lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <CACkBjsY3bxfFWPvijNY7RX=GfXuT5C2av0C_mX1Sxj-+vvv0bA@mail.gmail.com>
Date:   Mon, 20 Sep 2021 20:51:43 +0800
From:   Hao Sun <sunhao.th@...il.com>
To:     akpm@...ux-foundation.org, Linux MM <linux-mm@...ck.org>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: BUG: sleeping function called from invalid context in synchronize_rcu_expedited

Hello,

When using Healer to fuzz the latest Linux kernel, the following crash
was triggered.

HEAD commit: 4357f03d6611 Merge tag 'pm-5.15-rc2
git tree: upstream
console output:
https://drive.google.com/file/d/1AJpdt-ENezAYZ0xo3787EvsK09-Vz404/view?usp=sharing
kernel config: https://drive.google.com/file/d/1HKZtF_s3l6PL3OoQbNq_ei9CdBus-Tz0/view?usp=sharing

If you fix this issue, please add the following tag to the commit:
Reported-by: Hao Sun <sunhao.th@...il.com>

BUG: sleeping function called from invalid context at kernel/rcu/tree_exp.h:854
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 21, name: ksoftirqd/1
2 locks held by ksoftirqd/1/21:
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at: rcu_do_batch
kernel/rcu/tree.c:2500 [inline]
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at:
rcu_core+0x283/0x9f0 kernel/rcu/tree.c:2743
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline]
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
synchronize_rcu_expedited+0x32d/0x460 kernel/rcu/tree_exp.h:837
Preemption disabled at:
[<ffffffff8460005c>] softirq_handle_begin kernel/softirq.c:396 [inline]
[<ffffffff8460005c>] __do_softirq+0x5c/0x561 kernel/softirq.c:534
CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 5.15.0-rc1+ #19
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106
 ___might_sleep+0x1f0/0x250 kernel/sched/core.c:9538
 synchronize_rcu_expedited+0x2db/0x460 kernel/rcu/tree_exp.h:853
 bdi_remove_from_list mm/backing-dev.c:938 [inline]
 bdi_unregister+0x97/0x270 mm/backing-dev.c:946
 release_bdi+0x4a/0x70 mm/backing-dev.c:968
 kref_put include/linux/kref.h:65 [inline]
 bdi_put+0x47/0x70 mm/backing-dev.c:976
 bdev_free_inode+0x59/0xc0 block/bdev.c:408
 i_callback+0x24/0x50 fs/inode.c:224
 rcu_do_batch kernel/rcu/tree.c:2508 [inline]
 rcu_core+0x2d6/0x9f0 kernel/rcu/tree.c:2743
 __do_softirq+0xe9/0x561 kernel/softirq.c:558
 run_ksoftirqd+0x2d/0x60 kernel/softirq.c:920
 smpboot_thread_fn+0x225/0x320 kernel/smpboot.c:164
 kthread+0x178/0x1b0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
BUG: scheduling while atomic: ksoftirqd/1/21/0x00000101
2 locks held by ksoftirqd/1/21:
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at: rcu_do_batch
kernel/rcu/tree.c:2500 [inline]
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at:
rcu_core+0x283/0x9f0 kernel/rcu/tree.c:2743
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline]
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
synchronize_rcu_expedited+0x32d/0x460 kernel/rcu/tree_exp.h:837
Modules linked in:
Preemption disabled at:
[<ffffffff8460005c>] softirq_handle_begin kernel/softirq.c:396 [inline]
[<ffffffff8460005c>] __do_softirq+0x5c/0x561 kernel/softirq.c:534

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