syzbot


suspicious RCU usage at ./include/net/inet_sock.h:LINE

Status: fixed on 2019/11/08 07:00
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+79de6f09efc55fec084b706de3c91e9457433ac5@syzkaller.appspotmail.com
Fix commit: 3f32d0be6c16 tipc: lock wakeup & inputq at tipc_link_reset()
First crash: 2412d, last: 2321d
Fix bisection: fixed by (bisect log) :
commit 3f32d0be6c16b902b687453c962d17eea5b8ea19
Author: Parthasarathy Bhuvaragan <parthasarathy.bhuvaragan@ericsson.com>
Date: Tue Sep 25 20:09:10 2018 +0000

  tipc: lock wakeup & inputq at tipc_link_reset()

  
Discussions (1)
Title Replies (including bot) Last reply
suspicious RCU usage at ./include/net/inet_sock.h:LINE 4 (6) 2019/11/07 13:42

Sample crash report:
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable

=============================
WARNING: suspicious RCU usage
4.15.0-rc5+ #237 Not tainted
-----------------------------
./include/net/inet_sock.h:136 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syzkaller887639/5545:
 #0:  (sk_lock-AF_INET6){+.+.}, at: [<00000000f2d84def>] lock_sock include/net/sock.h:1461 [inline]
 #0:  (sk_lock-AF_INET6){+.+.}, at: [<00000000f2d84def>] do_ipv6_setsockopt.isra.9+0x23d/0x38f0 net/ipv6/ipv6_sockglue.c:167

stack backtrace:
CPU: 0 PID: 5545 Comm: syzkaller887639 Not tainted 4.15.0-rc5+ #237
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585
 ireq_opt_deref include/net/inet_sock.h:135 [inline]
 inet_csk_route_req+0x82a/0xca0 net/ipv4/inet_connection_sock.c:544
 dccp_v4_send_response+0xa7/0x640 net/dccp/ipv4.c:485
 dccp_v4_conn_request+0x9f4/0x11b0 net/dccp/ipv4.c:633
 dccp_v6_conn_request+0xd30/0x1350 net/dccp/ipv6.c:317
 dccp_rcv_state_process+0x574/0x1620 net/dccp/input.c:612
 dccp_v4_do_rcv+0xeb/0x160 net/dccp/ipv4.c:682
 dccp_v6_do_rcv+0x81a/0x9b0 net/dccp/ipv6.c:578
 sk_backlog_rcv include/net/sock.h:907 [inline]
 __release_sock+0x124/0x360 net/core/sock.c:2264
 release_sock+0xa4/0x2a0 net/core/sock.c:2779
 do_ipv6_setsockopt.isra.9+0x50f/0x38f0 net/ipv6/ipv6_sockglue.c:898
 ipv6_setsockopt+0xd7/0x150 net/ipv6/ipv6_sockglue.c:922
 dccp_setsockopt+0x85/0xd0 net/dccp/proto.c:573
 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1829 [inline]
 SyS_setsockopt+0x189/0x360 net/socket.c:1808
 entry_SYSCALL_64_fastpath+0x1f/0x96
RIP: 0033:0x445ec9
RSP: 002b:00007f900a03adb8 EFLAGS: 00000297 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00000000006dbc24 RCX: 0000000000445ec9
RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000004
RBP: 00000000006dbc20 R08: 0000000000000020 R09: 0000000000000000
R10: 000000002030a000 R11: 0000000000000297 R12: 0000000000000000
R13: 00007fff1a69b80f R14: 00007f900a03b9c0 R15: 0000000000000001

