netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* WARNING in mark_lock (3)
@ 2019-11-26  9:05 syzbot
  2019-11-27 19:30 ` syzbot
  2019-11-28  2:00 ` syzbot
  0 siblings, 2 replies; 8+ messages in thread
From: syzbot @ 2019-11-26  9:05 UTC (permalink / raw)
  To: davem, jhs, jiri, linux-kernel, netdev, syzkaller-bugs, xiyou.wangcong

Hello,

syzbot found the following crash on:

HEAD commit:    81429eb8 Merge tag 'arm64-fixes' of git://git.kernel.org/p..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=171edaf2e00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=56f109a734a2de32
dashboard link: https://syzkaller.appspot.com/bug?extid=a229d8d995b74f8c4b6c
compiler:       clang version 9.0.0 (/home/glider/llvm/clang  
80fee25776c2fb61e74c1ecb1a523375c2500b69)
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=13ee1f3ce00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+a229d8d995b74f8c4b6c@syzkaller.appspotmail.com

------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 8024 at kernel/locking/lockdep.c:167 hlock_class  
kernel/locking/lockdep.c:167 [inline]
WARNING: CPU: 0 PID: 8024 at kernel/locking/lockdep.c:167  
mark_lock+0x8d2/0x1650 kernel/locking/lockdep.c:3643
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 8024 Comm: udevd Not tainted 5.4.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
Call Trace:
  <IRQ>
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x1fb/0x318 lib/dump_stack.c:118
  panic+0x264/0x7a9 kernel/panic.c:221
  __warn+0x20e/0x210 kernel/panic.c:582
  report_bug+0x1b6/0x2f0 lib/bug.c:195
  fixup_bug arch/x86/kernel/traps.c:179 [inline]
  do_error_trap+0xd7/0x440 arch/x86/kernel/traps.c:272
  do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:291
  invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1028
RIP: 0010:hlock_class kernel/locking/lockdep.c:167 [inline]
RIP: 0010:mark_lock+0x8d2/0x1650 kernel/locking/lockdep.c:3643
Code: 0f 85 af 02 00 00 83 3d 8f 7a 65 07 00 0f 85 7a f8 ff ff 31 db 48 c7  
c7 24 71 36 88 48 c7 c6 3c 2f 3b 88 31 c0 e8 be f4 ec ff <0f> 0b e9 6e f8  
ff ff 4c 69 f3 b0 00 00 00 48 c7 c0 d0 f4 1c 89 4c
RSP: 0018:ffff8880aea09520 EFLAGS: 00010046
RAX: 7cc85c2266612300 RBX: 0000000000000000 RCX: ffff88809907a480
RDX: 0000000080000502 RSI: 0000000000000001 RDI: ffffffff815cbf54
RBP: ffff8880aea09620 R08: ffffffff8178fcea R09: fffffbfff111a493
R10: fffffbfff111a493 R11: 0000000000000000 R12: 1ffff1101320f5c5
R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000010
  mark_usage kernel/locking/lockdep.c:3566 [inline]
  __lock_acquire+0x5a0/0x1be0 kernel/locking/lockdep.c:3909
  lock_acquire+0x158/0x250 kernel/locking/lockdep.c:4487
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2d/0x40 kernel/locking/spinlock.c:151
  spin_lock include/linux/spinlock.h:338 [inline]
  __netif_tx_lock include/linux/netdevice.h:3897 [inline]
  sch_direct_xmit+0x154/0xd50 net/sched/sch_generic.c:311
  __dev_xmit_skb net/core/dev.c:3400 [inline]
  __dev_queue_xmit+0x1bf7/0x3010 net/core/dev.c:3761
  dev_queue_xmit+0x17/0x20 net/core/dev.c:3825
  neigh_hh_output include/net/neighbour.h:500 [inline]
  neigh_output include/net/neighbour.h:509 [inline]
  ip6_finish_output2+0xff2/0x13b0 net/ipv6/ip6_output.c:116
  __ip6_finish_output+0x693/0x8c0 net/ipv6/ip6_output.c:142
  ip6_finish_output+0x52/0x1e0 net/ipv6/ip6_output.c:152
