bisecting cause commit starting from b33bc2b878e05c5dd4e20682328c3addb4787ac9
building syzkaller on 63bf051fc1ccc110060be8490f4f5492b0a78766
testing commit b33bc2b878e05c5dd4e20682328c3addb4787ac9 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: suspicious RCU usage in in_dev_dump_addr
testing release v5.1
testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0
all runs: OK
# git bisect start b33bc2b878e05c5dd4e20682328c3addb4787ac9 v5.1
Bisecting: 7248 revisions left to test after this (roughly 13 steps)
[f4d9a23d3dad0252f375901bf4ff6523a2c97241] sparc64: simplify reduce_memory() function
testing commit f4d9a23d3dad0252f375901bf4ff6523a2c97241 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good f4d9a23d3dad0252f375901bf4ff6523a2c97241
Bisecting: 3624 revisions left to test after this (roughly 12 steps)
[299c83dce9ea3a79bb4b5511d2cb996b6b8e5111] mem-hotplug: fix node spanned pages when we have a node with only ZONE_MOVABLE
testing commit 299c83dce9ea3a79bb4b5511d2cb996b6b8e5111 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 299c83dce9ea3a79bb4b5511d2cb996b6b8e5111
Bisecting: 1810 revisions left to test after this (roughly 11 steps)
[dc413a90edbe715bebebe859dc072ef73d490d70] Merge tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
testing commit dc413a90edbe715bebebe859dc072ef73d490d70 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good dc413a90edbe715bebebe859dc072ef73d490d70
Bisecting: 905 revisions left to test after this (roughly 10 steps)
[86f9e56d08852961a1b9e062d59b71491d8c793a] Merge tag 'for-5.2/dm-fix-1' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm
testing commit 86f9e56d08852961a1b9e062d59b71491d8c793a with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 86f9e56d08852961a1b9e062d59b71491d8c793a
Bisecting: 454 revisions left to test after this (roughly 9 steps)
[036e34310931e64ce4f1edead435708cd517db10] Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
testing commit 036e34310931e64ce4f1edead435708cd517db10 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 036e34310931e64ce4f1edead435708cd517db10
Bisecting: 226 revisions left to test after this (roughly 8 steps)
[6faaffb3b1ce0b136ad217e941f8d436794d24f9] Merge branch 'Decoupling-PHYLINK-from-struct-net_device'
testing commit 6faaffb3b1ce0b136ad217e941f8d436794d24f9 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 6faaffb3b1ce0b136ad217e941f8d436794d24f9
Bisecting: 134 revisions left to test after this (roughly 7 steps)
[33aae28285b73e013f7f697a61f569c5b48c6650] Merge branch '40GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/next-queue
testing commit 33aae28285b73e013f7f697a61f569c5b48c6650 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 33aae28285b73e013f7f697a61f569c5b48c6650
Bisecting: 67 revisions left to test after this (roughly 6 steps)
[e672db03ab0e43e41ab6f8b2156a10d6e40f243d] bpf: tracing: properly use bpf_prog_array api
testing commit e672db03ab0e43e41ab6f8b2156a10d6e40f243d with gcc (GCC) 8.1.0
all runs: OK
# git bisect good e672db03ab0e43e41ab6f8b2156a10d6e40f243d
Bisecting: 41 revisions left to test after this (roughly 5 steps)
[0462eaacee493f7e2d87551a35d38be93ca723f8] Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
testing commit 0462eaacee493f7e2d87551a35d38be93ca723f8 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 0462eaacee493f7e2d87551a35d38be93ca723f8
Bisecting: 21 revisions left to test after this (roughly 4 steps)
[57f0410279096095e013b08b5e8e44d0ea2098d6] Merge branch 'mscc-ocelot-tc-flower'
testing commit 57f0410279096095e013b08b5e8e44d0ea2098d6 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 57f0410279096095e013b08b5e8e44d0ea2098d6
Bisecting: 10 revisions left to test after this (roughly 4 steps)
[b8d19572367bb019f77bbc921ef6bf965f1c8b22] netfilter: use in_dev_for_each_ifa_rcu
testing commit b8d19572367bb019f77bbc921ef6bf965f1c8b22 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good b8d19572367bb019f77bbc921ef6bf965f1c8b22
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[db4bad07371b53dbce34e8ae54d4aa93096841d6] net: ethernet: improve eth_platform_get_mac_address
testing commit db4bad07371b53dbce34e8ae54d4aa93096841d6 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: suspicious RCU usage in in_dev_dump_addr
# git bisect bad db4bad07371b53dbce34e8ae54d4aa93096841d6
Bisecting: 2 revisions left to test after this (roughly 1 step)
[cb8f1478cea68bc9c9bca8bded9617d9b0b7beb6] drivers: use in_dev_for_each_ifa_rtnl/rcu
testing commit cb8f1478cea68bc9c9bca8bded9617d9b0b7beb6 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good cb8f1478cea68bc9c9bca8bded9617d9b0b7beb6
Bisecting: 0 revisions left to test after this (roughly 1 step)
[feb3cf2e5ecc5840e27f328e0ce666a0f728f1a3] Merge branch 'ifa_list-RCU'
testing commit feb3cf2e5ecc5840e27f328e0ce666a0f728f1a3 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: suspicious RCU usage in in_dev_dump_addr
# git bisect bad feb3cf2e5ecc5840e27f328e0ce666a0f728f1a3
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[2638eb8b50cfc16240e0bb080b9afbf541a9b39d] net: ipv4: provide __rcu annotation for ifa_list
testing commit 2638eb8b50cfc16240e0bb080b9afbf541a9b39d with gcc (GCC) 8.1.0
all runs: crashed: WARNING: suspicious RCU usage in in_dev_dump_addr
# git bisect bad 2638eb8b50cfc16240e0bb080b9afbf541a9b39d
2638eb8b50cfc16240e0bb080b9afbf541a9b39d is the first bad commit
commit 2638eb8b50cfc16240e0bb080b9afbf541a9b39d
Author: Florian Westphal <fw@strlen.de>
Date:   Fri May 31 18:27:09 2019 +0200

