_device_create+0x26/0x40 +[ 49.940540] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 49.945693] cpuhp_thread_fun+0x48e/0x7e0 +[ 49.950330] smpboot_thread_fn+0x450/0x7c0 +[ 49.955048] kthread+0x37a/0x440 +[ 49.958898] ret_from_fork+0x24/0x30 +[ 49.963093] +[ 49.963093] -> #4 (cpuhp_state-up){+.+.}: +[ 49.968687] lock_acquire+0x1d5/0x580 +[ 49.972974] cpuhp_issue_call+0x1e5/0x520 +[ 49.977611] __cpuhp_setup_state_cpuslocked+0x282/0x600 +[ 49.983458] __cpuhp_setup_state+0xb0/0x140 +[ 49.988266] page_writeback_init+0x4d/0x71 +[ 49.992987] pagecache_init+0x48/0x4f +[ 49.997276] start_kernel+0x6bc/0x74f +[ 50.001564] x86_64_start_reservations+0x2a/0x2c +[ 50.006804] x86_64_start_kernel+0x77/0x7a +[ 50.011526] secondary_startup_64+0xa5/0xb0 +[ 50.016329] +[ 50.016329] -> #3 (cpuhp_state_mutex){+.+.}: +[ 50.022186] lock_acquire+0x1d5/0x580 +[ 50.026470] __mutex_lock+0x16f/0x1a80 +[ 50.030841] mutex_lock_nested+0x16/0x20 +[ 50.035386] __cpuhp_setup_state_cpuslocked+0x5b/0x600 +[ 50.041146] __cpuhp_setup_state+0xb0/0x140 +[ 50.045951] kvm_guest_init+0x1f3/0x20f +[ 50.050409] setup_arch+0x17e8/0x1a02 +[ 50.054695] start_kernel+0xa5/0x74f +[ 50.058896] x86_64_start_reservations+0x2a/0x2c +[ 50.064136] x86_64_start_kernel+0x77/0x7a +[ 50.068855] secondary_startup_64+0xa5/0xb0 +[ 50.073659] +[ 50.073659] -> #2 (cpu_hotplug_lock.rw_sem){++++}: +[ 50.080037] lock_acquire+0x1d5/0x580 +[ 50.084323] cpus_read_lock+0x42/0x90 +[ 50.088611] static_key_slow_inc+0x9d/0x3c0 +[ 50.093420] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 50.099270] tracepoint_probe_register+0x2a/0x40 +[ 50.104511] trace_event_reg+0x167/0x320 +[ 50.109059] perf_trace_init+0x4ef/0xab0 +[ 50.113607] perf_tp_event_init+0x7d/0xf0 +[ 50.118241] perf_try_init_event+0xc9/0x1f0 +[ 50.123057] perf_event_alloc+0x1cc6/0x2b00 +[ 50.127868] SYSC_perf_event_open+0x842/0x2f10 +[ 50.132937] SyS_perf_event_open+0x39/0x50 +[ 50.137657] do_fast_syscall_32+0x3ee/0xf9d +[ 50.142464] entry_SYSENTER_compat+0x51/0x60 +[ 50.147353] +[ 50.147353] -> #1 (tracepoints_mutex){+.+.}: +[ 50.153211] lock_acquire+0x1d5/0x580 +[ 50.157495] __mutex_lock+0x16f/0x1a80 +[ 50.161869] mutex_lock_nested+0x16/0x20 +[ 50.166415] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 50.172176] tracepoint_probe_register+0x2a/0x40 +[ 50.177415] trace_event_reg+0x167/0x320 +[ 50.181960] perf_trace_init+0x4ef/0xab0 +[ 50.186507] perf_tp_event_init+0x7d/0xf0 +[ 50.191139] perf_try_init_event+0xc9/0x1f0 +[ 50.195945] perf_event_alloc+0x1cc6/0x2b00 +[ 50.200752] SYSC_perf_event_open+0x842/0x2f10 +[ 50.205821] SyS_perf_event_open+0x39/0x50 +[ 50.210540] do_fast_syscall_32+0x3ee/0xf9d +[ 50.215349] entry_SYSENTER_compat+0x51/0x60 +[ 50.220237] +[ 50.220237] -> #0 (event_mutex){+.+.}: +[ 50.225571] __lock_acquire+0x3498/0x47f0 +[ 50.230203] lock_acquire+0x1d5/0x580 +[ 50.234488] __mutex_lock+0x16f/0x1a80 +[ 50.238862] mutex_lock_nested+0x16/0x20 +[ 50.243408] perf_trace_init+0x58/0xab0 +[ 50.247866] perf_tp_event_init+0x7d/0xf0 +[ 50.252498] perf_try_init_event+0xc9/0x1f0 +[ 50.257306] perf_event_alloc+0x1005/0x2b00 +[ 50.262112] inherit_event.isra.92+0x15b/0x920 +[ 50.267182] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 50.273291] perf_event_init_task+0x348/0x890 +[ 50.278275] copy_process.part.36+0x173b/0x4ae0 +[ 50.283428] _do_fork+0x1ef/0xff0 +[ 50.287366] SyS_clone+0x37/0x50 +[ 50.291221] do_fast_syscall_32+0x3ee/0xf9d +[ 50.296028] entry_SYSENTER_compat+0x51/0x60 +[ 50.300916] +[ 50.300916] other info that might help us debug this: +[ 50.300916] +[ 50.309021] Chain exists of: +[ 50.309021] event_mutex --> &pipe->mutex/1 --> &ctx->mutex +[ 50.309021] +[ 50.319134] Possible unsafe locking scenario: +[ 50.319134] +[ 50.325156] CPU0 CPU1 +[ 50.329785] ---- ---- +[ 50.334413] lock(&ctx->mutex); +[ 50.337742] lock(&pipe->mutex/1); +[ 50.343853] lock(&ctx->mutex); +[ 50.349699] lock(event_mutex); +[ 50.353031] +[ 50.353031] *** DEADLOCK *** +[ 50.353031] +[ 50.359059] 2 locks held by syz-executor6/4896: +[ 50.363687] #0: (&ctx->mutex){+.+.}, at: [<00000000935cf968>] perf_event_init_task+0x25b/0x890 +[ 50.372583] #1: (&pmus_srcu){....}, at: [<00000000389c2fa4>] perf_event_alloc+0xf55/0x2b00 +[ 50.381128] +[ 50.381128] stack backtrace: +[ 50.385592] CPU: 0 PID: 4896 Comm: syz-executor6 Not tainted 4.15.0-rc2+ #122 +[ 50.392826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 50.402143] Call Trace: +[ 50.404698] dump_stack+0x194/0x257 +[ 50.408290] ? arch_local_irq_restore+0x53/0x53 +[ 50.412927] print_circular_bug+0x42d/0x610 +[ 50.417213] ? save_stack_trace+0x1a/0x20 +[ 50.421329] check_prev_add+0x666/0x15f0 +[ 50.425356] ? copy_trace+0x150/0x150 +[ 50.429123] ? check_usage+0xb60/0xb60 +[ 50.432981] __lock_acquire+0x3498/0x47f0 +[ 50.437094] ? __lock_acquire+0x3498/0x47f0 +[ 50.441383] ? perf_trace_run_bpf_submit+0x206/0x330 +[ 50.446457] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.451621] ? perf_tp_event+0xae0/0xae0 +[ 50.455651] ? perf_tp_event+0x7f4/0xae0 +[ 50.459680] ? memset+0x31/0x40 +[ 50.462930] ? perf_trace_lock_acquire+0x532/0x980 +[ 50.467829] ? perf_trace_lock+0x900/0x900 +[ 50.472027] ? perf_tp_event+0xae0/0xae0 +[ 50.476061] ? perf_trace_lock+0x4d6/0x900 +[ 50.480268] lock_acquire+0x1d5/0x580 +[ 50.484034] ? perf_trace_init+0x58/0xab0 +[ 50.488150] ? lock_release+0xda0/0xda0 +[ 50.492094] ? rcu_note_context_switch+0x710/0x710 +[ 50.496990] ? __might_sleep+0x95/0x190 +[ 50.500931] ? perf_trace_init+0x58/0xab0 +[ 50.505051] __mutex_lock+0x16f/0x1a80 +[ 50.508902] ? perf_trace_init+0x58/0xab0 +[ 50.513018] ? __lock_acquire+0x6e9/0x47f0 +[ 50.517219] ? lock_downgrade+0x980/0x980 +[ 50.521332] ? perf_trace_init+0x58/0xab0 +[ 50.525447] ? mutex_lock_io_nested+0x1900/0x1900 +[ 50.530254] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.535411] ? perf_tp_event+0xae0/0xae0 +[ 50.539437] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.544420] ? trace_hardirqs_on+0xd/0x10 +[ 50.548537] ? perf_trace_lock_acquire+0x532/0x980 +[ 50.553435] ? save_stack+0xa3/0xd0 +[ 50.557028] ? perf_trace_lock+0x900/0x900 +[ 50.561232] ? print_usage_bug+0x3f0/0x3f0 +[ 50.565430] ? find_held_lock+0x39/0x1d0 +[ 50.569458] ? print_usage_bug+0x3f0/0x3f0 +[ 50.573657] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.578637] ? __lockdep_init_map+0xe4/0x650 +[ 50.583015] ? lockdep_init_map+0x3d/0x70 +[ 50.587131] ? module_unload_free+0x5b0/0x5b0 +[ 50.591593] ? perf_event_alloc+0xf55/0x2b00 +[ 50.595968] mutex_lock_nested+0x16/0x20 +[ 50.599993] ? mutex_lock_nested+0x16/0x20 +[ 50.604197] perf_trace_init+0x58/0xab0 +[ 50.608137] ? refcount_inc_not_zero+0xfe/0x180 +[ 50.612770] ? refcount_add+0x60/0x60 +[ 50.616533] ? __lockdep_init_map+0xe4/0x650 +[ 50.620906] perf_tp_event_init+0x7d/0xf0 +[ 50.625023] perf_try_init_event+0xc9/0x1f0 +[ 50.629314] perf_event_alloc+0x1005/0x2b00 +[ 50.633598] ? find_held_lock+0x39/0x1d0 +[ 50.637626] ? __perf_install_in_context+0x2d0/0x2d0 +[ 50.642695] ? find_held_lock+0x39/0x1d0 +[ 50.646721] ? print_usage_bug+0x3f0/0x3f0 +[ 50.650923] ? print_usage_bug+0x3f0/0x3f0 +[ 50.655123] ? depot_save_stack+0x1c2/0x490 +[ 50.659411] ? lock_release+0xda0/0xda0 +[ 50.663351] ? mark_held_locks+0xb2/0x100 +[ 50.667467] ? mark_held_locks+0xb2/0x100 +[ 50.671579] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.676561] ? debug_mutex_init+0x1c/0x60 +[ 50.680673] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.685655] ? lockdep_init_map+0x3d/0x70 +[ 50.689769] ? debug_mutex_init+0x2d/0x60 +[ 50.693883] ? __mutex_init+0x1c7/0x2a0 +[ 50.697822] ? alloc_perf_context+0x4c/0xe0 +[ 50.702110] ? inherit_task_group.isra.94.part.95+0x1a2/0x240 +[ 50.707958] ? SyS_membarrier+0x600/0x600 +[ 50.712072] ? mark_held_locks+0xb2/0x100 +[ 50.716188] ? __raw_spin_lock_init+0x1c/0x100 +[ 50.720737] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.725718] ? __lockdep_init_map+0xe4/0x650 +[ 50.730094] ? lockdep_init_map+0x3d/0x70 +[ 50.734208] ? __perf_event_init_context+0xde/0x3b0 +[ 50.739190] ? perf_event_mux_interval_ms_store+0x4c0/0x4c0 +[ 50.744869] inherit_event.isra.92+0x15b/0x920 +[ 50.749418] ? perf_event_create_kernel_counter+0x290/0x290 +[ 50.755098] ? rcu_read_lock_sched_held+0x108/0x120 +[ 50.760083] ? kmem_cache_alloc_trace+0x459/0x750 +[ 50.764892] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.769874] ? trace_hardirqs_on+0xd/0x10 +[ 50.773990] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 50.779585] perf_event_init_task+0x348/0x890 +[ 50.784046] ? sched_fork+0x45b/0xc00 +[ 50.787815] ? perf_event_attrs+0x40/0x40 +[ 50.791931] ? kmem_cache_alloc_trace+0x459/0x750 +[ 50.796739] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.801720] ? __lockdep_init_map+0xe4/0x650 +[ 50.806100] copy_process.part.36+0x173b/0x4ae0 +[ 50.810738] ? __cleanup_sighand+0x40/0x40 +[ 50.814938] ? __might_sleep+0x95/0x190 +[ 50.818879] ? _cond_resched+0x14/0x30 +[ 50.822746] ? futex_wait_queue_me+0x527/0x7e0 +[ 50.827295] ? refill_pi_state_cache.part.6+0x2f0/0x2f0 +[ 50.832627] ? print_usage_bug+0x3f0/0x3f0 +[ 