  NF_HOOK_COND include/linux/netfilter.h:294 [inline]
  ip6_output+0x26f/0x370 net/ipv6/ip6_output.c:175
  dst_output include/net/dst.h:436 [inline]
  NF_HOOK include/linux/netfilter.h:305 [inline]
  mld_sendpack+0x770/0xb80 net/ipv6/mcast.c:1682
  mld_send_initial_cr+0x24c/0x2c0 net/ipv6/mcast.c:2099
  mld_dad_timer_expire+0x2e/0x350 net/ipv6/mcast.c:2118
  call_timer_fn+0x95/0x170 kernel/time/timer.c:1404
  expire_timers kernel/time/timer.c:1449 [inline]
  __run_timers+0x7b6/0x990 kernel/time/timer.c:1773
  run_timer_softirq+0x4a/0x90 kernel/time/timer.c:1786
  __do_softirq+0x333/0x7c4 arch/x86/include/asm/paravirt.h:766
  invoke_softirq kernel/softirq.c:373 [inline]
  irq_exit+0x227/0x230 kernel/softirq.c:413
  exiting_irq arch/x86/include/asm/apic.h:536 [inline]
  smp_apic_timer_interrupt+0x113/0x280 arch/x86/kernel/apic/apic.c:1137
  apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:830
  </IRQ>
RIP: 0010:update_stack_state+0x3c/0x530 arch/x86/kernel/unwind_frame.c:196
Code: 00 00 49 89 f5 49 89 ff 65 48 8b 04 25 28 00 00 00 48 89 45 d0 48 bb  
00 00 00 00 00 fc ff df 48 89 f8 48 c1 e8 03 48 89 45 a8 <8a> 04 18 84 c0  
0f 85 71 03 00 00 41 8b 07 89 45 a4 4d 8d 67 58 4c
RSP: 0018:ffff888097ae7520 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff13
RAX: 1ffff11012f5ced0 RBX: dffffc0000000000 RCX: 0000000000000000
RDX: 0000000000000009 RSI: ffff888097ae7f48 RDI: ffff888097ae7680
RBP: ffff888097ae75c8 R08: ffffffff81629dbd R09: ffff888097ae7680
R10: ffffed1012f5cedc R11: 0000000000000000 R12: ffff888097ae7f48
R13: ffff888097ae7f48 R14: ffff888097ae76d0 R15: ffff888097ae7680
  unwind_next_frame+0x3f1/0x7a0 arch/x86/kernel/unwind_frame.c:311
  arch_stack_walk+0xb4/0xe0 arch/x86/kernel/stacktrace.c:25
  stack_trace_save+0xb6/0x150 kernel/stacktrace.c:123
  save_stack mm/kasan/common.c:69 [inline]
  set_track mm/kasan/common.c:77 [inline]
  __kasan_kmalloc+0x11c/0x1b0 mm/kasan/common.c:510
  kasan_kmalloc+0x9/0x10 mm/kasan/common.c:524
  __do_kmalloc_node mm/slab.c:3615 [inline]
  __kmalloc_node_track_caller+0x4d/0x60 mm/slab.c:3629
  __kmalloc_reserve net/core/skbuff.c:141 [inline]
  __alloc_skb+0xe8/0x500 net/core/skbuff.c:209
  alloc_skb include/linux/skbuff.h:1049 [inline]
  alloc_skb_with_frags+0xb6/0x600 net/core/skbuff.c:5662
  sock_alloc_send_pskb+0x7cc/0xbc0 net/core/sock.c:2244
  unix_dgram_sendmsg+0x612/0x2460 net/unix/af_unix.c:1625
  sock_sendmsg_nosec net/socket.c:637 [inline]
  sock_sendmsg net/socket.c:657 [inline]
  __sys_sendto+0x442/0x5e0 net/socket.c:1952
  __do_sys_sendto net/socket.c:1964 [inline]
  __se_sys_sendto net/socket.c:1960 [inline]
  __x64_sys_sendto+0xe5/0x100 net/socket.c:1960
  do_syscall_64+0xf7/0x1c0 arch/x86/entry/common.c:290
  entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f31c173d282
Code: 48 83 c8 ff eb ea 90 90 53 48 83 ec 20 8b 05 81 d3 2a 00 85 c0 75 21  
45 31 c9 45 31 c0 4c 63 d1 48 63 ff b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff  
ff 77 61 48 83 c4 20 5b c3 48 89 54 24 08 89 0c 24
RSP: 002b:00007ffdbd60f5e0 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 000000000063a3c0 RCX: 00007f31c173d282
RDX: 0000000000000008 RSI: 00007ffdbd60f630 RDI: 0000000000000009
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
R13: 000000000063d8f0 R14: 000000000063a250 R15: 000000000000000b
Kernel Offset: disabled
Rebooting in 86400 seconds..


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-26  9:05 WARNING in mark_lock (3) syzbot
@ 2019-11-27 19:30 ` syzbot
  2019-11-28  2:00 ` syzbot
  1 sibling, 0 replies; 8+ messages in thread
From: syzbot @ 2019-11-27 19:30 UTC (permalink / raw)
  To: davem, jhs, jiri, linux-kernel, netdev, syzkaller-bugs, xiyou.wangcong

syzbot has found a reproducer for the following crash on:

HEAD commit:    89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=117804dae00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=595c15c951695d1b
dashboard link: https://syzkaller.appspot.com/bug?extid=a229d8d995b74f8c4b6c
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1511af5ee00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16e0f17ae00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+a229d8d995b74f8c4b6c@syzkaller.appspotmail.com

------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 0 at kernel/locking/lockdep.c:167 hlock_class  
kernel/locking/lockdep.c:167 [inline]
WARNING: CPU: 0 PID: 0 at kernel/locking/lockdep.c:167 hlock_class  
kernel/locking/lockdep.c:156 [inline]
WARNING: CPU: 0 PID: 0 at kernel/locking/lockdep.c:167  
mark_lock+0x22b/0x1220 kernel/locking/lockdep.c:3643
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
Call Trace:
  <IRQ>
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x197/0x210 lib/dump_stack.c:118
  panic+0x2e3/0x75c kernel/panic.c:221
  __warn.cold+0x2f/0x3e kernel/panic.c:582
  report_bug+0x289/0x300 lib/bug.c:195
  fixup_bug arch/x86/kernel/traps.c:174 [inline]
  fixup_bug arch/x86/kernel/traps.c:169 [inline]
  do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
  do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
  invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:hlock_class kernel/locking/lockdep.c:167 [inline]
RIP: 0010:hlock_class kernel/locking/lockdep.c:156 [inline]
RIP: 0010:mark_lock+0x22b/0x1220 kernel/locking/lockdep.c:3643
Code: d0 7c 08 84 d2 0f 85 a8 0e 00 00 44 8b 1d ed e6 8d 08 45 85 db 75 b6  
48 c7 c6 00 19 cc 87 48 c7 c7 40 19 cc 87 e8 e4 2d eb ff <0f> 0b 31 db e9  
aa fe ff ff 48 c7 c7 a0 08 d0 8a e8 f0 fb 56 00 e9
RSP: 0018:ffff8880ae809308 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffffffff815dc196 RDI: ffffed1015d01253
RBP: ffff8880ae809358 R08: ffffffff8907a1c0 R09: fffffbfff1234161
R10: fffffbfff1234160 R11: ffffffff891a0b03 R12: 0000000000000004
R13: ffffffff8907ab48 R14: 0000000000000001 R15: 00000000000425c6
  mark_usage kernel/locking/lockdep.c:3566 [inline]
  __lock_acquire+0x1e8e/0x4a00 kernel/locking/lockdep.c:3909
  lock_acquire+0x190/0x410 kernel/locking/lockdep.c:4485
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:151
  spin_lock include/linux/spinlock.h:338 [inline]
  __netif_tx_lock include/linux/netdevice.h:3925 [inline]
  sch_direct_xmit+0x2e0/0xd30 net/sched/sch_generic.c:311
  __dev_xmit_skb net/core/dev.c:3621 [inline]
  __dev_queue_xmit+0x270a/0x35c0 net/core/dev.c:3982
  dev_queue_xmit+0x18/0x20 net/core/dev.c:4046
  neigh_resolve_output net/core/neighbour.c:1490 [inline]
  neigh_resolve_output+0x5c4/0x990 net/core/neighbour.c:1470
  neigh_output include/net/neighbour.h:511 [inline]
  ip6_finish_output2+0x109a/0x25c0 net/ipv6/ip6_output.c:116
  __ip6_finish_output+0x444/0xaa0 net/ipv6/ip6_output.c:142
  ip6_finish_output+0x38/0x1f0 net/ipv6/ip6_output.c:152
  NF_HOOK_COND include/linux/netfilter.h:296 [inline]
  ip6_output+0x25e/0x880 net/ipv6/ip6_output.c:175
  dst_output include/net/dst.h:436 [inline]
  NF_HOOK include/linux/netfilter.h:307 [inline]
  NF_HOOK include/linux/netfilter.h:301 [inline]
  mld_sendpack+0x9c2/0xed0 net/ipv6/mcast.c:1682
  mld_send_cr net/ipv6/mcast.c:1978 [inline]
  mld_ifc_timer_expire+0x454/0x950 net/ipv6/mcast.c:2477
  call_timer_fn+0x1ac/0x780 kernel/time/timer.c:1404
  expire_timers kernel/time/timer.c:1449 [inline]
  __run_timers kernel/time/timer.c:1773 [inline]
  __run_timers kernel/time/timer.c:1740 [inline]
  run_timer_softirq+0x6c3/0x1790 kernel/time/timer.c:1786
  __do_softirq+0x262/0x98c kernel/softirq.c:292
  invoke_softirq kernel/softirq.c:373 [inline]
  irq_exit+0x19b/0x1e0 kernel/softirq.c:413
  exiting_irq arch/x86/include/asm/apic.h:536 [inline]
  smp_apic_timer_interrupt+0x1a3/0x610 arch/x86/kernel/apic/apic.c:1137
  apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
  </IRQ>
RIP: 0010:native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:61
Code: 58 25 4f fa eb 8a cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d 24 c9 66  
00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 14 c9 66 00 fb f4 <c3> cc 55 48 89  
e5 41 57 41 56 41 55 41 54 53 e8 5e 42 00 fa e8 b9
RSP: 0018:ffffffff89007ce8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1226656 RBX: ffffffff8907a1c0 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffffffff8907aa54
RBP: ffffffff89007d18 R08: ffffffff8907a1c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
R13: ffffffff89e789c0 R14: 0000000000000000 R15: 0000000000000000
  arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:690
  default_idle_call+0x84/0xb0 kernel/sched/idle.c:94
  cpuidle_idle_call kernel/sched/idle.c:154 [inline]
  do_idle+0x3c8/0x6e0 kernel/sched/idle.c:269
  cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:361
  rest_init+0x23b/0x371 init/main.c:451
  arch_call_rest_init+0xe/0x1b
  start_kernel+0x904/0x943 init/main.c:784
  x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:490
  x86_64_start_kernel+0x77/0x7b arch/x86/kernel/head64.c:471
  secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at kernel/locking/mutex.c:1419  
mutex_trylock+0x279/0x2f0 kernel/locking/mutex.c:1427
Modules linked in:
CPU: 0 PID: 0 Comm: swapper/0 Not tainted 5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
RIP: 0010:mutex_trylock+0x279/0x2f0 kernel/locking/mutex.c:1419
Code: c9 41 b8 01 00 00 00 31 c9 ba 01 00 00 00 31 f6 e8 0c 5e f9 f9 58 48  
8d 65 d8 b8 01 00 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 <0f> 0b e9 0c fe  
ff ff 48 c7 c7 a0 08 d0 8a 48 89 4d d0 e8 70 e7 4f
RSP: 0018:ffff8880ae808ec8 EFLAGS: 00010006
RAX: 0000000000000504 RBX: 1ffff11015d011e1 RCX: 0000000000000004
RDX: 0000000000000100 RSI: ffffffff816b4095 RDI: ffffffff891c9b60
RBP: ffff8880ae808ef8 R08: 0000000000000001 R09: fffffbfff12346bd
R10: fffffbfff12346bc R11: ffffffff891a35e3 R12: ffffffff8ad008a0
R13: 0000000000000000 R14: ffffffff8159d400 R15: ffffffff891c9b60
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000200001c0 CR3: 00000000a5da3000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
  <IRQ>
  __crash_kexec+0x91/0x200 kernel/kexec_core.c:948
  panic+0x308/0x75c kernel/panic.c:241
  __warn.cold+0x2f/0x3e kernel/panic.c:582
  report_bug+0x289/0x300 lib/bug.c:195
  fixup_bug arch/x86/kernel/traps.c:174 [inline]
  fixup_bug arch/x86/kernel/traps.c:169 [inline]
  do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
  do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
  invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:hlock_class kernel/locking/lockdep.c:167 [inline]
RIP: 0010:hlock_class kernel/locking/lockdep.c:156 [inline]
RIP: 0010:mark_lock+0x22b/0x1220 kernel/locking/lockdep.c:3643
Code: d0 7c 08 84 d2 0f 85 a8 0e 00 00 44 8b 1d ed e6 8d 08 45 85 db 75 b6  
48 c7 c6 00 19 cc 87 48 c7 c7 40 19 cc 87 e8 e4 2d eb ff <0f> 0b 31 db e9  
aa fe ff ff 48 c7 c7 a0 08 d0 8a e8 f0 fb 56 00 e9
RSP: 0018:ffff8880ae809308 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffffffff815dc196 RDI: ffffed1015d01253
RBP: ffff8880ae809358 R08: ffffffff8907a1c0 R09: fffffbfff1234161
R10: fffffbfff1234160 R11: ffffffff891a0b03 R12: 0000000000000004
R13: ffffffff8907ab48 R14: 0000000000000001 R15: 00000000000425c6
  mark_usage kernel/locking/lockdep.c:3566 [inline]
  __lock_acquire+0x1e8e/0x4a00 kernel/locking/lockdep.c:3909
  lock_acquire+0x190/0x410 kernel/locking/lockdep.c:4485
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:151
  spin_lock include/linux/spinlock.h:338 [inline]
  __netif_tx_lock include/linux/netdevice.h:3925 [inline]
  sch_direct_xmit+0x2e0/0xd30 net/sched/sch_generic.c:311
  __dev_xmit_skb net/core/dev.c:3621 [inline]
  __dev_queue_xmit+0x270a/0x35c0 net/core/dev.c:3982
  dev_queue_xmit+0x18/0x20 net/core/dev.c:4046
  neigh_resolve_output net/core/neighbour.c:1490 [inline]
  neigh_resolve_output+0x5c4/0x990 net/core/neighbour.c:1470
  neigh_output include/net/neighbour.h:511 [inline]
  ip6_finish_output2+0x109a/0x25c0 net/ipv6/ip6_output.c:116
  __ip6_finish_output+0x444/0xaa0 net/ipv6/ip6_output.c:142
  ip6_finish_output+0x38/0x1f0 net/ipv6/ip6_output.c:152
  NF_HOOK_COND include/linux/netfilter.h:296 [inline]
  ip6_output+0x25e/0x880 net/ipv6/ip6_output.c:175
  dst_output include/net/dst.h:436 [inline]
  NF_HOOK include/linux/netfilter.h:307 [inline]
  NF_HOOK include/linux/netfilter.h:301 [inline]
  mld_sendpack+0x9c2/0xed0 net/ipv6/mcast.c:1682
  mld_send_cr net/ipv6/mcast.c:1978 [inline]
  mld_ifc_timer_expire+0x454/0x950 net/ipv6/mcast.c:2477
  call_timer_fn+0x1ac/0x780 kernel/time/timer.c:1404
  expire_timers kernel/time/timer.c:1449 [inline]
  __run_timers kernel/time/timer.c:1773 [inline]
  __run_timers kernel/time/timer.c:1740 [inline]
  run_timer_softirq+0x6c3/0x1790 kernel/time/timer.c:1786
  __do_softirq+0x262/0x98c kernel/softirq.c:292
  invoke_softirq kernel/softirq.c:373 [inline]
  irq_exit+0x19b/0x1e0 kernel/softirq.c:413
  exiting_irq arch/x86/include/asm/apic.h:536 [inline]
  smp_apic_timer_interrupt+0x1a3/0x610 arch/x86/kernel/apic/apic.c:1137
  apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
