syzbot


WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
Status: upstream: reported C repro on 2022/05/12 19:35
Reported-by: syzbot+92beb3d46aab498710fa@syzkaller.appspotmail.com
Fix commit: 9b80ccda233f bonding: fix missed rcu protection
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce], missing on: [ci-qemu2-riscv64 ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci2-upstream-usb]
First crash: 16d, last: 13d

Cause bisection: introduced by (bisect log) :
commit aa6034678e873db8bd5c5a4b73f8b88c469374d6
Author: Hangbin Liu <liuhangbin@gmail.com>
Date: Fri Jan 21 08:25:18 2022 +0000

  bonding: use rcu_dereference_rtnl when get bonding active slave

Crash: WARNING: suspicious RCU usage in bond_ethtool_get_ts_info (log)
Repro: C syz .config

Sample crash report:
=============================
WARNING: suspicious RCU usage
5.18.0-rc6-syzkaller-00009-gfeb9c5e19e91 #0 Not tainted
-----------------------------
include/net/bonding.h:353 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syz-executor120/3598:
 #0: ffff888017d721b0 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1682 [inline]
 #0: ffff888017d721b0 (sk_lock-AF_INET){+.+.}-{0:0}, at: sock_setsockopt+0x1e3/0x2d60 net/core/sock.c:1043

stack backtrace:
CPU: 1 PID: 3598 Comm: syz-executor120 Not tainted 5.18.0-rc6-syzkaller-00009-gfeb9c5e19e91 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 bond_option_active_slave_get_rcu include/net/bonding.h:353 [inline]
 bond_ethtool_get_ts_info+0x32c/0x3a0 drivers/net/bonding/bond_main.c:5595
 __ethtool_get_ts_info+0x173/0x240 net/ethtool/common.c:551
 ethtool_get_phc_vclocks+0x99/0x110 net/ethtool/common.c:565
 sock_timestamping_bind_phc net/core/sock.c:846 [inline]
 sock_set_timestamping+0x3a3/0x7e0 net/core/sock.c:893
 sock_setsockopt+0x543/0x2d60 net/core/sock.c:1198
 __sys_setsockopt+0x55e/0x6a0 net/socket.c:2176
 __do_sys_setsockopt net/socket.c:2191 [inline]
 __se_sys_setsockopt net/socket.c:2188 [inline]
 __x64_sys_setsockopt+0xba/0x150 net/socket.c:2188
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f60f6db8b39
Code: 28 c3 e8 2a 14 00 00 66 2e 0f 1f 84 00 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48

Crashes (6):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce 2022/05/11 20:27 upstream feb9c5e19e91 beb0b407 .config log report syz C WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
ci-upstream-kasan-gce-386 2022/05/14 18:15 upstream ec7f49619d8e 744a39e2 .config log report syz C WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
ci-upstream-net-this-kasan-gce 2022/05/11 20:29 net 3cc5c6a7829a beb0b407 .config log report syz C WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
ci-upstream-net-kasan-gce 2022/05/11 20:11 net-next 01f4685797a5 beb0b407 .config log report syz C WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
ci-upstream-kasan-gce 2022/05/13 04:31 upstream 0ac824f379fb 9ad6612a .config log report info WARNING: suspicious RCU usage in bond_ethtool_get_ts_info
ci-upstream-net-kasan-gce 2022/05/11 19:56 net-next 01f4685797a5 beb0b407 .config log report info WARNING: suspicious RCU usage in bond_ethtool_get_ts_info