50.836828] ? get_futex_value_locked+0xc3/0xf0 +[ 50.841465] ? futex_wait_setup+0x22e/0x3d0 +[ 50.845753] ? futex_wake+0x680/0x680 +[ 50.849526] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 50.854595] ? futex_wait+0x69e/0x990 +[ 50.858360] ? memset+0x31/0x40 +[ 50.861606] ? perf_tp_event+0xae0/0xae0 +[ 50.865635] ? futex_wait_setup+0x3d0/0x3d0 +[ 50.869924] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.875081] ? perf_tp_event+0xae0/0xae0 +[ 50.879106] ? hash_futex+0x15/0x210 +[ 50.882786] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 50.887855] ? perf_trace_lock+0x4d6/0x900 +[ 50.892058] ? get_futex_key+0x1d50/0x1d50 +[ 50.896259] ? trace_event_raw_event_lock+0x340/0x340 +[ 50.901420] ? do_futex+0x85b/0x2280 +[ 50.905101] ? check_noncircular+0x20/0x20 +[ 50.909307] ? exit_robust_list+0x240/0x240 +[ 50.913596] ? lock_downgrade+0x980/0x980 +[ 50.917710] ? __fget+0xbb/0x580 +[ 50.921042] ? find_held_lock+0x39/0x1d0 +[ 50.925070] ? lock_release+0xda0/0xda0 +[ 50.929017] ? __lock_is_held+0xbc/0x140 +[ 50.933049] _do_fork+0x1ef/0xff0 +[ 50.936469] ? fork_idle+0x2d0/0x2d0 +[ 50.940160] ? iterate_fd+0x3f0/0x3f0 +[ 50.943926] ? rcu_pm_notify+0xc0/0xc0 +[ 50.947777] ? __fget_light+0x29d/0x390 +[ 50.951717] ? fget_raw+0x20/0x20 +[ 50.955136] ? rcu_read_lock_sched_held+0x108/0x120 +[ 50.960118] ? kmem_cache_free+0x249/0x280 +[ 50.964323] ? compat_SyS_futex+0x288/0x380 +[ 50.968610] ? compat_SyS_get_robust_list+0x300/0x300 +[ 50.973765] ? __fdget+0x18/0x20 +[ 50.977098] ? compat_SyS_ioctl+0x77/0x2a30 +[ 50.981385] SyS_clone+0x37/0x50 +[ 50.984721] ? entry_INT80_compat+0x40/0x40 +[ 50.989015] do_fast_syscall_32+0x3ee/0xf9d +[ 50.993305] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 50.997853] ? lockdep_sys_exit+0x47/0xf0 +[ 51.001964] ? syscall_return_slowpath+0x2ad/0x550 +[ 51.006858] ? sysret32_from_system_call+0x5/0x3b +[ 51.011665] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 51.016473] entry_SYSENTER_compat+0x51/0x60 +[ 51.020846] RIP: 0023:0xf7fc8c79 +[ 51.024176] RSP: 002b:00000000f77c408c EFLAGS: 00000296 ORIG_RAX: 0000000000000078 +[ 51.031848] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020de9000 +[ 51.039085] RDX: 000000002019bffc RSI: 00000000208be000 RDI: 00000000208b4ffc +[ 51.046319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 51.053553] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 51.060790] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/193 b/pkg/report/testdata/linux/report/193 new file mode 100644 index 000000000..ef452b8af --- /dev/null +++ b/pkg/report/testdata/linux/report/193 @@ -0,0 +1,193 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_event_for_each_child + +[ 68.155096] ====================================================== +[ 68.161400] WARNING: possible circular locking dependency detected +[ 68.167703] 4.15.0-rc9+ #9 Not tainted +[ 68.171576] ------------------------------------------------------ +[ 68.177877] syz-executor1/6389 is trying to acquire lock: +[ 68.184086] (&event->child_mutex){+.+.}, at: [<000000000857a1c0>] perf_event_for_each_child+0x8a/0x150 +[ 68.193610] +[ 68.193610] but task is already holding lock: +[ 68.199551] (&cpuctx_mutex){+.+.}, at: [<00000000a77e48ee>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.208717] +[ 68.208717] which lock already depends on the new lock. +[ 68.208717] +[ 68.217001] +[ 68.217001] the existing dependency chain (in reverse order) is: +[ 68.224594] +[ 68.224594] -> #5 (&cpuctx_mutex){+.+.}: +[ 68.230112] __mutex_lock+0x16f/0x1a80 +[ 68.234492] mutex_lock_nested+0x16/0x20 +[ 68.239047] perf_event_init_cpu+0xb6/0x160 +[ 68.243863] perf_event_init+0x4e9/0x549 +[ 68.248416] start_kernel+0x4cc/0x819 +[ 68.252707] x86_64_start_reservations+0x2a/0x2c +[ 68.257954] x86_64_start_kernel+0x77/0x7a +[ 68.262684] secondary_startup_64+0xa5/0xb0 +[ 68.267492] +[ 68.267492] -> #4 (pmus_lock){+.+.}: +[ 68.272659] __mutex_lock+0x16f/0x1a80 +[ 68.277036] mutex_lock_nested+0x16/0x20 +[ 68.281587] perf_event_init_cpu+0x2f/0x160 +[ 68.286402] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 68.291562] _cpu_up+0x216/0x510 +[ 68.295420] do_cpu_up+0x73/0xa0 +[ 68.299277] cpu_up+0x18/0x20 +[ 68.302873] smp_init+0x13a/0x152 +[ 68.306821] kernel_init_freeable+0x2fe/0x521 +[ 68.311810] kernel_init+0x13/0x180 +[ 68.315929] ret_from_fork+0x3a/0x50 +[ 68.320129] +[ 68.320129] -> #3 (cpu_hotplug_lock.rw_sem){++++}: +[ 68.326513] cpus_read_lock+0x42/0x90 +[ 68.330807] static_key_slow_inc+0x9d/0x3c0 +[ 68.335622] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 68.341478] tracepoint_probe_register+0x2a/0x40 +[ 68.346725] trace_event_reg+0x167/0x320 +[ 68.351277] perf_trace_init+0x4ef/0xab0 +[ 68.355829] perf_tp_event_init+0x7d/0xf0 +[ 68.360468] perf_try_init_event+0xc9/0x1f0 +[ 68.365284] perf_event_alloc+0x1cc6/0x2b00 +[ 68.370098] SYSC_perf_event_open+0x84e/0x2e00 +[ 68.375171] SyS_perf_event_open+0x39/0x50 +[ 68.379897] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.385140] +[ 68.385140] -> #2 (tracepoints_mutex){+.+.}: +[ 68.391002] __mutex_lock+0x16f/0x1a80 +[ 68.395383] mutex_lock_nested+0x16/0x20 +[ 68.399935] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 68.405704] tracepoint_probe_register+0x2a/0x40 +[ 68.410955] trace_event_reg+0x167/0x320 +[ 68.415509] perf_trace_init+0x4ef/0xab0 +[ 68.420062] perf_tp_event_init+0x7d/0xf0 +[ 68.424700] perf_try_init_event+0xc9/0x1f0 +[ 68.429514] perf_event_alloc+0x1cc6/0x2b00 +[ 68.434327] SYSC_perf_event_open+0x84e/0x2e00 +[ 68.439400] SyS_perf_event_open+0x39/0x50 +[ 68.444125] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.449376] +[ 68.449376] -> #1 (event_mutex){+.+.}: +[ 68.454717] __mutex_lock+0x16f/0x1a80 +[ 68.459094] mutex_lock_nested+0x16/0x20 +[ 68.463645] perf_trace_destroy+0x28/0x100 +[ 68.468370] tp_perf_event_destroy+0x15/0x20 +[ 68.473269] _free_event+0x3bd/0x10f0 +[ 68.477559] free_event+0x84/0x150 +[ 68.481589] perf_event_release_kernel+0x54e/0xc10 +[ 68.487014] perf_release+0x37/0x50 +[ 68.491133] __fput+0x327/0x7e0 +[ 68.494901] ____fput+0x15/0x20 +[ 68.498675] task_work_run+0x199/0x270 +[ 68.503054] do_exit+0x9bb/0x1ad0 +[ 68.506997] do_group_exit+0x149/0x400 +[ 68.511379] get_signal+0x73f/0x16c0 +[ 68.515583] do_signal+0x90/0x1eb0 +[ 68.519616] exit_to_usermode_loop+0x214/0x310 +[ 68.524694] syscall_return_slowpath+0x490/0x550 +[ 68.529948] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 68.535192] +[ 68.535192] -> #0 (&event->child_mutex){+.+.}: +[ 68.541228] lock_acquire+0x1d5/0x580 +[ 68.545520] __mutex_lock+0x16f/0x1a80 +[ 68.549899] mutex_lock_nested+0x16/0x20 +[ 68.554454] perf_event_for_each_child+0x8a/0x150 +[ 68.559787] perf_ioctl+0x35a/0x1430 +[ 68.563997] do_vfs_ioctl+0x1b1/0x1520 +[ 68.568378] SyS_ioctl+0x8f/0xc0 +[ 68.572237] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.577481] +[ 68.577481] other info that might help us debug this: +[ 68.577481] +[ 68.585592] Chain exists of: +[ 68.585592] &event->child_mutex --> pmus_lock --> &cpuctx_mutex +[ 68.585592] +[ 68.596141] Possible unsafe locking scenario: +[ 68.596141] +[ 68.602170] CPU0 CPU1 +[ 68.606805] ---- ---- +[ 68.611442] lock(&cpuctx_mutex); +[ 68.614951] lock(pmus_lock); +[ 68.620631] lock(&cpuctx_mutex); +[ 68.626661] lock(&event->child_mutex); +[ 68.630691] +[ 68.630691] *** DEADLOCK *** +[ 68.630691] +[ 68.636720] 1 lock held by syz-executor1/6389: +[ 68.641270] #0: (&cpuctx_mutex){+.+.}, at: [<00000000a77e48ee>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.650868] +[ 68.650868] stack backtrace: +[ 68.655339] CPU: 1 PID: 6389 Comm: syz-executor1 Not tainted 4.15.0-rc9+ #9 +[ 68.662408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 68.671731] Call Trace: +[ 68.674295] dump_stack+0x194/0x257 +[ 68.677894] ? arch_local_irq_restore+0x53/0x53 +[ 68.682541] print_circular_bug.isra.37+0x2cd/0x2dc +[ 68.687528] ? save_trace+0xe0/0x2b0 +[ 68.691215] __lock_acquire+0x30a8/0x3e00 +[ 68.695339] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 68.700502] ? perf_trace_lock_acquire+0xe3/0x980 +[ 68.705316] ? check_noncircular+0x20/0x20 +[ 68.709522] ? perf_trace_lock+0x900/0x900 +[ 68.713729] ? perf_trace_lock_acquire+0xe3/0x980 +[ 68.718543] ? perf_trace_lock+0x900/0x900 +[ 68.722749] ? check_noncircular+0x20/0x20 +[ 68.726956] ? lock_acquire+0x1d5/0x580 +[ 68.730900] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.736061] ? lock_release+0xa40/0xa40 +[ 68.740010] lock_acquire+0x1d5/0x580 +[ 68.743785] ? lock_acquire+0x1d5/0x580 +[ 68.747732] ? perf_event_for_each_child+0x8a/0x150 +[ 68.752720] ? lock_release+0xa40/0xa40 +[ 68.756666] ? get_futex_value_locked+0xc3/0xf0 +[ 68.761305] ? rcu_note_context_switch+0x710/0x710 +[ 68.766205] ? __might_sleep+0x95/0x190 +[ 68.770151] ? perf_event_for_each_child+0x8a/0x150 +[ 68.775138] __mutex_lock+0x16f/0x1a80 +[ 68.778998] ? perf_event_for_each_child+0x8a/0x150 +[ 68.783988] ? perf_trace_lock+0xd6/0x900 +[ 68.788110] ? perf_event_for_each_child+0x8a/0x150 +[ 68.793097] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 68.798170] ? mutex_lock_io_nested+0x1900/0x1900 +[ 68.802983] ? perf_trace_lock+0x900/0x900 +[ 68.807189] ? check_noncircular+0x20/0x20 +[ 68.811394] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 68.816556] ? wake_up_q+0x8a/0xe0 +[ 68.820070] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 68.825145] ? futex_wake+0x2ca/0x680 +[ 68.828920] ? find_held_lock+0x35/0x1d0 +[ 68.832958] ? perf_event_ctx_lock_nested+0x1e0/0x450 +[ 68.838118] ? lock_downgrade+0x980/0x980 +[ 68.842239] ? lock_release+0xa40/0xa40 +[ 68.846189] ? mutex_lock_nested+0x16/0x20 +[ 68.850392] ? mutex_lock_nested+0x16/0x20 +[ 68.854596] ? perf_event_ctx_lock_nested+0x328/0x450 +[ 68.859756] ? perf_iterate_ctx+0x770/0x770 +[ 68.864049] ? event_function_call+0x5a0/0x5a0 +[ 68.868602] mutex_lock_nested+0x16/0x20 +[ 68.872633] ? mutex_lock_nested+0x16/0x20 +[ 68.876839] perf_event_for_each_child+0x8a/0x150 +[ 68.881652] perf_ioctl+0x35a/0x1430 +[ 68.885336] ? lock_release+0xa40/0xa40 +[ 68.889282] ? event_function_call+0x5a0/0x5a0 +[ 68.893834] ? SYSC_perf_event_open+0x2e00/0x2e00 +[ 68.898646] ? __lock_is_held+0xb6/0x140 +[ 68.902684] ? __fget+0x35c/0x570 +[ 68.906106] ? fd_install+0x4d/0x60 +[ 68.909707] ? iterate_fd+0x3f0/0x3f0 +[ 68.913480] ? perf_event_set_output+0x5a0/0x5a0 +[ 68.918206] ? SYSC_perf_event_open+0x2e00/0x2e00 +[ 68.923022] do_vfs_ioctl+0x1b1/0x1520 +[ 68.926882] ? ioctl_preallocate+0x2b0/0x2b0 +[ 68.931261] ? selinux_capable+0x40/0x40 +[ 68.935297] ? SyS_futex+0x269/0x390 +[ 68.938988] ? security_file_ioctl+0x89/0xb0 +[ 68.943369] SyS_ioctl+0x8f/0xc0 +[ 68.946710] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.951435] RIP: 0033:0x453299 +[ 68.954597] RSP: 002b:00007f5aeb166c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 +[ 68.962277] RAX: ffffffffffffffda RBX: 00007f5aeb167700 RCX: 0000000000453299 +[ 68.969521] RDX: 0000000000000000 RSI: 0000000000002401 RDI: 0000000000000012 +[ 68.976762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 68.984002] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 +[ 68.991245] R13: 00007fffc57787af R14: 00007f5aeb1679c0 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/194 b/pkg/report/testdata/linux/report/194 new file mode 100644 index 000000000..c1927b66d --- /dev/null +++ b/pkg/report/testdata/linux/report/194 @@ -0,0 +1,257 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_trace_destroy + +[ 25.878418] ====================================================== +[ 25.884700] WARNING: possible circular locking dependency detected +[ 25.890983] 4.15.0-rc8+ #1 Not tainted +[ 25.894838] ------------------------------------------------------ +[ 25.901158] syzkaller926009/3663 is trying to acquire lock: +[ 25.906832] (event_mutex){+.+.}, at: [<00000000df5c386a>] perf_trace_destroy+0x28/0x100 +[ 25.915042] +[ 25.915042] but task is already holding lock: +[ 25.920978] (&event->child_mutex){+.+.}, at: [<00000000aedc3ceb>] perf_event_release_kernel+0x2ea/0xc10 +[ 25.930582] +[ 25.930582] which lock already depends on the new lock. +[ 25.930582] +[ 25.938870] +[ 25.938870] the existing dependency chain (in reverse order) is: +[ 25.946457] +[ 25.946457] -> #5 (&event->child_mutex){+.+.}: +[ 25.952499] __mutex_lock+0x16f/0x1a80 +[ 25.956875] mutex_lock_nested+0x16/0x20 +[ 25.961428] perf_event_for_each_child+0x8a/0x150 +[ 25.966759] perf_ioctl+0x35a/0x1430 +[ 25.970962] do_vfs_ioctl+0x1b1/0x1520 +[ 25.975341] SyS_ioctl+0x8f/0xc0 +[ 25.979200] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 25.984444] +[ 25.984444] -> #4 (&cpuctx_mutex){+.+.}: +[ 25.989958] __mutex_lock+0x16f/0x1a80 +[ 25.994336] mutex_lock_nested+0x16/0x20 +[ 25.998891] perf_event_init_cpu+0xb6/0x160 +[ 26.003704] perf_event_init+0x4e9/0x549 +[ 26.008256] start_kernel+0x4cc/0x819 +[ 26.012547] x86_64_start_reservations+0x2a/0x2c +[ 26.017790] x86_64_start_kernel+0x77/0x7a +[ 26.022523] secondary_startup_64+0xa5/0xb0 +[ 26.027330] +[ 26.027330] -> #3 (pmus_lock){+.+.}: +[ 26.032503] __mutex_lock+0x16f/0x1a80 +[ 26.036878] mutex_lock_nested+0x16/0x20 +[ 26.041435] perf_event_init_cpu+0x2f/0x160 +[ 26.046253] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 26.051418] _cpu_up+0x216/0x510 +[ 26.055274] do_cpu_up+0x73/0xa0 +[ 26.059131] cpu_up+0x18/0x20 +[ 26.062730] smp_init+0x13a/0x152 +[ 26.066687] kernel_init_freeable+0x2fe/0x521 +[ 26.071675] kernel_init+0x13/0x180 +[ 26.075790] ret_from_fork+0x3a/0x50 +[ 26.079992] +[ 26.079992] -> #2 (cpu_hotplug_lock.rw_sem){++++}: +[ 26.086378] cpus_read_lock+0x42/0x90 +[ 26.090668] static_key_slow_inc+0x9d/0x3c0 +[ 26.095480] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 26.101335] tracepoint_probe_register+0x2a/0x40 +[ 26.106584] trace_event_reg+0x167/0x320 +[ 26.111132] perf_trace_init+0x4ef/0xab0 +[ 26.115682] perf_tp_event_init+0x7d/0xf0 +[ 26.120321] perf_try_init_event+0xc9/0x1f0 +[ 26.125131] perf_event_alloc+0x1cc6/0x2b00 +[ 26.129940] SYSC_perf_event_open+0x84e/0x2e00 +[ 26.135010] SyS_perf_event_open+0x39/0x50 +[ 26.139737] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 26.144980] +[ 26.144980] -> #1 (tracepoints_mutex){+.+.}: +[ 26.150846] __mutex_lock+0x16f/0x1a80 +[ 26.155224] mutex_lock_nested+0x16/0x20 +[ 26.159778] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 26.165543] tracepoint_probe_register+0x2a/0x40 +[ 26.170795] trace_event_reg+0x167/0x320 +[ 26.175351] perf_trace_init+0x4ef/0xab0 +[ 26.179919] perf_tp_event_init+0x7d/0xf0 +[ 26.184556] perf_try_init_event+0xc9/0x1f0 +[ 26.189371] perf_event_alloc+0x1cc6/0x2b00 +[ 26.194182] SYSC_perf_event_open+0x84e/0x2e00 +[ 26.199256] SyS_perf_event_open+0x39/0x50 +[ 26.203985] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 26.209228] +[ 26.209228] -> #0 (event_mutex){+.+.}: +[ 26.214579] lock_acquire+0x1d5/0x580 +[ 26.218872] __mutex_lock+0x16f/0x1a80 +[ 26.223250] mutex_lock_nested+0x16/0x20 +[ 26.227812] perf_trace_destroy+0x28/0x100 +[ 26.232543] tp_perf_event_destroy+0x15/0x20 +[ 26.237440] _free_event+0x3bd/0x10f0 +[ 26.241729] free_event+0x84/0x150 +[ 26.245758] perf_event_release_kernel+0x54e/0xc10 +[ 26.251180] perf_release+0x37/0x50 +[ 26.255301] __fput+0x327/0x7e0 +[ 26.259069] ____fput+0x15/0x20 +[ 26.262840] task_work_run+0x199/0x270 +[ 26.267221] do_exit+0x9bb/0x1ad0 +[ 26.271162] do_group_exit+0x149/0x400 +[ 26.275538] get_signal+0x73f/0x16c0 +[ 26.279750] do_signal+0x90/0x1eb0 +[ 26.283781] exit_to_usermode_loop+0x214/0x310 +[ 26.288860] syscall_return_slowpath+0x490/0x550 +[ 26.294113] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 26.299354] +[ 26.299354] other info that might help us debug this: +[ 26.299354] +[ 26.307473] Chain exists of: +[ 26.307473] event_mutex --> &cpuctx_mutex --> &event->child_mutex +[ 26.307473] +[ 26.318195] Possible unsafe locking scenario: +[ 26.318195] +[ 26.324219] CPU0 CPU1 +[ 26.328863] ---- ---- +[ 26.333496] lock(&event->child_mutex); +[ 26.337526] lock(&cpuctx_mutex); +[ 26.343549] lock(&event->child_mutex); +[ 26.350096] lock(event_mutex); +[ 26.353429] +[ 26.353429] *** DEADLOCK *** +[ 26.353429] +[ 26.359456] 2 locks held by syzkaller926009/3663: +[ 26.364266] #0: (&ctx->mutex){+.+.}, at: [<000000006557d8ef>] perf_event_release_kernel+0x2dc/0xc10 +[ 26.373607] #1: (&event->child_mutex){+.+.}, at: [<00000000aedc3ceb>] perf_event_release_kernel+0x2ea/0xc10 +[ 26.383635] +[ 26.383635] stack backtrace: +[ 26.388105] CPU: 0 PID: 3663 Comm: syzkaller926009 Not tainted 4.15.0-rc8+ #1 +[ 26.395350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 26.404672] Call Trace: +[ 26.407237] dump_stack+0x194/0x257 +[ 26.410843] ? arch_local_irq_restore+0x53/0x53 +[ 26.415485] print_circular_bug.isra.37+0x2cd/0x2dc +[ 26.420470] ? save_trace+0xe0/0x2b0 +[ 26.424158] __lock_acquire+0x30a8/0x3e00 +[ 26.428277] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.433443] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.438602] ? perf_trace_lock_acquire+0xe3/0x980 +[ 26.443413] ? __lock_acquire+0x2d15/0x3e00 +[ 26.447703] ? perf_trace_lock+0x900/0x900 +[ 26.451910] ? perf_trace_lock_acquire+0xe3/0x980 +[ 26.456720] ? check_noncircular+0x20/0x20 +[ 26.460925] ? perf_trace_lock+0x900/0x900 +[ 26.465128] ? __lock_acquire+0x664/0x3e00 +[ 26.469332] ? check_noncircular+0x20/0x20 +[ 26.473539] ? lock_acquire+0x1d5/0x580 +[ 26.477481] ? lock_acquire+0x1d5/0x580 +[ 26.481427] lock_acquire+0x1d5/0x580 +[ 26.485198] ? lock_acquire+0x1d5/0x580 +[ 26.489147] ? perf_trace_destroy+0x28/0x100 +[ 26.493532] ? lock_release+0xa40/0xa40 +[ 26.497475] ? check_noncircular+0x20/0x20 +[ 26.501683] ? rcu_note_context_switch+0x710/0x710 +[ 26.506588] ? __might_sleep+0x95/0x190 +[ 26.510535] ? perf_trace_destroy+0x28/0x100 +[ 26.514918] __mutex_lock+0x16f/0x1a80 +[ 26.518785] ? perf_trace_destroy+0x28/0x100 +[ 26.523170] ? perf_trace_destroy+0x28/0x100 +[ 26.527558] ? find_held_lock+0x35/0x1d0 +[ 26.531596] ? mutex_lock_io_nested+0x1900/0x1900 +[ 26.536413] ? perf_event_detach_bpf_prog+0x275/0x3d0 +[ 26.541576] ? lock_downgrade+0x980/0x980 +[ 26.545698] ? __perf_remove_from_context+0x19d/0x3e0 +[ 26.550862] ? mark_held_locks+0xaf/0x100 +[ 26.554983] ? generic_exec_single+0x362/0x5b0 +[ 26.559536] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 26.564358] ? trace_hardirqs_on+0xd/0x10 +[ 26.568474] ? generic_exec_single+0x18a/0x5b0 +[ 26.573025] ? wait_for_completion+0x770/0x770 +[ 26.577582] ? __might_sleep+0x95/0x190 +[ 26.581527] ? perf_event_release_kernel+0x2ea/0xc10 +[ 26.586601] ? __mutex_lock+0x16f/0x1a80 +[ 26.590631] ? perf_event_release_kernel+0x2ea/0xc10 +[ 26.595706] ? check_noncircular+0x20/0x20 +[ 26.600611] ? perf_addr_filters_splice+0x18f/0x810 +[ 26.605599] ? smp_call_function_single+0x3ae/0x560 +[ 26.610585] ? free_filters_list+0x2f0/0x2f0 +[ 26.614971] ? mutex_unlock+0xd/0x10 +[ 26.618654] ? __lock_is_held+0xb6/0x140 +[ 26.622685] mutex_lock_nested+0x16/0x20 +[ 26.626717] ? mutex_lock_nested+0x16/0x20 +[ 26.630924] perf_trace_destroy+0x28/0x100 +[ 26.635132] ? perf_tp_event_init+0xf0/0xf0 +[ 26.639422] tp_perf_event_destroy+0x15/0x20 +[ 26.643799] _free_event+0x3bd/0x10f0 +[ 26.647568] ? ring_buffer_attach+0x830/0x830 +[ 26.652034] ? event_function_call+0x2f5/0x5a0 +[ 26.656589] ? list_del_event+0xb30/0xb30 +[ 26.660706] ? task_function_call+0x220/0x220 +[ 26.665174] ? lock_downgrade+0x980/0x980 +[ 26.669302] ? list_del_event+0xb30/0xb30 +[ 26.673418] free_event+0x84/0x150 +[ 26.676929] ? _free_event+0x10f0/0x10f0 +[ 26.680964] perf_event_release_kernel+0x54e/0xc10 +[ 26.685863] ? put_event+0x30/0x30 +[ 26.689374] ? mntput_no_expire+0x130/0xa90 +[ 26.693666] ? lock_downgrade+0x980/0x980 +[ 26.697782] ? lock_release+0xa40/0xa40 +[ 26.701731] ? __dentry_kill+0x487/0x6d0 +[ 26.705774] ? locks_remove_file+0x3fa/0x5a0 +[ 26.710151] ? fcntl_setlk+0x10c0/0x10c0 +[ 26.714185] ? fsnotify+0x7b3/0x1140 +[ 26.717869] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 26.722419] ? perf_event_release_kernel+0xc10/0xc10 +[ 26.727493] perf_release+0x37/0x50 +[ 26.731092] __fput+0x327/0x7e0 +[ 26.734346] ? fput+0x140/0x140 +[ 26.737599] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 26.743458] ? _raw_spin_unlock_irq+0x27/0x70 +[ 26.747924] ____fput+0x15/0x20 +[ 26.751177] task_work_run+0x199/0x270 +[ 26.755045] ? task_work_cancel+0x210/0x210 +[ 26.759358] ? _raw_spin_unlock+0x22/0x30 +[ 26.763480] ? switch_task_namespaces+0x87/0xc0 +[ 26.768124] do_exit+0x9bb/0x1ad0 +[ 26.771546] ? mm_update_next_owner+0x930/0x930 +[ 26.776184] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.781347] ? perf_trace_run_bpf_submit+0x20d/0x330 +[ 26.786419] ? perf_tp_event+0xae0/0xae0 +[ 26.790447] ? find_held_lock+0x35/0x1d0 +[ 26.794481] ? memset+0x31/0x40 +[ 26.797817] ? perf_trace_lock_acquire+0x532/0x980 +[ 26.802717] ? lock_release+0xa40/0xa40 +[ 26.806661] ? perf_trace_lock+0x900/0x900 +[ 26.810867] ? check_noncircular+0x20/0x20 +[ 26.815074] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 26.820146] ? futex_wait+0x6a9/0x9a0 +[ 26.823922] ? find_held_lock+0x35/0x1d0 +[ 26.827957] ? get_signal+0x7ae/0x16c0 +[ 26.831823] ? lock_downgrade+0x980/0x980 +[ 26.835948] do_group_exit+0x149/0x400 +[ 26.839807] ? do_raw_spin_trylock+0x190/0x190 +[ 26.844358] ? SyS_exit+0x30/0x30 +[ 26.847783] ? _raw_spin_unlock_irq+0x27/0x70 +[ 26.852254] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 26.857240] get_signal+0x73f/0x16c0 +[ 26.860931] ? ptrace_notify+0x130/0x130 +[ 26.864965] ? exit_robust_list+0x240/0x240 +[ 26.869256] ? __fd_install+0x288/0x740 +[ 26.873209] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 26.878029] ? get_unused_fd_flags+0x190/0x190 +[ 26.882587] ? wait_for_completion+0x770/0x770 +[ 26.887141] ? lock_downgrade+0x980/0x980 +[ 26.891258] do_signal+0x90/0x1eb0 +[ 26.894766] ? mark_held_locks+0xaf/0x100 +[ 26.898887] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 26.904053] ? setup_sigcontext+0x7d0/0x7d0 +[ 26.908345] ? fd_install+0x4d/0x60 +[ 26.911942] ? SYSC_perf_event_open+0x4c3/0x2e00 +[ 26.916666] ? vmacache_update+0xfe/0x130 +[ 26.920785] ? perf_event_set_output+0x5a0/0x5a0 +[ 26.925515] ? exit_to_usermode_loop+0x8c/0x310 +[ 26.930156] exit_to_usermode_loop+0x214/0x310 +[ 26.934710] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 26.940219] syscall_return_slowpath+0x490/0x550 +[ 26.944944] ? prepare_exit_to_usermode+0x340/0x340 +[ 26.949931] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 26.954832] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 26.959821] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 26.964550] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 26.969273] RIP: 0033:0x445749 +[ 26.972432] RSP: 002b:00007febf72a3db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 26.980112] RAX: fffffffffffffe00 RBX: 00000000006dac3c RCX: 0000000000445749 +[ 26.987369] RDX: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/20 b/pkg/report/testdata/linux/report/20 index 31af2b9e3..444f7c2ac 100644 --- a/pkg/report/testdata/linux/report/20 +++ b/pkg/report/testdata/linux/report/20 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel NULL pointer dereference in __lock_acquire +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 149.188010] BUG: unable to handle kernel NULL pointer dereference at 000000000000058c diff --git a/pkg/report/testdata/linux/report/34 b/pkg/report/testdata/linux/report/34 index c0aa9797a..1de8275cb 100644 --- a/pkg/report/testdata/linux/report/34 +++ b/pkg/report/testdata/linux/report/34 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at net/core/filter.c:LINE +TITLE: INFO: suspicious RCU usage. ] CORRUPTED: Y [ 1722.511384] [ INFO: suspicious RCU usage. ] diff --git a/pkg/report/testdata/linux/report/35 b/pkg/report/testdata/linux/report/35 index 0b2b6bc4d..62d358134 100644 --- a/pkg/report/testdata/linux/report/35 +++ b/pkg/report/testdata/linux/report/35 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at ./include/linux/kvm_host.h:LINE +TITLE: INFO: suspicious RCU usage. ] START: [ 37.540478] [ INFO: suspicious RCU usage. ] CORRUPTED: Y diff --git a/pkg/report/testdata/linux/report/51 b/pkg/report/testdata/linux/report/51 index 9e200b807..4bd9f23c9 100644 --- a/pkg/report/testdata/linux/report/51 +++ b/pkg/report/testdata/linux/report/51 @@ -1,14 +1,15 @@ -TITLE: memory leak in ipv6_setsockopt +TITLE: memory leak in do_ipv6_setsockopt -[ 1722.511384] unreferenced object 0xffff880039a55260 (size 64): -[ 1722.511384] comm "executor", pid 11746, jiffies 4298984475 (age 16.078s) -[ 1722.511384] hex dump (first 32 bytes): -[ 1722.511384] 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 /............... -[ 1722.511384] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ -[ 1722.511384] backtrace: -[ 1722.511384] [<ffffffff848a2f5f>] sock_kmalloc+0x7f/0xc0 net/core/sock.c:1774 -[ 1722.511384] [<ffffffff84e5bea0>] do_ipv6_setsockopt.isra.7+0x15d0/0x2830 net/ipv6/ipv6_sockglue.c:483 -[ 1722.511384] [<ffffffff84e5d19b>] ipv6_setsockopt+0x9b/0x140 net/ipv6/ipv6_sockglue.c:885 -[ 1722.511384] [<ffffffff8544616c>] sctp_setsockopt+0x15c/0x36c0 net/sctp/socket.c:3702 -[ 1722.511384] [<ffffffff848a2035>] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2645 -[ 1722.511384] [<ffffffff8489f1d8>] SyS_setsockopt+0x158/0x240 net/socket.c:1736 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff880039a55260 (size 64): + comm "executor", pid 11746, jiffies 4298984475 (age 16.078s) + hex dump (first 32 bytes): + 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 /............... + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ + backtrace: + [<ffffffff848a2f5f>] sock_kmalloc+0x7f/0xc0 net/core/sock.c:1774 + [<ffffffff84e5bea0>] do_ipv6_setsockopt.isra.7+0x15d0/0x2830 net/ipv6/ipv6_sockglue.c:483 + [<ffffffff84e5d19b>] ipv6_setsockopt+0x9b/0x140 net/ipv6/ipv6_sockglue.c:885 + [<ffffffff8544616c>] sctp_setsockopt+0x15c/0x36c0 net/sctp/socket.c:3702 + [<ffffffff848a2035>] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2645 + [<ffffffff8489f1d8>] SyS_setsockopt+0x158/0x240 net/socket.c:1736 diff --git a/pkg/report/testdata/linux/report/52 b/pkg/report/testdata/linux/report/52 index dac3e1a83..11d353c1c 100644 --- a/pkg/report/testdata/linux/report/52 +++ b/pkg/report/testdata/linux/report/52 @@ -1,14 +1,15 @@ -TITLE: memory leak in sk_prot_alloc +TITLE: memory leak in inet6_create -[ 1722.511384] unreferenced object 0xffff8800342540c0 (size 1864): -[ 1722.511384] comm "a.out", pid 24109, jiffies 4299060398 (age 27.984s) -[ 1722.511384] hex dump (first 32 bytes): -[ 1722.511384] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ -[ 1722.511384] 0a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ -[ 1722.511384] backtrace: -[ 1722.511384] [<ffffffff85c73a22>] kmemleak_alloc+0x72/0xc0 mm/kmemleak.c:915 -[ 1722.511384] [<ffffffff816cc14d>] kmem_cache_alloc+0x12d/0x2c0 mm/slub.c:2607 -[ 1722.511384] [<ffffffff84b642c9>] sk_prot_alloc+0x69/0x340 net/core/sock.c:1344 -[ 1722.511384] [<ffffffff84b6d36a>] sk_alloc+0x3a/0x6b0 net/core/sock.c:1419 -[ 1722.511384] [<ffffffff850c6d57>] inet6_create+0x2d7/0x1000 net/ipv6/af_inet6.c:173 -[ 1722.511384] [<ffffffff84b5f47c>] __sock_create+0x37c/0x640 