  </IRQ>
RIP: 0010:native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:61
Code: 58 25 4f fa eb 8a cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d 24 c9 66  
00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 14 c9 66 00 fb f4 <c3> cc 55 48 89  
e5 41 57 41 56 41 55 41 54 53 e8 5e 42 00 fa e8 b9
RSP: 0018:ffffffff89007ce8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1226656 RBX: ffffffff8907a1c0 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffffffff8907aa54
RBP: ffffffff89007d18 R08: ffffffff8907a1c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
R13: ffffffff89e789c0 R14: 0000000000000000 R15: 0000000000000000
  arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:690
  default_idle_call+0x84/0xb0 kernel/sched/idle.c:94
  cpuidle_idle_call kernel/sched/idle.c:154 [inline]
  do_idle+0x3c8/0x6e0 kernel/sched/idle.c:269
  cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:361
  rest_init+0x23b/0x371 init/main.c:451
  arch_call_rest_init+0xe/0x1b
  start_kernel+0x904/0x943 init/main.c:784
  x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:490
  x86_64_start_kernel+0x77/0x7b arch/x86/kernel/head64.c:471
  secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242
irq event stamp: 169380
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
seqcount_lockdep_reader_access include/linux/seqlock.h:83 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
read_seqcount_begin include/linux/seqlock.h:164 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>] read_seqbegin  
include/linux/seqlock.h:433 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
neigh_resolve_output net/core/neighbour.c:1484 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
neigh_resolve_output+0x3e8/0x990 net/core/neighbour.c:1470
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
seqcount_lockdep_reader_access include/linux/seqlock.h:80 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
read_seqcount_begin include/linux/seqlock.h:164 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>] read_seqbegin  
include/linux/seqlock.h:433 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
neigh_resolve_output net/core/neighbour.c:1484 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
neigh_resolve_output+0x390/0x990 net/core/neighbour.c:1470
softirqs last  enabled at (169342): [<ffffffff81468f2c>]  
_local_bh_enable+0x1c/0x30 kernel/softirq.c:162
softirqs last disabled at (169343): [<ffffffff8146b92b>] invoke_softirq  
kernel/softirq.c:373 [inline]
softirqs last disabled at (169343): [<ffffffff8146b92b>]  
irq_exit+0x19b/0x1e0 kernel/softirq.c:413
---[ end trace 2daec1acd3cd1e7d ]---
------------[ cut here ]------------
WARNING: CPU: 0 PID: 0 at kernel/locking/mutex.c:737 mutex_unlock+0x1d/0x30  
kernel/locking/mutex.c:744
Modules linked in:
CPU: 0 PID: 0 Comm: swapper/0 Tainted: G        W         5.4.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
RIP: 0010:mutex_unlock+0x1d/0x30 kernel/locking/mutex.c:737
Code: 4c 89 ff e8 c5 f2 4f fa e9 8c fb ff ff 55 65 8b 05 00 40 a1 78 a9 00  
ff 1f 00 48 89 e5 75 0b 48 8b 75 08 e8 45 f9 ff ff 5d c3 <0f> 0b 48 8b 75  
08 e8 38 f9 ff ff 5d c3 66 0f 1f 44 00 00 48 b8 00
RSP: 0018:ffff8880ae808ef8 EFLAGS: 00010006
RAX: 0000000000000504 RBX: 1ffff11015d011e1 RCX: ffffffff816b40ad
RDX: 0000000000000100 RSI: ffffffff816b410f RDI: ffffffff891c9b60
RBP: ffff8880ae808ef8 R08: ffffffff8907a1c0 R09: 0000000000000000
R10: fffffbfff123936c R11: ffffffff891c9b67 R12: 0000000000000001
R13: 0000000000000000 R14: ffffffff8159d400 R15: 00000000000000a7
FS:  0000000000000000(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000200001c0 CR3: 00000000a5da3000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
  <IRQ>
  __crash_kexec+0x10b/0x200 kernel/kexec_core.c:957
  panic+0x308/0x75c kernel/panic.c:241
  __warn.cold+0x2f/0x3e kernel/panic.c:582
  report_bug+0x289/0x300 lib/bug.c:195
  fixup_bug arch/x86/kernel/traps.c:174 [inline]
  fixup_bug arch/x86/kernel/traps.c:169 [inline]
  do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:267
  do_invalid_op+0x37/0x50 arch/x86/kernel/traps.c:286
  invalid_op+0x23/0x30 arch/x86/entry/entry_64.S:1027
RIP: 0010:hlock_class kernel/locking/lockdep.c:167 [inline]
RIP: 0010:hlock_class kernel/locking/lockdep.c:156 [inline]
RIP: 0010:mark_lock+0x22b/0x1220 kernel/locking/lockdep.c:3643
Code: d0 7c 08 84 d2 0f 85 a8 0e 00 00 44 8b 1d ed e6 8d 08 45 85 db 75 b6  
48 c7 c6 00 19 cc 87 48 c7 c7 40 19 cc 87 e8 e4 2d eb ff <0f> 0b 31 db e9  
aa fe ff ff 48 c7 c7 a0 08 d0 8a e8 f0 fb 56 00 e9
RSP: 0018:ffff8880ae809308 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000100 RSI: ffffffff815dc196 RDI: ffffed1015d01253
RBP: ffff8880ae809358 R08: ffffffff8907a1c0 R09: fffffbfff1234161
