From: syzbot <syzbot+38f5d5cf7ae88c46b11a@syzkaller.appspotmail.com>
To: gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org,
syzkaller-bugs@googlegroups.com, tj@kernel.org
Subject: WARNING in kernfs_create_dir_ns
Date: Sat, 29 Jun 2019 06:12:05 -0700 [thread overview]
Message-ID: <0000000000003ec128058c7624ec@google.com> (raw)
Hello,
syzbot found the following crash on:
HEAD commit: 4b972a01 Linux 5.2-rc6
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14910879a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9a31528e58cc12e2
dashboard link: https://syzkaller.appspot.com/bug?extid=38f5d5cf7ae88c46b11a
compiler: clang version 9.0.0 (/home/glider/llvm/clang
80fee25776c2fb61e74c1ecb1a523375c2500b69)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+38f5d5cf7ae88c46b11a@syzkaller.appspotmail.com
WARNING: CPU: 0 PID: 9071 at fs/kernfs/dir.c:493 kernfs_get
fs/kernfs/dir.c:493 [inline]
WARNING: CPU: 0 PID: 9071 at fs/kernfs/dir.c:493 kernfs_new_node
fs/kernfs/dir.c:700 [inline]
WARNING: CPU: 0 PID: 9071 at fs/kernfs/dir.c:493
kernfs_create_dir_ns+0x205/0x230 fs/kernfs/dir.c:1022
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 9071 Comm: syz-executor.1 Not tainted 5.2.0-rc6 #6
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1d8/0x2f8 lib/dump_stack.c:113
panic+0x28a/0x7c9 kernel/panic.c:219
__warn+0x216/0x220 kernel/panic.c:576
report_bug+0x190/0x290 lib/bug.c:186
fixup_bug arch/x86/kernel/traps.c:179 [inline]
do_error_trap+0xd7/0x450 arch/x86/kernel/traps.c:272
do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:291
invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:986
RIP: 0010:kernfs_get fs/kernfs/dir.c:493 [inline]
RIP: 0010:kernfs_new_node fs/kernfs/dir.c:700 [inline]
RIP: 0010:kernfs_create_dir_ns+0x205/0x230 fs/kernfs/dir.c:1022
Code: ff 4c 89 ff e8 7c cd ff ff 4c 63 fb eb 05 e8 e2 27 9a ff 4c 89 f8 48
83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cb 27 9a ff <0f> 0b e9 e9 fe
ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c be fe ff
RSP: 0018:ffff88805a66f590 EFLAGS: 00010287
RAX: ffffffff81db8a25 RBX: ffff88808fad88c0 RCX: 0000000000040000
RDX: ffffc90007ff6000 RSI: 000000000001e1a2 RDI: 000000000001e1a3
RBP: ffff88805a66f5c8 R08: ffffffff81db8907 R09: ffffed1011f5b119
R10: ffffed1011f5b119 R11: 1ffff11011f5b118 R12: ffff888098366600
R13: dffffc0000000000 R14: 0000000000000000 R15: ffff8880a8f66620
sysfs_create_dir_ns+0x161/0x300 fs/sysfs/dir.c:59
create_dir lib/kobject.c:89 [inline]
kobject_add_internal+0x459/0xd50 lib/kobject.c:255
kobject_add_varg lib/kobject.c:390 [inline]
kobject_add+0x138/0x200 lib/kobject.c:442
device_add+0x508/0x1570 drivers/base/core.c:2062
hci_register_dev+0x331/0x6c0 net/bluetooth/hci_core.c:3305
hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:661 [inline]
hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:685 [inline]
hci_uart_tty_ioctl+0x815/0x970 drivers/bluetooth/hci_ldisc.c:739
tty_ioctl+0xf66/0x15d0 drivers/tty/tty_io.c:2664
do_vfs_ioctl+0x7d4/0x1890 fs/ioctl.c:46
ksys_ioctl fs/ioctl.c:713 [inline]
__do_sys_ioctl fs/ioctl.c:720 [inline]
__se_sys_ioctl fs/ioctl.c:718 [inline]
__x64_sys_ioctl+0xe3/0x120 fs/ioctl.c:718
do_syscall_64+0xfe/0x140 arch/x86/entry/common.c:301
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459519
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7
48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff
ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb578425c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
RDX: 0000000000000009 RSI: 00000000400455c8 RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb5784266d4
R13: 00000000004c21a5 R14: 00000000004d5330 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
next reply other threads:[~2019-06-29 13:12 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-29 13:12 syzbot [this message]
2019-06-30 5:41 ` WARNING in kernfs_create_dir_ns syzbot
2019-07-08 14:46 ` Tejun Heo
2019-06-30 10:40 ` syzbot
2020-04-16 0:11 ` syzbot
2020-04-16 0:30 ` Waiman Long
[not found] <20190709022335.12928-1-hdanton@sina.com>
2019-07-09 14:22 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0000000000003ec128058c7624ec@google.com \
--to=syzbot+38f5d5cf7ae88c46b11a@syzkaller.appspotmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.