f39300149ccc starts bisection 2025-02-09 14:05:50.206563673 +0800 CST m=+23.665611864 bisecting cause commit starting from bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b building syzkaller on HEAD ensuring issue is reproducible on original commit bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b testing commit bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 4976020aeaafc6c1ef8703a5c0921386e87cf3322f0cff5a49c66d795e41e8ab all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] check whether we can drop unnecessary instrumentation disabling configs for [KASAN ATOMIC_SLEEP HANG LEAK UBSAN BUG], they are not needed testing commit bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 1f8d38f9467c47b325a34ee84eabc1bb44d04eb7906cb45edb22a6fcc0955baf all runs: OK false negative chance: 0.000 kconfig minimization: base=4514 full=4514 leaves diff=2 split chunks (needed=false): <2> split chunk #0 of len 2 into 3 parts testing without sub-chunk 1/2 testing commit bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 4976020aeaafc6c1ef8703a5c0921386e87cf3322f0cff5a49c66d795e41e8ab all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] the chunk can be dropped testing without sub-chunk 2/2 testing commit bb066fe812d6fb3a9d01c073d9f1e2fd5a63403b gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 4976020aeaafc6c1ef8703a5c0921386e87cf3322f0cff5a49c66d795e41e8ab all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] the chunk can be dropped picked [v6.13 v6.12 v6.11 v6.9 v6.7 v6.5 v6.3 v6.1 v5.18 v5.15 v5.12 v5.9 v5.6 v5.3 v5.0 v4.19] out of 36 release tags testing release v6.13 testing commit ffd294d346d185b70e28b1a28abe367bbfe53c04 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 1f64248283653cfcae47fbf143391b45dc95c5c372dabe4cc22a187a12928418 all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.12 testing commit adc218676eef25575469234709c2d87185ca223a gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: df9134ded3df55bfb315fd07e512f161f126bf4190062364dae46274b9b56393 all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.11 testing commit 98f7e32f20d28ec452afb208f9cffc08448a2652 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 911c6a0311fc67b24f61d8f1d12f2b9e582511765cef6cefe96acf91fa647b6d all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.9 testing commit a38297e3fb012ddfa7ce0321a7e5a8daeb1872b6 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 3b45e492995c0b719078954f2a2cab7d7817be37fefd638ab90125a184c32e7b run #0: basic kernel testing failed: WARNING: locking bug in serial8250_console_write run #1: crashed: possible deadlock in ocfs2_page_mkwrite run #2: crashed: possible deadlock in ocfs2_page_mkwrite run #3: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.7 testing commit 0dd3ee31125508cd67f7e7172247f05b7fd1753a gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 9f5824a21c08df27ef3a629d72566bb82f2c2bed89dbaf27f8485ba7c8bd5ae7 all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.5 testing commit 2dde18cd1d8fac735875f2e4987f11817cc0bc2c gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 3a072a83db3a81acb84e7313d90988b55ff0bb8a89b1b3942fb3ee0debc7063d all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] testing release v6.3 testing commit 457391b0380335d5e9a5babdec90ac53928b23b4 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 03e1ea859384de452900471ac13cb0da2a785767c1547adb37aba44b19fe3660 all runs: OK false negative chance: 0.000 # git bisect start 2dde18cd1d8fac735875f2e4987f11817cc0bc2c 