BUG: sleeping function called from invalid context in __do_page

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
linux-4.19	BUG: sleeping function called from invalid context in __do_page_fault	C		error	56	1186d	1953d	0/1	upstream: reported C repro on 2019/08/18 01:17
upstream	BUG: sleeping function called from invalid context in __do_page_fault kernel				2	1797d	1832d	0/28	auto-closed as invalid on 2020/05/19 13:57

linux-4.19

BUG: sleeping function called from invalid context in __do_page_fault

error

1186d

1953d

0/1

upstream: reported C repro on 2019/08/18 01:17

upstream

BUG: sleeping function called from invalid context in __do_page_fault kernel

1797d

1832d

0/28

auto-closed as invalid on 2020/05/19 13:57


Created	Duration	User	Repo	Result
2023/02/05 02:32	9m	retest repro	linux-4.14.y	report log
2023/02/05 01:32	9m	retest repro	linux-4.14.y	report log
2023/02/05 00:32	9m	retest repro	linux-4.14.y	report log
2023/02/04 23:32	10m	retest repro	linux-4.14.y	report log
2022/09/14 12:27	9m	retest repro	linux-4.14.y	report log
2022/09/14 11:27	8m	retest repro	linux-4.14.y	report log
2022/09/14 10:27	9m	retest repro	linux-4.14.y	report log
2022/09/14 09:27	13m	retest repro	linux-4.14.y	report log

Created	Duration	User	Repo	Result
2020/07/15 01:22	33m	bisect fix	linux-4.14.y	OK (2) job log
2020/03/30 15:10	26m	bisect fix	linux-4.14.y	OK (0) job log log
2020/01/03 15:56	24m	bisect fix	linux-4.14.y	OK (0) job log log
2019/12/04 11:06	23m	bisect fix	linux-4.14.y	OK (0) job log log

