From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=JbZq=OK=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.7 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS
	autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 50E08C433EF
	for <linux-mm@archiver.kernel.org>; Mon, 20 Sep 2021 12:51:39 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 05F0F60F58
	for <linux-mm@archiver.kernel.org>; Mon, 20 Sep 2021 12:51:38 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.4.1 mail.kernel.org 05F0F60F58
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=kvack.org
Received: by kanga.kvack.org (Postfix)
	id 9222D6B0071; Mon, 20 Sep 2021 08:51:38 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 8D2936B0072; Mon, 20 Sep 2021 08:51:38 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 79AB96B0073; Mon, 20 Sep 2021 08:51:38 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0124.hostedemail.com [216.40.44.124])
	by kanga.kvack.org (Postfix) with ESMTP id 6B3876B0071
	for <linux-mm@kvack.org>; Mon, 20 Sep 2021 08:51:38 -0400 (EDT)
Received: from smtpin09.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay05.hostedemail.com (Postfix) with ESMTP id 2CDBC181AEF3E
	for <linux-mm@kvack.org>; Mon, 20 Sep 2021 12:51:38 +0000 (UTC)
X-FDA: 78607938276.09.E9BE6EE
Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175])
	by imf08.hostedemail.com (Postfix) with ESMTP id D785630000B5
	for <linux-mm@kvack.org>; Mon, 20 Sep 2021 12:51:37 +0000 (UTC)
Received: by mail-pl1-f175.google.com with SMTP id t11so455836plq.11
        for <linux-mm@kvack.org>; Mon, 20 Sep 2021 05:51:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=mime-version:from:date:message-id:subject:to:cc;
        bh=ExRmR708x/gyL/JtajS5zbwIskm76NdRx84z5ASeZDk=;
        b=QCOrlTCN3Ql3iFrKeHtmbKFIDp3wKRBAHxoIJyRqVnat2HF8Z3kdXV02i6J/isNhby
         eYjjIqiMGci7D3iTKvfIzqmdvIHPm6dast0/xMRaIR0Veg6DnjyFozlzxWHBFsf9gaoz
         KQI7kdvUiI/o9c3z9ozJzsNpCvDWdp7cztBQobAuA5CBkMRUGe33qkg6xJ5NRyS3lqYD
         R1kxqQ8701g/Rr6+5o2FSqDVssdlfAv4lNuA43T56MpY1DJfZLcppcpGPIqwYVJ7ZNDC
         aqkTbG1iiE5trsBH5oEsFeLzsQFC6Ihr8axVKtkjvQlJUxdqBdpT6zT6pR90LAW6jgqH
         1/tA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc;
        bh=ExRmR708x/gyL/JtajS5zbwIskm76NdRx84z5ASeZDk=;
        b=Y8+c0ERgGaWbnl+bhruOlAW5P1cs/FCu7Y76b99ghGxkbenRp7DskW0/kQaiaEpphc
         Xzd2+owfGucnrFHf7pBT5dFR0ZhbBV6r+496zVFMEBg7j19BQ1B/6CQ1s7bNnBQNhMzI
         YNOgi3R7TwPQ+IUEoieZXgGnDZ/TRU6Lof1Zl7Np+7ir7YKOgf5aRRdab+ehZUnfPsQS
         tdY4Y6TX1axCMerq1PHtSxPQdfDOxcGOYAcEglyetsCcZ79WN9O72HnaVaYGMqmVpa/x
         hjDEnxH6a19BruEdp1hDieAULKBOah+qWvLUDqWv4gQ8St91CKiQmgWdzPO9RPvGF2vD
         bsPQ==
X-Gm-Message-State: AOAM531sKX5xUdQOBUkzM58o6JqLwdsFkWlzmH1WXsSvGvUE4iKjbG6U
	KQyhuYOpCsxll562vK+LmnGAVC97IirA3zo7Vg==
X-Google-Smtp-Source: ABdhPJwgeQXle3QRlvsF8hBSgh6CJnfObZgkS9kVptmVyXFiJCTE3qW2mRqmmL6B3xIEaQsegZm8Nm8XY3EGgPtZSwo=
X-Received: by 2002:a17:902:d892:b0:138:abfd:ec7d with SMTP id
 b18-20020a170902d89200b00138abfdec7dmr22644691plz.15.1632142296178; Mon, 20
 Sep 2021 05:51:36 -0700 (PDT)
MIME-Version: 1.0
From: Hao Sun <sunhao.th@gmail.com>
Date: Mon, 20 Sep 2021 20:51:43 +0800
Message-ID: <CACkBjsY3bxfFWPvijNY7RX=GfXuT5C2av0C_mX1Sxj-+vvv0bA@mail.gmail.com>
Subject: BUG: sleeping function called from invalid context in synchronize_rcu_expedited
To: akpm@linux-foundation.org, Linux MM <linux-mm@kvack.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Authentication-Results: imf08.hostedemail.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=QCOrlTCN;
	spf=pass (imf08.hostedemail.com: domain of sunhao.th@gmail.com designates 209.85.214.175 as permitted sender) smtp.mailfrom=sunhao.th@gmail.com;
	dmarc=pass (policy=none) header.from=gmail.com
X-Stat-Signature: rnfwrdic684pp8pfz5xwz93hfw487fzr
X-Rspamd-Server: rspam02
X-Rspamd-Queue-Id: D785630000B5
X-HE-Tag: 1632142297-453789
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Hello,

