lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <68504126.a70a0220.395abc.01e4.GAE@google.com>
Date: Mon, 16 Jun 2025 09:07:02 -0700
From: syzbot <syzbot+b8c48ea38ca27d150063@...kaller.appspotmail.com>
To: davem@...emloft.net, edumazet@...gle.com, horms@...nel.org, 
	kuba@...nel.org, linux-kernel@...r.kernel.org, netdev@...r.kernel.org, 
	pabeni@...hat.com, stfomichev@...il.com, syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [net?] WARNING in __linkwatch_sync_dev (2)

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: suspicious RCU usage in bond_mii_monitor

=============================
WARNING: suspicious RCU usage
6.16.0-rc2-syzkaller-ge04c78d86a96-dirty #0 Not tainted
-----------------------------
drivers/net/bonding/bond_main.c:2736 suspicious rcu_dereference_check() usage!

other info that might help us debug this:


rcu_scheduler_active = 2, debug_locks = 1
3 locks held by kworker/u32:0/12:
 #0: ffff888044cc7948 ((wq_completion)bond0#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
 #1: ffffc900000f7d10 ((work_completion)(&(&bond->mii_work)->work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
 #2: ffffffff9034d128 (rtnl_mutex){+.+.}-{4:4}, at: bond_mii_monitor+0x122/0x2a20 drivers/net/bonding/bond_main.c:2966

stack backtrace:
CPU: 2 UID: 0 PID: 12 Comm: kworker/u32:0 Not tainted 6.16.0-rc2-syzkaller-ge04c78d86a96-dirty #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
Workqueue: bond0 bond_mii_monitor
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120
 lockdep_rcu_suspicious+0x166/0x260 kernel/locking/lockdep.c:6871
 bond_miimon_inspect drivers/net/bonding/bond_main.c:2736 [inline]
 bond_mii_monitor+0xab6/0x2a20 drivers/net/bonding/bond_main.c:2973
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3321 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3402
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x5d7/0x6f0 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: now running without any active interface!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: now running without any active interface!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: now running without any active interface!
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: now running without any active interface!
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: now running without any active interface!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down
bond0: (slave bond_slave_0): link status definitely up, 10000 Mbps full duplex
bond0: (slave bond_slave_1): link status definitely up, 10000 Mbps full duplex
bond0: active interface up!
bond0: (slave bond_slave_0): interface is now down
bond0: (slave bond_slave_1): interface is now down


Tested on:

commit:         e04c78d8 Linux 6.16-rc2
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1321e90c580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=4130f4d8a06c3e71
dashboard link: https://syzkaller.appspot.com/bug?extid=b8c48ea38ca27d150063
compiler:       gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
patch:          https://syzkaller.appspot.com/x/patch.diff?x=1423490c580000

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