R10: fffffbfff1234160 R11: ffffffff891a0b03 R12: 0000000000000004
R13: ffffffff8907ab48 R14: 0000000000000001 R15: 00000000000425c6
  mark_usage kernel/locking/lockdep.c:3566 [inline]
  __lock_acquire+0x1e8e/0x4a00 kernel/locking/lockdep.c:3909
  lock_acquire+0x190/0x410 kernel/locking/lockdep.c:4485
  __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
  _raw_spin_lock+0x2f/0x40 kernel/locking/spinlock.c:151
  spin_lock include/linux/spinlock.h:338 [inline]
  __netif_tx_lock include/linux/netdevice.h:3925 [inline]
  sch_direct_xmit+0x2e0/0xd30 net/sched/sch_generic.c:311
  __dev_xmit_skb net/core/dev.c:3621 [inline]
  __dev_queue_xmit+0x270a/0x35c0 net/core/dev.c:3982
  dev_queue_xmit+0x18/0x20 net/core/dev.c:4046
  neigh_resolve_output net/core/neighbour.c:1490 [inline]
  neigh_resolve_output+0x5c4/0x990 net/core/neighbour.c:1470
  neigh_output include/net/neighbour.h:511 [inline]
  ip6_finish_output2+0x109a/0x25c0 net/ipv6/ip6_output.c:116
  __ip6_finish_output+0x444/0xaa0 net/ipv6/ip6_output.c:142
  ip6_finish_output+0x38/0x1f0 net/ipv6/ip6_output.c:152
  NF_HOOK_COND include/linux/netfilter.h:296 [inline]
  ip6_output+0x25e/0x880 net/ipv6/ip6_output.c:175
  dst_output include/net/dst.h:436 [inline]
  NF_HOOK include/linux/netfilter.h:307 [inline]
  NF_HOOK include/linux/netfilter.h:301 [inline]
  mld_sendpack+0x9c2/0xed0 net/ipv6/mcast.c:1682
  mld_send_cr net/ipv6/mcast.c:1978 [inline]
  mld_ifc_timer_expire+0x454/0x950 net/ipv6/mcast.c:2477
  call_timer_fn+0x1ac/0x780 kernel/time/timer.c:1404
  expire_timers kernel/time/timer.c:1449 [inline]
  __run_timers kernel/time/timer.c:1773 [inline]
  __run_timers kernel/time/timer.c:1740 [inline]
  run_timer_softirq+0x6c3/0x1790 kernel/time/timer.c:1786
  __do_softirq+0x262/0x98c kernel/softirq.c:292
  invoke_softirq kernel/softirq.c:373 [inline]
  irq_exit+0x19b/0x1e0 kernel/softirq.c:413
  exiting_irq arch/x86/include/asm/apic.h:536 [inline]
  smp_apic_timer_interrupt+0x1a3/0x610 arch/x86/kernel/apic/apic.c:1137
  apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
  </IRQ>
RIP: 0010:native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:61
Code: 58 25 4f fa eb 8a cc cc cc cc cc cc e9 07 00 00 00 0f 00 2d 24 c9 66  
00 f4 c3 66 90 e9 07 00 00 00 0f 00 2d 14 c9 66 00 fb f4 <c3> cc 55 48 89  
e5 41 57 41 56 41 55 41 54 53 e8 5e 42 00 fa e8 b9
RSP: 0018:ffffffff89007ce8 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1226656 RBX: ffffffff8907a1c0 RCX: 0000000000000000
RDX: dffffc0000000000 RSI: 0000000000000006 RDI: ffffffff8907aa54
RBP: ffffffff89007d18 R08: ffffffff8907a1c0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: dffffc0000000000
R13: ffffffff89e789c0 R14: 0000000000000000 R15: 0000000000000000
  arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:690
  default_idle_call+0x84/0xb0 kernel/sched/idle.c:94
  cpuidle_idle_call kernel/sched/idle.c:154 [inline]
  do_idle+0x3c8/0x6e0 kernel/sched/idle.c:269
  cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:361
  rest_init+0x23b/0x371 init/main.c:451
  arch_call_rest_init+0xe/0x1b
  start_kernel+0x904/0x943 init/main.c:784
  x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:490
  x86_64_start_kernel+0x77/0x7b arch/x86/kernel/head64.c:471
  secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242
irq event stamp: 169380
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
seqcount_lockdep_reader_access include/linux/seqlock.h:83 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
read_seqcount_begin include/linux/seqlock.h:164 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>] read_seqbegin  
include/linux/seqlock.h:433 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
neigh_resolve_output net/core/neighbour.c:1484 [inline]
hardirqs last  enabled at (169380): [<ffffffff85b80cd8>]  
neigh_resolve_output+0x3e8/0x990 net/core/neighbour.c:1470
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
seqcount_lockdep_reader_access include/linux/seqlock.h:80 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
read_seqcount_begin include/linux/seqlock.h:164 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>] read_seqbegin  
include/linux/seqlock.h:433 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
neigh_resolve_output net/core/neighbour.c:1484 [inline]
hardirqs last disabled at (169379): [<ffffffff85b80c80>]  
neigh_resolve_output+0x390/0x990 net/core/neighbour.c:1470
softirqs last  enabled at (169342): [<ffffffff81468f2c>]  
_local_bh_enable+0x1c/0x30 kernel/softirq.c:162
softirqs last disabled at (169343): [<ffffffff8146b92b>] invoke_softirq  
kernel/softirq.c:373 [inline]
softirqs last disabled at (169343): [<ffffffff8146b92b>]  
irq_exit+0x19b/0x1e0 kernel/softirq.c:413
---[ end trace 2daec1acd3cd1e7e ]---
Kernel Offset: disabled
Rebooting in 86400 seconds..


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-26  9:05 WARNING in mark_lock (3) syzbot
  2019-11-27 19:30 ` syzbot
@ 2019-11-28  2:00 ` syzbot
  2019-11-28  7:25   ` Sven Eckelmann
  1 sibling, 1 reply; 8+ messages in thread
From: syzbot @ 2019-11-28  2:00 UTC (permalink / raw)
  To: a, b.a.t.m.a.n, davem, jakub.kicinski, jhs, jiri, linux-kernel,
	mareklindner, netdev, sven, sw, syzkaller-bugs, vinicius.gomes,
	wang.yi59, xiyou.wangcong

syzbot has bisected this bug to:

commit d665c1281bc89ac85b8b0c058c22a3f94640a1d6
Author: Yi Wang <wang.yi59@zte.com.cn>
Date:   Mon Oct 21 23:57:42 2019 +0000

     net: sched: taprio: fix -Wmissing-prototypes warnings

bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=132ee536e00000
start commit:   89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
git tree:       upstream
final crash:    https://syzkaller.appspot.com/x/report.txt?x=10aee536e00000
console output: https://syzkaller.appspot.com/x/log.txt?x=172ee536e00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=595c15c951695d1b
dashboard link: https://syzkaller.appspot.com/bug?extid=a229d8d995b74f8c4b6c
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1511af5ee00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16e0f17ae00000

Reported-by: syzbot+a229d8d995b74f8c4b6c@syzkaller.appspotmail.com
Fixes: d665c1281bc8 ("net: sched: taprio: fix -Wmissing-prototypes  
warnings")

For information about bisection process see: https://goo.gl/tpsmEJ#bisection

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-28  2:00 ` syzbot
@ 2019-11-28  7:25   ` Sven Eckelmann
  2019-11-28  8:40     ` Dmitry Vyukov
  0 siblings, 1 reply; 8+ messages in thread
From: Sven Eckelmann @ 2019-11-28  7:25 UTC (permalink / raw)
  To: syzbot
  Cc: a, b.a.t.m.a.n, davem, jakub.kicinski, jhs, jiri, linux-kernel,
	mareklindner, netdev, sw, syzkaller-bugs, vinicius.gomes,
	wang.yi59, xiyou.wangcong

[-- Attachment #1: Type: text/plain, Size: 576 bytes --]

On Thursday, 28 November 2019 03:00:01 CET syzbot wrote:
[...]
> bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=132ee536e00000
> start commit:   89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
> git tree:       upstream
> final crash:    https://syzkaller.appspot.com/x/report.txt?x=10aee536e00000

Can the syzbot infrastructure be told to ignore this crash in the bisect run? 
Because this should be an unrelated crash which is (hopefully) fixed in 
40e220b4218b ("batman-adv: Avoid free/alloc race when handling OGM buffer").

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-28  7:25   ` Sven Eckelmann
@ 2019-11-28  8:40     ` Dmitry Vyukov
  2019-11-28  8:46       ` Sven Eckelmann
  0 siblings, 1 reply; 8+ messages in thread
From: Dmitry Vyukov @ 2019-11-28  8:40 UTC (permalink / raw)
  To: Sven Eckelmann, syzkaller
  Cc: syzbot, a, b.a.t.m.a.n, David Miller, Jakub Kicinski,
	Jamal Hadi Salim, Jiří Pírko, LKML, mareklindner,
	netdev, sw, syzkaller-bugs, vinicius.gomes, wang.yi59, Cong Wang

On Thu, Nov 28, 2019 at 8:25 AM Sven Eckelmann <sven@narfation.org> wrote:
>
> On Thursday, 28 November 2019 03:00:01 CET syzbot wrote:
> [...]
> > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=132ee536e00000
> > start commit:   89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
> > git tree:       upstream
> > final crash:    https://syzkaller.appspot.com/x/report.txt?x=10aee536e00000
>
> Can the syzbot infrastructure be told to ignore this crash in the bisect run?
> Because this should be an unrelated crash which is (hopefully) fixed in
> 40e220b4218b ("batman-adv: Avoid free/alloc race when handling OGM buffer").

+syzkaller mailing list for syzbot discussion

Hi Sven,

There is no such functionality at the moment.
What exactly do you mean? Somehow telling it interactively? Or
hardcode some set of crashes for linux? I don't see how any of these
options can really work...

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-28  8:40     ` Dmitry Vyukov
@ 2019-11-28  8:46       ` Sven Eckelmann
  2019-11-28  8:54         ` Dmitry Vyukov
  0 siblings, 1 reply; 8+ messages in thread
From: Sven Eckelmann @ 2019-11-28  8:46 UTC (permalink / raw)
  To: Dmitry Vyukov
  Cc: syzkaller, syzbot, a, b.a.t.m.a.n, David Miller, Jakub Kicinski,
	Jamal Hadi Salim, Jiří Pírko, LKML, mareklindner,
	netdev, sw, syzkaller-bugs, vinicius.gomes, wang.yi59, Cong Wang

[-- Attachment #1: Type: text/plain, Size: 1409 bytes --]

On Thursday, 28 November 2019 09:40:32 CET Dmitry Vyukov wrote:
> On Thu, Nov 28, 2019 at 8:25 AM Sven Eckelmann <sven@narfation.org> wrote:
> >
> > On Thursday, 28 November 2019 03:00:01 CET syzbot wrote:
> > [...]
> > > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=132ee536e00000
> > > start commit:   89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
> > > git tree:       upstream
> > > final crash:    https://syzkaller.appspot.com/x/report.txt?x=10aee536e00000
> >
> > Can the syzbot infrastructure be told to ignore this crash in the bisect run?
> > Because this should be an unrelated crash which is (hopefully) fixed in
> > 40e220b4218b ("batman-adv: Avoid free/alloc race when handling OGM buffer").
> 
> +syzkaller mailing list for syzbot discussion
> 
> Hi Sven,
> 
> There is no such functionality at the moment.
> What exactly do you mean? Somehow telling it interactively? Or
> hardcode some set of crashes for linux? I don't see how any of these
> options can really work...

I was thinking more about rerunning the same bisect but tell it to assume 
"crashed: general protection fault in batadv_iv_ogm_queue_add" as OK instead 
of assuming that it is a crashed like the previous "crashed: WARNING in 
mark_lock". Just to get a non-bogus bisect result. Or try to rerun the
bisect between 40e220b4218b and 89d57dddd7d319ded00415790a0bb3c954b7e386

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-28  8:46       ` Sven Eckelmann
@ 2019-11-28  8:54         ` Dmitry Vyukov
  2019-11-28  9:03           ` Sven Eckelmann
  0 siblings, 1 reply; 8+ messages in thread
From: Dmitry Vyukov @ 2019-11-28  8:54 UTC (permalink / raw)
  To: Sven Eckelmann
  Cc: syzkaller, syzbot, a, b.a.t.m.a.n, David Miller, Jakub Kicinski,
	Jamal Hadi Salim, Jiří Pírko, LKML, mareklindner,
	netdev, sw, syzkaller-bugs, vinicius.gomes, wang.yi59, Cong Wang

On Thu, Nov 28, 2019 at 9:46 AM Sven Eckelmann <sven@narfation.org> wrote:
>
> On Thursday, 28 November 2019 09:40:32 CET Dmitry Vyukov wrote:
> > On Thu, Nov 28, 2019 at 8:25 AM Sven Eckelmann <sven@narfation.org> wrote:
> > >
> > > On Thursday, 28 November 2019 03:00:01 CET syzbot wrote:
> > > [...]
> > > > bisection log:  https://syzkaller.appspot.com/x/bisect.txt?x=132ee536e00000
> > > > start commit:   89d57ddd Merge tag 'media/v5.5-1' of git://git.kernel.org/..
> > > > git tree:       upstream
> > > > final crash:    https://syzkaller.appspot.com/x/report.txt?x=10aee536e00000
> > >
> > > Can the syzbot infrastructure be told to ignore this crash in the bisect run?
> > > Because this should be an unrelated crash which is (hopefully) fixed in
> > > 40e220b4218b ("batman-adv: Avoid free/alloc race when handling OGM buffer").
> >
> > +syzkaller mailing list for syzbot discussion
> >
> > Hi Sven,
> >
> > There is no such functionality at the moment.
> > What exactly do you mean? Somehow telling it interactively? Or
> > hardcode some set of crashes for linux? I don't see how any of these
> > options can really work...
>
> I was thinking more about rerunning the same bisect but tell it to assume
> "crashed: general protection fault in batadv_iv_ogm_queue_add" as OK instead
> of assuming that it is a crashed like the previous "crashed: WARNING in
> mark_lock". Just to get a non-bogus bisect result. Or try to rerun the
> bisect between 40e220b4218b and 89d57dddd7d319ded00415790a0bb3c954b7e386

But... but this done by a program. What do you mean by "tell it"?

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: WARNING in mark_lock (3)
  2019-11-28  8:54         ` Dmitry Vyukov
@ 2019-11-28  9:03           ` Sven Eckelmann
  0 siblings, 0 replies; 8+ messages in thread
From: Sven Eckelmann @ 2019-11-28  9:03 UTC (permalink / raw)
  To: Dmitry Vyukov
  Cc: syzkaller, syzbot, a, b.a.t.m.a.n, David Miller, Jakub Kicinski,
	Jamal Hadi Salim, Jiří Pírko, LKML, mareklindner,
	netdev, sw, syzkaller-bugs, vinicius.gomes, wang.yi59, Cong Wang

[-- Attachment #1: Type: text/plain, Size: 663 bytes --]

On Thursday, 28 November 2019 09:54:15 CET Dmitry Vyukov wrote:
[...]
> > I was thinking more about rerunning the same bisect but tell it to assume
> > "crashed: general protection fault in batadv_iv_ogm_queue_add" as OK instead
> > of assuming that it is a crashed like the previous "crashed: WARNING in
> > mark_lock". Just to get a non-bogus bisect result. Or try to rerun the
> > bisect between 40e220b4218b and 89d57dddd7d319ded00415790a0bb3c954b7e386
> 
> But... but this done by a program. What do you mean by "tell it"?

Sorry that I asked about what the infrastructure around syzbot can do and
how the interaction with it looks like.

Kind regards,
	Sven

[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2019-11-28  9:03 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-26  9:05 WARNING in mark_lock (3) syzbot
2019-11-27 19:30 ` syzbot
2019-11-28  2:00 ` syzbot
2019-11-28  7:25   ` Sven Eckelmann
2019-11-28  8:40     ` Dmitry Vyukov
2019-11-28  8:46       ` Sven Eckelmann
2019-11-28  8:54         ` Dmitry Vyukov
2019-11-28  9:03           ` Sven Eckelmann

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).