Hello, On Mon, 2021-03-01 at 14:52 +0000, Chuck Lever wrote: > > On Mar 1, 2021, at 8:49 AM, syzbot <syzbot+e2fa57709a385e6db10f@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote: > > > > Hello, > > > > syzbot found the following issue on: > > > > HEAD commit: eee7ede6 Merge branch 'bnxt_en-error-recovery-bug-fixes' > > git tree: net > > console output: https://syzkaller.appspot.com/x/log.txt?x=123ad632d00000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=e2d5ba72abae4f14 > > dashboard link: https://syzkaller.appspot.com/bug?extid=e2fa57709a385e6db10f > > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=109d89b6d00000 > > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12e9e0dad00000 > > > > The issue was bisected to: > > > > commit c8e88e3aa73889421461f878cd569ef84f231ceb > > Author: Chuck Lever <chuck.lever@xxxxxxxxxx> > > Date: Tue Nov 3 20:06:04 2020 +0000 > > > > NFSD: Replace READ* macros in nfsd4_decode_layoutget() > > > > bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13bef9ccd00000 > > final oops: https://syzkaller.appspot.com/x/report.txt?x=107ef9ccd00000 > > console output: https://syzkaller.appspot.com/x/log.txt?x=17bef9ccd00000 > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > Reported-by: syzbot+e2fa57709a385e6db10f@xxxxxxxxxxxxxxxxxxxxxxxxx > > Fixes: c8e88e3aa738 ("NFSD: Replace READ* macros in nfsd4_decode_layoutget()") > > > > ====================================================== > > WARNING: possible circular locking dependency detected > > 5.11.0-syzkaller #0 Not tainted > > ------------------------------------------------------ > > syz-executor905/8822 is trying to acquire lock: > > ffffffff8d678fe8 (rtnl_mutex){+.+.}-{3:3}, at: ipv6_sock_mc_close+0xd7/0x110 net/ipv6/mcast.c:323 > > > > but task is already holding lock: > > ffff888024390120 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1600 [inline] > > ffff888024390120 (sk_lock-AF_INET6){+.+.}-{0:0}, at: mptcp6_release+0x57/0x130 net/mptcp/protocol.c:3507 > > > > which lock already depends on the new lock. > > Hi, thanks for the report. > > Initial analysis: > > c8e88e3aa738 ("NFSD: Replace READ* macros in nfsd4_decode_layoutget()" > changes code several layers above the network layer. In addition, > neither of the stack traces contain NFSD functions. And, repro.c does > not appear to exercise any filesystem code. > > Therefore the bisect result looks implausible to me. I don't see any > obvious connection between the lockdep splat and c8e88e3aa738. (If > someone else does, please let me know where to look). I agree the bisect result is unexpected. This looks really as an MPTCP-specific issue, likely introduced by: 32fcc880e0a9 ("mptcp: provide subflow aware release function") and should be fixed inside MPTCP. Cheers, Paolo