Created

Duration

User

Patch

Repo

Result

2020/07/15 01:22

33m

bisect fix

linux-4.14.y

OK (2) job log

2020/03/30 15:10

26m

bisect fix

linux-4.14.y

OK (0) job log log

2020/01/03 15:56

24m

bisect fix

linux-4.14.y

OK (0) job log log

2019/12/04 11:06

23m

bisect fix

linux-4.14.y

OK (0) job log log

RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441869 RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 RBP: 00007ffe629ad570 R08: 0000000000000002 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 BUG: sleeping function called from invalid context at arch/x86/mm/fault.c:1385 in_atomic(): 0, irqs_disabled(): 1, pid: 8005, name: syz-executor681 3 locks held by syz-executor681/8005: #0: (cb_lock){++++}, at: [<ffffffff85fe45d5>] genl_rcv+0x15/0x40 net/netlink/genetlink.c:635 #1: (genl_mutex){+.+.}, at: [<ffffffff85fe5232>] genl_lock net/netlink/genetlink.c:33 [inline] #1: (genl_mutex){+.+.}, at: [<ffffffff85fe5232>] genl_rcv_msg+0x112/0x140 net/netlink/genetlink.c:623 #2: (rtnl_mutex){+.+.}, at: [<ffffffff86bd24c9>] nl80211_pre_doit+0x2d9/0x510 net/wireless/nl80211.c:12458 irq event stamp: 731 hardirqs last enabled at (731): [<ffffffff81376d21>] __cancel_work_timer+0x2c1/0x460 kernel/workqueue.c:2957 hardirqs last disabled at (730): [<ffffffff8136ffb5>] try_to_grab_pending+0xb5/0x610 kernel/workqueue.c:1214 softirqs last enabled at (724): [<ffffffff876006ab>] __do_softirq+0x6ab/0xa1d kernel/softirq.c:314 softirqs last disabled at (635): [<ffffffff81330353>] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (635): [<ffffffff81330353>] irq_exit+0x193/0x240 kernel/softirq.c:409 CPU: 1 PID: 8005 Comm: syz-executor681 Not tainted 4.14.206-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6042 __do_page_fault+0x2dc/0xad0 arch/x86/mm/fault.c:1385 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1123 RIP: 0010:atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RIP: 0010:__lock_acquire+0x21e/0x3f20 kernel/locking/lockdep.c:3382 RSP: 0018:ffff8880b2887040 EFLAGS: 00010002 RAX: 00000000000001c8 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 1ffff110155eb566 RSI: 0000000000000000 RDI: ffff8880aaf5ab30 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: ffff888095ef6080 R12: ffff8880aaf5ab28 R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff8beb2d40 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 flush_work+0xad/0x770 kernel/workqueue.c:2889 __cancel_work_timer+0x321/0x460 kernel/workqueue.c:2964 rhashtable_free_and_destroy+0x26/0x710 lib/rhashtable.c:1073 mesh_table_free net/mac80211/mesh_pathtbl.c:70 [inline] mesh_pathtbl_init+0x223/0x290 net/mac80211/mesh_pathtbl.c:863 ieee80211_mesh_init_sdata+0x2b4/0x650 net/mac80211/mesh.c:1459 ieee80211_setup_sdata+0xb29/0xf40 net/mac80211/iface.c:1476 ieee80211_if_add+0xce0/0x16b0 net/mac80211/iface.c:1885 ieee80211_add_iface+0x89/0x110 net/mac80211/cfg.c:124 rdev_add_virtual_intf net/wireless/rdev-ops.h:45 [inline] nl80211_new_interface+0x44b/0x1360 net/wireless/nl80211.c:2990 genl_family_rcv_msg+0x572/0xb20 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x441869 RSP: 002b:00007ffe629ad558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441869 RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 RBP: 00007ffe629ad570 R08: 0000000000000002 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 BUG: unable to handle kernel NULL pointer dereference at 0000000000000300 IP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline] IP: __lock_acquire+0x21e/0x3f20 kernel/locking/lockdep.c:3382 PGD a3091067 P4D a3091067 PUD ab03e067 PMD 0 Oops: 0002 [#1] PREEMPT SMP KASAN Modules linked in: CPU: 1 PID: 8005 Comm: syz-executor681 Tainted: G W 4.14.206-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff888095ef6080 task.stack: ffff8880b2880000 RIP: 0010:atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RIP: 0010:__lock_acquire+0x21e/0x3f20 kernel/locking/lockdep.c:3382 RSP: 0018:ffff8880b2887040 EFLAGS: 00010002 RAX: 00000000000001c8 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 1ffff110155eb566 RSI: 0000000000000000 RDI: ffff8880aaf5ab30 RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000001 R11: ffff888095ef6080 R12: ffff8880aaf5ab28 R13: 0000000000000000 R14: 0000000000000000 R15: ffffffff8beb2d40 FS: 0000000002015880(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000300 CR3: 00000000af9ec000 CR4: 00000000001406e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 flush_work+0xad/0x770 kernel/workqueue.c:2889 __cancel_work_timer+0x321/0x460 kernel/workqueue.c:2964 rhashtable_free_and_destroy+0x26/0x710 lib/rhashtable.c:1073 mesh_table_free net/mac80211/mesh_pathtbl.c:70 [inline] mesh_pathtbl_init+0x223/0x290 net/mac80211/mesh_pathtbl.c:863 ieee80211_mesh_init_sdata+0x2b4/0x650 net/mac80211/mesh.c:1459 ieee80211_setup_sdata+0xb29/0xf40 net/mac80211/iface.c:1476 ieee80211_if_add+0xce0/0x16b0 net/mac80211/iface.c:1885 ieee80211_add_iface+0x89/0x110 net/mac80211/cfg.c:124 rdev_add_virtual_intf net/wireless/rdev-ops.h:45 [inline] nl80211_new_interface+0x44b/0x1360 net/wireless/nl80211.c:2990 genl_family_rcv_msg+0x572/0xb20 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x441869 RSP: 002b:00007ffe629ad558 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441869 RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003 RBP: 00007ffe629ad570 R08: 0000000000000002 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 Code: 00 fc ff df 41 89 f6 4b 8d 7c f4 08 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 5e 2a 00 00 4b 8b 44 f4 08 48 85 c0 0f 84 31 ff ff ff <f0> ff 80 38 01 00 00 49 8d b3 80 08 00 00 48 ba 00 00 00 00 00 RIP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RSP: ffff8880b2887040 RIP: __lock_acquire+0x21e/0x3f20 kernel/locking/lockdep.c:3382 RSP: ffff8880b2887040 CR2: 0000000000000300 ---[ end trace 3dda8e650e704779 ]---

