[v5.15] BUG: sleeping function called from invalid context in kernfs_walk_and_get_ns
1 view
Skip to first unread message
syzbot
Mar 7, 2023, 1:28:40 PM3/7/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d9b4a0c83a2d Linux 5.15.98
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11c79fd2c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=b57cfa804330c3b7
dashboard link: https://syzkaller.appspot.com/bug?extid=c8cb8e66bbcb05dc09d6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8088989394e3/disk-d9b4a0c8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2651d6753959/vmlinux-d9b4a0c8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f3fa3f994f9a/Image-d9b4a0c8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c8cb8e...@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1479
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 16078, name: syz-executor.0
1 lock held by syz-executor.0/16078:
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
irq event stamp: 108
hardirqs last enabled at (107): [<ffff800011a4e658>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (107): [<ffff800011a4e658>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (108): [<ffff800011a4e1bc>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline]
hardirqs last disabled at (108): [<ffff800011a4e1bc>] _raw_spin_lock_irq+0x38/0x13c kernel/locking/spinlock.c:170
softirqs last enabled at (88): [<ffff80000fd59810>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (88): [<ffff80000fd59810>] release_sock+0x1e4/0x270 net/core/sock.c:3233
softirqs last disabled at (86): [<ffff80000fd59668>] spin_lock_bh include/linux/spinlock.h:368 [inline]
softirqs last disabled at (86): [<ffff80000fd59668>] release_sock+0x3c/0x270 net/core/sock.c:3220
Preemption disabled at:
[<ffff8000084533f4>] spin_lock_irq include/linux/spinlock.h:388 [inline]
[<ffff8000084533f4>] cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
CPU: 0 PID: 16078 Comm: syz-executor.0 Not tainted 5.15.98-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
___might_sleep+0x370/0x4cc kernel/sched/core.c:9622
__might_sleep+0x98/0xf0 kernel/sched/core.c:9576
down_read+0x30/0x11c kernel/locking/rwsem.c:1479
kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
kernfs_walk_and_get include/linux/kernfs.h:559 [inline]
cgroup_get_from_path+0x64/0x2a4 kernel/cgroup/cgroup.c:6605
cgroup_mt_check_v1+0x18c/0x278 net/netfilter/xt_cgroup.c:56
xt_check_match+0x338/0x914 net/netfilter/x_tables.c:523
check_match net/ipv6/netfilter/ip6_tables.c:490 [inline]
find_check_match net/ipv6/netfilter/ip6_tables.c:507 [inline]
find_check_entry net/ipv6/netfilter/ip6_tables.c:558 [inline]
translate_table+0x10cc/0x1ac8 net/ipv6/netfilter/ip6_tables.c:735
do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]
do_ip6t_set_ctl+0x9c4/0x2fd4 net/ipv6/netfilter/ip6_tables.c:1639
nf_setsockopt+0x270/0x290 net/netfilter/nf_sockopt.c:101
ipv6_setsockopt+0x1ef8/0x3dec net/ipv6/ipv6_sockglue.c:1015
udpv6_setsockopt+0xa8/0xc0 net/ipv6/udp.c:1651
sock_common_setsockopt+0xb0/0xcc net/core/sock.c:3400
__sys_setsockopt+0x3a8/0x6b4 net/socket.c:2179
__do_sys_setsockopt net/socket.c:2190 [inline]
__se_sys_setsockopt net/socket.c:2187 [inline]
__arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2187
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
=============================
[ BUG: Invalid wait context ]
5.15.98-syzkaller #0 Tainted: G W
-----------------------------
syz-executor.0/16078 is trying to lock:
ffff800014c27e90 (kernfs_rwsem){++++}-{3:3}, at: kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
other info that might help us debug this:
context-{4:4}
1 lock held by syz-executor.0/16078:
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
stack backtrace:
CPU: 0 PID: 16078 Comm: syz-executor.0 Tainted: G W 5.15.98-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
