BUG: sleeping function called from invalid context at mm/slab.h:LINE

BUG: sleeping function called from invalid context at mm/slab.h:LINE
Status: fixed on 2017/10/23 20:15
Reported-by: syzbot+@syzkaller.appspotmail.com
Fix commit: 0f94b36d af_key: Add lock to key dump
First crash: 785d, last: 772d

similar bugs (4):
Kernel	Title	Repro	Count	Last	Reported	Patched	Status
upstream	BUG: sleeping function called from invalid context at mm/slab.h:LINE (2)		2	603d	603d	4/13	fixed on 2018/02/01 04:00
upstream	BUG: sleeping function called from invalid context at mm/slab.h:LINE (4)	C	36	275d	436d	12/13	fixed on 2019/01/11 01:22
upstream	BUG: sleeping function called from invalid context at mm/slab.h:LINE (3)		339	498d	583d	0/13	closed as dup on 2018/02/12 16:15
upstream	BUG: sleeping function called from invalid context at mm/slab.h:LINE	C	8	765d	768d	2/13	fixed on 2017/09/06 01:15

Sample crash report:

in_atomic(): 1, irqs_disabled(): 0, pid: 3306, name: syzkaller824432
INFO: lockdep is turned off.
Preemption disabled at:[   34.739024] [<ffffffff833a4910>] spin_lock_bh include/linux/spinlock.h:307 [inline]
Preemption disabled at:[   34.739024] [<ffffffff833a4910>] xfrm_policy_walk+0xb0/0x4d0 net/xfrm/xfrm_policy.c:1033
CPU: 1 PID: 3306 Comm: syzkaller824432 Not tainted 4.9.40-g7b2727c #16
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801c9f0f650 ffffffff81d8f109 ffffffff833a4910 0000000000000000
 0000000000000201 ffff8801c9803000 ffff8801c9803000 ffff8801c9f0f688
 ffffffff811ba4f4 ffff8801c9803000 ffffffff8418f96c 0000000000000189
Call Trace:
 [<ffffffff81d8f109>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81d8f109>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff811ba4f4>] ___might_sleep+0x2f4/0x470 kernel/sched/core.c:8037
 [<ffffffff811ba705>] __might_sleep+0x95/0x1a0 kernel/sched/core.c:7994
 [<ffffffff815346f0>] slab_pre_alloc_hook mm/slab.h:393 [inline]
 [<ffffffff815346f0>] slab_alloc_node mm/slub.c:2641 [inline]
 [<ffffffff815346f0>] slab_alloc mm/slub.c:2723 [inline]
 [<ffffffff815346f0>] kmem_cache_alloc+0x140/0x290 mm/slub.c:2728
 [<ffffffff82ee9ce2>] skb_clone+0x142/0x2c0 net/core/skbuff.c:1032
 [<ffffffff83552497>] pfkey_broadcast_one+0x367/0x480 net/key/af_key.c:202
 [<ffffffff83559b32>] pfkey_broadcast+0x3c2/0x610 net/key/af_key.c:276
 [<ffffffff8355da34>] dump_sp+0x354/0x450 net/key/af_key.c:2672
 [<ffffffff833a4a11>] xfrm_policy_walk+0x1b1/0x4d0 net/xfrm/xfrm_policy.c:1047
 [<ffffffff835525f2>] pfkey_dump_sp+0x42/0x50 net/key/af_key.c:2682
 [<ffffffff8355b880>] pfkey_do_dump+0x40/0x2b0 net/key/af_key.c:288
 [<ffffffff8355bc77>] pfkey_spddump+0x187/0x1e0 net/key/af_key.c:2705
 [<ffffffff8355ce59>] pfkey_process+0x619/0x730 net/key/af_key.c:2795
 [<ffffffff8355e6ef>] pfkey_sendmsg+0x3af/0x750 net/key/af_key.c:3636
 [<ffffffff82ec7b9a>] sock_sendmsg_nosec net/socket.c:635 [inline]
 [<ffffffff82ec7b9a>] sock_sendmsg+0xca/0x110 net/socket.c:645
 [<ffffffff82ec9751>] ___sys_sendmsg+0x6d1/0x7e0 net/socket.c:1968
 [<ffffffff82ecb786>] __sys_sendmsg+0xd6/0x190 net/socket.c:2002
 [<ffffffff82ecb86d>] SYSC_sendmsg net/socket.c:2013 [inline]
 [<ffffffff82ecb86d>] SyS_sendmsg+0x2d/0x50 net/socket.c:2009
 [<ffffffff838a26c5>] entry_SYSCALL_64_fastpath+0x23/0xc6

All crashes (3):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Maintainers
ci-android-49-kasan-gce	2017/08/07 17:44	android-4.9	7b2727c6	77a9ec9b	.config	log	report	syz	C	steffen.klassert@secunet.com, herbert@gondor.apana.org.au, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org
ci-android-49-kasan-gce	2017/07/25 01:57	android-4.9	72a0c9f5	b0d23a5c	.config	log	report	syz	C	steffen.klassert@secunet.com, herbert@gondor.apana.org.au, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org
ci-android-49-kasan-gce	2017/08/07 19:00	android-4.9	7b2727c6	77a9ec9b	.config	log	report	syz		steffen.klassert@secunet.com, herbert@gondor.apana.org.au, davem@davemloft.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org