    net: ipv4: provide __rcu annotation for ifa_list
    
    ifa_list is protected by rcu, yet code doesn't reflect this.
    
    Add the __rcu annotations and fix up all places that are now reported by
    sparse.
    
    I've done this in the same commit to not add intermediate patches that
    result in new warnings.
    
    Reported-by: Eric Dumazet <edumazet@google.com>
    Signed-off-by: Florian Westphal <fw@strlen.de>
    Signed-off-by: David S. Miller <davem@davemloft.net>

:040000 040000 06d2571f0ad8aafa4de24f43b4cd7991600cd030 f43ce15ccdf696570bcf0d61c873d32116042ed5 M	drivers
:040000 040000 604bb9286ed3f4c0a1ffe2bbbe76af65b4f36ab5 4e965868bc17112ee9f8170c09001d695ffa039d M	include
:040000 040000 7dd58e21f571f460bcc6f5464d666b5ae098768d 8f5e1e16ab723dca833f997a4c66f2fef36c1015 M	net
revisions tested: 17, total time: 4h29m35.656407919s (build: 1h34m32.639106032s, test: 2h50m17.964591309s)
first bad commit: 2638eb8b50cfc16240e0bb080b9afbf541a9b39d net: ipv4: provide __rcu annotation for ifa_list
cc: ["amitkarwar@gmail.com" "anshuman.khandual@arm.com" "axboe@kernel.dk" "benedictwong@google.com" "benve@cisco.com" "coreteam@netfilter.org" "davej@codemonkey.org.uk" "davem@davemloft.net" "dbanerje@akamai.com" "devel@driverdev.osuosl.org" "dledford@redhat.com" "doshir@vmware.com" "edumazet@google.com" "faisal.latif@intel.com" "fw@strlen.de" "gbhat@marvell.com" "gregkh@linuxfoundation.org" "gustavo@embeddedor.com" "huxinming820@gmail.com" "idosch@mellanox.com" "jakub.kicinski@netronome.com" "jgg@ziepe.ca" "johannes@sipsolutions.net" "kadlec@blackhole.kfki.hu" "keescook@chromium.org" "kuznet@ms2.inr.ac.ru" "kvalo@codeaurora.org" "linux-kernel@vger.kernel.org" "linux-rdma@vger.kernel.org" "linux-wireless@vger.kernel.org" "liuhangbin@gmail.com" "lucien.xin@gmail.com" "matwey@sai.msu.ru" "mpe@ellerman.id.au" "neescoba@cisco.com" "netdev@vger.kernel.org" "netfilter-devel@vger.kernel.org" "nishants@marvell.com" "pablo@netfilter.org" "paulmck@linux.ibm.com" "petrm@mellanox.com" "pkaustub@cisco.com" "pv-drivers@vmware.com" "romieu@fr.zoreil.com" "shannon.nelson@oracle.com" "shiraz.saleem@intel.com" "steffen.klassert@secunet.com" "yoshfuji@linux-ipv6.org"]
crash: WARNING: suspicious RCU usage in in_dev_dump_addr
=============================
WARNING: suspicious RCU usage
5.2.0-rc2+ #1 Not tainted
-----------------------------
net/ipv4/devinet.c:1766 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syz-executor.3/7604:
 #0: 00000000ac263570 (rtnl_mutex){+.+.}, at: netlink_dump+0xcc/0x10c0 net/netlink/af_netlink.c:2208