print_lock_invalid_wait_context kernel/locking/lockdep.c:4663 [inline]
check_wait_context kernel/locking/lockdep.c:4724 [inline]
__lock_acquire+0x1af4/0x7620 kernel/locking/lockdep.c:4961
lock_acquire+0x2b8/0x894 kernel/locking/lockdep.c:5622
down_read+0xbc/0x11c kernel/locking/rwsem.c:1480
kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
kernfs_walk_and_get include/linux/kernfs.h:559 [inline]
cgroup_get_from_path+0x64/0x2a4 kernel/cgroup/cgroup.c:6605
cgroup_mt_check_v1+0x18c/0x278 net/netfilter/xt_cgroup.c:56
xt_check_match+0x338/0x914 net/netfilter/x_tables.c:523
check_match net/ipv6/netfilter/ip6_tables.c:490 [inline]
find_check_match net/ipv6/netfilter/ip6_tables.c:507 [inline]
find_check_entry net/ipv6/netfilter/ip6_tables.c:558 [inline]
translate_table+0x10cc/0x1ac8 net/ipv6/netfilter/ip6_tables.c:735
do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]
do_ip6t_set_ctl+0x9c4/0x2fd4 net/ipv6/netfilter/ip6_tables.c:1639
nf_setsockopt+0x270/0x290 net/netfilter/nf_sockopt.c:101
ipv6_setsockopt+0x1ef8/0x3dec net/ipv6/ipv6_sockglue.c:1015
udpv6_setsockopt+0xa8/0xc0 net/ipv6/udp.c:1651
sock_common_setsockopt+0xb0/0xcc net/core/sock.c:3400
__sys_setsockopt+0x3a8/0x6b4 net/socket.c:2179
__do_sys_setsockopt net/socket.c:2190 [inline]
__se_sys_setsockopt net/socket.c:2187 [inline]
__arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2187
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
%w
='
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: d9b4a0c83a2d Linux 5.15.98
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11c79fd2c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=b57cfa804330c3b7
dashboard link: https://syzkaller.appspot.com/bug?extid=c8cb8e66bbcb05dc09d6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8088989394e3/disk-d9b4a0c8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2651d6753959/vmlinux-d9b4a0c8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f3fa3f994f9a/Image-d9b4a0c8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c8cb8e...@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1479
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 16078, name: syz-executor.0
1 lock held by syz-executor.0/16078:
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
irq event stamp: 108
hardirqs last enabled at (107): [<ffff800011a4e658>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
hardirqs last enabled at (107): [<ffff800011a4e658>] _raw_spin_unlock_irqrestore+0xac/0x158 kernel/locking/spinlock.c:194
hardirqs last disabled at (108): [<ffff800011a4e1bc>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline]
hardirqs last disabled at (108): [<ffff800011a4e1bc>] _raw_spin_lock_irq+0x38/0x13c kernel/locking/spinlock.c:170
softirqs last enabled at (88): [<ffff80000fd59810>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (88): [<ffff80000fd59810>] release_sock+0x1e4/0x270 net/core/sock.c:3233
softirqs last disabled at (86): [<ffff80000fd59668>] spin_lock_bh include/linux/spinlock.h:368 [inline]
softirqs last disabled at (86): [<ffff80000fd59668>] release_sock+0x3c/0x270 net/core/sock.c:3220
Preemption disabled at:
[<ffff8000084533f4>] spin_lock_irq include/linux/spinlock.h:388 [inline]
[<ffff8000084533f4>] cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
CPU: 0 PID: 16078 Comm: syz-executor.0 Not tainted 5.15.98-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
___might_sleep+0x370/0x4cc kernel/sched/core.c:9622
__might_sleep+0x98/0xf0 kernel/sched/core.c:9576
down_read+0x30/0x11c kernel/locking/rwsem.c:1479
kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
kernfs_walk_and_get include/linux/kernfs.h:559 [inline]
cgroup_get_from_path+0x64/0x2a4 kernel/cgroup/cgroup.c:6605
cgroup_mt_check_v1+0x18c/0x278 net/netfilter/xt_cgroup.c:56
