WARNING: locking bug in ip6_datagram

WARNING: locking bug in ip6_datagram_connect
Status: upstream: reported syz repro on 2020/12/01 10:11
Reported-by: syzbot+d3af95d2506e1511dcc1@syzkaller.appspotmail.com
First crash: 300d, last: 1d15h

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: WARNING: locking bug in inet_autobind (log)
Repro: syz .config

Sample crash report:

------------[ cut here ]------------
WARNING: CPU: 1 PID: 10853 at kernel/locking/lockdep.c:894 look_up_lock_class kernel/locking/lockdep.c:894 [inline]
WARNING: CPU: 1 PID: 10853 at kernel/locking/lockdep.c:894 register_lock_class+0x1fb/0x1100 kernel/locking/lockdep.c:1242
Modules linked in:
CPU: 1 PID: 10853 Comm: syz-executor.0 Not tainted 5.10.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:look_up_lock_class kernel/locking/lockdep.c:894 [inline]
RIP: 0010:register_lock_class+0x1fb/0x1100 kernel/locking/lockdep.c:1242
Code: 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 21 0d 00 00 4d 3b 67 18 74 0b 49 81 3f 80 51 4a 8e 74 02 <0f> 0b 85 ed 0f 84 20 01 00 00 f6 44 24 04 01 0f 85 15 01 00 00 83
RSP: 0018:ffffc90002377a58 EFLAGS: 00010006
RAX: dffffc0000000000 RBX: 1ffff9200046ef52 RCX: ffffffff8ef48920
RDX: 1ffff110032d9217 RSI: 0000000000000000 RDI: ffff8880196c90b8
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8a42ad20
R13: ffffffff8fa9f980 R14: ffffffff8ec04d40 R15: ffff8880196c90a0
FS:  00007f3808a81700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000004e0b50 CR3: 000000001cacf000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __lock_acquire+0xff/0x5500 kernel/locking/lockdep.c:4711
 lock_acquire kernel/locking/lockdep.c:5437 [inline]
 lock_acquire+0x29d/0x740 kernel/locking/lockdep.c:5402
 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline]
 _raw_spin_lock_bh+0x2f/0x40 kernel/locking/spinlock.c:175
 spin_lock_bh include/linux/spinlock.h:359 [inline]
 release_sock+0x1b/0x1b0 net/core/sock.c:3051
 ip6_datagram_connect+0x36/0x40 net/ipv6/datagram.c:273
 inet_dgram_connect+0x14a/0x2d0 net/ipv4/af_inet.c:577
 __sys_connect_file+0x155/0x1a0 net/socket.c:1852
 __sys_connect+0x161/0x190 net/socket.c:1869
 __do_sys_connect net/socket.c:1879 [inline]
 __se_sys_connect net/socket.c:1876 [inline]
 __x64_sys_connect+0x6f/0xb0 net/socket.c:1876
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45deb9
Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f3808a80c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 0000000000002400 RCX: 000000000045deb9
RDX: 000000000000001c RSI: 0000000020000080 RDI: 0000000000000005
RBP: 000000000118c008 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bfd4
R13: 00007fff08fcd91f R14: 00007f3808a819c0 R15: 000000000118bfd4

Fix bisection attempts:
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro
ci-upstream-kasan-gce-selinux-root	2021/04/19 15:33	upstream	bf05bf16	1ab681a4	.config	log	report	syz
ci-upstream-kasan-gce-selinux-root	2021/03/12 03:53	upstream	f78d76e7	1ab681a4	.config	log	report	syz
ci-upstream-kasan-gce-selinux-root	2020/12/24 09:32	upstream	58cf05f5	1ab681a4	.config	log	report	syz

Crashes (8):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	VM info	Title
ci-upstream-kasan-gce-selinux-root	2020/11/24 09:10	upstream	d5beb314	1ab681a4	.config	log	report	syz
ci-upstream-kasan-gce	2021/03/19 21:48	upstream	8b12a62a	2af9d324	.config	log	report		info	WARNING: locking bug in ip6_datagram_connect
ci-upstream-kasan-gce	2021/01/17 01:18	upstream	0da0a8a0	65a7a854	.config	log	report		info
ci-upstream-kasan-gce	2021/01/12 03:18	upstream	a0d54b4f	2c1f2513	.config	log	report		info
ci-upstream-kasan-gce-smack-root	2020/09/17 10:22	upstream	5925fa68	8247808b	.config	log	report		info
ci-upstream-kasan-gce	2020/09/07 08:39	upstream	a8205e31	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/09/01 04:19	upstream	f75aef39	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce-root	2020/06/25 05:25	upstream	7ae77150	54566aff	.config	log	report