When using Healer to fuzz the latest Linux kernel, the following crash
was triggered.

HEAD commit: 4357f03d6611 Merge tag 'pm-5.15-rc2
git tree: upstream
console output:
https://drive.google.com/file/d/1AJpdt-ENezAYZ0xo3787EvsK09-Vz404/view?usp=sharing
kernel config: https://drive.google.com/file/d/1HKZtF_s3l6PL3OoQbNq_ei9CdBus-Tz0/view?usp=sharing

If you fix this issue, please add the following tag to the commit:
Reported-by: Hao Sun <sunhao.th@gmail.com>

BUG: sleeping function called from invalid context at kernel/rcu/tree_exp.h:854
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 21, name: ksoftirqd/1
2 locks held by ksoftirqd/1/21:
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at: rcu_do_batch
kernel/rcu/tree.c:2500 [inline]
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at:
rcu_core+0x283/0x9f0 kernel/rcu/tree.c:2743
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline]
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
synchronize_rcu_expedited+0x32d/0x460 kernel/rcu/tree_exp.h:837
Preemption disabled at:
[<ffffffff8460005c>] softirq_handle_begin kernel/softirq.c:396 [inline]
[<ffffffff8460005c>] __do_softirq+0x5c/0x561 kernel/softirq.c:534
CPU: 1 PID: 21 Comm: ksoftirqd/1 Not tainted 5.15.0-rc1+ #19
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106
 ___might_sleep+0x1f0/0x250 kernel/sched/core.c:9538
 synchronize_rcu_expedited+0x2db/0x460 kernel/rcu/tree_exp.h:853
 bdi_remove_from_list mm/backing-dev.c:938 [inline]
 bdi_unregister+0x97/0x270 mm/backing-dev.c:946
 release_bdi+0x4a/0x70 mm/backing-dev.c:968
 kref_put include/linux/kref.h:65 [inline]
 bdi_put+0x47/0x70 mm/backing-dev.c:976
 bdev_free_inode+0x59/0xc0 block/bdev.c:408
 i_callback+0x24/0x50 fs/inode.c:224
 rcu_do_batch kernel/rcu/tree.c:2508 [inline]
 rcu_core+0x2d6/0x9f0 kernel/rcu/tree.c:2743
 __do_softirq+0xe9/0x561 kernel/softirq.c:558
 run_ksoftirqd+0x2d/0x60 kernel/softirq.c:920
 smpboot_thread_fn+0x225/0x320 kernel/smpboot.c:164
 kthread+0x178/0x1b0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
BUG: scheduling while atomic: ksoftirqd/1/21/0x00000101
2 locks held by ksoftirqd/1/21:
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at: rcu_do_batch
kernel/rcu/tree.c:2500 [inline]
 #0: ffffffff85a1d4a0 (rcu_callback){....}-{0:0}, at:
rcu_core+0x283/0x9f0 kernel/rcu/tree.c:2743
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
exp_funnel_lock kernel/rcu/tree_exp.h:290 [inline]
 #1: ffffffff85a1fd28 (rcu_state.exp_mutex){+.+.}-{3:3}, at:
synchronize_rcu_expedited+0x32d/0x460 kernel/rcu/tree_exp.h:837
Modules linked in:
Preemption disabled at:
[<ffffffff8460005c>] softirq_handle_begin kernel/softirq.c:396 [inline]
[<ffffffff8460005c>] __do_softirq+0x5c/0x561 kernel/softirq.c:534