xt_check_match+0x338/0x914 net/netfilter/x_tables.c:523
check_match net/ipv6/netfilter/ip6_tables.c:490 [inline]
find_check_match net/ipv6/netfilter/ip6_tables.c:507 [inline]
find_check_entry net/ipv6/netfilter/ip6_tables.c:558 [inline]
translate_table+0x10cc/0x1ac8 net/ipv6/netfilter/ip6_tables.c:735
do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]
do_ip6t_set_ctl+0x9c4/0x2fd4 net/ipv6/netfilter/ip6_tables.c:1639
nf_setsockopt+0x270/0x290 net/netfilter/nf_sockopt.c:101
ipv6_setsockopt+0x1ef8/0x3dec net/ipv6/ipv6_sockglue.c:1015
udpv6_setsockopt+0xa8/0xc0 net/ipv6/udp.c:1651
sock_common_setsockopt+0xb0/0xcc net/core/sock.c:3400
__sys_setsockopt+0x3a8/0x6b4 net/socket.c:2179
__do_sys_setsockopt net/socket.c:2190 [inline]
__se_sys_setsockopt net/socket.c:2187 [inline]
__arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2187
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
=============================
[ BUG: Invalid wait context ]
5.15.98-syzkaller #0 Tainted: G W
-----------------------------
syz-executor.0/16078 is trying to lock:
ffff800014c27e90 (kernfs_rwsem){++++}-{3:3}, at: kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
other info that might help us debug this:
context-{4:4}
1 lock held by syz-executor.0/16078:
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
stack backtrace:
CPU: 0 PID: 16078 Comm: syz-executor.0 Tainted: G W 5.15.98-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
print_lock_invalid_wait_context kernel/locking/lockdep.c:4663 [inline]
check_wait_context kernel/locking/lockdep.c:4724 [inline]
__lock_acquire+0x1af4/0x7620 kernel/locking/lockdep.c:4961
lock_acquire+0x2b8/0x894 kernel/locking/lockdep.c:5622
down_read+0xbc/0x11c kernel/locking/rwsem.c:1480
kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
kernfs_walk_and_get include/linux/kernfs.h:559 [inline]
cgroup_get_from_path+0x64/0x2a4 kernel/cgroup/cgroup.c:6605
cgroup_mt_check_v1+0x18c/0x278 net/netfilter/xt_cgroup.c:56
xt_check_match+0x338/0x914 net/netfilter/x_tables.c:523
check_match net/ipv6/netfilter/ip6_tables.c:490 [inline]
find_check_match net/ipv6/netfilter/ip6_tables.c:507 [inline]
find_check_entry net/ipv6/netfilter/ip6_tables.c:558 [inline]
translate_table+0x10cc/0x1ac8 net/ipv6/netfilter/ip6_tables.c:735
do_replace net/ipv6/netfilter/ip6_tables.c:1153 [inline]
do_ip6t_set_ctl+0x9c4/0x2fd4 net/ipv6/netfilter/ip6_tables.c:1639
nf_setsockopt+0x270/0x290 net/netfilter/nf_sockopt.c:101
ipv6_setsockopt+0x1ef8/0x3dec net/ipv6/ipv6_sockglue.c:1015
udpv6_setsockopt+0xa8/0xc0 net/ipv6/udp.c:1651
sock_common_setsockopt+0xb0/0xcc net/core/sock.c:3400
__sys_setsockopt+0x3a8/0x6b4 net/socket.c:2179
__do_sys_setsockopt net/socket.c:2190 [inline]
__se_sys_setsockopt net/socket.c:2187 [inline]
__arm64_sys_setsockopt+0xb8/0xd4 net/socket.c:2187
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 <unknown>:584
ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
%w
='
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 7, 2023, 6:04:50 PM3/7/23
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: d9b4a0c83a2d Linux 5.15.98
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=10f6c19cc80000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c13bbcc80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8088989394e3/disk-d9b4a0c8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2651d6753959/vmlinux-d9b4a0c8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f3fa3f994f9a/Image-d9b4a0c8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c8cb8e...@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1479
in_atomic(): 1, irqs_disabled(): 128, non_block: 0, pid: 4066, name: syz-executor141
1 lock held by syz-executor141/4066:
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
irq event stamp: 13490