457391b0380335d5e9a5babdec90ac53928b23b4 Bisecting: 15342 revisions left to test after this (roughly 14 steps) [14df9526046d2a6d2b3e002e952714ce04fc9bd7] Merge branch 'octeontx2-af-fixes' testing commit 14df9526046d2a6d2b3e002e952714ce04fc9bd7 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: eb979ab4a76770a4d973686e2b8d84bb73db76393d7912d0b4402c3c67804eed all runs: OK false negative chance: 0.000 # git bisect good 14df9526046d2a6d2b3e002e952714ce04fc9bd7 Bisecting: 7607 revisions left to test after this (roughly 13 steps) [1b722407a13b7f8658d2e26917791f32805980a2] Merge tag 'drm-next-2023-06-29' of git://anongit.freedesktop.org/drm/drm testing commit 1b722407a13b7f8658d2e26917791f32805980a2 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: c6abd38c12ed4ceb258fdf6e2f0fe82a2d7837caa1dd83ac829c316c5ce8f09b all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad 1b722407a13b7f8658d2e26917791f32805980a2 Bisecting: 4573 revisions left to test after this (roughly 12 steps) [6a8cbd9253abc1bd0df4d60c4c24fa555190376d] Merge tag 'v6.5-rc1-sysctl-next' of git://git.kernel.org/pub/scm/linux/kernel/git/mcgrof/linux testing commit 6a8cbd9253abc1bd0df4d60c4c24fa555190376d gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: e463a4418d7d9b0e98f93ca931feab9c96d041e0421942a9eef49b759d59e03b all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad 6a8cbd9253abc1bd0df4d60c4c24fa555190376d Bisecting: 1576 revisions left to test after this (roughly 11 steps) [36db314440502c1a3a283ba5a16cb5075c19f3d9] Merge tag 'x86_platform_for_6.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 36db314440502c1a3a283ba5a16cb5075c19f3d9 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 0e6d9b3e53b467b5b6aeb012c183cfb665c00f36a917aa55555c79ebd236ed97 all runs: OK false negative chance: 0.000 # git bisect good 36db314440502c1a3a283ba5a16cb5075c19f3d9 Bisecting: 791 revisions left to test after this (roughly 10 steps) [8ad78685ffa6e3836b5b32197bffb03ee3389bec] Merge tag 'pstore-v6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux testing commit 8ad78685ffa6e3836b5b32197bffb03ee3389bec gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 6e55d03370e2e9f958bd3faaa8583071b4ffbcd3e57a9987c418e76b2d3636db all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad 8ad78685ffa6e3836b5b32197bffb03ee3389bec Bisecting: 387 revisions left to test after this (roughly 9 steps) [b19edac5992da0188be98454ca592621d3d89844] Merge tag 'nolibc.2023.06.22a' of git://git.kernel.org/pub/scm/linux/kernel/git/paulmck/linux-rcu testing commit b19edac5992da0188be98454ca592621d3d89844 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 61d4bb25de45b5af3d3dca9a4c5ecb9a9bcb928400c059a91484108da5f00b6f all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad b19edac5992da0188be98454ca592621d3d89844 Bisecting: 182 revisions left to test after this (roughly 8 steps) [bb6950556d4b1dd1226c1f09e84b53cb37e5340f] Merge tag 'acpi-6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit bb6950556d4b1dd1226c1f09e84b53cb37e5340f gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 10cfcebf1ee4dee43c6476e7a64c2ab5d4c277a23ac904374adf8ca01469ffe4 all runs: OK false negative chance: 0.000 # git bisect good bb6950556d4b1dd1226c1f09e84b53cb37e5340f Bisecting: 93 revisions left to test after this (roughly 7 steps) [8d7868c41df58edabc4e408d119a1aef58a54d9d] Merge tag 'thermal-6.5-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rafael/linux-pm testing commit 8d7868c41df58edabc4e408d119a1aef58a54d9d gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: b100fd98a080432292fdd715708d494d155f97045dfdc262ec2f0f8011842db4 all runs: OK false negative chance: 0.000 # git bisect good 8d7868c41df58edabc4e408d119a1aef58a54d9d Bisecting: 46 revisions left to test after this (roughly 6 steps) [646ff7c7edaade6b1ea81fa2e132c52a346bba39] tools/nolibc: arm: add missing my_syscall6 testing commit 646ff7c7edaade6b1ea81fa2e132c52a346bba39 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 7bd7f33eaf062c34ffb6bdc402170580f6b5f7a4e1de404f79e1bc1f18b7e782 all runs: OK false negative chance: 0.000 # git bisect good 646ff7c7edaade6b1ea81fa2e132c52a346bba39 Bisecting: 13 revisions left to test after this (roughly 5 steps) [2e31da752c6d0e892f2a9232e18da816d04ee691] Merge branches 'doc.2023.05.10a', 'fixes.2023.05.11a', 'kvfree.2023.05.10a', 'nocb.2023.05.11a', 'rcu-tasks.2023.05.10a', 'torture.2023.05.15a' and 'rcu-urgent.2023.06.06a' into HEAD testing commit 2e31da752c6d0e892f2a9232e18da816d04ee691 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 5c6c282068207344035ed9c3f771fd0d3466e61939a059525a097a3e05e18c0d all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad 2e31da752c6d0e892f2a9232e18da816d04ee691 Bisecting: 24 revisions left to test after this (roughly 4 steps) [6b706e5603c44ff0b6f43c2e26e0d590e1d265f8] rcu/kvfree: Make drain_page_cache() take early return if cache is disabled testing commit 6b706e5603c44ff0b6f43c2e26e0d590e1d265f8 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: c52b681fd7340a6b2d1fd68e58ca7888d7f5ea842f08556478179b0e202809d9 all runs: OK false negative chance: 0.000 # git bisect good 6b706e5603c44ff0b6f43c2e26e0d590e1d265f8 Bisecting: 16 revisions left to test after this (roughly 4 steps) [401b0de3ae4fa49d1014c8941e26d9a25f37e7cf] rcu-tasks: Stop rcu_tasks_invoke_cbs() from using never-onlined CPUs testing commit 401b0de3ae4fa49d1014c8941e26d9a25f37e7cf gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 0d99fcf93558af4ad51cd9eb62fe3000cd85fec35803fe0c1fc3ed90c51de86a all runs: OK false negative chance: 0.000 # git bisect good 401b0de3ae4fa49d1014c8941e26d9a25f37e7cf Bisecting: 10 revisions left to test after this (roughly 3 steps) [ce2544b2d05ee84cb9be1e05bf3e1a98c72b15dc] torture: Remove duplicated argument -enable-kvm for ppc64 testing commit ce2544b2d05ee84cb9be1e05bf3e1a98c72b15dc gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 7bd7f33eaf062c34ffb6bdc402170580f6b5f7a4e1de404f79e1bc1f18b7e782 all runs: OK false negative chance: 0.000 # git bisect good ce2544b2d05ee84cb9be1e05bf3e1a98c72b15dc Bisecting: 6 revisions left to test after this (roughly 3 steps) [e1bd2334f165aa7bef7f9fa2b0bef97a85614963] rcu: Add more RCU files to kernel-api.rst testing commit e1bd2334f165aa7bef7f9fa2b0bef97a85614963 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 7bd7f33eaf062c34ffb6bdc402170580f6b5f7a4e1de404f79e1bc1f18b7e782 all runs: OK false negative chance: 0.000 # git bisect good e1bd2334f165aa7bef7f9fa2b0bef97a85614963 Bisecting: 3 revisions left to test after this (roughly 2 steps) [b96a8b0b5be40f9bc9e45819f14b32ea9cdce73f] rcu/nocb: Recheck lazy callbacks under the ->nocb_lock from shrinker testing commit b96a8b0b5be40f9bc9e45819f14b32ea9cdce73f gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 56cd1ea5435e0c5c0b84485c8b2359b8b960389a833c7e67a4a6b3f4e0b31f47 all runs: OK false negative chance: 0.000 # git bisect good b96a8b0b5be40f9bc9e45819f14b32ea9cdce73f Bisecting: 1 revision left to test after this (roughly 1 step) [edff5e9a99e0ed9463999455b2604c3154eb7ab3] rcu-tasks: Clarify the cblist_init_generic() function's pr_info() output testing commit edff5e9a99e0ed9463999455b2604c3154eb7ab3 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: e21bbda9df21edfb384287da23a548c545b1da4539e9a40dcaa0863e2d848d3c all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad edff5e9a99e0ed9463999455b2604c3154eb7ab3 Bisecting: 0 revisions left to test after this (roughly 0 steps) [5fc8cbe4cf0fd34ded8045c385790c3bf04f6785] rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() testing commit 5fc8cbe4cf0fd34ded8045c385790c3bf04f6785 gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: c834d2ef5c3a21b903970727d5e817291987e12425b543dba6c8c7bcaeb86194 all runs: crashed: possible deadlock in ocfs2_page_mkwrite representative crash: possible deadlock in ocfs2_page_mkwrite, types: [LOCKDEP] # git bisect bad 5fc8cbe4cf0fd34ded8045c385790c3bf04f6785 5fc8cbe4cf0fd34ded8045c385790c3bf04f6785 is the first bad commit commit 5fc8cbe4cf0fd34ded8045c385790c3bf04f6785 Author: Shigeru Yoshida Date: Wed Aug 3 01:22:05 2022 +0900 rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() pr_info() is called with rtp->cbs_gbl_lock spin lock locked. Because pr_info() calls printk() that might sleep, this will result in BUG like below: [ 0.206455] cblist_init_generic: Setting adjustable number of callback queues. [ 0.206463] [ 0.206464] ============================= [ 0.206464] [ BUG: Invalid wait context ] [ 0.206465] 5.19.0-00428-g9de1f9c8ca51 #5 Not tainted [ 0.206466] ----------------------------- [ 0.206466] swapper/0/1 is trying to lock: [ 0.206467] ffffffffa0167a58 (&port_lock_key){....}-{3:3}, at: serial8250_console_write+0x327/0x4a0 [ 0.206473] other info that might help us debug this: [ 0.206473] context-{5:5} [ 0.206474] 3 locks held by swapper/0/1: [ 0.206474] #0: ffffffff9eb597e0 (rcu_tasks.cbs_gbl_lock){....}-{2:2}, at: cblist_init_generic.constprop.0+0x14/0x1f0 [ 0.206478] #1: ffffffff9eb579c0 (console_lock){+.+.}-{0:0}, at: _printk+0x63/0x7e [ 0.206482] #2: ffffffff9ea77780 (console_owner){....}-{0:0}, at: console_emit_next_record.constprop.0+0x111/0x330 [ 0.206485] stack backtrace: [ 0.206486] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-00428-g9de1f9c8ca51 #5 [ 0.206488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014 [ 0.206489] Call Trace: [ 0.206490] [ 0.206491] dump_stack_lvl+0x6a/0x9f [ 0.206493] __lock_acquire.cold+0x2d7/0x2fe [ 0.206496] ? stack_trace_save+0x46/0x70 [ 0.206497] lock_acquire+0xd1/0x2f0 [ 0.206499] ? serial8250_console_write+0x327/0x4a0 [ 0.206500] ? __lock_acquire+0x5c7/0x2720 [ 0.206502] _raw_spin_lock_irqsave+0x3d/0x90 [ 0.206504] ? serial8250_console_write+0x327/0x4a0 [ 0.206506] serial8250_console_write+0x327/0x4a0 [ 0.206508] console_emit_next_record.constprop.0+0x180/0x330 [ 0.206511] console_unlock+0xf7/0x1f0 [ 0.206512] vprintk_emit+0xf7/0x330 [ 0.206514] _printk+0x63/0x7e [ 0.206516] cblist_init_generic.constprop.0.cold+0x24/0x32 [ 0.206518] rcu_init_tasks_generic+0x5/0xd9 [ 0.206522] kernel_init_freeable+0x15b/0x2a2 [ 0.206523] ? rest_init+0x160/0x160 [ 0.206526] kernel_init+0x11/0x120 [ 0.206527] ret_from_fork+0x1f/0x30 [ 0.206530] [ 0.207018] cblist_init_generic: Setting shift to 1 and lim to 1. This patch moves pr_info() so that it is called without rtp->cbs_gbl_lock locked. Signed-off-by: Shigeru Yoshida Tested-by: "Zhang, Qiang1" Signed-off-by: Paul E. McKenney kernel/rcu/tasks.h | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) accumulated error probability: 0.00 parent commit ac9a78681b921877518763ba0e89202254349d1b wasn't tested testing commit ac9a78681b921877518763ba0e89202254349d1b gcc compiler: gcc (Ubuntu 11.4.0-2ubuntu1~20.04) 11.4.0, GNU ld (GNU Binutils for Ubuntu) 2.34 kernel signature: 7bd7f33eaf062c34ffb6bdc402170580f6b5f7a4e1de404f79e1bc1f18b7e782 culprit signature: c834d2ef5c3a21b903970727d5e817291987e12425b543dba6c8c7bcaeb86194 parent signature: 7bd7f33eaf062c34ffb6bdc402170580f6b5f7a4e1de404f79e1bc1f18b7e782 revisions tested: 28, total time: 3h30m53.46166644s (build: 2h13m18.077891426s, test: 50m55.165173175s) first bad commit: 5fc8cbe4cf0fd34ded8045c385790c3bf04f6785 rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() recipients (to): ["paulmck@kernel.org" "qiang1.zhang@intel.com" "syoshida@redhat.com"] recipients (cc): [] crash: possible deadlock in ocfs2_page_mkwrite audit: type=1400 audit(1739093525.602:12): avc: denied { associate } for pid=1344 comm="syz-executor404" name="file1" scontext=unconfined_u:object_r:unlabeled_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=filesystem permissive=1 ====================================================== WARNING: possible circular locking dependency detected 6.4.0-rc1-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor404/1344 is trying to acquire lock: ff1100013d1b3f60 (&oi->ip_alloc_sem){++++}-{4:4}, at: ocfs2_page_mkwrite+0x297/0xc80 fs/ocfs2/mmap.c:142 but task is already holding lock: ff11000100ef2530 (sb_pagefaults#2){.+.+}-{0:0}, at: do_page_mkwrite+0x1a3/0x500 mm/memory.c:2931 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (sb_pagefaults#2){.+.+}-{0:0}: percpu_down_read include/linux/percpu-rwsem.h:51 [inline] __sb_start_write include/linux/fs.h:1494 [inline] sb_start_pagefault include/linux/fs.h:1598 [inline] ocfs2_page_mkwrite+0x17b/0xc80 fs/ocfs2/mmap.c:122 do_page_mkwrite+0x1a3/0x500 mm/memory.c:2931 wp_page_shared mm/memory.c:3280 [inline] do_wp_page+0x29f/0x2f00 mm/memory.c:3362 handle_pte_fault mm/memory.c:4964 [inline] __handle_mm_fault+0xd4a/0x3020 mm/memory.c:5089 handle_mm_fault+0x1af/0xbb0 mm/memory.c:5243 faultin_page mm/gup.c:925 [inline] __get_user_pages+0x5d7/0x1210 mm/gup.c:1147 faultin_vma_page_range+0x20d/0x300 mm/gup.c:1601 madvise_populate mm/madvise.c:917 [inline] madvise_vma_behavior mm/madvise.c:1026 [inline] madvise_walk_vmas mm/madvise.c:1248 [inline] do_madvise.part.0+0x1410/0x2740 mm/madvise.c:1428 do_madvise mm/madvise.c:1441 [inline] __do_sys_madvise mm/madvise.c:1441 [inline] __se_sys_madvise mm/madvise.c:1439 [inline] __x64_sys_madvise+0x109/0x160 mm/madvise.c:1439 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x73/0xdd -> #1 (&mm->mmap_lock){++++}-{4:4}: __might_fault mm/memory.c:5732 [inline] __might_fault+0x10c/0x190 mm/memory.c:5725 _copy_to_user+0x2b/0xc0 lib/usercopy.c:36 copy_to_user include/linux/uaccess.h:191 [inline] fiemap_fill_next_extent+0x22c/0x390 fs/ioctl.c:144 ocfs2_fiemap+0x5fe/0xe10 fs/ocfs2/extent_map.c:796 ioctl_fiemap fs/ioctl.c:219 [inline] do_vfs_ioctl+0x461/0x1680 fs/ioctl.c:810 __do_sys_ioctl fs/ioctl.c:868 [inline] __se_sys_ioctl fs/ioctl.c:856 [inline] __x64_sys_ioctl+0x110/0x210 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x73/0xdd -> #0 (&oi->ip_alloc_sem){++++}-{4:4}: check_prev_add kernel/locking/lockdep.c:3108 [inline] check_prevs_add kernel/locking/lockdep.c:3227 [inline] validate_chain kernel/locking/lockdep.c:3842 [inline] __lock_acquire+0x271b/0x3d10 kernel/locking/lockdep.c:5074 lock_acquire kernel/locking/lockdep.c:5691 [inline] lock_acquire+0x19a/0x4d0 