Hello,
syzbot found the following crash on:
HEAD commit: e109a984 Linux 4.19.48
git tree: linux-4.19.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=134570d2a00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=2d14dd88554f26bc
dashboard link:
https://syzkaller.appspot.com/bug?extid=6b9b636988037b8d1f60
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro:
https://syzkaller.appspot.com/x/repro.syz?x=17f0ecf2a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by:
syzbot+6b9b63...@syzkaller.appspotmail.com
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
=============================
WARNING: suspicious RCU usage
4.19.48 #20 Not tainted
-----------------------------
kernel/rcu/tree_plugin.h:811 Illegal synchronize_rcu() in RCU read-side
critical section!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
1 lock held by ksoftirqd/0/9:
#0: 00000000e8025b02 (rcu_read_lock
){....}, at: __skb_unlink include/linux/skbuff.h:1885 [inline]
){....}, at: __skb_dequeue include/linux/skbuff.h:1901 [inline]
){....}, at: process_backlog+0x195/0x750 net/core/dev.c:5853
stack backtrace:
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.48 #20
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
lockdep_rcu_suspicious+0x153/0x15d kernel/locking/lockdep.c:4536
synchronize_rcu+0x72/0xa0 kernel/rcu/tree_plugin.h:811
llc_sap_close+0x14c/0x1b0 net/llc/llc_core.c:130
llc_sap_put include/net/llc.h:129 [inline]
llc_rcv+0x617/0xb40 net/llc/llc_input.c:210
__netif_receive_skb_one_core+0x113/0x1a0 net/core/dev.c:4932
__netif_receive_skb+0x2c/0x1d0 net/core/dev.c:5044
process_backlog+0x206/0x750 net/core/dev.c:5855
napi_poll net/core/dev.c:6278 [inline]
net_rx_action+0x4f5/0x1070 net/core/dev.c:6344
__do_softirq+0x25c/0x921 kernel/softirq.c:292
run_ksoftirqd kernel/softirq.c:653 [inline]
run_ksoftirqd+0x8e/0x110 kernel/softirq.c:645
smpboot_thread_fn+0x6a3/0xa30 kernel/smpboot.c:164
kthread+0x354/0x420 kernel/kthread.c:246
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
BUG: sleeping function called from invalid context at
kernel/sched/completion.c:99
in_atomic(): 1, irqs_disabled(): 0, pid: 9, name: ksoftirqd/0
1 lock held by ksoftirqd/0/9:
#0: 00000000e8025b02 (rcu_read_lock){....}, at: __skb_unlink
include/linux/skbuff.h:1885 [inline]
#0: 00000000e8025b02 (rcu_read_lock){....}, at: __skb_dequeue
include/linux/skbuff.h:1901 [inline]
#0: 00000000e8025b02 (rcu_read_lock){....}, at:
process_backlog+0x195/0x750 net/core/dev.c:5853
Preemption disabled at:
[<ffffffff872000f3>] __do_softirq+0xf3/0x921 kernel/softirq.c:269
CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 4.19.48 #20
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
___might_sleep.cold+0x1bd/0x1f6 kernel/sched/core.c:6150
__might_sleep+0x95/0x190 kernel/sched/core.c:6103
__wait_for_common kernel/sched/completion.c:99 [inline]
wait_for_common kernel/sched/completion.c:115 [inline]
wait_for_completion+0x96/0x440 kernel/sched/completion.c:136
__wait_rcu_gp+0x23d/0x300 kernel/rcu/update.c:368
synchronize_rcu.part.0+0xcf/0xe0 kernel/rcu/tree_plugin.h:820
synchronize_rcu+0x27/0xa0 kernel/rcu/tree_plugin.h:821
llc_sap_close+0x14c/0x1b0 net/llc/llc_core.c:130
llc_sap_put include/net/llc.h:129 [inline]
llc_rcv+0x617/0xb40 net/llc/llc_input.c:210
__netif_receive_skb_one_core+0x113/0x1a0 net/core/dev.c:4932
__netif_receive_skb+0x2c/0x1d0 net/core/dev.c:5044
process_backlog+0x206/0x750 net/core/dev.c:5855
napi_poll net/core/dev.c:6278 [inline]
net_rx_action+0x4f5/0x1070 net/core/dev.c:6344
__do_softirq+0x25c/0x921 kernel/softirq.c:292
run_ksoftirqd kernel/softirq.c:653 [inline]
run_ksoftirqd+0x8e/0x110 kernel/softirq.c:645
smpboot_thread_fn+0x6a3/0xa30 kernel/smpboot.c:164
kthread+0x354/0x420 kernel/kthread.c:246
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
BUG: scheduling while atomic: ksoftirqd/0/9/0x00000101
1 lock held by ksoftirqd/0/9:
#0: 00000000e8025b02 (rcu_read_lock){....}, at: __skb_unlink
include/linux/skbuff.h:1885 [inline]
#0: 00000000e8025b02 (rcu_read_lock){....}, at: __skb_dequeue
include/linux/skbuff.h:1901 [inline]
#0: 00000000e8025b02 (rcu_read_lock){....}, at:
process_backlog+0x195/0x750 net/core/dev.c:5853
Modules linked in:
Preemption disabled at:
[<ffffffff872000f3>] __do_softirq+0xf3/0x921 kernel/softirq.c:269
---
This bug is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches