syzbot

 sign-in | mailing list | source | docs
🐞 Open [982] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING: suspicious RCU usage in qrtr_ns_worker

Status: fixed on 2020/11/16 12:12
Subsystems: arm-msm net
[Documentation on labels]
Reported-by: syzbot+0f84f6eed90503da72fc@syzkaller.appspotmail.com
Fix commit: a7809ff90ce6 net: qrtr: ns: Protect radix_tree_deref_slot() using rcu read locks
First crash: 1394d, last: 1331d
Cause bisection: introduced by (bisect log) :
commit e42671084361302141a09284fde9bbc14fdd16bf
Author: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Date: Thu May 7 12:53:06 2020 +0000

  net: qrtr: Do not depend on ARCH_QCOM

Crash: WARNING: suspicious RCU usage in ctrl_cmd_new_lookup (log)
Repro: C syz .config
  
Discussions (4)
Title Replies (including bot) Last reply
[PATCH 5.8 000/124] 5.8.15-rc1 review 136 (136) 2020/10/14 18:31
[PATCH] net: qrtr: ns: Protect radix_tree_deref_slot() using rcu read locks 4 (4) 2020/10/02 07:10
[PATCH] net: qrtr: Reintroduce ARCH_QCOM as a dependency for QRTR 2 (2) 2020/09/08 23:40
WARNING: suspicious RCU usage in qrtr_ns_worker 0 (2) 2020/07/02 05:59
Last patch testing requests (2)
Created Duration User Patch Repo Result
2020/09/26 13:52 16m manivannan.sadhasivam@linaro.org patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master OK
2020/09/26 11:59 8m manivannan.sadhasivam@linaro.org patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master error OK
Fix bisection attempts (2)
Created Duration User Patch Repo Result
2020/08/27 06:40 17m bisect fix upstream job log (0) log
2020/07/27 12:31 19m bisect fix upstream job log (0) log

Sample crash report:
=============================
WARNING: suspicious RCU usage
5.7.0-syzkaller #0 Not tainted
-----------------------------
include/linux/radix-tree.h:176 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
2 locks held by kworker/u4:1/21:
 #0: ffff88821b097938 ((wq_completion)qrtr_ns_handler){+.+.}-{0:0}, at: spin_unlock_irq include/linux/spinlock.h:403 [inline]
 #0: ffff88821b097938 ((wq_completion)qrtr_ns_handler){+.+.}-{0:0}, at: process_one_work+0x6df/0xfd0 kernel/workqueue.c:2241
 #1: ffffc90000dd7d80 ((work_completion)(&qrtr_ns.work)){+.+.}-{0:0}, at: process_one_work+0x71e/0xfd0 kernel/workqueue.c:2243

stack backtrace:
CPU: 0 PID: 21 Comm: kworker/u4:1 Not tainted 5.7.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: qrtr_ns_handler qrtr_ns_worker
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1e9/0x30e lib/dump_stack.c:118
 radix_tree_deref_slot include/linux/radix-tree.h:176 [inline]
 ctrl_cmd_new_lookup net/qrtr/ns.c:558 [inline]
 qrtr_ns_worker+0x2aff/0x4500 net/qrtr/ns.c:674
 process_one_work+0x76e/0xfd0 kernel/workqueue.c:2268
 worker_thread+0xa7f/0x1450 kernel/workqueue.c:2414
 kthread+0x353/0x380 kernel/kthread.c:268

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/25 03:44 upstream 7ae77150d94d 54566aff .config console log report syz C ci-upstream-kasan-gce-smack-root
* Struck through repros no longer work on HEAD.