Crashes (24):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Manager
2020/11/11 08:26	linux-4.14.y	27ce4f2a6817	cca87986	.config	console log	report	syz	C	ci2-linux-4-14
2020/01/31 16:09	linux-4.14.y	9fa690a2a016	5ed23f9a	.config	console log	report	syz	C	ci2-linux-4-14
2019/08/18 02:29	linux-4.14.y	45f092f9e9cb	55bf8926	.config	console log	report	syz	C	ci2-linux-4-14
2019/08/06 03:19	linux-4.14.y	7d80e1218adf	6affd8e8	.config	console log	report	syz	C	ci2-linux-4-14
2020/08/28 22:45	linux-4.14.y	d7e78d08fa77	d5a3ae1f	.config	console log	report			ci2-linux-4-14
2020/08/26 07:12	linux-4.14.y	6a24ca2506d6	344da168	.config	console log	report			ci2-linux-4-14
2020/08/15 20:57	linux-4.14.y	14b58326976d	5ce13532	.config	console log	report			ci2-linux-4-14
2020/08/01 10:57	linux-4.14.y	7f2c5eb458b8	8df85ed9	.config	console log	report			ci2-linux-4-14
2020/07/28 23:32	linux-4.14.y	69b94dd6dcd1	cb93dc6a	.config	console log	report			ci2-linux-4-14
2020/06/15 01:22	linux-4.14.y	b850307b279c	2a22c77a	.config	console log	report			ci2-linux-4-14
2020/06/07 16:45	linux-4.14.y	c6db52a88798	2c2b926c	.config	console log	report			ci2-linux-4-14
2020/05/15 15:14	linux-4.14.y	ab9dfda23248	d7f9fffa	.config	console log	report			ci2-linux-4-14
2020/04/19 18:51	linux-4.14.y	c10b57a567e4	6dfd45e1	.config	console log	report			ci2-linux-4-14
2020/04/19 18:05	linux-4.14.y	c10b57a567e4	6dfd45e1	.config	console log	report			ci2-linux-4-14
2020/04/19 10:50	linux-4.14.y	c10b57a567e4	6dfd45e1	.config	console log	report			ci2-linux-4-14
2020/04/03 04:14	linux-4.14.y	4520f06b03ae	a34e2c33	.config	console log	report			ci2-linux-4-14
2020/03/31 04:13	linux-4.14.y	01364dad1d45	c8d1cc20	.config	console log	report			ci2-linux-4-14
2020/02/29 13:30	linux-4.14.y	78d697fc93f9	c88c7b75	.config	console log	report			ci2-linux-4-14
2020/02/26 12:32	linux-4.14.y	98db2bf27b9e	4f588111	.config	console log	report			ci2-linux-4-14
2020/02/18 02:09	linux-4.14.y	98db2bf27b9e	1ce142dc	.config	console log	report			ci2-linux-4-14
2020/02/10 12:32	linux-4.14.y	e0f8b8a65a47	35f5e45e	.config	console log	report			ci2-linux-4-14
2020/01/27 06:35	linux-4.14.y	8bac50406cca	dd56146d	.config	console log	report			ci2-linux-4-14
2019/08/16 03:56	linux-4.14.y	3ffe1e79c174	faeffb00	.config	console log	report			ci2-linux-4-14
2019/08/06 02:37	linux-4.14.y	7d80e1218adf	6affd8e8	.config	console log	report			ci2-linux-4-14

Crashes (24):

Assets (help?)

2020/11/11 08:26

linux-4.14.y