net/socket.c:1162 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff8800342540c0 (size 1864): + comm "a.out", pid 24109, jiffies 4299060398 (age 27.984s) + hex dump (first 32 bytes): + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ + 0a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ + backtrace: + [<ffffffff85c73a22>] kmemleak_alloc+0x72/0xc0 mm/kmemleak.c:915 + [<ffffffff816cc14d>] kmem_cache_alloc+0x12d/0x2c0 mm/slub.c:2607 + [<ffffffff84b642c9>] sk_prot_alloc+0x69/0x340 net/core/sock.c:1344 + [<ffffffff84b6d36a>] sk_alloc+0x3a/0x6b0 net/core/sock.c:1419 + [<ffffffff850c6d57>] inet6_create+0x2d7/0x1000 net/ipv6/af_inet6.c:173 + [<ffffffff84b5f47c>] __sock_create+0x37c/0x640 net/socket.c:1162 diff --git a/pkg/report/testdata/linux/report/53 b/pkg/report/testdata/linux/report/53 index 0ec2e5c81..bad2a423b 100644 --- a/pkg/report/testdata/linux/report/53 +++ b/pkg/report/testdata/linux/report/53 @@ -1,10 +1,11 @@ -TITLE: memory leak in __kmalloc +TITLE: memory leak in ext4_mb_init -[ 1722.511384] unreferenced object 0xffff880133c63800 (size 1024): -[ 1722.511384] comm "exe", pid 1521, jiffies 4294894652 -[ 1722.511384] backtrace: -[ 1722.511384] [<ffffffff810f8f36>] create_object+0x126/0x2b0 -[ 1722.511384] [<ffffffff810f91d5>] kmemleak_alloc+0x25/0x60 -[ 1722.511384] [<ffffffff810f32a3>] __kmalloc+0x113/0x200 -[ 1722.511384] [<ffffffff811aa061>] ext4_mb_init+0x1b1/0x570 -[ 1722.511384] [<ffffffff8119b3d2>] ext4_fill_super+0x1de2/0x26d0 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff880133c63800 (size 1024): + comm "exe", pid 1521, jiffies 4294894652 + backtrace: + [<ffffffff810f8f36>] create_object+0x126/0x2b0 + [<ffffffff810f91d5>] kmemleak_alloc+0x25/0x60 + [<ffffffff810f32a3>] __kmalloc+0x113/0x200 + [<ffffffff811aa061>] ext4_mb_init+0x1b1/0x570 + [<ffffffff8119b3d2>] ext4_fill_super+0x1de2/0x26d0 diff --git a/pkg/report/testdata/linux/report/54 b/pkg/report/testdata/linux/report/54 index d673b1f3f..1637470d9 100644 --- a/pkg/report/testdata/linux/report/54 +++ b/pkg/report/testdata/linux/report/54 @@ -1,11 +1,12 @@ -TITLE: memory leak in __alloc_skb +TITLE: memory leak in eth_rx_fill -[ 1722.511384] unreferenced object 0xc625e000 (size 2048): -[ 1722.511384] comm "swapper", pid 1, jiffies 4294937521 -[ 1722.511384] backtrace: -[ 1722.511384] [<c00c89f0>] create_object+0x11c/0x200 -[ 1722.511384] [<c00c6764>] __kmalloc_track_caller+0x138/0x178 -[ 1722.511384] [<c01d78c0>] __alloc_skb+0x4c/0x100 -[ 1722.511384] [<c01d8490>] dev_alloc_skb+0x18/0x3c -[ 1722.511384] [<c0198b48>] eth_rx_fill+0xd8/0x3fc -[ 1722.511384] [<c019ac74>] mv_eth_start_internals+0x30/0xf8 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xc625e000 (size 2048): + comm "swapper", pid 1, jiffies 4294937521 + backtrace: + [<c00c89f0>] create_object+0x11c/0x200 + [<c00c6764>] __kmalloc_track_caller+0x138/0x178 + [<c01d78c0>] __alloc_skb+0x4c/0x100 + [<c01d8490>] dev_alloc_skb+0x18/0x3c + [<c0198b48>] eth_rx_fill+0xd8/0x3fc + [<c019ac74>] mv_eth_start_internals+0x30/0xf8 diff --git a/pkg/report/testdata/linux/report/55 b/pkg/report/testdata/linux/report/55 index 44e5fb848..49330e3f0 100644 --- a/pkg/report/testdata/linux/report/55 +++ b/pkg/report/testdata/linux/report/55 @@ -1,11 +1,12 @@ -TITLE: memory leak in debug_objects_mem_init +TITLE: memory leak in start_kernel -[ 1722.511384] unreferenced object 0xdb8040c0 (size 20): -[ 1722.511384] comm "swapper", pid 0, jiffies 4294667296 -[ 1722.511384] backtrace: -[ 1722.511384] [<c04fd8b3>] kmemleak_alloc+0x193/0x2b8 -[ 1722.511384] [<c04f5e73>] kmem_cache_alloc+0x11e/0x174 -[ 1722.511384] [<c0aae5a7>] debug_objects_mem_init+0x63/0x1d9 -[ 1722.511384] [<c0a86a62>] start_kernel+0x2da/0x38d -[ 1722.511384] [<c0a86090>] i386_start_kernel+0x7f/0x98 -[ 1722.511384] [<ffffffff>] 0xffffffff +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xdb8040c0 (size 20): + comm "swapper", pid 0, jiffies 4294667296 + backtrace: + [<c04fd8b3>] kmemleak_alloc+0x193/0x2b8 + [<c04f5e73>] kmem_cache_alloc+0x11e/0x174 + [<c0aae5a7>] debug_objects_mem_init+0x63/0x1d9 + [<c0a86a62>] start_kernel+0x2da/0x38d + [<c0a86090>] i386_start_kernel+0x7f/0x98 + [<ffffffff>] 0xffffffff diff --git a/pkg/report/testdata/linux/report/58 b/pkg/report/testdata/linux/report/58 index 4eacdbb6a..4cac7fb95 100644 --- a/pkg/report/testdata/linux/report/58 +++ b/pkg/report/testdata/linux/report/58 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_preempt detected stalls on CPUs/tasks: { 2} (detected by 0, t=NUM jiffies, g=NUM, c=NUM, q=7339) CORRUPTED: Y [ 1722.511384] INFO: rcu_preempt detected stalls on CPUs/tasks: { 2} (detected by 0, t=65008 jiffies, g=48068, c=48067, q=7339) diff --git a/pkg/report/testdata/linux/report/59 b/pkg/report/testdata/linux/report/59 index 0bb90e800..da1da2a3e 100644 --- a/pkg/report/testdata/linux/report/59 +++ b/pkg/report/testdata/linux/report/59 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched detected stalls on CPUs/tasks: { 0} (detected by 1, t=2179 jiffies, g=740, c=739, q=1) CORRUPTED: Y [ 317.168127] INFO: rcu_sched detected stalls on CPUs/tasks: { 0} (detected by 1, t=2179 jiffies, g=740, c=739, q=1) diff --git a/pkg/report/testdata/linux/report/60 b/pkg/report/testdata/linux/report/60 index 0be3e64d8..4cbf64182 100644 --- a/pkg/report/testdata/linux/report/60 +++ b/pkg/report/testdata/linux/report/60 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_preempt self-detected stall on CPU CORRUPTED: Y [ 50.583499] something diff --git a/pkg/report/testdata/linux/report/61 b/pkg/report/testdata/linux/report/61 index d8f4581ee..7cff0cbfd 100644 --- a/pkg/report/testdata/linux/report/61 +++ b/pkg/report/testdata/linux/report/61 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched self-detected stall on CPU CORRUPTED: Y [ 50.583499] INFO: rcu_sched self-detected stall on CPU diff --git a/pkg/report/testdata/linux/report/62 b/pkg/report/testdata/linux/report/62 index 7afb2f802..4a51fafd3 100644 --- a/pkg/report/testdata/linux/report/62 +++ b/pkg/report/testdata/linux/report/62 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_bh detected stalls on CPUs/tasks: CORRUPTED: Y [ 152.002376] INFO: rcu_bh detected stalls on CPUs/tasks: diff --git a/pkg/report/testdata/linux/report/63 b/pkg/report/testdata/linux/report/63 index 6c7a706a2..d89b05b75 100644 --- a/pkg/report/testdata/linux/report/63 +++ b/pkg/report/testdata/linux/report/63 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched detected expedited stalls on CPUs/tasks: { CORRUPTED: Y [ 72.159680] INFO: rcu_sched detected expedited stalls on CPUs/tasks: { diff --git a/pkg/report/testdata/linux/report/64 b/pkg/report/testdata/linux/report/64 index f1e4b3e01..f5bfd0eaa 100644 --- a/pkg/report/testdata/linux/report/64 +++ b/pkg/report/testdata/linux/report/64 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock lockup suspected +TITLE: BUG: spinlock lockup suspected on CPU, syz-executor/NUM CORRUPTED: Y [ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 diff --git a/pkg/report/testdata/linux/report/65 b/pkg/report/testdata/linux/report/65 index 73d6d3a33..d6cc73b35 100644 --- a/pkg/report/testdata/linux/report/65 +++ b/pkg/report/testdata/linux/report/65 @@ -1,4 +1,235 @@ -TITLE: BUG: soft lockup -CORRUPTED: Y +TITLE: BUG: soft lockup in smp_call_function_many -[ 72.159680] BUG: soft lockup - CPU#3 stuck for 11s! [syz-executor:643] +[ 247.938942] watchdog: BUG: soft lockup - CPU#0 stuck for 134s! [kworker/0:2:1400] +[ 247.946595] Modules linked in: +[ 247.949764] irq event stamp: 494028 +[ 247.953370] hardirqs last enabled at (494027): [<ffffffff8516b14a>] restore_regs_and_return_to_kernel+0x0/0x26 +[ 247.963568] hardirqs last disabled at (494028): [<ffffffff8516c088>] apic_timer_interrupt+0x98/0xb0 +[ 247.972723] softirqs last enabled at (484570): [<ffffffff85171d23>] __do_softirq+0x733/0xbb2 +[ 247.981361] softirqs last disabled at (484563): [<ffffffff81426983>] irq_exit+0x1d3/0x210 +[ 247.990083] CPU: 0 PID: 1400 Comm: kworker/0:2 Not tainted 4.15.0-rc1+ #198 +[ 247.997151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 248.006484] Workqueue: events jump_label_update_timeout +[ 248.011822] task: ffff8801d2abe540 task.stack: ffff8801d2ac0000 +[ 248.019334] RIP: 0010:smp_call_function_single+0x364/0x560 +[ 248.026315] RSP: 0018:ffff8801d2ac6f00 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff11 +[ 248.033996] RAX: ffff8801d2abe540 RBX: 1ffff1003a558de8 RCX: ffffffff8164c2e2 +[ 248.041239] RDX: 0000000000000000 RSI: 00000000000000fb RDI: ffff8801d2ac6ff8 +[ 248.048482] RBP: ffff8801d2ac7050 R08: 1ffff1003a558dff R09: 0000000000000000 +[ 248.055724] R10: ffff8801d2ac7078 R11: 0000000000000000 R12: ffff8801d2ac6ff8 +[ 248.062969] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffed003a558df4 +[ 248.070211] FS: 0000000000000000(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000 +[ 248.078408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 248.084262] CR2: 0000000020335ffc CR3: 00000001d0869000 CR4: 00000000001426f0 +[ 248.091506] Call Trace: +[ 248.094075] ? add_nops+0x90/0x90 +[ 248.097504] ? generic_exec_single+0x5b0/0x5b0 +[ 248.102062] ? __mutex_lock+0x16f/0x1a80 +[ 248.106093] ? arch_jump_label_transform+0x1b/0x40 +[ 248.110995] ? print_usage_bug+0x3f0/0x3f0 +[ 248.115213] ? _find_next_bit+0xee/0x120 +[ 248.119250] ? add_nops+0x90/0x90 +[ 248.122676] ? find_next_bit+0x27/0x30 +[ 248.126547] smp_call_function_many+0x773/0x930 +[ 248.131192] ? smp_call_function_many+0x773/0x930 +[ 248.136013] ? add_nops+0x90/0x90 +[ 248.139449] ? smp_call_function_single_async+0x2d0/0x2d0 +[ 248.144960] ? mark_held_locks+0xb2/0x100 +[ 248.149082] ? text_poke+0x336/0x530 +[ 248.152772] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.157763] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.162488] ? trace_hardirqs_on+0xd/0x10 +[ 248.166606] ? add_nops+0x90/0x90 +[ 248.170033] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.174760] on_each_cpu+0x3d/0x1b0 +[ 248.178359] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.183088] text_poke_bp+0xe4/0x170 +[ 248.186774] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 248.191590] ? poke_int3_handler+0x90/0x90 +[ 248.195800] ? wait_for_completion+0x7b0/0x7b0 +[ 248.200361] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.205094] __jump_label_transform.isra.0+0x6a5/0x8a0 +[ 248.210352] ? bug_at+0x20/0x20 +[ 248.213606] ? check_noncircular+0x20/0x20 +[ 248.217814] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.222633] ? modules_open+0xa0/0xa0 +[ 248.226421] arch_jump_label_transform+0x2f/0x40 +[ 248.231152] __jump_label_update+0x207/0x2d0 +[ 248.235539] ? static_key_count+0x110/0x110 +[ 248.239838] ? atomic_dec_and_mutex_lock+0x112/0x150 +[ 248.244917] ? mutex_spin_on_owner+0xb50/0xb50 +[ 248.249480] jump_label_update+0x22c/0x2b0 +[ 248.253695] static_key_slow_dec_cpuslocked+0x176/0x1d0 +[ 248.259034] ? static_key_slow_inc+0x3c0/0x3c0 +[ 248.263596] ? rcu_read_lock_sched_held+0x108/0x120 +[ 248.268594] jump_label_update_timeout+0x1f/0x30 +[ 248.273326] process_one_work+0xbfd/0x1be0 +[ 248.277556] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 248.282197] ? finish_task_switch+0x1d3/0x740 +[ 248.286664] ? finish_task_switch+0x1aa/0x740 +[ 248.291159] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.295987] ? perf_trace_lock+0x900/0x900 +[ 248.300191] ? __sched_text_start+0x8/0x8 +[ 248.304316] ? lock_downgrade+0x980/0x980 +[ 248.308440] ? __wake_up_common_lock+0x190/0x310 +[ 248.313189] ? find_held_lock+0x39/0x1d0 +[ 248.317242] ? lock_acquire+0x1d5/0x580 +[ 248.321189] ? worker_thread+0x4a3/0x1990 +[ 248.325321] ? lock_release+0xda0/0xda0 +[ 248.329271] ? worker_pool_assign_id+0x1b0/0x1b0 +[ 248.334004] ? do_raw_spin_trylock+0x190/0x190 +[ 248.338580] worker_thread+0x223/0x1990 +[ 248.342560] ? process_one_work+0x1be0/0x1be0 +[ 248.347034] ? _raw_spin_unlock_irq+0x27/0x70 +[ 248.351505] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.356494] ? trace_hardirqs_on+0xd/0x10 +[ 248.360617] ? finish_task_switch+0x1d3/0x740 +[ 248.365083] ? finish_task_switch+0x1aa/0x740 +[ 248.369558] ? copy_overflow+0x20/0x20 +[ 248.373437] ? __schedule+0x8f3/0x2060 +[ 248.377296] ? check_noncircular+0x20/0x20 +[ 248.381527] ? find_held_lock+0x39/0x1d0 +[ 248.385573] ? find_held_lock+0x39/0x1d0 +[ 248.389625] ? lock_downgrade+0x980/0x980 +[ 248.393751] ? default_wake_function+0x30/0x50 +[ 248.398320] ? __schedule+0x2060/0x2060 +[ 248.402263] ? do_wait_intr+0x3e0/0x3e0 +[ 248.406215] ? do_raw_spin_trylock+0x190/0x190 +[ 248.410772] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 248.415852] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.420842] ? trace_hardirqs_on+0xd/0x10 +[ 248.424963] ? __kthread_parkme+0x175/0x240 +[ 248.429263] kthread+0x37a/0x440 +[ 248.432602] ? process_one_work+0x1be0/0x1be0 +[ 248.437067] ? kthread_stop+0x7b0/0x7b0 +[ 248.441018] ret_from_fork+0x24/0x30 +[ 248.444727] Code: 00 00 00 fc ff df 44 89 bd 50 ff ff ff 48 c1 e8 03 4c 01 e8 41 83 e7 01 c6 00 f8 74 4e 49 89 c7 49 83 c4 18 e8 4e 25 0b 00 f3 90 <4c> 89 e2 41 c6 07 04 48 c1 ea 03 42 0f b6 14 2a 84 d2 74 09 80 +[ 248.463942] Kernel panic - not syncing: softlockup: hung tasks +[ 248.469888] CPU: 0 PID: 1400 Comm: kworker/0:2 Tainted: G L 4.15.0-rc1+ #198 +[ 248.478256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 248.487585] Workqueue: events jump_label_update_timeout +[ 248.492919] Call Trace: +[ 248.495472] <IRQ> +[ 248.497597] dump_stack+0x194/0x257 +[ 248.501202] ? arch_local_irq_restore+0x53/0x53 +[ 248.505843] ? vprintk_default+0x28/0x30 +[ 248.509878] ? vprintk_func+0x5e/0xc0 +[ 248.513650] ? vsnprintf+0x1ed/0x1900 +[ 248.517432] panic+0x1e4/0x41c +[ 248.520597] ? refcount_error_report+0x214/0x214 +[ 248.525340] ? watchdog_timer_fn+0x303/0x320 +[ 248.529731] watchdog_timer_fn+0x314/0x320 +[ 248.533947] __hrtimer_run_queues+0x349/0xe10 +[ 248.538418] ? lock_downgrade+0x980/0x980 +[ 248.542540] ? watchdog+0x30/0x30 +[ 248.545971] ? hrtimer_cancel+0x40/0x40 +[ 248.549931] ? pvclock_read_flags+0x160/0x160 +[ 248.554417] ? kvm_clock_get_cycles+0x25/0x30 +[ 248.558883] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 248.564229] ? do_timer+0x50/0x50 +[ 248.567661] ? native_apic_msr_write+0x5c/0x80 +[ 248.572213] ? do_raw_spin_trylock+0x190/0x190 +[ 248.576767] ? lapic_next_event+0x54/0x80 +[ 248.580891] ? clockevents_program_event+0x108/0x2e0 +[ 248.585978] hrtimer_interrupt+0x1d4/0x5f0 +[ 248.590213] smp_apic_timer_interrupt+0x14a/0x700 +[ 248.595032] ? smp_call_function_single_interrupt+0x640/0x640 +[ 248.600889] ? _raw_spin_lock+0x32/0x40 +[ 248.604847] ? handle_edge_irq+0x2b4/0x7c0 +[ 248.609054] ? task_prio+0x40/0x40 +[ 248.612583] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 248.617409] apic_timer_interrupt+0x9d/0xb0 +[ 248.621700] </IRQ> +[ 248.623909] RIP: 0010:smp_call_function_single+0x364/0x560 +[ 248.629500] RSP: 0018:ffff8801d2ac6f00 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff11 +[ 248.637180] RAX: ffff8801d2abe540 RBX: 1ffff1003a558de8 RCX: ffffffff8164c2e2 +[ 248.644421] RDX: 0000000000000000 RSI: 00000000000000fb RDI: ffff8801d2ac6ff8 +[ 248.651662] RBP: ffff8801d2ac7050 R08: 1ffff1003a558dff R09: 0000000000000000 +[ 248.658903] R10: ffff8801d2ac7078 R11: 0000000000000000 R12: ffff8801d2ac6ff8 +[ 248.666144] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffed003a558df4 +[ 248.673405] ? smp_call_function_single+0x362/0x560 +[ 248.678409] ? add_nops+0x90/0x90 +[ 248.681839] ? generic_exec_single+0x5b0/0x5b0 +[ 248.686393] ? __mutex_lock+0x16f/0x1a80 +[ 248.690427] ? arch_jump_label_transform+0x1b/0x40 +[ 248.695329] ? print_usage_bug+0x3f0/0x3f0 +[ 248.699548] ? _find_next_bit+0xee/0x120 +[ 248.703586] ? add_nops+0x90/0x90 +[ 248.707013] ? find_next_bit+0x27/0x30 +[ 248.710884] smp_call_function_many+0x773/0x930 +[ 248.715539] ? smp_call_function_many+0x773/0x930 +[ 248.720362] ? add_nops+0x90/0x90 +[ 248.723796] ? smp_call_function_single_async+0x2d0/0x2d0 +[ 248.729309] ? mark_held_locks+0xb2/0x100 +[ 248.733431] ? text_poke+0x336/0x530 +[ 248.737120] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.742109] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.746838] ? trace_hardirqs_on+0xd/0x10 +[ 248.750957] ? add_nops+0x90/0x90 +[ 248.754383] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.759110] on_each_cpu+0x3d/0x1b0 +[ 248.762710] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.767443] text_poke_bp+0xe4/0x170 +[ 248.771131] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 248.775946] ? poke_int3_handler+0x90/0x90 +[ 248.780158] ? wait_for_completion+0x7b0/0x7b0 +[ 248.784721] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.789452] __jump_label_transform.isra.0+0x6a5/0x8a0 +[ 248.794707] ? bug_at+0x20/0x20 +[ 248.797964] ? check_noncircular+0x20/0x20 +[ 248.802170] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.806990] ? modules_open+0xa0/0xa0 +[ 248.810776] arch_jump_label_transform+0x2f/0x40 +[ 248.815507] __jump_label_update+0x207/0x2d0 +[ 248.819895] ? static_key_count+0x110/0x110 +[ 248.824192] ? atomic_dec_and_mutex_lock+0x112/0x150 +[ 248.829269] ? mutex_spin_on_owner+0xb50/0xb50 +[ 248.833832] jump_label_update+0x22c/0x2b0 +[ 248.838048] static_key_slow_dec_cpuslocked+0x176/0x1d0 +[ 248.843387] ? static_key_slow_inc+0x3c0/0x3c0 +[ 248.847951] ? rcu_read_lock_sched_held+0x108/0x120 +[ 248.853695] jump_label_update_timeout+0x1f/0x30 +[ 248.858424] process_one_work+0xbfd/0x1be0 +[ 248.862653] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 248.867292] ? finish_task_switch+0x1d3/0x740 +[ 248.871756] ? finish_task_switch+0x1aa/0x740 +[ 248.876251] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.881080] ? perf_trace_lock+0x900/0x900 +[ 248.885287] ? __sched_text_start+0x8/0x8 +[ 248.889411] ? lock_downgrade+0x980/0x980 +[ 248.893533] ? __wake_up_common_lock+0x190/0x310 +[ 248.898281] ? find_held_lock+0x39/0x1d0 +[ 248.902335] ? lock_acquire+0x1d5/0x580 +[ 248.906283] ? worker_thread+0x4a3/0x1990 +[ 248.910414] ? lock_release+0xda0/0xda0 +[ 248.914363] ? worker_pool_assign_id+0x1b0/0x1b0 +[ 248.919094] ? do_raw_spin_trylock+0x190/0x190 +[ 248.923671] worker_thread+0x223/0x1990 +[ 248.927650] ? process_one_work+0x1be0/0x1be0 +[ 248.932122] ? _raw_spin_unlock_irq+0x27/0x70 +[ 248.936593] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.941582] ? trace_hardirqs_on+0xd/0x10 +[ 248.945708] ? finish_task_switch+0x1d3/0x740 +[ 248.950177] ? finish_task_switch+0x1aa/0x740 +[ 248.954652] ? copy_overflow+0x20/0x20 +[ 248.958530] ? __schedule+0x8f3/0x2060 +[ 248.962386] ? check_noncircular+0x20/0x20 +[ 248.966615] ? find_held_lock+0x39/0x1d0 +[ 248.970661] ? find_held_lock+0x39/0x1d0 +[ 248.974716] ? lock_downgrade+0x980/0x980 +[ 248.978841] ? default_wake_function+0x30/0x50 +[ 248.983411] ? __schedule+0x2060/0x2060 +[ 248.987355] ? do_wait_intr+0x3e0/0x3e0 +[ 248.991308] ? do_raw_spin_trylock+0x190/0x190 +[ 248.995865] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 249.000944] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 249.005933] ? trace_hardirqs_on+0xd/0x10 +[ 249.010055] ? __kthread_parkme+0x175/0x240 +[ 249.014357] kthread+0x37a/0x440 +[ 249.017695] ? process_one_work+0x1be0/0x1be0 +[ 249.022163] ? kthread_stop+0x7b0/0x7b0 +[ 249.026113] ret_from_fork+0x24/0x30 +[ 249.030488] Dumping ftrace buffer: +[ 249.034111] (ftrace buffer empty) +[ 249.037809] Kernel Offset: disabled +[ 249.041413] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/66 b/pkg/report/testdata/linux/report/66 index efca8de66..1f9ef4a6a 100644 --- a/pkg/report/testdata/linux/report/66 +++ b/pkg/report/testdata/linux/report/66 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock lockup suspected +TITLE: BUG: spinlock lockup suspected on CPU, syz-executor/NUM CORRUPTED: Y [ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 diff --git a/pkg/report/testdata/linux/report/67 b/pkg/report/testdata/linux/report/67 index 81f2d6f45..2eef4bbe5 100644 --- a/pkg/report/testdata/linux/report/67 +++ b/pkg/report/testdata/linux/report/67 @@ -1,5 +1,173 @@ -TITLE: BUG: soft lockup -CORRUPTED: Y +TITLE: BUG: soft lockup in mulaw_decode -[ 72.159680] BUG: soft lockup - CPU#3 stuck for 11s! [syz-executor:643] -[ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 +[ 562.725743] watchdog: BUG: soft lockup - CPU#0 stuck for 135s! [syzkaller670324:3527] +[ 562.733767] Modules linked in: +[ 562.736941] irq event stamp: 2531226 +[ 562.740767] hardirqs last enabled at (2531225): [<00000000f1ec093f>] snd_pcm_stream_unlock_irq+0x78/0xe0 +[ 562.750576] hardirqs last disabled at (2531226): [<000000003c6ef1cd>] apic_timer_interrupt+0xa4/0xb0 +[ 562.759828] softirqs last enabled at (41848): [<0000000081bd5f03>] __do_softirq+0x7a0/0xb85 +[ 562.768381] softirqs last disabled at (41829): [<00000000d02c6d52>] irq_exit+0x1cc/0x200 +[ 562.777054] CPU: 0 PID: 3527 Comm: syzkaller670324 Not tainted 4.15.0-rc6+ #158 +[ 562.784477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 562.793814] RIP: 0010:memcpy+0x45/0x50 +[ 562.797675] RSP: 0018:ffff8801bf6676f0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff11 +[ 562.805414] RAX: ffffc9000137ba06 RBX: 0000000000000002 RCX: 0000000000000000 +[ 562.812665] RDX: 0000000000000002 RSI: ffff8801bf6677da RDI: ffffc9000137ba08 +[ 562.819913] RBP: ffff8801bf667708 R08: fffff5200026f741 R09: fffff5200026f741 +[ 562.827157] R10: 0000000000000001 R11: fffff5200026f740 R12: ffffc9000137ba06 +[ 562.834404] R13: ffff8801bf6677d8 R14: dffffc0000000000 R15: ffffc9000137ba06 +[ 562.841665] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f7ec6b40 +[ 562.849868] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 +[ 562.855726] CR2: 0000000020735ee0 CR3: 00000001bfba8002 CR4: 00000000001606f0 +[ 562.862979] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 562.870226] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 562.877473] Call Trace: +[ 562.880094] mulaw_decode+0x52f/0x770 +[ 562.883876] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 562.888898] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 562.894156] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 562.899501] ? io_src_channels+0x10a/0x210 +[ 562.903719] mulaw_transfer+0x222/0x270 +[ 562.907670] ? lock_release+0xa40/0xa40 +[ 562.911626] ? mulaw_encode+0x7c0/0x7c0 +[ 562.915588] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 562.920680] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 562.926368] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 562.931623] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 562.937326] snd_pcm_oss_write2+0x260/0x420 +[ 562.941634] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 562.946110] ? snd_pcm_oss_write2+0x2bb/0x420 +[ 562.950586] ? snd_pcm_oss_write2+0x2e6/0x420 +[ 562.955066] snd_pcm_oss_write+0x5fe/0x830 +[ 562.959301] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 562.964131] ? find_held_lock+0x35/0x1d0 +[ 562.968182] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 562.973007] __vfs_write+0xef/0x970 +[ 562.976617] ? rcu_note_context_switch+0x710/0x710 +[ 562.981531] ? kernel_read+0x120/0x120 +[ 562.985398] ? __might_sleep+0x95/0x190 +[ 562.989356] ? _cond_resched+0x14/0x30 +[ 562.993223] ? __inode_security_revalidate+0xd9/0x130 +[ 562.998392] ? avc_policy_seqno+0x9/0x20 +[ 563.002432] ? selinux_file_permission+0x82/0x460 +[ 563.007260] ? security_file_permission+0x89/0x1e0 +[ 563.012174] ? rw_verify_area+0xe5/0x2b0 +[ 563.016212] ? __fdget_raw+0x20/0x20 +[ 563.019910] vfs_write+0x189/0x510 +[ 563.023439] SyS_write+0xef/0x220 +[ 563.026872] ? __do_page_fault+0x3d6/0xc90 +[ 563.031090] ? SyS_read+0x220/0x220 +[ 563.034702] ? do_fast_syscall_32+0x156/0xf9d +[ 563.039182] ? SyS_read+0x220/0x220 +[ 563.042792] do_fast_syscall_32+0x3ee/0xf9d +[ 563.047102] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 563.051675] ? syscall_return_slowpath+0x2ad/0x550 +[ 563.056584] ? prepare_exit_to_usermode+0x340/0x340 +[ 563.061581] ? retint_user+0x18/0x18 +[ 563.065284] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.070119] entry_SYSENTER_compat+0x54/0x63 +[ 563.074504] RIP: 0023:0xf7f0cc79 +[ 563.077845] RSP: 002b:00000000f7ec61fc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 +[ 563.085532] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020735ee0 +[ 563.092780] RDX: 00000000fffffee4 RSI: 0000000000000000 RDI: 0000000000000000 +[ 563.100028] RBP: 00000000003d0f00 R08: 0000000000000000 R09: 0000000000000000 +[ 563.107277] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 563.114524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 +[ 563.121796] Code: 89 de 31 d2 e8 9d f9 ff ff 48 8b 4d 08 48 89 de 4c 89 e7 ba 01 00 00 00 e8 89 f9 ff ff 48 89 da 4c 89 ee 4c 89 e7 e8 7b eb c0 03 <5b> 41 5c 41 5d 5d c3 0f 1f 40 00 89 f1 b8 00 10 00 00 55 48 d3 +[ 563.141034] Kernel panic - not syncing: softlockup: hung tasks +[ 563.146993] CPU: 0 PID: 3527 Comm: syzkaller670324 Tainted: G L 4.15.0-rc6+ #158 +[ 563.155717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 563.165059] Call Trace: +[ 563.167618] <IRQ> +[ 563.169827] dump_stack+0x194/0x257 +[ 563.173438] ? arch_local_irq_restore+0x53/0x53 +[ 563.178082] ? vprintk_default+0x28/0x30 +[ 563.182125] ? vprintk_func+0x5e/0xc0 +[ 563.185907] ? vsnprintf+0x1ed/0x1900 +[ 563.189692] panic+0x1e4/0x41c +[ 563.192864] ? refcount_error_report+0x214/0x214 +[ 563.197611] ? watchdog_timer_fn+0x303/0x320 +[ 563.202006] watchdog_timer_fn+0x314/0x320 +[ 563.206236] __hrtimer_run_queues+0x358/0xe20 +[ 563.210715] ? watchdog+0x30/0x30 +[ 563.214154] ? hrtimer_fixup_init+0x70/0x70 +[ 563.218466] ? pvclock_read_flags+0x160/0x160 +[ 563.222959] ? kvm_clock_get_cycles+0x25/0x30 +[ 563.227434] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 563.232786] ? do_timer+0x50/0x50 +[ 563.236217] ? native_apic_msr_write+0x5c/0x80 +[ 563.240777] ? do_raw_spin_trylock+0x190/0x190 +[ 563.245336] ? lapic_next_event+0x54/0x80 +[ 563.249464] ? clockevents_program_event+0x108/0x2e0 +[ 563.254559] hrtimer_interrupt+0x1c2/0x5e0 +[ 563.258801] smp_apic_timer_interrupt+0x14a/0x700 +[ 563.263623] ? smp_call_function_single_interrupt+0x640/0x640 +[ 563.269488] ? _raw_spin_lock+0x32/0x40 +[ 563.273447] ? _raw_spin_unlock+0x22/0x30 +[ 563.277573] ? handle_edge_irq+0x2b4/0x7c0 +[ 563.281787] ? task_prio+0x40/0x40 +[ 563.285324] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.290156] apic_timer_interrupt+0xa9/0xb0 +[ 563.294450] </IRQ> +[ 563.296665] RIP: 0010:memcpy+0x45/0x50 +[ 563.300525] RSP: 0018:ffff8801bf6676f0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff11 +[ 563.308213] RAX: ffffc9000137ba06 RBX: 0000000000000002 RCX: 0000000000000000 +[ 563.316166] RDX: 0000000000000002 RSI: ffff8801bf6677da RDI: ffffc9000137ba08 +[ 563.323417] RBP: ffff8801bf667708 R08: fffff5200026f741 R09: fffff5200026f741 +[ 563.330662] R10: 0000000000000001 R11: fffff5200026f740 R12: ffffc9000137ba06 +[ 563.337911] R13: ffff8801bf6677d8 R14: dffffc0000000000 R15: ffffc9000137ba06 +[ 563.345202] mulaw_decode+0x52f/0x770 +[ 