WARNING: suspicious RCU usage in vxlan_xmit
11 views
Skip to first unread message
syzbot
Jul 7, 2021, 9:27:25 AM7/7/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 9f84340f Linux 4.19.196
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=13781ae4300000
kernel config: https://syzkaller.appspot.com/x/.config?x=abf37bdf4eb59b8e
dashboard link: https://syzkaller.appspot.com/bug?extid=bde91442521acfb2085b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14581928300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1529144c300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bde914...@syzkaller.appspotmail.com
netlink: 12 bytes leftover after parsing attributes in process `syz-executor764'.
netlink: 'syz-executor764': attribute type 11 has an invalid length.
netlink: 16 bytes leftover after parsing attributes in process `syz-executor764'.
=============================
WARNING: suspicious RCU usage
4.19.196-syzkaller #0 Not tainted
-----------------------------
include/net/addrconf.h:340 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/0:1/14:
#0: 0000000096600449 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
#1: 00000000e4b4d003 ((work_completion)(&port->wq)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
#2: 00000000b451db01 (rcu_read_lock_bh){....}, at: __dev_queue_xmit+0x1e2/0x2e00 net/core/dev.c:3773
stack backtrace:
CPU: 0 PID: 14 Comm: kworker/0:1 Not tainted 4.19.196-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events ipvlan_process_multicast
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
__in6_dev_get include/net/addrconf.h:340 [inline]
neigh_reduce drivers/net/vxlan.c:1685 [inline]
vxlan_xmit+0x2b3b/0x4250 drivers/net/vxlan.c:2343
__netdev_start_xmit include/linux/netdevice.h:4345 [inline]
netdev_start_xmit include/linux/netdevice.h:4359 [inline]
xmit_one net/core/dev.c:3256 [inline]
dev_hard_start_xmit+0x1a8/0x920 net/core/dev.c:3272
__dev_queue_xmit+0x269d/0x2e00 net/core/dev.c:3838
ipvlan_process_multicast+0xa19/0xcb0 drivers/net/ipvlan/ipvlan_core.c:292
process_one_work+0x864/0x1570 kernel/workqueue.c:2153
worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: 9f84340f Linux 4.19.196
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=13781ae4300000
kernel config: https://syzkaller.appspot.com/x/.config?x=abf37bdf4eb59b8e
dashboard link: https://syzkaller.appspot.com/bug?extid=bde91442521acfb2085b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14581928300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1529144c300000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bde914...@syzkaller.appspotmail.com
netlink: 12 bytes leftover after parsing attributes in process `syz-executor764'.
netlink: 'syz-executor764': attribute type 11 has an invalid length.
netlink: 16 bytes leftover after parsing attributes in process `syz-executor764'.
=============================
WARNING: suspicious RCU usage
4.19.196-syzkaller #0 Not tainted
-----------------------------
include/net/addrconf.h:340 suspicious rcu_dereference_check() usage!
other info that might help us debug this:
rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/0:1/14:
#0: 0000000096600449 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
#1: 00000000e4b4d003 ((work_completion)(&port->wq)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
#2: 00000000b451db01 (rcu_read_lock_bh){....}, at: __dev_queue_xmit+0x1e2/0x2e00 net/core/dev.c:3773
stack backtrace:
CPU: 0 PID: 14 Comm: kworker/0:1 Not tainted 4.19.196-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events ipvlan_process_multicast
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
__in6_dev_get include/net/addrconf.h:340 [inline]
neigh_reduce drivers/net/vxlan.c:1685 [inline]
vxlan_xmit+0x2b3b/0x4250 drivers/net/vxlan.c:2343
__netdev_start_xmit include/linux/netdevice.h:4345 [inline]
netdev_start_xmit include/linux/netdevice.h:4359 [inline]
xmit_one net/core/dev.c:3256 [inline]
dev_hard_start_xmit+0x1a8/0x920 net/core/dev.c:3272
__dev_queue_xmit+0x269d/0x2e00 net/core/dev.c:3838
ipvlan_process_multicast+0xa19/0xcb0 drivers/net/ipvlan/ipvlan_core.c:292
process_one_work+0x864/0x1570 kernel/workqueue.c:2153
worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Aug 6, 2021, 12:34:06 PM8/6/21
to syzkaller...@googlegroups.com
syzbot suspects this issue was fixed by commit:
commit f80201ff7937fddb039716ba5948775b485d7646
Author: Eric Dumazet <edum...@google.com>
Date: Mon Jun 21 14:44:17 2021 +0000
vxlan: add missing rcu_read_lock() in neigh_reduce()
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=17c15ce9300000
start commit: 9f84340f012e Linux 4.19.196
git tree: linux-4.19.y
#syz fix: vxlan: add missing rcu_read_lock() in neigh_reduce()
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit f80201ff7937fddb039716ba5948775b485d7646
Author: Eric Dumazet <edum...@google.com>
Date: Mon Jun 21 14:44:17 2021 +0000
vxlan: add missing rcu_read_lock() in neigh_reduce()
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=17c15ce9300000
start commit: 9f84340f012e Linux 4.19.196
git tree: linux-4.19.y
kernel config: https://syzkaller.appspot.com/x/.config?x=abf37bdf4eb59b8e
dashboard link: https://syzkaller.appspot.com/bug?extid=bde91442521acfb2085b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14581928300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1529144c300000
If the result looks correct, please mark the issue as fixed by replying with:
dashboard link: https://syzkaller.appspot.com/bug?extid=bde91442521acfb2085b
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14581928300000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1529144c300000
#syz fix: vxlan: add missing rcu_read_lock() in neigh_reduce()
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
Reply all
Reply to author
Forward
0 new messages