From: syzbot <syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com>
To: bp@alien8.de, hpa@zytor.com, linux-kernel@vger.kernel.org,
luto@kernel.org, mingo@redhat.com,
syzkaller-bugs@googlegroups.com, tglx@linutronix.de,
x86@kernel.org
Subject: BUG: sleeping function called from invalid context in do_page_fault
Date: Wed, 04 Mar 2020 18:15:12 -0800 [thread overview]
Message-ID: <0000000000005c66c305a0121be1@google.com> (raw)
Hello,
syzbot found the following crash on:
HEAD commit: f8788d86 Linux 5.6-rc3
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16c2fd29e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9833e26bab355358
dashboard link: https://syzkaller.appspot.com/bug?extid=7f59c1e54e5ce4d95cf7
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1400
in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 4262, name: udevd
1 lock held by udevd/4262:
#0: ffff888093e19518 (&mm->mmap_sem#2){++++}, at: do_user_addr_fault arch/x86/mm/fault.c:1383 [inline]
#0: ffff888093e19518 (&mm->mmap_sem#2){++++}, at: do_page_fault+0x34b/0x12e1 arch/x86/mm/fault.c:1517
irq event stamp: 5474812
hardirqs last enabled at (5474811): [<ffffffff81b3e158>] kmem_cache_free+0x98/0x320 mm/slab.c:3695
hardirqs last disabled at (5474812): [<ffffffff8100a81a>] syscall_return_slowpath arch/x86/entry/common.c:277 [inline]
hardirqs last disabled at (5474812): [<ffffffff8100a81a>] do_syscall_64+0x20a/0x790 arch/x86/entry/common.c:304
softirqs last enabled at (5473952): [<ffffffff882006cd>] __do_softirq+0x6cd/0x98c kernel/softirq.c:319
softirqs last disabled at (5473911): [<ffffffff8147908b>] invoke_softirq kernel/softirq.c:373 [inline]
softirqs last disabled at (5473911): [<ffffffff8147908b>] irq_exit+0x19b/0x1e0 kernel/softirq.c:413
CPU: 1 PID: 4262 Comm: udevd Not tainted 5.6.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
___might_sleep.cold+0x1fb/0x23e kernel/sched/core.c:6798
__might_sleep+0x95/0x190 kernel/sched/core.c:6751
do_user_addr_fault arch/x86/mm/fault.c:1400 [inline]
do_page_fault+0x378/0x12e1 arch/x86/mm/fault.c:1517
page_fault+0x39/0x40 arch/x86/entry/entry_64.S:1203
RIP: 0010:prepare_exit_to_usermode arch/x86/entry/common.c:189 [inline]
RIP: 0010:syscall_return_slowpath arch/x86/entry/common.c:278 [inline]
RIP: 0010:do_syscall_64+0x2c9/0x790 arch/x86/entry/common.c:304
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
RSP: 0018:ffffc900015d7f20 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff888093e16640 RCX: ffffffff8100a857
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: ffffc900015d7f48 R08: ffff888093e16640 R09: ffffed10127c2cc9
R10: ffffed10127c2cc8 R11: ffff888093e16647 R12: ffffc900015d7f58
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
next reply other threads:[~2020-03-05 2:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-05 2:15 syzbot [this message]
2020-03-06 8:48 ` BUG: sleeping function called from invalid context in do_page_fault syzbot
2020-03-10 7:49 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0000000000005c66c305a0121be1@google.com \
--to=syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.