| Title | Replies (including bot) | Last reply |
|---|---|---|
| Reminder: 99 open syzbot bugs in net subsystem | 14 (14) | 2019/07/31 15:13 |
| Reminder: 94 open syzbot bugs in net subsystem | 1 (1) | 2019/06/25 05:48 |
| possible deadlock in bond_get_stats (2) | 0 (1) | 2018/12/03 23:10 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| Reminder: 99 open syzbot bugs in net subsystem | 14 (14) | 2019/07/31 15:13 |
| Reminder: 94 open syzbot bugs in net subsystem | 1 (1) | 2019/06/25 05:48 |
| possible deadlock in bond_get_stats (2) | 0 (1) | 2018/12/03 23:10 |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | possible deadlock in bond_get_stats (3) net | syz | done | 2 | 1802d | 1802d | 15/28 | fixed on 2020/04/15 17:19 | |
| linux-4.19 | possible deadlock in bond_get_stats | C | 1244 | 693d | 1830d | 0/1 | upstream: reported C repro on 2020/01/24 05:20 | ||
| upstream | possible deadlock in bond_get_stats net | C | 11 | 2370d | 2374d | 8/28 | fixed on 2018/08/08 18:10 | ||
| linux-4.14 | possible deadlock in bond_get_stats | C | 130 | 698d | 1834d | 0/1 | upstream: reported C repro on 2020/01/20 04:38 |
============================================
WARNING: possible recursive locking detected
5.1.0+ #19 Not tainted
--------------------------------------------
syz-executor.4/14789 is trying to acquire lock:
00000000d0914714 (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: bond_get_stats+0xe1/0x560 drivers/net/bonding/bond_main.c:3451
but task is already holding lock:
00000000cbb17fac (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: bond_get_stats+0xe1/0x560 drivers/net/bonding/bond_main.c:3451
other info that might help us debug this:
Possible unsafe locking scenario:
CPU0
----
lock(&(&bond->stats_lock)->rlock#2/2);
lock(&(&bond->stats_lock)->rlock#2/2);
*** DEADLOCK ***
May be due to missing lock nesting notation
3 locks held by syz-executor.4/14789:
#0: 00000000384a952f (rtnl_mutex){+.+.}, at: rtnl_lock+0x17/0x20 net/core/rtnetlink.c:76
#1: 00000000cbb17fac (&(&bond->stats_lock)->rlock#2/2){+.+.}, at: bond_get_stats+0xe1/0x560 drivers/net/bonding/bond_main.c:3451
#2: 00000000cab8c918 (rcu_read_lock){....}, at: bond_get_nest_level drivers/net/bonding/bond_main.c:3440 [inline]
#2: 00000000cab8c918 (rcu_read_lock){....}, at: bond_get_stats+0xc0/0x560 drivers/net/bonding/bond_main.c:3451
stack backtrace:
CPU: 1 PID: 14789 Comm: syz-executor.4 Not tainted 5.1.0+ #19
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
print_deadlock_bug kernel/locking/lockdep.c:2190 [inline]
check_deadlock kernel/locking/lockdep.c:2234 [inline]
validate_chain kernel/locking/lockdep.c:2783 [inline]
__lock_acquire.cold+0x219/0x53f kernel/locking/lockdep.c:3792
lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:4302
_raw_spin_lock_nested+0x35/0x50 kernel/locking/spinlock.c:361
bond_get_stats+0xe1/0x560 drivers/net/bonding/bond_main.c:3451
dev_get_stats+0x8e/0x280 net/core/dev.c:9063
bond_get_stats+0x23e/0x560 drivers/net/bonding/bond_main.c:3457
dev_get_stats+0x8e/0x280 net/core/dev.c:9063
rtnl_fill_stats+0x4d/0xac0 net/core/rtnetlink.c:1176
rtnl_fill_ifinfo+0x1171/0x3750 net/core/rtnetlink.c:1659
rtmsg_ifinfo_build_skb+0xc9/0x1a0 net/core/rtnetlink.c:3463
rtmsg_ifinfo_event.part.0+0x43/0xe0 net/core/rtnetlink.c:3495
rtmsg_ifinfo_event net/core/rtnetlink.c:5272 [inline]
rtnetlink_event+0x12c/0x150 net/core/rtnetlink.c:5265
notifier_call_chain+0xc2/0x230 kernel/notifier.c:94
__raw_notifier_call_chain kernel/notifier.c:395 [inline]
raw_notifier_call_chain+0x2e/0x40 kernel/notifier.c:402
call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1753
call_netdevice_notifiers_extack net/core/dev.c:1765 [inline]
call_netdevice_notifiers net/core/dev.c:1779 [inline]
netdev_features_change net/core/dev.c:1337 [inline]
netdev_change_features+0x7e/0xb0 net/core/dev.c:8503
bond_compute_features.isra.0+0x4de/0x950 drivers/net/bonding/bond_main.c:1125
bond_slave_netdev_event drivers/net/bonding/bond_main.c:3185 [inline]
bond_netdev_event+0x537/0x940 drivers/net/bonding/bond_main.c:3226
notifier_call_chain+0xc2/0x230 kernel/notifier.c:94
__raw_notifier_call_chain kernel/notifier.c:395 [inline]
raw_notifier_call_chain+0x2e/0x40 kernel/notifier.c:402
call_netdevice_notifiers_info+0x3f/0x90 net/core/dev.c:1753
call_netdevice_notifiers_extack net/core/dev.c:1765 [inline]
call_netdevice_notifiers net/core/dev.c:1779 [inline]
netdev_features_change net/core/dev.c:1337 [inline]
netdev_change_features+0x7e/0xb0 net/core/dev.c:8503
bond_compute_features.isra.0+0x4de/0x950 drivers/net/bonding/bond_main.c:1125
bond_enslave+0x4718/0x4bb0 drivers/net/bonding/bond_main.c:1767
bond_do_ioctl+0x7d8/0x870 drivers/net/bonding/bond_main.c:3553
dev_ifsioc+0x6ec/0x940 net/core/dev_ioctl.c:322
dev_ioctl+0x280/0xc60 net/core/dev_ioctl.c:514
compat_ifr_data_ioctl+0xfb/0x160 net/socket.c:3136
compat_sock_ioctl_trans net/socket.c:3361 [inline]
compat_sock_ioctl+0x374/0x1bf0 net/socket.c:3447
__do_compat_sys_ioctl fs/compat_ioctl.c:1052 [inline]
__se_compat_sys_ioctl fs/compat_ioctl.c:998 [inline]
__ia32_compat_sys_ioctl+0x195/0x620 fs/compat_ioctl.c:998
do_syscall_32_irqs_on arch/x86/entry/common.c:337 [inline]
do_fast_syscall_32+0x27b/0xd7d arch/x86/entry/common.c:408
entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fbe849
Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f5dba0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000000089f0
RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
bond0: Enslaving lo as an active interface with an up link
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2019/05/20 06:43 | upstream | 72cf0b07418a | 5a4461b0 | .config | console log | report | ci-upstream-kasan-gce-386 | |||||
| 2018/11/30 21:24 | net-next-old | 93029d7d407f | ade12e91 | .config | console log | report | ci-upstream-net-kasan-gce |