| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 02 Sep 2020 19:48:19 -0700
From: syzbot <syzbot+49f84b6782afe2a2b20e@...kaller.appspotmail.com>
To: bp@...en8.de, hpa@...or.com, linux-kernel@...r.kernel.org,
luto@...nel.org, mingo@...hat.com, syzkaller-bugs@...glegroups.com,
tglx@...utronix.de, x86@...nel.org
Subject: BUG: sleeping function called from invalid context in vdso_join_timens
Hello,
syzbot found the following issue on:
HEAD commit: 4d41ead6 Merge tag 'block-5.9-2020-08-28' of git://git.ker..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=174adf49900000
kernel config: https://syzkaller.appspot.com/x/.config?x=891ca5711a9f1650
dashboard link: https://syzkaller.appspot.com/bug?extid=49f84b6782afe2a2b20e
compiler: clang version 10.0.0 (https://github.com/llvm/llvm-project/ c2443155a0fb245c8f17f2c1c72b6ea391e86e81)
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+49f84b6782afe2a2b20e@...kaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1491
in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 479, name: syz-executor.3
INFO: lockdep is turned off.
irq event stamp: 845
hardirqs last enabled at (845): [<ffffffff882cebdf>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (845): [<ffffffff882cebdf>] _raw_spin_unlock_irqrestore+0x6f/0xd0 kernel/locking/spinlock.c:191
hardirqs last disabled at (844): [<ffffffff882cea28>] __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:108 [inline]
hardirqs last disabled at (844): [<ffffffff882cea28>] _raw_spin_lock_irqsave+0x78/0xc0 kernel/locking/spinlock.c:159
softirqs last enabled at (662): [<ffffffff88400f2f>] asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:706
softirqs last disabled at (653): [<ffffffff88400f2f>] asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:706
Preemption disabled at:
[<ffffffff882c3253>] preempt_schedule_irq+0x93/0x150 kernel/sched/core.c:4783
CPU: 1 PID: 479 Comm: syz-executor.3 Tainted: G D 5.9.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1f0/0x31e lib/dump_stack.c:118
___might_sleep+0x3c0/0x570 kernel/sched/core.c:7299
down_read+0x17/0x50 kernel/locking/rwsem.c:1491
mmap_read_lock include/linux/mmap_lock.h:46 [inline]
vdso_join_timens+0x46/0x120 arch/x86/entry/vdso/vma.c:147
kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
BUG: unable to handle page fault for address: ffff8880ae936310
#PF: supervisor instruction fetch in kernel mode
#PF: error_code(0x0011) - permissions violation
PGD c401067 P4D c401067 PUD 21ffff067 PMD 80000000ae8001e3
Oops: 0011 [#2] PREEMPT SMP KASAN
CPU: 1 PID: 479 Comm: syz-executor.3 Tainted: G D W 5.9.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Powered by blists - more mailing lists