WARNING: lock held when returning to user space in tun_get

WARNING: lock held when returning to user space in tun_get_user (2)

Status: fixed on 2020/02/18 14:31
Subsystems: net
[Documentation on labels]
Fix commit: 1efba987c486 net-backports: tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()
First crash: 1945d, last: 1934d

▶ ▼ Similar bugs (1)

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	WARNING: lock held when returning to user space in tun_get_user net	C	done		55	2257d	2258d	12/28	fixed on 2019/04/10 16:37

Sample crash report:

================================================
WARNING: lock held when returning to user space!
5.5.0-rc6-syzkaller #0 Not tainted
------------------------------------------------
syz-executor.4/27416 is leaving the kernel with locks still held!
1 lock held by syz-executor.4/27416:
 #0: ffff888061b44748 (&tfile->napi_mutex){+.+.}, at: tun_get_user+0x1604/0x3fc0 drivers/net/tun.c:1835

Crashes (7):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Manager
2020/01/26 03:35	net-next-old	3333e50b64fe	f4e7270e	.config	console log	report	ci-upstream-net-kasan-gce
2020/01/25 05:14	net-next-old	23f4eacdd24a	2e95ab33	.config	console log	report	ci-upstream-net-kasan-gce
2020/01/22 20:29	net-next-old	4f2c17e0f332	8eda0b95	.config	console log	report	ci-upstream-net-kasan-gce
2020/01/22 18:59	net-next-old	4f2c17e0f332	8eda0b95	.config	console log	report	ci-upstream-net-kasan-gce
2020/01/22 10:54	net-next-old	4f2c17e0f332	8eda0b95	.config	console log	report	ci-upstream-net-kasan-gce
2020/02/02 10:13	linux-next	2747d5fdab78	2274ad39	.config	console log	report	ci-upstream-linux-next-kasan-gce-root
2020/01/31 01:57	linux-next	2747d5fdab78	5ed23f9a	.config	console log	report	ci-upstream-linux-next-kasan-gce-root

* ~~Struck through~~ repros no longer work on HEAD.