563.348983] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 563.354005] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 563.359265] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 563.364611] ? io_src_channels+0x10a/0x210 +[ 563.368831] mulaw_transfer+0x222/0x270 +[ 563.372780] ? lock_release+0xa40/0xa40 +[ 563.376738] ? mulaw_encode+0x7c0/0x7c0 +[ 563.380695] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 563.385786] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 563.391477] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 563.396734] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 563.402433] snd_pcm_oss_write2+0x260/0x420 +[ 563.406767] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 563.411242] ? snd_pcm_oss_write2+0x2bb/0x420 +[ 563.415719] ? snd_pcm_oss_write2+0x2e6/0x420 +[ 563.420201] snd_pcm_oss_write+0x5fe/0x830 +[ 563.424433] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 563.429258] ? find_held_lock+0x35/0x1d0 +[ 563.433309] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 563.438130] __vfs_write+0xef/0x970 +[ 563.441737] ? rcu_note_context_switch+0x710/0x710 +[ 563.446648] ? kernel_read+0x120/0x120 +[ 563.450517] ? __might_sleep+0x95/0x190 +[ 563.454475] ? _cond_resched+0x14/0x30 +[ 563.458343] ? __inode_security_revalidate+0xd9/0x130 +[ 563.463514] ? avc_policy_seqno+0x9/0x20 +[ 563.467552] ? selinux_file_permission+0x82/0x460 +[ 563.472382] ? security_file_permission+0x89/0x1e0 +[ 563.477298] ? rw_verify_area+0xe5/0x2b0 +[ 563.481338] ? __fdget_raw+0x20/0x20 +[ 563.485036] vfs_write+0x189/0x510 +[ 563.488563] SyS_write+0xef/0x220 +[ 563.491996] ? __do_page_fault+0x3d6/0xc90 +[ 563.496215] ? SyS_read+0x220/0x220 +[ 563.499827] ? do_fast_syscall_32+0x156/0xf9d +[ 563.504309] ? SyS_read+0x220/0x220 +[ 563.507918] do_fast_syscall_32+0x3ee/0xf9d +[ 563.512230] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 563.516803] ? syscall_return_slowpath+0x2ad/0x550 +[ 563.521711] ? prepare_exit_to_usermode+0x340/0x340 +[ 563.526706] ? retint_user+0x18/0x18 +[ 563.530404] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.535238] entry_SYSENTER_compat+0x54/0x63 +[ 563.539641] RIP: 0023:0xf7f0cc79 +[ 563.542980] RSP: 002b:00000000f7ec61fc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 +[ 563.550667] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020735ee0 +[ 563.557914] RDX: 00000000fffffee4 RSI: 0000000000000000 RDI: 0000000000000000 +[ 563.565162] RBP: 00000000003d0f00 R08: 0000000000000000 R09: 0000000000000000 +[ 563.572409] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 563.579660] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 +[ 563.587661] Dumping ftrace buffer: +[ 563.591248] (ftrace buffer empty) +[ 563.594937] Kernel Offset: disabled +[ 563.598549] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/68 b/pkg/report/testdata/linux/report/68 index fd92ec162..3e6c702f5 100644 --- a/pkg/report/testdata/linux/report/68 +++ b/pkg/report/testdata/linux/report/68 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock recursion +TITLE: BUG: spinlock recursion in __task_rq_lock [ 213.269287] BUG: spinlock recursion on CPU#0, syz-executor7/5032 [ 213.281506] lock: 0xffff88006c122d00, .magic: dead4ead, .owner: syz-executor7/5032, .owner_cpu: -1 diff --git a/pkg/report/testdata/linux/report/69 b/pkg/report/testdata/linux/report/69 index 7b841d79b..06aca0a00 100644 --- a/pkg/report/testdata/linux/report/69 +++ b/pkg/report/testdata/linux/report/69 @@ -1,4 +1,4 @@ -TITLE: INFO: task hung in ldsem_down_write +TITLE: INFO: task hung in tty_ldisc_hangup [ 843.240752] INFO: task getty:2986 blocked for more than 120 seconds. [ 843.247365] Not tainted 3.18.0-13280-g93f6785-dirty #12 diff --git a/pkg/report/testdata/linux/report/7 b/pkg/report/testdata/linux/report/7 index 417322cb2..61bc14df5 100644 --- a/pkg/report/testdata/linux/report/7 +++ b/pkg/report/testdata/linux/report/7 @@ -1,4 +1,4 @@ -TITLE: BUG: soft lockup +TITLE: BUG: soft lockup - CPU stuck for 11s! [syz-executor] CORRUPTED: Y mmap(&(0x7f00008dd000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0) diff --git a/pkg/report/testdata/linux/report/70 b/pkg/report/testdata/linux/report/70 index 4f4997511..8819642d6 100644 --- a/pkg/report/testdata/linux/report/70 +++ b/pkg/report/testdata/linux/report/70 @@ -1,4 +1,4 @@ -TITLE: INFO: task hung in wait_on_page_bit_common +TITLE: INFO: task hung in iterate_bdevs [ 615.391254] INFO: task syz-executor5:10045 blocked for more than 120 seconds. [ 615.398657] Not tainted 4.13.0-rc1+ #4 diff --git a/pkg/report/testdata/linux/report/78 b/pkg/report/testdata/linux/report/78 index 4babdc208..388562018 100644 --- a/pkg/report/testdata/linux/report/78 +++ b/pkg/report/testdata/linux/report/78 @@ -1,4 +1,31 @@ -TITLE: BUG: spinlock bad magic -CORRUPTED: Y +TITLE: BUG: spinlock bad magic in tcp_nuke_addr -[ 982.271203] BUG: spinlock bad magic on CPU#0, syz-executor12/24932 +[ 82.818367] BUG: spinlock bad magic on CPU#0, ^keyring*�vmnet/20513 +[ 82.824830] lock: 0xffff8800bb37e088, .magic: ffff8800, .owner: <none>/-1, .owner_cpu: 131071 +[ 82.833579] CPU: 0 PID: 20513 Comm: ^keyring*�vmnet Not tainted 4.4.70+ #9 +[ 82.840570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 82.849899] 0000000000000000 ffff8801d3e4faf8 ffffffff81c01b4c ffff8800bb37e088 +[ 82.857899] ffff8801d74e1d80 ffffffff83209890 ffff8800bb37e000 ffff8801d3e4fb38 +[ 82.865898] ffffffff811d2be2 0000000000000101 ffff8801db91e140 0000000000000000 +[ 82.873873] Call Trace: +[ 82.876438] [<ffffffff81c01b4c>] dump_stack+0x80/0xb4 +[ 82.881697] [<ffffffff811d2be2>] spin_dump+0x152/0x280 +[ 82.887044] [<ffffffff811d2fc5>] do_raw_spin_lock+0x225/0x2c0 +[ 82.892991] [<ffffffff828b61be>] _raw_spin_lock+0xe/0x10 +[ 82.898497] [<ffffffff824e6a26>] tcp_nuke_addr+0x586/0x8a0 +[ 82.904173] [<ffffffff81aad743>] ? security_capable+0x93/0xc0 +[ 82.910115] [<ffffffff8259012f>] devinet_ioctl+0x58f/0x1460 +[ 82.915878] [<ffffffff8258fba0>] ? inet_ifa_byprefix+0x1e0/0x1e0 +[ 82.922075] [<ffffffff8124ec10>] ? exit_robust_list+0x1c0/0x1c0 +[ 82.928190] [<ffffffff8259566c>] inet_ioctl+0x11c/0x1d0 +[ 82.933619] [<ffffffff82127eea>] sock_do_ioctl+0x6a/0xb0 +[ 82.939136] [<ffffffff8212875b>] sock_ioctl+0x29b/0x390 +[ 82.944569] [<ffffffff821284c0>] ? compat_ifr_data_ioctl+0x150/0x150 +[ 82.951122] [<ffffffff814f68bf>] do_vfs_ioctl+0x68f/0xdb0 +[ 82.956714] [<ffffffff81444c58>] ? do_mmap+0x288/0x980 +[ 82.962051] [<ffffffff814f6230>] ? ioctl_preallocate+0x1c0/0x1c0 +[ 82.968250] [<ffffffff8125051c>] ? SyS_futex+0x1fc/0x2a0 +[ 82.973753] [<ffffffff81511f27>] ? __fget+0x177/0x220 +[ 82.978999] [<ffffffff81ab099e>] ? security_file_ioctl+0x8e/0xc0 +[ 82.985204] [<ffffffff814f7074>] SyS_ioctl+0x94/0xc0 +[ 82.990363] [<ffffffff828b682e>] entry_SYSCALL_64_fastpath+0x12/0x6d diff --git a/pkg/report/testdata/linux/report/84 b/pkg/report/testdata/linux/report/84 index 3ed5ec48d..2ce990e6c 100644 --- a/pkg/report/testdata/linux/report/84 +++ b/pkg/report/testdata/linux/report/84 @@ -1,4 +1,4 @@ -TITLE: general protection fault +TITLE: general protection fault: 0000 [#1] [ 387.NUM] audit: type=1326 audit(ADDR.637:LINE): auid=ADDR uid=0 gid=0 ses=ADDR pid=NUM comm="syz-executor" exe="/root/s CORRUPTED: Y [ 92.396607] general protection fault: 0000 [#1] [ 387.811073] audit: type=1326 audit(1486238739.637:135): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=10020 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x44fad9 code=0x0 diff --git a/pkg/report/testdata/linux/report/91 b/pkg/report/testdata/linux/report/91 index aa46f2079..5931bb081 100644 --- a/pkg/report/testdata/linux/report/91 +++ b/pkg/report/testdata/linux/report/91 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at net/ipv6/ip6_flowlabel.c:LINE +TITLE: INFO: suspicious RCU usage. ] CORRUPTED: Y [ 1722.511384] =============================== diff --git a/pkg/report/testdata/linux/report/95 b/pkg/report/testdata/linux/report/95 index 01cc58178..c7919e1d3 100644 --- a/pkg/report/testdata/linux/report/95 +++ b/pkg/report/testdata/linux/report/95 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock already unlocked +TITLE: BUG: spinlock already unlocked in __wake_up [ 108.620932] BUG: spinlock already unlocked on CPU#1, migration/1/12 [ 108.627365] lock: rcu_sched_state+0xb40/0xc20, .magic: dead4ead, .owner: <none>/-1, .owner_cpu: -1 @@ -32,4 +32,4 @@ TITLE: BUG: spinlock already unlocked [ 108.804399] [<ffffffff81338300>] ? kthread_create_on_node+0x460/0x460 [ 108.811031] [<ffffffff82d2fbac>] ret_from_fork+0x5c/0x90 [ 108.816532] [<ffffffff81338300>] ? kthread_create_on_node+0x460/0x460 -
\ No newline at end of file + diff --git a/pkg/report/testdata/linux/report/98 b/pkg/report/testdata/linux/report/98 index 7aa4b3c81..ea0234574 100644 --- a/pkg/report/testdata/linux/report/98 +++ b/pkg/report/testdata/linux/report/98 @@ -1,4 +1,4 @@ -TITLE: possible deadlock +TITLE: WARNING: possible circular locking dependency detected CORRUPTED: Y [ 308.130685] ====================================================== |