syzbot

 sign-in | mailing list | source | docs
🐞 Open [839]
🐞 Fixed [137]
🐞 Invalid [955]
Missing Backports [75]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: sleeping function called from invalid context in vhost_get_avail_idx

Status: upstream: reported C repro on 2025/10/16 01:54
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+cd4342eb795aa5f4a0e4@syzkaller.appspotmail.com
First crash: 57d, last: 57d
Fix bisection: failed (error log)
  
Bug presence (1)
Date Name Commit Repro Result
2025/10/18 upstream (ToT) f406055cb18c C [report] BUG: sleeping function called from invalid context in vhost_get_avail_idx

Sample crash report:
BUG: sleeping function called from invalid context at drivers/vhost/vhost.c:1014
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 4480, name: vhost-4479
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
2 locks held by vhost-4479/4480:
 #0: ffff0000f3144c70 (&vq->mutex/1){+.+.}-{3:3}, at: handle_tx+0xc4/0x2464 drivers/vhost/net.c:978
 #1: ffff0000f3140218 (&vq->mutex){+.+.}-{3:3}, at: vhost_net_busy_poll+0x4c/0x49c drivers/vhost/net.c:540
Preemption disabled at:
[<ffff80000f3a0814>] vhost_net_busy_poll+0xc8/0x49c drivers/vhost/net.c:549
CPU: 0 PID: 4480 Comm: vhost-4479 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/30/2025
Call trace:
 dump_backtrace+0x1c8/0x1f4 arch/arm64/kernel/stacktrace.c:158
 show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:165
 __dump_stack+0x30/0x40 lib/dump_stack.c:88
 dump_stack_lvl+0xf8/0x160 lib/dump_stack.c:106
 dump_stack+0x1c/0x5c lib/dump_stack.c:113
 __might_resched+0x350/0x4cc kernel/sched/core.c:9966
 __might_sleep+0x94/0x110 kernel/sched/core.c:9895
 __might_fault+0x7c/0x124 mm/memory.c:5850
 vhost_get_avail_idx+0x100/0x278 drivers/vhost/vhost.c:1014
 vhost_vq_avail_empty+0x98/0x1d8 drivers/vhost/vhost.c:2526
 vhost_net_busy_poll+0x254/0x49c drivers/vhost/net.c:560
 vhost_net_tx_get_vq_desc drivers/vhost/net.c:595 [inline]
 get_tx_bufs+0x120/0x5fc drivers/vhost/net.c:634
 handle_tx_copy drivers/vhost/net.c:797 [inline]
 handle_tx+0x2ec/0x2464 drivers/vhost/net.c:992
 handle_tx_net+0x24/0x34 drivers/vhost/net.c:1287
 vhost_worker+0x1f4/0x35c drivers/vhost/vhost.c:364
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/10/16 06:51 linux-6.1.y c2fda4b3f577 19568248 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: sleeping function called from invalid context in vhost_get_avail_idx
2025/10/16 06:17 linux-6.1.y c2fda4b3f577 19568248 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: sleeping function called from invalid context in vhost_get_avail_idx
2025/10/16 01:54 linux-6.1.y c2fda4b3f577 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 BUG: sleeping function called from invalid context in vhost_get_avail_idx
* Struck through repros no longer work on HEAD.