From: syzbot <syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com>
To: bp@alien8.de, hpa@zytor.com, linux-kernel@vger.kernel.org,
luto@kernel.org, mingo@redhat.com,
syzkaller-bugs@googlegroups.com, tglx@linutronix.de,
x86@kernel.org
Subject: BUG: sleeping function called from invalid context in do_page_fault
Date: Wed, 04 Mar 2020 18:15:12 -0800 [thread overview]
Message-ID: <0000000000005c66c305a0121be1@google.com> (raw)
Hello,
syzbot found the following crash on:
HEAD commit: f8788d86 Linux 5.6-rc3
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16c2fd29e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9833e26bab355358
dashboard link: https://syzkaller.appspot.com/bug?extid=7f59c1e54e5ce4d95cf7
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1400
in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 4262, name: udevd
1 lock held by udevd/4262:
#0: ffff888093e19518 (&mm->mmap_sem#2){++++}, at: do_user_addr_fault arch/x86/mm/fault.c:1383 [inline]
#0: ffff888093e19518 (&mm->mmap_sem#2){++++}, at: do_page_fault+0x34b/0x12e1 arch/x86/mm/fault.c:1517
irq event stamp: 5474812
hardirqs last enabled at (5474811): [<ffffffff81b3e158>] kmem_cache_free+0x98/0x320 mm/slab.c:3695
hardirqs last disabled at (5474812): [<ffffffff8100a81a>] syscall_return_slowpath arch/x86/entry/common.c:277 [inline]
hardirqs last disabled at (5474812): [<ffffffff8100a81a>] do_syscall_64+0x20a/0x790 arch/x86/entry/common.c:304
softirqs last enabled at (5473952): [<ffffffff882006cd>] __do_softirq+0x6cd/0x98c kernel/softirq.c:319
softirqs last disabled at (5473911): [<ffffffff8147908b>] invoke_softirq kernel/softirq.c:373 [inline]
softirqs last disabled at (5473911): [<ffffffff8147908b>] irq_exit+0x19b/0x1e0 kernel/softirq.c:413
CPU: 1 PID: 4262 Comm: udevd Not tainted 5.6.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
___might_sleep.cold+0x1fb/0x23e kernel/sched/core.c:6798
__might_sleep+0x95/0x190 kernel/sched/core.c:6751
do_user_addr_fault arch/x86/mm/fault.c:1400 [inline]
do_page_fault+0x378/0x12e1 arch/x86/mm/fault.c:1517
page_fault+0x39/0x40 arch/x86/entry/entry_64.S:1203
RIP: 0010:prepare_exit_to_usermode arch/x86/entry/common.c:189 [inline]
RIP: 0010:syscall_return_slowpath arch/x86/entry/common.c:278 [inline]
RIP: 0010:do_syscall_64+0x2c9/0x790 arch/x86/entry/common.c:304
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
RSP: 0018:ffffc900015d7f20 EFLAGS: 00010046
RAX: 0000000000000000 RBX: ffff888093e16640 RCX: ffffffff8100a857
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: ffffc900015d7f48 R08: ffff888093e16640 R09: ffffed10127c2cc9
R10: ffffed10127c2cc8 R11: ffff888093e16647 R12: ffffc900015d7f58
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
next reply other threads:[~2020-03-05 2:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-05 2:15 syzbot [this message]
2020-03-06 8:48 ` BUG: sleeping function called from invalid context in do_page_fault syzbot
2020-03-10 7:49 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0000000000005c66c305a0121be1@google.com \
--to=syzbot+7f59c1e54e5ce4d95cf7@syzkaller.appspotmail.com \
--cc=bp@alien8.de \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=luto@kernel.org \
--cc=mingo@redhat.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=tglx@linutronix.de \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox