On Mon, Feb 19, 2018 at 2:23 PM, Jon Maloy <[email protected]> wrote: > I don't understand this one. tipc_topsrv_stop() can only be trigged from a > user doing rmmod(), and I double checked that this is running in user mode. > How does the call chain you are reporting occur?
Hi Jon, Please see the original syzbot report, it includes all known information about the bug (including a reproducer program): https://groups.google.com/forum/#!topic/syzkaller-bugs/jWAs6YWMp9g >> -----Original Message----- >> From: Kirill Tkhai [mailto:[email protected]] >> Sent: Saturday, February 17, 2018 23:23 >> To: Dmitry Vyukov <[email protected]>; syzbot >> <[email protected]>; Jon Maloy >> <[email protected]>; Ying Xue <[email protected]> >> Cc: Andrei Vagin <[email protected]>; David Miller >> <[email protected]>; Eric W. Biederman <[email protected]>; >> Florian Westphal <[email protected]>; LKML <[email protected]>; >> netdev <[email protected]>; Nicolas Dichtel >> <[email protected]>; [email protected]; syzkaller- >> [email protected]; [email protected] >> Subject: Re: BUG: sleeping function called from invalid context at >> net/core/sock.c:LINE (3) >> >> On 17.02.2018 11:15, Dmitry Vyukov wrote: >> > On Sat, Feb 17, 2018 at 4:00 AM, syzbot >> > <[email protected]> wrote: >> >> Hello, >> >> >> >> syzbot hit the following crash on net-next commit >> >> 65bd449c32c2745df61913ab54087e77f9d9b70d (Fri Feb 16 20:26:35 2018 >> >> +0000) Merge branch 'tipc-de-generealize-topology-server' >> > >> > +tipc maintainers >> >> This looks to be caused by commit 0ef897be12b8 >> "tipc: separate topology server listener socket from subcsriber sockets" >> >> Thanks, >> Kirill
