From 645ce5da79c9654c314f0d12f4c11f2a94ec156b Mon Sep 17 00:00:00 2001 From: Dmitry Vyukov Date: Sun, 4 Feb 2018 14:06:58 +0100 Subject: pkg/report: improve report titles 1. Replace stacktraceRe with custom code which is more flexible. stacktraceRe stumbled on any unrelated lines and could not properly parse truncated stacks. 2. Match report regexp earlier. If we match simler title regexp, but don't match report regexp or fail to parse stack trace, the report is corrupted. This eliminates lots of duplicate corrupted oops entries, which were there only because we had complex regexp's in titles. 3. Ignore low-level frames during stack parsing. E.g. we never want to report a GPF in lock_acquire or memcpy (somewhat similar to what we do for guilty files). 4. Add a bunch of specialized formats for WARNINGs. There is number of generic debugging facilities (like ODEBUG, debug usercopy, kobject, refcount_t, etc), and the bug is never in these facilities, it's in the caller instead. 5. Improve some other oops formats. 6. Add a bunch of additional tests. This resolves most of TODOs in tests. Fixes #515 --- pkg/report/testdata/linux/guilty/30 | 51 ++++++ pkg/report/testdata/linux/guilty/31 | 58 +++++++ pkg/report/testdata/linux/guilty/32 | 57 +++++++ pkg/report/testdata/linux/report/0 | 2 +- pkg/report/testdata/linux/report/100 | 2 +- pkg/report/testdata/linux/report/102 | 2 +- pkg/report/testdata/linux/report/103 | 2 +- pkg/report/testdata/linux/report/11 | 2 +- pkg/report/testdata/linux/report/110 | 2 +- pkg/report/testdata/linux/report/112 | 2 +- pkg/report/testdata/linux/report/114 | 2 +- pkg/report/testdata/linux/report/115 | 3 +- pkg/report/testdata/linux/report/126 | 9 +- pkg/report/testdata/linux/report/134 | 3 +- pkg/report/testdata/linux/report/136 | 5 +- pkg/report/testdata/linux/report/137 | 5 +- pkg/report/testdata/linux/report/138 | 4 +- pkg/report/testdata/linux/report/139 | 3 +- pkg/report/testdata/linux/report/142 | 1 - pkg/report/testdata/linux/report/143 | 63 +++---- pkg/report/testdata/linux/report/145 | 4 +- pkg/report/testdata/linux/report/146 | 6 +- pkg/report/testdata/linux/report/147 | 3 +- pkg/report/testdata/linux/report/148 | 3 +- pkg/report/testdata/linux/report/149 | 6 +- pkg/report/testdata/linux/report/150 | 3 +- pkg/report/testdata/linux/report/152 | 2 +- pkg/report/testdata/linux/report/153 | 4 +- pkg/report/testdata/linux/report/154 | 4 +- pkg/report/testdata/linux/report/156 | 2 - pkg/report/testdata/linux/report/157 | 4 +- pkg/report/testdata/linux/report/158 | 3 +- pkg/report/testdata/linux/report/159 | 3 +- pkg/report/testdata/linux/report/160 | 112 +++++++++++++ pkg/report/testdata/linux/report/161 | 90 ++++++++++ pkg/report/testdata/linux/report/162 | 63 +++++++ pkg/report/testdata/linux/report/163 | 75 +++++++++ pkg/report/testdata/linux/report/164 | 69 ++++++++ pkg/report/testdata/linux/report/165 | 89 ++++++++++ pkg/report/testdata/linux/report/166 | 118 +++++++++++++ pkg/report/testdata/linux/report/167 | 69 ++++++++ pkg/report/testdata/linux/report/168 | 100 +++++++++++ pkg/report/testdata/linux/report/169 | 87 ++++++++++ pkg/report/testdata/linux/report/170 | 77 +++++++++ pkg/report/testdata/linux/report/171 | 130 +++++++++++++++ pkg/report/testdata/linux/report/172 | 192 +++++++++++++++++++++ pkg/report/testdata/linux/report/173 | 114 +++++++++++++ pkg/report/testdata/linux/report/174 | 72 ++++++++ pkg/report/testdata/linux/report/175 | 41 +++++ pkg/report/testdata/linux/report/176 | 83 ++++++++++ pkg/report/testdata/linux/report/177 | 203 +++++++++++++++++++++++ pkg/report/testdata/linux/report/178 | 14 ++ pkg/report/testdata/linux/report/179 | 112 +++++++++++++ pkg/report/testdata/linux/report/180 | 162 ++++++++++++++++++ pkg/report/testdata/linux/report/181 | 128 ++++++++++++++ pkg/report/testdata/linux/report/182 | 136 +++++++++++++++ pkg/report/testdata/linux/report/183 | 138 ++++++++++++++++ pkg/report/testdata/linux/report/184 | 52 ++++++ pkg/report/testdata/linux/report/185 | 153 +++++++++++++++++ pkg/report/testdata/linux/report/186 | 155 +++++++++++++++++ pkg/report/testdata/linux/report/187 | 145 ++++++++++++++++ pkg/report/testdata/linux/report/188 | 181 ++++++++++++++++++++ pkg/report/testdata/linux/report/189 | 168 +++++++++++++++++++ pkg/report/testdata/linux/report/190 | 163 ++++++++++++++++++ pkg/report/testdata/linux/report/191 | 248 ++++++++++++++++++++++++++++ pkg/report/testdata/linux/report/192 | 312 +++++++++++++++++++++++++++++++++++ pkg/report/testdata/linux/report/193 | 193 ++++++++++++++++++++++ pkg/report/testdata/linux/report/194 | 257 +++++++++++++++++++++++++++++ pkg/report/testdata/linux/report/20 | 2 +- pkg/report/testdata/linux/report/34 | 2 +- pkg/report/testdata/linux/report/35 | 2 +- pkg/report/testdata/linux/report/51 | 27 +-- pkg/report/testdata/linux/report/52 | 27 +-- pkg/report/testdata/linux/report/53 | 19 ++- pkg/report/testdata/linux/report/54 | 21 +-- pkg/report/testdata/linux/report/55 | 21 +-- pkg/report/testdata/linux/report/58 | 2 +- pkg/report/testdata/linux/report/59 | 2 +- pkg/report/testdata/linux/report/60 | 2 +- pkg/report/testdata/linux/report/61 | 2 +- pkg/report/testdata/linux/report/62 | 2 +- pkg/report/testdata/linux/report/63 | 2 +- pkg/report/testdata/linux/report/64 | 2 +- pkg/report/testdata/linux/report/65 | 237 +++++++++++++++++++++++++- pkg/report/testdata/linux/report/66 | 2 +- pkg/report/testdata/linux/report/67 | 176 +++++++++++++++++++- pkg/report/testdata/linux/report/68 | 2 +- pkg/report/testdata/linux/report/69 | 2 +- pkg/report/testdata/linux/report/7 | 2 +- pkg/report/testdata/linux/report/70 | 2 +- pkg/report/testdata/linux/report/78 | 33 +++- pkg/report/testdata/linux/report/84 | 2 +- pkg/report/testdata/linux/report/91 | 2 +- pkg/report/testdata/linux/report/95 | 4 +- pkg/report/testdata/linux/report/98 | 2 +- 95 files changed, 5243 insertions(+), 184 deletions(-) create mode 100644 pkg/report/testdata/linux/guilty/30 create mode 100644 pkg/report/testdata/linux/guilty/31 create mode 100644 pkg/report/testdata/linux/guilty/32 create mode 100644 pkg/report/testdata/linux/report/160 create mode 100644 pkg/report/testdata/linux/report/161 create mode 100644 pkg/report/testdata/linux/report/162 create mode 100644 pkg/report/testdata/linux/report/163 create mode 100644 pkg/report/testdata/linux/report/164 create mode 100644 pkg/report/testdata/linux/report/165 create mode 100644 pkg/report/testdata/linux/report/166 create mode 100644 pkg/report/testdata/linux/report/167 create mode 100644 pkg/report/testdata/linux/report/168 create mode 100644 pkg/report/testdata/linux/report/169 create mode 100644 pkg/report/testdata/linux/report/170 create mode 100644 pkg/report/testdata/linux/report/171 create mode 100644 pkg/report/testdata/linux/report/172 create mode 100644 pkg/report/testdata/linux/report/173 create mode 100644 pkg/report/testdata/linux/report/174 create mode 100644 pkg/report/testdata/linux/report/175 create mode 100644 pkg/report/testdata/linux/report/176 create mode 100644 pkg/report/testdata/linux/report/177 create mode 100644 pkg/report/testdata/linux/report/178 create mode 100644 pkg/report/testdata/linux/report/179 create mode 100644 pkg/report/testdata/linux/report/180 create mode 100644 pkg/report/testdata/linux/report/181 create mode 100644 pkg/report/testdata/linux/report/182 create mode 100644 pkg/report/testdata/linux/report/183 create mode 100644 pkg/report/testdata/linux/report/184 create mode 100644 pkg/report/testdata/linux/report/185 create mode 100644 pkg/report/testdata/linux/report/186 create mode 100644 pkg/report/testdata/linux/report/187 create mode 100644 pkg/report/testdata/linux/report/188 create mode 100644 pkg/report/testdata/linux/report/189 create mode 100644 pkg/report/testdata/linux/report/190 create mode 100644 pkg/report/testdata/linux/report/191 create mode 100644 pkg/report/testdata/linux/report/192 create mode 100644 pkg/report/testdata/linux/report/193 create mode 100644 pkg/report/testdata/linux/report/194 (limited to 'pkg/report/testdata/linux') diff --git a/pkg/report/testdata/linux/guilty/30 b/pkg/report/testdata/linux/guilty/30 new file mode 100644 index 000000000..fb4b044f6 --- /dev/null +++ b/pkg/report/testdata/linux/guilty/30 @@ -0,0 +1,51 @@ +FILE: net/ipv4/netfilter/ipt_CLUSTERIP.c + +------------[ cut here ]------------ +proc_dir_entry 'ipt_CLUSTERIP/172.20.0.170' already registered +WARNING: CPU: 1 PID: 4074 at fs/proc/generic.c:330 proc_register+0x2a4/0x370 fs/proc/generic.c:329 +Kernel panic - not syncing: panic_on_warn set ... + +CPU: 1 PID: 4074 Comm: syzkaller105937 Not tainted 4.15.0+ #221 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +Call Trace: + __dump_stack lib/dump_stack.c:17 [inline] + dump_stack+0x194/0x257 lib/dump_stack.c:53 + panic+0x1e4/0x41c kernel/panic.c:183 + __warn+0x1dc/0x200 kernel/panic.c:547 + report_bug+0x211/0x2d0 lib/bug.c:184 + fixup_bug.part.11+0x37/0x80 arch/x86/kernel/traps.c:178 + fixup_bug arch/x86/kernel/traps.c:247 [inline] + do_error_trap+0x2d7/0x3e0 arch/x86/kernel/traps.c:296 + do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:315 + invalid_op+0x22/0x40 arch/x86/entry/entry_64.S:1097 +RIP: 0010:proc_register+0x2a4/0x370 fs/proc/generic.c:329 +RSP: 0018:ffff8801da886e20 EFLAGS: 00010286 +RAX: dffffc0000000008 RBX: ffff8801d21cc7b8 RCX: ffffffff815a57ae +RDX: 0000000000000000 RSI: 1ffff1003b510d74 RDI: 1ffff1003b510d49 +RBP: ffff8801da886e70 R08: 1ffff1003b510d0b R09: 0000000000000000 +R10: ffff8801da886cd8 R11: 0000000000000000 R12: ffff8801cbf66440 +R13: dffffc0000000000 R14: ffff8801ca2fa348 R15: ffff8801cbf66501 + proc_create_data+0xf8/0x180 fs/proc/generic.c:494 + clusterip_config_init net/ipv4/netfilter/ipt_CLUSTERIP.c:250 [inline] + clusterip_tg_check+0xf9c/0x16d0 net/ipv4/netfilter/ipt_CLUSTERIP.c:488 + xt_check_target+0x22c/0x7d0 net/netfilter/x_tables.c:850 + check_target net/ipv4/netfilter/ip_tables.c:513 [inline] + find_check_entry.isra.8+0x8c8/0xcb0 net/ipv4/netfilter/ip_tables.c:554 + translate_table+0xed1/0x1610 net/ipv4/netfilter/ip_tables.c:725 + do_replace net/ipv4/netfilter/ip_tables.c:1141 [inline] + do_ipt_set_ctl+0x370/0x5f0 net/ipv4/netfilter/ip_tables.c:1675 + nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] + nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 + ip_setsockopt+0x97/0xa0 net/ipv4/ip_sockglue.c:1259 + sctp_setsockopt+0x2b6/0x61d0 net/sctp/socket.c:4104 + sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 + SYSC_setsockopt net/socket.c:1849 [inline] + SyS_setsockopt+0x189/0x360 net/socket.c:1828 + entry_SYSCALL_64_fastpath+0x29/0xa0 +RIP: 0033:0x44afa9 +RSP: 002b:00007f43f70edce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 +RAX: ffffffffffffffda RBX: 00000000006e0c3c RCX: 000000000044afa9 +RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 +RBP: 00000000006e0c38 R08: 0000000000000348 R09: 0000000000000000 +R10: 0000000020013c90 R11: 0000000000000246 R12: 0000000000000000 +R13: 00007ffe194fe84f R14: 00007f43f70ee9c0 R15: 0000000000000005 diff --git a/pkg/report/testdata/linux/guilty/31 b/pkg/report/testdata/linux/guilty/31 new file mode 100644 index 000000000..074c11c5b --- /dev/null +++ b/pkg/report/testdata/linux/guilty/31 @@ -0,0 +1,58 @@ +FILE: net/bridge/br_if.c + +------------[ cut here ]------------ +WARNING: CPU: 1 PID: 3485 at lib/kobject.c:244 kobject_add_internal+0x3f6/0xbc0 lib/kobject.c:242 +Kernel panic - not syncing: panic_on_warn set ... + +CPU: 1 PID: 3485 Comm: syz-executor6 Not tainted 4.14.0-rc4+ #80 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +Call Trace: + __dump_stack lib/dump_stack.c:16 [inline] + dump_stack+0x194/0x257 lib/dump_stack.c:52 + panic+0x1e4/0x417 kernel/panic.c:181 + __warn+0x1c4/0x1d9 kernel/panic.c:542 + report_bug+0x211/0x2d0 lib/bug.c:183 + fixup_bug+0x40/0x90 arch/x86/kernel/traps.c:178 + do_trap_no_signal arch/x86/kernel/traps.c:212 [inline] + do_trap+0x260/0x390 arch/x86/kernel/traps.c:261 + do_error_trap+0x120/0x390 arch/x86/kernel/traps.c:298 + do_invalid_op+0x1b/0x20 arch/x86/kernel/traps.c:311 + invalid_op+0x18/0x20 arch/x86/entry/entry_64.S:905 +RIP: 0010:kobject_add_internal+0x3f6/0xbc0 lib/kobject.c:242 +RSP: 0018:ffff8801bf816900 EFLAGS: 00010282 +RAX: 0000000000000040 RBX: ffff8801c09b4620 RCX: 0000000000000000 +RDX: 0000000000000040 RSI: ffffffff8158d38e RDI: ffffed0037f02d14 +RBP: ffff8801bf8169f8 R08: ffff8801bf816070 R09: 0000000000000000 +R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10037f02d26 +R13: 00000000fffffff4 R14: ffff8801cb9b0b30 R15: ffff8801cd01c000 + kobject_add_varg lib/kobject.c:366 [inline] + kobject_init_and_add+0xf9/0x150 lib/kobject.c:438 + br_add_if+0x786/0x1990 net/bridge/br_if.c:533 + br_add_slave+0x29/0x30 net/bridge/br_device.c:349 + do_set_master+0x19c/0x1f0 net/core/rtnetlink.c:1986 + do_setlink+0xa98/0x38e0 net/core/rtnetlink.c:2119 + rtnl_newlink+0xf0d/0x1a40 net/core/rtnetlink.c:2661 + rtnetlink_rcv_msg+0x733/0x1090 net/core/rtnetlink.c:4301 + netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2409 + rtnetlink_rcv+0x1c/0x20 net/core/rtnetlink.c:4313 + netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] + netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 + netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 + sock_sendmsg_nosec net/socket.c:633 [inline] + sock_sendmsg+0xca/0x110 net/socket.c:643 + sock_write_iter+0x320/0x5e0 net/socket.c:912 + call_write_iter include/linux/fs.h:1770 [inline] + do_iter_readv_writev+0x531/0x7f0 fs/read_write.c:673 + do_iter_write+0x15a/0x540 fs/read_write.c:952 + vfs_writev+0x18a/0x340 fs/read_write.c:997 + do_writev+0xfc/0x2a0 fs/read_write.c:1032 + SYSC_writev fs/read_write.c:1105 [inline] + SyS_writev+0x27/0x30 fs/read_write.c:1102 + entry_SYSCALL_64_fastpath+0x1f/0xbe +RIP: 0033:0x4520a9 +RSP: 002b:00007f4633db3c08 EFLAGS: 00000216 ORIG_RAX: 0000000000000014 +RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 +RDX: 0000000000000001 RSI: 00000000205d9000 RDI: 0000000000000005 +RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 +R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004b6c37 +R13: 00007f4633db3b48 R14: 00000000004b6c47 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/guilty/32 b/pkg/report/testdata/linux/guilty/32 new file mode 100644 index 000000000..15420b982 --- /dev/null +++ b/pkg/report/testdata/linux/guilty/32 @@ -0,0 +1,57 @@ +FILE: net/tipc/name_table.c + +list_del corruption. prev->next should be 00000000bc6553ca, but was 0000000038fa8131 +------------[ cut here ]------------ +kernel BUG at lib/list_debug.c:53! +invalid opcode: 0000 [#1] SMP KASAN +Dumping ftrace buffer: + (ftrace buffer empty) +Modules linked in: +CPU: 1 PID: 3200 Comm: syz-executor4 Not tainted 4.15.0-rc8+ #264 +Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +RIP: 0010:__list_del_entry_valid+0xef/0x150 lib/list_debug.c:51 +RSP: 0018:ffff8801be95eb20 EFLAGS: 00010286 +RAX: 0000000000000054 RBX: ffff8801d359f240 RCX: 0000000000000000 +RDX: 0000000000000054 RSI: 1ffff10039af2dca RDI: ffffed0037d2bd58 +RBP: ffff8801be95eb38 R08: 1ffff10037d2bcfc R09: 0000000000000000 +R10: ffff8801be95ea00 R11: 0000000000000000 R12: ffff8801d50e4900 +R13: ffff8801be95ecd8 R14: ffff8801c29ac860 R15: ffff8801bd76aa80 +FS: 00007f70eee26700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +CR2: 00000000010bad18 CR3: 0000000006822006 CR4: 00000000001606e0 +Call Trace: + __list_del_entry include/linux/list.h:117 [inline] + list_del_init include/linux/list.h:159 [inline] + tipc_nametbl_unsubscribe+0x318/0x990 net/tipc/name_table.c:851 + tipc_subscrb_subscrp_delete+0x1e9/0x460 net/tipc/subscr.c:208 + tipc_subscrb_delete net/tipc/subscr.c:238 [inline] + tipc_subscrb_release_cb+0x17/0x30 net/tipc/subscr.c:316 + tipc_close_conn+0x171/0x270 net/tipc/server.c:204 + tipc_topsrv_kern_unsubscr+0x213/0x340 net/tipc/server.c:532 + tipc_group_delete+0x2c0/0x3d0 net/tipc/group.c:206 + tipc_sk_leave+0x10b/0x200 net/tipc/socket.c:2780 + tipc_release+0x154/0xfe0 net/tipc/socket.c:575 + sock_release+0x8d/0x1e0 net/socket.c:602 + sock_close+0x16/0x20 net/socket.c:1131 + __fput+0x327/0x7e0 fs/file_table.c:210 + ____fput+0x15/0x20 fs/file_table.c:244 + task_work_run+0x199/0x270 kernel/task_work.c:113 + exit_task_work include/linux/task_work.h:22 [inline] + do_exit+0x9bb/0x1ad0 kernel/exit.c:865 + do_group_exit+0x149/0x400 kernel/exit.c:968 + get_signal+0x73f/0x16c0 kernel/signal.c:2335 + do_signal+0x90/0x1eb0 arch/x86/kernel/signal.c:809 + exit_to_usermode_loop+0x214/0x310 arch/x86/entry/common.c:158 + prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] + syscall_return_slowpath+0x490/0x550 arch/x86/entry/common.c:264 + entry_SYSCALL_64_fastpath+0x9e/0xa0 +RIP: 0033:0x452df9 +RSP: 002b:00007f70eee25c88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452df9 +RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +RBP: 0000000000000573 R08: 0000000000000000 R09: 0000000000000000 +R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 +R13: 0000000000000014 R14: 00007f70eee266d4 R15: ffffffffffffffff +Code: 4c 89 e2 48 c7 c7 c0 fb e0 85 e8 95 26 fe fe 0f 0b 48 c7 c7 20 fc e0 85 e8 87 26 fe fe 0f 0b 48 c7 c7 80 fc e0 85 e8 79 26 fe fe <0f> 0b 48 c7 c7 e0 fc e0 85 e8 6b 26 fe fe 0f 0b 48 89 df 48 89 +RIP: __list_del_entry_valid+0xef/0x150 lib/list_debug.c:51 RSP: ffff8801be95eb20 +---[ end trace 0c495e0cee371de9 ]--- diff --git a/pkg/report/testdata/linux/report/0 b/pkg/report/testdata/linux/report/0 index 9dd9c834b..7e92c7be8 100644 --- a/pkg/report/testdata/linux/report/0 +++ b/pkg/report/testdata/linux/report/0 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel paging request in __memset +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 772.918915] BUG: unable to handle kernel paging request at ffff88002bde1e40 diff --git a/pkg/report/testdata/linux/report/100 b/pkg/report/testdata/linux/report/100 index 3027f7872..5016e3bad 100644 --- a/pkg/report/testdata/linux/report/100 +++ b/pkg/report/testdata/linux/report/100 @@ -1,4 +1,4 @@ -TITLE: general protection fault +TITLE: general protection fault: 0000 [#1] SMP KASAN CORRUPTED: Y [ 1722.511384] kasan: CONFIG_KASAN_INLINE enabled diff --git a/pkg/report/testdata/linux/report/102 b/pkg/report/testdata/linux/report/102 index fd88c7392..74473eac3 100644 --- a/pkg/report/testdata/linux/report/102 +++ b/pkg/report/testdata/linux/report/102 @@ -1,4 +1,4 @@ -TITLE: BUG: bad unlock balance +TITLE: BUG: bad unlock balance detected! ] CORRUPTED: Y [ 46.415093] syz2: link speed 10 Mbps diff --git a/pkg/report/testdata/linux/report/103 b/pkg/report/testdata/linux/report/103 index dcfedf133..727ff8dfa 100644 --- a/pkg/report/testdata/linux/report/103 +++ b/pkg/report/testdata/linux/report/103 @@ -1,4 +1,4 @@ -TITLE: divide error +TITLE: divide error: 0000 [#1] SMP KASAN CORRUPTED: Y [ 89.659427] netlink: 13 bytes leftover after parsing attributes in process syz-executor5'. diff --git a/pkg/report/testdata/linux/report/11 b/pkg/report/testdata/linux/report/11 index 68ad9467c..f4a92fff0 100644 --- a/pkg/report/testdata/linux/report/11 +++ b/pkg/report/testdata/linux/report/11 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel paging request +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 1581.999813] BUG: unable to handle kernel paging request at ffffea0000f0e440 diff --git a/pkg/report/testdata/linux/report/110 b/pkg/report/testdata/linux/report/110 index b31e7b2d8..65055e371 100644 --- a/pkg/report/testdata/linux/report/110 +++ b/pkg/report/testdata/linux/report/110 @@ -1,4 +1,4 @@ -TITLE: KASAN: slab-out-of-bounds Read in __lock_acquire +TITLE: KASAN: slab-out-of-bounds Read in sg_remove_request [ 190.154802] ================================================================== [ 190.154802] BUG: KASAN: slab-out-of-bounds in __lock_acquire+0x2eff/0x3640 at addr ffff8801a751e6f8 diff --git a/pkg/report/testdata/linux/report/112 b/pkg/report/testdata/linux/report/112 index 55161b059..75a5ccb40 100644 --- a/pkg/report/testdata/linux/report/112 +++ b/pkg/report/testdata/linux/report/112 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel NULL pointer dereference +TITLE: BUG: unable to handle kernel NULL pointer dereference in process_one_work [ 190.154802] BUG: unable to handle kernel NULL pointer dereference at 0000000000000286 [ 190.154802] IP: 0x286 diff --git a/pkg/report/testdata/linux/report/114 b/pkg/report/testdata/linux/report/114 index 1661d39dc..24077a2ef 100644 --- a/pkg/report/testdata/linux/report/114 +++ b/pkg/report/testdata/linux/report/114 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage +TITLE: WARNING: suspicious RCU usage CORRUPTED: Y [ 161.498638] ============================= diff --git a/pkg/report/testdata/linux/report/115 b/pkg/report/testdata/linux/report/115 index 93c7016fa..32110e1bd 100644 --- a/pkg/report/testdata/linux/report/115 +++ b/pkg/report/testdata/linux/report/115 @@ -1,5 +1,4 @@ -TITLE: BUG: bad unlock balance in dump_stack -CORRUPTED: Y +TITLE: BUG: bad unlock balance in ipmr_mfc_seq_stop [ 76.640408] binder: undelivered TRANSACTION_ERROR: 29189 [ 76.649866] [ BUG: bad unlock balance detected! ] diff --git a/pkg/report/testdata/linux/report/126 b/pkg/report/testdata/linux/report/126 index 2d1c6fbde..197cc7d41 100644 --- a/pkg/report/testdata/linux/report/126 +++ b/pkg/report/testdata/linux/report/126 @@ -1,6 +1,7 @@ -TITLE: unreferenced object +TITLE: BUG: memory leak CORRUPTED: Y -[0.0] unreferenced object -[0.0] backtrace: -[0.0] +2018/01/09 14:28:48 BUG: memory leak +unreferenced object + backtrace: + diff --git a/pkg/report/testdata/linux/report/134 b/pkg/report/testdata/linux/report/134 index 170419cfe..6d755c841 100644 --- a/pkg/report/testdata/linux/report/134 +++ b/pkg/report/testdata/linux/report/134 @@ -1,5 +1,4 @@ -TITLE: BUG: using __this_cpu_read() in preemptible code -CORRUPTED: Y +TITLE: BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state [ 45.818290] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/6729 [ 45.826891] caller is __this_cpu_preempt_check+0x1c/0x20 diff --git a/pkg/report/testdata/linux/report/136 b/pkg/report/testdata/linux/report/136 index dca96557d..f2267e640 100644 --- a/pkg/report/testdata/linux/report/136 +++ b/pkg/report/testdata/linux/report/136 @@ -1,6 +1,5 @@ -# TODO: this must be marked as corrupted: stack is truncated and the guilty -# function must be the next one after check_preemption_disabled. -TITLE: BUG: using __this_cpu_read() in preemptible code in check_preemption_disabled +TITLE: BUG: using __this_cpu_read() in preemptible [ADDR] code: syz-executor +CORRUPTED: Y [ 62.873963] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor7/11203 [ 62.882637] caller is __this_cpu_preempt_check+0x1c/0x20 diff --git a/pkg/report/testdata/linux/report/137 b/pkg/report/testdata/linux/report/137 index 1397b26b7..b66e057c7 100644 --- a/pkg/report/testdata/linux/report/137 +++ b/pkg/report/testdata/linux/report/137 @@ -1,5 +1,4 @@ -# TODO: this should be "in ipcomp_init_state" -TITLE: BUG: using __this_cpu_read() in preemptible code in __this_cpu_preempt_check +TITLE: BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state [ 45.718728] BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor6/6976 [ 45.727291] caller is __this_cpu_preempt_check+0x1c/0x20 @@ -10,7 +9,9 @@ TITLE: BUG: using __this_cpu_read() in preemptible code in __this_cpu_preempt_ch [ 45.765691] ffffffff81df79f4 ffff8801ce54f730 ffffffff83f42ec0 dffffc0000000000 [ 45.773790] Call Trace: [ 45.776364] [] dump_stack+0xc1/0x128 +[ 45.793029] sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; [ 45.781730] [] check_preemption_disabled+0x1d4/0x200 +[ 45.793029] program syz-executor0 not setting count and/or reply_len properly [ 45.788474] [] __this_cpu_preempt_check+0x1c/0x20 [ 45.793029] sg_write: data in/out 327644/32 bytes for SCSI command 0x4-- guessing data in; [ 45.793029] program syz-executor0 not setting count and/or reply_len properly diff --git a/pkg/report/testdata/linux/report/138 b/pkg/report/testdata/linux/report/138 index 455e44960..8cb418200 100644 --- a/pkg/report/testdata/linux/report/138 +++ b/pkg/report/testdata/linux/report/138 @@ -1,5 +1,5 @@ -# TODO: this must be marked as corrupted -TITLE: INFO: task hung in __schedule +TITLE: INFO: task syz-executor blocked for more than 120 seconds. +CORRUPTED: Y [ 369.632194] INFO: task syz-executor1:12659 blocked for more than 120 seconds. [ 369.639544] Not tainted 4.15.0-rc2+ #152 diff --git a/pkg/report/testdata/linux/report/139 b/pkg/report/testdata/linux/report/139 index 051deba88..71fa0e91b 100644 --- a/pkg/report/testdata/linux/report/139 +++ b/pkg/report/testdata/linux/report/139 @@ -1,5 +1,4 @@ -# TODO: this must be "in hash_sendmsg" -TITLE: BUG: unable to handle kernel paging request +TITLE: BUG: unable to handle kernel paging request in hash_sendmsg [ 70.687256] sctp: [Deprecated]: syz-executor5 (pid 16777) Use of int in maxseg socket option. [ 70.687256] Use struct sctp_assoc_value instead diff --git a/pkg/report/testdata/linux/report/142 b/pkg/report/testdata/linux/report/142 index 011905e95..eb583169b 100644 --- a/pkg/report/testdata/linux/report/142 +++ b/pkg/report/testdata/linux/report/142 @@ -1,4 +1,3 @@ -# TODO: this is not actually corrupted. TITLE: WARNING in __switch_to CORRUPTED: Y diff --git a/pkg/report/testdata/linux/report/143 b/pkg/report/testdata/linux/report/143 index 646a58f7e..8d70a82dc 100644 --- a/pkg/report/testdata/linux/report/143 +++ b/pkg/report/testdata/linux/report/143 @@ -1,42 +1,25 @@ -# TODO: this does not look corrupted, we should allow output before kernel output. -# This also happens with login prompt. TITLE: kernel panic: Attempted to kill init! -CORRUPTED: Y -INIT: PANIC: segmentation violation! sleeping for 30 s[ 30.441874] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b -[ 30.441874] -econds. -[ 30.451507] CPU: 1 PID: 1 Comm: init Not tainted 4.15.0-rc3-next-20171214+ #67 -[ 30.459608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 -[ 30.468929] Call Trace: -[ 30.471489] __dump_stack lib/dump_stack.c:17 [inline] -[ 30.471489] dump_stack+0xe9/0x14b lib/dump_stack.c:53 -[ 30.475002] panic+0x10e/0x2f8 kernel/panic.c:183 -[ 30.478170] ? find_child_reaper kernel/exit.c:578 [inline] -[ 30.478170] ? forget_original_parent kernel/exit.c:674 [inline] -[ 30.478170] ? exit_notify kernel/exit.c:710 [inline] -[ 30.478170] ? do_exit+0x1036/0x1050 kernel/exit.c:889 -[ 30.481855] find_child_reaper kernel/exit.c:578 [inline] -[ 30.481855] forget_original_parent kernel/exit.c:674 [inline] -[ 30.481855] exit_notify kernel/exit.c:710 [inline] -[ 30.481855] do_exit+0x1045/0x1050 kernel/exit.c:889 -[ 30.485372] do_group_exit+0x60/0x100 kernel/exit.c:972 -[ 30.489145] get_signal+0x36c/0xad0 kernel/signal.c:2337 -[ 30.492752] do_signal+0x23/0x670 arch/x86/kernel/signal.c:809 -[ 30.496177] ? __bad_area_nosemaphore+0x149/0x270 arch/x86/mm/fault.c:931 -[ 30.500997] ? __do_page_fault+0x246/0x6b0 arch/x86/mm/fault.c:1409 -[ 30.505208] exit_to_usermode_loop+0x13c/0x160 arch/x86/entry/common.c:161 -[ 30.509758] prepare_exit_to_usermode+0x102/0x110 arch/x86/entry/common.c:195 -[ 30.514569] ? page_fault+0x36/0x60 arch/x86/entry/entry_64.S:1243 -[ 30.518165] retint_user+0x8/0x18 -[ 30.521584] RIP: 0033: (null) -[ 30.525439] RSP: 002b:00007fff53eb9f30 EFLAGS: 00010286 -[ 30.530772] RAX: ffffffffffffffff RBX: 00007fe983f5a6a0 RCX: ffffffffffffff00 -[ 30.538012] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000000 -[ 30.545248] RBP: 0000000000000004 R08: 00007fff53eb9f30 R09: 0000000000000001 -[ 30.552488] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff -[ 30.559728] R13: 00007fff53ebacc0 R14: 0000000000000000 R15: 0000000000000000 -[ 30.567500] Dumping ftrace buffer: -[ 30.571039] (ftrace buffer empty) -[ 30.574716] Kernel Offset: disabled -[ 30.578307] Rebooting in 86400 seconds.. +INIT: PANIC: segmentation violation! sleeping for 30 seconds. +[ 19.171696] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b +[ 19.171696] +[ 19.180969] CPU: 1 PID: 1 Comm: init Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 19.188300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 19.197627] Call Trace: +[ 19.200192] dump_stack+0xe9/0x14b +[ 19.203711] panic+0x10e/0x2f8 +[ 19.206877] ? do_exit+0x1036/0x1050 +[ 19.210569] do_exit+0x1045/0x1050 +[ 19.214089] do_group_exit+0x60/0x100 +[ 19.217864] get_signal+0x36c/0xad0 +[ 19.221474] do_signal+0x23/0x670 +[ 19.224911] ? __bad_area_nosemaphore+0x149/0x270 +[ 19.229741] ? __do_page_fault+0x246/0x6b0 +[ 19.233957] exit_to_usermode_loop+0x13c/0x160 +[ 19.238514] prepare_exit_to_usermode+0x102/0x110 +[ 19.243674] ? page_fault+0x36/0x60 +[ 19.247272] retint_user+0x8/0x18 +[ 19.250694] RIP: 0033: (null) +[ 19.254549] RSP: 002b:00007ffe8c9df0b0 EFLAGS: 00010286 +Connection to kasan-2 closed by remote host. +[ 19.259884] RAX: ffffffffffffffff diff --git a/pkg/report/testdata/linux/report/145 b/pkg/report/testdata/linux/report/145 index 9f5cecbb2..6a7348bf7 100644 --- a/pkg/report/testdata/linux/report/145 +++ b/pkg/report/testdata/linux/report/145 @@ -1,5 +1,4 @@ -# TODO: this must be "INFO: rcu detected stall in __xfrm_decode_session" -TITLE: INFO: rcu detected stall in do_softirq +TITLE: INFO: rcu detected stall in __xfrm_decode_session [ 323.830017] INFO: rcu_sched detected stalls on CPUs/tasks: [ 323.835676] (detected by 0, t=125007 jiffies, g=66299, c=66298, q=40) @@ -68,6 +67,7 @@ TITLE: INFO: rcu detected stall in do_softirq [ 324.126371] ? do_timer+0x50/0x50 [ 324.129800] ? do_raw_spin_trylock+0x190/0x190 [ 324.134365] hrtimer_interrupt+0x1c2/0x5e0 +[ 324.172031] ? apic_timer_interrupt+0xa9/0xb0 [ 324.138588] smp_apic_timer_interrupt+0x14a/0x700 [ 324.143401] ? smp_call_function_single_interrupt+0x640/0x640 [ 324.149252] ? smp_call_function_single_interrupt+0x640/0x640 diff --git a/pkg/report/testdata/linux/report/146 b/pkg/report/testdata/linux/report/146 index 8615499b4..da5beb83e 100644 --- a/pkg/report/testdata/linux/report/146 +++ b/pkg/report/testdata/linux/report/146 @@ -1,8 +1,4 @@ -# TODO: this must be "in remove_wait_queue". -# We need to skip all *lock_acquire/release functions, -# as they produce unuseful title and sometimes duplicates for -# __lock_acquire vs perf_trace_lock_acquire. -TITLE: BUG: unable to handle kernel paging request in __lock_acquire +TITLE: BUG: unable to handle kernel paging request in remove_wait_queue [ 19.572672] BUG: unable to handle kernel paging request at 0000000100000137 [ 19.572683] IP: __lock_acquire+0xd8/0x1430 diff --git a/pkg/report/testdata/linux/report/147 b/pkg/report/testdata/linux/report/147 index b6b2eeeeb..12f8f46e3 100644 --- a/pkg/report/testdata/linux/report/147 +++ b/pkg/report/testdata/linux/report/147 @@ -1,5 +1,4 @@ -# TODO: this must be "in remove_wait_queue". See TODO in 146. -TITLE: KASAN: use-after-free Read in __lock_acquire +TITLE: KASAN: use-after-free Read in remove_wait_queue [ 19.121820] ================================================================== [ 19.121834] BUG: KASAN: use-after-free in __lock_acquire+0x3c41/0x3cf0 diff --git a/pkg/report/testdata/linux/report/148 b/pkg/report/testdata/linux/report/148 index 1719364ab..7b4e8556f 100644 --- a/pkg/report/testdata/linux/report/148 +++ b/pkg/report/testdata/linux/report/148 @@ -1,5 +1,4 @@ -# TODO: this must be "in tipc_subscrb_subscrp_delete". See TODO in 146. -TITLE: general protection fault in __lock_acquire +TITLE: general protection fault in tipc_subscrb_subscrp_delete [ 41.864973] kasan: CONFIG_KASAN_INLINE enabled [ 41.869549] kasan: GPF could be caused by NULL-ptr deref or user memory access diff --git a/pkg/report/testdata/linux/report/149 b/pkg/report/testdata/linux/report/149 index 219f1737c..27df468ca 100644 --- a/pkg/report/testdata/linux/report/149 +++ b/pkg/report/testdata/linux/report/149 @@ -1,8 +1,4 @@ -# TODO: Ideally, this should be something like -# "KASAN: use-after-free Read in work_is_static_object in strp_check_rcv" -# because work_is_static_object is a generic function and different bugs -# can manifest this way. -TITLE: KASAN: use-after-free Read in work_is_static_object +TITLE: KASAN: use-after-free Read in __queue_work [ 1140.689311] ================================================================== [ 1140.696784] BUG: KASAN: use-after-free in work_is_static_object+0x39/0x40 diff --git a/pkg/report/testdata/linux/report/150 b/pkg/report/testdata/linux/report/150 index ab9966b84..0c863bcfa 100644 --- a/pkg/report/testdata/linux/report/150 +++ b/pkg/report/testdata/linux/report/150 @@ -1,5 +1,4 @@ -# TODO: This should be "WARNING: held lock freed! in __sk_destruct" -TITLE: WARNING: held lock freed! +TITLE: WARNING: held lock freed in sctp_wait_for_sndbuf [ 25.058100] ========================= [ 25.061864] WARNING: held lock freed! diff --git a/pkg/report/testdata/linux/report/152 b/pkg/report/testdata/linux/report/152 index 78c4ffd91..915a3a826 100644 --- a/pkg/report/testdata/linux/report/152 +++ b/pkg/report/testdata/linux/report/152 @@ -1,4 +1,4 @@ -TITLE: possible deadlock +TITLE: WARNING: possible circular locking dependency detected CORRUPTED: Y [....] Starting enhanced syslogd: rsyslogd[ 12.037795] audit: type=1400 audit(1515564630.515:5): avc: denied { syslog } for pid=3348 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 diff --git a/pkg/report/testdata/linux/report/153 b/pkg/report/testdata/linux/report/153 index d180f4c68..822b2188d 100644 --- a/pkg/report/testdata/linux/report/153 +++ b/pkg/report/testdata/linux/report/153 @@ -1,6 +1,4 @@ -# TODO: this should be "WARNING in kmalloc_slab in relay_open_buf". -# The root cause is in the caller of kmalloc, so lots of bugs gets glued together. -TITLE: WARNING in kmalloc_slab +TITLE: WARNING: kmalloc bug in relay_open_buf syzkaller login: [ 50.946624] WARNING: CPU: 0 PID: 3081 at mm/slab_common.c:971 kmalloc_slab+0x5d/0x70 [ 50.947754] Kernel panic - not syncing: panic_on_warn set ... diff --git a/pkg/report/testdata/linux/report/154 b/pkg/report/testdata/linux/report/154 index 5866a4c7c..3302bdff4 100644 --- a/pkg/report/testdata/linux/report/154 +++ b/pkg/report/testdata/linux/report/154 @@ -1,5 +1,5 @@ -# TODO: this must be detected as corrupted -TITLE: BUG: unable to handle kernel paging request +# TODO: must be corrupted (report in report) +TITLE: BUG: unable to handle kernel paging request in print_address_description [ 85.149573] BUG: unable to handle kernel paging request at ffffffff0001eea6 [ 85.153038] ================================================================== diff --git a/pkg/report/testdata/linux/report/156 b/pkg/report/testdata/linux/report/156 index b4d1bc9e1..5ae5bd04a 100644 --- a/pkg/report/testdata/linux/report/156 +++ b/pkg/report/testdata/linux/report/156 @@ -1,6 +1,4 @@ -# TODO: this does not look corrupted. TITLE: WARNING: bad unlock balance in ipmr_mfc_seq_stop -CORRUPTED: Y [ 123.238569] ===================================== [ 123.243391] WARNING: bad unlock balance detected! diff --git a/pkg/report/testdata/linux/report/157 b/pkg/report/testdata/linux/report/157 index f725b6983..2bd30bafe 100644 --- a/pkg/report/testdata/linux/report/157 +++ b/pkg/report/testdata/linux/report/157 @@ -1,6 +1,4 @@ -# TODO: must be "WARNING in sctp_wfree", or "WARNING in refcount_sub_and_test in sctp_wfree", -# or "WARNING: refcount bug in sctp_wfree". -TITLE: WARNING in refcount_sub_and_test +TITLE: WARNING: refcount bug in sctp_wfree [ 44.461565] refcount_t: underflow; use-after-free. [ 44.466577] ------------[ cut here ]------------ diff --git a/pkg/report/testdata/linux/report/158 b/pkg/report/testdata/linux/report/158 index afe9ccbec..a9768d624 100644 --- a/pkg/report/testdata/linux/report/158 +++ b/pkg/report/testdata/linux/report/158 @@ -1,5 +1,4 @@ -# TODO: must be "WARNING: refcount bug in dev_activate". -TITLE: WARNING in refcount_inc +TITLE: WARNING: refcount bug in dev_activate [ 359.890494] refcount_t: increment on 0; use-after-free. [ 359.914113] ------------[ cut here ]------------ diff --git a/pkg/report/testdata/linux/report/159 b/pkg/report/testdata/linux/report/159 index beef78dd8..e211b1d23 100644 --- a/pkg/report/testdata/linux/report/159 +++ b/pkg/report/testdata/linux/report/159 @@ -1,5 +1,4 @@ -# TODO: must be "WARNING: refcount bug in l2tp_session_register". -TITLE: WARNING in refcount_inc +TITLE: WARNING: refcount bug in l2tp_session_register [ 40.530345] ------------[ cut here ]------------ [ 40.535205] refcount_t: increment on 0; use-after-free. diff --git a/pkg/report/testdata/linux/report/160 b/pkg/report/testdata/linux/report/160 new file mode 100644 index 000000000..678075c7e --- /dev/null +++ b/pkg/report/testdata/linux/report/160 @@ -0,0 +1,112 @@ +TITLE: BUG: unable to handle kernel paging request in __run_timers + +[ 190.751093] BUG: unable to handle kernel paging request at ffffffffffffffff +[ 190.757101] IP: 0xffffffffffffffff +[ 190.757101] PGD 7e10067 +[ 190.757101] P4D 7e10067 +[ 190.757101] PUD 7e12067 +[ 190.757101] PMD 0 +[ 190.757101] +[ 190.757101] Oops: 0010 [#1] SMP +[ 190.757101] Dumping ftrace buffer: +[ 190.757101] (ftrace buffer empty) +[ 190.757101] Modules linked in: +[ 190.757101] CPU: 1 PID: 12327 Comm: syz-executor5 Tainted: G B 4.13.0+ #35 +[ 190.757101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 190.757101] task: ffff8801deb8d880 task.stack: ffff8801aa900000 +[ 190.757101] RIP: 0010:0xffffffffffffffff +[ 190.757101] RSP: 0018:ffff88021fd07d10 EFLAGS: 00010006 +[ 190.757101] RAX: 0000000000000000 RBX: 0000000080000100 RCX: 0000000000000000 +[ 190.757101] RDX: ffff8802030b2f48 RSI: aaaaaaaaaaaab000 RDI: ffffffffffffffff +[ 190.757101] RBP: ffff88021fd07d90 R08: 0000000001080020 R09: 0000000000000002 +[ 190.757101] R10: ffff88021fd07cc8 R11: 0000000000000000 R12: ffffffffffffffff +[ 190.757101] R13: ffffffff885293b0 R14: 0000000000000000 R15: ffff88021fd19b48 +[ 190.757101] FS: 00007f80206db700(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 +[ 190.757101] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 190.757101] CR2: ffffffffffffffff CR3: 0000000007e0f000 CR4: 00000000001406e0 +[ 190.757101] DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 190.757101] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 +[ 190.757101] Call Trace: +[ 190.757101] +[ 190.757101] ? call_timer_fn+0x2b1/0x630 +[ 190.757101] __run_timers+0xeef/0x1390 +[ 190.757101] ? irq_exit+0x203/0x240 +[ 190.757101] run_timer_softirq+0x45/0xb0 +[ 190.757101] ? timers_dead_cpu+0xef0/0xef0 +[ 190.757101] __do_softirq+0x5bb/0xa08 +[ 190.757101] irq_exit+0x203/0x240 +[ 190.757101] exiting_irq+0xe/0x10 +[ 190.757101] smp_apic_timer_interrupt+0x5a/0x80 +[ 190.757101] apic_timer_interrupt+0x86/0x90 +[ 190.757101] RIP: 0010:kmsan_get_origin_address_noruntime+0x163/0x260 +[ 190.757101] RSP: 0018:ffff8801aa906f20 EFLAGS: 00000297 ORIG_RAX: ffffffffffffff10 +[ 190.757101] RAX: ffff88022a907120 RBX: 0000000000000000 RCX: ffffea0000000000 +[ 190.757101] RDX: 000077ff80000000 RSI: 0000000000000000 RDI: ffff8801aa907120 +[ 190.757101] RBP: ffff8801aa906f58 R08: 