Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp62204img; Tue, 19 Mar 2019 17:57:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqys/sDDmiSKVvvDK/brURxZwhkJSkBuc7srwIC0MwhQ11tlWwCRszQ695xBjOicYfXn8SXL X-Received: by 2002:a17:902:6942:: with SMTP id k2mr5011674plt.136.1553043421034; Tue, 19 Mar 2019 17:57:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553043421; cv=none; d=google.com; s=arc-20160816; b=Zb8nYpjNw+5vFqcKjf99T+8pjGg+kfRN5N+ndKZg/XRjf+UMwpVdCed/i7QEEvoBRQ sho2TAKU02sjCS2Xx3a8WNt8Am5TrEFLt8nG9VkHVmsi+RHF/kmBci4yc2FxRhx0bKip upPTk0X4H63WfEnUx0P8XXW52f3ikqTC/nSheRQJcycySfWi9ut2AsXAeHa/3+ZtEhx0 XHbjYuutMTF4AlaA6u6Z7kqebQq/MjsJ8GdHWhcfpVGRUQL138n4Mv1WzzxFW3OpbAQS 70SgQhhGqTRdwKztE9CN4XOHZ8kSanNfZq4OkdHi3XB8o+vDKtsGtTYpFN5J44gJoUkn AsoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:to:subject; bh=7RYInjWb+3tzcXyqgVN5OAI4zFhDTp2dcBwm+j+zRh4=; b=WGkUSUZLsRETgQ+EgKwvxq2HKrq0LH7vAFTcy11Erbu9A4CJWmCfLadwsOUrDsuU+x 16rWxI0DzPcgfen1uEsCusQV6qNXzvsAjulsbtlI66d064xDZaacjJrA+X7u5C7dnFaH lOZBuwKgy+OaoB0ojaF2QUmo7w55deHBNZIGFrYEFe0oJkAyQVjoPkb76jlnK31JHdv7 m6yioOVr2kub5RYvn+ky2csAN4YFz/lW0l3GilryKCm6E7TwlniAbA0bfckxAysc32KH Nh4FlBmMANwocMvVQNUlC+5/BVti4UgX1KNT2Tkk58UJcmTgpUA+v1L2lmwbH5x8uu8P QEbg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b26si343579pgf.81.2019.03.19.17.56.45; Tue, 19 Mar 2019 17:57:01 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727414AbfCTAzb (ORCPT + 99 others); Tue, 19 Mar 2019 20:55:31 -0400 Received: from mail.cn.fujitsu.com ([183.91.158.132]:39859 "EHLO heian.cn.fujitsu.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727062AbfCTAza (ORCPT ); Tue, 19 Mar 2019 20:55:30 -0400 X-IronPort-AV: E=Sophos;i="5.60,246,1549900800"; d="scan'208";a="57180461" Received: from unknown (HELO cn.fujitsu.com) ([10.167.33.5]) by heian.cn.fujitsu.com with ESMTP; 20 Mar 2019 08:55:23 +0800 Received: from G08CNEXCHPEKD03.g08.fujitsu.local (unknown [10.167.33.85]) by cn.fujitsu.com (Postfix) with ESMTP id 4EA4E4CD447D; Wed, 20 Mar 2019 08:54:55 +0800 (CST) Received: from [10.167.226.33] (10.167.226.33) by G08CNEXCHPEKD03.g08.fujitsu.local (10.167.33.89) with Microsoft SMTP Server (TLS) id 14.3.408.0; Wed, 20 Mar 2019 08:55:29 +0800 Subject: Re: WARNING: suspicious RCU usage in xfrm_alloc_userspi To: Eric Dumazet , syzbot , , , , , , References: <0000000000007783a2058474a0b9@google.com> From: "Su Yanjun " Message-ID: Date: Wed, 20 Mar 2019 08:55:22 +0800 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.3 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.167.226.33] X-yoursite-MailScanner-ID: 4EA4E4CD447D.ABE5C X-yoursite-MailScanner: Found to be clean X-yoursite-MailScanner-From: suyj.fnst@cn.fujitsu.com X-Spam-Status: No Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 2019/3/20 0:23, Eric Dumazet wrote: > CC Su Yanjun > > On 03/19/2019 09:02 AM, syzbot wrote: >> Hello, >> >> syzbot found the following crash on: >> >> HEAD commit:    b9998194 Add linux-next specific files for 20190318 >> git tree:       linux-next >> console output: https://syzkaller.appspot.com/x/log.txt?x=17a2e24d200000 >> kernel config:  https://syzkaller.appspot.com/x/.config?x=59cd5d43b5df6955 >> dashboard link: https://syzkaller.appspot.com/bug?extid=59752237f7ab21c3f3c3 >> compiler:       gcc (GCC) 9.0.0 20181231 (experimental) >> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=14e70cb3200000 >> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=17292127200000 >> >> IMPORTANT: if you fix the bug, please add the following tag to the commit: >> Reported-by: syzbot+59752237f7ab21c3f3c3@syzkaller.appspotmail.com >> >> ============================= >> WARNING: suspicious RCU usage >> 5.1.0-rc1-next-20190318 #5 Not tainted >> ----------------------------- >> net/xfrm/xfrm_user.c:1080 suspicious rcu_dereference_check() usage! >> >> other info that might help us debug this: >> >> >> rcu_scheduler_active = 2, debug_locks = 1 >> 1 lock held by syz-executor085/7946: >>  #0: 00000000a55031b5 (&net->xfrm.xfrm_cfg_mutex){+.+.}, at: xfrm_netlink_rcv+0x61/0x90 net/xfrm/xfrm_user.c:2691 >> >> stack backtrace: >> CPU: 0 PID: 7946 Comm: syz-executor085 Not tainted 5.1.0-rc1-next-20190318 #5 >> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 >> Call Trace: >>  __dump_stack lib/dump_stack.c:77 [inline] >>  dump_stack+0x172/0x1f0 lib/dump_stack.c:113 >>  lockdep_rcu_suspicious+0x153/0x15d kernel/locking/lockdep.c:5162 >>  xfrm_nlmsg_unicast net/xfrm/xfrm_user.c:1080 [inline] >>  xfrm_alloc_userspi+0x7d5/0xa80 net/xfrm/xfrm_user.c:1356 >>  xfrm_user_rcv_msg+0x458/0x770 net/xfrm/xfrm_user.c:2684 >>  netlink_rcv_skb+0x17a/0x460 net/netlink/af_netlink.c:2485 >>  xfrm_netlink_rcv+0x70/0x90 net/xfrm/xfrm_user.c:2692 >>  netlink_unicast_kernel net/netlink/af_netlink.c:1310 [inline] >>  netlink_unicast+0x536/0x720 net/netlink/af_netlink.c:1336 >>  netlink_sendmsg+0x8ae/0xd70 net/netlink/af_netlink.c:1925 >>  sock_sendmsg_nosec net/socket.c:651 [inline] >>  sock_sendmsg+0xdd/0x130 net/socket.c:661 >>  ___sys_sendmsg+0x806/0x930 net/socket.c:2260 >>  __sys_sendmsg+0x105/0x1d0 net/socket.c:2298 >>  __do_sys_sendmsg net/socket.c:2307 [inline] >>  __se_sys_sendmsg net/socket.c:2305 [inline] >>  __x64_sys_sendmsg+0x78/0xb0 net/socket.c:2305 >>  do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 >>  entry_SYSCALL_64_after_hwframe+0x49/0xbe >> RIP: 0033:0x440499 >> Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00 >> RSP: 002b:00007ffcf12caf08 EFLAGS: 00000246 ORIG_RAX: 000000000000002e >> RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440499 >> RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 >> RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8 >> R10: 0000000000000000 R11: 0000000000000246 R12: 000000000040 >> >> >> --- >> This bug is generated by a bot. It may contain errors. >> See https://goo.gl/tpsmEJ for more information about syzbot. >> syzbot engineers can be reached at syzkaller@googlegroups.com. >> >> syzbot will keep track of this bug report. See: >> https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with syzbot. >> syzbot can test patches for this bug, for details see: >> https://goo.gl/tpsmEJ#testing-patches I  got it. Thanks