=============================
WARNING: suspicious RCU usage
4.15.0-rc5+ #237 Not tainted
-----------------------------
./include/net/inet_sock.h:136 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syzkaller887639/5545:
 #0:  (sk_lock-AF_INET6){+.+.}, at: [<00000000f2d84def>] lock_sock include/net/sock.h:1461 [inline]
 #0:  (sk_lock-AF_INET6){+.+.}, at: [<00000000f2d84def>] do_ipv6_setsockopt.isra.9+0x23d/0x38f0 net/ipv6/ipv6_sockglue.c:167

stack backtrace:
CPU: 0 PID: 5545 Comm: syzkaller887639 Not tainted 4.15.0-rc5+ #237
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x194/0x257 lib/dump_stack.c:53
 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4585
 ireq_opt_deref include/net/inet_sock.h:135 [inline]
 dccp_v4_send_response+0x4b0/0x640 net/dccp/ipv4.c:496
 dccp_v4_conn_request+0x9f4/0x11b0 net/dccp/ipv4.c:633
 dccp_v6_conn_request+0xd30/0x1350 net/dccp/ipv6.c:317
 dccp_rcv_state_process+0x574/0x1620 net/dccp/input.c:612
 dccp_v4_do_rcv+0xeb/0x160 net/dccp/ipv4.c:682
 dccp_v6_do_rcv+0x81a/0x9b0 net/dccp/ipv6.c:578
 sk_backlog_rcv include/net/sock.h:907 [inline]
 __release_sock+0x124/0x360 net/core/sock.c:2264
 release_sock+0xa4/0x2a0 net/core/sock.c:2779
 do_ipv6_setsockopt.isra.9+0x50f/0x38f0 net/ipv6/ipv6_sockglue.c:898
 ipv6_setsockopt+0xd7/0x150 net/ipv6/ipv6_sockglue.c:922
 dccp_setsockopt+0x85/0xd0 net/dccp/proto.c:573
 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1829 [inline]
 SyS_setsockopt+0x189/0x360 net/socket.c:1808
 entry_SYSCALL_64_fastpath+0x1f/0x96
RIP: 0033:0x445ec9
RSP: 002b:00007f900a03adb8 EFLAGS: 00000297 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00000000006dbc24 RCX: 0000000000445ec9
RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000004
RBP: 00000000006dbc20 R08: 0000000000000020 R09: 0000000000000000
R10: 000000002030a000 R11: 0000000000000297 R12: 0000000000000000
R13: 00007fff1a69b80f R14: 00007f900a03b9c0 R15: 0000000000000001
net_ratelimit: 924 callbacks suppressed
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable

Crashes (171):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/12/26 02:00 upstream 464e1d5f23cc 73aba437 .config console log report syz C ci-upstream-kasan-gce
2017/12/26 01:59 upstream 464e1d5f23cc 73aba437 .config console log report syz C ci-upstream-kasan-gce-386
2017/12/26 01:44 net-next-old fba961ab29e5 73aba437 .config console log report syz C ci-upstream-net-kasan-gce
2017/12/26 18:10 linux-next 0e08c463db38 73aba437 .config console log report syz C ci-upstream-next-kasan-gce
2017/12/26 07:29 mmots 37759fa6d0fa 73aba437 .config console log report syz C ci-upstream-mmots-kasan-gce
2018/01/27 13:35 upstream c4e0ca7fa241 1d18b112 .config console log report ci-upstream-kasan-gce
2018/01/27 00:07 upstream c4e0ca7fa241 1d18b112 .config console log report ci-upstream-kasan-gce
2018/01/26 22:46 upstream 993ca2068b04 1d18b112 .config console log report ci-upstream-kasan-gce
2018/01/25 19:33 upstream 5b7d27967dab 6b2a715e .config console log report ci-upstream-kasan-gce
2018/01/23 14:11 upstream 1995266727fa a5b7566c .config console log report ci-upstream-kasan-gce
2018/01/18 12:31 upstream 1d966eb4d632 56cc113a .config console log report ci-upstream-kasan-gce
2018/01/18 03:53 upstream 88dc7fca1800 b8970f31 .config console log report ci-upstream-kasan-gce
2018/01/13 22:12 upstream c92a9a461dff c9e7aeae .config console log report ci-upstream-kasan-gce
2018/01/08 19:39 upstream b2cd1df66037 93b4c6f1 .config console log report ci-upstream-kasan-gce
2018/01/02 11:39 upstream 30a7acd57389 00193447 .config console log report ci-upstream-kasan-gce
2018/01/02 06:23 upstream 30a7acd57389 00193447 .config console log report ci-upstream-kasan-gce
2017/12/19 03:21 upstream ace52288edf0 1c4160ef .config console log report ci-upstream-kasan-gce
2017/12/01 21:52 upstream 3c1c4ddffb58 2fa91450 .config console log report ci-upstream-kasan-gce
2018/01/24 22:29 upstream 5132ede0fe80 866f1102 .config console log report ci-upstream-kasan-gce-386
2018/01/01 22:18 upstream 30a7acd57389 00193447 .config console log report ci-upstream-kasan-gce-386
2017/12/15 09:54 upstream d455df0bcc00 ac20b98c .config console log report ci-upstream-kasan-gce-386
2017/12/06 21:13 upstream e56d565d67ae 5d643f8e .config console log report ci-upstream-kasan-gce-386
2017/12/04 09:52 upstream ae64f9bd1d36 48359b97 .config console log report ci-upstream-kasan-gce-386
2017/11/27 04:45 net-next-old 1d3b78bbc6e9 deb5f6ae .config console log report ci-upstream-kasan-gce-386
2017/11/25 16:15 net-next-old 1d3b78bbc6e9 deb5f6ae .config console log report ci-upstream-kasan-gce-386
2018/01/22 15:18 net-next-old 9d6474e458b1 228e3d95 .config console log report ci-upstream-net-kasan-gce
2018/01/22 08:59 net-next-old ebdd7b491b8a fbbdcd92 .config console log report ci-upstream-net-kasan-gce
2018/01/21 21:37 net-next-old cbcbeedbfd76 fbbdcd92 .config console log report ci-upstream-net-kasan-gce
2018/01/20 19:21 net-next-old 8565d26bcb2f fbbdcd92 .config console log report ci-upstream-net-kasan-gce
2018/01/20 18:37 net-next-old 8565d26bcb2f fbbdcd92 .config console log report ci-upstream-net-kasan-gce
2018/01/20 06:37 net-next-old 43dd7512b51c fbbdcd92 .config console log report ci-upstream-net-kasan-gce
2018/01/19 15:26 net-next-old ef58ca38dbda 161c1d64 .config console log report ci-upstream-net-kasan-gce
2018/01/19 12:48 net-next-old ef58ca38dbda 161c1d64 .config console log report ci-upstream-net-kasan-gce
2018/01/19 06:07 net-next-old d680b3524cd2 161c1d64 .config console log report ci-upstream-net-kasan-gce
2018/01/18 21:08 net-next-old d680b3524cd2 161c1d64 .config console log report ci-upstream-net-kasan-gce
2018/01/18 13:06 net-next-old 4f7d58517f46 56cc113a .config console log report ci-upstream-net-kasan-gce
2018/01/18 09:28 net-next-old 4f7d58517f46 56cc113a .config console log report ci-upstream-net-kasan-gce
2018/01/17 17:48 net-next-old c02b3741eb99 a46e5318 .config console log report ci-upstream-net-kasan-gce
2018/02/03 19:58 net-next-old 255442c93843 632a8c2c .config console log report ci-upstream-net-kasan-gce
2018/02/01 22:48 net-next-old 255442c93843 67bd3383 .config console log report ci-upstream-net-kasan-gce
2018/02/01 09:37 net-next-old b2fe5fa68642 02553e22 .config console log report ci-upstream-net-kasan-gce
2018/01/31 09:55 net-next-old 91e6dd828425 02553e22 .config console log report ci-upstream-net-kasan-gce
2018/01/30 04:51 net-next-old 3e3ab9ccca5b 08d47756 .config console log report ci-upstream-net-kasan-gce
2018/01/29 05:31 net-next-old 868c36dcc949 08d47756 .config console log report ci-upstream-net-kasan-gce
2018/01/27 08:11 net-next-old 6bb46bc57c8e 1d18b112 .config console log report ci-upstream-net-kasan-gce
* Struck through repros no longer work on HEAD.