hardirqs last enabled at (13489): [<ffff80000826bcc8>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1337 [inline]
hardirqs last enabled at (13489): [<ffff80000826bcc8>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4777
hardirqs last disabled at (13490): [<ffff800011a4e1bc>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline]
hardirqs last disabled at (13490): [<ffff800011a4e1bc>] _raw_spin_lock_irq+0x38/0x13c kernel/locking/spinlock.c:170
softirqs last enabled at (13472): [<ffff80000fd59810>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (13472): [<ffff80000fd59810>] release_sock+0x1e4/0x270 net/core/sock.c:3233
softirqs last disabled at (13470): [<ffff80000fd59668>] spin_lock_bh include/linux/spinlock.h:368 [inline]
softirqs last disabled at (13470): [<ffff80000fd59668>] release_sock+0x3c/0x270 net/core/sock.c:3220
syz-executor141/4066 is trying to lock:
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
stack backtrace:
CPU: 1 PID: 4066 Comm: syz-executor141 Tainted: G W 5.15.98-syzkaller #0
HEAD commit: d9b4a0c83a2d Linux 5.15.98
git tree: linux-5.15.y
kernel config: https://syzkaller.appspot.com/x/.config?x=b57cfa804330c3b7
dashboard link: https://syzkaller.appspot.com/bug?extid=c8cb8e66bbcb05dc09d6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14e236f4c80000
dashboard link: https://syzkaller.appspot.com/bug?extid=c8cb8e66bbcb05dc09d6
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12c13bbcc80000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/8088989394e3/disk-d9b4a0c8.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2651d6753959/vmlinux-d9b4a0c8.xz
kernel image: https://storage.googleapis.com/syzbot-assets/f3fa3f994f9a/Image-d9b4a0c8.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c8cb8e...@syzkaller.appspotmail.com
BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1479
1 lock held by syz-executor141/4066:
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
irq event stamp: 13490
hardirqs last enabled at (13489): [<ffff80000826bcc8>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1337 [inline]
hardirqs last enabled at (13489): [<ffff80000826bcc8>] finish_lock_switch+0xbc/0x1e8 kernel/sched/core.c:4777
hardirqs last disabled at (13490): [<ffff800011a4e1bc>] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline]
hardirqs last disabled at (13490): [<ffff800011a4e1bc>] _raw_spin_lock_irq+0x38/0x13c kernel/locking/spinlock.c:170
softirqs last enabled at (13472): [<ffff80000fd59810>] spin_unlock_bh include/linux/spinlock.h:408 [inline]
softirqs last enabled at (13472): [<ffff80000fd59810>] release_sock+0x1e4/0x270 net/core/sock.c:3233
softirqs last disabled at (13470): [<ffff80000fd59668>] spin_lock_bh include/linux/spinlock.h:368 [inline]
softirqs last disabled at (13470): [<ffff80000fd59668>] release_sock+0x3c/0x270 net/core/sock.c:3220
Preemption disabled at:
[<ffff8000084533f4>] spin_lock_irq include/linux/spinlock.h:388 [inline]
[<ffff8000084533f4>] cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
CPU: 1 PID: 4066 Comm: syz-executor141 Not tainted 5.15.98-syzkaller #0
[<ffff8000084533f4>] spin_lock_irq include/linux/spinlock.h:388 [inline]
[<ffff8000084533f4>] cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
ffff800014c27e90 (kernfs_rwsem){++++}-{3:3}, at: kernfs_walk_and_get_ns+0x8c/0x310 fs/kernfs/dir.c:894
other info that might help us debug this:
context-{4:4}
1 lock held by syz-executor141/4066:
other info that might help us debug this:
context-{4:4}
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: spin_lock_irq include/linux/spinlock.h:388 [inline]
#0: ffff800014b27c98 (css_set_lock){....}-{2:2}, at: cgroup_get_from_path+0x30/0x2a4 kernel/cgroup/cgroup.c:6603
stack backtrace:
CPU: 1 PID: 4066 Comm: syz-executor141 Tainted: G W 5.15.98-syzkaller #0
Reply all
Reply to author
Forward
0 new messages