Re: BUG: sleeping function called from invalid context at net/core/sock.c:LINE (3)
From: Kirill Tkhai
Date: Mon Feb 19 2018 - 09:42:10 EST
On 19.02.2018 16:23, Jon Maloy wrote:
> I don't understand this one. tipc_topsrv_stop() can only be trigged from a user doing rmmod(), and I double checked that this is running in user mode.
> How does the call chain you are reporting occur?
>
In case of CONFIG_NET_NS=y, pernet_operations::exit() is called after last reference
to a net is dropped. So, this may happen not only on module unload path.
Kirill
>
>
>> -----Original Message-----
>> From: Kirill Tkhai [mailto:ktkhai@xxxxxxxxxxxxx]
>> Sent: Saturday, February 17, 2018 23:23
>> To: Dmitry Vyukov <dvyukov@xxxxxxxxxx>; syzbot
>> <syzbot+749d9d87c294c00ca856@xxxxxxxxxxxxxxxxxxxxxxxxx>; Jon Maloy
>> <jon.maloy@xxxxxxxxxxxx>; Ying Xue <ying.xue@xxxxxxxxxxxxx>
>> Cc: Andrei Vagin <avagin@xxxxxxxxxxxxx>; David Miller
>> <davem@xxxxxxxxxxxxx>; Eric W. Biederman <ebiederm@xxxxxxxxxxxx>;
>> Florian Westphal <fw@xxxxxxxxx>; LKML <linux-kernel@xxxxxxxxxxxxxxx>;
>> netdev <netdev@xxxxxxxxxxxxxxx>; Nicolas Dichtel
>> <nicolas.dichtel@xxxxxxxxx>; roman.kapl@xxxxxxxxx; syzkaller-
>> bugs@xxxxxxxxxxxxxxxx; tipc-discussion@xxxxxxxxxxxxxxxxxxxxx
>> Subject: Re: BUG: sleeping function called from invalid context at
>> net/core/sock.c:LINE (3)
>>
>> On 17.02.2018 11:15, Dmitry Vyukov wrote:
>>> On Sat, Feb 17, 2018 at 4:00 AM, syzbot
>>> <syzbot+749d9d87c294c00ca856@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>>>> Hello,
>>>>
>>>> syzbot hit the following crash on net-next commit
>>>> 65bd449c32c2745df61913ab54087e77f9d9b70d (Fri Feb 16 20:26:35 2018
>>>> +0000) Merge branch 'tipc-de-generealize-topology-server'
>>>
>>> +tipc maintainers
>>
>> This looks to be caused by commit 0ef897be12b8
>> "tipc: separate topology server listener socket from subcsriber sockets"
>>
>> Thanks,
>> Kirill