0000000001080020 R09: 0000000000000002 +[ 190.757101] R10: ffff8801aa906ff8 R11: 000000008022000e R12: 0000000000000004 +[ 190.757101] R13: 00000000f780000e R14: ffff8801aa907120 R15: 0000000000000000 +[ 190.757101] +[ 190.757101] kmsan_set_origin_inline+0x6b/0x120 +[ 190.757101] __msan_poison_alloca+0x15c/0x1d0 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] ? kfree+0x7f/0x2f40 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] ? __msan_get_context_state+0x20/0xf0 +[ 190.757101] ? kernfs_put+0x759/0xc40 +[ 190.757101] kfree+0x7f/0x2f40 +[ 190.757101] ? kernfs_put+0x7e8/0xc40 +[ 190.757101] ? kmsan_set_origin_inline+0x6b/0x120 +[ 190.757101] ? __msan_poison_alloca+0x15c/0x1d0 +[ 190.757101] ? __kernfs_remove+0x12a2/0x13a0 +[ 190.757101] kernfs_put+0x759/0xc40 +[ 190.757101] ? _cond_resched+0x2b/0xc0 +[ 190.757101] __kernfs_remove+0x12a2/0x13a0 +[ 190.757101] ? kernfs_find_ns+0x974/0x9e0 +[ 190.757101] kernfs_remove_by_name_ns+0x115/0x200 +[ 190.757101] sysfs_remove_group+0x38c/0x770 +[ 190.757101] netdev_queue_update_kobjects+0x754/0x870 +[ 190.757101] netdev_unregister_kobject+0x231/0x340 +[ 190.757101] rollback_registered_many+0x150c/0x1ab0 +[ 190.757101] unregister_netdevice_queue+0x55e/0xa80 +[ 190.757101] __tun_detach+0x1681/0x2070 +[ 190.757101] ? __msan_get_context_state+0x20/0xf0 +[ 190.757101] tun_chr_close+0x6a/0xb0 +[ 190.757101] __fput+0x49a/0xc10 +[ 190.757101] ____fput+0x37/0x40 +[ 190.757101] ? fput+0x2d0/0x2d0 +[ 190.757101] task_work_run+0x193/0x300 +[ 190.757101] do_exit+0x1217/0x3f20 +[ 190.757101] ? __msan_metadata_ptr_for_store_4+0x13/0x20 +[ 190.757101] ? dequeue_signal+0x356/0xb70 +[ 190.757101] do_group_exit+0x1d3/0x3b0 +[ 190.757101] get_signal+0x17ad/0x2150 +[ 190.757101] ? syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] ? syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] do_signal+0xb7/0x1c70 +[ 190.757101] ? put_task_struct+0x41/0xd0 +[ 190.757101] ? __msan_metadata_ptr_for_load_8+0x10/0x20 +[ 190.757101] ? balance_callback+0x4a/0x2c0 +[ 190.757101] ? finish_task_switch+0x15e/0x230 +[ 190.757101] ? __schedule+0x6dd/0x780 +[ 190.757101] ? schedule+0x1dc/0x320 +[ 190.757101] ? __msan_metadata_ptr_for_load_1+0x10/0x20 +[ 190.757101] ? syscall_return_slowpath+0x31a/0x9d0 +[ 190.757101] syscall_return_slowpath+0x2fb/0x9d0 +[ 190.757101] ? SyS_futex+0x89/0xb0 +[ 190.757101] entry_SYSCALL_64_fastpath+0x92/0x94 +[ 190.757101] RIP: 0033:0x452cf9 +[ 190.757101] RSP: 002b:00007f80206dac88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 190.757101] RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452cf9 +[ 190.757101] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +[ 190.757101] RBP: 0000000000000355 R08: 0000000000000000 R09: 0000000000000355 +[ 190.757101] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006f3098 +[ 190.757101] R13: 00000000ffffffff R14: 00007f80206db6d4 R15: 0000000000000000 +[ 190.757101] Code: Bad RIP value. +[ 190.757101] RIP: 0xffffffffffffffff RSP: ffff88021fd07d10 +[ 190.757101] CR2: ffffffffffffffff +[ 190.757101] ---[ end trace fec0af60af9149a6 ]--- +[ 190.757101] Kernel panic - not syncing: Fatal exception in interrupt +[ 190.757101] Dumping ftrace buffer: +[ 190.757101] (ftrace buffer empty) +[ 190.757101] Kernel Offset: disabled +[ 190.757101] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/161 b/pkg/report/testdata/linux/report/161 new file mode 100644 index 000000000..3ac9dce57 --- /dev/null +++ b/pkg/report/testdata/linux/report/161 @@ -0,0 +1,90 @@ +TITLE: WARNING: locking bug in destroy_unused_super + +[ 151.124617] ------------[ cut here ]------------ +[ 151.124619] DEBUG_LOCKS_WARN_ON(depth <= 0) +[ 151.124680] WARNING: CPU: 1 PID: 21689 at kernel/locking/lockdep.c:3676 lock_release+0x6e6/0xa40 +[ 151.124684] Kernel panic - not syncing: panic_on_warn set ... +[ 151.124684] +[ 151.124689] CPU: 1 PID: 21689 Comm: syz-executor4 Not tainted 4.15.0-rc3+ #224 +[ 151.124693] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 151.124694] Call Trace: +[ 151.124702] dump_stack+0x194/0x257 +[ 151.124711] ? arch_local_irq_restore+0x53/0x53 +[ 151.124719] ? vsnprintf+0x1ed/0x1900 +[ 151.124727] panic+0x1e4/0x41c +[ 151.124734] ? refcount_error_report+0x214/0x214 +[ 151.124741] ? show_regs_print_info+0x18/0x18 +[ 151.124749] ? __warn+0x1c1/0x200 +[ 151.124757] ? lock_release+0x6e6/0xa40 +[ 151.124763] __warn+0x1dc/0x200 +[ 151.124769] ? lock_release+0x6e6/0xa40 +[ 151.124778] report_bug+0x211/0x2d0 +[ 151.124788] fixup_bug.part.11+0x37/0x80 +[ 151.124795] do_error_trap+0x2d7/0x3e0 +[ 151.124803] ? math_error+0x400/0x400 +[ 151.124809] ? vprintk_emit+0x3ea/0x590 +[ 151.124822] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 151.124834] do_invalid_op+0x1b/0x20 +[ 151.124841] invalid_op+0x18/0x20 +[ 151.124847] RIP: 0010:lock_release+0x6e6/0xa40 +[ 151.124850] RSP: 0018:ffff8801c829f780 EFLAGS: 00010086 +[ 151.124856] RAX: dffffc0000000008 RBX: ffffffff8747a180 RCX: ffffffff8159a88e +[ 151.124860] RDX: 0000000000010000 RSI: ffffc90002835000 RDI: 0000000000000000 +[ 151.124863] RBP: ffff8801c829f8b0 R08: 0000000000000001 R09: 0000000000000000 +[ 151.124866] R10: 0000000000000000 R11: fffffbfff0e872ef R12: ffff8801c829f888 +[ 151.124869] R13: ffff8801d09980c0 R14: ffff8801c829f7c8 R15: 1ffff10039053ef5 +[ 151.124878] ? vprintk_func+0x5e/0xc0 +[ 151.124889] ? destroy_unused_super.part.7+0x18/0xd0 +[ 151.124896] ? lock_downgrade+0x980/0x980 +[ 151.124904] ? __kmalloc+0x46e/0x760 +[ 151.124911] ? lockdep_init_map+0x9/0x10 +[ 151.124918] ? up_read+0x1a/0x40 +[ 151.124924] ? memcg_put_cache_ids+0x10/0x20 +[ 151.124933] ? __list_lru_init+0x35c/0x750 +[ 151.124941] up_write+0x6b/0x120 +[ 151.124947] ? up_read+0x40/0x40 +[ 151.124954] ? __lockdep_init_map+0xe4/0x650 +[ 151.124963] destroy_unused_super.part.7+0x18/0xd0 +[ 151.124969] sget_userns+0x909/0xe20 +[ 151.124975] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.124984] ? destroy_unused_super.part.7+0xd0/0xd0 +[ 151.124991] ? cred_has_capability+0x1a0/0x3d0 +[ 151.124998] ? selinux_ipv4_output+0x40/0x40 +[ 151.125013] ? free_pages+0x51/0x90 +[ 151.125021] ? selinux_sb_copy_data+0x403/0x610 +[ 151.125030] ? selinux_capable+0x36/0x40 +[ 151.125039] ? security_capable+0x8e/0xc0 +[ 151.125046] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.125051] ? ns_capable_common+0xcf/0x160 +[ 151.125058] ? get_anon_bdev+0x2a0/0x2a0 +[ 151.125064] sget+0xd2/0x120 +[ 151.125070] ? __get_fs_type+0x8a/0xc0 +[ 151.125077] ? shmem_remount_fs+0x6c0/0x6c0 +[ 151.125084] mount_nodev+0x37/0x100 +[ 151.125091] shmem_mount+0x2c/0x40 +[ 151.125098] mount_fs+0x66/0x2d0 +[ 151.125107] vfs_kern_mount.part.26+0xc6/0x4a0 +[ 151.125115] ? may_umount+0xa0/0xa0 +[ 151.125121] ? _raw_read_unlock+0x22/0x30 +[ 151.125127] ? __get_fs_type+0x8a/0xc0 +[ 151.125135] do_mount+0xea4/0x2bb0 +[ 151.125144] ? copy_mount_string+0x40/0x40 +[ 151.125150] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 151.125157] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 151.125165] ? retint_kernel+0x10/0x10 +[ 151.125174] ? copy_mount_options+0x18b/0x2e0 +[ 151.125182] ? copy_mount_options+0x190/0x2e0 +[ 151.125188] ? copy_mount_options+0x1f4/0x2e0 +[ 151.125195] SyS_mount+0xab/0x120 +[ 151.125202] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 151.125205] RIP: 0033:0x452a39 +[ 151.125208] RSP: 002b:00007f207292dc58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 +[ 151.125214] RAX: ffffffffffffffda RBX: 00007f207292daa0 RCX: 0000000000452a39 +[ 151.125217] RDX: 00000000204df000 RSI: 00000000209e5000 RDI: 00000000209dd000 +[ 151.125220] RBP: 00007f207292da90 R08: 0000000020000000 R09: 0000000000000000 +[ 151.125222] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b75fb +[ 151.125225] R13: 00007f207292dbc8 R14: 00000000004b75fb R15: 0000000000000000 +[ 151.125609] Dumping ftrace buffer: +[ 151.125612] (ftrace buffer empty) +[ 151.125614] Kernel Offset: disabled +[ 151.833421] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/162 b/pkg/report/testdata/linux/report/162 new file mode 100644 index 000000000..34bcb6394 --- /dev/null +++ b/pkg/report/testdata/linux/report/162 @@ -0,0 +1,63 @@ +TITLE: general protection fault in sg_remove_request + +[ 27.258999] ================================================================== +[ 27.260623] kasan: CONFIG_KASAN_INLINE enabled +[ 27.260630] kasan: GPF could be caused by NULL-ptr deref or user memory access +[ 27.260634] general protection fault: 0000 [#1] PREEMPT SMP KASAN +[ 27.260638] Dumping ftrace buffer: +[ 27.260641] (ftrace buffer empty) +[ 27.260644] Modules linked in: +[ 27.260651] CPU: 1 PID: 3377 Comm: syzkaller685434 Not tainted 4.4.107-g610c835 #4 +[ 27.260654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 27.260658] task: ffff8800b823c740 task.stack: ffff8801d94c8000 +[ 27.260671] RIP: 0010:[] [] __lock_acquire+0x61f/0x4b50 +[ 27.260675] RSP: 0018:ffff8801d94cf880 EFLAGS: 00010086 +[ 27.260678] RAX: dffffc0000000000 RBX: dead4ead00000000 RCX: ffffffff81237ade +[ 27.260682] RDX: 1ffff1003a313890 RSI: 0000000000000008 RDI: ffff8801d189c480 +[ 27.260685] RBP: ffff8801d94cfa20 R08: 0000000000000001 R09: 0000000000000001 +[ 27.260688] R10: 0000000000000001 R11: 1ffff1003b299f22 R12: 0000000000000000 +[ 27.260692] R13: ffff8800b823c740 R14: ffff8801d189c478 R15: 0000000000000000 +[ 27.260697] FS: 0000000000000000(0000) GS:ffff8801db300000(0063) knlGS:00000000f47d3b40 +[ 27.260701] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 +[ 27.260704] CR2: 00000000206f6000 CR3: 00000001d0a15000 CR4: 00000000001406e0 +[ 27.260713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 27.260717] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 27.260718] Stack: +[ 27.260725] ffff8801d0ee0818 ffff8800b4b59d90 ffff8801d94cfa00 ffffffff8149e232 +[ 27.260733] ffff8801d94cf8b0 ffffffff00000000 ffff8800b823c740 ffff8800b823cfb0 +[ 27.260739] 0000000000000288 ffff8800b823c740 0000000000000002 0000000000000002 +[ 27.260741] Call Trace: +[ 27.260751] [] ? handle_mm_fault+0x3f2/0x3190 +[ 27.260758] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260764] [] ? vmacache_update+0xfe/0x130 +[ 27.260772] [] ? __do_page_fault+0x380/0xa00 +[ 27.260778] [] lock_acquire+0x15e/0x460 +[ 27.260787] [] ? sg_remove_request+0x69/0x110 +[ 27.260794] [] _raw_write_lock_irqsave+0x4e/0x70 +[ 27.260800] [] ? sg_remove_request+0x69/0x110 +[ 27.260806] [] sg_remove_request+0x69/0x110 +[ 27.260813] [] sg_finish_rem_req+0x295/0x340 +[ 27.260819] [] sg_read+0xa21/0x1490 +[ 27.260825] [] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 27.260832] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260838] [] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 27.260845] [] __vfs_read+0x103/0x440 +[ 27.260851] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 27.260857] [] ? vfs_iter_write+0x2d0/0x2d0 +[ 27.260863] [] ? fsnotify+0x5ad/0xee0 +[ 27.260868] [] ? fsnotify+0xee0/0xee0 +[ 27.260877] [] ? avc_policy_seqno+0x9/0x20 +[ 27.260883] [] ? selinux_file_permission+0x348/0x460 +[ 27.260890] [] ? security_file_permission+0x89/0x1e0 +[ 27.260896] [] ? rw_verify_area+0x100/0x2f0 +[ 27.260902] [] vfs_read+0x123/0x3a0 +[ 27.260909] [] SyS_read+0xd9/0x1b0 +[ 27.260915] [] ? do_sendfile+0xd30/0xd30 +[ 27.260922] [] ? do_fast_syscall_32+0xd7/0x890 +[ 27.260928] [] ? do_sendfile+0xd30/0xd30 +[ 27.260933] [] do_fast_syscall_32+0x314/0x890 +[ 27.260940] [] sysenter_flags_fixed+0xd/0x17 +[ 27.261026] Code: 00 fc ff df 44 89 e3 49 8d 7c de 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 b6 37 00 00 49 8b 5c de 08 48 85 db 0f 84 28 fb ff ff ff 83 98 01 00 00 49 8d 85 68 08 00 00 48 89 c2 48 89 44 24 +[ 27.261032] RIP [] __lock_acquire+0x61f/0x4b50 +[ 27.261034] RSP +[ 27.261040] ---[ end trace ba8c3c110e6701ba ]--- diff --git a/pkg/report/testdata/linux/report/163 b/pkg/report/testdata/linux/report/163 new file mode 100644 index 000000000..59d1a43f7 --- /dev/null +++ b/pkg/report/testdata/linux/report/163 @@ -0,0 +1,75 @@ +TITLE: WARNING: locking bug in sg_remove_request + +[ 32.851928] ------------[ cut here ]------------ +[ 32.851948] WARNING: CPU: 1 PID: 4085 at kernel/locking/lockdep.c:3190 __lock_acquire+0x23b3/0x4b50() +[ 32.851955] DEBUG_LOCKS_WARN_ON(id >= MAX_LOCKDEP_KEYS) +[ 32.851955] Kernel panic - not syncing: panic_on_warn set ... +[ 32.851955] +[ 32.851963] CPU: 1 PID: 4085 Comm: syzkaller160734 Not tainted 4.4.107-g79f138a #2 +[ 32.851967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 32.851976] 0000000000000000 fac66347bd2b1d29 ffff8800b6a470c0 ffffffff81d03a1d +[ 32.851983] ffffffff838429a0 ffff8800b6a47198 ffffffff83854820 0000000000000009 +[ 32.851990] 0000000000000c76 ffff8800b6a47188 ffffffff81416dca 0000000041b58ab3 +[ 32.851992] Call Trace: +[ 32.852004] [] dump_stack+0xc1/0x124 +[ 32.852013] [] panic+0x1aa/0x388 +[ 32.852020] [] ? percpu_up_read.constprop.46+0xe1/0xe1 +[ 32.852028] [] ? warn_slowpath_common+0x10a/0x140 +[ 32.852034] [] warn_slowpath_common+0x125/0x140 +[ 32.852039] [] ? __lock_acquire+0x23b3/0x4b50 +[ 32.852045] [] warn_slowpath_fmt+0xc1/0x110 +[ 32.852051] [] ? warn_slowpath_common+0x140/0x140 +[ 32.852056] [] ? save_trace+0xe0/0x270 +[ 32.852064] [] ? dump_trace+0x14c/0x350 +[ 32.852069] [] ? mark_lock+0x45e/0xfd0 +[ 32.852075] [] __lock_acquire+0x23b3/0x4b50 +[ 32.852083] [] ? save_stack+0xa3/0xd0 +[ 32.852092] [] ? save_stack_trace+0x26/0x50 +[ 32.852098] [] ? save_stack+0x43/0xd0 +[ 32.852104] [] ? kasan_kmalloc+0xad/0xe0 +[ 32.852110] [] ? kmem_cache_alloc_trace+0x100/0x2b0 +[ 32.852119] [] ? sg_read+0xb48/0x1490 +[ 32.852125] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852131] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852137] [] ? vfs_readv+0x78/0xb0 +[ 32.852146] [] ? default_file_splice_read+0x4fa/0x8e0 +[ 32.852152] [] ? do_splice_to+0xf5/0x140 +[ 32.852158] [] ? SyS_splice+0x1009/0x14b0 +[ 32.852164] [] ? do_fast_syscall_32+0x314/0x890 +[ 32.852171] [] ? sysenter_flags_fixed+0xd/0x17 +[ 32.852177] [] lock_acquire+0x15e/0x460 +[ 32.852183] [] ? sg_remove_request+0x69/0x110 +[ 32.852189] [] ? sg_read+0xb48/0x1490 +[ 32.852196] [] _raw_write_lock_irqsave+0x4e/0x70 +[ 32.852202] [] ? sg_remove_request+0x69/0x110 +[ 32.852208] [] sg_remove_request+0x69/0x110 +[ 32.852214] [] sg_finish_rem_req+0x295/0x340 +[ 32.852219] [] sg_read+0xa21/0x1490 +[ 32.852226] [] ? __check_object_size+0x154/0x35b +[ 32.852231] [] ? 0xffffffff810002b8 +[ 32.852237] [] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852244] [] ? fsnotify+0xee0/0xee0 +[ 32.852252] [] ? avc_policy_seqno+0x9/0x20 +[ 32.852258] [] do_loop_readv_writev+0x141/0x1e0 +[ 32.852265] [] ? security_file_permission+0x89/0x1e0 +[ 32.852275] [] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852281] [] ? sg_proc_seq_show_debug+0xd30/0xd30 +[ 32.852287] [] do_readv_writev+0x5dd/0x6e0 +[ 32.852293] [] ? vfs_write+0x530/0x530 +[ 32.852300] [] ? __alloc_pages_direct_compact+0x250/0x250 +[ 32.852307] [] vfs_readv+0x78/0xb0 +[ 32.852314] [] default_file_splice_read+0x4fa/0x8e0 +[ 32.852321] [] ? generic_file_splice_read+0x1c0/0x1c0 +[ 32.852328] [] ? page_cache_pipe_buf_release+0x70/0x70 +[ 32.852339] [] ? __lock_acquire+0xb5f/0x4b50 +[ 32.852345] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +[ 32.852353] [] ? rw_verify_area+0x100/0x2f0 +[ 32.852359] [] ? generic_file_splice_read+0x1c0/0x1c0 +[ 32.852365] [] do_splice_to+0xf5/0x140 +[ 32.852372] [] SyS_splice+0x1009/0x14b0 +[ 32.852377] [] ? trace_hardirqs_on_caller+0x38b/0x590 +[ 32.852384] [] ? compat_SyS_vmsplice+0x240/0x240 +[ 32.852390] [] ? do_fast_syscall_32+0xd7/0x890 +[ 32.852396] [] ? compat_SyS_vmsplice+0x240/0x240 +[ 32.852402] [] do_fast_syscall_32+0x314/0x890 +[ 32.852408] [] sysenter_flags_fixed+0xd/0x17 diff --git a/pkg/report/testdata/linux/report/164 b/pkg/report/testdata/linux/report/164 new file mode 100644 index 000000000..96545ce05 --- /dev/null +++ b/pkg/report/testdata/linux/report/164 @@ -0,0 +1,69 @@ +TITLE: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath at addr ADDR +CORRUPTED: Y + +[ 46.284905] ================================================================== +** 2977 printk messages dropped ** [ 46.292061] [] ? rw_verify_area+0xbb/0x2c0 +** 3764 printk messages dropped ** [ 46.300984] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5762 printk messages dropped ** [ 46.314596] [] ? do_sendfile+0xf40/0xf40 +** 3692 printk messages dropped ** [ 46.323313] ___slab_alloc.constprop.78+0x4c6/0x530 +** 3400 printk messages dropped ** [ 46.331342] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4922 printk messages dropped ** [ 46.342991] INFO: Allocated in fasync_helper+0x29/0x90 age=6 cpu=0 pid=6756 +** 4288 printk messages dropped ** [ 46.353225] run_ksoftirqd+0x20/0x60 +** 2843 printk messages dropped ** [ 46.359933] INFO: Freed in fasync_free_rcu+0x14/0x20 age=7 cpu=0 pid=3 +** 4111 printk messages dropped ** [ 46.369656] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5713 printk messages dropped ** [ 46.383149] __slab_free+0x18c/0x2b0 +** 2818 printk messages dropped ** [ 46.389866] [] ? __lock_is_held+0xa1/0xf0 +** 3718 printk messages dropped ** [ 46.398717] Object ffff8800b7eb5780: ff ff ff ff ff ff ff ff 80 e3 70 85 ff ff ff ff ..........p..... +** 5181 printk messages dropped ** [ 46.411008] 0000000000000000 263dc65b38caca23 ffff8801d2e979b0 ffffffff81cc9b4f +** 4420 printk messages dropped ** [ 46.421691] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5248 printk messages dropped ** [ 46.434131] Object ffff8800b7eb57a0: 00 50 8b 83 ff ff ff ff 01 46 00 00 07 00 00 00 .P.......F...... +** 5252 printk messages dropped ** [ 46.446625] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4982 printk messages dropped ** [ 46.458438] [] entry_SYSCALL_64_fastpath+0x16/0x76 +** 4071 printk messages dropped ** [ 46.468040] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3303 printk messages dropped ** [ 46.475819] fasync_free_rcu+0x14/0x20 +** 2914 printk messages dropped ** [ 46.482677] ___slab_alloc.constprop.78+0x4c6/0x530 +** 3327 printk messages dropped ** [ 46.490514] 0000000000000000 263dc65b38caca23 ffff8801d2e979b0 ffffffff81cc9b4f +** 4472 printk messages dropped ** [ 46.501243] __slab_alloc.isra.74.constprop.77+0x50/0xa0 +** 3565 printk messages dropped ** [ 46.509661] [] ? sg_remove_request+0x60/0x100 +** 3881 printk messages dropped ** [ 46.518862] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5287 printk messages dropped ** [ 46.531333] ffff8800b7eb5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 +** 4399 printk messages dropped ** [ 46.541703] [] __asan_report_load4_noabort+0x29/0x30 +** 4144 printk messages dropped ** [ 46.551481] [] ? do_sendfile+0xf40/0xf40 +** 3701 printk messages dropped ** [ 46.560195] kmem_cache_free+0x1f1/0x300 +** 2941 printk messages dropped ** [ 46.567116] CPU: 0 PID: 6756 Comm: syz-executor1 Tainted: G B 4.4.105-ge303a83 #5 +** 4977 printk messages dropped ** [ 46.579020] [] ? rw_verify_area+0xbb/0x2c0 +** 3782 printk messages dropped ** [ 46.587934] __do_softirq+0x24d/0xa60 +** 2872 printk messages dropped ** [ 46.594689] [] kasan_report.part.2+0x227/0x530 +** 3916 printk messages dropped ** [ 46.603948] [] ? __lock_is_held+0xa1/0xf0 +** 3684 printk messages dropped ** [ 46.612655] ffff8800b7eb5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc 00 00 +** 4285 printk messages dropped ** [ 46.622887] ----------------------------------------------------------------------------- +[ 46.622887] +** 5380 printk messages dropped ** [ 46.635852] [] ? rw_verify_area+0xbb/0x2c0 +** 3744 printk messages dropped ** [ 46.644772] [] __vfs_read+0xda/0x3e0 +** 3495 printk messages dropped ** [ 46.653074] Object ffff8800b7eb5770: 00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00 .....N.......... +** 5151 printk messages dropped ** [ 46.665447] BUG fasync_cache (Tainted: G B ): kasan: bad access detected +** 4450 printk messages dropped ** [ 46.676199] Object ffff8800b7eb57a0: 00 50 8b 83 ff ff ff ff 01 46 00 00 07 00 00 00 .P.......F...... +** 5028 printk messages dropped ** [ 46.688511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +** 5080 printk messages dropped ** [ 46.701115] __slab_free+0x18c/0x2b0 +** 2823 printk messages dropped ** [ 46.708033] [] ? do_sendfile+0xf40/0xf40 +** 3709 printk messages dropped ** [ 46.716853] INFO: Slab 0xffffea0002dfad00 objects=20 used=3 fp=0xffff8800b7eb5a90 flags=0x4000000000004080 +** 5386 printk messages dropped ** [ 46.729553] sg_fasync+0x66/0xb0 +** 2713 printk messages dropped ** [ 46.736033] INFO: Object 0xffff8800b7eb5770 @offset=6000 fp=0xdead4ead00000000 +[ 46.736033] +** 5012 printk messages dropped ** [ 46.747833] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3299 printk messages dropped ** [ 46.755632] entry_SYSCALL_64_fastpath+0x16/0x76 +** 3287 printk messages dropped ** [ 46.763372] BUG: KASAN: slab-out-of-bounds in native_queued_spin_lock_slowpath+0x5ad/0x660 at addr ffff8800b7eb57d4 +** 5759 printk messages dropped ** [ 46.776952] [] ? rw_verify_area+0xbb/0x2c0 +** 3782 printk messages dropped ** [ 46.785872] __do_softirq+0x24d/0xa60 +** 2886 printk messages dropped ** [ 46.792668] [] __vfs_read+0xda/0x3e0 +** 3551 printk messages dropped ** [ 46.801035] __slab_alloc.isra.74.constprop.77+0x50/0xa0 +** 3575 printk messages dropped ** [ 46.809466] [] ? __lock_is_held+0xa1/0xf0 +** 3733 printk messages dropped ** [ 46.818289] [] ? native_queued_spin_lock_slowpath+0x5ad/0x660 +** 4487 printk messages dropped ** [ 46.828863] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5283 printk messages dropped ** [ 46.841301] [] ? lockdep_sys_exit_thunk+0x12/0x14 +** 3974 printk messages dropped ** [ 46.850709] [] ? lockdep_sys_exit_thunk+0x12/0x14 +** 4039 printk messages dropped ** [ 46.860329] [] ? debug_check_no_locks_freed+0x2c0/0x2c0 +** 4250 printk messages dropped ** [ 46.870327] Object ffff8800b7eb57b0: 00 00 00 00 00 00 00 00 00 cc 1c b7 00 88 ff ff ................ +** 5284 printk messages dropped ** [ 46.882803] [] entry_SYSCALL_64_fastpath+0x16/0x76 +** 4009 printk messages dropped ** [ 46.892231] Bytes b4 ffff8800b7eb5760: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ +** 5323 printk messages dropped ** [ 46.904922] INFO: Object 0xffff8800b7eb5770 @offset=6000 fp=0xdead4ead00000000 diff --git a/pkg/report/testdata/linux/report/165 b/pkg/report/testdata/linux/report/165 new file mode 100644 index 000000000..4a4a5aa7a --- /dev/null +++ b/pkg/report/testdata/linux/report/165 @@ -0,0 +1,89 @@ +TITLE: KASAN: use-after-free Read in shmem_disband_hugehead + +[ 176.379525] ================================================================== +[ 176.386974] BUG: KASAN: use-after-free in __lock_acquire+0x462f/0x49f0 at addr ffff8800b5a9f8c0 +[ 176.395804] Read of size 8 by task syz-executor7/20709 +[ 176.401162] CPU: 0 PID: 20709 Comm: syz-executor7 Not tainted 4.3.5+ #11 +[ 176.407993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 176.417350] 0000000000000000 ffff8800b9e4b778 ffffffff81d985d2 ffff8801d8df6d00 +[ 176.425400] ffff8800b5a9f590 ffff8800b5a9fa20 0000000000000001 ffff8800b5a9f8c0 +[ 176.433465] ffff8800b9e4b7a0 ffffffff817c20a1 ffff8800b9e4b828 ffff8800b5a9f590 +[ 176.441544] Call Trace: +[ 176.444128] [] dump_stack+0xf6/0x184 +[ 176.449487] [] kasan_object_err+0x21/0x70 +[ 176.455278] [] kasan_report_error+0x1b7/0x490 +[ 176.461418] [] __asan_report_load8_noabort+0x43/0x50 +[ 176.468167] [] ? __lock_acquire+0x462f/0x49f0 +[ 176.474295] [] __lock_acquire+0x462f/0x49f0 +[ 176.480246] [] ? set_next_entity+0x27c/0xc50 +[ 176.486293] [] ? debug_check_no_locks_freed+0x370/0x370 +[ 176.493293] [] ? finish_task_switch+0x485/0x620 +[ 176.499588] [] ? finish_task_switch+0x475/0x620 +[ 176.505972] [] ? finish_task_switch+0x485/0x620 +[ 176.512266] [] ? finish_task_switch+0x475/0x620 +[ 176.518566] [] ? finish_task_switch+0x485/0x620 +[ 176.524861] [] ? finish_task_switch+0x475/0x620 +[ 176.531156] [] ? finish_task_switch+0x485/0x620 +[ 176.537449] [] ? finish_task_switch+0x475/0x620 +[ 176.543750] [] ? finish_task_switch+0x485/0x620 +[ 176.550241] [] ? finish_task_switch+0x475/0x620 +[ 176.556543] [] ? finish_task_switch+0xf4/0x620 +[ 176.562758] [] ? context_switch+0x54a/0xe60 +[ 176.568710] [] ? context_switch+0x5b0/0xe60 +[ 176.574660] [] lock_acquire+0x13d/0x300 +[ 176.580258] [] ? shmem_disband_hugehead+0x1ed/0x610 +[ 176.586919] [] _raw_spin_lock_irqsave+0x56/0x70 +[ 176.593213] [] ? shmem_disband_hugehead+0x1ed/0x610 +[ 176.599862] [] shmem_disband_hugehead+0x1ed/0x610 +[ 176.606337] [] ? shmem_clear_tag_hugehole+0x130/0x130 +[ 176.613148] [] ? shmem_put_recovery_page+0x20/0x20 +[ 176.619701] [] shmem_disband_hugeteam+0x1b4/0x360 +[ 176.626171] [] ? shmem_huge_mapping+0xf0/0xf0 +[ 176.632293] [] ? __might_sleep+0x95/0x1a0 +[ 176.638066] [] shmem_recovery_finalize_team+0x305/0x4b0 +[ 176.645072] [] shmem_huge_migrate_pages+0x65b/0x11e0 +[ 176.651812] [] do_mbind+0x49a/0xd10 +[ 176.657069] [] ? kcov_ioctl+0x5b/0x1a0 +[ 176.662596] [] ? fput+0x25/0x150 +[ 176.667595] [] ? shmem_mmap+0xa0/0xa0 +[ 176.673033] [] ? __mpol_equal+0x2c0/0x2c0 +[ 176.678816] [] ? __might_fault+0x119/0x1d0 +[ 176.684681] [] ? kasan_check_write+0x14/0x20 +[ 176.690714] [] ? get_nodes+0x177/0x1e0 +[ 176.696232] [] SyS_mbind+0x140/0x150 +[ 176.701569] [] ? compat_SyS_mbind+0x240/0x240 +[ 176.707691] [] ? trace_hardirqs_on_thunk+0x17/0x19 +[ 176.714247] [] sysenter_dispatch+0xf/0x32 +[ 176.720019] Object at ffff8800b5a9f590, in cache shmem_inode_cache size: 1168 +[ 176.727269] Allocated: +[ 176.729734] PID = 20706 +[ 176.732286] [] save_stack_trace+0x2b/0x50 +[ 176.738179] [] save_stack+0x43/0xd0 +[ 176.743575] [] kasan_kmalloc+0xad/0xe0 +[ 176.749218] [] kasan_slab_alloc+0x12/0x20 +[ 176.755122] [] kmem_cache_alloc+0x14b/0x7a0 +[ 176.761202] [] shmem_alloc_inode+0x20/0x50 +[ 176.767185] [] alloc_inode+0x6a/0x190 +[ 176.772733] [] new_inode_pseudo+0x1c/0xe0 +[ 176.778644] [] new_inode+0x21/0x50 +[ 176.783947] [] shmem_get_inode+0x134/0xb50 +[ 176.789937] [] __shmem_file_setup.part.40+0x302/0x430 +[ 176.796883] [] SyS_memfd_create+0x178/0x3b0 +[ 176.802981] [] sysenter_dispatch+0xf/0x32 +[ 176.808882] Freed: +[ 176.811003] PID = 20702 +[ 176.813556] [] save_stack_trace+0x2b/0x50 +[ 176.819447] [] save_stack+0x43/0xd0 +[ 176.824822] [] kasan_slab_free+0x72/0xc0 +[ 176.830647] [] kmem_cache_free+0xe8/0x2d0 +[ 176.837315] [] shmem_destroy_callback+0x4f/0x60 +[ 176.843733] [] rcu_process_callbacks+0x7bc/0x16e0 +[ 176.850320] [] __do_softirq+0x243/0x8c4 +[ 176.856045] Memory state around the buggy address: +[ 176.860948] ffff8800b5a9f780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.868279] ffff8800b5a9f800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.875621] >ffff8800b5a9f880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.882964] ^ +[ 176.888387] ffff8800b5a9f900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.895717] ffff8800b5a9f980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 176.903055] ================================================================== diff --git a/pkg/report/testdata/linux/report/166 b/pkg/report/testdata/linux/report/166 new file mode 100644 index 000000000..9b82afd24 --- /dev/null +++ b/pkg/report/testdata/linux/report/166 @@ -0,0 +1,118 @@ +TITLE: WARNING: suspicious RCU usage in bpf_prog_array_copy_info + +[ 24.271604] ============================= +[ 24.275791] WARNING: suspicious RCU usage +[ 24.279952] 4.15.0+ #10 Not tainted +[ 24.283625] ----------------------------- +[ 24.287794] ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! +[ 24.297101] +[ 24.297101] other info that might help us debug this: +[ 24.297101] +[ 24.305269] +[ 24.305269] rcu_scheduler_active = 2, debug_locks = 1 +[ 24.311963] 3 locks held by syzkaller076311/4159: +[ 24.316826] #0: (&ctx->mutex){+.+.}, at: [<0000000027c8872d>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 24.326332] #1: (bpf_event_mutex){+.+.}, at: [<0000000092294d8c>] perf_event_query_prog_array+0x10e/0x280 +[ 24.336270] #2: (rcu_read_lock){....}, at: [<000000002b518ca0>] bpf_prog_array_copy_to_user+0x0/0x4d0 +[ 24.345854] +[ 24.345854] stack backtrace: +[ 24.350373] CPU: 0 PID: 4159 Comm: syzkaller076311 Not tainted 4.15.0+ #10 +[ 24.357363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 24.366690] Call Trace: +[ 24.369257] dump_stack+0x194/0x257 +[ 24.372863] ? arch_local_irq_restore+0x53/0x53 +[ 24.377529] lockdep_rcu_suspicious+0x123/0x170 +[ 24.382181] ___might_sleep+0x385/0x470 +[ 24.386133] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 24.392013] __might_sleep+0x95/0x190 +[ 24.395790] ? __lock_is_held+0xb6/0x140 +[ 24.399834] __might_fault+0xab/0x1d0 +[ 24.403613] _copy_to_user+0x2c/0xc0 +[ 24.407327] bpf_prog_array_copy_to_user+0x217/0x4d0 +[ 24.412412] ? bpf_prog_array_length+0x2d0/0x2d0 +[ 24.417152] ? __might_sleep+0x95/0x190 +[ 24.421117] ? kasan_check_read+0x11/0x20 +[ 24.425241] ? _copy_to_user+0xa2/0xc0 +[ 24.429110] bpf_prog_array_copy_info+0x17b/0x1c0 +[ 24.433936] ? bpf_prog_array_copy+0x370/0x370 +[ 24.438515] perf_event_query_prog_array+0x196/0x280 +[ 24.443597] ? perf_event_detach_bpf_prog+0x3d0/0x3d0 +[ 24.448766] ? handle_mm_fault+0x248/0x8d0 +[ 24.452990] perf_ioctl+0x3e1/0x1480 +[ 24.456687] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.461503] ? __do_page_fault+0x5f7/0xc90 +[ 24.465722] ? lock_downgrade+0x980/0x980 +[ 24.470243] ? handle_mm_fault+0x410/0x8d0 +[ 24.474453] ? down_read_trylock+0xdb/0x170 +[ 24.478747] ? __do_page_fault+0x32d/0xc90 +[ 24.482958] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 24.487511] ? vmacache_find+0x5f/0x280 +[ 24.491485] ? up_read+0x1a/0x40 +[ 24.494827] ? __do_page_fault+0x3d6/0xc90 +[ 24.499072] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.503889] do_vfs_ioctl+0x1b1/0x1520 +[ 24.507761] ? ioctl_preallocate+0x2b0/0x2b0 +[ 24.512151] ? selinux_capable+0x40/0x40 +[ 24.516228] ? security_file_ioctl+0x89/0xb0 +[ 24.520621] SyS_ioctl+0x8f/0xc0 +[ 24.523974] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 24.528712] RIP: 0033:0x43ffd9 +[ 24.531876] RSP: 002b:00007ffde8594aa8 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 +[ 24.539560] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ffd9 +[ 24.546802] RDX: 0000000020a40000 RSI: 00000000c008240a RDI: 0000000000000004 +[ 24.554071] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 +[ 24.561317] R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401900 +[ 24.568560] R13: 0000000000401990 R14: 0000000000000000 R15: 0000000000000000 +[ 24.575983] BUG: sleeping function called from invalid context at lib/usercopy.c:25 +[ 24.583814] in_atomic(): 1, irqs_disabled(): 0, pid: 4159, name: syzkaller076311 +[ 24.591379] 3 locks held by syzkaller076311/4159: +[ 24.596249] #0: (&ctx->mutex){+.+.}, at: [<0000000027c8872d>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 24.605750] #1: (bpf_event_mutex){+.+.}, at: [<0000000092294d8c>] perf_event_query_prog_array+0x10e/0x280 +[ 24.615699] #2: (rcu_read_lock){....}, at: [<000000002b518ca0>] bpf_prog_array_copy_to_user+0x0/0x4d0 +[ 24.625296] CPU: 0 PID: 4159 Comm: syzkaller076311 Not tainted 4.15.0+ #10 +[ 24.632293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 24.641635] Call Trace: +[ 24.644205] dump_stack+0x194/0x257 +[ 24.647814] ? arch_local_irq_restore+0x53/0x53 +[ 24.652461] ? print_lock+0x9f/0xa2 +[ 24.656066] ? lockdep_print_held_locks+0xc4/0x130 +[ 24.660983] ___might_sleep+0x2b2/0x470 +[ 24.664931] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 24.670810] __might_sleep+0x95/0x190 +[ 24.674586] ? __lock_is_held+0xb6/0x140 +[ 24.678630] __might_fault+0xab/0x1d0 +[ 24.682412] _copy_to_user+0x2c/0xc0 +[ 24.686109] bpf_prog_array_copy_to_user+0x217/0x4d0 +[ 24.691203] ? bpf_prog_array_length+0x2d0/0x2d0 +[ 24.695934] ? __might_sleep+0x95/0x190 +[ 24.699897] ? kasan_check_read+0x11/0x20 +[ 24.704032] ? _copy_to_user+0xa2/0xc0 +[ 24.707902] bpf_prog_array_copy_info+0x17b/0x1c0 +[ 24.712731] ? bpf_prog_array_copy+0x370/0x370 +[ 24.717313] perf_event_query_prog_array+0x196/0x280 +[ 24.722396] ? perf_event_detach_bpf_prog+0x3d0/0x3d0 +[ 24.727564] ? handle_mm_fault+0x248/0x8d0 +[ 24.731790] perf_ioctl+0x3e1/0x1480 +[ 24.735484] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.740301] ? __do_page_fault+0x5f7/0xc90 +[ 24.744512] ? lock_downgrade+0x980/0x980 +[ 24.748651] ? handle_mm_fault+0x410/0x8d0 +[ 24.752865] ? down_read_trylock+0xdb/0x170 +[ 24.757160] ? __do_page_fault+0x32d/0xc90 +[ 24.761371] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 24.765924] ? vmacache_find+0x5f/0x280 +[ 24.769887] ? up_read+0x1a/0x40 +[ 24.773230] ? __do_page_fault+0x3d6/0xc90 +[ 24.777458] ? SYSC_perf_event_open+0x2f10/0x2f10 +[ 24.782275] do_vfs_ioctl+0x1b1/0x1520 +[ 24.786151] ? ioctl_preallocate+0x2b0/0x2b0 +[ 24.790540] ? selinux_capable+0x40/0x40 +[ 24.794617] ? security_file_ioctl+0x89/0xb0 +[ 24.799019] SyS_ioctl+0x8f/0xc0 +[ 24.802381] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 24.807122] RIP: 0033:0x43ffd9 +[ 24.810285] RSP: 002b:00007ffde8594aa8 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 +[ 24.817968] RAX: ffffffffffffffda RBX: ffffffffffffffff RCX: 000000000043ffd9 +[ 24.825213] RDX: 0000000020a40000 RSI: 00000000c008240a RDI: 0000000000000004 +[ 24.832455] RBP: 00000000006ca018 R08: 0000000000000000 R09: 0000000000000000 +[ 24.839700] R10: 0000000000000000 R11: 0000000000 diff --git a/pkg/report/testdata/linux/report/167 b/pkg/report/testdata/linux/report/167 new file mode 100644 index 000000000..d9dcc94e0 --- /dev/null +++ b/pkg/report/testdata/linux/report/167 @@ -0,0 +1,69 @@ +TITLE: BUG: unable to handle kernel paging request in snd_pcm_oss_write + +[ 522.218303] BUG: unable to handle kernel paging request at ffffc90001691000 +[ 522.225453] IP: memset_erms+0x9/0x10 +[ 522.229149] PGD 1dad2c067 P4D 1dad2c067 PUD 1dad2d067 PMD 1c6a8f067 PTE 0 +[ 522.236059] Oops: 0002 [#1] SMP KASAN +[ 522.239836] Dumping ftrace buffer: +[ 522.243356] (ftrace buffer empty) +[ 522.247074] Modules linked in: +[ 522.250283] CPU: 1 PID: 5739 Comm: syzkaller592073 Not tainted 4.15.0-rc8-mm1+ #57 +[ 522.257973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +executing program +executing program +[ 522.267311] RIP: 0010:memset_erms+0x9/0x10 +[ 522.271526] RSP: 0018:ffff8801cbbdfb78 EFLAGS: 00010246 +[ 522.276881] RAX: fffff520002d3f00 RBX: ffffc90001691000 RCX: 000000000000ee51 +[ 522.284145] RDX: 000000000000ee51 RSI: 0000000000000000 RDI: ffffc90001691000 +[ 522.291415] RBP: ffff8801cbbdfb98 R08: fffff520002d3fcb R09: ffffc90001691000 +[ 522.298677] R10: 0000000000001dcb R11: fffff520002d3fca R12: 000000000000ee51 +[ 522.305946] R13: 0000000000000000 R14: 00007ffffffff000 R15: 000000002001be51 +executing program +executing program +executing program +executing program +[ 522.313211] FS: 00007f88ae7d7700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 522.321460] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 522.327365] CR2: ffffc90001691000 CR3: 00000001ccefa005 CR4: 00000000001606e0 +[ 522.334660] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 522.341921] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 522.349186] Call Trace: +[ 522.351767] ? memset+0x31/0x40 +[ 522.355053] _copy_from_user+0xe9/0x110 +[ 522.359035] snd_pcm_oss_write+0x438/0x880 +[ 522.363274] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +executing program +[ 522.368115] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 522.372949] __vfs_write+0xef/0x970 +[ 522.376572] ? rcu_note_context_switch+0x710/0x710 +[ 522.381498] ? kernel_read+0x120/0x120 +[ 522.385376] ? __might_sleep+0x95/0x190 +[ 522.389349] ? _cond_resched+0x14/0x30 +[ 522.393234] ? __inode_security_revalidate+0xd9/0x130 +[ 522.398412] ? avc_policy_seqno+0x9/0x20 +[ 522.402471] ? selinux_file_permission+0x82/0x460 +[ 522.407308] ? security_file_permission+0x89/0x1e0 +[ 522.412226] ? rw_verify_area+0xe5/0x2b0 +[ 522.416284] ? __fdget_raw+0x20/0x20 +[ 522.419989] vfs_write+0x189/0x510 +[ 522.423518] SyS_write+0xef/0x220 +[ 522.426977] ? SyS_read+0x220/0x220 +[ 522.430594] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 522.436898] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 522.441658] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 522.446401] RIP: 0033:0x44a559 +[ 522.449578] RSP: 002b:00007f88ae7d6da8 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 +[ 522.457274] RAX: ffffffffffffffda RBX: 00000000006dcc24 RCX: 000000000044a559 +[ 522.464535] RDX: 000000000000fe51 RSI: 000000002000c000 RDI: 0000000000000003 +[ 522.471787] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 522.479030] R10: 0000000000000000 R11: 0000000000000293 R12: 00000000006dcc20 +[ 522.486271] R13: 7073642f7665642f R14: 00800000c0045006 R15: 0000000000000001 +[ 522.493521] Code: 48 c1 e9 03 40 0f b6 f6 48 b8 01 01 01 01 01 01 01 01 48 0f af c6 f3 48 ab 89 d1 f3 aa 4c 89 c8 c3 90 49 89 f9 40 88 f0 48 89 d1 aa 4c 89 c8 c3 90 49 89 fa 40 0f b6 ce 48 b8 01 01 01 01 01 +[ 522.512622] RIP: memset_erms+0x9/0x10 RSP: ffff8801cbbdfb78 +[ 522.518301] CR2: ffffc90001691000 +[ 522.521730] ---[ end trace 8f421641f3e10f44 ]--- +[ 522.526455] Kernel panic - not syncing: Fatal exception +[ 522.532270] Dumping ftrace buffer: +[ 522.535780] (ftrace buffer empty) +[ 522.539475] Kernel Offset: disabled +[ 522.543071] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/168 b/pkg/report/testdata/linux/report/168 new file mode 100644 index 000000000..d13f1cead --- /dev/null +++ b/pkg/report/testdata/linux/report/168 @@ -0,0 +1,100 @@ +TITLE: WARNING: ODEBUG bug in pppol2tp_release + +[ 34.186906] ------------[ cut here ]------------ +[ 34.192768] ODEBUG: activate active (active state 1) object type: rcu_head hint: (null) +[ 34.201856] WARNING: CPU: 0 PID: 5989 at lib/debugobjects.c:291 debug_print_object+0x166/0x220 +[ 34.210575] Kernel panic - not syncing: panic_on_warn set ... +[ 34.210575] +[ 34.217913] CPU: 0 PID: 5989 Comm: syzkaller148927 Not tainted 4.15.0+ #290 +[ 34.224982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 34.234310] Call Trace: +[ 34.236879] dump_stack+0x194/0x257 +[ 34.240482] ? arch_local_irq_restore+0x53/0x53 +[ 34.245129] ? vsnprintf+0x1ed/0x1900 +[ 34.248914] panic+0x1e4/0x41c +[ 34.252081] ? refcount_error_report+0x214/0x214 +[ 34.256815] ? show_regs_print_info+0x18/0x18 +[ 34.261291] ? __warn+0x1c1/0x200 +[ 34.264724] ? debug_print_object+0x166/0x220 +[ 34.269192] __warn+0x1dc/0x200 +[ 34.272449] ? debug_print_object+0x166/0x220 +[ 34.276925] report_bug+0x211/0x2d0 +[ 34.280532] fixup_bug.part.11+0x37/0x80 +[ 34.284569] do_error_trap+0x2d7/0x3e0 +[ 34.288436] ? math_error+0x400/0x400 +[ 34.292215] ? vprintk_emit+0x3ea/0x590 +[ 34.296174] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 34.300995] do_invalid_op+0x1b/0x20 +[ 34.304684] invalid_op+0x22/0x40 +[ 34.308111] RIP: 0010:debug_print_object+0x166/0x220 +[ 34.313186] RSP: 0018:ffff8801d82df400 EFLAGS: 00010082 +[ 34.318522] RAX: dffffc0000000008 RBX: 0000000000000003 RCX: ffffffff815a4e0e +[ 34.325764] RDX: 0000000000000000 RSI: 1ffff1003b05be3b RDI: ffff8801db41f6d0 +[ 34.333009] RBP: ffff8801d82df440 R08: 0000000000000000 R09: 1ffff1003b05be0d +[ 34.340255] R10: ffff8801d82df300 R11: ffffffff86b39018 R12: 0000000000000001 +[ 34.347510] R13: ffffffff86b41f20 R14: ffffffff86012ae0 R15: 0000000000000000 +[ 34.354770] ? vprintk_func+0x5e/0xc0 +[ 34.359843] debug_object_activate+0x49b/0x730 +[ 34.364408] ? mutex_lock_io_nested+0x1900/0x1900 +[ 34.369228] ? debug_object_assert_init+0x570/0x570 +[ 34.374219] ? __is_insn_slot_addr+0x1fc/0x330 +[ 34.378786] ? find_held_lock+0x35/0x1d0 +[ 34.382830] ? pppol2tp_session_destruct+0x110/0x110 +[ 34.387909] __call_rcu.constprop.67+0xf2/0xef0 +[ 34.392556] ? __call_rcu.constprop.67+0xf2/0xef0 +[ 34.397374] ? lock_downgrade+0x980/0x980 +[ 34.401499] ? check_noncircular+0x20/0x20 +[ 34.405711] ? rcu_process_callbacks+0x17f0/0x17f0 +[ 34.410615] ? lock_downgrade+0x980/0x980 +[ 34.414749] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 34.419572] ? wait_for_completion+0x770/0x770 +[ 34.424128] ? pppol2tp_release+0x1ae/0x560 +[ 34.428426] ? lock_downgrade+0x980/0x980 +[ 34.432573] call_rcu_sched+0x12/0x20 +[ 34.436351] pppol2tp_release+0x34d/0x560 +[ 34.440475] ? pppol2tp_sendmsg+0x670/0x670 +[ 34.444776] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 34.449339] sock_release+0x8d/0x1e0 +[ 34.453028] ? sock_alloc_file+0x560/0x560 +[ 34.457235] sock_close+0x16/0x20 +[ 34.460664] __fput+0x327/0x7e0 +[ 34.463923] ? fput+0x140/0x140 +[ 34.467178] ? _raw_spin_unlock_irq+0x27/0x70 +[ 34.471655] ____fput+0x15/0x20 +[ 34.474912] task_work_run+0x199/0x270 +[ 34.478774] ? task_work_cancel+0x210/0x210 +[ 34.483083] ? _raw_spin_unlock+0x22/0x30 +[ 34.487205] ? switch_task_namespaces+0x87/0xc0 +[ 34.491856] do_exit+0x9bb/0x1ad0 +[ 34.495289] ? mm_update_next_owner+0x930/0x930 +[ 34.499935] ? pppol2tp_connect+0x91a/0x1dd0 +[ 34.504328] ? pppol2tp_recv_payload_hook+0x1b0/0x1b0 +[ 34.509499] ? selinux_netlbl_socket_connect+0x76/0x1b0 +[ 34.514842] ? selinux_socket_connect+0x311/0x730 +[ 34.519659] ? lock_downgrade+0x980/0x980 +[ 34.523787] ? selinux_socket_setsockopt+0x80/0x80 +[ 34.528689] ? lock_release+0xa40/0xa40 +[ 34.532640] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 34.538760] ? __check_object_size+0x25d/0x4f0 +[ 34.543325] ? __might_sleep+0x95/0x190 +[ 34.547289] ? security_socket_connect+0x89/0xb0 +[ 34.552027] ? SYSC_connect+0x2e0/0x4a0 +[ 34.555977] ? SYSC_bind+0x410/0x410 +[ 34.559672] ? do_page_fault+0xee/0x720 +[ 34.563622] ? __do_page_fault+0xc90/0xc90 +[ 34.567839] do_group_exit+0x149/0x400 +[ 34.571703] ? SyS_socket+0x12d/0x1d0 +[ 34.575480] ? SyS_exit+0x30/0x30 +[ 34.578914] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 34.583910] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 34.588746] SyS_exit_group+0x1d/0x20 +[ 34.592529] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 34.597261] RIP: 0033:0x440cc9 +[ 34.600426] RSP: 002b:00007ffefac52e48 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 +[ 34.608109] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440cc9 +[ 34.615357] RDX: 0000000000440cc9 RSI: 000000000000002e RDI: 0000000000000000 +[ 34.622615] RBP: 0000000000008561 R08: 0000000000000000 R09: 0000000000001759 +[ 34.629898] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 +[ 34.637145] R13: 0000000000000003 R14: 00000000006cf050 R15: 00000000004a260e +[ 34.644409] +[ 34.644412] ====================================================== diff --git a/pkg/report/testdata/linux/report/169 b/pkg/report/testdata/linux/report/169 new file mode 100644 index 000000000..4e4ae6eed --- /dev/null +++ b/pkg/report/testdata/linux/report/169 @@ -0,0 +1,87 @@ +TITLE: WARNING: bad usercopy in put_cmsg + +[ 54.568476] ------------[ cut here ]------------ +[ 54.573431] Bad or missing usercopy whitelist? Kernel memory exposure attempt detected from SLAB object 'skbuff_head_cache' (offset 64, size 16)! +[ 54.586790] WARNING: CPU: 1 PID: 6747 at mm/usercopy.c:81 usercopy_warn+0xdb/0x100 +[ 54.594511] Kernel panic - not syncing: panic_on_warn set ... +[ 54.594511] +[ 54.601905] CPU: 1 PID: 6747 Comm: syz-executor3 Not tainted 4.15.0+ #296 +[ 54.608826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 54.618165] Call Trace: +[ 54.620739] dump_stack+0x194/0x257 +[ 54.624347] ? arch_local_irq_restore+0x53/0x53 +[ 54.628999] ? vsnprintf+0x1ed/0x1900 +[ 54.632789] panic+0x1e4/0x41c +[ 54.636405] ? refcount_error_report+0x214/0x214 +[ 54.641143] ? show_regs_print_info+0x18/0x18 +[ 54.645626] ? __warn+0x1c1/0x200 +[ 54.649066] ? usercopy_warn+0xdb/0x100 +[ 54.653029] __warn+0x1dc/0x200 +[ 54.656294] ? usercopy_warn+0xdb/0x100 +[ 54.660263] report_bug+0x211/0x2d0 +[ 54.663882] fixup_bug.part.11+0x37/0x80 +[ 54.667927] do_error_trap+0x2d7/0x3e0 +[ 54.671793] ? vprintk_default+0x28/0x30 +[ 54.675834] ? math_error+0x400/0x400 +[ 54.679612] ? printk+0xaa/0xca +[ 54.682871] ? show_regs_print_info+0x18/0x18 +[ 54.687353] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 54.692180] do_invalid_op+0x1b/0x20 +[ 54.695873] invalid_op+0x22/0x40 +[ 54.699305] RIP: 0010:usercopy_warn+0xdb/0x100 +[ 54.703862] RSP: 0018:ffff8801d829f6e8 EFLAGS: 00010282 +[ 54.709201] RAX: dffffc0000000008 RBX: ffffffff86800b47 RCX: ffffffff815a57ae +[ 54.716446] RDX: 0000000000005d41 RSI: ffffc90003dca000 RDI: 1ffff1003b053e62 +[ 54.723691] RBP: ffff8801d829f740 R08: 0000000000000000 R09: 0000000000000000 +[ 54.730938] R10: 00000000000001a6 R11: 0000000000000000 R12: ffffffff86402580 +[ 54.738184] R13: ffffffff85f2d440 R14: 0000000000000040 R15: 0000000000000010 +[ 54.745448] ? vprintk_func+0x5e/0xc0 +[ 54.749236] ? usercopy_warn+0xdb/0x100 +[ 54.753199] __check_heap_object+0x89/0xc0 +[ 54.757410] __check_object_size+0x272/0x530 +[ 54.761800] ? usercopy_abort+0xd0/0xd0 +[ 54.765765] ? copy_user_generic_unrolled+0x89/0xc0 +[ 54.770764] ? _copy_to_user+0xa2/0xc0 +[ 54.774634] put_cmsg+0x233/0x3f0 +[ 54.778071] ? __scm_send+0x11a0/0x11a0 +[ 54.782029] ? trace_hardirqs_on+0xd/0x10 +[ 54.786161] ? sock_dequeue_err_skb+0x2b1/0x420 +[ 54.790817] sock_recv_errqueue+0x200/0x3e0 +[ 54.795116] ? rw_copy_check_uvector+0x1be/0x280 +[ 54.799867] packet_recvmsg+0xb2e/0x17a0 +[ 54.803915] ? packet_getname_spkt+0x2b0/0x2b0 +[ 54.808486] ? copy_msghdr_from_user+0x3a6/0x590 +[ 54.813230] ? selinux_socket_recvmsg+0x36/0x40 +[ 54.817876] ? security_socket_recvmsg+0x91/0xc0 +[ 54.822614] ? packet_getname_spkt+0x2b0/0x2b0 +[ 54.827175] sock_recvmsg+0xc9/0x110 +[ 54.830870] ? __sock_recv_wifi_status+0x210/0x210 +[ 54.835779] ___sys_recvmsg+0x2a4/0x640 +[ 54.839739] ? ___sys_sendmsg+0x8b0/0x8b0 +[ 54.843866] ? sock_sendmsg+0x4f/0x110 +[ 54.847738] ? sock_sendmsg+0x110/0x110 +[ 54.851695] ? __fget_light+0x297/0x380 +[ 54.855651] ? fget_raw+0x20/0x20 +[ 54.859091] ? schedule+0xf5/0x430 +[ 54.862611] ? __schedule+0x2060/0x2060 +[ 54.866558] ? __vfs_write+0xf7/0x970 +[ 54.870339] ? kernel_read+0x120/0x120 +[ 54.874202] ? bpf_fd_pass+0x280/0x280 +[ 54.878073] ? __fdget+0x18/0x20 +[ 54.881423] __sys_recvmsg+0xe2/0x210 +[ 54.885198] ? __sys_recvmsg+0xe2/0x210 +[ 54.889156] ? SyS_sendmmsg+0x60/0x60 +[ 54.892963] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 54.897964] SyS_recvmsg+0x2d/0x50 +[ 54.901487] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.906235] RIP: 0033:0x453299 +[ 54.909402] RSP: 002b:00007f0d00020c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002f +[ 54.917087] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 54.924331] RDX: 0000000000002000 RSI: 0000000020006fc8 RDI: 0000000000000013 +[ 54.931577] RBP: 0000000000000654 R08: 0000000000000000 R09: 0000000000000000 +[ 54.938825] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f8880 +[ 54.946070] R13: 00000000ffffffff R14: 00007f0d000216d4 R15: 0000000000000000 +[ 54.954066] Dumping ftrace buffer: +[ 54.957699] (ftrace buffer empty) +[ 54.961386] Kernel Offset: disabled +[ 54.964991] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/170 b/pkg/report/testdata/linux/report/170 new file mode 100644 index 000000000..575aaa755 --- /dev/null +++ b/pkg/report/testdata/linux/report/170 @@ -0,0 +1,77 @@ +TITLE: WARNING: suspicious RCU usage in tipc_bearer_find + +[ 91.193205] ============================= +[ 91.193207] WARNING: suspicious RCU usage +[ 91.193218] 4.15.0-rc9+ #284 Not tainted +[ 91.193220] ----------------------------- +[ 91.193225] net/tipc/bearer.c:177 suspicious rcu_dereference_protected() usage! +[ 91.193227] +[ 91.193227] other info that might help us debug this: +[ 91.193227] +[ 91.193231] +[ 91.193231] rcu_scheduler_active = 2, debug_locks = 1 +[ 91.193234] 2 locks held by syz-executor4/13218: +[ 91.193237] #0: (cb_lock){++++}, at: [<00000000173fa719>] genl_rcv+0x19/0x40 +[ 91.193262] #1: (genl_mutex){+.+.}, at: [<000000001168bed6>] genl_rcv_msg+0x115/0x140 +[ 91.193278] +[ 91.193278] stack backtrace: +[ 91.193285] CPU: 1 PID: 13218 Comm: syz-executor4 Not tainted 4.15.0-rc9+ #284 +[ 91.193290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 91.193293] Call Trace: +[ 91.193307] dump_stack+0x194/0x257 +[ 91.193321] ? arch_local_irq_restore+0x53/0x53 +[ 91.193350] lockdep_rcu_suspicious+0x123/0x170 +[ 91.193366] tipc_bearer_find+0x2b4/0x3b0 +[ 91.193378] ? tipc_media_addr_printf+0x3a0/0x3a0 +[ 91.193405] tipc_nl_compat_link_set+0x329/0x9f0 +[ 91.193423] tipc_nl_compat_doit+0x15b/0x670 +[ 91.193434] ? security_capable+0x8e/0xc0 +[ 91.193445] ? tipc_nl_compat_link_stat_dump+0x3000/0x3000 +[ 91.193457] ? ns_capable_common+0xcf/0x160 +[ 91.193468] ? ns_capable+0x22/0x30 +[ 91.193478] ? __netlink_ns_capable+0xe1/0x120 +[ 91.193497] tipc_nl_compat_recv+0x1135/0x18f0 +[ 91.193512] ? tipc_nl_compat_doit+0x670/0x670 +[ 91.193520] ? tipc_nl_node_dump+0x1290/0x1290 +[ 91.193528] ? tipc_nl_compat_bearer_enable+0x5c0/0x5c0 +[ 91.193535] ? trace_event_raw_event_lock+0x340/0x340 +[ 91.193581] genl_family_rcv_msg+0x7b7/0xfb0 +[ 91.193613] ? genl_rcv+0x40/0x40 +[ 91.193628] ? netlink_deliver_tap+0x148/0xcf0 +[ 91.193639] ? lock_downgrade+0x980/0x980 +[ 91.193689] genl_rcv_msg+0xb2/0x140 +[ 91.193703] netlink_rcv_skb+0x14b/0x380 +[ 91.193714] ? genl_family_rcv_msg+0xfb0/0xfb0 +[ 91.193726] ? netlink_ack+0xa10/0xa10 +[ 91.193732] ? genl_rcv+0x19/0x40 +[ 91.193744] ? netlink_skb_destructor+0x1d0/0x1d0 +[ 91.193758] ? selinux_nlmsg_lookup+0x32b/0x430 +[ 91.193772] genl_rcv+0x28/0x40 +[ 91.193781] netlink_unicast+0x4ee/0x700 +[ 91.193799] ? netlink_attachskb+0x8a0/0x8a0 +[ 91.193815] ? security_netlink_send+0x81/0xb0 +[ 91.193829] netlink_sendmsg+0xa4a/0xe60 +[ 91.193849] ? netlink_unicast+0x700/0x700 +[ 91.193864] ? security_socket_sendmsg+0x89/0xb0 +[ 91.193873] ? netlink_unicast+0x700/0x700 +[ 91.193886] sock_sendmsg+0xca/0x110 +[ 91.193898] ___sys_sendmsg+0x767/0x8b0 +[ 91.193915] ? copy_msghdr_from_user+0x590/0x590 +[ 91.193938] ? lock_downgrade+0x980/0x980 +[ 91.193961] ? __fget_light+0x297/0x380 +[ 91.193972] ? fget_raw+0x20/0x20 +[ 91.193983] ? schedule+0xf5/0x430 +[ 91.193995] ? __schedule+0x2060/0x2060 +[ 91.194007] ? __fd_install+0x288/0x740 +[ 91.194020] ? get_unused_fd_flags+0x190/0x190 +[ 91.194040] ? __fdget+0x18/0x20 +[ 91.194056] __sys_sendmsg+0xe5/0x210 +[ 91.194062] ? __sys_sendmsg+0xe5/0x210 +[ 91.194074] ? SyS_shutdown+0x290/0x290 +[ 91.194084] ? selinux_capable+0x40/0x40 +[ 91.194124] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 91.194142] SyS_sendmsg+0x2d/0x50 +[ 91.194154] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 91.194160] RIP: 0033:0x453299 +[ 91.194164] RSP: 002b:00007f6513cd9c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e +[ 91.194172] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 diff --git a/pkg/report/testdata/linux/report/171 b/pkg/report/testdata/linux/report/171 new file mode 100644 index 000000000..cceb2a3f0 --- /dev/null +++ b/pkg/report/testdata/linux/report/171 @@ -0,0 +1,130 @@ +TITLE: INFO: rcu detected stall in mulaw_decode + +[ 196.114026] INFO: rcu_sched detected stalls on CPUs/tasks: +[ 196.119690] (detected by 0, t=125002 jiffies, g=15654, c=15653, q=133) +[ 196.126427] All QSes seen, last rcu_sched kthread activity 125002 (4294863411-4294738409), jiffies_till_next_fqs=3, root ->qsmask 0x0 +[ 196.138535] syz-executor1 R running task 24936 11943 3739 0x0000000c +[ 196.145712] Call Trace: +[ 196.148271] +[ 196.150403] sched_show_task+0x4a3/0x5e0 +[ 196.154447] ? can_nice.part.83+0x20/0x20 +[ 196.158577] ? vprintk_func+0x5e/0xc0 +[ 196.162354] ? printk+0xaa/0xca +[ 196.165610] ? show_regs_print_info+0x18/0x18 +[ 196.170080] ? show_regs_print_info+0x18/0x18 +[ 196.174578] print_other_cpu_stall+0x996/0x1090 +[ 196.179228] ? __lock_is_held+0xb6/0x140 +[ 196.183282] ? rcu_stall_kick_kthreads.part.48+0x770/0x770 +[ 196.188879] ? check_noncircular+0x20/0x20 +[ 196.193092] ? print_irqtrace_events+0x270/0x270 +[ 196.197837] ? print_irqtrace_events+0x270/0x270 +[ 196.202579] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.207744] ? check_noncircular+0x20/0x20 +[ 196.211962] ? print_irqtrace_events+0x270/0x270 +[ 196.216697] ? print_irqtrace_events+0x270/0x270 +[ 196.221440] ? __lock_acquire+0x664/0x3e00 +[ 196.225662] ? rcu_read_lock_sched_held+0x108/0x120 +[ 196.230657] ? update_cfs_rq_load_avg.part.69+0x23d/0x2d0 +[ 196.236196] check_cpu_stall.isra.61+0x6e6/0x15b0 +[ 196.241015] ? check_noncircular+0x20/0x20 +[ 196.245241] ? rcu_lockdep_current_cpu_online+0x190/0x190 +[ 196.250756] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.255942] ? find_held_lock+0x35/0x1d0 +[ 196.259996] ? check_noncircular+0x20/0x20 +[ 196.264213] ? lock_downgrade+0x980/0x980 +[ 196.268340] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 196.273513] ? lock_release+0xa40/0xa40 +[ 196.277475] ? check_noncircular+0x20/0x20 +[ 196.281699] ? check_noncircular+0x20/0x20 +[ 196.285922] ? cpuacct_account_field+0x1e4/0x3b0 +[ 196.290662] ? check_noncircular+0x20/0x20 +[ 196.294870] ? find_held_lock+0x35/0x1d0 +[ 196.298911] ? __acct_update_integrals+0x339/0x4d0 +[ 196.303825] ? __lock_is_held+0xb6/0x140 +[ 196.307884] rcu_check_callbacks+0x256/0xd00 +[ 196.312279] ? rcu_cpu_stall_reset+0x260/0x260 +[ 196.316843] ? trace_hardirqs_off+0xd/0x10 +[ 196.321054] ? raise_softirq+0x325/0x490 +[ 196.325095] ? raise_softirq_irqoff+0x320/0x320 +[ 196.329745] ? read_boot_clock64+0x70/0x70 +[ 196.333961] ? lock_downgrade+0x980/0x980 +[ 196.338085] ? lock_downgrade+0x980/0x980 +[ 196.342218] ? run_local_timers+0x18d/0x200 +[ 196.346515] ? timer_clear_idle+0x50/0x50 +[ 196.350644] ? account_process_tick+0xd4/0x3e0 +[ 196.355210] ? thread_group_cputime+0xef0/0xef0 +[ 196.359859] ? ktime_get_resolution_ns+0x300/0x300 +[ 196.364779] update_process_times+0x30/0x60 +[ 196.369080] tick_sched_handle+0x85/0x160 +[ 196.373206] tick_sched_timer+0x42/0x120 +[ 196.377249] __hrtimer_run_queues+0x358/0xe20 +[ 196.381733] ? tick_sched_do_timer+0xe0/0xe0 +[ 196.386122] ? hrtimer_fixup_init+0x70/0x70 +[ 196.390435] ? pvclock_read_flags+0x160/0x160 +[ 196.394924] ? kvm_clock_get_cycles+0x25/0x30 +[ 196.399397] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 196.404747] ? do_timer+0x50/0x50 +[ 196.408179] ? native_apic_msr_write+0x5c/0x80 +[ 196.412739] ? do_raw_spin_trylock+0x190/0x190 +[ 196.417301] ? lapic_next_event+0x54/0x80 +[ 196.421436] ? clockevents_program_event+0x108/0x2e0 +[ 196.426526] hrtimer_interrupt+0x1c2/0x5e0 +[ 196.430767] smp_apic_timer_interrupt+0x14a/0x700 +[ 196.435592] ? smp_call_function_single_interrupt+0x640/0x640 +[ 196.441455] ? _raw_spin_lock+0x32/0x40 +[ 196.445410] ? _raw_spin_unlock+0x22/0x30 +[ 196.449533] ? handle_edge_irq+0x2b4/0x7c0 +[ 196.453747] ? task_prio+0x40/0x40 +[ 196.457279] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 196.462113] apic_timer_interrupt+0xa9/0xb0 +[ 196.466405] +[ 196.468619] RIP: 0010:check_memory_region+0x38/0x190 +[ 196.473693] RSP: 0000:ffff8801bd2ff868 EFLAGS: 00000212 ORIG_RAX: ffffffffffffff11 +[ 196.481384] RAX: ffff7fffffffffff RBX: ffffc9000160020b RCX: ffffffff841fceaf +[ 196.488632] RDX: 0000000000000001 RSI: 0000000000000002 RDI: ffffc9000160020a +[ 196.495875] RBP: ffff8801bd2ff878 R08: ffffc9000160020a R09: dffffc0000000000 +[ 196.503120] R10: 0000000000000001 R11: ffffed0037a5ff2e R12: ffffc9000160020a +[ 196.510365] R13: ffff8801bd2ff970 R14: dffffc0000000000 R15: ffffc9000160020a +[ 196.517632] ? mulaw_decode+0x52f/0x770 +[ 196.521592] ? check_noncircular+0x20/0x20 +[ 196.525806] memcpy+0x37/0x50 +[ 196.528895] mulaw_decode+0x52f/0x770 +[ 196.532706] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 196.537960] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 196.543305] ? io_src_channels+0x10a/0x210 +[ 196.547525] mulaw_transfer+0x222/0x270 +[ 196.551473] ? lock_release+0xa40/0xa40 +[ 196.555431] ? mulaw_encode+0x7c0/0x7c0 +[ 196.559384] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 196.564475] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 196.570164] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 196.575419] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 196.581116] snd_pcm_oss_write2+0x260/0x420 +[ 196.585425] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 196.589913] snd_pcm_oss_write+0x5fe/0x830 +[ 196.594157] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 196.598991] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 196.603813] __vfs_write+0xef/0x970 +[ 196.607418] ? rcu_note_context_switch+0x710/0x710 +[ 196.612327] ? kernel_read+0x120/0x120 +[ 196.616193] ? __might_sleep+0x95/0x190 +[ 196.620146] ? _cond_resched+0x14/0x30 +[ 196.624010] ? __inode_security_revalidate+0xd9/0x130 +[ 196.629180] ? avc_policy_seqno+0x9/0x20 +[ 196.633218] ? selinux_file_permission+0x82/0x460 +[ 196.638045] ? security_file_permission+0x89/0x1e0 +[ 196.642956] ? rw_verify_area+0xe5/0x2b0 +[ 196.646991] ? __fdget_raw+0x20/0x20 +[ 196.650693] vfs_write+0x189/0x510 +[ 196.654218] SyS_write+0xef/0x220 +[ 196.657656] ? SyS_read+0x220/0x220 +[ 196.661258] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 196.666256] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 196.670999] entry_SYSCALL_64_fastpath+0x23/0x9a +[ 196.675728] RIP: 0033:0x452ac9 +[ 196.678895] RSP: 002b:00007fa354a13c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000001 +[ 196.686582] RAX: ffffffffffffffda RBX: cccccccccccccccd RCX: 0000000000452ac9 +[ 196.693825] RDX: 00000000fffffeb2 RSI: 0000000020083fc6 RDI: 0000000000000014 +[ 196.701069] RBP: 00000000000005b5 R08: 0000000000000000 R09: 0000000000000000 +[ 196.708322] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f6998 +[ 196.715566] R13: 00000000ffffffff R14: 00007fa354a146d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/172 b/pkg/report/testdata/linux/report/172 new file mode 100644 index 000000000..f0094a554 --- /dev/null +++ b/pkg/report/testdata/linux/report/172 @@ -0,0 +1,192 @@ +TITLE: KASAN: stack-out-of-bounds Read in xfrm_selector_match + +[ 396.956335] ================================================================== +[ 396.963769] BUG: KASAN: stack-out-of-bounds in memcmp+0xe3/0x160 +[ 396.969914] Read of size 1 at addr ffff8801c19175d0 by task syz-executor6/18562 +[ 396.977522] +[ 396.979147] CPU: 0 PID: 18562 Comm: syz-executor6 Not tainted 4.15.0-rc5+ #172 +[ 396.986497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 396.995841] Call Trace: +[ 396.998428] dump_stack+0x194/0x257 +[ 397.002054] ? arch_local_irq_restore+0x53/0x53 +2018/01/02 18:20:06 executing program 3: +mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +ioctl$DRM_IOCTL_AGP_FREE(0xffffffffffffffff, 0x40206435, &(0x7f0000002000)={0x0, 0x0, 0x0, 0x11f}) +mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +mmap(&(0x7f000000a000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = bpf$PROG_LOAD(0x5, &(0x7f0000003000-0x48)={0xb, 0x11, &(0x7f000000a000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1}, [@ldst={0x1, 0x3, 0x1, 0xf, 0x9, 0xfffffff8, 0xfffffffffffffff0}, @ldst={0x3, 0x3, 0x6, 0x5, 0x7, 0xfffffffc, 0x0}, @map={0x18, 0x6, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, @alu={0x0, 0x0, 0xd, 0xe, 0x5, 0x80, 0xfffffffffffffffc}, @generic={0x1, 0x4, 0x1000, 0xc444}, @initr0={0x18, 0x0, 0x0, 0x0, 0x17cc9c48, 0x0, 0x0, 0x0, 0x2}, @alu={0x4, 0x9, 0xd, 0xa, 0x8, 0x10, 0xfffffffffffffffc}], {0x95, 0x0, 0x0, 0x0}}, &(0x7f000000b000-0xa)='syzkaller\x00', 0x0, 0xec, &(0x7f0000005000-0xec)=""/236, 0x0, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x48) +r1 = socket(0x5, 0x0, 0x8001) +mmap(&(0x7f000000b000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000005000)=@assoc_id=0x0, &(0x7f000000b000)=0x4) +getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000002000)={r2, @in6={{0xa, 0x1, 0x1, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x1}, 0x5}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x5, 0x8}, &(0x7f0000007000)=0x98) +bpf$OBJ_PIN_PROG(0x6, &(0x7f0000008000)={&(0x7f0000008000)='./file0\x00', r0}, 0xc) +bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x5, &(0x7f0000002000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9}, [@jmp={0x4, 0x0, 0x3, 0x5, 0x0, 0x0, 0xfffffffffffffff8}], {0x95, 0x0, 0x0, 0x0}}, &(0x7f0000004000-0xa)='syzkaller\x00', 0x3, 0xc3, &(0x7f0000386000)=""/195, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0}, 0x48) +2018/01/02 18:20:06 executing program 2: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00001b1000)={0x0, 0x0}) +accept(r0, &(0x7f000003b000)=@nfc={0x0, 0x0, 0x0, 0x0}, &(0x7f0000b24000-0x4)=0x10) +r1 = socket(0x1f, 0x2, 0x400000000000c) +write(r1, &(0x7f0000731000-0x90)="1f0000000206ffdde200f49ff60f0000000200000900018005ffffe5000051", 0x1f) +2018/01/02 18:20:06 executing program 0: +mmap(&(0x7f0000000000/0xaf6000)=nil, 0xaf6000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +socketpair$inet(0x2, 0x5, 0x8, &(0x7f00001c6000)={0x0, 0x0}) +mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000a9c000-0x6)={0x0, 0x80000001}, &(0x7f0000af6000)=0x6) +mmap(&(0x7f0000af6000/0x1000)=nil, 0x1000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000281000)=@assoc_value={r1, 0x7}, &(0x7f0000af6000)=0x8) +r2 = socket$alg(0x26, 0x5, 0x0) +bind$alg(r2, &(0x7f0000001000)={0x26, 'hash\x00', 0x80000000002, 0x0, 'michael_mic\x00'}, 0x58) +setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000af2000)="8be3000000010000", 0x8) +r3 = accept$alg(r2, 0x0, 0x0) +sendmsg$alg(r3, &(0x7f0000276000-0x38)={0x0, 0x0, &(0x7f0000738000-0x30)=[{&(0x7f0000592000-0x1b)="7be46a321d3b4acad0ed11080957", 0x2}], 0x1, &(0x7f0000211000)=[], 0x0, 0x0}, 0x0) +2018/01/02 18:20:06 executing program 1: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = socket$alg(0x26, 0x5, 0x0) +bind$alg(r0, &(0x7f0000660000-0x58)={0x26, 'aead\x00', 0x4, 0x0, 'gcm(aes)\x00'}, 0x58) +setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000a2c000-0x10)="0a0775b0d5e383e5b3b60ced5c54dbb7", 0x10) +r1 = accept$alg(r0, 0x0, 0x0) +r2 = epoll_create(0x7) +epoll_pwait(r2, &(0x7f00007cf000)=[{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}], 0x7, 0xe67, &(0x7f0000a56000-0x8)={0x3}, 0x8) +sendmsg$alg(r1, &(0x7f0000913000-0x38)={0x0, 0x0, &(0x7f000078f000-0x30)=[{&(0x7f000086a000-0x1000)="5216eee325f6251ccf391f3bf5e545ba5168bc129c8930595ff0b417d0f2f65ae96616dad58cc195eb900d7fef58483296fdd14f58a574e252f118bdbc0c2c93ad61f447f963a18d92ba8fef602d3950e93d15c32afecc60dceea83ca340f33724723b4dee52f78c3ef46669ee7b8a3895d2bd7231842c7e1d495d11b8ff448ae5c5949bcbf7004a8c9355c4f26e0c73085f5277deec7b6ac3eca10a826cb7975fec8349f5376084a4d7ad57fb36df257d85735150223103ff8dc1c5829c7ab9b11ff5ab9c2711b21569d4224f9e8cf9b01dd7352acab0c3521011f454760c00dd76ce319330a81b4b5af18ea2a0a417462c338efc4322a9174cfd1288ab2d10d52cc1c2b295aea5d3c24d5dae8e77e81efc75a1a6b7701dd03e2ec304ceed79c4e777aa5365b7fcbb5394ceee2675f5af0c653301681441961cb1d7260623136ecef4826e38aabbccfafa3be7addf875675f4c3b2874b71eebd0825d10a9bfb1957aa769b83540495d5386155921fa34a87a92bd4c37d32659a5601f227ae0526de7f4ae9e564ed5ec336f23c20d54aa83fe3b6ed894f171f711be31ef88c1b0b80c4e9a90069a77e49e8c60fc56f1ce6474706ecde9b016114d0734508cb5ee4a0a8ee519aaf1d71bba892e653ee910ab598bb325ae72fae836ff68610f2ae46b107b115f33e4715497fde885aecfaa3481673406bc23bf52a3e8aa9fe225415a7d506aafa72e53376772875d22054303d7dbc123d640a3f99bdbf21e6d16b18eb26c85d07191f2a2ef188422101be989f8678f622bbb3e0ac646542e530188b7abd8f608c678f7e48515f34fdd94bc5079a1be2fa5ebffe3a5a59b476a4329e455819b9d7a31aab0ef9fe0b17c5ed63d66a4700ccddb4f549ec08534bec080a61617fb7965968c3721945593a5a4403f72ed7ef5ec7b7df7781f2ff68b383ab9c87dd1a8f17e2d1ae617c10574976592043eee77560469626858c0602fc948e22943559e46adaf6c87dbeeed0416130a213da727d18cd66cecc60912bded3579f5163b233a473c2034761659383fa0e9828e59e915e0233b654024a3ff24ce727920baaa0ef6713a28239c08924a0d988f82529dbfd7172f53cfac5f08bd27426e919e323f07a7314bb0c5dade08189ef2151930dca6b2f3b2346ff4f21df3567d019a99f3d060dd23a0706e6fc7744bf09b9d283367edc7c5ad90b610eaf7886c94cb090a032814c9809e72c5fc32f13e7fed02af57358d9d2fdccf89189d4db81bdacb8c899078918db2fc8419c146f9563e8ccd7f08575493f4c7d4dc812f7799c109a1993b1d9b268a0dfef09f89f6039646501069fd9d33387ac5263ce0397df723c7af51cce88db1e26a5461b384d68f9d616cf744dc970e69dd56740b0edfdbfd76b76919dc10880677586133a563eed024ac3e5dee6655af2af8e7bd381d1e50739dd4b1c7c64c7ba5cd9932e2e7ee946a2517be315c7428ce70941827749bfd9f96e2c1b87234eb38295870ce21b74ca529efde30b421c505c263291a13745d155dfb5af1aaca1eb49c5284bdb10856bda32314b5ce405283b111e1ac5b3b4456869f553a4d0ab2cb63fecf542dc8a149adfcb3f0bbaf0b89877af56dc4406ea491fa24a62141fceb72a285b5377df686ba9456bef5ac05fe1cd17d1fef6ef4f5b5539d6d47d3d26c912cfad125c976e5918ce0c3267df45118e4e51b819110780ac1498d8df4b4c99b639384b98ab50f06f3f08d7db270b2eafa77db805fe533fda418e9223ab40e1d85f6e87dd5b868f4aee128fc17134ea20239a1870cd04e41c71475af7bca36808afbfc16947464ed003d0a88366c34feafb2763876254209919f9a1049783ed18ab545ceac7d8a6603df97c184e2c86d935d870954f183e15a2444470d5a04b6bbf5b763fc8a3d388960ab165ec933731edba5785b075d3edd5b3841d6e2ac9159a1640ee8fb1b7db5f314d69c136fe2a66d60f26ff7a8e0ef3874b6867d03a2167d0a76f52d156795bc590616341adec92f974fc171d6f787b8072f541bdd6268c208bd17925ce37d194b0dfde4cd5419999f9c3ec37a0db6466151a933e0840a2364f8944077bd986e696a4d8dcd66e91bbf6f85074e9f7f958e307a468a7431e3ce0a0d1d644c44f8bcedfa0f909f4d0d80b977775194123a07b30a0613ee3c083d47cd6cf0a83f6457ae1a30f06360c479f34a5c13c6a9f8cabc7a90b096b2349905d5d792395e6e26a88a26deb2dc899521bc2334f38fdff01fc80c3b399148b175d9799dc24f388a99e62842ec63e412d5c4702801ea5126e791f486dca5f1b3941cc53c64ed1eb7ac6a956330a97126000c78920e3f6e6549b1c43cc863748f284f052198cf1fec968b8c4f76db30807ec41a7b10b297572314cad07d6386d09f968f150a0c4d864781e7ccff44051d44016e18fc38b76655b0b958cc237db7584d787176c1a702006d22bb6b8977e7a56748d261d23e8fbb5728f07fec9e533d561bb1d2e63e8b2a4668536be151d32d0ef2d2b7d9b23080c06690cd8a1e335a206d18de84d56075a75b2ef8d34789de584577b1f1cce24c62d3dc5406f57df4b8495317c737668d3d2d8bab1e8db4e8eb19d546524790515c983464a9c5077ada2517d3d4a8dc072316ae4d6342cfce5617bb54d6c4d806642cb8cde8600aa74a395d284ef4d96d43c6e3368f2c2a29c95edecdf4873f0124a976edf5ff3fd28d96ee95edd72fea3c8a31c025ea7dd419c2f67bcd0366f9e09032fb7c82948d09014304716dbda5ec583def4908ff3ba6f3bdf255349f6d3a2e7916a0b814063f2cebdeef5d8df269209c0f298470175ff66960bf366d888d70d4d1e883eedcc28ca0782e3b4495ef7207c99f83ee24af3d03499afd6ddf3623dabc2dea1eeabf5bd65fd114b03e758dbaba5729ba721d9a7acf24e63709a997ef391c38402e1ecff310106b373fca203ac57fb65502fbf6d8d2ad4567d0c3b791bd9eec97b2065f562a3f0f259a60ed2781723a7e8ee23bc93a1dec6bd61d46f4ea45a08a8d2b46cffab92e72e24764902982525355036dfff71109b143fe046d956b282200016b982d2c2b2fb928036c43779b10fbf5b29a6e65ddf6f7f667b3d308d760474db78535a447ad5d12237ca6ef8f5868fd21033d55a8554faa6324e3d10cad1bf0d358ab110ce109f29d6f2297c6c8207ed12b2b4d44a74fc6a5e90f73a8acbf2c719f28709bccf914dce7a0026902b2e74d9d630f855e5950cfef6b40701384a3c4371f872134efc703132ec13b2e1058d8580f07477a70e7ce59de281e71f7ea9f013c7626f6943c650368a0f3dda776f131c55e90168e58caa02763c2e3bb2ebdc9cf01386fbe492713831f6209a6a4d9172fdc7f9fe5f0f1bab19fa5849eec0b0a4e0f7e5203314c3fd821df7ed2d2a308c1c7ab7ad5c613c8971f00570b9e6685b72e8786ee7189bf7c2310111d19d6a1ea64bc7c8c416c6806087f05fb111d967f1731e52a1e94a52715c8a5b66f091c6c0a8c5e1179daf16506ea36a2925a5952323f05a9069d99b4100b26666acf914d32400e15a3797b6521d79945b75d6708f26d3ed3c9f8661ef9f17cc68222fd5c3bd795bd8957d86432a6e60bc43a421ec0bd3b3aa19eaf28744fabba7861c68c54268e7f1e4029b3e6e5416d3d34b7375c9539d39183dd7362a835d1ee53ffb062d3bf84050146ebec9fd0a02417795ff09336060060844fab41f782e8220764bc6f07a5e223e3416d2e5cc8f27b38e8449cae0573abbc01db4a27a23966da3f3446880bab10754c0061fd9da2c5b3193cfedb450600e9484d741342f2773932fc96585aa603475e68cac2176c6ff0d0f99a46dd7968edea4076fdf826da47a45b73080261138efac79055d10d3ef3d59a7d6e958619f473b76a4f4a1092416a6be38303ad743304dc321b37c1f2fccd6861f936190fbce2f042c39ef841cbcce6e965253b8dcb7ee65a48ca7e17689193e934b7d1060eb7e38b1fe33cd777a7b7260cd59dd6828025115bac9dc11cd7993520810c8d72c18aaf05b03e685ff48bf3d500898a83412c0f5762437d8c705c3fdcd450fcb15944ff52c7edc18a78e55efc86c5efdbd4bfced69b471f419e85f15edea8f542b48c9b4eb5a15a8a302fbf0d85d3cd89d4105d3202414a9340562aeab460be79264fee19748ed49b01b9438d340fa6384d0b312f3200cc464a6b6c54a171c98656b0626176f0739fdd40898047df242a8d9fc515e9f331285722bd86494e90eba0ca466338740600cb71154334b94ea113840e65dda096497fe1e2d1f48d6cf06614ed5f251e73dd6189e4ee4a928115c561f64de4ac8eb0d2fecc0383c9e0a4d1479c10b7c38a73631df20aae82d26b15a22a3da23d8629b9e6bccf0373378a928b5b87c67c3f1e4f17a75ac3fa87e2949913e4bd1da5715251cac7aef8ff997d42a8c5e98540c9c857f1ed563c2950e3f03afb17023fd05b361089ae25750850245b895f0d1d9b95b514607d1ed2b92999ce088bfa5891d6c56992af19a140ec8c562f2066410b062415beffc5b79a65b6208e4d8bf8349ba4ef598d9493e5e39f02b40764082102b9730236c5650af3851d3b63e2296bd469fe8ef3e39b35f5c7b7774f50dd705cadaab92159b3ecec12c7d415fe372f3dba4c5a49359286fe9797516854d9c946164a4d7807d4bb5920e704bb950f44c70bd0c267b3807b564c6fee74cef4331c4606ce649748db6c71ad6d1de6c7501dd08c8780b88756227fe1744e348ef085ad69c07c87b63c56d4a69359b968fc86a110dd73d3b77ad2e76ca2dd0ed962583bc6e0032cc46e8fd78b6343f0edd26da18ca9ce5c3ae1447f001e37ee89e7877142f62774a7f53d717ff8172029e524dad5957cfa819433c8af8e46e45a4d1ddaaa6a1c299cf26cfbd3b8729df2b16735f0ea1fec7700ef5508f87c0f067119ea91761f6d706895a265ae0b16a5a6b7040841bb3c0819879ec3c2ecbe6c699b93777462c17d7f564309c9b899e41dd677886f29dfd2da3cda3c3c62fa8948d881478069ef6ddf922fb6d962249b2424a26aebcf418e2b7bcb925df53f24ec95508c18a18bde0e0b2b5259e1b5e75b55c9cc400d0572f995a2d4d5d123f782d12313c130cf69aada30e5cf14e48dfed2787f6e5dd9781c514423cba1cd96da867b9f6b7004e97cdcd925415f6bcfac61244f4ab9f3c1a5a61be83336ce7440f05fbc3b3c90c750837ebcb24bbe0833ce443046695eff4a8098f94674563e690ccc25a99ff4ed262d57ad6c9bec65acaee8a249631bb31a3515b1cd3db367bb0959135716493d6af12a502ffabbef51b73a643f9b8475c08cf13bb4ab18b23b5bcb6485508df531b355974fbd3550433ef536169e041259fbac723a200994ea41ec367824d17a48905d5879b86b2f24edc7dac5250dd5416e94e3be3d7a559ddd97b4a1b1244c81a088f6f6402e9b094683df800c3cc1c3d5b2a2a1aabf2633f90072eda9c0e26f0c5d86fac40843253d2d8d5cf6c356583271924e13feadc4152cb5f7662284c14d3848ef50b1126dd6574e071ef0704fc93cc79a10439edbf277e2b3d1f2cf3e1753790629fe2e82118ce73cf3b3e6e9c064e2faf6caae9dd13814a", 0xfaa}, {&(0x7f00000a0000-0x2f)="ed4e3110c91e5e96fedb93dd410744be3b4bc88269cce08425179ac1816ef7c6b3b8edcfcbb816faccd7cab2f39489", 0x2f}], 0x2, &(0x7f0000e9e000-0x18)=[], 0x0, 0x40000}, 0x0) +recvmsg(r1, &(0x7f0000b2e000-0x38)={&(0x7f00007ec000-0x6)=@hci={0x0, 0x0, 0x0}, 0x6, &(0x7f0000f75000)=[{&(0x7f000074b000)=""/149, 0x95}, {&(0x7f0000f12000-0x1000)=""/4096, 0x1000}], 0x2, &(0x7f0000ec7000)=""/107, 0x6b, 0x0}, 0x0) +[ 397.006717] ? show_regs_print_info+0x18/0x18 +[ 397.011223] ? find_held_lock+0x35/0x1d0 +[ 397.015282] ? memcmp+0xe3/0x160 +[ 397.018669] print_address_description+0x73/0x250 +[ 397.023536] ? memcmp+0xe3/0x160 +[ 397.026901] kasan_report+0x25b/0x340 +[ 397.030702] __asan_report_load1_noabort+0x14/0x20 +[ 397.035630] memcmp+0xe3/0x160 +[ 397.038832] xfrm_selector_match+0x1bc/0xe00 +[ 397.043255] xfrm_state_look_at.constprop.30+0x113/0x360 +[ 397.048721] xfrm_state_find+0x1595/0x3210 +[ 397.052994] ? xfrm_state_afinfo_get_rcu+0x160/0x160 +[ 397.058105] ? ipv6_get_saddr_eval+0xee0/0xee0 +[ 397.062693] ? __lock_is_held+0xb6/0x140 +[ 397.066770] ? check_noncircular+0x20/0x20 +[ 397.071013] ? cleanup_prefix_route+0x1e0/0x1e0 +[ 397.075685] ? check_noncircular+0x20/0x20 +[ 397.079920] ? lock_downgrade+0x980/0x980 +[ 397.084080] ? lock_acquire+0x1d5/0x580 +[ 397.088057] ? lock_acquire+0x1d5/0x580 +[ 397.092062] ? find_held_lock+0x35/0x1d0 +[ 397.096135] ? xfrm_tmpl_resolve+0x598/0xc40 +[ 397.100628] ? lock_downgrade+0x980/0x980 +[ 397.104784] ? rcu_read_lock_held+0xa9/0xc0 +[ 397.109101] ? xfrm_policy_get_afinfo+0x13d/0x290 +[ 397.113948] ? xfrm6_get_saddr+0xd6/0x110 +[ 397.118098] xfrm_tmpl_resolve+0x2ee/0xc40 +[ 397.122338] ? __xfrm_decode_session+0x110/0x110 +[ 397.127077] ? save_stack+0xa3/0xd0 +[ 397.130687] ? save_stack+0x43/0xd0 +[ 397.134292] ? find_held_lock+0x35/0x1d0 +[ 397.138345] ? rt_add_uncached_list+0x1b7/0x240 +[ 397.143002] xfrm_resolve_and_create_bundle+0x184/0x28d0 +[ 397.148438] ? lock_release+0xa40/0xa40 +[ 397.152391] ? __local_bh_enable_ip+0x121/0x230 +[ 397.157044] ? check_noncircular+0x20/0x20 +[ 397.161268] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.166275] ? trace_hardirqs_on+0xd/0x10 +[ 397.170398] ? _raw_spin_unlock_bh+0x30/0x40 +[ 397.174788] ? xfrm_tmpl_resolve+0xc40/0xc40 +[ 397.179167] ? ip_rt_bug+0x20/0x20 +[ 397.182701] ? find_held_lock+0x35/0x1d0 +[ 397.188320] ? xfrm_sk_policy_lookup+0x34c/0x4e0 +[ 397.193055] ? lock_downgrade+0x980/0x980 +[ 397.197186] ? lock_release+0xa40/0xa40 +[ 397.201139] ? refcount_inc_not_zero+0xfe/0x180 +[ 397.205784] ? selinux_xfrm_policy_lookup+0xac/0xd0 +[ 397.210774] ? security_xfrm_policy_lookup+0x92/0xc0 +[ 397.215863] ? xfrm_sk_policy_lookup+0x375/0x4e0 +[ 397.220610] ? xfrm_selector_match+0xe00/0xe00 +[ 397.225168] ? print_irqtrace_events+0x270/0x270 +[ 397.229902] xfrm_lookup+0x15b2/0x24f0 +[ 397.233759] ? xfrm_lookup+0x15b2/0x24f0 +[ 397.237799] ? xfrm_policy_lookup+0x70/0x70 +[ 397.242106] ? find_held_lock+0x35/0x1d0 +[ 397.246152] ? ip_route_output_key_hash+0x229/0x370 +[ 397.251146] ? lock_downgrade+0x980/0x980 +[ 397.255265] ? lock_release+0xa40/0xa40 +[ 397.259213] ? find_held_lock+0x35/0x1d0 +[ 397.263259] ? ip_route_output_key_hash+0x252/0x370 +[ 397.268247] ? ip_route_output_key_hash_rcu+0x2c20/0x2c20 +[ 397.273753] ? lock_release+0xa40/0xa40 +[ 397.277705] xfrm_lookup_route+0x39/0x1a0 +[ 397.281832] ip_route_output_flow+0x7c/0xa0 +[ 397.286128] udp_sendmsg+0x19d3/0x2ce0 +[ 397.290002] ? ip_reply_glue_bits+0xb0/0xb0 +[ 397.294312] ? udp_lib_get_port+0x1b30/0x1b30 +[ 397.298785] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 397.303945] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 397.309112] ? print_irqtrace_events+0x270/0x270 +[ 397.313853] ? lock_downgrade+0x980/0x980 +[ 397.317986] ? mark_held_locks+0xaf/0x100 +[ 397.322111] ? refcount_inc_not_zero+0xfe/0x180 +[ 397.326750] ? __local_bh_enable_ip+0x121/0x230 +[ 397.331389] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.336376] ? udp_lib_get_port+0x785/0x1b30 +[ 397.340752] ? trace_hardirqs_on+0xd/0x10 +[ 397.344868] ? check_noncircular+0x20/0x20 +[ 397.349079] udpv6_sendmsg+0x757/0x3400 +[ 397.353037] ? check_noncircular+0x20/0x20 +[ 397.357248] ? udpv6_setsockopt+0x80/0x80 +[ 397.361378] ? reacquire_held_locks+0x1f9/0x3e0 +[ 397.366021] ? reacquire_held_locks+0x1f9/0x3e0 +[ 397.370671] ? find_held_lock+0x35/0x1d0 +[ 397.374709] ? release_sock+0x1d4/0x2a0 +[ 397.378655] ? lock_downgrade+0x980/0x980 +[ 397.382780] ? __local_bh_enable_ip+0x121/0x230 +[ 397.387422] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.392406] ? release_sock+0x1d4/0x2a0 +[ 397.396348] ? trace_hardirqs_on+0xd/0x10 +[ 397.400464] ? __local_bh_enable_ip+0x121/0x230 +[ 397.405104] ? _raw_spin_unlock_bh+0x30/0x40 +[ 397.409486] ? release_sock+0x1d4/0x2a0 +[ 397.413431] ? __release_sock+0x360/0x360 +[ 397.417552] ? udp_v6_get_port+0x355/0x600 +[ 397.421876] inet_sendmsg+0x11f/0x5e0 +[ 397.425649] ? inet_sendmsg+0x11f/0x5e0 +[ 397.429593] ? copy_msghdr_from_user+0x3a6/0x590 +[ 397.434320] ? inet_recvmsg+0x5f0/0x5f0 +[ 397.438354] ? selinux_socket_sendmsg+0x36/0x40 +[ 397.442995] ? security_socket_sendmsg+0x89/0xb0 +[ 397.447727] ? inet_recvmsg+0x5f0/0x5f0 +[ 397.451683] sock_sendmsg+0xca/0x110 +[ 397.455376] ___sys_sendmsg+0x767/0x8b0 +[ 397.459325] ? copy_msghdr_from_user+0x590/0x590 +[ 397.464064] ? lock_downgrade+0x980/0x980 +[ 397.468199] ? __fget_light+0x297/0x380 +[ 397.472148] ? fget_raw+0x20/0x20 +[ 397.475576] ? schedule+0xf5/0x430 +[ 397.479117] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 397.484456] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 397.490148] ? __fdget+0x18/0x20 +[ 397.493499] __sys_sendmsg+0xe5/0x210 +[ 397.497269] ? __sys_sendmsg+0xe5/0x210 +[ 397.501217] ? SyS_shutdown+0x290/0x290 +[ 397.505197] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 397.510189] SyS_sendmsg+0x2d/0x50 +[ 397.513704] entry_SYSCALL_64_fastpath+0x23/0x9a +[ 397.518429] RIP: 0033:0x452ac9 +[ 397.521586] RSP: 002b:00007f6372138c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002e +[ 397.529262] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452ac9 +[ 397.536500] RDX: 0000000000000000 RSI: 00000000201f1000 RDI: 0000000000000013 +[ 397.543739] RBP: 00000000000004a8 R08: 0000000000000000 R09: 0000000000000000 +[ 397.550977] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f5060 +[ 397.558219] R13: 00000000ffffffff R14: 00007f63721396d4 R15: 0000000000000000 +[ 397.565479] +[ 397.567080] The buggy address belongs to the page: +[ 397.571984] page:00000000f9ea28ea count:0 mapcount:0 mapping: (null) index:0x0 +[ 397.580103] flags: 0x2fffc0000000000() +[ 397.583964] raw: 02fffc0000000000 0000000000000000 0000000000000000 00000000ffffffff +[ 397.591816] raw: 0000000000000000 dead000000000200 0000000000000000 0000000000000000 +[ 397.599662] page dumped because: kasan: bad access detected +[ 397.605344] +[ 397.606950] Memory state around the buggy address: +[ 397.611854] ffff8801c1917480: f1 f1 f1 04 f2 f2 f2 f2 f2 f2 f2 00 f2 f2 f2 f2 +[ 397.619191] ffff8801c1917500: f2 f2 f2 f8 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 f2 +[ 397.626530] >ffff8801c1917580: f2 f2 f2 00 00 00 00 00 00 00 f2 f2 f2 f2 f2 00 +[ 397.633861] ^ +[ 397.639801] ffff8801c1917600: 00 00 00 00 00 00 00 00 f2 f2 f2 00 00 00 00 00 +[ 397.647132] ffff8801c1917680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +[ 397.654459] ================================================================== diff --git a/pkg/report/testdata/linux/report/173 b/pkg/report/testdata/linux/report/173 new file mode 100644 index 000000000..41b163fb7 --- /dev/null +++ b/pkg/report/testdata/linux/report/173 @@ -0,0 +1,114 @@ +TITLE: WARNING: ODEBUG bug in unreserve_psock + +[ 162.195589] ------------[ cut here ]------------ +[ 162.201255] ODEBUG: free active (active state 0) object type: work_struct hint: strp_work+0x0/0xf0 +[ 162.210402] WARNING: CPU: 1 PID: 3502 at lib/debugobjects.c:291 debug_print_object+0x166/0x220 +[ 162.219115] Kernel panic - not syncing: panic_on_warn set ... +[ 162.219115] +[ 162.226440] CPU: 1 PID: 3502 Comm: kworker/u4:4 Not tainted 4.15.0-rc5+ #170 +[ 162.233589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 162.242911] Workqueue: kkcmd kcm_tx_work +[ 162.246935] Call Trace: +[ 162.249490] dump_stack+0x194/0x257 +[ 162.253088] ? arch_local_irq_restore+0x53/0x53 +[ 162.257727] ? vsnprintf+0x1ed/0x1900 +[ 162.261501] panic+0x1e4/0x41c +[ 162.264659] ? refcount_error_report+0x214/0x214 +[ 162.269378] ? show_regs_print_info+0x18/0x18 +[ 162.273845] ? __warn+0x1c1/0x200 +[ 162.277266] ? debug_print_object+0x166/0x220 +[ 162.281725] __warn+0x1dc/0x200 +[ 162.284985] ? console_unlock+0x983/0xd80 +[ 162.289099] ? debug_print_object+0x166/0x220 +[ 162.293563] report_bug+0x211/0x2d0 +[ 162.297164] fixup_bug.part.11+0x37/0x80 +[ 162.301191] do_error_trap+0x2d7/0x3e0 +[ 162.305045] ? __down_trylock_console_sem+0x10d/0x1e0 +[ 162.310205] ? math_error+0x400/0x400 +[ 162.313972] ? vprintk_emit+0x3ea/0x590 +[ 162.317918] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.322903] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 162.327715] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.332697] do_invalid_op+0x1b/0x20 +[ 162.336379] invalid_op+0x22/0x40 +[ 162.339799] RIP: 0010:debug_print_object+0x166/0x220 +[ 162.344867] RSP: 0018:ffff8801c0ee7068 EFLAGS: 00010086 +[ 162.350197] RAX: dffffc0000000008 RBX: 0000000000000003 RCX: ffffffff8159bc3e +[ 162.357433] RDX: 0000000000000000 RSI: 1ffff100381dcdc8 RDI: ffff8801db317dd0 +[ 162.364669] RBP: ffff8801c0ee70a8 R08: 0000000000000000 R09: 1ffff100381dcd9a +[ 162.371905] R10: ffffed00381dce3c R11: ffffffff86137ad8 R12: 0000000000000001 +[ 162.379139] R13: ffffffff86113480 R14: ffffffff8560dc40 R15: ffffffff8146e5f0 +[ 162.386377] ? __usermodehelper_disable+0x2f0/0x2f0 +[ 162.391363] ? vprintk_func+0x5e/0xc0 +[ 162.395132] ? debug_print_object+0x166/0x220 +[ 162.399596] debug_check_no_obj_freed+0x662/0xf1f +[ 162.404412] ? free_obj_work+0x690/0x690 +[ 162.408440] ? lock_acquire+0x1d5/0x580 +[ 162.412380] ? lock_acquire+0x1d5/0x580 +[ 162.416319] ? unreserve_psock+0x9e/0x780 +[ 162.420436] ? lock_release+0xa40/0xa40 +[ 162.424378] ? find_held_lock+0x35/0x1d0 +[ 162.428405] ? refcount_sub_and_test+0x115/0x1b0 +[ 162.433130] ? debug_check_no_locks_freed+0x264/0x3c0 +[ 162.438289] kmem_cache_free+0x253/0x2a0 +[ 162.442319] unreserve_psock+0x5a1/0x780 +[ 162.446347] ? kcm_setsockopt+0x6a0/0x6a0 +[ 162.450469] kcm_write_msgs+0xbae/0x1b80 +[ 162.454501] ? print_irqtrace_events+0x270/0x270 +[ 162.459222] ? find_held_lock+0x35/0x1d0 +[ 162.463254] ? lock_acquire+0x1d5/0x580 +[ 162.467192] ? lock_acquire+0x1d5/0x580 +[ 162.471134] ? kcm_release+0x860/0x860 +[ 162.474993] ? mark_held_locks+0xaf/0x100 +[ 162.479105] ? do_raw_spin_trylock+0x190/0x190 +[ 162.483657] ? __local_bh_enable_ip+0x121/0x230 +[ 162.488292] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.493274] ? lock_sock_nested+0x91/0x110 +[ 162.497475] ? trace_hardirqs_on+0xd/0x10 +[ 162.501589] ? __local_bh_enable_ip+0x121/0x230 +[ 162.506229] kcm_tx_work+0x2e/0x190 +[ 162.509825] process_one_work+0xbbf/0x1b10 +[ 162.514026] ? trace_hardirqs_on+0xd/0x10 +[ 162.518149] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 162.522790] ? __schedule+0x8f3/0x2060 +[ 162.526644] ? _raw_spin_unlock_irqrestore+0xa6/0xba +[ 162.531721] ? check_noncircular+0x20/0x20 +[ 162.535940] ? __wake_up_common_lock+0x1c2/0x310 +[ 162.540663] ? lock_downgrade+0x980/0x980 +[ 162.544781] ? do_wait_intr_irq+0x3e0/0x3e0 +[ 162.549077] ? lock_acquire+0x1d5/0x580 +[ 162.553018] ? lock_acquire+0x1d5/0x580 +[ 162.556957] ? worker_thread+0x4a3/0x1990 +[ 162.561071] ? lock_downgrade+0x980/0x980 +[ 162.565194] ? lock_release+0xa40/0xa40 +[ 162.569136] ? retint_kernel+0x10/0x10 +[ 162.572990] ? do_raw_spin_trylock+0x190/0x190 +[ 162.577547] worker_thread+0x223/0x1990 +[ 162.581504] ? process_one_work+0x1b10/0x1b10 +[ 162.585974] ? _raw_spin_unlock_irq+0x27/0x70 +[ 162.590440] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.595422] ? trace_hardirqs_on+0xd/0x10 +[ 162.599535] ? _raw_spin_unlock_irq+0x27/0x70 +[ 162.603997] ? finish_task_switch+0x1d3/0x740 +[ 162.608456] ? finish_task_switch+0x1aa/0x740 +[ 162.612933] ? copy_overflow+0x20/0x20 +[ 162.616823] ? __schedule+0x8f3/0x2060 +[ 162.620689] ? retint_kernel+0x10/0x10 +[ 162.624547] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.629534] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 162.634271] ? retint_kernel+0x10/0x10 +[ 162.638140] ? __schedule+0x2060/0x2060 +[ 162.642078] ? do_wait_intr_irq+0x3e0/0x3e0 +[ 162.646368] ? __lockdep_init_map+0xe4/0x650 +[ 162.650747] ? do_raw_spin_trylock+0x190/0x190 +[ 162.655295] ? lockdep_init_map+0x9/0x10 +[ 162.659325] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 162.664396] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 162.669380] ? trace_hardirqs_on+0xd/0x10 +[ 162.673493] ? __kthread_parkme+0x175/0x240 +[ 162.677783] kthread+0x33c/0x400 +[ 162.681117] ? process_one_work+0x1b10/0x1b10 +[ 162.685575] ? kthread_stop+0x7a0/0x7a0 +[ 162.689518] ret_from_fork+0x24/0x30 +[ 162.693208] +[ 162.693211] ====================================================== diff --git a/pkg/report/testdata/linux/report/174 b/pkg/report/testdata/linux/report/174 new file mode 100644 index 000000000..8f72231c2 --- /dev/null +++ b/pkg/report/testdata/linux/report/174 @@ -0,0 +1,72 @@ +TITLE: BUG: unable to handle kernel NULL pointer dereference in rtnl_dump_ifinfo + +[ 218.951194] BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 +[ 218.959174] IP: strlen+0x0/0x30 +[ 218.962422] PGD 1fa2a3067 P4D 1fa2a3067 PUD 2156db067 PMD 0 +[ 218.968196] Oops: 0000 [#1] SMP +[ 218.971442] Dumping ftrace buffer: +[ 218.974947] (ftrace buffer empty) +[ 218.978622] Modules linked in: +[ 218.981784] CPU: 0 PID: 25068 Comm: syz-executor5 Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 218.990234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 218.999558] RIP: 0010:strlen+0x0/0x30 +[ 219.003321] RSP: 0018:ffffc90000f63728 EFLAGS: 00010202 +[ 219.008648] RAX: 0000000000010000 RBX: ffff880215647500 RCX: ffffffff820f1e86 +[ 219.015882] RDX: 0000000000003b6e RSI: ffffc90004536000 RDI: 0000000000000010 +[ 219.023120] RBP: ffffc90000f637a8 R08: 0000000000000000 R09: ffff88020d91707d +[ 219.030354] R10: ffffc90000f636b8 R11: 0000000000000002 R12: ffff8801fba87000 +[ 219.037590] R13: 0000000000000010 R14: 0000000000000000 R15: ffff88020d917000 +[ 219.044829] FS: 00007f7abdffd700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 +[ 219.053022] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 219.058867] CR2: 0000000000000010 CR3: 000000020f0fe005 CR4: 00000000001606f0 +[ 219.066108] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 219.073343] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600 +[ 219.080574] Call Trace: +[ 219.083128] ? rtnl_fill_ifinfo+0x476/0x15b0 +[ 219.087506] rtnl_dump_ifinfo+0x37c/0x570 +[ 219.091638] netlink_dump+0x14e/0x360 +[ 219.095405] __netlink_dump_start+0x1bb/0x210 +[ 219.099863] rtnetlink_rcv_msg+0x44f/0x5d0 +[ 219.104061] ? rtnl_getlink+0x2d0/0x2d0 +[ 219.107998] ? rtnl_getlink+0x2d0/0x2d0 +[ 219.111940] ? validate_linkmsg+0x470/0x470 +[ 219.116227] netlink_rcv_skb+0x92/0x160 +[ 219.120167] rtnetlink_rcv+0x1c/0x20 +[ 219.123843] netlink_unicast+0x1d4/0x290 +[ 219.127877] netlink_sendmsg+0x345/0x470 +[ 219.131915] sock_sendmsg+0x51/0x70 +[ 219.135507] sock_write_iter+0xa4/0x100 +[ 219.139451] do_iter_readv_writev+0x17d/0x1f0 +[ 219.143915] do_iter_write+0xbc/0x210 +[ 219.147681] vfs_writev+0xa1/0x120 +[ 219.151188] ? __fget+0x160/0x290 +[ 219.154606] ? finish_task_switch+0x60/0x210 +[ 219.158980] do_writev+0x5e/0x100 +[ 219.162395] ? do_writev+0x5e/0x100 +[ 219.165987] SyS_writev+0x27/0x30 +[ 219.169408] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 219.174125] RIP: 0033:0x452a09 +[ 219.177281] RSP: 002b:00007f7abdffcc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000014 +[ 219.184953] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452a09 +[ 219.192187] RDX: 0000000000000001 RSI: 00000000206f6000 RDI: 0000000000000013 +[ 219.199422] RBP: 000000000000056f R08: 0000000000000000 R09: 0000000000000000 +[ 219.206655] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f5308 +[ 219.213892] R13: 00000000ffffffff R14: 00007f7abdffd6d4 R15: 0000000000000000 +[ 219.221131] Code: 89 f8 48 89 fa 48 89 e5 74 09 48 83 c2 01 80 3a 00 75 f7 48 83 c6 01 0f b6 4e ff 48 83 c2 01 84 c9 88 4a ff 75 ed 5d c3 0f 1f 00 <80> 3f 00 55 48 89 e5 74 14 48 89 f8 48 83 c7 01 80 3f 00 75 f7 +2017/12/19 12:31:44 executing program 7: +mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) +r0 = socket(0x40000000015, 0x5, 0x3) +getgid() +bind$inet(r0, &(0x7f0000004000-0x10)={0x2, 0x0, @loopback=0x7f000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +sendto$inet(r0, &(0x7f00003da000)="b4ceb8df5437ccd2e12038967c3763260b229b5c4833a5589d3330709b2d4540b8b87b1a9c25b16400aec83e5ba56a18d5913094de50983d474f6ee0c59f13762e0efb16f74a2b83be6c8a31702f77adadc08eeaeaac8cfd0fee2d313170f7a64bfae673a0defab0634dd714303efa00eddb01b7748f6f5b", 0x78, 0x800, &(0x7f0000003000-0x10)={0x2, 0x0, @multicast1=0xe0000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +bind$inet(r0, &(0x7f0000000000)={0x2, 0x0, @multicast1=0xe0000001, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x10) +r1 = syz_open_dev$vcsa(&(0x7f0000009000-0xb)='/dev/vcsa#\x00', 0x4, 0x200000) +ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f000042f000-0x50)={0x4, 0x6, 0x4, 0x0, 0xd, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) +[ 219.240181] RIP: strlen+0x0/0x30 RSP: ffffc90000f63728 +[ 219.245420] CR2: 0000000000000010 +[ 219.248925] ---[ end trace 72499b0f3e5056d0 ]--- +[ 219.253970] Kernel panic - not syncing: Fatal exception +[ 219.259755] Dumping ftrace buffer: +[ 219.263263] (ftrace buffer empty) +[ 219.266936] Kernel Offset: disabled +[ 219.270524] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/175 b/pkg/report/testdata/linux/report/175 new file mode 100644 index 000000000..e814e5a71 --- /dev/null +++ b/pkg/report/testdata/linux/report/175 @@ -0,0 +1,41 @@ +TITLE: BUG: unable to handle kernel paging request in ipcget + +[ 83.458005] BUG: unable to handle kernel paging request at ffffffffffffffd8 +[ 83.465166] IP: memcmp+0x9/0x40 +[ 83.468420] PGD 3021067 P4D 3021067 PUD 3023067 PMD 0 +[ 83.473680] Oops: 0000 [#1] SMP +[ 83.476929] Dumping ftrace buffer: +[ 83.480436] (ftrace buffer empty) +[ 83.484118] Modules linked in: +[ 83.487284] CPU: 0 PID: 18580 Comm: syz-executor3 Not tainted 4.15.0-rc3-next-20171214+ #67 +[ 83.495741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 83.505077] RIP: 0010:memcmp+0x9/0x40 +[ 83.508843] RSP: 0018:ffffc90000f13ea0 EFLAGS: 00010202 +[ 83.514176] RAX: 0000000000000000 RBX: ffffffffffffffd8 RCX: 0000000000000004 +[ 83.521419] RDX: 0000000000000004 RSI: ffffc90000f13eec RDI: ffffffffffffffd8 +[ 83.528667] RBP: ffffc90000f13ea0 R08: 0000000000000001 R09: 0000000000000002 +[ 83.535914] R10: ffffc90000f13e38 R11: 0000000000000002 R12: ffff8801fd3109f0 +[ 83.543161] R13: ffffc90000f13f28 R14: ffff8801fd2dec00 R15: 0000000000000068 +[ 83.550402] FS: 00007fd1a2fd1700(0000) GS:ffff88021fc00000(0000) knlGS:0000000000000000 +[ 83.558595] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 83.564444] CR2: ffffffffffffffd8 CR3: 00000001ffb69003 CR4: 00000000001626f0 +[ 83.571686] Call Trace: +[ 83.574244] ipcget+0x1a2/0x620 +[ 83.577503] SyS_msgget+0x48/0x60 +[ 83.580930] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 83.585652] RIP: 0033:0x452a09 +[ 83.588814] RSP: 002b:00007fd1a2fd0c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000044 +[ 83.596491] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452a09 +[ 83.603730] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000798e7462 +[ 83.610968] RBP: 00000000000003f2 R08: 0000000000000000 R09: 0000000000000000 +[ 83.618206] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f2f50 +[ 83.625533] R13: 00000000ffffffff R14: 00007fd1a2fd16d4 R15: 0000000000000000 +[ 83.632793] Code: 74 1a 48 01 fa 48 89 f8 eb 07 0f b6 08 39 f1 74 09 48 83 c0 01 48 39 d0 75 f0 5d c3 48 89 f8 5d c3 90 55 48 85 d2 48 89 e5 74 2e <0f> b6 07 0f b6 0e 29 c8 75 1e 48 01 fa eb 0c 0f b6 0f 44 0f b6 +[ 83.651930] RIP: memcmp+0x9/0x40 RSP: ffffc90000f13ea0 +[ 83.657187] CR2: ffffffffffffffd8 +[ 83.660621] ---[ end trace a28e6436c6f945bb ]--- +[ 83.665352] Kernel panic - not syncing: Fatal exception +[ 83.671219] Dumping ftrace buffer: +[ 83.674735] (ftrace buffer empty) +[ 83.678412] Kernel Offset: disabled +[ 83.682010] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/176 b/pkg/report/testdata/linux/report/176 new file mode 100644 index 000000000..c809b0c1e --- /dev/null +++ b/pkg/report/testdata/linux/report/176 @@ -0,0 +1,83 @@ +TITLE: INFO: task hung in do_exit + +[ 246.752196] INFO: task syz-executor0:10244 blocked for more than 120 seconds. +[ 246.759582] Not tainted 4.15.0-rc8+ #269 +[ 246.764192] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 246.772168] syz-executor0 D23984 10244 4352 0x80000004 +[ 246.777823] Call Trace: +[ 246.780435] __schedule+0x8eb/0x2060 +[ 246.784180] ? __sched_text_start+0x8/0x8 +[ 246.788352] ? check_noncircular+0x20/0x20 +[ 246.792606] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 246.797849] ? print_irqtrace_events+0x270/0x270 +[ 246.802631] schedule+0xf5/0x430 +[ 246.806033] ? lock_downgrade+0x980/0x980 +[ 246.810191] ? __schedule+0x2060/0x2060 +[ 246.814184] ? lock_release+0xa40/0xa40 +[ 246.818204] ? mark_held_locks+0xaf/0x100 +[ 246.822368] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.826872] ? rwsem_down_read_failed+0x3fc/0x6e0 +[ 246.831729] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 246.836776] ? rwsem_down_read_failed+0x3fc/0x6e0 +[ 246.841630] rwsem_down_read_failed+0x401/0x6e0 +[ 246.846320] ? rt_mutex_futex_unlock+0x110/0x110 +[ 246.851121] ? lock_acquire+0x1d5/0x580 +[ 246.855100] ? lock_acquire+0x1d5/0x580 +[ 246.859109] ? __might_sleep+0x95/0x190 +[ 246.863104] call_rwsem_down_read_failed+0x18/0x30 +[ 246.868040] ? call_rwsem_down_read_failed+0x18/0x30 +[ 246.873269] down_read+0xa4/0x150 +[ 246.876727] ? do_exit+0x4b0/0x1ad0 +[ 246.880365] ? __down_interruptible+0x6b0/0x6b0 +[ 246.885080] ? trace_hardirqs_on+0xd/0x10 +[ 246.889260] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.893783] ? sync_mm_rss+0x113/0x180 +[ 246.897704] do_exit+0x4b0/0x1ad0 +[ 246.901194] ? try_to_wake_up+0xf9/0x1600 +[ 246.905370] ? mm_update_next_owner+0x930/0x930 +[ 246.910069] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 246.915297] ? print_irqtrace_events+0x270/0x270 +[ 246.920091] ? __rwsem_down_write_failed_common+0x100d/0x1530 +[ 246.926048] ? perf_trace_lock_acquire+0xe3/0x980 +[ 246.930926] ? perf_trace_lock+0x900/0x900 +[ 246.935185] ? check_noncircular+0x20/0x20 +[ 246.939451] ? __rwsem_down_write_failed_common+0x1015/0x1530 +[ 246.945382] ? rwsem_spin_on_owner+0x7e0/0x7e0 +[ 246.950044] ? find_held_lock+0x35/0x1d0 +[ 246.954141] ? get_signal+0x7ae/0x16c0 +[ 246.958055] ? lock_downgrade+0x980/0x980 +[ 246.962244] do_group_exit+0x149/0x400 +[ 246.966158] ? do_raw_spin_trylock+0x190/0x190 +[ 246.970774] ? SyS_exit+0x30/0x30 +[ 246.974255] ? _raw_spin_unlock_irq+0x27/0x70 +[ 246.978775] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 246.983826] get_signal+0x73f/0x16c0 +[ 246.987614] ? ptrace_notify+0x130/0x130 +[ 246.991714] ? exit_robust_list+0x240/0x240 +[ 246.996051] ? find_held_lock+0x35/0x1d0 +[ 247.000163] ? find_held_lock+0x35/0x1d0 +[ 247.004277] do_signal+0x90/0x1eb0 +[ 247.007844] ? vm_mmap_pgoff+0x198/0x280 +[ 247.011929] ? lock_downgrade+0x980/0x980 +[ 247.016107] ? lock_release+0xa40/0xa40 +[ 247.020106] ? setup_sigcontext+0x7d0/0x7d0 +[ 247.024476] ? rwsem_down_write_failed_killable+0xe/0x10 +[ 247.029957] ? call_rwsem_down_write_failed_killable+0x17/0x30 +[ 247.035972] ? down_read_killable+0x180/0x180 +[ 247.040614] ? security_mmap_file+0x143/0x180 +[ 247.045157] ? exit_to_usermode_loop+0x8c/0x310 +[ 247.049860] exit_to_usermode_loop+0x214/0x310 +[ 247.054577] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 247.060172] syscall_return_slowpath+0x490/0x550 +[ 247.064958] ? prepare_exit_to_usermode+0x340/0x340 +[ 247.069996] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 247.074960] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 247.080010] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 247.084836] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 247.089613] RIP: 0033:0x452f3a +[ 247.092814] RSP: 002b:0000000000a2f728 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 +[ 247.100553] RAX: fffffffffffffffc RBX: 0000000000000003 RCX: 0000000000452f3a +[ 247.107852] RDX: 0000000000000003 RSI: 0000000000021000 RDI: 0000000000000000 +[ 247.115144] RBP: ffffffffffffffff R08: ffffffffffffffff R09: 0000000000000000 +[ 247.122428] R10: 0000000000020022 R11: 0000000000000246 R12: 0000000000000000 +[ 247.129725] R13: 0000000000021000 R14: 0000000000020022 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/177 b/pkg/report/testdata/linux/report/177 new file mode 100644 index 000000000..a04907eaa --- /dev/null +++ b/pkg/report/testdata/linux/report/177 @@ -0,0 +1,203 @@ +TITLE: KASAN: use-after-free Read in selinux_inode_free_security + +[ 70.363639] ================================================================== +[ 70.371158] BUG: KASAN: use-after-free in do_raw_spin_lock+0x1aa/0x1e0 +[ 70.377908] Read of size 4 at addr ffff8801c5b1ddec by task syz-executor6/3887 +[ 70.385251] +[ 70.386868] CPU: 1 PID: 3887 Comm: syz-executor6 Not tainted 4.14.0-rc5+ #136 +[ 70.394123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 70.403464] Call Trace: +[ 70.406045] dump_stack+0x194/0x257 +[ 70.409671] ? arch_local_irq_restore+0x53/0x53 +[ 70.414330] ? show_regs_print_info+0x65/0x65 +[ 70.418820] ? perf_trace_lock_acquire+0xfe/0x900 +[ 70.423656] ? do_raw_spin_lock+0x1aa/0x1e0 +[ 70.427972] print_address_description+0x73/0x250 +[ 70.432808] ? do_raw_spin_lock+0x1aa/0x1e0 +[ 70.437123] kasan_report+0x25b/0x340 +[ 70.440924] __asan_report_load4_noabort+0x14/0x20 +[ 70.445846] do_raw_spin_lock+0x1aa/0x1e0 +[ 70.449994] _raw_spin_lock+0x32/0x40 +[ 70.453784] ? selinux_inode_free_security+0x12a/0x410 +[ 70.459044] selinux_inode_free_security+0x12a/0x410 +[ 70.464125] ? check_noncircular+0x20/0x20 +[ 70.468334] ? selinux_socket_create+0x740/0x740 +[ 70.473073] ? inode_has_buffers+0x60/0xd0 +[ 70.477280] ? nobh_write_end+0x5d0/0x5d0 +[ 70.481408] security_inode_free+0x50/0x90 +[ 70.485617] __destroy_inode+0x287/0x650 +[ 70.489651] ? inode_sb_list_add+0x320/0x320 +[ 70.494036] ? evict+0x576/0x920 +[ 70.497379] ? lock_downgrade+0x990/0x990 +[ 70.501507] ? do_raw_spin_trylock+0x190/0x190 +[ 70.506064] destroy_inode+0xe7/0x200 +[ 70.509839] ? __destroy_inode+0x650/0x650 +[ 70.514061] evict+0x57e/0x920 +[ 70.517234] ? destroy_inode+0x200/0x200 +[ 70.521274] ? iput+0x7b1/0xaf0 +[ 70.524526] ? lock_downgrade+0x990/0x990 +[ 70.528655] ? do_raw_spin_trylock+0x190/0x190 +[ 70.533211] ? _atomic_dec_and_lock+0x125/0x196 +[ 70.537851] ? _atomic_dec_and_lock+0xe8/0x196 +[ 70.542407] ? cpumask_local_spread+0x250/0x250 +[ 70.547050] ? lock_acquire+0x1d5/0x580 +[ 70.550993] ? _atomic_dec_and_lock+0x125/0x196 +[ 70.555644] iput+0x7b9/0xaf0 +[ 70.558724] ? find_inode_nowait+0x180/0x180 +[ 70.563107] ? evict_inodes+0x580/0x580 +[ 70.567052] ? fsnotify_put_mark+0x4c1/0x730 +[ 70.571434] ? lock_downgrade+0x990/0x990 +[ 70.575559] ? do_raw_spin_trylock+0x190/0x190 +[ 70.580112] ? __fsnotify_recalc_mask+0x340/0x340 +[ 70.584928] ? _atomic_dec_and_lock+0xe8/0x196 +[ 70.589479] ? put_ucounts+0x1ee/0x2d0 +[ 70.593340] ? cpumask_local_spread+0x250/0x250 +[ 70.597984] ? inotify_handle_event+0x22d/0x470 +[ 70.602635] fsnotify_put_mark+0x4d0/0x730 +[ 70.606846] ? fsnotify_recalc_mask+0x30/0x30 +[ 70.611314] ? inotify_handle_event+0x1df/0x470 +[ 70.615967] ? inotify_ignored_and_remove_idr+0x70/0x80 +[ 70.621305] ? inotify_freeing_mark+0x1d/0x30 +[ 70.625772] ? inotify_free_event+0x20/0x20 +[ 70.630071] fsnotify_clear_marks_by_group+0x19a/0x5f0 +[ 70.635330] ? fsnotify_find_mark+0x160/0x160 +[ 70.639794] ? fsnotify_destroy_group+0xd1/0x3f0 +[ 70.644524] ? lock_downgrade+0x990/0x990 +[ 70.648653] ? do_raw_spin_trylock+0x190/0x190 +[ 70.653238] fsnotify_destroy_group+0xde/0x3f0 +[ 70.657801] ? fsnotify_put_group+0xa0/0xa0 +[ 70.662091] ? locks_remove_file+0x3fa/0x5a0 +[ 70.666474] ? fcntl_setlk+0x10c0/0x10c0 +[ 70.670512] ? __fsnotify_parent+0xb4/0x3a0 +[ 70.674812] ? fsnotify+0x1af0/0x1af0 +[ 70.678583] ? dput.part.24+0x2a/0x740 +[ 70.682452] ? idr_callback+0xc0/0xc0 +[ 70.686223] inotify_release+0x37/0x50 +[ 70.690083] __fput+0x327/0x7e0 +[ 70.693343] ? fput+0x140/0x140 +[ 70.696599] ? check_same_owner+0x320/0x320 +[ 70.700891] ? _raw_spin_unlock_irq+0x27/0x70 +[ 70.705366] ____fput+0x15/0x20 +[ 70.708617] task_work_run+0x199/0x270 +[ 70.712480] ? task_work_cancel+0x210/0x210 +[ 70.716772] ? _raw_spin_unlock+0x22/0x30 +[ 70.720892] ? switch_task_namespaces+0x87/0xc0 +[ 70.725540] do_exit+0x9b5/0x1ad0 +[ 70.728961] ? perf_trace_lock_acquire+0xfe/0x900 +[ 70.733785] ? mm_update_next_owner+0x930/0x930 +[ 70.738432] ? perf_trace_lock+0x860/0x860 +[ 70.742640] ? check_same_owner+0x320/0x320 +[ 70.746935] ? lock_acquire+0x1d5/0x580 +[ 70.750882] ? futex_wait_setup+0x14a/0x3d0 +[ 70.755180] ? __might_sleep+0x95/0x190 +[ 70.759136] ? find_held_lock+0x35/0x1d0 +[ 70.763182] ? futex_wait+0x402/0x990 +[ 70.766958] ? perf_trace_lock+0xf1/0x860 +[ 70.771088] ? check_noncircular+0x20/0x20 +[ 70.775296] ? perf_trace_lock+0x860/0x860 +[ 70.779508] ? perf_event_sync_stat+0x5c0/0x5c0 +[ 70.784157] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 70.789232] ? futex_wait+0x69e/0x990 +[ 70.793022] ? find_held_lock+0x35/0x1d0 +[ 70.797070] ? get_signal+0x7ae/0x16d0 +[ 70.800929] ? lock_downgrade+0x990/0x990 +[ 70.805065] do_group_exit+0x149/0x400 +[ 70.808924] ? __lock_is_held+0xb6/0x140 +[ 70.812954] ? SyS_exit+0x30/0x30 +[ 70.816380] ? _raw_spin_unlock_irq+0x27/0x70 +[ 70.820850] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 70.825844] get_signal+0x73f/0x16d0 +[ 70.829547] ? ptrace_notify+0x130/0x130 +[ 70.833591] ? __schedule+0x8f3/0x2060 +[ 70.837460] ? exit_robust_list+0x240/0x240 +[ 70.841750] ? __sched_text_start+0x8/0x8 +[ 70.845872] ? perf_trace_lock+0xf1/0x860 +[ 70.849990] ? finish_task_switch+0x1aa/0x740 +[ 70.854470] do_signal+0x94/0x1ee0 +[ 70.857989] ? find_held_lock+0x35/0x1d0 +[ 70.862038] ? setup_sigcontext+0x7d0/0x7d0 +[ 70.866331] ? mntput_no_expire+0x130/0xa90 +[ 70.870624] ? lock_downgrade+0x990/0x990 +[ 70.874751] ? schedule+0xf5/0x430 +[ 70.878269] ? __schedule+0x2060/0x2060 +[ 70.882227] ? lock_downgrade+0x990/0x990 +[ 70.886355] ? mntput_no_expire+0x15e/0xa90 +[ 70.890645] ? check_same_owner+0x320/0x320 +[ 70.894936] ? exit_to_usermode_loop+0x8c/0x310 +[ 70.899587] exit_to_usermode_loop+0x214/0x310 +[ 70.904145] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 70.909654] ? dput.part.24+0x2a/0x740 +[ 70.913517] ? dput.part.24+0x175/0x740 +[ 70.917479] syscall_return_slowpath+0x42f/0x510 +[ 70.922209] ? prepare_exit_to_usermode+0x2d0/0x2d0 +[ 70.927199] ? entry_SYSCALL_64_fastpath+0x91/0xbe +[ 70.932102] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 70.937091] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 70.941831] entry_SYSCALL_64_fastpath+0xbc/0xbe +[ 70.946556] RIP: 0033:0x452779 +[ 70.949715] RSP: 002b:00007f6815b25ce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 70.957392] RAX: fffffffffffffe00 RBX: 00000000007581a0 RCX: 0000000000452779 +[ 70.964633] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000007581a0 +[ 70.971875] RBP: 00000000007581a0 R08: 000000000000018e R09: 0000000000758180 +[ 70.979117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 +[ 70.986359] R13: 0000000000a6f7ff R14: 00007f6815b269c0 R15: 000000000000001e +[ 70.993627] +[ 70.995226] Allocated by task 3873: +[ 70.998823] save_stack_trace+0x16/0x20 +[ 71.002765] save_stack+0x43/0xd0 +[ 71.006189] kasan_kmalloc+0xad/0xe0 +[ 71.009872] kmem_cache_alloc_trace+0x136/0x750 +[ 71.014513] selinux_sb_alloc_security+0x93/0x2e0 +[ 71.019325] security_sb_alloc+0x6d/0xa0 +[ 71.023354] sget_userns+0x36a/0xe20 +[ 71.027036] sget+0xd2/0x120 +[ 71.030028] mount_nodev+0x37/0x100 +[ 71.033623] ramfs_mount+0x2c/0x40 +[ 71.037131] mount_fs+0x66/0x2d0 +[ 71.040467] vfs_kern_mount.part.26+0xc6/0x4a0 +[ 71.045019] do_mount+0xea1/0x2bb0 +[ 71.048528] SyS_mount+0xab/0x120 +[ 71.051949] entry_SYSCALL_64_fastpath+0x1f/0xbe +[ 71.056670] +[ 71.058265] Freed by task 3873: +[ 71.061514] save_stack_trace+0x16/0x20 +[ 71.065456] save_stack+0x43/0xd0 +[ 71.068896] kasan_slab_free+0x71/0xc0 +[ 71.072753] kfree+0xca/0x250 +[ 71.075828] selinux_sb_free_security+0x42/0x50 +[ 71.080466] security_sb_free+0x48/0x80 +[ 71.084408] destroy_super+0x93/0x200 +[ 71.088178] __put_super.part.6+0x1a4/0x2a0 +[ 71.092469] put_super+0x53/0x70 +[ 71.095805] deactivate_locked_super+0xb0/0xd0 +[ 71.100356] deactivate_super+0x141/0x1b0 +[ 71.104473] cleanup_mnt+0xb2/0x150 +[ 71.108070] __cleanup_mnt+0x16/0x20 +[ 71.111754] task_work_run+0x199/0x270 +[ 71.115610] do_exit+0x9b5/0x1ad0 +[ 71.119032] do_group_exit+0x149/0x400 +[ 71.122887] get_signal+0x73f/0x16d0 +[ 71.126570] do_signal+0x94/0x1ee0 +[ 71.130081] exit_to_usermode_loop+0x214/0x310 +[ 71.134632] syscall_return_slowpath+0x42f/0x510 +[ 71.139358] entry_SYSCALL_64_fastpath+0xbc/0xbe +[ 71.144081] +[ 71.145679] The buggy address belongs to the object at ffff8801c5b1dd40 +[ 71.145679] which belongs to the cache kmalloc-256 of size 256 +[ 71.158305] The buggy address is located 172 bytes inside of +[ 71.158305] 256-byte region [ffff8801c5b1dd40, ffff8801c5b1de40) +[ 71.170148] The buggy address belongs to the page: +[ 71.175046] page:ffffea000716c740 count:1 mapcount:0 mapping:ffff8801c5b1d0c0 index:0x0 +[ 71.183161] flags: 0x200000000000100(slab) +[ 71.187369] raw: 0200000000000100 ffff8801c5b1d0c0 0000000000000000 000000010000000c +[ 71.195219] raw: ffffea0007155de0 ffffea0007130ae0 ffff8801dac007c0 0000000000000000 +[ 71.203066] page dumped because: kasan: bad access detected +[ 71.208743] +[ 71.210338] Memory state around the buggy address: +[ 71.215235] ffff8801c5b1dc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.222563] ffff8801c5b1dd00: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb +[ 71.229892] >ffff8801c5b1dd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.237217] ^ +[ 71.243936] ffff8801c5b1de00: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc +[ 71.251265] ffff8801c5b1de80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 71.258590] ================================================================== diff --git a/pkg/report/testdata/linux/report/178 b/pkg/report/testdata/linux/report/178 new file mode 100644 index 000000000..bbe1a4583 --- /dev/null +++ b/pkg/report/testdata/linux/report/178 @@ -0,0 +1,14 @@ +TITLE: INFO: task syz-executor blocked for more than 120 seconds. +CORRUPTED: Y + +[ 861.152227] INFO: task syz-executor3:10976 blocked for more than 120 seconds. +[ 861.159591] Not tainted 4.15.0-rc7+ #192 +[ 861.164179] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 861.172159] syz-executor3 D23920 10976 4681 0x00000004 +[ 861.177810] Call Trace: +[ 861.180416] __schedule+0x8eb/0x2060 +[ 861.184145] ? __sched_text_start+0x8/0x8 +[ 861.188302] ? check_noncircular+0x20/0x20 +[ 861.192550] ? __queue_work+0x5b9/0x1230 +[ 861.196618] ? insert_work+0x5f0/0x5f0 +[ 861.200518] ? save_packet_write_wait: Connection to 216.239.38.127 port 9600: Broken pipe diff --git a/pkg/report/testdata/linux/report/179 b/pkg/report/testdata/linux/report/179 new file mode 100644 index 000000000..4e9d711de --- /dev/null +++ b/pkg/report/testdata/linux/report/179 @@ -0,0 +1,112 @@ +TITLE: INFO: task hung in input_close_device + +[ 369.632214] INFO: task syz-executor4:8442 blocked for more than 120 seconds. +[ 369.639487] Not tainted 4.15.0-rc7-next-20180115+ #97 +[ 369.645214] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. +[ 369.653184] syz-executor4 D21856 8442 4763 0x80000002 +[ 369.658821] Call Trace: +[ 369.661423] __schedule+0x8eb/0x2060 +[ 369.665150] ? __sched_text_start+0x8/0x8 +[ 369.669304] ? lock_downgrade+0x980/0x980 +[ 369.673461] ? lock_release+0xa40/0xa40 +[ 369.677449] ? mark_held_locks+0xaf/0x100 +[ 369.681611] ? check_noncircular+0x20/0x20 +[ 369.685872] ? trace_hardirqs_on+0xd/0x10 +[ 369.690041] ? check_noncircular+0x20/0x20 +[ 369.694288] schedule+0xf5/0x430 +[ 369.697702] ? debug_object_deactivate+0x560/0x560 +[ 369.702648] ? __schedule+0x2060/0x2060 +[ 369.706634] ? print_irqtrace_events+0x270/0x270 +[ 369.711401] ? wait_for_completion+0x40d/0x770 +[ 369.715990] ? lock_downgrade+0x980/0x980 +[ 369.720147] schedule_timeout+0x1a3/0x230 +[ 369.724301] ? usleep_range+0x190/0x190 +[ 369.728284] ? mark_held_locks+0xaf/0x100 +[ 369.732437] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.736937] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 369.741965] wait_for_completion+0x415/0x770 +[ 369.746390] ? wait_for_completion_interruptible+0x7e0/0x7e0 +[ 369.752198] ? __lockdep_init_map+0xe4/0x650 +[ 369.756614] ? lockdep_init_map+0x9/0x10 +[ 369.760718] ? __init_waitqueue_head+0x97/0x140 +[ 369.765422] ? wake_up_q+0xe0/0xe0 +[ 369.768965] ? kasan_slab_free+0xe/0x10 +[ 369.772940] ? kfree+0xd9/0x260 +[ 369.776225] ? mousedev_release+0x68/0xb0 +[ 369.780371] ? __fput+0x327/0x7e0 +[ 369.783824] ? ____fput+0x15/0x20 +[ 369.787288] __wait_rcu_gp+0x221/0x340 +[ 369.791195] synchronize_sched.part.64+0xac/0x100 +[ 369.796044] ? synchronize_sched_expedited+0xf0/0xf0 +[ 369.801153] ? call_rcu_bh+0x20/0x20 +[ 369.804883] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.810780] ? trace_raw_output_rcu_utilization+0xb0/0xb0 +[ 369.816333] ? __might_sleep+0x95/0x190 +[ 369.825883] synchronize_sched+0x76/0xf0 +[ 369.829995] input_close_device+0xf6/0x130 +[ 369.834241] ? mousedev_detach_client+0x260/0x260 +[ 369.839088] mousedev_close_device+0x94/0xb0 +[ 369.843501] mixdev_close_devices+0xe0/0x120 +[ 369.847917] mousedev_release+0x8f/0xb0 +[ 369.851895] __fput+0x327/0x7e0 +[ 369.855186] ? fput+0x140/0x140 +[ 369.858473] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.864361] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.868892] ____fput+0x15/0x20 +[ 369.872175] task_work_run+0x199/0x270 +[ 369.876073] ? task_work_cancel+0x210/0x210 +[ 369.880401] ? _raw_spin_unlock+0x22/0x30 +[ 369.884556] ? switch_task_namespaces+0x87/0xc0 +[ 369.889284] do_exit+0x9bb/0x1ad0 +[ 369.892754] ? mm_update_next_owner+0x930/0x930 +[ 369.897445] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 369.902648] ? lock_release+0xa40/0xa40 +[ 369.906639] ? do_raw_spin_trylock+0x190/0x190 +[ 369.911229] ? perf_trace_lock+0xd6/0x900 +[ 369.915452] ? perf_trace_lock+0xd6/0x900 +[ 369.919607] ? check_noncircular+0x20/0x20 +[ 369.923851] ? trace_event_raw_event_lock+0x340/0x340 +[ 369.929051] ? check_noncircular+0x20/0x20 +[ 369.933312] ? find_held_lock+0x35/0x1d0 +[ 369.937393] ? find_held_lock+0x35/0x1d0 +[ 369.941481] ? get_signal+0x7ae/0x16c0 +[ 369.945374] ? lock_downgrade+0x980/0x980 +[ 369.949537] do_group_exit+0x149/0x400 +[ 369.953448] ? do_raw_spin_trylock+0x190/0x190 +[ 369.958038] ? SyS_exit+0x30/0x30 +[ 369.961494] ? _raw_spin_unlock_irq+0x27/0x70 +[ 369.966030] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 369.971062] get_signal+0x73f/0x16c0 +[ 369.974799] ? ptrace_notify+0x130/0x130 +[ 369.978870] ? __schedule+0x2060/0x2060 +[ 369.982857] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 369.988751] ? dl_cpu_busy+0x370/0x370 +[ 369.992648] ? __might_sleep+0x95/0x190 +[ 369.996640] do_signal+0x90/0x1eb0 +[ 370.000200] ? mousedev_disconnect+0x3c0/0x3c0 +[ 370.004798] ? _raw_spin_unlock_irqrestore+0xa6/0xba +[ 370.009906] ? setup_sigcontext+0x7d0/0x7d0 +[ 370.014232] ? prepare_to_wait+0x4d0/0x4d0 +[ 370.018483] ? mousedev_disconnect+0x3c0/0x3c0 +[ 370.023065] ? __vfs_read+0xf7/0xa00 +[ 370.026796] ? vfs_copy_file_range+0x940/0x940 +[ 370.031391] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 370.035979] ? exit_to_usermode_loop+0x8c/0x2f0 +[ 370.040667] exit_to_usermode_loop+0x258/0x2f0 +[ 370.045257] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 370.050803] ? rw_verify_area+0xe5/0x2b0 +[ 370.054870] ? __fdget_raw+0x20/0x20 +[ 370.058600] syscall_return_slowpath+0x490/0x550 +[ 370.063365] ? prepare_exit_to_usermode+0x340/0x340 +[ 370.068391] ? SyS_read+0x184/0x220 +[ 370.072118] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 370.077057] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 370.082079] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 370.086850] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 370.091610] RIP: 0033:0x452df9 +[ 370.094803] RSP: 002b:00007fc30d193c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 +[ 370.102516] RAX: fffffffffffffe00 RBX: 000000000071bea0 RCX: 0000000000452df9 +[ 370.109791] RDX: 0000000000000000 RSI: 00000000204fa000 RDI: 0000000000000013 +[ 370.117064] RBP: 000000000000043f R08: 0000000000000000 R09: 0000000000000000 +[ 370.124338] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f4688 +[ 370.131625] R13: 00000000ffffffff R14: 00007fc30d1946d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/180 b/pkg/report/testdata/linux/report/180 new file mode 100644 index 000000000..6241fc753 --- /dev/null +++ b/pkg/report/testdata/linux/report/180 @@ -0,0 +1,162 @@ +# TODO: must be corrupted (report in report). +TITLE: BUG: unable to handle kernel paging request in print_address_description + +[ 85.149573] BUG: unable to handle kernel paging request at ffffffff0001eea6 +[ 85.153038] ================================================================== +[ 85.153056] BUG: KASAN: use-after-free in rb_first_postorder+0x7c/0xa0 +[ 85.153063] Read of size 8 at addr ffff8801d92ca840 by task syz-executor3/13991 +[ 85.153065] +[ 85.153074] CPU: 0 PID: 13991 Comm: syz-executor3 Not tainted 4.15.0-rc7-next-20180115+ #97 +[ 85.153080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 85.153082] Call Trace: +[ 85.153098] dump_stack+0x194/0x257 +[ 85.153111] ? arch_local_irq_restore+0x53/0x53 +[ 85.153121] ? show_regs_print_info+0x18/0x18 +[ 85.153134] ? rb_first_postorder+0x7c/0xa0 +[ 85.153144] print_address_description+0x73/0x250 +[ 85.153151] ? rb_first_postorder+0x7c/0xa0 +[ 85.153158] kasan_report+0x23b/0x360 +[ 85.153168] __asan_report_load8_noabort+0x14/0x20 +[ 85.153175] rb_first_postorder+0x7c/0xa0 +[ 85.153185] tipc_group_join+0x120/0x2d0 +[ 85.153195] ? tipc_group_update_member+0x740/0x740 +[ 85.153201] ? tipc_sk_publish+0x388/0x4b0 +[ 85.153215] ? tipc_nametbl_build_group+0x2a0/0x3a0 +[ 85.153227] tipc_setsockopt+0x67e/0xcc0 +[ 85.153238] ? tipc_sk_leave+0x200/0x200 +[ 85.153261] ? security_socket_setsockopt+0x89/0xb0 +[ 85.153273] SyS_setsockopt+0x189/0x360 +[ 85.153285] ? SyS_recv+0x40/0x40 +[ 85.153297] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 85.153311] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 85.153324] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153330] RIP: 0033:0x452cf9 +[ 85.153333] RSP: 002b:00007f88b463ac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 85.153340] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000452cf9 +[ 85.153344] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000015 +[ 85.153348] RBP: 000000000000004d R08: 0000000000000010 R09: 0000000000000000 +[ 85.153352] R10: 0000000020f38000 R11: 0000000000000212 R12: 00000000006ee7d8 +[ 85.153356] R13: 00000000ffffffff R14: 00007f88b463b6d4 R15: 0000000000000000 +[ 85.153370] +[ 85.153373] Allocated by task 13991: +[ 85.153381] save_stack+0x43/0xd0 +[ 85.153387] kasan_kmalloc+0xad/0xe0 +[ 85.153394] kmem_cache_alloc_trace+0x136/0x750 +[ 85.153400] tipc_group_create+0x144/0x900 +[ 85.153405] tipc_setsockopt+0x274/0xcc0 +[ 85.153411] SyS_setsockopt+0x189/0x360 +[ 85.153418] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153419] +[ 85.153421] Freed by task 13991: +[ 85.153427] save_stack+0x43/0xd0 +[ 85.153433] __kasan_slab_free+0x11a/0x170 +[ 85.153439] kasan_slab_free+0xe/0x10 +[ 85.153445] kfree+0xd9/0x260 +[ 85.153451] tipc_group_delete+0x2c8/0x3d0 +[ 85.153457] tipc_setsockopt+0xba3/0xcc0 +[ 85.153462] SyS_setsockopt+0x189/0x360 +[ 85.153469] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.153470] +[ 85.153475] The buggy address belongs to the object at ffff8801d92ca840 +[ 85.153475] which belongs to the cache kmalloc-128 of size 128 +[ 85.153480] The buggy address is located 0 bytes inside of +[ 85.153480] 128-byte region [ffff8801d92ca840, ffff8801d92ca8c0) +[ 85.153482] The buggy address belongs to the page: +[ 85.153488] page:ffffea000764b280 count:1 mapcount:0 mapping:ffff8801d92ca000 index:0x0 +[ 85.153494] flags: 0x2fffc0000000100(slab) +[ 85.153504] raw: 02fffc0000000100 ffff8801d92ca000 0000000000000000 0000000100000015 +[ 85.153512] raw: ffffea0007639820 ffffea0007639460 ffff8801dac00640 0000000000000000 +[ 85.153515] page dumped because: kasan: bad access detected +[ 85.153516] +[ 85.153518] Memory state around the buggy address: +[ 85.153523] ffff8801d92ca700: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc +[ 85.153528] ffff8801d92ca780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 +[ 85.153533] >ffff8801d92ca800: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb +[ 85.153536] ^ +[ 85.153541] ffff8801d92ca880: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc +[ 85.153546] ffff8801d92ca900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb +[ 85.153548] ================================================================== +[ 85.153572] Kernel panic - not syncing: panic_on_warn set ... +[ 85.153572] +[ 85.536900] IP: dst_release+0x1e/0x90 +[ 85.540682] PGD 6825067 P4D 6825067 PUD 0 +[ 85.544904] Oops: 0002 [#1] SMP KASAN +[ 85.548684] Dumping ftrace buffer: +[ 85.552205] (ftrace buffer empty) +[ 85.555894] Modules linked in: +[ 85.559069] CPU: 1 PID: 13996 Comm: syz-executor5 Tainted: G B 4.15.0-rc7-next-20180115+ #97 +[ 85.568839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 85.578183] RIP: 0010:dst_release+0x1e/0x90 +[ 85.582480] RSP: 0018:ffff8801c247f598 EFLAGS: 00010246 +[ 85.587837] RAX: 0000000000010000 RBX: ffff8801c247f720 RCX: 00000000ffffffff +[ 85.595090] RDX: 0000000000010000 RSI: ffffc90001c77000 RDI: ffffffff0001ee66 +[ 85.602344] RBP: ffff8801c247f5a8 R08: 0000000000000000 R09: 0000000000000000 +[ 85.609596] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff0001ee66 +[ 85.616852] R13: ffffffff0001ee66 R14: ffff8801c247f648 R15: ffff8801c247f7c8 +[ 85.624123] FS: 00007fd191c53700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 85.632351] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 