kernel/locking/lockdep.c:5656 down_write+0x92/0x1f0 kernel/locking/rwsem.c:1573 ocfs2_page_mkwrite+0x297/0xc80 fs/ocfs2/mmap.c:142 do_page_mkwrite+0x1a3/0x500 mm/memory.c:2931 wp_page_shared mm/memory.c:3280 [inline] do_wp_page+0x29f/0x2f00 mm/memory.c:3362 handle_pte_fault mm/memory.c:4964 [inline] __handle_mm_fault+0xd4a/0x3020 mm/memory.c:5089 handle_mm_fault+0x1af/0xbb0 mm/memory.c:5243 faultin_page mm/gup.c:925 [inline] __get_user_pages+0x5d7/0x1210 mm/gup.c:1147 faultin_vma_page_range+0x20d/0x300 mm/gup.c:1601 madvise_populate mm/madvise.c:917 [inline] madvise_vma_behavior mm/madvise.c:1026 [inline] madvise_walk_vmas mm/madvise.c:1248 [inline] do_madvise.part.0+0x1410/0x2740 mm/madvise.c:1428 do_madvise mm/madvise.c:1441 [inline] __do_sys_madvise mm/madvise.c:1441 [inline] __se_sys_madvise mm/madvise.c:1439 [inline] __x64_sys_madvise+0x109/0x160 mm/madvise.c:1439 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x73/0xdd other info that might help us debug this: Chain exists of: &oi->ip_alloc_sem --> &mm->mmap_lock --> sb_pagefaults#2 Possible unsafe locking scenario: CPU0 CPU1 ---- ---- rlock(sb_pagefaults#2); lock(&mm->mmap_lock); lock(sb_pagefaults#2); lock(&oi->ip_alloc_sem); *** DEADLOCK *** 2 locks held by syz-executor404/1344: #0: ff11000123a212e8 (&mm->mmap_lock){++++}-{4:4}, at: mmap_read_lock include/linux/mmap_lock.h:142 [inline] #0: ff11000123a212e8 (&mm->mmap_lock){++++}-{4:4}, at: do_madvise.part.0+0x92e/0x2740 mm/madvise.c:1421 #1: ff11000100ef2530 (sb_pagefaults#2){.+.+}-{0:0}, at: do_page_mkwrite+0x1a3/0x500 mm/memory.c:2931 stack backtrace: CPU: 1 PID: 1344 Comm: syz-executor404 Not tainted 6.4.0-rc1-syzkaller #0 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x91/0xf0 lib/dump_stack.c:106 check_noncircular+0x271/0x320 kernel/locking/lockdep.c:2188 check_prev_add kernel/locking/lockdep.c:3108 [inline] check_prevs_add kernel/locking/lockdep.c:3227 [inline] validate_chain kernel/locking/lockdep.c:3842 [inline] __lock_acquire+0x271b/0x3d10 kernel/locking/lockdep.c:5074 lock_acquire kernel/locking/lockdep.c:5691 [inline] lock_acquire+0x19a/0x4d0 kernel/locking/lockdep.c:5656 down_write+0x92/0x1f0 kernel/locking/rwsem.c:1573 ocfs2_page_mkwrite+0x297/0xc80 fs/ocfs2/mmap.c:142 do_page_mkwrite+0x1a3/0x500 mm/memory.c:2931 wp_page_shared mm/memory.c:3280 [inline] do_wp_page+0x29f/0x2f00 mm/memory.c:3362 handle_pte_fault mm/memory.c:4964 [inline] __handle_mm_fault+0xd4a/0x3020 mm/memory.c:5089 handle_mm_fault+0x1af/0xbb0 mm/memory.c:5243 faultin_page mm/gup.c:925 [inline] __get_user_pages+0x5d7/0x1210 mm/gup.c:1147 faultin_vma_page_range+0x20d/0x300 mm/gup.c:1601 madvise_populate mm/madvise.c:917 [inline] madvise_vma_behavior mm/madvise.c:1026 [inline] madvise_walk_vmas mm/madvise.c:1248 [inline] do_madvise.part.0+0x1410/0x2740 mm/madvise.c:1428 do_madvise mm/madvise.c:1441 [inline] __do_sys_madvise mm/madvise.c:1441 [inline] __se_sys_madvise mm/madvise.c:1439 [inline] __x64_sys_madvise+0x109/0x160 mm/madvise.c:1439 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x73/0xdd RIP: 0033:0x7efc44b4a47d Code: c3 e8 b7 2c 00 00 0f 1f 80 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffd79b24d88 EFLAGS: 00000246 ORIG_RAX: 000000000000001c RAX: ffffffffffffffda RBX: 0031656c69662f2e RCX: 00007efc44b4a47d RDX: 0000000000000017 RSI: 0000000000003000 RDI: 0000000020003000 RBP: 00007efc44aff8b0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000004 R11: 0000000000000246 R12: 00007efc44b98077 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000