lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 17 Feb 2018 09:15:53 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     syzbot <syzbot+749d9d87c294c00ca856@...kaller.appspotmail.com>
Cc:     Andrei Vagin <avagin@...tuozzo.com>,
        David Miller <davem@...emloft.net>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Florian Westphal <fw@...len.de>,
        Kirill Tkhai <ktkhai@...tuozzo.com>,
        LKML <linux-kernel@...r.kernel.org>,
        netdev <netdev@...r.kernel.org>,
        Nicolas Dichtel <nicolas.dichtel@...nd.com>,
        roman.kapl@...go.com, syzkaller-bugs@...glegroups.com,
        Jon Maloy <jon.maloy@...csson.com>,
        Ying Xue <ying.xue@...driver.com>,
        tipc-discussion@...ts.sourceforge.net
Subject: Re: BUG: sleeping function called from invalid context at
 net/core/sock.c:LINE (3)

On Sat, Feb 17, 2018 at 4:00 AM, syzbot
<syzbot+749d9d87c294c00ca856@...kaller.appspotmail.com> wrote:
> Hello,
>
> syzbot hit the following crash on net-next commit
> 65bd449c32c2745df61913ab54087e77f9d9b70d (Fri Feb 16 20:26:35 2018 +0000)
> Merge branch 'tipc-de-generealize-topology-server'

+tipc maintainers

> So far this crash happened 25 times on net-next.
> C reproducer is attached.
> syzkaller reproducer is attached.
> Raw console output is attached.
> compiler: gcc (GCC) 7.1.1 20170620
> .config is attached.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+749d9d87c294c00ca856@...kaller.appspotmail.com
> It will help syzbot understand when the bug is fixed. See footer for
> details.
> If you forward the report, please keep this part and the footer.
>
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Not tainted 4.16.0-rc1+ #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 1 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
> IPVS: ftp: loaded support on port[0] = 21
> BUG: sleeping function called from invalid context at net/core/sock.c:2769
> in_atomic(): 1, irqs_disabled(): 0, pid: 85, name: kworker/u4:3
> 5 locks held by kworker/u4:3/85:
>  #0:  ((wq_completion)"%s""netns"){+.+.}, at: [<00000000c9792deb>]
> process_one_work+0xaaf/0x1af0 kernel/workqueue.c:2084
>  #1:  (net_cleanup_work){+.+.}, at: [<00000000adc12e2a>]
> process_one_work+0xb01/0x1af0 kernel/workqueue.c:2088
>  #2:  (net_sem){++++}, at: [<000000009ccb5669>] cleanup_net+0x23f/0xd20
> net/core/net_namespace.c:494
>  #3:  (net_mutex){+.+.}, at: [<00000000a92767d9>] cleanup_net+0xa7d/0xd20
> net/core/net_namespace.c:496
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> spin_lock_bh include/linux/spinlock.h:315 [inline]
>  #4:  (&(&srv->idr_lock)->rlock){+...}, at: [<000000001343e568>]
> tipc_topsrv_stop+0x231/0x610 net/tipc/topsrv.c:685
> CPU: 0 PID: 85 Comm: kworker/u4:3 Tainted: G        W        4.16.0-rc1+
> #230
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
> Google 01/01/2011
> Workqueue: netns cleanup_net
> Call Trace:
>  __dump_stack lib/dump_stack.c:17 [inline]
>  dump_stack+0x194/0x257 lib/dump_stack.c:53
>  ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128
>  __might_sleep+0x95/0x190 kernel/sched/core.c:6081
>  lock_sock_nested+0x37/0x110 net/core/sock.c:2769
>  lock_sock include/net/sock.h:1463 [inline]
>  tipc_release+0x103/0xff0 net/tipc/socket.c:572
>  sock_release+0x8d/0x1e0 net/socket.c:594
>  tipc_topsrv_stop+0x3c0/0x610 net/tipc/topsrv.c:696
>  tipc_exit_net+0x15/0x40 net/tipc/core.c:96
>  ops_exit_list.isra.6+0xae/0x150 net/core/net_namespace.c:148
>  cleanup_net+0x6ba/0xd20 net/core/net_namespace.c:529
>  process_one_work+0xbbf/0x1af0 kernel/workqueue.c:2113
>  worker_thread+0x223/0x1990 kernel/workqueue.c:2247
>  kthread+0x33c/0x400 kernel/kthread.c:238
>  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:429
>
>
> ---
> This bug is generated by a dumb bot. It may contain errors.
> See https://goo.gl/tpsmEJ for details.
> Direct all questions to syzkaller@...glegroups.com.
>
> syzbot will keep track of this bug report.
> If you forgot to add the Reported-by tag, once the fix for this bug is
> merged
> into any tree, please reply to this email with:
> #syz fix: exact-commit-title
> If you want to test a patch for this bug, please reply with:
> #syz test: git://repo/address.git branch
> and provide the patch inline or as an attachment.
> To mark this as a duplicate of another syzbot report, please reply with:
> #syz dup: exact-subject-of-another-report
> If it's a one-off invalid bug report, please reply with:
> #syz invalid
> Note: if the crash happens again, it will cause creation of a new bug
> report.
> Note: all commands must start from beginning of the line in the email body.
>
> --
> You received this message because you are subscribed to the Google Groups
> "syzkaller-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to syzkaller-bugs+unsubscribe@...glegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/syzkaller-bugs/001a1143e44e58485f05655fa8ae%40google.com.
> For more options, visit https://groups.google.com/d/optout.

View attachment "raw.log.txt" of type "text/plain" (39566 bytes)

View attachment "repro.syz.txt" of type "text/plain" (280 bytes)

View attachment "repro.c.txt" of type "text/plain" (360 bytes)

View attachment "config.txt" of type "text/plain" (136427 bytes)

Powered by blists - more mailing lists