stack backtrace:
CPU: 0 PID: 7604 Comm: syz-executor.3 Not tainted 5.2.0-rc2+ #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x113/0x167 lib/dump_stack.c:113
 lockdep_rcu_suspicious+0x14a/0x153 kernel/locking/lockdep.c:5250
 in_dev_dump_addr+0x24a/0x2b0 net/ipv4/devinet.c:1766
 inet_dump_ifaddr+0x827/0xa40 net/ipv4/devinet.c:1826
 rtnl_dump_all+0x1ca/0x3a0 net/core/rtnetlink.c:3444
 netlink_dump+0x49e/0x10c0 net/netlink/af_netlink.c:2253
 __netlink_dump_start+0x52b/0x810 net/netlink/af_netlink.c:2361
 netlink_dump_start include/linux/netlink.h:226 [inline]
 rtnetlink_rcv_msg+0x57a/0x8f0 net/core/rtnetlink.c:5181
 netlink_rcv_skb+0x13c/0x380 net/netlink/af_netlink.c:2486
 rtnetlink_rcv+0x10/0x20 net/core/rtnetlink.c:5236
 netlink_unicast_kernel net/netlink/af_netlink.c:1311 [inline]
 netlink_unicast+0x43f/0x630 net/netlink/af_netlink.c:1337
 netlink_sendmsg+0x765/0xc50 net/netlink/af_netlink.c:1926
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg+0xb5/0xf0 net/socket.c:671
 ___sys_sendmsg+0x647/0x950 net/socket.c:2292
 __sys_sendmsg+0xd9/0x180 net/socket.c:2330
 __do_sys_sendmsg net/socket.c:2339 [inline]
 __se_sys_sendmsg net/socket.c:2337 [inline]
 __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2337
 do_syscall_64+0xd0/0x530 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459279
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fcd31acdc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459279
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcd31ace6d4
R13: 00000000004c6cdf R14: 00000000004dbb08 R15: 00000000ffffffff

=============================
WARNING: suspicious RCU usage
5.2.0-rc2+ #1 Not tainted
-----------------------------
net/ipv4/devinet.c:1766 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
1 lock held by syz-executor.3/7604:
 #0: 00000000ac263570 (rtnl_mutex){+.+.}, at: netlink_dump+0xcc/0x10c0 net/netlink/af_netlink.c:2208

stack backtrace:
CPU: 0 PID: 7604 Comm: syz-executor.3 Not tainted 5.2.0-rc2+ #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x113/0x167 lib/dump_stack.c:113
 lockdep_rcu_suspicious+0x14a/0x153 kernel/locking/lockdep.c:5250
 in_dev_dump_addr+0x1d1/0x2b0 net/ipv4/devinet.c:1766
 inet_dump_ifaddr+0x827/0xa40 net/ipv4/devinet.c:1826
 rtnl_dump_all+0x1ca/0x3a0 net/core/rtnetlink.c:3444
 netlink_dump+0x49e/0x10c0 net/netlink/af_netlink.c:2253
 __netlink_dump_start+0x52b/0x810 net/netlink/af_netlink.c:2361
 netlink_dump_start include/linux/netlink.h:226 [inline]
 rtnetlink_rcv_msg+0x57a/0x8f0 net/core/rtnetlink.c:5181
 netlink_rcv_skb+0x13c/0x380 net/netlink/af_netlink.c:2486
 rtnetlink_rcv+0x10/0x20 net/core/rtnetlink.c:5236
 netlink_unicast_kernel net/netlink/af_netlink.c:1311 [inline]
 netlink_unicast+0x43f/0x630 net/netlink/af_netlink.c:1337
 netlink_sendmsg+0x765/0xc50 net/netlink/af_netlink.c:1926
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg+0xb5/0xf0 net/socket.c:671
 ___sys_sendmsg+0x647/0x950 net/socket.c:2292
 __sys_sendmsg+0xd9/0x180 net/socket.c:2330
 __do_sys_sendmsg net/socket.c:2339 [inline]
 __se_sys_sendmsg net/socket.c:2337 [inline]
 __x64_sys_sendmsg+0x73/0xb0 net/socket.c:2337
 do_syscall_64+0xd0/0x530 arch/x86/entry/common.c:301
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459279
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fcd31acdc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459279
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcd31ace6d4
R13: 00000000004c6cdf R14: 00000000004dbb08 R15: 00000000ffffffff