85.638218] CR2: ffffffff0001eea6 CR3: 00000001bce8d005 CR4: 00000000001606e0 +[ 85.645474] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 85.652731] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 85.659985] Call Trace: +[ 85.662562] ip6_cork_release.isra.43+0x1bb/0x2c0 +[ 85.667389] ip6_make_skb+0x4f1/0x5a0 +[ 85.671172] ? ip_reply_glue_bits+0xb0/0xb0 +[ 85.675479] ? ip6_push_pending_frames+0xe0/0xe0 +[ 85.680217] ? ip6_dst_hoplimit+0x26c/0x420 +[ 85.684524] ? lock_downgrade+0x980/0x980 +[ 85.688658] ? lock_release+0xa40/0xa40 +[ 85.692614] ? __lock_is_held+0xb6/0x140 +[ 85.696668] ? ip6_dst_hoplimit+0xc1/0x420 +[ 85.700898] ? ip6_find_1stfragopt+0x260/0x260 +[ 85.705473] udpv6_sendmsg+0x27fc/0x3400 +[ 85.709535] ? ip_reply_glue_bits+0xb0/0xb0 +[ 85.713849] ? udpv6_setsockopt+0x80/0x80 +[ 85.717987] ? reacquire_held_locks+0x1f9/0x3e0 +[ 85.722638] ? reacquire_held_locks+0x1f9/0x3e0 +[ 85.727295] ? find_held_lock+0x35/0x1d0 +[ 85.731351] ? release_sock+0x1d4/0x2a0 +[ 85.735308] ? lock_downgrade+0x980/0x980 +[ 85.739438] ? lock_downgrade+0x980/0x980 +[ 85.743573] ? __local_bh_enable_ip+0x121/0x230 +[ 85.748225] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 85.753237] ? release_sock+0x1d4/0x2a0 +[ 85.757192] ? trace_hardirqs_on+0xd/0x10 +[ 85.761323] ? __local_bh_enable_ip+0x121/0x230 +[ 85.765975] ? _raw_spin_unlock_bh+0x30/0x40 +[ 85.770366] ? release_sock+0x1d4/0x2a0 +[ 85.774338] inet_sendmsg+0x11f/0x5e0 +[ 85.778122] ? inet_sendmsg+0x11f/0x5e0 +[ 85.782078] ? __might_sleep+0x95/0x190 +[ 85.786034] ? inet_create+0xf50/0xf50 +[ 85.789904] ? selinux_socket_sendmsg+0x36/0x40 +[ 85.794555] ? security_socket_sendmsg+0x89/0xb0 +[ 85.799310] ? inet_create+0xf50/0xf50 +[ 85.803186] sock_sendmsg+0xca/0x110 +[ 85.806900] SYSC_sendto+0x361/0x5c0 +[ 85.810597] ? SYSC_connect+0x4a0/0x4a0 +[ 85.814554] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 85.819379] ? vfs_write+0x374/0x510 +[ 85.823080] ? wait_for_completion+0x770/0x770 +[ 85.827650] ? __lock_is_held+0xb6/0x140 +[ 85.831714] ? fput+0xd2/0x140 +[ 85.834888] ? SyS_write+0x184/0x220 +[ 85.838585] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 85.843416] SyS_sendto+0x40/0x50 +[ 85.846857] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 85.851594] RIP: 0033:0x452cf9 +[ 85.854761] RSP: 002b:00007fd191c52c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c +[ 85.862450] RAX: ffffffffffffffda RBX: 00007fd191c52aa0 RCX: 0000000000452cf9 +[ 85.869705] RDX: 0000000000000555 RSI: 00000000204ce000 RDI: 0000000000000013 +[ 85.876958] RBP: 00007fd191c52a90 R08: 0000000020e26fe4 R09: 000000000000001c +[ 85.884210] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000004b798c +[ 85.891463] R13: 00007fd191c52bc8 R14: 00000000004b798c R15: 0000000000000000 +[ 85.898731] Code: f7 ff 31 c0 5b 5d c3 66 0f 1f 44 00 00 55 48 89 e5 41 54 53 49 89 fc e8 b1 77 30 fd 4d 85 e4 74 21 e8 a7 77 30 fd b9 ff ff ff ff 41 0f c1 4c 24 40 89 cb 83 eb 01 78 33 e8 8f 77 30 fd 85 db +[ 85.917879] RIP: dst_release+0x1e/0x90 RSP: ffff8801c247f598 +[ 85.923673] CR2: ffffffff0001eea6 +[ 85.927129] ---[ end trace b421a5a363a9c4fd ]--- +[ 86.211221] Shutting down cpus with NMI +[ 86.215778] Dumping ftrace buffer: +[ 86.219299] (ftrace buffer empty) +[ 86.223002] Kernel Offset: disabled +[ 86.226619] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/181 b/pkg/report/testdata/linux/report/181 new file mode 100644 index 000000000..fe3197a90 --- /dev/null +++ b/pkg/report/testdata/linux/report/181 @@ -0,0 +1,128 @@ +TITLE: WARNING: proc registration bug in clusterip_tg_check + +[ 126.768183] ------------[ cut here ]------------ +[ 126.773124] proc_dir_entry 'ipt_CLUSTERIP/172.20.0.170' already registered +[ 126.780219] WARNING: CPU: 1 PID: 4074 at fs/proc/generic.c:330 proc_register+0x2a4/0x370 +[ 126.788421] Kernel panic - not syncing: panic_on_warn set ... +[ 126.788421] +[ 126.795777] CPU: 1 PID: 4074 Comm: syzkaller105937 Not tainted 4.15.0+ #221 +[ 126.802846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 126.812171] Call Trace: +[ 126.814739] dump_stack+0x194/0x257 +[ 126.818340] ? arch_local_irq_restore+0x53/0x53 +[ 126.822990] ? vsnprintf+0x1ed/0x1900 +[ 126.826768] panic+0x1e4/0x41c +[ 126.829933] ? refcount_error_report+0x214/0x214 +[ 126.834664] ? show_regs_print_info+0x18/0x18 +[ 126.839136] ? __warn+0x1c1/0x200 +[ 126.842565] ? proc_register+0x2a4/0x370 +[ 126.846596] __warn+0x1dc/0x200 +[ 126.849849] ? proc_register+0x2a4/0x370 +[ 126.853885] report_bug+0x211/0x2d0 +[ 126.857493] fixup_bug.part.11+0x37/0x80 +[ 126.861528] do_error_trap+0x2d7/0x3e0 +[ 126.865387] ? vprintk_default+0x28/0x30 +[ 126.869422] ? math_error+0x400/0x400 +[ 126.873192] ? printk+0xaa/0xca +[ 126.876445] ? show_regs_print_info+0x18/0x18 +[ 126.880924] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 126.885744] do_invalid_op+0x1b/0x20 +[ 126.889432] invalid_op+0x22/0x40 +[ 126.892860] RIP: 0010:proc_register+0x2a4/0x370 +[ 126.897499] RSP: 0018:ffff8801da886e20 EFLAGS: 00010286 +[ 126.902834] RAX: dffffc0000000008 RBX: ffff8801d21cc7b8 RCX: ffffffff815a57ae +[ 126.910075] RDX: 0000000000000000 RSI: 1ffff1003b510d74 RDI: 1ffff1003b510d49 +[ 126.917320] RBP: ffff8801da886e70 R08: 1ffff1003b510d0b R09: 0000000000000000 +[ 126.924563] R10: ffff8801da886cd8 R11: 0000000000000000 R12: ffff8801cbf66440 +[ 126.932597] R13: dffffc0000000000 R14: ffff8801ca2fa348 R15: ffff8801cbf66501 +[ 126.939857] ? vprintk_func+0x5e/0xc0 +[ 126.943647] proc_create_data+0xf8/0x180 +[ 126.947687] clusterip_tg_check+0xf9c/0x16d0 +[ 126.952072] ? arp_mangle+0x550/0x550 +[ 126.955847] ? xt_find_target+0x150/0x1e0 +[ 126.959970] ? lock_downgrade+0x980/0x980 +[ 126.964091] ? rcu_read_lock_sched_held+0x108/0x120 +[ 126.969080] ? pcpu_alloc+0x146/0x10e0 +[ 126.972950] ? pcpu_free_area+0xa00/0xa00 +[ 126.977081] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 126.981899] ? kernel_text_address+0x102/0x140 +[ 126.986460] ? wait_for_completion+0x770/0x770 +[ 126.991025] ? unwind_get_return_address+0x61/0xa0 +[ 126.995928] ? __save_stack_trace+0x7e/0xd0 +[ 127.000226] ? arp_mangle+0x550/0x550 +[ 127.004004] xt_check_target+0x22c/0x7d0 +[ 127.008052] ? xt_target_seq_next+0x30/0x30 +[ 127.012352] ? save_stack+0xa3/0xd0 +[ 127.015956] ? save_stack+0x43/0xd0 +[ 127.019556] ? kasan_slab_free+0x71/0xc0 +[ 127.023587] ? kfree+0xd6/0x260 +[ 127.026844] ? mutex_unlock+0xd/0x10 +[ 127.030530] ? xt_find_target+0x17b/0x1e0 +[ 127.034664] find_check_entry.isra.8+0x8c8/0xcb0 +[ 127.039411] ? ipt_do_table+0x1950/0x1950 +[ 127.043545] ? trace_hardirqs_off+0xd/0x10 +[ 127.047752] ? quarantine_put+0xeb/0x190 +[ 127.051785] ? kfree+0xf0/0x260 +[ 127.055042] ? trace_hardirqs_on+0xd/0x10 +[ 127.059165] translate_table+0xed1/0x1610 +[ 127.063300] ? alloc_counters.isra.11+0x7d0/0x7d0 +[ 127.068118] ? kasan_check_write+0x14/0x20 +[ 127.072327] ? _copy_from_user+0x99/0x110 +[ 127.076537] do_ipt_set_ctl+0x370/0x5f0 +[ 127.080488] ? translate_compat_table+0x1b90/0x1b90 +[ 127.085496] ? mutex_unlock+0xd/0x10 +[ 127.089181] ? nf_sockopt_find.constprop.0+0x1a7/0x220 +[ 127.094438] nf_setsockopt+0x67/0xc0 +[ 127.098128] ip_setsockopt+0x97/0xa0 +[ 127.101826] sctp_setsockopt+0x2b6/0x61d0 +[ 127.105950] ? sctp_setsockopt_paddr_thresholds+0x550/0x550 +[ 127.111647] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 127.116814] ? lru_cache_add+0x1c7/0x3a0 +[ 127.120858] ? mem_cgroup_css_offline+0x510/0x510 +[ 127.125685] ? check_noncircular+0x20/0x20 +[ 127.129892] ? __mem_cgroup_threshold+0x8f0/0x8f0 +[ 127.134710] ? mark_held_locks+0xaf/0x100 +[ 127.138835] ? find_held_lock+0x35/0x1d0 +[ 127.142878] ? check_noncircular+0x20/0x20 +[ 127.147086] ? lock_downgrade+0x980/0x980 +[ 127.151207] ? check_noncircular+0x20/0x20 +[ 127.155424] ? lock_release+0xa40/0xa40 +[ 127.159388] ? find_held_lock+0x35/0x1d0 +[ 127.163434] ? avc_has_perm+0x35e/0x680 +[ 127.167382] ? lock_downgrade+0x980/0x980 +[ 127.171506] ? lock_release+0xa40/0xa40 +[ 127.175451] ? lock_downgrade+0x980/0x980 +[ 127.179583] ? __pmd_alloc+0x4e0/0x4e0 +[ 127.183446] ? lock_release+0xa40/0xa40 +[ 127.187395] ? __lock_is_held+0xb6/0x140 +[ 127.191436] ? avc_has_perm+0x43e/0x680 +[ 127.195387] ? avc_has_perm_noaudit+0x520/0x520 +[ 127.200036] ? iterate_fd+0x3f0/0x3f0 +[ 127.203895] ? lock_downgrade+0x980/0x980 +[ 127.208026] ? handle_mm_fault+0x476/0x930 +[ 127.212229] ? down_read_trylock+0xdb/0x170 +[ 127.216523] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 127.221073] ? vmacache_find+0x5f/0x280 +[ 127.225023] ? sock_has_perm+0x2a4/0x420 +[ 127.229059] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 127.234396] ? __do_page_fault+0x3d6/0xc90 +[ 127.238609] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 127.244291] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 127.249563] sock_common_setsockopt+0x95/0xd0 +[ 127.254034] SyS_setsockopt+0x189/0x360 +[ 127.257985] ? SyS_recv+0x40/0x40 +[ 127.261419] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 127.266235] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.271224] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 127.275957] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 127.280685] RIP: 0033:0x44afa9 +[ 127.283845] RSP: 002b:00007f43f70edce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 +[ 127.291525] RAX: ffffffffffffffda RBX: 00000000006e0c3c RCX: 000000000044afa9 +[ 127.298766] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000004 +[ 127.306007] RBP: 00000000006e0c38 R08: 0000000000000348 R09: 0000000000000000 +[ 127.313246] R10: 0000000020013c90 R11: 0000000000000246 R12: 0000000000000000 +[ 127.320488] R13: 00007ffe194fe84f R14: 00007f43f70ee9c0 R15: 0000000000000005 +[ 127.328274] Dumping ftrace buffer: +[ 127.331883] (ftrace buffer empty) +[ 127.335568] Kernel Offset: disabled +[ 127.339172] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/182 b/pkg/report/testdata/linux/report/182 new file mode 100644 index 000000000..8796d3438 --- /dev/null +++ b/pkg/report/testdata/linux/report/182 @@ -0,0 +1,136 @@ +TITLE: WARNING: kobject bug in br_add_if + +[ 179.154721] kobject_add_internal failed for brport (error: -12 parent: syz6) +[ 179.154909] ------------[ cut here ]------------ +[ 179.154920] WARNING: CPU: 1 PID: 3485 at lib/kobject.c:244 kobject_add_internal+0x3f6/0xbc0 +[ 179.154926] Kernel panic - not syncing: panic_on_warn set ... +[ 179.154926] +[ 179.154934] CPU: 1 PID: 3485 Comm: syz-executor6 Not tainted 4.14.0-rc4+ #80 +[ 179.154939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 179.154943] Call Trace: +[ 179.154951] dump_stack+0x194/0x257 +[ 179.154964] ? arch_local_irq_restore+0x53/0x53 +[ 179.154989] panic+0x1e4/0x417 +[ 179.154998] ? __warn+0x1d9/0x1d9 +[ 179.155011] ? show_regs_print_info+0x65/0x65 +[ 179.155035] ? __warn+0x1a9/0x1d9 +[ 179.155057] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155068] __warn+0x1c4/0x1d9 +[ 179.155081] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155096] report_bug+0x211/0x2d0 +[ 179.155119] fixup_bug+0x40/0x90 +[ 179.155134] do_trap+0x260/0x390 +[ 179.155157] do_error_trap+0x120/0x390 +[ 179.155171] ? trace_hardirqs_on+0xd/0x10 +[ 179.155192] ? do_trap+0x390/0x390 +[ 179.155206] ? kobject_add_internal+0x3f6/0xbc0 +[ 179.155215] ? vprintk_emit+0x3ea/0x590 +[ 179.155232] ? rds_tcp_laddr_check+0x40/0x40 +[ 179.155251] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 179.155274] do_invalid_op+0x1b/0x20 +[ 179.155285] invalid_op+0x18/0x20 +[ 179.155295] RIP: 0010:kobject_add_internal+0x3f6/0xbc0 +[ 179.155301] RSP: 0018:ffff8801bf816900 EFLAGS: 00010282 +[ 179.155311] RAX: 0000000000000040 RBX: ffff8801c09b4620 RCX: 0000000000000000 +[ 179.155318] RDX: 0000000000000040 RSI: ffffffff8158d38e RDI: ffffed0037f02d14 +[ 179.155324] RBP: ffff8801bf8169f8 R08: ffff8801bf816070 R09: 0000000000000000 +[ 179.155331] R10: 0000000000000000 R11: 0000000000000000 R12: 1ffff10037f02d26 +[ 179.155338] R13: 00000000fffffff4 R14: ffff8801cb9b0b30 R15: ffff8801cd01c000 +[ 179.155364] ? vprintk_func+0x5e/0xc0 +[ 179.155392] ? kobj_ns_type_registered+0x50/0x50 +[ 179.155406] ? kfree_const+0x31/0x40 +[ 179.155419] ? rcu_read_lock_sched_held+0x108/0x120 +[ 179.155431] ? kfree+0x1e7/0x250 +[ 179.155449] ? kfree_const+0x36/0x40 +[ 179.155471] kobject_init_and_add+0xf9/0x150 +[ 179.155488] ? kset_create_and_add+0x170/0x170 +[ 179.155510] ? __dev_set_allmulti+0x21b/0x2c0 +[ 179.155522] ? __dev_set_allmulti+0x1cb/0x2c0 +[ 179.155552] br_add_if+0x786/0x1990 +[ 179.155562] ? dev_set_allmulti+0x30/0x30 +[ 179.155589] ? br_features_recompute+0x250/0x250 +[ 179.155601] ? netdev_master_upper_dev_get+0x157/0x200 +[ 179.155616] ? __dev_get_by_flags+0x180/0x180 +[ 179.155627] ? proc_pident_instantiate+0x1de/0x290 +[ 179.155649] br_add_slave+0x29/0x30 +[ 179.155663] ? br_del_slave+0x30/0x30 +[ 179.155673] do_set_master+0x19c/0x1f0 +[ 179.155690] do_setlink+0xa98/0x38e0 +[ 179.155720] ? rtnl_register+0x70/0x70 +[ 179.155738] ? __lock_acquire+0x732/0x4620 +[ 179.155777] ? __lock_acquire+0x732/0x4620 +[ 179.155791] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 179.155801] ? __read_once_size_nocheck.constprop.8+0x10/0x10 +[ 179.155814] ? __alloc_skb+0x13b/0x780 +[ 179.155830] ? print_usage_bug+0x480/0x480 +[ 179.155862] ? rtnl_is_locked+0x54/0xb0 +[ 179.155874] ? rtnl_kfree_skbs+0x70/0x70 +[ 179.155887] ? validate_nla+0x1a7/0x5a0 +[ 179.155912] ? netdev_master_upper_dev_get+0x157/0x200 +[ 179.155927] ? __dev_get_by_flags+0x180/0x180 +[ 179.155942] ? avc_has_perm_noaudit+0xbe/0x520 +[ 179.155964] rtnl_newlink+0xf0d/0x1a40 +[ 179.155975] ? __mutex_lock+0x16f/0x19d0 +[ 179.156014] ? rtnl_link_unregister+0x330/0x330 +[ 179.156037] ? avc_has_extended_perms+0x12c0/0x12c0 +[ 179.156050] ? check_noncircular+0x20/0x20 +[ 179.156062] ? avc_has_extended_perms+0x12c0/0x12c0 +[ 179.156076] ? unwind_get_return_address+0x61/0xa0 +[ 179.156105] ? do_iter_readv_writev+0x531/0x7f0 +[ 179.156129] ? find_held_lock+0x39/0x1d0 +[ 179.156225] ? rtnl_link_unregister+0x330/0x330 +[ 179.156241] rtnetlink_rcv_msg+0x733/0x1090 +[ 179.156251] ? check_noncircular+0x20/0x20 +[ 179.156275] ? rtnl_calcit.isra.24+0x4f0/0x4f0 +[ 179.156315] ? find_held_lock+0x39/0x1d0 +[ 179.156349] ? lock_downgrade+0x990/0x990 +[ 179.156391] ? lock_release+0xd70/0xd70 +[ 179.156405] ? netlink_lookup+0x620/0xa90 +[ 179.156430] ? rtnl_link_unregister+0x330/0x330 +[ 179.156440] ? netlink_connect+0x4e0/0x4e0 +[ 179.156465] ? netlink_deliver_tap+0x176/0xb60 +[ 179.156480] ? iov_iter_advance+0x2a1/0x13f0 +[ 179.156502] netlink_rcv_skb+0x216/0x440 +[ 179.156514] ? rtnl_calcit.isra.24+0x4f0/0x4f0 +[ 179.156529] ? netlink_ack+0xab0/0xab0 +[ 179.156550] ? netlink_skb_destructor+0x1d0/0x1d0 +[ 179.156567] ? selinux_nlmsg_lookup+0x32b/0x430 +[ 179.156587] rtnetlink_rcv+0x1c/0x20 +[ 179.156600] netlink_unicast+0x4e8/0x6f0 +[ 179.156624] ? netlink_attachskb+0x8a0/0x8a0 +[ 179.156646] ? security_netlink_send+0x81/0xb0 +[ 179.156663] netlink_sendmsg+0xa4a/0xe70 +[ 179.156689] ? netlink_unicast+0x6f0/0x6f0 +[ 179.156711] ? security_socket_sendmsg+0x89/0xb0 +[ 179.156722] ? netlink_unicast+0x6f0/0x6f0 +[ 179.156740] sock_sendmsg+0xca/0x110 +[ 179.156759] sock_write_iter+0x320/0x5e0 +[ 179.156777] ? sock_sendmsg+0x110/0x110 +[ 179.156806] ? selinux_capset+0x100/0x100 +[ 179.156819] ? __might_sleep+0x6c/0x190 +[ 179.156842] do_iter_readv_writev+0x531/0x7f0 +[ 179.156866] ? vfs_dedupe_file_range+0x900/0x900 +[ 179.156894] ? rw_verify_area+0xe5/0x2b0 +[ 179.156916] do_iter_write+0x15a/0x540 +[ 179.156929] ? dup_iter+0x260/0x260 +[ 179.156964] vfs_writev+0x18a/0x340 +[ 179.156976] ? __fget_light+0x29d/0x390 +[ 179.156995] ? vfs_iter_write+0xb0/0xb0 +[ 179.157012] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 179.157028] ? kernel_read+0x120/0x120 +[ 179.157075] ? __fdget_pos+0x136/0x1a0 +[ 179.157091] ? __fdget_raw+0x20/0x20 +[ 179.157122] do_writev+0xfc/0x2a0 +[ 179.157135] ? do_writev+0xfc/0x2a0 +[ 179.157158] ? vfs_writev+0x340/0x340 +[ 179.157169] ? entry_SYSCALL_64_fastpath+0x5/0xbe +[ 179.157191] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 179.157215] SyS_writev+0x27/0x30 +[ 179.157232] entry_SYSCALL_64_fastpath+0x1f/0xbe +[ 179.157241] RIP: 0033:0x4520a9 +[ 179.157249] RSP: 002b:00007f4633db3c08 EFLAGS: 00000216 ORIG_RAX: 0000000000000014 +[ 179.157264] RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 +[ 179.157271] RDX: 0000000000000001 RSI: 00000000205d9000 RDI: 0000000000000005 +[ 179.157278] RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 +[ 179.157284] R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004b6c37 +[ 179.157291] R13: 00007f4633db3b48 R14: 00000000004b6c47 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/183 b/pkg/report/testdata/linux/report/183 new file mode 100644 index 000000000..ee7d8dd36 --- /dev/null +++ b/pkg/report/testdata/linux/report/183 @@ -0,0 +1,138 @@ +TITLE: BUG: corrupted list in tipc_nametbl_unsubscribe + +[ 440.811510] list_del corruption. prev->next should be 00000000bc6553ca, but was 0000000038fa8131 +[ 440.811620] ------------[ cut here ]------------ +[ 440.811625] kernel BUG at lib/list_debug.c:53! +[ 440.811637] invalid opcode: 0000 [#1] SMP KASAN +[ 440.811642] Dumping ftrace buffer: +[ 440.811646] (ftrace buffer empty) +[ 440.811649] Modules linked in: +[ 440.811658] CPU: 1 PID: 3200 Comm: syz-executor4 Not tainted 4.15.0-rc8+ #264 +[ 440.811662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 440.811673] RIP: 0010:__list_del_entry_valid+0xef/0x150 +[ 440.811677] RSP: 0018:ffff8801be95eb20 EFLAGS: 00010286 +[ 440.811683] RAX: 0000000000000054 RBX: ffff8801d359f240 RCX: 0000000000000000 +[ 440.811686] RDX: 0000000000000054 RSI: 1ffff10039af2dca RDI: ffffed0037d2bd58 +[ 440.811690] RBP: ffff8801be95eb38 R08: 1ffff10037d2bcfc R09: 0000000000000000 +[ 440.811694] R10: ffff8801be95ea00 R11: 0000000000000000 R12: ffff8801d50e4900 +[ 440.811698] R13: ffff8801be95ecd8 R14: ffff8801c29ac860 R15: ffff8801bd76aa80 +[ 440.811704] FS: 00007f70eee26700(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 +[ 440.811708] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 440.811712] CR2: 00000000010bad18 CR3: 0000000006822006 CR4: 00000000001606e0 +[ 440.811718] Call Trace: +[ 440.811727] ? _raw_spin_lock_bh+0x39/0x40 +[ 440.811737] tipc_nametbl_unsubscribe+0x318/0x990 +[ 440.811751] ? tipc_nametbl_subscribe+0xc10/0xc10 +[ 440.811764] ? lock_acquire+0x1d5/0x580 +[ 440.811770] ? lock_acquire+0x1d5/0x580 +[ 440.811777] ? tipc_subscrb_subscrp_delete+0x8f/0x460 +[ 440.811785] ? __radix_tree_lookup+0x435/0x5e0 +[ 440.811797] ? lock_release+0xa40/0xa40 +[ 440.811806] ? print_irqtrace_events+0x270/0x270 +[ 440.811815] ? find_held_lock+0x35/0x1d0 +[ 440.811828] ? tipc_subscrb_subscrp_delete+0x8f/0x460 +[ 440.811843] tipc_subscrb_subscrp_delete+0x1e9/0x460 +[ 440.811857] ? tipc_subscrp_put+0x360/0x360 +[ 440.811866] ? __local_bh_enable_ip+0x121/0x230 +[ 440.811876] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.811884] ? tipc_conn_lookup+0x74/0x90 +[ 440.811891] ? tipc_subscrb_subscrp_delete+0x460/0x460 +[ 440.811901] tipc_subscrb_release_cb+0x17/0x30 +[ 440.811910] tipc_close_conn+0x171/0x270 +[ 440.811922] tipc_topsrv_kern_unsubscr+0x213/0x340 +[ 440.811928] ? tipc_dest_del+0x350/0x350 +[ 440.811937] ? tipc_topsrv_kern_subscr+0x850/0x850 +[ 440.811947] ? tipc_node_distr_xmit+0x212/0x2b0 +[ 440.811964] tipc_group_delete+0x2c0/0x3d0 +[ 440.811975] ? print_irqtrace_events+0x270/0x270 +[ 440.811984] ? tipc_group_create+0x9c0/0x9c0 +[ 440.811993] ? __tipc_shutdown+0x916/0xc80 +[ 440.811999] ? find_held_lock+0x35/0x1d0 +[ 440.812020] ? tipc_sk_respond+0x550/0x550 +[ 440.812038] tipc_sk_leave+0x10b/0x200 +[ 440.812049] ? tipc_sk_withdraw+0x6b0/0x6b0 +[ 440.812062] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812071] ? lock_sock_nested+0x91/0x110 +[ 440.812080] ? __local_bh_enable_ip+0x121/0x230 +[ 440.812096] tipc_release+0x154/0xfe0 +[ 440.812114] ? kernel_text_address+0x102/0x140 +[ 440.812124] ? tipc_sk_backlog_rcv+0x390/0x390 +[ 440.812132] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812140] ? perf_trace_lock+0xd6/0x900 +[ 440.812147] ? __save_stack_trace+0x7e/0xd0 +[ 440.812156] ? check_noncircular+0x20/0x20 +[ 440.812167] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812183] ? locks_remove_file+0x3fa/0x5a0 +[ 440.812194] ? fcntl_setlk+0x10c0/0x10c0 +[ 440.812200] ? fsnotify+0x7b3/0x1140 +[ 440.812219] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 440.812240] sock_release+0x8d/0x1e0 +[ 440.812249] ? sock_alloc_file+0x560/0x560 +[ 440.812257] sock_close+0x16/0x20 +[ 440.812268] __fput+0x327/0x7e0 +[ 440.812284] ? fput+0x140/0x140 +[ 440.812295] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812311] ____fput+0x15/0x20 +[ 440.812320] task_work_run+0x199/0x270 +[ 440.812333] ? task_work_cancel+0x210/0x210 +[ 440.812342] ? _raw_spin_unlock+0x22/0x30 +[ 440.812351] ? switch_task_namespaces+0x87/0xc0 +[ 440.812365] do_exit+0x9bb/0x1ad0 +[ 440.812374] ? try_to_wake_up+0xf9/0x1600 +[ 440.812389] ? mm_update_next_owner+0x930/0x930 +[ 440.812400] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 440.812408] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 440.812418] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812425] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812438] ? __lock_is_held+0xb6/0x140 +[ 440.812463] ? perf_trace_lock+0xd6/0x900 +[ 440.812479] ? trace_event_raw_event_lock+0x340/0x340 +[ 440.812488] ? __perf_event_task_sched_out+0x266/0x1490 +[ 440.812500] ? check_noncircular+0x20/0x20 +[ 440.812516] ? perf_event_sync_stat+0x5b0/0x5b0 +[ 440.812525] ? __perf_event_task_sched_in+0x200/0xc20 +[ 440.812549] ? find_held_lock+0x35/0x1d0 +[ 440.812567] ? get_signal+0x7ae/0x16c0 +[ 440.812577] ? lock_downgrade+0x980/0x980 +[ 440.812595] do_group_exit+0x149/0x400 +[ 440.812604] ? do_raw_spin_trylock+0x190/0x190 +[ 440.812612] ? SyS_exit+0x30/0x30 +[ 440.812620] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812631] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812645] get_signal+0x73f/0x16c0 +[ 440.812664] ? ptrace_notify+0x130/0x130 +[ 440.812678] ? __schedule+0x8f3/0x2060 +[ 440.812685] ? exit_robust_list+0x240/0x240 +[ 440.812701] ? __sched_text_start+0x8/0x8 +[ 440.812719] ? find_held_lock+0x35/0x1d0 +[ 440.812731] do_signal+0x90/0x1eb0 +[ 440.812742] ? task_work_run+0x16c/0x270 +[ 440.812751] ? lock_downgrade+0x980/0x980 +[ 440.812758] ? mntput+0x66/0x90 +[ 440.812769] ? setup_sigcontext+0x7d0/0x7d0 +[ 440.812787] ? schedule+0xf5/0x430 +[ 440.812794] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812804] ? __schedule+0x2060/0x2060 +[ 440.812816] ? _raw_spin_unlock_irq+0x27/0x70 +[ 440.812824] ? task_work_run+0x1f4/0x270 +[ 440.812837] ? task_work_cancel+0x210/0x210 +[ 440.812849] ? exit_to_usermode_loop+0x8c/0x310 +[ 440.812865] exit_to_usermode_loop+0x214/0x310 +[ 440.812878] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 440.812899] syscall_return_slowpath+0x490/0x550 +[ 440.812908] ? prepare_exit_to_usermode+0x340/0x340 +[ 440.812914] ? SyS_write+0x184/0x220 +[ 440.812924] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 440.812935] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 440.812944] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 440.812961] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 440.812967] RIP: 0033:0x452df9 +[ 440.812971] RSP: 002b:00007f70eee25c88 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 440.812978] RAX: 0000000000000001 RBX: 000000000071bea0 RCX: 0000000000452df9 +[ 440.812983] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000071becc +[ 440.812987] RBP: 0000000000000573 R08: 0000000000000000 R09: 0000000000000000 +[ 440.812991] R10: 0000000000000010 R11: 0000000000000246 R12: 0000000000000001 +[ 440.812995] R13: 0000000000000014 R14: 00007f70eee266d4 R15: ffffffffffffffff +[ 440.813016] Code: 4c 89 e2 48 c7 c7 c0 fb e0 85 e8 95 26 fe fe 0f 0b 48 c7 c7 20 fc e0 85 e8 87 26 fe fe 0f 0b 48 c7 c7 80 fc e0 85 e8 79 26 fe fe <0f> 0b 48 c7 c7 e0 fc e0 85 e8 6b 26 fe fe 0f 0b 48 89 df 48 89 +[ 440.813159] RIP: __list_del_entry_valid+0xef/0x150 RSP: ffff8801be95eb20 +[ 440.813194] ---[ end trace 0c495e0cee371de9 ]--- diff --git a/pkg/report/testdata/linux/report/184 b/pkg/report/testdata/linux/report/184 new file mode 100644 index 000000000..2770a2186 --- /dev/null +++ b/pkg/report/testdata/linux/report/184 @@ -0,0 +1,52 @@ +TITLE: BUG: corrupted list in __dev_remove_pack + +[ 50.710530] list_del corruption. next->prev should be ffff8801d8caa528, but was ffffffff868a8010 +[ 50.719785] ------------[ cut here ]------------ +[ 50.724628] kernel BUG at lib/list_debug.c:56! +[ 50.729330] invalid opcode: 0000 [#1] SMP +[ 50.733500] Dumping ftrace buffer: +[ 50.737039] (ftrace buffer empty) +[ 50.740755] Modules linked in: +[ 50.743989] CPU: 1 PID: 4654 Comm: syzkaller396097 Tainted: G B 4.12.0+ #7 +[ 50.752136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 50.761509] task: ffff8801cd500000 task.stack: ffff8801d1060000 +[ 50.767597] RIP: 0010:__list_del_entry_valid+0x370/0x390 +[ 50.773063] RSP: 0018:ffff8801d1067968 EFLAGS: 00010292 +[ 50.778450] RAX: 0000000000000054 RBX: 0000000000000000 RCX: 0000000000000000 +[ 50.785740] RDX: 0000000000000000 RSI: ffffea000cbee828 RDI: ffff88021fd15ac0 +[ 50.793030] RBP: ffff8801d10679c8 R08: 0000000000000002 R09: ffff8801d10673f0 +[ 50.800323] R10: 000000003e6d70ea R11: 0000ff0000000000 R12: ffff8801ddca3870 +[ 50.807630] R13: ffff8801d8caa528 R14: ffffffff868a8010 R15: 0000000000000000 +[ 50.814927] FS: 0000000000dd1940(0000) GS:ffff88021fd00000(0000) knlGS:0000000000000000 +[ 50.823170] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 50.829071] CR2: 00007ff2dc3d7db8 CR3: 00000001d6160000 CR4: 00000000001406e0 +[ 50.836366] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 50.843663] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 50.850936] Call Trace: +[ 50.853563] __dev_remove_pack+0x2cf/0x490 +[ 50.857828] __unregister_prot_hook+0x2f6/0x470 +[ 50.862526] ? __msan_load_shadow_origin_1+0x5d/0xe0 +[ 50.867663] packet_release+0x3dd/0x1340 +[ 50.871758] ? __msan_load_shadow_origin_4+0x5d/0xe0 +[ 50.876892] ? packet_rcv_spkt+0x6b0/0x6b0 +[ 50.881152] sock_close+0xd3/0x2d0 +[ 50.884725] ? sock_mmap+0xf0/0xf0 +[ 50.888293] __fput+0x3a2/0x8f0 +[ 50.891604] ____fput+0x28/0x40 +[ 50.894905] ? fput+0x2a0/0x2a0 +[ 50.898206] task_work_run+0x17f/0x2b0 +[ 50.902121] do_exit+0xf45/0x32f0 +[ 50.905617] do_group_exit+0x19a/0x320 +[ 50.909533] SYSC_exit_group+0x22/0x30 +[ 50.913445] SyS_exit_group+0x25/0x30 +[ 50.917277] entry_SYSCALL_64_fastpath+0x13/0x94 +[ 50.922048] RIP: 0033:0x447529 +[ 50.925256] RSP: 002b:00007ffe8dca8c98 EFLAGS: 00000206 ORIG_RAX: 00000000000000e7 +[ 50.932996] RAX: ffffffffffffffda RBX: 00007ff2db3d6700 RCX: 0000000000447529 +[ 50.940281] RDX: 0000000000445c41 RSI: 0000000000000000 RDI: 0000000000000000 +[ 50.947568] RBP: 00007ffe8dca8c40 R08: 00000000006db1c0 R09: 0000000000000000 +[ 50.954855] R10: 00000000006db144 R11: 0000000000000206 R12: 0000000000000000 +[ 50.962140] R13: 00007ffe8dca8c3f R14: 00007ff2db3d69c0 R15: 0000000000000000 +[ 50.969415] Code: 00 00 48 c7 80 60 09 00 00 00 00 00 00 c7 80 20 03 00 00 00 00 00 00 48 c7 c7 f8 87 43 86 31 c0 4c 89 ee 4c 89 f2 e8 c0 09 d1 fe <0f> 0b 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 eb fe 0f 1f 40 +[ 50.989516] RIP: __list_del_entry_valid+0x370/0x390 RSP: ffff8801d1067968 +[ 50.996557] ---[ end trace 1b9e265517f5d9ac ]--- diff --git a/pkg/report/testdata/linux/report/185 b/pkg/report/testdata/linux/report/185 new file mode 100644 index 000000000..331c92914 --- /dev/null +++ b/pkg/report/testdata/linux/report/185 @@ -0,0 +1,153 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ip_setsockopt + +[ 36.345030] ====================================================== +[ 36.351334] WARNING: possible circular locking dependency detected +[ 36.357637] 4.15.0+ #221 Not tainted +[ 36.357648] xt_TCPMSS: Only works on TCP SYN packets +[ 36.361324] ------------------------------------------------------ +[ 36.361330] syz-executor5/5807 is trying to acquire lock: +[ 36.361332] (sk_lock-AF_INET){+.+.}, at: [<0000000046bbd7df>] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.361358] +[ 36.361358] but task is already holding lock: +[ 36.361360] (rtnl_mutex){+.+.}, at: [<00000000366b10e7>] rtnl_lock+0x17/0x20 +[ 36.361378] +[ 36.361378] which lock already depends on the new lock. +[ 36.361378] +[ 36.361380] +[ 36.361380] the existing dependency chain (in reverse order) is: +[ 36.361382] +[ 36.361382] -> #2 (rtnl_mutex){+.+.}: +[ 36.421860] __mutex_lock+0x16f/0x1a80 +[ 36.426252] mutex_lock_nested+0x16/0x20 +[ 36.430819] rtnl_lock+0x17/0x20 +[ 36.434693] unregister_netdevice_notifier+0x91/0x4e0 +[ 36.440382] clusterip_tg_destroy+0x389/0x6e0 +[ 36.445370] cleanup_entry+0x218/0x350 +[ 36.449755] __do_replace+0x79d/0xa50 +[ 36.454049] do_ipt_set_ctl+0x40f/0x5f0 +[ 36.458514] nf_setsockopt+0x67/0xc0 +[ 36.462717] ip_setsockopt+0x97/0xa0 +[ 36.466920] tcp_setsockopt+0x82/0xd0 +[ 36.471210] sock_common_setsockopt+0x95/0xd0 +[ 36.476198] SyS_setsockopt+0x189/0x360 +[ 36.480666] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.485909] +[ 36.485909] -> #1 (&xt[i].mutex){+.+.}: +[ 36.491343] __mutex_lock+0x16f/0x1a80 +[ 36.495724] mutex_lock_nested+0x16/0x20 +[ 36.500282] xt_find_table_lock+0x3e/0x3e0 +[ 36.505016] xt_request_find_table_lock+0x28/0xc0 +[ 36.510357] get_info+0x154/0x690 +[ 36.514303] do_ipt_get_ctl+0x159/0xac0 +[ 36.518767] nf_getsockopt+0x6a/0xc0 +[ 36.522973] ip_getsockopt+0x15c/0x220 +[ 36.527357] tcp_getsockopt+0x82/0xd0 +[ 36.531657] sock_common_getsockopt+0x95/0xd0 +[ 36.536644] SyS_getsockopt+0x178/0x340 +[ 36.541108] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.546349] +[ 36.546349] -> #0 (sk_lock-AF_INET){+.+.}: +[ 36.552040] lock_acquire+0x1d5/0x580 +[ 36.556332] lock_sock_nested+0xc2/0x110 +[ 36.560883] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.566302] ip_setsockopt+0x3a/0xa0 +[ 36.570505] raw_setsockopt+0xb7/0xd0 +[ 36.574796] sock_common_setsockopt+0x95/0xd0 +[ 36.579784] SyS_setsockopt+0x189/0x360 +[ 36.584247] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.589488] +[ 36.589488] other info that might help us debug this: +[ 36.589488] +[ 36.597597] Chain exists of: +[ 36.597597] sk_lock-AF_INET --> &xt[i].mutex --> rtnl_mutex +[ 36.597597] +[ 36.607798] Possible unsafe locking scenario: +[ 36.607798] +[ 36.613823] CPU0 CPU1 +[ 36.618462] ---- ---- +[ 36.623095] lock(rtnl_mutex); +[ 36.626343] lock(&xt[i].mutex); +[ 36.632282] lock(rtnl_mutex); +[ 36.638050] lock(sk_lock-AF_INET); +[ 36.641735] +[ 36.641735] *** DEADLOCK *** +[ 36.641735] +[ 36.647767] 1 lock held by syz-executor5/5807: +[ 36.652314] #0: (rtnl_mutex){+.+.}, at: [<00000000366b10e7>] rtnl_lock+0x17/0x20 +[ 36.660004] +[ 36.660004] stack backtrace: +[ 36.664481] CPU: 0 PID: 5807 Comm: syz-executor5 Not tainted 4.15.0+ #221 +[ 36.671375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 36.680701] Call Trace: +[ 36.683264] dump_stack+0x194/0x257 +[ 36.686868] ? arch_local_irq_restore+0x53/0x53 +[ 36.691519] print_circular_bug.isra.38+0x2cd/0x2dc +[ 36.696505] ? save_trace+0xe0/0x2b0 +[ 36.700192] __lock_acquire+0x30a8/0x3e00 +[ 36.704321] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 36.709487] ? rtnl_lock+0x17/0x20 +[ 36.713000] ? __mutex_lock+0x16f/0x1a80 +[ 36.717038] ? rtnl_lock+0x17/0x20 +[ 36.720549] ? rtnl_lock+0x17/0x20 +[ 36.724059] ? __lock_acquire+0x664/0x3e00 +[ 36.728264] ? mutex_lock_io_nested+0x1900/0x1900 +[ 36.733076] ? print_irqtrace_events+0x270/0x270 +[ 36.737809] ? check_noncircular+0x20/0x20 +[ 36.742028] ? print_irqtrace_events+0x270/0x270 +[ 36.746755] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 36.751914] ? do_raw_spin_trylock+0x190/0x190 +[ 36.756464] ? do_raw_spin_trylock+0x190/0x190 +[ 36.761022] ? check_noncircular+0x20/0x20 +[ 36.765234] ? check_noncircular+0x20/0x20 +[ 36.769439] ? find_held_lock+0x35/0x1d0 +[ 36.773472] lock_acquire+0x1d5/0x580 +[ 36.777244] ? lock_sock_nested+0xa3/0x110 +[ 36.781447] ? lock_acquire+0x1d5/0x580 +[ 36.785392] ? do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.790467] ? lock_release+0xa40/0xa40 +[ 36.794411] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 36.800263] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 36.806116] ? do_raw_spin_trylock+0x190/0x190 +[ 36.810670] ? lock_sock_nested+0x44/0x110 +[ 36.814876] lock_sock_nested+0xc2/0x110 +[ 36.818908] ? do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.823984] do_ip_setsockopt.isra.12+0x1d9/0x3210 +[ 36.828884] ? ip_ra_control+0x5c0/0x5c0 +[ 36.832920] ? check_noncircular+0x20/0x20 +[ 36.837127] ? compat_start_thread+0x80/0x80 +[ 36.841505] ? do_raw_spin_trylock+0x190/0x190 +[ 36.846059] ? find_held_lock+0x35/0x1d0 +[ 36.850094] ? avc_has_perm+0x35e/0x680 +[ 36.854039] ? lock_downgrade+0x980/0x980 +[ 36.858158] ? lock_release+0xa40/0xa40 +[ 36.862100] ? lock_downgrade+0x980/0x980 +[ 36.866218] ? lock_release+0xa40/0xa40 +[ 36.870162] ? __lock_is_held+0xb6/0x140 +[ 36.874198] ? avc_has_perm+0x43e/0x680 +[ 36.878143] ? avc_has_perm_noaudit+0x520/0x520 +[ 36.882812] ? iterate_fd+0x3f0/0x3f0 +[ 36.886590] ? lock_downgrade+0x980/0x980 +[ 36.890714] ? __lock_is_held+0xb6/0x140 +[ 36.894755] ? schedule+0xf5/0x430 +[ 36.898275] ? sock_has_perm+0x2a4/0x420 +[ 36.902307] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 36.907651] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 36.913333] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 36.918582] ? alloc_file+0x27e/0x390 +[ 36.922357] ip_setsockopt+0x3a/0xa0 +[ 36.926045] raw_setsockopt+0xb7/0xd0 +[ 36.929819] sock_common_setsockopt+0x95/0xd0 +[ 36.934287] SyS_setsockopt+0x189/0x360 +[ 36.938234] ? SyS_recv+0x40/0x40 +[ 36.941656] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 36.946469] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 36.951456] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 36.956183] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 36.960907] RIP: 0033:0x453299 +[ 36.964070] RSP: 002b:00007f5666182c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 36.971749] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 36.978990] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000013 +[ 36.986231] RBP: 00000000000005c9 R08: 0000000000000004 R09: 0000000000000000 +[ 36.993468] R10: 0000000020000000 R11: 0000000000000212 R12: 00000000006f7b78 +[ 37.000707] R13: 00000000ffffffff R14: 00007f56661836d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/186 b/pkg/report/testdata/linux/report/186 new file mode 100644 index 000000000..1a6c8afc7 --- /dev/null +++ b/pkg/report/testdata/linux/report/186 @@ -0,0 +1,155 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ipv6_setsockopt + +[ 53.842308] ====================================================== +[ 53.848617] WARNING: possible circular locking dependency detected +[ 53.854929] 4.15.0+ #221 Not tainted +[ 53.858633] ------------------------------------------------------ +[ 53.864938] syz-executor3/5627 is trying to acquire lock: +[ 53.870468] (sk_lock-AF_INET6){+.+.}, at: [<000000005bcb19be>] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 53.879944] +[ 53.879944] but task is already holding lock: +[ 53.885893] (rtnl_mutex){+.+.}, at: [<000000001f0e7db0>] rtnl_lock+0x17/0x20 +[ 53.893173] +[ 53.893173] which lock already depends on the new lock. +[ 53.893173] +[ 53.901483] +[ 53.901483] the existing dependency chain (in reverse order) is: +[ 53.909081] +[ 53.909081] -> #2 (rtnl_mutex){+.+.}: +[ 53.914395] __mutex_lock+0x16f/0x1a80 +[ 53.918789] mutex_lock_nested+0x16/0x20 +[ 53.923353] rtnl_lock+0x17/0x20 +[ 53.927224] unregister_netdevice_notifier+0x91/0x4e0 +[ 53.932921] clusterip_tg_destroy+0x389/0x6e0 +[ 53.937916] cleanup_entry+0x218/0x350 +[ 53.942305] __do_replace+0x79d/0xa50 +[ 53.946603] do_ipt_set_ctl+0x40f/0x5f0 +[ 53.951071] nf_setsockopt+0x67/0xc0 +[ 53.955277] ip_setsockopt+0x97/0xa0 +[ 53.959482] tcp_setsockopt+0x82/0xd0 +[ 53.963786] sock_common_setsockopt+0x95/0xd0 +[ 53.968783] SyS_setsockopt+0x189/0x360 +[ 53.973254] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 53.978498] +[ 53.978498] -> #1 (&xt[i].mutex){+.+.}: +[ 53.983939] __mutex_lock+0x16f/0x1a80 +[ 53.988318] mutex_lock_nested+0x16/0x20 +[ 53.992872] xt_find_table_lock+0x3e/0x3e0 +[ 53.997596] xt_request_find_table_lock+0x28/0xc0 +[ 54.002948] get_info+0x154/0x690 +[ 54.006899] do_ip6t_get_ctl+0x159/0xaf0 +[ 54.011454] nf_getsockopt+0x6a/0xc0 +[ 54.015661] ipv6_getsockopt+0x1df/0x2e0 +[ 54.020215] tcp_getsockopt+0x82/0xd0 +[ 54.024511] sock_common_getsockopt+0x95/0xd0 +[ 54.029521] SyS_getsockopt+0x178/0x340 +[ 54.034019] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.039289] +[ 54.039289] -> #0 (sk_lock-AF_INET6){+.+.}: +[ 54.045095] lock_acquire+0x1d5/0x580 +[ 54.049404] lock_sock_nested+0xc2/0x110 +[ 54.053975] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.059482] ipv6_setsockopt+0xd7/0x130 +[ 54.063949] rawv6_setsockopt+0x4a/0xf0 +[ 54.068425] sock_common_setsockopt+0x95/0xd0 +[ 54.073415] SyS_setsockopt+0x189/0x360 +[ 54.077879] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.083122] +[ 54.083122] other info that might help us debug this: +[ 54.083122] +[ 54.091320] Chain exists of: +[ 54.091320] sk_lock-AF_INET6 --> &xt[i].mutex --> rtnl_mutex +[ 54.091320] +[ 54.101614] Possible unsafe locking scenario: +[ 54.101614] +[ 54.107654] CPU0 CPU1 +[ 54.112299] ---- ---- +[ 54.116940] lock(rtnl_mutex); +[ 54.120195] lock(&xt[i].mutex); +[ 54.126138] lock(rtnl_mutex); +[ 54.131908] lock(sk_lock-AF_INET6); +[ 54.135683] +[ 54.135683] *** DEADLOCK *** +[ 54.135683] +[ 54.141717] 1 lock held by syz-executor3/5627: +[ 54.146270] #0: (rtnl_mutex){+.+.}, at: [<000000001f0e7db0>] rtnl_lock+0x17/0x20 +[ 54.153968] +[ 54.153968] stack backtrace: +[ 54.158438] CPU: 0 PID: 5627 Comm: syz-executor3 Not tainted 4.15.0+ #221 +[ 54.165346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 54.174686] Call Trace: +[ 54.177254] dump_stack+0x194/0x257 +[ 54.180856] ? arch_local_irq_restore+0x53/0x53 +[ 54.185512] print_circular_bug.isra.38+0x2cd/0x2dc +[ 54.190524] ? save_trace+0xe0/0x2b0 +[ 54.194214] __lock_acquire+0x30a8/0x3e00 +[ 54.198353] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 54.203528] ? rtnl_lock+0x17/0x20 +[ 54.207054] ? __mutex_lock+0x16f/0x1a80 +[ 54.211090] ? rtnl_lock+0x17/0x20 +[ 54.214607] ? rtnl_lock+0x17/0x20 +[ 54.218122] ? print_irqtrace_events+0x270/0x270 +[ 54.222857] ? __lock_acquire+0x664/0x3e00 +[ 54.227069] ? print_irqtrace_events+0x270/0x270 +[ 54.231804] ? check_noncircular+0x20/0x20 +[ 54.236020] ? print_irqtrace_events+0x270/0x270 +[ 54.240759] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 54.245923] ? check_noncircular+0x20/0x20 +[ 54.250131] ? __lock_acquire+0x664/0x3e00 +[ 54.254341] ? find_held_lock+0x35/0x1d0 +[ 54.258377] lock_acquire+0x1d5/0x580 +[ 54.262160] ? lock_sock_nested+0xa3/0x110 +[ 54.266373] ? lock_acquire+0x1d5/0x580 +[ 54.270321] ? do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.275490] ? lock_release+0xa40/0xa40 +[ 54.279442] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 54.285297] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 54.291156] ? do_raw_spin_trylock+0x190/0x190 +[ 54.295716] ? __enqueue_entity+0x109/0x1e0 +[ 54.300019] ? lock_sock_nested+0x44/0x110 +[ 54.304241] lock_sock_nested+0xc2/0x110 +[ 54.308291] ? do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.313455] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 54.318444] ? ipv6_update_options+0x330/0x330 +[ 54.323000] ? lock_downgrade+0x980/0x980 +[ 54.327128] ? check_noncircular+0x20/0x20 +[ 54.331333] ? load_balance+0x34c0/0x34c0 +[ 54.335452] ? check_noncircular+0x20/0x20 +[ 54.339657] ? compat_start_thread+0x80/0x80 +[ 54.344041] ? do_raw_spin_trylock+0x190/0x190 +[ 54.348615] ? find_held_lock+0x35/0x1d0 +[ 54.352657] ? avc_has_perm+0x35e/0x680 +[ 54.356601] ? lock_downgrade+0x980/0x980 +[ 54.360719] ? lock_release+0xa40/0xa40 +[ 54.364665] ? lock_downgrade+0x980/0x980 +[ 54.368783] ? lock_release+0xa40/0xa40 +[ 54.372728] ? __lock_is_held+0xb6/0x140 +[ 54.376764] ? avc_has_perm+0x43e/0x680 +[ 54.380723] ? avc_has_perm_noaudit+0x520/0x520 +[ 54.385371] ? iterate_fd+0x3f0/0x3f0 +[ 54.389152] ? lock_downgrade+0x980/0x980 +[ 54.393272] ? __lock_is_held+0xb6/0x140 +[ 54.397304] ? schedule+0xf5/0x430 +[ 54.400818] ? sock_has_perm+0x2a4/0x420 +[ 54.404847] ? selinux_secmark_relabel_packet+0xc0/0xc0 +[ 54.410180] ? selinux_netlbl_socket_setsockopt+0x10c/0x460 +[ 54.415859] ? selinux_netlbl_sock_rcv_skb+0x730/0x730 +[ 54.421103] ? alloc_file+0x27e/0x390 +[ 54.424874] ipv6_setsockopt+0xd7/0x130 +[ 54.428817] ? ipv6_setsockopt+0xd7/0x130 +[ 54.432936] rawv6_setsockopt+0x4a/0xf0 +[ 54.436883] sock_common_setsockopt+0x95/0xd0 +[ 54.441349] SyS_setsockopt+0x189/0x360 +[ 54.445294] ? SyS_recv+0x40/0x40 +[ 54.448720] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 54.453538] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 54.458530] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 54.463255] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 54.467980] RIP: 0033:0x453299 +[ 54.471138] RSP: 002b:00007f426abc9c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 +[ 54.478825] RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 +[ 54.486067] RDX: 0000000000000001 RSI: 0000000000000029 RDI: 0000000000000013 +[ 54.493317] RBP: 00000000000005cd R08: 0000000000000004 R09: 0000000000000000 +[ 54.500565] R10: 000000002095affc R11: 0000000000000212 R12: 00000000006f7bd8 +[ 54.507812] R13: 00000000ffffffff R14: 00007f426abca6d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/187 b/pkg/report/testdata/linux/report/187 new file mode 100644 index 000000000..556766f49 --- /dev/null +++ b/pkg/report/testdata/linux/report/187 @@ -0,0 +1,145 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in do_ip_getsockopt + +[ 37.884335] ====================================================== +[ 37.890648] WARNING: possible circular locking dependency detected +[ 37.896957] 4.15.0+ #221 Not tainted +[ 37.900664] ------------------------------------------------------ +[ 37.906977] syz-executor1/6283 is trying to acquire lock: +[ 37.912502] (sk_lock-AF_INET){+.+.}, at: [<0000000075c3d11e>] do_ip_getsockopt+0x1b3/0x2170 +[ 37.921085] +[ 37.921085] but task is already holding lock: +[ 37.927043] (rtnl_mutex){+.+.}, at: [<0000000058d7a825>] rtnl_lock+0x17/0x20 +[ 37.934327] +[ 37.934327] which lock already depends on the new lock. +[ 37.934327] +[ 37.942626] +[ 37.942626] the existing dependency chain (in reverse order) is: +[ 37.950234] +[ 37.950234] -> #2 (rtnl_mutex){+.+.}: +[ 37.955514] __mutex_lock+0x16f/0x1a80 +[ 37.959916] mutex_lock_nested+0x16/0x20 +[ 37.964489] rtnl_lock+0x17/0x20 +[ 37.968369] unregister_netdevice_notifier+0x91/0x4e0 +[ 37.974072] clusterip_tg_destroy+0x389/0x6e0 +[ 37.979083] cleanup_entry+0x218/0x350 +[ 37.983485] __do_replace+0x79d/0xa50 +[ 37.987787] do_ipt_set_ctl+0x40f/0x5f0 +[ 37.992268] nf_setsockopt+0x67/0xc0 +[ 37.996489] ip_setsockopt+0x97/0xa0 +[ 38.000713] tcp_setsockopt+0x82/0xd0 +[ 38.005018] sock_common_setsockopt+0x95/0xd0 +[ 38.010022] SyS_setsockopt+0x189/0x360 +[ 38.014511] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.019767] +[ 38.019767] -> #1 (&xt[i].mutex){+.+.}: +[ 38.025203] __mutex_lock+0x16f/0x1a80 +[ 38.029593] mutex_lock_nested+0x16/0x20 +[ 38.034182] xt_find_table_lock+0x3e/0x3e0 +[ 38.038908] xt_request_find_table_lock+0x28/0xc0 +[ 38.044246] get_info+0x154/0x690 +[ 38.048201] do_ipt_get_ctl+0x159/0xac0 +[ 38.052681] nf_getsockopt+0x6a/0xc0 +[ 38.056906] ip_getsockopt+0x15c/0x220 +[ 38.061305] tcp_getsockopt+0x82/0xd0 +[ 38.065606] sock_common_getsockopt+0x95/0xd0 +[ 38.070607] SyS_getsockopt+0x178/0x340 +[ 38.075080] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.080323] +[ 38.080323] -> #0 (sk_lock-AF_INET){+.+.}: +[ 38.086018] lock_acquire+0x1d5/0x580 +[ 38.090315] lock_sock_nested+0xc2/0x110 +[ 38.094870] do_ip_getsockopt+0x1b3/0x2170 +[ 38.099597] ip_getsockopt+0x90/0x220 +[ 38.103897] tcp_getsockopt+0x82/0xd0 +[ 38.108192] sock_common_getsockopt+0x95/0xd0 +[ 38.113176] SyS_getsockopt+0x178/0x340 +[ 38.117642] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.122886] +[ 38.122886] other info that might help us debug this: +[ 38.122886] +[ 38.130998] Chain exists of: +[ 38.130998] sk_lock-AF_INET --> &xt[i].mutex --> rtnl_mutex +[ 38.130998] +[ 38.141214] Possible unsafe locking scenario: +[ 38.141214] +[ 38.147241] CPU0 CPU1 +[ 38.151875] ---- ---- +[ 38.156510] lock(rtnl_mutex); +[ 38.159757] lock(&xt[i].mutex); +[ 38.165700] lock(rtnl_mutex); +[ 38.171474] lock(sk_lock-AF_INET); +[ 38.175156] +[ 38.175156] *** DEADLOCK *** +[ 38.175156] +[ 38.181182] 1 lock held by syz-executor1/6283: +[ 38.185730] #0: (rtnl_mutex){+.+.}, at: [<0000000058d7a825>] rtnl_lock+0x17/0x20 +[ 38.193418] +[ 38.193418] stack backtrace: +[ 38.197887] CPU: 0 PID: 6283 Comm: syz-executor1 Not tainted 4.15.0+ #221 +[ 38.204778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 38.214110] Call Trace: +[ 38.216679] dump_stack+0x194/0x257 +[ 38.220280] ? arch_local_irq_restore+0x53/0x53 +[ 38.224924] print_circular_bug.isra.38+0x2cd/0x2dc +[ 38.229912] ? save_trace+0xe0/0x2b0 +[ 38.233596] __lock_acquire+0x30a8/0x3e00 +[ 38.237725] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 38.242884] ? rtnl_lock+0x17/0x20 +[ 38.246394] ? rtnl_lock+0x17/0x20 +[ 38.249904] ? plist_add+0x5cb/0x760 +[ 38.253593] ? mutex_lock_io_nested+0x1900/0x1900 +[ 38.258411] ? print_irqtrace_events+0x270/0x270 +[ 38.263137] ? print_irqtrace_events+0x270/0x270 +[ 38.267862] ? check_noncircular+0x20/0x20 +[ 38.272069] ? check_noncircular+0x20/0x20 +[ 38.276276] ? futex_wait_queue_me+0x527/0x7e0 +[ 38.280834] lock_acquire+0x1d5/0x580 +[ 38.284610] ? lock_acquire+0x1d5/0x580 +[ 38.288557] ? do_ip_getsockopt+0x1b3/0x2170 +[ 38.292938] ? lock_release+0xa40/0xa40 +[ 38.296984] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 38.302842] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 38.308707] ? do_raw_spin_trylock+0x190/0x190 +[ 38.313268] ? mmdrop+0x18/0x30 +[ 38.316521] ? lock_sock_nested+0x44/0x110 +[ 38.320738] lock_sock_nested+0xc2/0x110 +[ 38.324775] ? do_ip_getsockopt+0x1b3/0x2170 +[ 38.329153] do_ip_getsockopt+0x1b3/0x2170 +[ 38.333365] ? rcu_read_lock+0x90/0x90 +[ 38.337242] ? finish_task_switch+0x1d3/0x740 +[ 38.341708] ? lock_downgrade+0x980/0x980 +[ 38.345828] ? check_noncircular+0x20/0x20 +[ 38.350041] ? check_noncircular+0x20/0x20 +[ 38.354254] ? compat_start_thread+0x80/0x80 +[ 38.358653] ? find_held_lock+0x35/0x1d0 +[ 38.362705] ? avc_has_perm+0x35e/0x680 +[ 38.366653] ? lock_downgrade+0x980/0x980 +[ 38.370783] ? __fget+0x333/0x570 +[ 38.374213] ? lock_release+0xa40/0xa40 +[ 38.378159] ? lock_release+0xa40/0xa40 +[ 38.382111] ? __lock_is_held+0xb6/0x140 +[ 38.386157] ? avc_has_perm+0x43e/0x680 +[ 38.390103] ? avc_has_perm_noaudit+0x520/0x520 +[ 38.394747] ? lock_downgrade+0x980/0x980 +[ 38.398874] ? handle_mm_fault+0x476/0x930 +[ 38.403083] ? down_read_trylock+0xdb/0x170 +[ 38.407380] ? schedule+0xf5/0x430 +[ 38.410895] ? vmacache_update+0xfe/0x130 +[ 38.415025] ip_getsockopt+0x90/0x220 +[ 38.418803] ? do_ip_getsockopt+0x2170/0x2170 +[ 38.423276] tcp_getsockopt+0x82/0xd0 +[ 38.427060] sock_common_getsockopt+0x95/0xd0 +[ 38.431545] SyS_getsockopt+0x178/0x340 +[ 38.435492] ? SyS_setsockopt+0x360/0x360 +[ 38.439617] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 38.444433] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 38.449421] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 38.454152] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 38.458877] RIP: 0033:0x453299 +[ 38.462040] RSP: 002b:00007fe19de99c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 +[ 38.469718] RAX: ffffffffffffffda RBX: 000000000071bf58 RCX: 0000000000453299 +[ 38.476957] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000013 +[ 38.484197] RBP: 000000000000052b R08: 0000000020a5b000 R09: 0000000000000000 +[ 38.491437] R10: 0000000020296000 R11: 0000000000000212 R12: 00000000006f6ca8 +[ 38.498678] R13: 00000000ffffffff R14: 00007fe19de9a6d4 R15: 0000000000000003 diff --git a/pkg/report/testdata/linux/report/188 b/pkg/report/testdata/linux/report/188 new file mode 100644 index 000000000..0d13aae4f --- /dev/null +++ b/pkg/report/testdata/linux/report/188 @@ -0,0 +1,181 @@ +# Note: 185-188 have the same root cause. +TITLE: possible deadlock in rtnl_lock + +[ 82.159264] ====================================================== +[ 82.165575] WARNING: possible circular locking dependency detected +[ 82.171877] 4.15.0+ #221 Not tainted +[ 82.175574] ------------------------------------------------------ +[ 82.181875] syz-executor0/4217 is trying to acquire lock: +[ 82.187393] (rtnl_mutex){+.+.}, at: [<00000000ac220e5b>] rtnl_lock+0x17/0x20 +[ 82.194670] +[ 82.194670] but task is already holding lock: +[ 82.200628] (&xt[i].mutex){+.+.}, at: [<000000008835a5fc>] xt_find_table_lock+0x3e/0x3e0 +[ 82.208949] +[ 82.208949] which lock already depends on the new lock. +[ 82.208949] +[ 82.217245] +[ 82.217245] the existing dependency chain (in reverse order) is: +[ 82.224847] +[ 82.224847] -> #2 (&xt[i].mutex){+.+.}: +[ 82.230301] __mutex_lock+0x16f/0x1a80 +[ 82.234698] mutex_lock_nested+0x16/0x20 +[ 82.239270] xt_find_revision+0xc9/0x2b0 +[ 82.243836] do_ip6t_get_ctl+0x963/0xaf0 +[ 82.248402] nf_getsockopt+0x6a/0xc0 +[ 82.252628] ipv6_getsockopt+0x1df/0x2e0 +[ 82.257181] tcp_getsockopt+0x82/0xd0 +[ 82.261478] sock_common_getsockopt+0x95/0xd0 +[ 82.266465] SyS_getsockopt+0x178/0x340 +[ 82.270931] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.276178] +[ 82.276178] -> #1 (sk_lock-AF_INET6){+.+.}: +[ 82.281955] lock_sock_nested+0xc2/0x110 +[ 82.286511] do_ipv6_setsockopt.isra.8+0x3c5/0x39d0 +[ 82.292020] ipv6_setsockopt+0xd7/0x130 +[ 82.296485] rawv6_setsockopt+0x4a/0xf0 +[ 82.300951] sock_common_setsockopt+0x95/0xd0 +[ 82.305938] SyS_setsockopt+0x189/0x360 +[ 82.310404] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.315648] +[ 82.315648] -> #0 (rtnl_mutex){+.+.}: +[ 82.320904] lock_acquire+0x1d5/0x580 +[ 82.325195] __mutex_lock+0x16f/0x1a80 +[ 82.329577] mutex_lock_nested+0x16/0x20 +[ 82.334133] rtnl_lock+0x17/0x20 +[ 82.337991] unregister_netdevice_notifier+0x91/0x4e0 +[ 82.343677] clusterip_tg_destroy+0x389/0x6e0 +[ 82.348665] cleanup_entry+0x218/0x350 +[ 82.353041] __do_replace+0x79d/0xa50 +[ 82.357330] do_ipt_set_ctl+0x40f/0x5f0 +[ 82.361794] nf_setsockopt+0x67/0xc0 +[ 82.365998] ip_setsockopt+0x97/0xa0 +[ 82.370210] tcp_setsockopt+0x82/0xd0 +[ 82.374503] sock_common_setsockopt+0x95/0xd0 +[ 82.379488] SyS_setsockopt+0x189/0x360 +[ 82.383951] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.389194] +[ 82.389194] other info that might help us debug this: +[ 82.389194] +[ 82.397306] Chain exists of: +[ 82.397306] rtnl_mutex --> sk_lock-AF_INET6 --> &xt[i].mutex +[ 82.397306] +[ 82.407594] Possible unsafe locking scenario: +[ 82.407594] +[ 82.413618] CPU0 CPU1 +[ 82.418255] ---- ---- +[ 82.422888] lock(&xt[i].mutex); +[ 82.426310] lock(sk_lock-AF_INET6); +[ 82.432596] lock(&xt[i].mutex); +[ 82.438536] lock(rtnl_mutex); +[ 82.441786] +[ 82.441786] *** DEADLOCK *** +[ 82.441786] +[ 82.447816] 1 lock held by syz-executor0/4217: +[ 82.452362] #0: (&xt[i].mutex){+.+.}, at: [<000000008835a5fc>] xt_find_table_lock+0x3e/0x3e0 +[ 82.461090] +[ 82.461090] stack backtrace: +[ 82.465557] CPU: 1 PID: 4217 Comm: syz-executor0 Not tainted 4.15.0+ #221 +[ 82.472450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 82.481772] Call Trace: +[ 82.484336] dump_stack+0x194/0x257 +[ 82.487933] ? arch_local_irq_restore+0x53/0x53 +[ 82.492576] print_circular_bug.isra.38+0x2cd/0x2dc +[ 82.497565] ? save_trace+0xe0/0x2b0 +[ 82.501250] __lock_acquire+0x30a8/0x3e00 +[ 82.505369] ? print_irqtrace_events+0x270/0x270 +[ 82.510099] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.515261] ? print_irqtrace_events+0x270/0x270 +[ 82.519990] ? print_irqtrace_events+0x270/0x270 +[ 82.524718] ? __lock_acquire+0x664/0x3e00 +[ 82.528924] ? __lock_acquire+0x664/0x3e00 +[ 82.533130] ? __is_insn_slot_addr+0x1fc/0x330 +[ 82.537685] ? lock_downgrade+0x980/0x980 +[ 82.541808] ? lock_release+0xa40/0xa40 +[ 82.545754] ? bpf_prog_kallsyms_find+0xbd/0x440 +[ 82.550483] ? modules_open+0xa0/0xa0 +[ 82.554254] ? trace_raw_output_xdp_redirect_map_err+0x440/0x440 +[ 82.560369] ? lock_downgrade+0x980/0x980 +[ 82.564492] ? __free_insn_slot+0x5c0/0x5c0 +[ 82.568782] ? check_noncircular+0x20/0x20 +[ 82.572986] lock_acquire+0x1d5/0x580 +[ 82.576759] ? lock_acquire+0x1d5/0x580 +[ 82.580705] ? rtnl_lock+0x17/0x20 +[ 82.584218] ? lock_release+0xa40/0xa40 +[ 82.588707] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 82.594565] ? unwind_get_return_address+0x61/0xa0 +[ 82.599467] ? rcu_note_context_switch+0x710/0x710 +[ 82.604377] ? __might_sleep+0x95/0x190 +[ 82.608332] ? rtnl_lock+0x17/0x20 +[ 82.611847] __mutex_lock+0x16f/0x1a80 +[ 82.615706] ? rtnl_lock+0x17/0x20 +[ 82.619216] ? save_trace+0xe0/0x2b0 +[ 82.622903] ? rtnl_lock+0x17/0x20 +[ 82.626412] ? __lock_acquire+0x36c0/0x3e00 +[ 82.630709] ? mutex_lock_io_nested+0x1900/0x1900 +[ 82.635524] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.640685] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 82.645848] ? __free_insn_slot+0x5c0/0x5c0 +[ 82.650143] ? is_bpf_text_address+0xa4/0x120 +[ 82.654611] ? rcutorture_record_progress+0x10/0x10 +[ 82.659602] ? is_bpf_text_address+0xa4/0x120 +[ 82.664066] ? kernel_text_address+0x102/0x140 +[ 82.668618] ? __kernel_text_address+0xd/0x40 +[ 82.673084] ? unwind_get_return_address+0x61/0xa0 +[ 82.677988] ? depot_save_stack+0x12c/0x490 +[ 82.682284] ? check_noncircular+0x20/0x20 +[ 82.686491] ? check_noncircular+0x20/0x20 +[ 82.690702] ? save_stack+0x43/0xd0 +[ 82.694302] ? kasan_kmalloc+0xad/0xe0 +[ 82.698160] ? __kmalloc_node+0x47/0x70 +[ 82.702111] ? xt_replace_table+0x23c/0x9d0 +[ 82.706405] ? __do_replace+0x2e3/0xa50 +[ 82.710350] ? do_ipt_set_ctl+0x40f/0x5f0 +[ 82.714473] mutex_lock_nested+0x16/0x20 +[ 82.718504] ? mutex_lock_nested+0x16/0x20 +[ 82.722710] rtnl_lock+0x17/0x20 +[ 82.726050] unregister_netdevice_notifier+0x91/0x4e0 +[ 82.731212] ? clusterip_tg_destroy+0x36a/0x6e0 +[ 82.735852] ? lock_downgrade+0x980/0x980 +[ 82.739970] ? register_netdevice_notifier+0x860/0x860 +[ 82.745218] ? __lock_is_held+0xb6/0x140 +[ 82.749254] ? mark_held_locks+0xaf/0x100 +[ 82.753381] ? do_raw_spin_trylock+0x190/0x190 +[ 82.757944] ? __local_bh_enable_ip+0x121/0x230 +[ 82.762586] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 82.767574] ? clusterip_tg_destroy+0x350/0x6e0 +[ 82.772215] ? trace_hardirqs_on+0xd/0x10 +[ 82.776333] clusterip_tg_destroy+0x389/0x6e0 +[ 82.780799] ? free_modinfo_version+0x70/0x70 +[ 82.785264] ? clusterip_tg+0xa40/0xa40 +[ 82.789207] ? cpumask_next+0x24/0x30 +[ 82.792980] ? __lock_is_held+0xb6/0x140 +[ 82.797015] ? clusterip_tg+0xa40/0xa40 +[ 82.800967] cleanup_entry+0x218/0x350 +[ 82.804823] ? cleanup_match+0x220/0x220 +[ 82.808858] ? find_next_bit+0x27/0x30 +[ 82.812721] __do_replace+0x79d/0xa50 +[ 82.816495] ? compat_table_info+0x470/0x470 +[ 82.820879] ? kasan_check_write+0x14/0x20 +[ 82.825087] ? _copy_from_user+0x99/0x110 +[ 82.829207] do_ipt_set_ctl+0x40f/0x5f0 +[ 82.833153] ? translate_compat_table+0x1b90/0x1b90 +[ 82.838141] ? __handle_mm_fault+0x3ce0/0x3ce0 +[ 82.842701] ? mutex_unlock+0xd/0x10 +[ 82.846389] ? nf_sockopt_find.constprop.0+0x1a7/0x220 +[ 82.851640] nf_setsockopt+0x67/0xc0 +[ 82.855329] ip_setsockopt+0x97/0xa0 +[ 82.859017] tcp_setsockopt+0x82/0xd0 +[ 82.862792] sock_common_setsockopt+0x95/0xd0 +[ 82.867258] SyS_setsockopt+0x189/0x360 +[ 82.871203] ? SyS_recv+0x40/0x40 +[ 82.874629] ? entry_SYSCALL_64_fastpath+0x5/0xa0 +[ 82.879442] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 82.884436] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 82.889170] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 82.893895] RIP: 0033:0x455d8a +[ 82.897058] RSP: 002b:0000000000a2f598 EFLAGS: 00000206 ORIG_RAX: 0000000000000036 +[ 82.904739] RAX: ffffffffffffffda RBX: 00000000006f8a40 RCX: 0000000000455d8a +[ 82.911978] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000013 +[ 82.919220] RBP: 00000000006f8a40 R08: 00000000000002d8 R09: 0000000000000001 +[ 82.926461] R10: 00000000006f8e68 R11: 0000000000000206 R12: 0000000000000013 +[ 82.933703] R13: 00000000006fb9e8 R14: 00000000000140a1 R15: 0000000000000001 diff --git a/pkg/report/testdata/linux/report/189 b/pkg/report/testdata/linux/report/189 new file mode 100644 index 000000000..7e541feed --- /dev/null +++ b/pkg/report/testdata/linux/report/189 @@ -0,0 +1,168 @@ +# Note: 189-190 have the same root cause. +TITLE: possible deadlock in vcs_read + +[ 75.037355] ====================================================== +[ 75.037357] WARNING: possible circular locking dependency detected +[ 75.037363] 4.15.0-rc2+ #216 Not tainted +[ 75.037365] ------------------------------------------------------ +[ 75.037369] syz-executor7/8848 is trying to acquire lock: +[ 75.037371] (console_lock){+.+.}, at: [<000000001c8cd30e>] vcs_read+0x129/0xae0 +[ 75.037394] +[ 75.037394] but task is already holding lock: +[ 75.037395] (&pipe->mutex/1){+.+.}, at: [<00000000dd7fc330>] pipe_lock+0x56/0x70 +[ 75.037414] +[ 75.037414] which lock already depends on the new lock. +[ 75.037414] +[ 75.037416] +[ 75.037416] the existing dependency chain (in reverse order) is: +[ 75.037418] +[ 75.037418] -> #3 (&pipe->mutex/1){+.+.}: +[ 75.037437] lock_acquire+0x1d5/0x580 +[ 75.037447] __mutex_lock+0x16f/0x1a80 +[ 75.037457] mutex_lock_nested+0x16/0x20 +[ 75.037463] pipe_lock+0x56/0x70 +[ 75.037473] iter_file_splice_write+0x264/0xf30 +[ 75.037480] SyS_splice+0x7d5/0x1630 +[ 75.037487] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037489] +[ 75.037489] -> #2 (sb_writers){.+.+}: +[ 75.037502] dput.part.23+0x492/0x830 +[ 75.037508] dput+0x1f/0x30 +[ 75.037521] done_path_create+0xad/0x110 +[ 75.037532] handle_create+0x196/0x760 +[ 75.037542] devtmpfsd+0x3b4/0x4b0 +[ 75.037544] +[ 75.037544] -> #1 ((completion)&req.done){+.+.}: +[ 75.037559] lock_acquire+0x1d5/0x580 +[ 75.037569] wait_for_completion+0xcb/0x7b0 +[ 75.037580] devtmpfs_create_node+0x32b/0x4a0 +[ 75.037589] device_add+0x120f/0x1640 +[ 75.037597] device_create_groups_vargs+0x1f3/0x250 +[ 75.037605] device_create+0xda/0x110 +[ 75.037612] vcs_make_sysfs+0x35/0x60 +[ 75.037621] vc_allocate+0x4b7/0x6b0 +[ 75.037630] con_install+0x52/0x440 +[ 75.037637] tty_init_dev+0xf6/0x4a0 +[ 75.037651] tty_open+0x608/0xab0 +[ 75.037662] chrdev_open+0x257/0x730 +[ 75.037673] do_dentry_open+0x682/0xd70 +[ 75.037682] vfs_open+0x107/0x230 +[ 75.037690] path_openat+0x1157/0x3530 +[ 75.037700] do_filp_open+0x25b/0x3b0 +[ 75.037708] do_sys_open+0x502/0x6d0 +[ 75.037716] SyS_open+0x2d/0x40 +[ 75.037724] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037726] +[ 75.037726] -> #0 (console_lock){+.+.}: +[ 75.037739] __lock_acquire+0x3498/0x47f0 +[ 75.037746] lock_acquire+0x1d5/0x580 +[ 75.037754] console_lock+0x4b/0x80 +[ 75.037760] vcs_read+0x129/0xae0 +[ 75.037768] do_iter_read+0x3db/0x5b0 +[ 75.037773] vfs_readv+0x121/0x1c0 +[ 75.037779] default_file_splice_read+0x508/0xae0 +[ 75.037784] do_splice_to+0x110/0x170 +[ 75.037790] SyS_splice+0x11a8/0x1630 +[ 75.037796] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.037798] +[ 75.037798] other info that might help us debug this: +[ 75.037798] +[ 75.037800] Chain exists of: +[ 75.037800] console_lock --> sb_writers --> &pipe->mutex/1 +[ 75.037800] +[ 75.037809] Possible unsafe locking scenario: +[ 75.037809] +[ 75.037811] CPU0 CPU1 +[ 75.037812] ---- ---- +[ 75.037813] lock(&pipe->mutex/1); +[ 75.037818] lock(sb_writers); +[ 75.037822] lock(&pipe->mutex/1); +[ 75.037826] lock(console_lock); +[ 75.037829] +[ 75.037829] *** DEADLOCK *** +[ 75.037829] +[ 75.037832] 1 lock held by syz-executor7/8848: +[ 75.037833] #0: (&pipe->mutex/1){+.+.}, at: [<00000000dd7fc330>] pipe_lock+0x56/0x70 +[ 75.037843] +[ 75.037843] stack backtrace: +[ 75.037850] CPU: 0 PID: 8848 Comm: syz-executor7 Not tainted 4.15.0-rc2+ #216 +[ 75.037853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 75.037855] Call Trace: +[ 75.037864] dump_stack+0x194/0x257 +[ 75.037871] ? arch_local_irq_restore+0x53/0x53 +[ 75.037883] print_circular_bug+0x42d/0x610 +[ 75.037892] ? save_stack_trace+0x1a/0x20 +[ 75.037901] check_prev_add+0x666/0x15f0 +[ 75.037908] ? copy_trace+0x150/0x150 +[ 75.037916] ? check_usage+0xb60/0xb60 +[ 75.037922] ? __save_stack_trace+0x61/0xd0 +[ 75.037933] ? save_stack_trace+0x1a/0x20 +[ 75.037941] __lock_acquire+0x3498/0x47f0 +[ 75.037948] ? __lock_acquire+0x3498/0x47f0 +[ 75.037963] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 75.037970] ? check_noncircular+0x20/0x20 +[ 75.037977] ? perf_trace_lock+0xd6/0x900 +[ 75.037983] ? __lock_is_held+0xbc/0x140 +[ 75.037992] ? trace_event_raw_event_lock+0x340/0x340 +[ 75.038000] ? check_noncircular+0x20/0x20 +[ 75.038007] ? __lock_is_held+0xbc/0x140 +[ 75.038017] ? check_noncircular+0x20/0x20 +[ 75.038025] ? rcu_read_lock_sched_held+0x108/0x120 +[ 75.038033] ? find_held_lock+0x39/0x1d0 +[ 75.038042] ? print_usage_bug+0x3f0/0x3f0 +[ 75.038050] ? lock_downgrade+0x980/0x980 +[ 75.038060] lock_acquire+0x1d5/0x580 +[ 75.038066] ? vcs_read+0x129/0xae0 +[ 75.038073] ? lock_release+0xda0/0xda0 +[ 75.038080] ? lock_release+0xda0/0xda0 +[ 75.038086] ? mark_held_locks+0xb2/0x100 +[ 75.038093] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 75.038101] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 75.038107] ? trace_hardirqs_on+0xd/0x10 +[ 75.038116] console_lock+0x4b/0x80 +[ 75.038121] ? vcs_read+0x129/0xae0 +[ 75.038126] vcs_read+0x129/0xae0 +[ 75.038136] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 75.038145] ? selinux_file_permission+0x82/0x460 +[ 75.038151] ? vcs_poll+0x130/0x130 +[ 75.038157] ? security_file_permission+0x89/0x1f0 +[ 75.038165] ? rw_verify_area+0xe5/0x2b0 +[ 75.038174] do_iter_read+0x3db/0x5b0 +[ 75.038182] ? dup_iter+0x260/0x260 +[ 75.038192] vfs_readv+0x121/0x1c0 +[ 75.038200] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 +[ 75.038206] ? lock_acquire+0x1d5/0x580 +[ 75.038211] ? pipe_lock+0x56/0x70 +[ 75.038219] ? lock_release+0xda0/0xda0 +[ 75.038227] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 75.038235] ? rcu_note_context_switch+0x710/0x710 +[ 75.038242] ? __might_sleep+0x95/0x190 +[ 75.038247] ? pipe_lock+0x56/0x70 +[ 75.038256] ? __mutex_lock+0x16f/0x1a80 +[ 75.038260] ? pipe_lock+0x56/0x70 +[ 75.038269] default_file_splice_read+0x508/0xae0 +[ 75.038276] ? default_file_splice_read+0x508/0xae0 +[ 75.038287] ? do_splice_direct+0x3d0/0x3d0 +[ 75.038293] ? __lock_is_held+0xbc/0x140 +[ 75.038306] ? __lock_is_held+0xbc/0x140 +[ 75.038318] ? _raw_spin_unlock+0x22/0x30 +[ 75.038325] ? fsnotify+0x7b3/0x1140 +[ 75.038334] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 75.038343] ? avc_policy_seqno+0x9/0x20 +[ 75.038348] ? selinux_file_permission+0x82/0x460 +[ 75.038356] ? security_file_permission+0x89/0x1f0 +[ 75.038364] ? do_splice_direct+0x3d0/0x3d0 +[ 75.038370] do_splice_to+0x110/0x170 +[ 75.038375] ? do_splice_to+0x110/0x170 +[ 75.038383] SyS_splice+0x11a8/0x1630 +[ 75.038395] ? compat_SyS_vmsplice+0x250/0x250 +[ 75.038400] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 75.038410] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 75.038419] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 75.038424] RIP: 0033:0x452a39 +[ 75.038428] RSP: 002b:00007f2d70f0ac58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 75.038434] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 +[ 75.038437] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000016 +[ 75.038441] RBP: 0000000000000307 R08: 0000000000000058 R09: 0000000000000000 +[ 75.038444] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f2948 +[ 75.038448] R13: 00000000ffffffff R14: 00007f2d70f0b6d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/190 b/pkg/report/testdata/linux/report/190 new file mode 100644 index 000000000..d5eea744e --- /dev/null +++ b/pkg/report/testdata/linux/report/190 @@ -0,0 +1,163 @@ +# Note: 189-190 have the same root cause. +TITLE: possible deadlock in vcs_write + +[ 127.343789] ====================================================== +[ 127.343792] WARNING: possible circular locking dependency detected +[ 127.343797] 4.15.0-rc2+ #209 Not tainted +[ 127.343799] ------------------------------------------------------ +[ 127.343803] syz-executor4/16108 is trying to acquire lock: +[ 127.343805] (console_lock){+.+.}, at: [<00000000ec170b5b>] vcs_write+0x14d/0xca0 +[ 127.343827] +[ 127.343827] but task is already holding lock: +[ 127.343828] (&pipe->mutex/1){+.+.}, at: [<0000000040ee4d01>] pipe_lock+0x56/0x70 +[ 127.343846] +[ 127.343846] which lock already depends on the new lock. +[ 127.343846] +[ 127.343848] +[ 127.343848] the existing dependency chain (in reverse order) is: +[ 127.343850] +[ 127.343850] -> #3 (&pipe->mutex/1){+.+.}: +[ 127.343867] lock_acquire+0x1d5/0x580 +[ 127.343879] __mutex_lock+0x16f/0x1a80 +[ 127.343889] mutex_lock_nested+0x16/0x20 +[ 127.343895] pipe_lock+0x56/0x70 +[ 127.343907] iter_file_splice_write+0x264/0xf30 +[ 127.343914] SyS_splice+0x7d5/0x1630 +[ 127.343923] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.343925] +[ 127.343925] -> #2 (sb_writers){.+.+}: +[ 127.343939] put_ucounts+0x71/0x2d0 +[ 127.343940] +[ 127.343940] -> #1 ((completion)&req.done){+.+.}: +[ 127.343953] lock_acquire+0x1d5/0x580 +[ 127.343961] wait_for_completion+0xcb/0x7b0 +[ 127.343971] devtmpfs_create_node+0x32b/0x4a0 +[ 127.343977] device_add+0x120f/0x1640 +[ 127.343985] device_create_groups_vargs+0x1f3/0x250 +[ 127.343991] device_create+0xda/0x110 +[ 127.343998] vcs_make_sysfs+0x35/0x60 +[ 127.344009] vc_allocate+0x4b7/0x6b0 +[ 127.344017] con_install+0x52/0x440 +[ 127.344024] tty_init_dev+0xf6/0x4a0 +[ 127.344030] tty_open+0x608/0xab0 +[ 127.344037] chrdev_open+0x257/0x730 +[ 127.344045] do_dentry_open+0x682/0xd70 +[ 127.344053] vfs_open+0x107/0x230 +[ 127.344060] path_openat+0x1157/0x3530 +[ 127.344067] do_filp_open+0x25b/0x3b0 +[ 127.344075] do_sys_open+0x502/0x6d0 +[ 127.344082] SyS_open+0x2d/0x40 +[ 127.344090] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344092] +[ 127.344092] -> #0 (console_lock){+.+.}: +[ 127.344113] __lock_acquire+0x3498/0x47f0 +[ 127.344121] lock_acquire+0x1d5/0x580 +[ 127.344129] console_lock+0x4b/0x80 +[ 127.344137] vcs_write+0x14d/0xca0 +[ 127.344144] __vfs_write+0xef/0x970 +[ 127.344151] __kernel_write+0xfe/0x350 +[ 127.344158] write_pipe_buf+0x175/0x220 +[ 127.344168] __splice_from_pipe+0x328/0x730 +[ 127.344176] splice_from_pipe+0x1e9/0x330 +[ 127.344184] default_file_splice_write+0x40/0x90 +[ 127.344191] SyS_splice+0x7d5/0x1630 +[ 127.344198] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344201] +[ 127.344201] other info that might help us debug this: +[ 127.344201] +[ 127.344202] Chain exists of: +[ 127.344202] console_lock --> sb_writers --> &pipe->mutex/1 +[ 127.344202] +[ 127.344214] Possible unsafe locking scenario: +[ 127.344214] +[ 127.344215] CPU0 CPU1 +[ 127.344217] ---- ---- +[ 127.344218] lock(&pipe->mutex/1); +[ 127.344224] lock(sb_writers); +[ 127.344228] lock(&pipe->mutex/1); +[ 127.344233] lock(console_lock); +[ 127.344238] +[ 127.344238] *** DEADLOCK *** +[ 127.344238] +[ 127.344243] 1 lock held by syz-executor4/16108: +[ 127.344244] #0: (&pipe->mutex/1){+.+.}, at: [<0000000040ee4d01>] pipe_lock+0x56/0x70 +[ 127.344258] +[ 127.344258] stack backtrace: +[ 127.344266] CPU: 0 PID: 16108 Comm: syz-executor4 Not tainted 4.15.0-rc2+ #209 +[ 127.344270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 127.344272] Call Trace: +[ 127.344281] dump_stack+0x194/0x257 +[ 127.344290] ? arch_local_irq_restore+0x53/0x53 +[ 127.344303] print_circular_bug+0x42d/0x610 +[ 127.344310] ? save_stack_trace+0x1a/0x20 +[ 127.344320] check_prev_add+0x666/0x15f0 +[ 127.344326] ? copy_trace+0x150/0x150 +[ 127.344335] ? check_usage+0xb60/0xb60 +[ 127.344344] ? print_usage_bug+0x3f0/0x3f0 +[ 127.344354] ? __lock_acquire+0x3498/0x47f0 +[ 127.344363] __lock_acquire+0x3498/0x47f0 +[ 127.344368] ? __lock_acquire+0x3498/0x47f0 +[ 127.344383] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 127.344391] ? check_noncircular+0x20/0x20 +[ 127.344399] ? perf_trace_lock+0xd6/0x900 +[ 127.344405] ? __lock_is_held+0xbc/0x140 +[ 127.344414] ? trace_event_raw_event_lock+0x340/0x340 +[ 127.344422] ? perf_trace_lock_acquire+0xe3/0x980 +[ 127.344427] ? check_noncircular+0x20/0x20 +[ 127.344437] ? perf_trace_lock+0x900/0x900 +[ 127.344444] ? check_noncircular+0x20/0x20 +[ 127.344451] ? rcu_read_lock_sched_held+0x108/0x120 +[ 127.344460] ? find_held_lock+0x39/0x1d0 +[ 127.344469] ? print_usage_bug+0x3f0/0x3f0 +[ 127.344477] ? lock_downgrade+0x980/0x980 +[ 127.344487] lock_acquire+0x1d5/0x580 +[ 127.344494] ? vcs_write+0x14d/0xca0 +[ 127.344500] ? lock_release+0xda0/0xda0 +[ 127.344508] ? lock_release+0xda0/0xda0 +[ 127.344516] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 127.344524] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.344531] ? trace_hardirqs_on+0xd/0x10 +[ 127.344540] console_lock+0x4b/0x80 +[ 127.344546] ? vcs_write+0x14d/0xca0 +[ 127.344552] vcs_write+0x14d/0xca0 +[ 127.344559] ? __might_sleep+0x95/0x190 +[ 127.344565] ? pipe_lock+0x56/0x70 +[ 127.344573] ? __mutex_lock+0x16f/0x1a80 +[ 127.344578] ? pipe_lock+0x56/0x70 +[ 127.344589] ? get_futex_key+0x1d50/0x1d50 +[ 127.344597] ? vcs_size+0x170/0x170 +[ 127.344604] ? mutex_lock_io_nested+0x1900/0x1900 +[ 127.344611] ? check_noncircular+0x20/0x20 +[ 127.344619] ? find_held_lock+0x39/0x1d0 +[ 127.344627] ? vcs_size+0x170/0x170 +[ 127.344632] __vfs_write+0xef/0x970 +[ 127.344638] ? kernel_read+0x120/0x120 +[ 127.344645] ? __lock_is_held+0xbc/0x140 +[ 127.344657] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 127.344667] ? rcu_note_context_switch+0x710/0x710 +[ 127.344675] __kernel_write+0xfe/0x350 +[ 127.344683] write_pipe_buf+0x175/0x220 +[ 127.344692] ? default_file_splice_read+0xae0/0xae0 +[ 127.344699] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 127.344706] ? splice_from_pipe_next.part.9+0x22e/0x2f0 +[ 127.344715] __splice_from_pipe+0x328/0x730 +[ 127.344723] ? default_file_splice_read+0xae0/0xae0 +[ 127.344733] splice_from_pipe+0x1e9/0x330 +[ 127.344740] ? default_file_splice_read+0xae0/0xae0 +[ 127.344747] ? splice_shrink_spd+0xb0/0xb0 +[ 127.344759] ? security_file_permission+0x89/0x1f0 +[ 127.344767] default_file_splice_write+0x40/0x90 +[ 127.344774] ? generic_splice_sendpage+0x50/0x50 +[ 127.344780] SyS_splice+0x7d5/0x1630 +[ 127.344786] ? SyS_futex+0x269/0x390 +[ 127.344796] ? compat_SyS_vmsplice+0x250/0x250 +[ 127.344801] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 127.344808] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 127.344817] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 127.344822] RIP: 0033:0x452a39 +[ 127.344826] RSP: 002b:00007f78f0139c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 127.344832] RAX: ffffffffffffffda RBX: 00007f78f013a700 RCX: 0000000000452a39 +[ 127.344836] RDX: 0000000000000013 RSI: 0000000000000000 RDI: 0000000000000014 +[ 127.344840] RBP: 0000000000000000 R08: 00000000fffff5fc R09: 0000000000000000 +[ 127.344844] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 +[ 127.344847] R13: 0000000000a6f7ff R14: 00007f78f013a9c0 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/191 b/pkg/report/testdata/linux/report/191 new file mode 100644 index 000000000..517b03dd4 --- /dev/null +++ b/pkg/report/testdata/linux/report/191 @@ -0,0 +1,248 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_event_ctx_lock_nested + +[ 189.031888] ====================================================== +[ 189.038179] WARNING: possible circular locking dependency detected +[ 189.044467] 4.15.0-rc3+ #222 Not tainted +[ 189.048497] ------------------------------------------------------ +[ 189.054779] syz-executor5/24180 is trying to acquire lock: +[ 189.060366] (&ctx->mutex){+.+.}, at: [<00000000546c47e1>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.069358] +[ 189.069358] but task is already holding lock: +[ 189.075292] (&pipe->mutex/1){+.+.}, at: [<000000002090b936>] pipe_lock+0x56/0x70 +[ 189.082888] +[ 189.082888] which lock already depends on the new lock. +[ 189.082888] +[ 189.091166] +[ 189.091166] the existing dependency chain (in reverse order) is: +[ 189.098751] +[ 189.098751] -> #8 (&pipe->mutex/1){+.+.}: +[ 189.104353] lock_acquire+0x1d5/0x580 +[ 189.108648] __mutex_lock+0x16f/0x1a80 +[ 189.113028] mutex_lock_nested+0x16/0x20 +[ 189.117576] pipe_lock+0x56/0x70 +[ 189.121429] iter_file_splice_write+0x264/0xf30 +[ 189.126584] SyS_splice+0x7d5/0x1630 +[ 189.130783] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.136025] +[ 189.136025] -> #7 (sb_writers){.+.+}: +[ 189.141276] try_to_wake_up+0xbc/0x1600 +[ 189.145737] default_wake_function+0x30/0x50 +[ 189.150633] __wake_up_common+0x18e/0x780 +[ 189.155268] __wake_up_locked+0x11/0x20 +[ 189.159727] complete+0x5f/0x80 +[ 189.163490] +[ 189.163490] -> #6 ((completion)&req.done){+.+.}: +[ 189.169693] lock_acquire+0x1d5/0x580 +[ 189.173982] wait_for_completion+0xcb/0x7b0 +[ 189.178790] devtmpfs_create_node+0x32b/0x4a0 +[ 189.183774] device_add+0x120f/0x1640 +[ 189.188062] device_create_groups_vargs+0x1f3/0x250 +[ 189.193566] device_create+0xda/0x110 +[ 189.197854] msr_device_create+0x26/0x40 +[ 189.202402] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 189.207554] cpuhp_thread_fun+0x48e/0x7e0 +[ 189.212189] smpboot_thread_fn+0x450/0x7c0 +[ 189.216910] kthread+0x37a/0x440 +[ 189.220760] ret_from_fork+0x24/0x30 +[ 189.224956] +[ 189.224956] -> #5 (cpuhp_state-up){+.+.}: +[ 189.230553] lock_acquire+0x1d5/0x580 +[ 189.234838] cpuhp_issue_call+0x1e5/0x520 +[ 189.239470] __cpuhp_setup_state_cpuslocked+0x282/0x600 +[ 189.245322] __cpuhp_setup_state+0xb0/0x140 +[ 189.250131] page_writeback_init+0x4d/0x71 +[ 189.254851] pagecache_init+0x48/0x4f +[ 189.259139] start_kernel+0x6c1/0x754 +[ 189.263426] x86_64_start_reservations+0x2a/0x2c +[ 189.268665] x86_64_start_kernel+0x77/0x7a +[ 189.273387] secondary_startup_64+0xa5/0xb0 +[ 189.278189] +[ 189.278189] -> #4 (cpuhp_state_mutex){+.+.}: +[ 189.284045] lock_acquire+0x1d5/0x580 +[ 189.288331] __mutex_lock+0x16f/0x1a80 +[ 189.292702] mutex_lock_nested+0x16/0x20 +[ 189.297247] __cpuhp_setup_state_cpuslocked+0x5b/0x600 +[ 189.303012] __cpuhp_setup_state+0xb0/0x140 +[ 189.307822] kvm_guest_init+0x1f3/0x20f +[ 189.312282] setup_arch+0x17e8/0x1a02 +[ 189.316567] start_kernel+0xa5/0x754 +[ 189.320765] x86_64_start_reservations+0x2a/0x2c +[ 189.326006] x86_64_start_kernel+0x77/0x7a +[ 189.330730] secondary_startup_64+0xa5/0xb0 +[ 189.335535] +[ 189.335535] -> #3 (cpu_hotplug_lock.rw_sem){++++}: +[ 189.341912] lock_acquire+0x1d5/0x580 +[ 189.346198] cpus_read_lock+0x42/0x90 +[ 189.350485] static_key_slow_inc+0x9d/0x3c0 +[ 189.355296] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 189.361145] tracepoint_probe_register+0x2a/0x40 +[ 189.366386] trace_event_reg+0x167/0x320 +[ 189.370932] perf_trace_init+0x4ef/0xab0 +[ 189.375480] perf_tp_event_init+0x7d/0xf0 +[ 189.380114] perf_try_init_event+0xc9/0x1f0 +[ 189.384919] perf_event_alloc+0x1cc6/0x2b00 +[ 189.389725] SYSC_perf_event_open+0x84e/0x2e00 +[ 189.394792] SyS_perf_event_open+0x39/0x50 +[ 189.399513] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.404750] +[ 189.404750] -> #2 (tracepoints_mutex){+.+.}: +[ 189.410606] lock_acquire+0x1d5/0x580 +[ 189.414893] __mutex_lock+0x16f/0x1a80 +[ 189.419266] mutex_lock_nested+0x16/0x20 +[ 189.423813] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 189.429583] tracepoint_probe_register+0x2a/0x40 +[ 189.434824] trace_event_reg+0x167/0x320 +[ 189.439371] perf_trace_init+0x4ef/0xab0 +[ 189.443916] perf_tp_event_init+0x7d/0xf0 +[ 189.448550] perf_try_init_event+0xc9/0x1f0 +[ 189.453357] perf_event_alloc+0x1cc6/0x2b00 +[ 189.458163] SYSC_perf_event_open+0x84e/0x2e00 +[ 189.463232] SyS_perf_event_open+0x39/0x50 +[ 189.467952] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.473191] +[ 189.473191] -> #1 (event_mutex){+.+.}: +[ 189.478527] lock_acquire+0x1d5/0x580 +[ 189.482812] __mutex_lock+0x16f/0x1a80 +[ 189.487184] mutex_lock_nested+0x16/0x20 +[ 189.491733] perf_trace_init+0x58/0xab0 +[ 189.496196] perf_tp_event_init+0x7d/0xf0 +[ 189.500829] perf_try_init_event+0xc9/0x1f0 +[ 189.505636] perf_event_alloc+0x1005/0x2b00 +[ 189.510443] inherit_event.isra.92+0x15b/0x920 +[ 189.515514] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 189.521623] perf_event_init_task+0x348/0x890 +[ 189.526605] copy_process.part.36+0x173b/0x4ae0 +[ 189.531759] _do_fork+0x1ef/0xff0 +[ 189.535698] SyS_clone+0x37/0x50 +[ 189.539552] do_syscall_64+0x26c/0x920 +[ 189.543923] return_from_SYSCALL_64+0x0/0x75 +[ 189.548815] +[ 189.548815] -> #0 (&ctx->mutex){+.+.}: +[ 189.554152] __lock_acquire+0x3498/0x47f0 +[ 189.558785] lock_acquire+0x1d5/0x580 +[ 189.563072] __mutex_lock+0x16f/0x1a80 +[ 189.567444] mutex_lock_nested+0x16/0x20 +[ 189.571995] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.577500] perf_read+0xb9/0x970 +[ 189.581443] do_iter_read+0x3db/0x5b0 +[ 189.585730] vfs_readv+0x121/0x1c0 +[ 189.589759] default_file_splice_read+0x508/0xae0 +[ 189.595087] do_splice_to+0x110/0x170 +[ 189.599374] SyS_splice+0x11a8/0x1630 +[ 189.603662] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 189.608899] +[ 189.608899] other info that might help us debug this: +[ 189.608899] +[ 189.617005] Chain exists of: +[ 189.617005] &ctx->mutex --> sb_writers --> &pipe->mutex/1 +[ 189.617005] +[ 189.627034] Possible unsafe locking scenario: +[ 189.627034] +[ 189.633055] CPU0 CPU1 +[ 189.637683] ---- ---- +[ 189.642325] lock(&pipe->mutex/1); +[ 189.645919] lock(sb_writers); +[ 189.651681] lock(&pipe->mutex/1); +[ 189.657792] lock(&ctx->mutex); +[ 189.661121] +[ 189.661121] *** DEADLOCK *** +[ 189.661121] +[ 189.667148] 1 lock held by syz-executor5/24180: +[ 189.671777] #0: (&pipe->mutex/1){+.+.}, at: [<000000002090b936>] pipe_lock+0x56/0x70 +[ 189.679805] +[ 189.679805] stack backtrace: +[ 189.684270] CPU: 1 PID: 24180 Comm: syz-executor5 Not tainted 4.15.0-rc3+ #222 +[ 189.691592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 189.700909] Call Trace: +[ 189.703468] dump_stack+0x194/0x257 +[ 189.707063] ? arch_local_irq_restore+0x53/0x53 +[ 189.711700] print_circular_bug+0x42d/0x610 +[ 189.715989] ? save_stack_trace+0x1a/0x20 +[ 189.720104] check_prev_add+0x666/0x15f0 +[ 189.724132] ? copy_trace+0x150/0x150 +[ 189.727898] ? check_usage+0xb60/0xb60 +[ 189.731754] ? find_get_context.isra.83+0x670/0x670 +[ 189.736738] __lock_acquire+0x3498/0x47f0 +[ 189.740852] ? __lock_acquire+0x3498/0x47f0 +[ 189.745140] ? perf_trace_buf_update+0x66/0xb0 +[ 189.749693] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 189.754849] ? perf_tp_event+0xae0/0xae0 +[ 189.758878] ? memset+0x31/0x40 +[ 189.762124] ? perf_trace_lock_acquire+0x532/0x980 +[ 189.767032] ? print_usage_bug+0x3f0/0x3f0 +[ 189.771232] ? __kernel_text_address+0xd/0x40 +[ 189.775696] lock_acquire+0x1d5/0x580 +[ 189.779465] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.784623] ? lock_release+0xda0/0xda0 +[ 189.788562] ? perf_trace_lock+0xd6/0x900 +[ 189.792676] ? rcu_note_context_switch+0x710/0x710 +[ 189.797571] ? __might_sleep+0x95/0x190 +[ 189.801513] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.806667] __mutex_lock+0x16f/0x1a80 +[ 189.810522] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.815678] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 189.820834] ? perf_tp_event+0xae0/0xae0 +[ 189.824860] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.830021] ? mutex_lock_io_nested+0x1900/0x1900 +[ 189.834827] ? perf_trace_lock+0xd6/0x900 +[ 189.838944] ? trace_event_raw_event_lock+0x340/0x340 +[ 189.844102] ? check_noncircular+0x20/0x20 +[ 189.848300] ? perf_trace_lock+0x900/0x900 +[ 189.852503] ? __bpf_address_lookup+0x2b0/0x2b0 +[ 189.857139] ? check_noncircular+0x20/0x20 +[ 189.861339] ? lock_release+0xda0/0xda0 +[ 189.865280] ? find_held_lock+0x39/0x1d0 +[ 189.869311] ? lock_downgrade+0x980/0x980 +[ 189.873429] ? perf_event_ctx_lock_nested+0xaf/0x450 +[ 189.878498] ? lock_release+0xda0/0xda0 +[ 189.882443] mutex_lock_nested+0x16/0x20 +[ 189.886471] ? mutex_lock_nested+0x16/0x20 +[ 189.890672] perf_event_ctx_lock_nested+0x21b/0x450 +[ 189.895654] ? perf_iterate_ctx+0x770/0x770 +[ 189.899945] ? bpf_fd_pass+0x5c/0x280 +[ 189.903712] ? file_has_perm+0x1ee/0x5d0 +[ 189.907738] perf_read+0xb9/0x970 +[ 189.911158] ? perf_event_read_value+0x60/0x60 +[ 189.915705] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 189.920254] ? selinux_file_permission+0x82/0x460 +[ 189.925063] ? security_file_permission+0x89/0x1f0 +[ 189.929960] ? rw_verify_area+0xe5/0x2b0 +[ 189.933989] do_iter_read+0x3db/0x5b0 +[ 189.937757] ? dup_iter+0x260/0x260 +[ 189.941353] vfs_readv+0x121/0x1c0 +[ 189.944867] ? compat_rw_copy_check_uvector+0x2e0/0x2e0 +[ 189.950197] ? lock_acquire+0x1d5/0x580 +[ 189.954136] ? pipe_lock+0x56/0x70 +[ 189.957644] ? lock_release+0xda0/0xda0 +[ 189.961584] ? rcu_note_context_switch+0x710/0x710 +[ 189.966477] ? __might_sleep+0x95/0x190 +[ 189.970418] ? pipe_lock+0x56/0x70 +[ 189.973926] ? __mutex_lock+0x16f/0x1a80 +[ 189.977949] ? pipe_lock+0x56/0x70 +[ 189.981456] default_file_splice_read+0x508/0xae0 +[ 189.986263] ? default_file_splice_read+0x508/0xae0 +[ 189.991249] ? do_splice_direct+0x3d0/0x3d0 +[ 189.995534] ? __lock_is_held+0xbc/0x140 +[ 189.999564] ? __lock_is_held+0xbc/0x140 +[ 190.003595] ? file_has_perm+0x1ee/0x5d0 +[ 190.007623] ? fsnotify+0x7b3/0x1140 +[ 190.011307] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 190.015855] ? selinux_file_permission+0x82/0x460 +[ 190.020663] ? security_file_permission+0x89/0x1f0 +[ 190.025558] ? do_splice_direct+0x3d0/0x3d0 +[ 190.029845] do_splice_to+0x110/0x170 +[ 190.033609] ? do_splice_to+0x110/0x170 +[ 190.037549] SyS_splice+0x11a8/0x1630 +[ 190.041319] ? SyS_futex+0x269/0x390 +[ 190.045004] ? compat_SyS_vmsplice+0x250/0x250 +[ 190.049555] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 190.054540] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 190.059263] entry_SYSCALL_64_fastpath+0x1f/0x96 +[ 190.063986] RIP: 0033:0x452a39 +[ 190.067141] RSP: 002b:00007f4f7d22fc58 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 +[ 190.074814] RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452a39 +[ 190.082048] RDX: 0000000000000017 RSI: 0000000000000000 RDI: 0000000000000013 +[ 190.089283] RBP: 000000000000039b R08: 00000000000000b9 R09: 0000000000000001 +[ 190.096517] R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f3728 +[ 190.103753] R13: 00000000ffffffff R14: 00007f4f7d2306d4 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/192 b/pkg/report/testdata/linux/report/192 new file mode 100644 index 000000000..5e2041329 --- /dev/null +++ b/pkg/report/testdata/linux/report/192 @@ -0,0 +1,312 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_trace_init + +[ 49.707025] ====================================================== +[ 49.713322] WARNING: possible circular locking dependency detected +[ 49.719607] 4.15.0-rc2+ #122 Not tainted +[ 49.723630] ------------------------------------------------------ +[ 49.729910] syz-executor6/4896 is trying to acquire lock: +[ 49.735409] (event_mutex){+.+.}, at: [<000000009b3a8cd5>] perf_trace_init+0x58/0xab0 +[ 49.743358] +[ 49.743358] but task is already holding lock: +[ 49.749293] (&ctx->mutex){+.+.}, at: [<00000000935cf968>] perf_event_init_task+0x25b/0x890 +[ 49.757751] +[ 49.757751] which lock already depends on the new lock. +[ 49.757751] +[ 49.766030] +[ 49.766030] the existing dependency chain (in reverse order) is: +[ 49.773612] +[ 49.773612] -> #8 (&ctx->mutex){+.+.}: +[ 49.778947] lock_acquire+0x1d5/0x580 +[ 49.783234] __mutex_lock+0x16f/0x1a80 +[ 49.787609] mutex_lock_nested+0x16/0x20 +[ 49.792155] perf_event_ctx_lock_nested+0x21b/0x450 +[ 49.797654] perf_read+0xb9/0x970 +[ 49.801594] do_iter_read+0x3db/0x5b0 +[ 49.805878] vfs_readv+0x121/0x1c0 +[ 49.809903] default_file_splice_read+0x508/0xae0 +[ 49.815231] do_splice_to+0x110/0x170 +[ 49.819516] SyS_splice+0x11a8/0x1630 +[ 49.823803] do_fast_syscall_32+0x3ee/0xf9d +[ 49.828612] entry_SYSENTER_compat+0x51/0x60 +[ 49.833503] +[ 49.833503] -> #7 (&pipe->mutex/1){+.+.}: +[ 49.839105] lock_acquire+0x1d5/0x580 +[ 49.843391] __mutex_lock+0x16f/0x1a80 +[ 49.847763] mutex_lock_nested+0x16/0x20 +[ 49.852308] pipe_lock+0x56/0x70 +[ 49.856160] iter_file_splice_write+0x264/0xf30 +[ 49.861317] SyS_splice+0x7d5/0x1630 +[ 49.865516] do_fast_syscall_32+0x3ee/0xf9d +[ 49.870326] entry_SYSENTER_compat+0x51/0x60 +[ 49.875215] +[ 49.875215] -> #6 (sb_writers){.+.+}: +[ 49.880465] fs_reclaim_acquire+0x14/0x20 +[ 49.885100] kmem_cache_alloc+0x29/0x760 +[ 49.889648] __d_alloc+0xb3/0xbe0 +[ 49.893586] d_alloc+0x8e/0x340 +[ 49.897353] __lookup_hash+0x58/0x190 +[ 49.901635] +[ 49.901635] -> #5 ((completion)&req.done){+.+.}: +[ 49.907839] lock_acquire+0x1d5/0x580 +[ 49.912128] wait_for_completion+0xcb/0x7b0 +[ 49.916937] devtmpfs_create_node+0x32b/0x4a0 +[ 49.921916] device_add+0x120f/0x1640 +[ 49.926203] device_create_groups_vargs+0x1f3/0x250 +[ 49.931704] device_create+0xda/0x110 +[ 49.935991] msr_device_create+0x26/0x40 +[ 49.940540] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 49.945693] cpuhp_thread_fun+0x48e/0x7e0 +[ 49.950330] smpboot_thread_fn+0x450/0x7c0 +[ 49.955048] kthread+0x37a/0x440 +[ 49.958898] ret_from_fork+0x24/0x30 +[ 49.963093] +[ 49.963093] -> #4 (cpuhp_state-up){+.+.}: +[ 49.968687] lock_acquire+0x1d5/0x580 +[ 49.972974] cpuhp_issue_call+0x1e5/0x520 +[ 49.977611] __cpuhp_setup_state_cpuslocked+0x282/0x600 +[ 49.983458] __cpuhp_setup_state+0xb0/0x140 +[ 49.988266] page_writeback_init+0x4d/0x71 +[ 49.992987] pagecache_init+0x48/0x4f +[ 49.997276] start_kernel+0x6bc/0x74f +[ 50.001564] x86_64_start_reservations+0x2a/0x2c +[ 50.006804] x86_64_start_kernel+0x77/0x7a +[ 50.011526] secondary_startup_64+0xa5/0xb0 +[ 50.016329] +[ 50.016329] -> #3 (cpuhp_state_mutex){+.+.}: +[ 50.022186] lock_acquire+0x1d5/0x580 +[ 50.026470] __mutex_lock+0x16f/0x1a80 +[ 50.030841] mutex_lock_nested+0x16/0x20 +[ 50.035386] __cpuhp_setup_state_cpuslocked+0x5b/0x600 +[ 50.041146] __cpuhp_setup_state+0xb0/0x140 +[ 50.045951] kvm_guest_init+0x1f3/0x20f +[ 50.050409] setup_arch+0x17e8/0x1a02 +[ 50.054695] start_kernel+0xa5/0x74f +[ 50.058896] x86_64_start_reservations+0x2a/0x2c +[ 50.064136] x86_64_start_kernel+0x77/0x7a +[ 50.068855] secondary_startup_64+0xa5/0xb0 +[ 50.073659] +[ 50.073659] -> #2 (cpu_hotplug_lock.rw_sem){++++}: +[ 50.080037] lock_acquire+0x1d5/0x580 +[ 50.084323] cpus_read_lock+0x42/0x90 +[ 50.088611] static_key_slow_inc+0x9d/0x3c0 +[ 50.093420] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 50.099270] tracepoint_probe_register+0x2a/0x40 +[ 50.104511] trace_event_reg+0x167/0x320 +[ 50.109059] perf_trace_init+0x4ef/0xab0 +[ 50.113607] perf_tp_event_init+0x7d/0xf0 +[ 50.118241] perf_try_init_event+0xc9/0x1f0 +[ 50.123057] perf_event_alloc+0x1cc6/0x2b00 +[ 50.127868] SYSC_perf_event_open+0x842/0x2f10 +[ 50.132937] SyS_perf_event_open+0x39/0x50 +[ 50.137657] do_fast_syscall_32+0x3ee/0xf9d +[ 50.142464] entry_SYSENTER_compat+0x51/0x60 +[ 50.147353] +[ 50.147353] -> #1 (tracepoints_mutex){+.+.}: +[ 50.153211] lock_acquire+0x1d5/0x580 +[ 50.157495] __mutex_lock+0x16f/0x1a80 +[ 50.161869] mutex_lock_nested+0x16/0x20 +[ 50.166415] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 50.172176] tracepoint_probe_register+0x2a/0x40 +[ 50.177415] trace_event_reg+0x167/0x320 +[ 50.181960] perf_trace_init+0x4ef/0xab0 +[ 50.186507] perf_tp_event_init+0x7d/0xf0 +[ 50.191139] perf_try_init_event+0xc9/0x1f0 +[ 50.195945] perf_event_alloc+0x1cc6/0x2b00 +[ 50.200752] SYSC_perf_event_open+0x842/0x2f10 +[ 50.205821] SyS_perf_event_open+0x39/0x50 +[ 50.210540] do_fast_syscall_32+0x3ee/0xf9d +[ 50.215349] entry_SYSENTER_compat+0x51/0x60 +[ 50.220237] +[ 50.220237] -> #0 (event_mutex){+.+.}: +[ 50.225571] __lock_acquire+0x3498/0x47f0 +[ 50.230203] lock_acquire+0x1d5/0x580 +[ 50.234488] __mutex_lock+0x16f/0x1a80 +[ 50.238862] mutex_lock_nested+0x16/0x20 +[ 50.243408] perf_trace_init+0x58/0xab0 +[ 50.247866] perf_tp_event_init+0x7d/0xf0 +[ 50.252498] perf_try_init_event+0xc9/0x1f0 +[ 50.257306] perf_event_alloc+0x1005/0x2b00 +[ 50.262112] inherit_event.isra.92+0x15b/0x920 +[ 50.267182] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 50.273291] perf_event_init_task+0x348/0x890 +[ 50.278275] copy_process.part.36+0x173b/0x4ae0 +[ 50.283428] _do_fork+0x1ef/0xff0 +[ 50.287366] SyS_clone+0x37/0x50 +[ 50.291221] do_fast_syscall_32+0x3ee/0xf9d +[ 50.296028] entry_SYSENTER_compat+0x51/0x60 +[ 50.300916] +[ 50.300916] other info that might help us debug this: +[ 50.300916] +[ 50.309021] Chain exists of: +[ 50.309021] event_mutex --> &pipe->mutex/1 --> &ctx->mutex +[ 50.309021] +[ 50.319134] Possible unsafe locking scenario: +[ 50.319134] +[ 50.325156] CPU0 CPU1 +[ 50.329785] ---- ---- +[ 50.334413] lock(&ctx->mutex); +[ 50.337742] lock(&pipe->mutex/1); +[ 50.343853] lock(&ctx->mutex); +[ 50.349699] lock(event_mutex); +[ 50.353031] +[ 50.353031] *** DEADLOCK *** +[ 50.353031] +[ 50.359059] 2 locks held by syz-executor6/4896: +[ 50.363687] #0: (&ctx->mutex){+.+.}, at: [<00000000935cf968>] perf_event_init_task+0x25b/0x890 +[ 50.372583] #1: (&pmus_srcu){....}, at: [<00000000389c2fa4>] perf_event_alloc+0xf55/0x2b00 +[ 50.381128] +[ 50.381128] stack backtrace: +[ 50.385592] CPU: 0 PID: 4896 Comm: syz-executor6 Not tainted 4.15.0-rc2+ #122 +[ 50.392826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 50.402143] Call Trace: +[ 50.404698] dump_stack+0x194/0x257 +[ 50.408290] ? arch_local_irq_restore+0x53/0x53 +[ 50.412927] print_circular_bug+0x42d/0x610 +[ 50.417213] ? save_stack_trace+0x1a/0x20 +[ 50.421329] check_prev_add+0x666/0x15f0 +[ 50.425356] ? copy_trace+0x150/0x150 +[ 50.429123] ? check_usage+0xb60/0xb60 +[ 50.432981] __lock_acquire+0x3498/0x47f0 +[ 50.437094] ? __lock_acquire+0x3498/0x47f0 +[ 50.441383] ? perf_trace_run_bpf_submit+0x206/0x330 +[ 50.446457] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.451621] ? perf_tp_event+0xae0/0xae0 +[ 50.455651] ? perf_tp_event+0x7f4/0xae0 +[ 50.459680] ? memset+0x31/0x40 +[ 50.462930] ? perf_trace_lock_acquire+0x532/0x980 +[ 50.467829] ? perf_trace_lock+0x900/0x900 +[ 50.472027] ? perf_tp_event+0xae0/0xae0 +[ 50.476061] ? perf_trace_lock+0x4d6/0x900 +[ 50.480268] lock_acquire+0x1d5/0x580 +[ 50.484034] ? perf_trace_init+0x58/0xab0 +[ 50.488150] ? lock_release+0xda0/0xda0 +[ 50.492094] ? rcu_note_context_switch+0x710/0x710 +[ 50.496990] ? __might_sleep+0x95/0x190 +[ 50.500931] ? perf_trace_init+0x58/0xab0 +[ 50.505051] __mutex_lock+0x16f/0x1a80 +[ 50.508902] ? perf_trace_init+0x58/0xab0 +[ 50.513018] ? __lock_acquire+0x6e9/0x47f0 +[ 50.517219] ? lock_downgrade+0x980/0x980 +[ 50.521332] ? perf_trace_init+0x58/0xab0 +[ 50.525447] ? mutex_lock_io_nested+0x1900/0x1900 +[ 50.530254] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.535411] ? perf_tp_event+0xae0/0xae0 +[ 50.539437] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.544420] ? trace_hardirqs_on+0xd/0x10 +[ 50.548537] ? perf_trace_lock_acquire+0x532/0x980 +[ 50.553435] ? save_stack+0xa3/0xd0 +[ 50.557028] ? perf_trace_lock+0x900/0x900 +[ 50.561232] ? print_usage_bug+0x3f0/0x3f0 +[ 50.565430] ? find_held_lock+0x39/0x1d0 +[ 50.569458] ? print_usage_bug+0x3f0/0x3f0 +[ 50.573657] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.578637] ? __lockdep_init_map+0xe4/0x650 +[ 50.583015] ? lockdep_init_map+0x3d/0x70 +[ 50.587131] ? module_unload_free+0x5b0/0x5b0 +[ 50.591593] ? perf_event_alloc+0xf55/0x2b00 +[ 50.595968] mutex_lock_nested+0x16/0x20 +[ 50.599993] ? mutex_lock_nested+0x16/0x20 +[ 50.604197] perf_trace_init+0x58/0xab0 +[ 50.608137] ? refcount_inc_not_zero+0xfe/0x180 +[ 50.612770] ? refcount_add+0x60/0x60 +[ 50.616533] ? __lockdep_init_map+0xe4/0x650 +[ 50.620906] perf_tp_event_init+0x7d/0xf0 +[ 50.625023] perf_try_init_event+0xc9/0x1f0 +[ 50.629314] perf_event_alloc+0x1005/0x2b00 +[ 50.633598] ? find_held_lock+0x39/0x1d0 +[ 50.637626] ? __perf_install_in_context+0x2d0/0x2d0 +[ 50.642695] ? find_held_lock+0x39/0x1d0 +[ 50.646721] ? print_usage_bug+0x3f0/0x3f0 +[ 50.650923] ? print_usage_bug+0x3f0/0x3f0 +[ 50.655123] ? depot_save_stack+0x1c2/0x490 +[ 50.659411] ? lock_release+0xda0/0xda0 +[ 50.663351] ? mark_held_locks+0xb2/0x100 +[ 50.667467] ? mark_held_locks+0xb2/0x100 +[ 50.671579] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.676561] ? debug_mutex_init+0x1c/0x60 +[ 50.680673] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.685655] ? lockdep_init_map+0x3d/0x70 +[ 50.689769] ? debug_mutex_init+0x2d/0x60 +[ 50.693883] ? __mutex_init+0x1c7/0x2a0 +[ 50.697822] ? alloc_perf_context+0x4c/0xe0 +[ 50.702110] ? inherit_task_group.isra.94.part.95+0x1a2/0x240 +[ 50.707958] ? SyS_membarrier+0x600/0x600 +[ 50.712072] ? mark_held_locks+0xb2/0x100 +[ 50.716188] ? __raw_spin_lock_init+0x1c/0x100 +[ 50.720737] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.725718] ? __lockdep_init_map+0xe4/0x650 +[ 50.730094] ? lockdep_init_map+0x3d/0x70 +[ 50.734208] ? __perf_event_init_context+0xde/0x3b0 +[ 50.739190] ? perf_event_mux_interval_ms_store+0x4c0/0x4c0 +[ 50.744869] inherit_event.isra.92+0x15b/0x920 +[ 50.749418] ? perf_event_create_kernel_counter+0x290/0x290 +[ 50.755098] ? rcu_read_lock_sched_held+0x108/0x120 +[ 50.760083] ? kmem_cache_alloc_trace+0x459/0x750 +[ 50.764892] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.769874] ? trace_hardirqs_on+0xd/0x10 +[ 50.773990] inherit_task_group.isra.94.part.95+0x73/0x240 +[ 50.779585] perf_event_init_task+0x348/0x890 +[ 50.784046] ? sched_fork+0x45b/0xc00 +[ 50.787815] ? perf_event_attrs+0x40/0x40 +[ 50.791931] ? kmem_cache_alloc_trace+0x459/0x750 +[ 50.796739] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 50.801720] ? __lockdep_init_map+0xe4/0x650 +[ 50.806100] copy_process.part.36+0x173b/0x4ae0 +[ 50.810738] ? __cleanup_sighand+0x40/0x40 +[ 50.814938] ? __might_sleep+0x95/0x190 +[ 50.818879] ? _cond_resched+0x14/0x30 +[ 50.822746] ? futex_wait_queue_me+0x527/0x7e0 +[ 50.827295] ? refill_pi_state_cache.part.6+0x2f0/0x2f0 +[ 50.832627] ? print_usage_bug+0x3f0/0x3f0 +[ 50.836828] ? get_futex_value_locked+0xc3/0xf0 +[ 50.841465] ? futex_wait_setup+0x22e/0x3d0 +[ 50.845753] ? futex_wake+0x680/0x680 +[ 50.849526] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 50.854595] ? futex_wait+0x69e/0x990 +[ 50.858360] ? memset+0x31/0x40 +[ 50.861606] ? perf_tp_event+0xae0/0xae0 +[ 50.865635] ? futex_wait_setup+0x3d0/0x3d0 +[ 50.869924] ? debug_check_no_locks_freed+0x3d0/0x3d0 +[ 50.875081] ? perf_tp_event+0xae0/0xae0 +[ 50.879106] ? hash_futex+0x15/0x210 +[ 50.882786] ? drop_futex_key_refs.isra.13+0x63/0xb0 +[ 50.887855] ? perf_trace_lock+0x4d6/0x900 +[ 50.892058] ? get_futex_key+0x1d50/0x1d50 +[ 50.896259] ? trace_event_raw_event_lock+0x340/0x340 +[ 50.901420] ? do_futex+0x85b/0x2280 +[ 50.905101] ? check_noncircular+0x20/0x20 +[ 50.909307] ? exit_robust_list+0x240/0x240 +[ 50.913596] ? lock_downgrade+0x980/0x980 +[ 50.917710] ? __fget+0xbb/0x580 +[ 50.921042] ? find_held_lock+0x39/0x1d0 +[ 50.925070] ? lock_release+0xda0/0xda0 +[ 50.929017] ? __lock_is_held+0xbc/0x140 +[ 50.933049] _do_fork+0x1ef/0xff0 +[ 50.936469] ? fork_idle+0x2d0/0x2d0 +[ 50.940160] ? iterate_fd+0x3f0/0x3f0 +[ 50.943926] ? rcu_pm_notify+0xc0/0xc0 +[ 50.947777] ? __fget_light+0x29d/0x390 +[ 50.951717] ? fget_raw+0x20/0x20 +[ 50.955136] ? rcu_read_lock_sched_held+0x108/0x120 +[ 50.960118] ? kmem_cache_free+0x249/0x280 +[ 50.964323] ? compat_SyS_futex+0x288/0x380 +[ 50.968610] ? compat_SyS_get_robust_list+0x300/0x300 +[ 50.973765] ? __fdget+0x18/0x20 +[ 50.977098] ? compat_SyS_ioctl+0x77/0x2a30 +[ 50.981385] SyS_clone+0x37/0x50 +[ 50.984721] ? entry_INT80_compat+0x40/0x40 +[ 50.989015] do_fast_syscall_32+0x3ee/0xf9d +[ 50.993305] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 50.997853] ? lockdep_sys_exit+0x47/0xf0 +[ 51.001964] ? syscall_return_slowpath+0x2ad/0x550 +[ 51.006858] ? sysret32_from_system_call+0x5/0x3b +[ 51.011665] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 51.016473] entry_SYSENTER_compat+0x51/0x60 +[ 51.020846] RIP: 0023:0xf7fc8c79 +[ 51.024176] RSP: 002b:00000000f77c408c EFLAGS: 00000296 ORIG_RAX: 0000000000000078 +[ 51.031848] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000020de9000 +[ 51.039085] RDX: 000000002019bffc RSI: 00000000208be000 RDI: 00000000208b4ffc +[ 51.046319] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 51.053553] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 51.060790] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/193 b/pkg/report/testdata/linux/report/193 new file mode 100644 index 000000000..ef452b8af --- /dev/null +++ b/pkg/report/testdata/linux/report/193 @@ -0,0 +1,193 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_event_for_each_child + +[ 68.155096] ====================================================== +[ 68.161400] WARNING: possible circular locking dependency detected +[ 68.167703] 4.15.0-rc9+ #9 Not tainted +[ 68.171576] ------------------------------------------------------ +[ 68.177877] syz-executor1/6389 is trying to acquire lock: +[ 68.184086] (&event->child_mutex){+.+.}, at: [<000000000857a1c0>] perf_event_for_each_child+0x8a/0x150 +[ 68.193610] +[ 68.193610] but task is already holding lock: +[ 68.199551] (&cpuctx_mutex){+.+.}, at: [<00000000a77e48ee>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.208717] +[ 68.208717] which lock already depends on the new lock. +[ 68.208717] +[ 68.217001] +[ 68.217001] the existing dependency chain (in reverse order) is: +[ 68.224594] +[ 68.224594] -> #5 (&cpuctx_mutex){+.+.}: +[ 68.230112] __mutex_lock+0x16f/0x1a80 +[ 68.234492] mutex_lock_nested+0x16/0x20 +[ 68.239047] perf_event_init_cpu+0xb6/0x160 +[ 68.243863] perf_event_init+0x4e9/0x549 +[ 68.248416] start_kernel+0x4cc/0x819 +[ 68.252707] x86_64_start_reservations+0x2a/0x2c +[ 68.257954] x86_64_start_kernel+0x77/0x7a +[ 68.262684] secondary_startup_64+0xa5/0xb0 +[ 68.267492] +[ 68.267492] -> #4 (pmus_lock){+.+.}: +[ 68.272659] __mutex_lock+0x16f/0x1a80 +[ 68.277036] mutex_lock_nested+0x16/0x20 +[ 68.281587] perf_event_init_cpu+0x2f/0x160 +[ 68.286402] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 68.291562] _cpu_up+0x216/0x510 +[ 68.295420] do_cpu_up+0x73/0xa0 +[ 68.299277] cpu_up+0x18/0x20 +[ 68.302873] smp_init+0x13a/0x152 +[ 68.306821] kernel_init_freeable+0x2fe/0x521 +[ 68.311810] kernel_init+0x13/0x180 +[ 68.315929] ret_from_fork+0x3a/0x50 +[ 68.320129] +[ 68.320129] -> #3 (cpu_hotplug_lock.rw_sem){++++}: +[ 68.326513] cpus_read_lock+0x42/0x90 +[ 68.330807] static_key_slow_inc+0x9d/0x3c0 +[ 68.335622] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 68.341478] tracepoint_probe_register+0x2a/0x40 +[ 68.346725] trace_event_reg+0x167/0x320 +[ 68.351277] perf_trace_init+0x4ef/0xab0 +[ 68.355829] perf_tp_event_init+0x7d/0xf0 +[ 68.360468] perf_try_init_event+0xc9/0x1f0 +[ 68.365284] perf_event_alloc+0x1cc6/0x2b00 +[ 68.370098] SYSC_perf_event_open+0x84e/0x2e00 +[ 68.375171] SyS_perf_event_open+0x39/0x50 +[ 68.379897] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.385140] +[ 68.385140] -> #2 (tracepoints_mutex){+.+.}: +[ 68.391002] __mutex_lock+0x16f/0x1a80 +[ 68.395383] mutex_lock_nested+0x16/0x20 +[ 68.399935] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 68.405704] tracepoint_probe_register+0x2a/0x40 +[ 68.410955] trace_event_reg+0x167/0x320 +[ 68.415509] perf_trace_init+0x4ef/0xab0 +[ 68.420062] perf_tp_event_init+0x7d/0xf0 +[ 68.424700] perf_try_init_event+0xc9/0x1f0 +[ 68.429514] perf_event_alloc+0x1cc6/0x2b00 +[ 68.434327] SYSC_perf_event_open+0x84e/0x2e00 +[ 68.439400] SyS_perf_event_open+0x39/0x50 +[ 68.444125] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.449376] +[ 68.449376] -> #1 (event_mutex){+.+.}: +[ 68.454717] __mutex_lock+0x16f/0x1a80 +[ 68.459094] mutex_lock_nested+0x16/0x20 +[ 68.463645] perf_trace_destroy+0x28/0x100 +[ 68.468370] tp_perf_event_destroy+0x15/0x20 +[ 68.473269] _free_event+0x3bd/0x10f0 +[ 68.477559] free_event+0x84/0x150 +[ 68.481589] perf_event_release_kernel+0x54e/0xc10 +[ 68.487014] perf_release+0x37/0x50 +[ 68.491133] __fput+0x327/0x7e0 +[ 68.494901] ____fput+0x15/0x20 +[ 68.498675] task_work_run+0x199/0x270 +[ 68.503054] do_exit+0x9bb/0x1ad0 +[ 68.506997] do_group_exit+0x149/0x400 +[ 68.511379] get_signal+0x73f/0x16c0 +[ 68.515583] do_signal+0x90/0x1eb0 +[ 68.519616] exit_to_usermode_loop+0x214/0x310 +[ 68.524694] syscall_return_slowpath+0x490/0x550 +[ 68.529948] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 68.535192] +[ 68.535192] -> #0 (&event->child_mutex){+.+.}: +[ 68.541228] lock_acquire+0x1d5/0x580 +[ 68.545520] __mutex_lock+0x16f/0x1a80 +[ 68.549899] mutex_lock_nested+0x16/0x20 +[ 68.554454] perf_event_for_each_child+0x8a/0x150 +[ 68.559787] perf_ioctl+0x35a/0x1430 +[ 68.563997] do_vfs_ioctl+0x1b1/0x1520 +[ 68.568378] SyS_ioctl+0x8f/0xc0 +[ 68.572237] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.577481] +[ 68.577481] other info that might help us debug this: +[ 68.577481] +[ 68.585592] Chain exists of: +[ 68.585592] &event->child_mutex --> pmus_lock --> &cpuctx_mutex +[ 68.585592] +[ 68.596141] Possible unsafe locking scenario: +[ 68.596141] +[ 68.602170] CPU0 CPU1 +[ 68.606805] ---- ---- +[ 68.611442] lock(&cpuctx_mutex); +[ 68.614951] lock(pmus_lock); +[ 68.620631] lock(&cpuctx_mutex); +[ 68.626661] lock(&event->child_mutex); +[ 68.630691] +[ 68.630691] *** DEADLOCK *** +[ 68.630691] +[ 68.636720] 1 lock held by syz-executor1/6389: +[ 68.641270] #0: (&cpuctx_mutex){+.+.}, at: [<00000000a77e48ee>] perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.650868] +[ 68.650868] stack backtrace: +[ 68.655339] CPU: 1 PID: 6389 Comm: syz-executor1 Not tainted 4.15.0-rc9+ #9 +[ 68.662408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 68.671731] Call Trace: +[ 68.674295] dump_stack+0x194/0x257 +[ 68.677894] ? arch_local_irq_restore+0x53/0x53 +[ 68.682541] print_circular_bug.isra.37+0x2cd/0x2dc +[ 68.687528] ? save_trace+0xe0/0x2b0 +[ 68.691215] __lock_acquire+0x30a8/0x3e00 +[ 68.695339] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 68.700502] ? perf_trace_lock_acquire+0xe3/0x980 +[ 68.705316] ? check_noncircular+0x20/0x20 +[ 68.709522] ? perf_trace_lock+0x900/0x900 +[ 68.713729] ? perf_trace_lock_acquire+0xe3/0x980 +[ 68.718543] ? perf_trace_lock+0x900/0x900 +[ 68.722749] ? check_noncircular+0x20/0x20 +[ 68.726956] ? lock_acquire+0x1d5/0x580 +[ 68.730900] ? perf_event_ctx_lock_nested+0x21b/0x450 +[ 68.736061] ? lock_release+0xa40/0xa40 +[ 68.740010] lock_acquire+0x1d5/0x580 +[ 68.743785] ? lock_acquire+0x1d5/0x580 +[ 68.747732] ? perf_event_for_each_child+0x8a/0x150 +[ 68.752720] ? lock_release+0xa40/0xa40 +[ 68.756666] ? get_futex_value_locked+0xc3/0xf0 +[ 68.761305] ? rcu_note_context_switch+0x710/0x710 +[ 68.766205] ? __might_sleep+0x95/0x190 +[ 68.770151] ? perf_event_for_each_child+0x8a/0x150 +[ 68.775138] __mutex_lock+0x16f/0x1a80 +[ 68.778998] ? perf_event_for_each_child+0x8a/0x150 +[ 68.783988] ? perf_trace_lock+0xd6/0x900 +[ 68.788110] ? perf_event_for_each_child+0x8a/0x150 +[ 68.793097] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 68.798170] ? mutex_lock_io_nested+0x1900/0x1900 +[ 68.802983] ? perf_trace_lock+0x900/0x900 +[ 68.807189] ? check_noncircular+0x20/0x20 +[ 68.811394] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 68.816556] ? wake_up_q+0x8a/0xe0 +[ 68.820070] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 68.825145] ? futex_wake+0x2ca/0x680 +[ 68.828920] ? find_held_lock+0x35/0x1d0 +[ 68.832958] ? perf_event_ctx_lock_nested+0x1e0/0x450 +[ 68.838118] ? lock_downgrade+0x980/0x980 +[ 68.842239] ? lock_release+0xa40/0xa40 +[ 68.846189] ? mutex_lock_nested+0x16/0x20 +[ 68.850392] ? mutex_lock_nested+0x16/0x20 +[ 68.854596] ? perf_event_ctx_lock_nested+0x328/0x450 +[ 68.859756] ? perf_iterate_ctx+0x770/0x770 +[ 68.864049] ? event_function_call+0x5a0/0x5a0 +[ 68.868602] mutex_lock_nested+0x16/0x20 +[ 68.872633] ? mutex_lock_nested+0x16/0x20 +[ 68.876839] perf_event_for_each_child+0x8a/0x150 +[ 68.881652] perf_ioctl+0x35a/0x1430 +[ 68.885336] ? lock_release+0xa40/0xa40 +[ 68.889282] ? event_function_call+0x5a0/0x5a0 +[ 68.893834] ? SYSC_perf_event_open+0x2e00/0x2e00 +[ 68.898646] ? __lock_is_held+0xb6/0x140 +[ 68.902684] ? __fget+0x35c/0x570 +[ 68.906106] ? fd_install+0x4d/0x60 +[ 68.909707] ? iterate_fd+0x3f0/0x3f0 +[ 68.913480] ? perf_event_set_output+0x5a0/0x5a0 +[ 68.918206] ? SYSC_perf_event_open+0x2e00/0x2e00 +[ 68.923022] do_vfs_ioctl+0x1b1/0x1520 +[ 68.926882] ? ioctl_preallocate+0x2b0/0x2b0 +[ 68.931261] ? selinux_capable+0x40/0x40 +[ 68.935297] ? SyS_futex+0x269/0x390 +[ 68.938988] ? security_file_ioctl+0x89/0xb0 +[ 68.943369] SyS_ioctl+0x8f/0xc0 +[ 68.946710] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 68.951435] RIP: 0033:0x453299 +[ 68.954597] RSP: 002b:00007f5aeb166c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000010 +[ 68.962277] RAX: ffffffffffffffda RBX: 00007f5aeb167700 RCX: 0000000000453299 +[ 68.969521] RDX: 0000000000000000 RSI: 0000000000002401 RDI: 0000000000000012 +[ 68.976762] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 +[ 68.984002] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000000000 +[ 68.991245] R13: 00007fffc57787af R14: 00007f5aeb1679c0 R15: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/194 b/pkg/report/testdata/linux/report/194 new file mode 100644 index 000000000..c1927b66d --- /dev/null +++ b/pkg/report/testdata/linux/report/194 @@ -0,0 +1,257 @@ +# Note: 191-194 have the same root cause. +TITLE: possible deadlock in perf_trace_destroy + +[ 25.878418] ====================================================== +[ 25.884700] WARNING: possible circular locking dependency detected +[ 25.890983] 4.15.0-rc8+ #1 Not tainted +[ 25.894838] ------------------------------------------------------ +[ 25.901158] syzkaller926009/3663 is trying to acquire lock: +[ 25.906832] (event_mutex){+.+.}, at: [<00000000df5c386a>] perf_trace_destroy+0x28/0x100 +[ 25.915042] +[ 25.915042] but task is already holding lock: +[ 25.920978] (&event->child_mutex){+.+.}, at: [<00000000aedc3ceb>] perf_event_release_kernel+0x2ea/0xc10 +[ 25.930582] +[ 25.930582] which lock already depends on the new lock. +[ 25.930582] +[ 25.938870] +[ 25.938870] the existing dependency chain (in reverse order) is: +[ 25.946457] +[ 25.946457] -> #5 (&event->child_mutex){+.+.}: +[ 25.952499] __mutex_lock+0x16f/0x1a80 +[ 25.956875] mutex_lock_nested+0x16/0x20 +[ 25.961428] perf_event_for_each_child+0x8a/0x150 +[ 25.966759] perf_ioctl+0x35a/0x1430 +[ 25.970962] do_vfs_ioctl+0x1b1/0x1520 +[ 25.975341] SyS_ioctl+0x8f/0xc0 +[ 25.979200] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 25.984444] +[ 25.984444] -> #4 (&cpuctx_mutex){+.+.}: +[ 25.989958] __mutex_lock+0x16f/0x1a80 +[ 25.994336] mutex_lock_nested+0x16/0x20 +[ 25.998891] perf_event_init_cpu+0xb6/0x160 +[ 26.003704] perf_event_init+0x4e9/0x549 +[ 26.008256] start_kernel+0x4cc/0x819 +[ 26.012547] x86_64_start_reservations+0x2a/0x2c +[ 26.017790] x86_64_start_kernel+0x77/0x7a +[ 26.022523] secondary_startup_64+0xa5/0xb0 +[ 26.027330] +[ 26.027330] -> #3 (pmus_lock){+.+.}: +[ 26.032503] __mutex_lock+0x16f/0x1a80 +[ 26.036878] mutex_lock_nested+0x16/0x20 +[ 26.041435] perf_event_init_cpu+0x2f/0x160 +[ 26.046253] cpuhp_invoke_callback+0x2ea/0x1d20 +[ 26.051418] _cpu_up+0x216/0x510 +[ 26.055274] do_cpu_up+0x73/0xa0 +[ 26.059131] cpu_up+0x18/0x20 +[ 26.062730] smp_init+0x13a/0x152 +[ 26.066687] kernel_init_freeable+0x2fe/0x521 +[ 26.071675] kernel_init+0x13/0x180 +[ 26.075790] ret_from_fork+0x3a/0x50 +[ 26.079992] +[ 26.079992] -> #2 (cpu_hotplug_lock.rw_sem){++++}: +[ 26.086378] cpus_read_lock+0x42/0x90 +[ 26.090668] static_key_slow_inc+0x9d/0x3c0 +[ 26.095480] tracepoint_probe_register_prio+0x80d/0x9a0 +[ 26.101335] tracepoint_probe_register+0x2a/0x40 +[ 26.106584] trace_event_reg+0x167/0x320 +[ 26.111132] perf_trace_init+0x4ef/0xab0 +[ 26.115682] perf_tp_event_init+0x7d/0xf0 +[ 26.120321] perf_try_init_event+0xc9/0x1f0 +[ 26.125131] perf_event_alloc+0x1cc6/0x2b00 +[ 26.129940] SYSC_perf_event_open+0x84e/0x2e00 +[ 26.135010] SyS_perf_event_open+0x39/0x50 +[ 26.139737] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 26.144980] +[ 26.144980] -> #1 (tracepoints_mutex){+.+.}: +[ 26.150846] __mutex_lock+0x16f/0x1a80 +[ 26.155224] mutex_lock_nested+0x16/0x20 +[ 26.159778] tracepoint_probe_register_prio+0xa0/0x9a0 +[ 26.165543] tracepoint_probe_register+0x2a/0x40 +[ 26.170795] trace_event_reg+0x167/0x320 +[ 26.175351] perf_trace_init+0x4ef/0xab0 +[ 26.179919] perf_tp_event_init+0x7d/0xf0 +[ 26.184556] perf_try_init_event+0xc9/0x1f0 +[ 26.189371] perf_event_alloc+0x1cc6/0x2b00 +[ 26.194182] SYSC_perf_event_open+0x84e/0x2e00 +[ 26.199256] SyS_perf_event_open+0x39/0x50 +[ 26.203985] entry_SYSCALL_64_fastpath+0x29/0xa0 +[ 26.209228] +[ 26.209228] -> #0 (event_mutex){+.+.}: +[ 26.214579] lock_acquire+0x1d5/0x580 +[ 26.218872] __mutex_lock+0x16f/0x1a80 +[ 26.223250] mutex_lock_nested+0x16/0x20 +[ 26.227812] perf_trace_destroy+0x28/0x100 +[ 26.232543] tp_perf_event_destroy+0x15/0x20 +[ 26.237440] _free_event+0x3bd/0x10f0 +[ 26.241729] free_event+0x84/0x150 +[ 26.245758] perf_event_release_kernel+0x54e/0xc10 +[ 26.251180] perf_release+0x37/0x50 +[ 26.255301] __fput+0x327/0x7e0 +[ 26.259069] ____fput+0x15/0x20 +[ 26.262840] task_work_run+0x199/0x270 +[ 26.267221] do_exit+0x9bb/0x1ad0 +[ 26.271162] do_group_exit+0x149/0x400 +[ 26.275538] get_signal+0x73f/0x16c0 +[ 26.279750] do_signal+0x90/0x1eb0 +[ 26.283781] exit_to_usermode_loop+0x214/0x310 +[ 26.288860] syscall_return_slowpath+0x490/0x550 +[ 26.294113] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 26.299354] +[ 26.299354] other info that might help us debug this: +[ 26.299354] +[ 26.307473] Chain exists of: +[ 26.307473] event_mutex --> &cpuctx_mutex --> &event->child_mutex +[ 26.307473] +[ 26.318195] Possible unsafe locking scenario: +[ 26.318195] +[ 26.324219] CPU0 CPU1 +[ 26.328863] ---- ---- +[ 26.333496] lock(&event->child_mutex); +[ 26.337526] lock(&cpuctx_mutex); +[ 26.343549] lock(&event->child_mutex); +[ 26.350096] lock(event_mutex); +[ 26.353429] +[ 26.353429] *** DEADLOCK *** +[ 26.353429] +[ 26.359456] 2 locks held by syzkaller926009/3663: +[ 26.364266] #0: (&ctx->mutex){+.+.}, at: [<000000006557d8ef>] perf_event_release_kernel+0x2dc/0xc10 +[ 26.373607] #1: (&event->child_mutex){+.+.}, at: [<00000000aedc3ceb>] perf_event_release_kernel+0x2ea/0xc10 +[ 26.383635] +[ 26.383635] stack backtrace: +[ 26.388105] CPU: 0 PID: 3663 Comm: syzkaller926009 Not tainted 4.15.0-rc8+ #1 +[ 26.395350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 26.404672] Call Trace: +[ 26.407237] dump_stack+0x194/0x257 +[ 26.410843] ? arch_local_irq_restore+0x53/0x53 +[ 26.415485] print_circular_bug.isra.37+0x2cd/0x2dc +[ 26.420470] ? save_trace+0xe0/0x2b0 +[ 26.424158] __lock_acquire+0x30a8/0x3e00 +[ 26.428277] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.433443] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.438602] ? perf_trace_lock_acquire+0xe3/0x980 +[ 26.443413] ? __lock_acquire+0x2d15/0x3e00 +[ 26.447703] ? perf_trace_lock+0x900/0x900 +[ 26.451910] ? perf_trace_lock_acquire+0xe3/0x980 +[ 26.456720] ? check_noncircular+0x20/0x20 +[ 26.460925] ? perf_trace_lock+0x900/0x900 +[ 26.465128] ? __lock_acquire+0x664/0x3e00 +[ 26.469332] ? check_noncircular+0x20/0x20 +[ 26.473539] ? lock_acquire+0x1d5/0x580 +[ 26.477481] ? lock_acquire+0x1d5/0x580 +[ 26.481427] lock_acquire+0x1d5/0x580 +[ 26.485198] ? lock_acquire+0x1d5/0x580 +[ 26.489147] ? perf_trace_destroy+0x28/0x100 +[ 26.493532] ? lock_release+0xa40/0xa40 +[ 26.497475] ? check_noncircular+0x20/0x20 +[ 26.501683] ? rcu_note_context_switch+0x710/0x710 +[ 26.506588] ? __might_sleep+0x95/0x190 +[ 26.510535] ? perf_trace_destroy+0x28/0x100 +[ 26.514918] __mutex_lock+0x16f/0x1a80 +[ 26.518785] ? perf_trace_destroy+0x28/0x100 +[ 26.523170] ? perf_trace_destroy+0x28/0x100 +[ 26.527558] ? find_held_lock+0x35/0x1d0 +[ 26.531596] ? mutex_lock_io_nested+0x1900/0x1900 +[ 26.536413] ? perf_event_detach_bpf_prog+0x275/0x3d0 +[ 26.541576] ? lock_downgrade+0x980/0x980 +[ 26.545698] ? __perf_remove_from_context+0x19d/0x3e0 +[ 26.550862] ? mark_held_locks+0xaf/0x100 +[ 26.554983] ? generic_exec_single+0x362/0x5b0 +[ 26.559536] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 26.564358] ? trace_hardirqs_on+0xd/0x10 +[ 26.568474] ? generic_exec_single+0x18a/0x5b0 +[ 26.573025] ? wait_for_completion+0x770/0x770 +[ 26.577582] ? __might_sleep+0x95/0x190 +[ 26.581527] ? perf_event_release_kernel+0x2ea/0xc10 +[ 26.586601] ? __mutex_lock+0x16f/0x1a80 +[ 26.590631] ? perf_event_release_kernel+0x2ea/0xc10 +[ 26.595706] ? check_noncircular+0x20/0x20 +[ 26.600611] ? perf_addr_filters_splice+0x18f/0x810 +[ 26.605599] ? smp_call_function_single+0x3ae/0x560 +[ 26.610585] ? free_filters_list+0x2f0/0x2f0 +[ 26.614971] ? mutex_unlock+0xd/0x10 +[ 26.618654] ? __lock_is_held+0xb6/0x140 +[ 26.622685] mutex_lock_nested+0x16/0x20 +[ 26.626717] ? mutex_lock_nested+0x16/0x20 +[ 26.630924] perf_trace_destroy+0x28/0x100 +[ 26.635132] ? perf_tp_event_init+0xf0/0xf0 +[ 26.639422] tp_perf_event_destroy+0x15/0x20 +[ 26.643799] _free_event+0x3bd/0x10f0 +[ 26.647568] ? ring_buffer_attach+0x830/0x830 +[ 26.652034] ? event_function_call+0x2f5/0x5a0 +[ 26.656589] ? list_del_event+0xb30/0xb30 +[ 26.660706] ? task_function_call+0x220/0x220 +[ 26.665174] ? lock_downgrade+0x980/0x980 +[ 26.669302] ? list_del_event+0xb30/0xb30 +[ 26.673418] free_event+0x84/0x150 +[ 26.676929] ? _free_event+0x10f0/0x10f0 +[ 26.680964] perf_event_release_kernel+0x54e/0xc10 +[ 26.685863] ? put_event+0x30/0x30 +[ 26.689374] ? mntput_no_expire+0x130/0xa90 +[ 26.693666] ? lock_downgrade+0x980/0x980 +[ 26.697782] ? lock_release+0xa40/0xa40 +[ 26.701731] ? __dentry_kill+0x487/0x6d0 +[ 26.705774] ? locks_remove_file+0x3fa/0x5a0 +[ 26.710151] ? fcntl_setlk+0x10c0/0x10c0 +[ 26.714185] ? fsnotify+0x7b3/0x1140 +[ 26.717869] ? fsnotify_first_mark+0x2b0/0x2b0 +[ 26.722419] ? perf_event_release_kernel+0xc10/0xc10 +[ 26.727493] perf_release+0x37/0x50 +[ 26.731092] __fput+0x327/0x7e0 +[ 26.734346] ? fput+0x140/0x140 +[ 26.737599] ? trace_event_raw_event_sched_switch+0x800/0x800 +[ 26.743458] ? _raw_spin_unlock_irq+0x27/0x70 +[ 26.747924] ____fput+0x15/0x20 +[ 26.751177] task_work_run+0x199/0x270 +[ 26.755045] ? task_work_cancel+0x210/0x210 +[ 26.759358] ? _raw_spin_unlock+0x22/0x30 +[ 26.763480] ? switch_task_namespaces+0x87/0xc0 +[ 26.768124] do_exit+0x9bb/0x1ad0 +[ 26.771546] ? mm_update_next_owner+0x930/0x930 +[ 26.776184] ? debug_check_no_locks_freed+0x3c0/0x3c0 +[ 26.781347] ? perf_trace_run_bpf_submit+0x20d/0x330 +[ 26.786419] ? perf_tp_event+0xae0/0xae0 +[ 26.790447] ? find_held_lock+0x35/0x1d0 +[ 26.794481] ? memset+0x31/0x40 +[ 26.797817] ? perf_trace_lock_acquire+0x532/0x980 +[ 26.802717] ? lock_release+0xa40/0xa40 +[ 26.806661] ? perf_trace_lock+0x900/0x900 +[ 26.810867] ? check_noncircular+0x20/0x20 +[ 26.815074] ? drop_futex_key_refs.isra.12+0x63/0xb0 +[ 26.820146] ? futex_wait+0x6a9/0x9a0 +[ 26.823922] ? find_held_lock+0x35/0x1d0 +[ 26.827957] ? get_signal+0x7ae/0x16c0 +[ 26.831823] ? lock_downgrade+0x980/0x980 +[ 26.835948] do_group_exit+0x149/0x400 +[ 26.839807] ? do_raw_spin_trylock+0x190/0x190 +[ 26.844358] ? SyS_exit+0x30/0x30 +[ 26.847783] ? _raw_spin_unlock_irq+0x27/0x70 +[ 26.852254] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 26.857240] get_signal+0x73f/0x16c0 +[ 26.860931] ? ptrace_notify+0x130/0x130 +[ 26.864965] ? exit_robust_list+0x240/0x240 +[ 26.869256] ? __fd_install+0x288/0x740 +[ 26.873209] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 26.878029] ? get_unused_fd_flags+0x190/0x190 +[ 26.882587] ? wait_for_completion+0x770/0x770 +[ 26.887141] ? lock_downgrade+0x980/0x980 +[ 26.891258] do_signal+0x90/0x1eb0 +[ 26.894766] ? mark_held_locks+0xaf/0x100 +[ 26.898887] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 26.904053] ? setup_sigcontext+0x7d0/0x7d0 +[ 26.908345] ? fd_install+0x4d/0x60 +[ 26.911942] ? SYSC_perf_event_open+0x4c3/0x2e00 +[ 26.916666] ? vmacache_update+0xfe/0x130 +[ 26.920785] ? perf_event_set_output+0x5a0/0x5a0 +[ 26.925515] ? exit_to_usermode_loop+0x8c/0x310 +[ 26.930156] exit_to_usermode_loop+0x214/0x310 +[ 26.934710] ? trace_event_raw_event_sys_exit+0x260/0x260 +[ 26.940219] syscall_return_slowpath+0x490/0x550 +[ 26.944944] ? prepare_exit_to_usermode+0x340/0x340 +[ 26.949931] ? entry_SYSCALL_64_fastpath+0x73/0xa0 +[ 26.954832] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 26.959821] ? trace_hardirqs_on_thunk+0x1a/0x1c +[ 26.964550] entry_SYSCALL_64_fastpath+0x9e/0xa0 +[ 26.969273] RIP: 0033:0x445749 +[ 26.972432] RSP: 002b:00007febf72a3db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca +[ 26.980112] RAX: fffffffffffffe00 RBX: 00000000006dac3c RCX: 0000000000445749 +[ 26.987369] RDX: 0000000000000000 diff --git a/pkg/report/testdata/linux/report/20 b/pkg/report/testdata/linux/report/20 index 31af2b9e3..444f7c2ac 100644 --- a/pkg/report/testdata/linux/report/20 +++ b/pkg/report/testdata/linux/report/20 @@ -1,4 +1,4 @@ -TITLE: BUG: unable to handle kernel NULL pointer dereference in __lock_acquire +TITLE: BUG: unable to handle kernel CORRUPTED: Y [ 149.188010] BUG: unable to handle kernel NULL pointer dereference at 000000000000058c diff --git a/pkg/report/testdata/linux/report/34 b/pkg/report/testdata/linux/report/34 index c0aa9797a..1de8275cb 100644 --- a/pkg/report/testdata/linux/report/34 +++ b/pkg/report/testdata/linux/report/34 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at net/core/filter.c:LINE +TITLE: INFO: suspicious RCU usage. ] CORRUPTED: Y [ 1722.511384] [ INFO: suspicious RCU usage. ] diff --git a/pkg/report/testdata/linux/report/35 b/pkg/report/testdata/linux/report/35 index 0b2b6bc4d..62d358134 100644 --- a/pkg/report/testdata/linux/report/35 +++ b/pkg/report/testdata/linux/report/35 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at ./include/linux/kvm_host.h:LINE +TITLE: INFO: suspicious RCU usage. ] START: [ 37.540478] [ INFO: suspicious RCU usage. ] CORRUPTED: Y diff --git a/pkg/report/testdata/linux/report/51 b/pkg/report/testdata/linux/report/51 index 9e200b807..4bd9f23c9 100644 --- a/pkg/report/testdata/linux/report/51 +++ b/pkg/report/testdata/linux/report/51 @@ -1,14 +1,15 @@ -TITLE: memory leak in ipv6_setsockopt +TITLE: memory leak in do_ipv6_setsockopt -[ 1722.511384] unreferenced object 0xffff880039a55260 (size 64): -[ 1722.511384] comm "executor", pid 11746, jiffies 4298984475 (age 16.078s) -[ 1722.511384] hex dump (first 32 bytes): -[ 1722.511384] 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 /............... -[ 1722.511384] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ -[ 1722.511384] backtrace: -[ 1722.511384] [] sock_kmalloc+0x7f/0xc0 net/core/sock.c:1774 -[ 1722.511384] [] do_ipv6_setsockopt.isra.7+0x15d0/0x2830 net/ipv6/ipv6_sockglue.c:483 -[ 1722.511384] [] ipv6_setsockopt+0x9b/0x140 net/ipv6/ipv6_sockglue.c:885 -[ 1722.511384] [] sctp_setsockopt+0x15c/0x36c0 net/sctp/socket.c:3702 -[ 1722.511384] [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2645 -[ 1722.511384] [] SyS_setsockopt+0x158/0x240 net/socket.c:1736 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff880039a55260 (size 64): + comm "executor", pid 11746, jiffies 4298984475 (age 16.078s) + hex dump (first 32 bytes): + 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 /............... + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ + backtrace: + [] sock_kmalloc+0x7f/0xc0 net/core/sock.c:1774 + [] do_ipv6_setsockopt.isra.7+0x15d0/0x2830 net/ipv6/ipv6_sockglue.c:483 + [] ipv6_setsockopt+0x9b/0x140 net/ipv6/ipv6_sockglue.c:885 + [] sctp_setsockopt+0x15c/0x36c0 net/sctp/socket.c:3702 + [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2645 + [] SyS_setsockopt+0x158/0x240 net/socket.c:1736 diff --git a/pkg/report/testdata/linux/report/52 b/pkg/report/testdata/linux/report/52 index dac3e1a83..11d353c1c 100644 --- a/pkg/report/testdata/linux/report/52 +++ b/pkg/report/testdata/linux/report/52 @@ -1,14 +1,15 @@ -TITLE: memory leak in sk_prot_alloc +TITLE: memory leak in inet6_create -[ 1722.511384] unreferenced object 0xffff8800342540c0 (size 1864): -[ 1722.511384] comm "a.out", pid 24109, jiffies 4299060398 (age 27.984s) -[ 1722.511384] hex dump (first 32 bytes): -[ 1722.511384] 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ -[ 1722.511384] 0a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ -[ 1722.511384] backtrace: -[ 1722.511384] [] kmemleak_alloc+0x72/0xc0 mm/kmemleak.c:915 -[ 1722.511384] [] kmem_cache_alloc+0x12d/0x2c0 mm/slub.c:2607 -[ 1722.511384] [] sk_prot_alloc+0x69/0x340 net/core/sock.c:1344 -[ 1722.511384] [] sk_alloc+0x3a/0x6b0 net/core/sock.c:1419 -[ 1722.511384] [] inet6_create+0x2d7/0x1000 net/ipv6/af_inet6.c:173 -[ 1722.511384] [] __sock_create+0x37c/0x640 net/socket.c:1162 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff8800342540c0 (size 1864): + comm "a.out", pid 24109, jiffies 4299060398 (age 27.984s) + hex dump (first 32 bytes): + 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ + 0a 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ + backtrace: + [] kmemleak_alloc+0x72/0xc0 mm/kmemleak.c:915 + [] kmem_cache_alloc+0x12d/0x2c0 mm/slub.c:2607 + [] sk_prot_alloc+0x69/0x340 net/core/sock.c:1344 + [] sk_alloc+0x3a/0x6b0 net/core/sock.c:1419 + [] inet6_create+0x2d7/0x1000 net/ipv6/af_inet6.c:173 + [] __sock_create+0x37c/0x640 net/socket.c:1162 diff --git a/pkg/report/testdata/linux/report/53 b/pkg/report/testdata/linux/report/53 index 0ec2e5c81..bad2a423b 100644 --- a/pkg/report/testdata/linux/report/53 +++ b/pkg/report/testdata/linux/report/53 @@ -1,10 +1,11 @@ -TITLE: memory leak in __kmalloc +TITLE: memory leak in ext4_mb_init -[ 1722.511384] unreferenced object 0xffff880133c63800 (size 1024): -[ 1722.511384] comm "exe", pid 1521, jiffies 4294894652 -[ 1722.511384] backtrace: -[ 1722.511384] [] create_object+0x126/0x2b0 -[ 1722.511384] [] kmemleak_alloc+0x25/0x60 -[ 1722.511384] [] __kmalloc+0x113/0x200 -[ 1722.511384] [] ext4_mb_init+0x1b1/0x570 -[ 1722.511384] [] ext4_fill_super+0x1de2/0x26d0 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xffff880133c63800 (size 1024): + comm "exe", pid 1521, jiffies 4294894652 + backtrace: + [] create_object+0x126/0x2b0 + [] kmemleak_alloc+0x25/0x60 + [] __kmalloc+0x113/0x200 + [] ext4_mb_init+0x1b1/0x570 + [] ext4_fill_super+0x1de2/0x26d0 diff --git a/pkg/report/testdata/linux/report/54 b/pkg/report/testdata/linux/report/54 index d673b1f3f..1637470d9 100644 --- a/pkg/report/testdata/linux/report/54 +++ b/pkg/report/testdata/linux/report/54 @@ -1,11 +1,12 @@ -TITLE: memory leak in __alloc_skb +TITLE: memory leak in eth_rx_fill -[ 1722.511384] unreferenced object 0xc625e000 (size 2048): -[ 1722.511384] comm "swapper", pid 1, jiffies 4294937521 -[ 1722.511384] backtrace: -[ 1722.511384] [] create_object+0x11c/0x200 -[ 1722.511384] [] __kmalloc_track_caller+0x138/0x178 -[ 1722.511384] [] __alloc_skb+0x4c/0x100 -[ 1722.511384] [] dev_alloc_skb+0x18/0x3c -[ 1722.511384] [] eth_rx_fill+0xd8/0x3fc -[ 1722.511384] [] mv_eth_start_internals+0x30/0xf8 +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xc625e000 (size 2048): + comm "swapper", pid 1, jiffies 4294937521 + backtrace: + [] create_object+0x11c/0x200 + [] __kmalloc_track_caller+0x138/0x178 + [] __alloc_skb+0x4c/0x100 + [] dev_alloc_skb+0x18/0x3c + [] eth_rx_fill+0xd8/0x3fc + [] mv_eth_start_internals+0x30/0xf8 diff --git a/pkg/report/testdata/linux/report/55 b/pkg/report/testdata/linux/report/55 index 44e5fb848..49330e3f0 100644 --- a/pkg/report/testdata/linux/report/55 +++ b/pkg/report/testdata/linux/report/55 @@ -1,11 +1,12 @@ -TITLE: memory leak in debug_objects_mem_init +TITLE: memory leak in start_kernel -[ 1722.511384] unreferenced object 0xdb8040c0 (size 20): -[ 1722.511384] comm "swapper", pid 0, jiffies 4294667296 -[ 1722.511384] backtrace: -[ 1722.511384] [] kmemleak_alloc+0x193/0x2b8 -[ 1722.511384] [] kmem_cache_alloc+0x11e/0x174 -[ 1722.511384] [] debug_objects_mem_init+0x63/0x1d9 -[ 1722.511384] [] start_kernel+0x2da/0x38d -[ 1722.511384] [] i386_start_kernel+0x7f/0x98 -[ 1722.511384] [] 0xffffffff +2018/01/09 14:28:48 BUG: memory leak +unreferenced object 0xdb8040c0 (size 20): + comm "swapper", pid 0, jiffies 4294667296 + backtrace: + [] kmemleak_alloc+0x193/0x2b8 + [] kmem_cache_alloc+0x11e/0x174 + [] debug_objects_mem_init+0x63/0x1d9 + [] start_kernel+0x2da/0x38d + [] i386_start_kernel+0x7f/0x98 + [] 0xffffffff diff --git a/pkg/report/testdata/linux/report/58 b/pkg/report/testdata/linux/report/58 index 4eacdbb6a..4cac7fb95 100644 --- a/pkg/report/testdata/linux/report/58 +++ b/pkg/report/testdata/linux/report/58 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_preempt detected stalls on CPUs/tasks: { 2} (detected by 0, t=NUM jiffies, g=NUM, c=NUM, q=7339) CORRUPTED: Y [ 1722.511384] INFO: rcu_preempt detected stalls on CPUs/tasks: { 2} (detected by 0, t=65008 jiffies, g=48068, c=48067, q=7339) diff --git a/pkg/report/testdata/linux/report/59 b/pkg/report/testdata/linux/report/59 index 0bb90e800..da1da2a3e 100644 --- a/pkg/report/testdata/linux/report/59 +++ b/pkg/report/testdata/linux/report/59 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched detected stalls on CPUs/tasks: { 0} (detected by 1, t=2179 jiffies, g=740, c=739, q=1) CORRUPTED: Y [ 317.168127] INFO: rcu_sched detected stalls on CPUs/tasks: { 0} (detected by 1, t=2179 jiffies, g=740, c=739, q=1) diff --git a/pkg/report/testdata/linux/report/60 b/pkg/report/testdata/linux/report/60 index 0be3e64d8..4cbf64182 100644 --- a/pkg/report/testdata/linux/report/60 +++ b/pkg/report/testdata/linux/report/60 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_preempt self-detected stall on CPU CORRUPTED: Y [ 50.583499] something diff --git a/pkg/report/testdata/linux/report/61 b/pkg/report/testdata/linux/report/61 index d8f4581ee..7cff0cbfd 100644 --- a/pkg/report/testdata/linux/report/61 +++ b/pkg/report/testdata/linux/report/61 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched self-detected stall on CPU CORRUPTED: Y [ 50.583499] INFO: rcu_sched self-detected stall on CPU diff --git a/pkg/report/testdata/linux/report/62 b/pkg/report/testdata/linux/report/62 index 7afb2f802..4a51fafd3 100644 --- a/pkg/report/testdata/linux/report/62 +++ b/pkg/report/testdata/linux/report/62 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_bh detected stalls on CPUs/tasks: CORRUPTED: Y [ 152.002376] INFO: rcu_bh detected stalls on CPUs/tasks: diff --git a/pkg/report/testdata/linux/report/63 b/pkg/report/testdata/linux/report/63 index 6c7a706a2..d89b05b75 100644 --- a/pkg/report/testdata/linux/report/63 +++ b/pkg/report/testdata/linux/report/63 @@ -1,4 +1,4 @@ -TITLE: INFO: rcu detected stall +TITLE: INFO: rcu_sched detected expedited stalls on CPUs/tasks: { CORRUPTED: Y [ 72.159680] INFO: rcu_sched detected expedited stalls on CPUs/tasks: { diff --git a/pkg/report/testdata/linux/report/64 b/pkg/report/testdata/linux/report/64 index f1e4b3e01..f5bfd0eaa 100644 --- a/pkg/report/testdata/linux/report/64 +++ b/pkg/report/testdata/linux/report/64 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock lockup suspected +TITLE: BUG: spinlock lockup suspected on CPU, syz-executor/NUM CORRUPTED: Y [ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 diff --git a/pkg/report/testdata/linux/report/65 b/pkg/report/testdata/linux/report/65 index 73d6d3a33..d6cc73b35 100644 --- a/pkg/report/testdata/linux/report/65 +++ b/pkg/report/testdata/linux/report/65 @@ -1,4 +1,235 @@ -TITLE: BUG: soft lockup -CORRUPTED: Y +TITLE: BUG: soft lockup in smp_call_function_many -[ 72.159680] BUG: soft lockup - CPU#3 stuck for 11s! [syz-executor:643] +[ 247.938942] watchdog: BUG: soft lockup - CPU#0 stuck for 134s! [kworker/0:2:1400] +[ 247.946595] Modules linked in: +[ 247.949764] irq event stamp: 494028 +[ 247.953370] hardirqs last enabled at (494027): [] restore_regs_and_return_to_kernel+0x0/0x26 +[ 247.963568] hardirqs last disabled at (494028): [] apic_timer_interrupt+0x98/0xb0 +[ 247.972723] softirqs last enabled at (484570): [] __do_softirq+0x733/0xbb2 +[ 247.981361] softirqs last disabled at (484563): [] irq_exit+0x1d3/0x210 +[ 247.990083] CPU: 0 PID: 1400 Comm: kworker/0:2 Not tainted 4.15.0-rc1+ #198 +[ 247.997151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 248.006484] Workqueue: events jump_label_update_timeout +[ 248.011822] task: ffff8801d2abe540 task.stack: ffff8801d2ac0000 +[ 248.019334] RIP: 0010:smp_call_function_single+0x364/0x560 +[ 248.026315] RSP: 0018:ffff8801d2ac6f00 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff11 +[ 248.033996] RAX: ffff8801d2abe540 RBX: 1ffff1003a558de8 RCX: ffffffff8164c2e2 +[ 248.041239] RDX: 0000000000000000 RSI: 00000000000000fb RDI: ffff8801d2ac6ff8 +[ 248.048482] RBP: ffff8801d2ac7050 R08: 1ffff1003a558dff R09: 0000000000000000 +[ 248.055724] R10: ffff8801d2ac7078 R11: 0000000000000000 R12: ffff8801d2ac6ff8 +[ 248.062969] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffed003a558df4 +[ 248.070211] FS: 0000000000000000(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000 +[ 248.078408] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 +[ 248.084262] CR2: 0000000020335ffc CR3: 00000001d0869000 CR4: 00000000001426f0 +[ 248.091506] Call Trace: +[ 248.094075] ? add_nops+0x90/0x90 +[ 248.097504] ? generic_exec_single+0x5b0/0x5b0 +[ 248.102062] ? __mutex_lock+0x16f/0x1a80 +[ 248.106093] ? arch_jump_label_transform+0x1b/0x40 +[ 248.110995] ? print_usage_bug+0x3f0/0x3f0 +[ 248.115213] ? _find_next_bit+0xee/0x120 +[ 248.119250] ? add_nops+0x90/0x90 +[ 248.122676] ? find_next_bit+0x27/0x30 +[ 248.126547] smp_call_function_many+0x773/0x930 +[ 248.131192] ? smp_call_function_many+0x773/0x930 +[ 248.136013] ? add_nops+0x90/0x90 +[ 248.139449] ? smp_call_function_single_async+0x2d0/0x2d0 +[ 248.144960] ? mark_held_locks+0xb2/0x100 +[ 248.149082] ? text_poke+0x336/0x530 +[ 248.152772] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.157763] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.162488] ? trace_hardirqs_on+0xd/0x10 +[ 248.166606] ? add_nops+0x90/0x90 +[ 248.170033] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.174760] on_each_cpu+0x3d/0x1b0 +[ 248.178359] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.183088] text_poke_bp+0xe4/0x170 +[ 248.186774] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 248.191590] ? poke_int3_handler+0x90/0x90 +[ 248.195800] ? wait_for_completion+0x7b0/0x7b0 +[ 248.200361] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.205094] __jump_label_transform.isra.0+0x6a5/0x8a0 +[ 248.210352] ? bug_at+0x20/0x20 +[ 248.213606] ? check_noncircular+0x20/0x20 +[ 248.217814] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.222633] ? modules_open+0xa0/0xa0 +[ 248.226421] arch_jump_label_transform+0x2f/0x40 +[ 248.231152] __jump_label_update+0x207/0x2d0 +[ 248.235539] ? static_key_count+0x110/0x110 +[ 248.239838] ? atomic_dec_and_mutex_lock+0x112/0x150 +[ 248.244917] ? mutex_spin_on_owner+0xb50/0xb50 +[ 248.249480] jump_label_update+0x22c/0x2b0 +[ 248.253695] static_key_slow_dec_cpuslocked+0x176/0x1d0 +[ 248.259034] ? static_key_slow_inc+0x3c0/0x3c0 +[ 248.263596] ? rcu_read_lock_sched_held+0x108/0x120 +[ 248.268594] jump_label_update_timeout+0x1f/0x30 +[ 248.273326] process_one_work+0xbfd/0x1be0 +[ 248.277556] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 248.282197] ? finish_task_switch+0x1d3/0x740 +[ 248.286664] ? finish_task_switch+0x1aa/0x740 +[ 248.291159] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.295987] ? perf_trace_lock+0x900/0x900 +[ 248.300191] ? __sched_text_start+0x8/0x8 +[ 248.304316] ? lock_downgrade+0x980/0x980 +[ 248.308440] ? __wake_up_common_lock+0x190/0x310 +[ 248.313189] ? find_held_lock+0x39/0x1d0 +[ 248.317242] ? lock_acquire+0x1d5/0x580 +[ 248.321189] ? worker_thread+0x4a3/0x1990 +[ 248.325321] ? lock_release+0xda0/0xda0 +[ 248.329271] ? worker_pool_assign_id+0x1b0/0x1b0 +[ 248.334004] ? do_raw_spin_trylock+0x190/0x190 +[ 248.338580] worker_thread+0x223/0x1990 +[ 248.342560] ? process_one_work+0x1be0/0x1be0 +[ 248.347034] ? _raw_spin_unlock_irq+0x27/0x70 +[ 248.351505] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.356494] ? trace_hardirqs_on+0xd/0x10 +[ 248.360617] ? finish_task_switch+0x1d3/0x740 +[ 248.365083] ? finish_task_switch+0x1aa/0x740 +[ 248.369558] ? copy_overflow+0x20/0x20 +[ 248.373437] ? __schedule+0x8f3/0x2060 +[ 248.377296] ? check_noncircular+0x20/0x20 +[ 248.381527] ? find_held_lock+0x39/0x1d0 +[ 248.385573] ? find_held_lock+0x39/0x1d0 +[ 248.389625] ? lock_downgrade+0x980/0x980 +[ 248.393751] ? default_wake_function+0x30/0x50 +[ 248.398320] ? __schedule+0x2060/0x2060 +[ 248.402263] ? do_wait_intr+0x3e0/0x3e0 +[ 248.406215] ? do_raw_spin_trylock+0x190/0x190 +[ 248.410772] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 248.415852] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.420842] ? trace_hardirqs_on+0xd/0x10 +[ 248.424963] ? __kthread_parkme+0x175/0x240 +[ 248.429263] kthread+0x37a/0x440 +[ 248.432602] ? process_one_work+0x1be0/0x1be0 +[ 248.437067] ? kthread_stop+0x7b0/0x7b0 +[ 248.441018] ret_from_fork+0x24/0x30 +[ 248.444727] Code: 00 00 00 fc ff df 44 89 bd 50 ff ff ff 48 c1 e8 03 4c 01 e8 41 83 e7 01 c6 00 f8 74 4e 49 89 c7 49 83 c4 18 e8 4e 25 0b 00 f3 90 <4c> 89 e2 41 c6 07 04 48 c1 ea 03 42 0f b6 14 2a 84 d2 74 09 80 +[ 248.463942] Kernel panic - not syncing: softlockup: hung tasks +[ 248.469888] CPU: 0 PID: 1400 Comm: kworker/0:2 Tainted: G L 4.15.0-rc1+ #198 +[ 248.478256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 248.487585] Workqueue: events jump_label_update_timeout +[ 248.492919] Call Trace: +[ 248.495472] +[ 248.497597] dump_stack+0x194/0x257 +[ 248.501202] ? arch_local_irq_restore+0x53/0x53 +[ 248.505843] ? vprintk_default+0x28/0x30 +[ 248.509878] ? vprintk_func+0x5e/0xc0 +[ 248.513650] ? vsnprintf+0x1ed/0x1900 +[ 248.517432] panic+0x1e4/0x41c +[ 248.520597] ? refcount_error_report+0x214/0x214 +[ 248.525340] ? watchdog_timer_fn+0x303/0x320 +[ 248.529731] watchdog_timer_fn+0x314/0x320 +[ 248.533947] __hrtimer_run_queues+0x349/0xe10 +[ 248.538418] ? lock_downgrade+0x980/0x980 +[ 248.542540] ? watchdog+0x30/0x30 +[ 248.545971] ? hrtimer_cancel+0x40/0x40 +[ 248.549931] ? pvclock_read_flags+0x160/0x160 +[ 248.554417] ? kvm_clock_get_cycles+0x25/0x30 +[ 248.558883] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 248.564229] ? do_timer+0x50/0x50 +[ 248.567661] ? native_apic_msr_write+0x5c/0x80 +[ 248.572213] ? do_raw_spin_trylock+0x190/0x190 +[ 248.576767] ? lapic_next_event+0x54/0x80 +[ 248.580891] ? clockevents_program_event+0x108/0x2e0 +[ 248.585978] hrtimer_interrupt+0x1d4/0x5f0 +[ 248.590213] smp_apic_timer_interrupt+0x14a/0x700 +[ 248.595032] ? smp_call_function_single_interrupt+0x640/0x640 +[ 248.600889] ? _raw_spin_lock+0x32/0x40 +[ 248.604847] ? handle_edge_irq+0x2b4/0x7c0 +[ 248.609054] ? task_prio+0x40/0x40 +[ 248.612583] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 248.617409] apic_timer_interrupt+0x9d/0xb0 +[ 248.621700] +[ 248.623909] RIP: 0010:smp_call_function_single+0x364/0x560 +[ 248.629500] RSP: 0018:ffff8801d2ac6f00 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff11 +[ 248.637180] RAX: ffff8801d2abe540 RBX: 1ffff1003a558de8 RCX: ffffffff8164c2e2 +[ 248.644421] RDX: 0000000000000000 RSI: 00000000000000fb RDI: ffff8801d2ac6ff8 +[ 248.651662] RBP: ffff8801d2ac7050 R08: 1ffff1003a558dff R09: 0000000000000000 +[ 248.658903] R10: ffff8801d2ac7078 R11: 0000000000000000 R12: ffff8801d2ac6ff8 +[ 248.666144] R13: dffffc0000000000 R14: 0000000000000000 R15: ffffed003a558df4 +[ 248.673405] ? smp_call_function_single+0x362/0x560 +[ 248.678409] ? add_nops+0x90/0x90 +[ 248.681839] ? generic_exec_single+0x5b0/0x5b0 +[ 248.686393] ? __mutex_lock+0x16f/0x1a80 +[ 248.690427] ? arch_jump_label_transform+0x1b/0x40 +[ 248.695329] ? print_usage_bug+0x3f0/0x3f0 +[ 248.699548] ? _find_next_bit+0xee/0x120 +[ 248.703586] ? add_nops+0x90/0x90 +[ 248.707013] ? find_next_bit+0x27/0x30 +[ 248.710884] smp_call_function_many+0x773/0x930 +[ 248.715539] ? smp_call_function_many+0x773/0x930 +[ 248.720362] ? add_nops+0x90/0x90 +[ 248.723796] ? smp_call_function_single_async+0x2d0/0x2d0 +[ 248.729309] ? mark_held_locks+0xb2/0x100 +[ 248.733431] ? text_poke+0x336/0x530 +[ 248.737120] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.742109] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.746838] ? trace_hardirqs_on+0xd/0x10 +[ 248.750957] ? add_nops+0x90/0x90 +[ 248.754383] ? apic_has_pending_timer+0x80/0x2a0 +[ 248.759110] on_each_cpu+0x3d/0x1b0 +[ 248.762710] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.767443] text_poke_bp+0xe4/0x170 +[ 248.771131] ? __mutex_unlock_slowpath+0xe9/0xac0 +[ 248.775946] ? poke_int3_handler+0x90/0x90 +[ 248.780158] ? wait_for_completion+0x7b0/0x7b0 +[ 248.784721] ? apic_has_pending_timer+0x7f/0x2a0 +[ 248.789452] __jump_label_transform.isra.0+0x6a5/0x8a0 +[ 248.794707] ? bug_at+0x20/0x20 +[ 248.797964] ? check_noncircular+0x20/0x20 +[ 248.802170] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.806990] ? modules_open+0xa0/0xa0 +[ 248.810776] arch_jump_label_transform+0x2f/0x40 +[ 248.815507] __jump_label_update+0x207/0x2d0 +[ 248.819895] ? static_key_count+0x110/0x110 +[ 248.824192] ? atomic_dec_and_mutex_lock+0x112/0x150 +[ 248.829269] ? mutex_spin_on_owner+0xb50/0xb50 +[ 248.833832] jump_label_update+0x22c/0x2b0 +[ 248.838048] static_key_slow_dec_cpuslocked+0x176/0x1d0 +[ 248.843387] ? static_key_slow_inc+0x3c0/0x3c0 +[ 248.847951] ? rcu_read_lock_sched_held+0x108/0x120 +[ 248.853695] jump_label_update_timeout+0x1f/0x30 +[ 248.858424] process_one_work+0xbfd/0x1be0 +[ 248.862653] ? pwq_dec_nr_in_flight+0x450/0x450 +[ 248.867292] ? finish_task_switch+0x1d3/0x740 +[ 248.871756] ? finish_task_switch+0x1aa/0x740 +[ 248.876251] ? perf_trace_lock_acquire+0xe3/0x980 +[ 248.881080] ? perf_trace_lock+0x900/0x900 +[ 248.885287] ? __sched_text_start+0x8/0x8 +[ 248.889411] ? lock_downgrade+0x980/0x980 +[ 248.893533] ? __wake_up_common_lock+0x190/0x310 +[ 248.898281] ? find_held_lock+0x39/0x1d0 +[ 248.902335] ? lock_acquire+0x1d5/0x580 +[ 248.906283] ? worker_thread+0x4a3/0x1990 +[ 248.910414] ? lock_release+0xda0/0xda0 +[ 248.914363] ? worker_pool_assign_id+0x1b0/0x1b0 +[ 248.919094] ? do_raw_spin_trylock+0x190/0x190 +[ 248.923671] worker_thread+0x223/0x1990 +[ 248.927650] ? process_one_work+0x1be0/0x1be0 +[ 248.932122] ? _raw_spin_unlock_irq+0x27/0x70 +[ 248.936593] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 248.941582] ? trace_hardirqs_on+0xd/0x10 +[ 248.945708] ? finish_task_switch+0x1d3/0x740 +[ 248.950177] ? finish_task_switch+0x1aa/0x740 +[ 248.954652] ? copy_overflow+0x20/0x20 +[ 248.958530] ? __schedule+0x8f3/0x2060 +[ 248.962386] ? check_noncircular+0x20/0x20 +[ 248.966615] ? find_held_lock+0x39/0x1d0 +[ 248.970661] ? find_held_lock+0x39/0x1d0 +[ 248.974716] ? lock_downgrade+0x980/0x980 +[ 248.978841] ? default_wake_function+0x30/0x50 +[ 248.983411] ? __schedule+0x2060/0x2060 +[ 248.987355] ? do_wait_intr+0x3e0/0x3e0 +[ 248.991308] ? do_raw_spin_trylock+0x190/0x190 +[ 248.995865] ? _raw_spin_unlock_irqrestore+0x31/0xba +[ 249.000944] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 249.005933] ? trace_hardirqs_on+0xd/0x10 +[ 249.010055] ? __kthread_parkme+0x175/0x240 +[ 249.014357] kthread+0x37a/0x440 +[ 249.017695] ? process_one_work+0x1be0/0x1be0 +[ 249.022163] ? kthread_stop+0x7b0/0x7b0 +[ 249.026113] ret_from_fork+0x24/0x30 +[ 249.030488] Dumping ftrace buffer: +[ 249.034111] (ftrace buffer empty) +[ 249.037809] Kernel Offset: disabled +[ 249.041413] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/66 b/pkg/report/testdata/linux/report/66 index efca8de66..1f9ef4a6a 100644 --- a/pkg/report/testdata/linux/report/66 +++ b/pkg/report/testdata/linux/report/66 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock lockup suspected +TITLE: BUG: spinlock lockup suspected on CPU, syz-executor/NUM CORRUPTED: Y [ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 diff --git a/pkg/report/testdata/linux/report/67 b/pkg/report/testdata/linux/report/67 index 81f2d6f45..2eef4bbe5 100644 --- a/pkg/report/testdata/linux/report/67 +++ b/pkg/report/testdata/linux/report/67 @@ -1,5 +1,173 @@ -TITLE: BUG: soft lockup -CORRUPTED: Y +TITLE: BUG: soft lockup in mulaw_decode -[ 72.159680] BUG: soft lockup - CPU#3 stuck for 11s! [syz-executor:643] -[ 72.159680] BUG: spinlock lockup suspected on CPU#2, syz-executor/12636 +[ 562.725743] watchdog: BUG: soft lockup - CPU#0 stuck for 135s! [syzkaller670324:3527] +[ 562.733767] Modules linked in: +[ 562.736941] irq event stamp: 2531226 +[ 562.740767] hardirqs last enabled at (2531225): [<00000000f1ec093f>] snd_pcm_stream_unlock_irq+0x78/0xe0 +[ 562.750576] hardirqs last disabled at (2531226): [<000000003c6ef1cd>] apic_timer_interrupt+0xa4/0xb0 +[ 562.759828] softirqs last enabled at (41848): [<0000000081bd5f03>] __do_softirq+0x7a0/0xb85 +[ 562.768381] softirqs last disabled at (41829): [<00000000d02c6d52>] irq_exit+0x1cc/0x200 +[ 562.777054] CPU: 0 PID: 3527 Comm: syzkaller670324 Not tainted 4.15.0-rc6+ #158 +[ 562.784477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 562.793814] RIP: 0010:memcpy+0x45/0x50 +[ 562.797675] RSP: 0018:ffff8801bf6676f0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff11 +[ 562.805414] RAX: ffffc9000137ba06 RBX: 0000000000000002 RCX: 0000000000000000 +[ 562.812665] RDX: 0000000000000002 RSI: ffff8801bf6677da RDI: ffffc9000137ba08 +[ 562.819913] RBP: ffff8801bf667708 R08: fffff5200026f741 R09: fffff5200026f741 +[ 562.827157] R10: 0000000000000001 R11: fffff5200026f740 R12: ffffc9000137ba06 +[ 562.834404] R13: ffff8801bf6677d8 R14: dffffc0000000000 R15: ffffc9000137ba06 +[ 562.841665] FS: 0000000000000000(0000) GS:ffff8801db200000(0063) knlGS:00000000f7ec6b40 +[ 562.849868] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 +[ 562.855726] CR2: 0000000020735ee0 CR3: 00000001bfba8002 CR4: 00000000001606f0 +[ 562.862979] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 +[ 562.870226] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 +[ 562.877473] Call Trace: +[ 562.880094] mulaw_decode+0x52f/0x770 +[ 562.883876] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 562.888898] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 562.894156] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 562.899501] ? io_src_channels+0x10a/0x210 +[ 562.903719] mulaw_transfer+0x222/0x270 +[ 562.907670] ? lock_release+0xa40/0xa40 +[ 562.911626] ? mulaw_encode+0x7c0/0x7c0 +[ 562.915588] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 562.920680] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 562.926368] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 562.931623] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 562.937326] snd_pcm_oss_write2+0x260/0x420 +[ 562.941634] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 562.946110] ? snd_pcm_oss_write2+0x2bb/0x420 +[ 562.950586] ? snd_pcm_oss_write2+0x2e6/0x420 +[ 562.955066] snd_pcm_oss_write+0x5fe/0x830 +[ 562.959301] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 562.964131] ? find_held_lock+0x35/0x1d0 +[ 562.968182] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 562.973007] __vfs_write+0xef/0x970 +[ 562.976617] ? rcu_note_context_switch+0x710/0x710 +[ 562.981531] ? kernel_read+0x120/0x120 +[ 562.985398] ? __might_sleep+0x95/0x190 +[ 562.989356] ? _cond_resched+0x14/0x30 +[ 562.993223] ? __inode_security_revalidate+0xd9/0x130 +[ 562.998392] ? avc_policy_seqno+0x9/0x20 +[ 563.002432] ? selinux_file_permission+0x82/0x460 +[ 563.007260] ? security_file_permission+0x89/0x1e0 +[ 563.012174] ? rw_verify_area+0xe5/0x2b0 +[ 563.016212] ? __fdget_raw+0x20/0x20 +[ 563.019910] vfs_write+0x189/0x510 +[ 563.023439] SyS_write+0xef/0x220 +[ 563.026872] ? __do_page_fault+0x3d6/0xc90 +[ 563.031090] ? SyS_read+0x220/0x220 +[ 563.034702] ? do_fast_syscall_32+0x156/0xf9d +[ 563.039182] ? SyS_read+0x220/0x220 +[ 563.042792] do_fast_syscall_32+0x3ee/0xf9d +[ 563.047102] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 563.051675] ? syscall_return_slowpath+0x2ad/0x550 +[ 563.056584] ? prepare_exit_to_usermode+0x340/0x340 +[ 563.061581] ? retint_user+0x18/0x18 +[ 563.065284] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.070119] entry_SYSENTER_compat+0x54/0x63 +[ 563.074504] RIP: 0023:0xf7f0cc79 +[ 563.077845] RSP: 002b:00000000f7ec61fc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 +[ 563.085532] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020735ee0 +[ 563.092780] RDX: 00000000fffffee4 RSI: 0000000000000000 RDI: 0000000000000000 +[ 563.100028] RBP: 00000000003d0f00 R08: 0000000000000000 R09: 0000000000000000 +[ 563.107277] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 563.114524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 +[ 563.121796] Code: 89 de 31 d2 e8 9d f9 ff ff 48 8b 4d 08 48 89 de 4c 89 e7 ba 01 00 00 00 e8 89 f9 ff ff 48 89 da 4c 89 ee 4c 89 e7 e8 7b eb c0 03 <5b> 41 5c 41 5d 5d c3 0f 1f 40 00 89 f1 b8 00 10 00 00 55 48 d3 +[ 563.141034] Kernel panic - not syncing: softlockup: hung tasks +[ 563.146993] CPU: 0 PID: 3527 Comm: syzkaller670324 Tainted: G L 4.15.0-rc6+ #158 +[ 563.155717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 563.165059] Call Trace: +[ 563.167618] +[ 563.169827] dump_stack+0x194/0x257 +[ 563.173438] ? arch_local_irq_restore+0x53/0x53 +[ 563.178082] ? vprintk_default+0x28/0x30 +[ 563.182125] ? vprintk_func+0x5e/0xc0 +[ 563.185907] ? vsnprintf+0x1ed/0x1900 +[ 563.189692] panic+0x1e4/0x41c +[ 563.192864] ? refcount_error_report+0x214/0x214 +[ 563.197611] ? watchdog_timer_fn+0x303/0x320 +[ 563.202006] watchdog_timer_fn+0x314/0x320 +[ 563.206236] __hrtimer_run_queues+0x358/0xe20 +[ 563.210715] ? watchdog+0x30/0x30 +[ 563.214154] ? hrtimer_fixup_init+0x70/0x70 +[ 563.218466] ? pvclock_read_flags+0x160/0x160 +[ 563.222959] ? kvm_clock_get_cycles+0x25/0x30 +[ 563.227434] ? ktime_get_update_offsets_now+0x34a/0x520 +[ 563.232786] ? do_timer+0x50/0x50 +[ 563.236217] ? native_apic_msr_write+0x5c/0x80 +[ 563.240777] ? do_raw_spin_trylock+0x190/0x190 +[ 563.245336] ? lapic_next_event+0x54/0x80 +[ 563.249464] ? clockevents_program_event+0x108/0x2e0 +[ 563.254559] hrtimer_interrupt+0x1c2/0x5e0 +[ 563.258801] smp_apic_timer_interrupt+0x14a/0x700 +[ 563.263623] ? smp_call_function_single_interrupt+0x640/0x640 +[ 563.269488] ? _raw_spin_lock+0x32/0x40 +[ 563.273447] ? _raw_spin_unlock+0x22/0x30 +[ 563.277573] ? handle_edge_irq+0x2b4/0x7c0 +[ 563.281787] ? task_prio+0x40/0x40 +[ 563.285324] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.290156] apic_timer_interrupt+0xa9/0xb0 +[ 563.294450] +[ 563.296665] RIP: 0010:memcpy+0x45/0x50 +[ 563.300525] RSP: 0018:ffff8801bf6676f0 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff11 +[ 563.308213] RAX: ffffc9000137ba06 RBX: 0000000000000002 RCX: 0000000000000000 +[ 563.316166] RDX: 0000000000000002 RSI: ffff8801bf6677da RDI: ffffc9000137ba08 +[ 563.323417] RBP: ffff8801bf667708 R08: fffff5200026f741 R09: fffff5200026f741 +[ 563.330662] R10: 0000000000000001 R11: fffff5200026f740 R12: ffffc9000137ba06 +[ 563.337911] R13: ffff8801bf6677d8 R14: dffffc0000000000 R15: ffffc9000137ba06 +[ 563.345202] mulaw_decode+0x52f/0x770 +[ 563.348983] ? trace_hardirqs_on_caller+0x421/0x5c0 +[ 563.354005] ? snd_pcm_plugin_build_linear+0x8a0/0x8a0 +[ 563.359265] ? snd_pcm_plugin_client_channels+0x17/0x80 +[ 563.364611] ? io_src_channels+0x10a/0x210 +[ 563.368831] mulaw_transfer+0x222/0x270 +[ 563.372780] ? lock_release+0xa40/0xa40 +[ 563.376738] ? mulaw_encode+0x7c0/0x7c0 +[ 563.380695] snd_pcm_plug_write_transfer+0x22d/0x420 +[ 563.385786] ? snd_pcm_plug_client_channels_buf+0x3f0/0x3f0 +[ 563.391477] ? snd_pcm_format_physical_width+0x5b/0x70 +[ 563.396734] ? snd_pcm_plug_client_channels_buf+0x1db/0x3f0 +[ 563.402433] snd_pcm_oss_write2+0x260/0x420 +[ 563.406767] ? snd_pcm_oss_write3+0x1b0/0x1b0 +[ 563.411242] ? snd_pcm_oss_write2+0x2bb/0x420 +[ 563.415719] ? snd_pcm_oss_write2+0x2e6/0x420 +[ 563.420201] snd_pcm_oss_write+0x5fe/0x830 +[ 563.424433] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 563.429258] ? find_held_lock+0x35/0x1d0 +[ 563.433309] ? snd_pcm_oss_ioctl_compat+0x30/0x30 +[ 563.438130] __vfs_write+0xef/0x970 +[ 563.441737] ? rcu_note_context_switch+0x710/0x710 +[ 563.446648] ? kernel_read+0x120/0x120 +[ 563.450517] ? __might_sleep+0x95/0x190 +[ 563.454475] ? _cond_resched+0x14/0x30 +[ 563.458343] ? __inode_security_revalidate+0xd9/0x130 +[ 563.463514] ? avc_policy_seqno+0x9/0x20 +[ 563.467552] ? selinux_file_permission+0x82/0x460 +[ 563.472382] ? security_file_permission+0x89/0x1e0 +[ 563.477298] ? rw_verify_area+0xe5/0x2b0 +[ 563.481338] ? __fdget_raw+0x20/0x20 +[ 563.485036] vfs_write+0x189/0x510 +[ 563.488563] SyS_write+0xef/0x220 +[ 563.491996] ? __do_page_fault+0x3d6/0xc90 +[ 563.496215] ? SyS_read+0x220/0x220 +[ 563.499827] ? do_fast_syscall_32+0x156/0xf9d +[ 563.504309] ? SyS_read+0x220/0x220 +[ 563.507918] do_fast_syscall_32+0x3ee/0xf9d +[ 563.512230] ? do_int80_syscall_32+0x9d0/0x9d0 +[ 563.516803] ? syscall_return_slowpath+0x2ad/0x550 +[ 563.521711] ? prepare_exit_to_usermode+0x340/0x340 +[ 563.526706] ? retint_user+0x18/0x18 +[ 563.530404] ? trace_hardirqs_off_thunk+0x1a/0x1c +[ 563.535238] entry_SYSENTER_compat+0x54/0x63 +[ 563.539641] RIP: 0023:0xf7f0cc79 +[ 563.542980] RSP: 002b:00000000f7ec61fc EFLAGS: 00000246 ORIG_RAX: 0000000000000004 +[ 563.550667] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000020735ee0 +[ 563.557914] RDX: 00000000fffffee4 RSI: 0000000000000000 RDI: 0000000000000000 +[ 563.565162] RBP: 00000000003d0f00 R08: 0000000000000000 R09: 0000000000000000 +[ 563.572409] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 +[ 563.579660] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 +[ 563.587661] Dumping ftrace buffer: +[ 563.591248] (ftrace buffer empty) +[ 563.594937] Kernel Offset: disabled +[ 563.598549] Rebooting in 86400 seconds.. diff --git a/pkg/report/testdata/linux/report/68 b/pkg/report/testdata/linux/report/68 index fd92ec162..3e6c702f5 100644 --- a/pkg/report/testdata/linux/report/68 +++ b/pkg/report/testdata/linux/report/68 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock recursion +TITLE: BUG: spinlock recursion in __task_rq_lock [ 213.269287] BUG: spinlock recursion on CPU#0, syz-executor7/5032 [ 213.281506] lock: 0xffff88006c122d00, .magic: dead4ead, .owner: syz-executor7/5032, .owner_cpu: -1 diff --git a/pkg/report/testdata/linux/report/69 b/pkg/report/testdata/linux/report/69 index 7b841d79b..06aca0a00 100644 --- a/pkg/report/testdata/linux/report/69 +++ b/pkg/report/testdata/linux/report/69 @@ -1,4 +1,4 @@ -TITLE: INFO: task hung in ldsem_down_write +TITLE: INFO: task hung in tty_ldisc_hangup [ 843.240752] INFO: task getty:2986 blocked for more than 120 seconds. [ 843.247365] Not tainted 3.18.0-13280-g93f6785-dirty #12 diff --git a/pkg/report/testdata/linux/report/7 b/pkg/report/testdata/linux/report/7 index 417322cb2..61bc14df5 100644 --- a/pkg/report/testdata/linux/report/7 +++ b/pkg/report/testdata/linux/report/7 @@ -1,4 +1,4 @@ -TITLE: BUG: soft lockup +TITLE: BUG: soft lockup - CPU stuck for 11s! [syz-executor] CORRUPTED: Y mmap(&(0x7f00008dd000/0x1000)=nil, (0x1000), 0x3, 0x32, 0xffffffffffffffff, 0x0) diff --git a/pkg/report/testdata/linux/report/70 b/pkg/report/testdata/linux/report/70 index 4f4997511..8819642d6 100644 --- a/pkg/report/testdata/linux/report/70 +++ b/pkg/report/testdata/linux/report/70 @@ -1,4 +1,4 @@ -TITLE: INFO: task hung in wait_on_page_bit_common +TITLE: INFO: task hung in iterate_bdevs [ 615.391254] INFO: task syz-executor5:10045 blocked for more than 120 seconds. [ 615.398657] Not tainted 4.13.0-rc1+ #4 diff --git a/pkg/report/testdata/linux/report/78 b/pkg/report/testdata/linux/report/78 index 4babdc208..388562018 100644 --- a/pkg/report/testdata/linux/report/78 +++ b/pkg/report/testdata/linux/report/78 @@ -1,4 +1,31 @@ -TITLE: BUG: spinlock bad magic -CORRUPTED: Y +TITLE: BUG: spinlock bad magic in tcp_nuke_addr -[ 982.271203] BUG: spinlock bad magic on CPU#0, syz-executor12/24932 +[ 82.818367] BUG: spinlock bad magic on CPU#0, ^keyring*�vmnet/20513 +[ 82.824830] lock: 0xffff8800bb37e088, .magic: ffff8800, .owner: /-1, .owner_cpu: 131071 +[ 82.833579] CPU: 0 PID: 20513 Comm: ^keyring*�vmnet Not tainted 4.4.70+ #9 +[ 82.840570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 +[ 82.849899] 0000000000000000 ffff8801d3e4faf8 ffffffff81c01b4c ffff8800bb37e088 +[ 82.857899] ffff8801d74e1d80 ffffffff83209890 ffff8800bb37e000 ffff8801d3e4fb38 +[ 82.865898] ffffffff811d2be2 0000000000000101 ffff8801db91e140 0000000000000000 +[ 82.873873] Call Trace: +[ 82.876438] [] dump_stack+0x80/0xb4 +[ 82.881697] [] spin_dump+0x152/0x280 +[ 82.887044] [] do_raw_spin_lock+0x225/0x2c0 +[ 82.892991] [] _raw_spin_lock+0xe/0x10 +[ 82.898497] [] tcp_nuke_addr+0x586/0x8a0 +[ 82.904173] [] ? security_capable+0x93/0xc0 +[ 82.910115] [] devinet_ioctl+0x58f/0x1460 +[ 82.915878] [] ? inet_ifa_byprefix+0x1e0/0x1e0 +[ 82.922075] [] ? exit_robust_list+0x1c0/0x1c0 +[ 82.928190] [] inet_ioctl+0x11c/0x1d0 +[ 82.933619] [] sock_do_ioctl+0x6a/0xb0 +[ 82.939136] [] sock_ioctl+0x29b/0x390 +[ 82.944569] [] ? compat_ifr_data_ioctl+0x150/0x150 +[ 82.951122] [] do_vfs_ioctl+0x68f/0xdb0 +[ 82.956714] [] ? do_mmap+0x288/0x980 +[ 82.962051] [] ? ioctl_preallocate+0x1c0/0x1c0 +[ 82.968250] [] ? SyS_futex+0x1fc/0x2a0 +[ 82.973753] [] ? __fget+0x177/0x220 +[ 82.978999] [] ? security_file_ioctl+0x8e/0xc0 +[ 82.985204] [] SyS_ioctl+0x94/0xc0 +[ 82.990363] [] entry_SYSCALL_64_fastpath+0x12/0x6d diff --git a/pkg/report/testdata/linux/report/84 b/pkg/report/testdata/linux/report/84 index 3ed5ec48d..2ce990e6c 100644 --- a/pkg/report/testdata/linux/report/84 +++ b/pkg/report/testdata/linux/report/84 @@ -1,4 +1,4 @@ -TITLE: general protection fault +TITLE: general protection fault: 0000 [#1] [ 387.NUM] audit: type=1326 audit(ADDR.637:LINE): auid=ADDR uid=0 gid=0 ses=ADDR pid=NUM comm="syz-executor" exe="/root/s CORRUPTED: Y [ 92.396607] general protection fault: 0000 [#1] [ 387.811073] audit: type=1326 audit(1486238739.637:135): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=10020 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x44fad9 code=0x0 diff --git a/pkg/report/testdata/linux/report/91 b/pkg/report/testdata/linux/report/91 index aa46f2079..5931bb081 100644 --- a/pkg/report/testdata/linux/report/91 +++ b/pkg/report/testdata/linux/report/91 @@ -1,4 +1,4 @@ -TITLE: suspicious RCU usage at net/ipv6/ip6_flowlabel.c:LINE +TITLE: INFO: suspicious RCU usage. ] CORRUPTED: Y [ 1722.511384] =============================== diff --git a/pkg/report/testdata/linux/report/95 b/pkg/report/testdata/linux/report/95 index 01cc58178..c7919e1d3 100644 --- a/pkg/report/testdata/linux/report/95 +++ b/pkg/report/testdata/linux/report/95 @@ -1,4 +1,4 @@ -TITLE: BUG: spinlock already unlocked +TITLE: BUG: spinlock already unlocked in __wake_up [ 108.620932] BUG: spinlock already unlocked on CPU#1, migration/1/12 [ 108.627365] lock: rcu_sched_state+0xb40/0xc20, .magic: dead4ead, .owner: /-1, .owner_cpu: -1 @@ -32,4 +32,4 @@ TITLE: BUG: spinlock already unlocked [ 108.804399] [] ? kthread_create_on_node+0x460/0x460 [ 108.811031] [] ret_from_fork+0x5c/0x90 [ 108.816532] [] ? kthread_create_on_node+0x460/0x460 - \ No newline at end of file + diff --git a/pkg/report/testdata/linux/report/98 b/pkg/report/testdata/linux/report/98 index 7aa4b3c81..ea0234574 100644 --- a/pkg/report/testdata/linux/report/98 +++ b/pkg/report/testdata/linux/report/98 @@ -1,4 +1,4 @@ -TITLE: possible deadlock +TITLE: WARNING: possible circular locking dependency detected CORRUPTED: Y [ 308.130685] ====================================================== -- cgit mrf-deployment