[v5.15] possible deadlock in stack_depot_save
0 views
Skip to first unread message
syzbot
Mar 18, 2023, 12:18:37 PM3/18/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=158521d2c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=f95b212e0ccdd4d1
dashboard link: https://syzkaller.appspot.com/bug?extid=51bb01c6f3ce02b258bb
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6153dfa8dcc0/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2093d52db59f/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/85041d0bd356/Image-8020ae3c.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+51bb01...@syzkaller.appspotmail.com
------------[ cut here ]------------
======================================================
WARNING: possible circular locking dependency detected
5.15.103-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.1/28729 is trying to acquire lock:
ffff800014a702d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
but task is already holding lock:
ffff800015188898 (depot_lock){-.-.}-{2:2}, at: stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #3 (depot_lock){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
tell_cpu_to_push+0x1d8/0x408 kernel/sched/rt.c:2149
pull_rt_task kernel/sched/rt.c:2215 [inline]
balance_rt+0x268/0x354 kernel/sched/rt.c:1560
put_prev_task_balance kernel/sched/core.c:5617 [inline]
__pick_next_task kernel/sched/core.c:5657 [inline]
pick_next_task kernel/sched/core.c:6185 [inline]
__schedule+0x724/0x1f1c kernel/sched/core.c:6333
schedule+0x11c/0x1c8 kernel/sched/core.c:6452
freezable_schedule include/linux/freezer.h:172 [inline]
futex_wait_queue_me+0x1f4/0x40c kernel/futex/core.c:2853
futex_wait+0x24c/0x56c kernel/futex/core.c:2954
do_futex+0xfcc/0x2d88 kernel/futex/core.c:3972
__do_sys_futex kernel/futex/core.c:4049 [inline]
__se_sys_futex kernel/futex/core.c:4030 [inline]
__arm64_sys_futex+0x424/0x498 kernel/futex/core.c:4030
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
-> #2 (&rq->__lock){-.-.}-{2:2}:
_raw_spin_lock_nested+0xb4/0x110 kernel/locking/spinlock.c:368
raw_spin_rq_lock_nested+0x2c/0x44 kernel/sched/core.c:475
raw_spin_rq_lock kernel/sched/sched.h:1325 [inline]
rq_lock kernel/sched/sched.h:1620 [inline]
task_fork_fair+0x7c/0x23c kernel/sched/fair.c:11328
sched_cgroup_fork+0x334/0x3d8 kernel/sched/core.c:4459
copy_process+0x24d4/0x3750 kernel/fork.c:2312
kernel_clone+0x1d8/0xbe0 kernel/fork.c:2601
kernel_thread+0x148/0x1bc kernel/fork.c:2653
rest_init+0x2c/0x38c init/main.c:701
arch_call_rest_init+0x14/0x20 init/main.c:889
start_kernel+0x440/0x600 init/main.c:1144
__primary_switched+0xa8/0xb0 arch/arm64/kernel/head.S:468
-> #1 (&p->pi_lock){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
try_to_wake_up+0xb0/0xc2c kernel/sched/core.c:4023
wake_up_process+0x18/0x24 kernel/sched/core.c:4208
__up+0x11c/0x148 kernel/locking/semaphore.c:265
up+0x90/0xb0 kernel/locking/semaphore.c:190
__up_console_sem+0x8c/0x100 kernel/printk/printk.c:256
console_unlock+0x1160/0x1394 kernel/printk/printk.c:2750
vprintk_emit+0x13c/0x218 kernel/printk/printk.c:2268
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
addrconf_notify+0x9e8/0xc58 net/ipv6/addrconf.c:3632
notifier_call_chain kernel/notifier.c:83 [inline]
raw_notifier_call_chain+0xd4/0x164 kernel/notifier.c:391
call_netdevice_notifiers_info net/core/dev.c:1998 [inline]
netdev_state_change+0x180/0x22c net/core/dev.c:1389
linkwatch_do_dev+0x2b0/0x3c8 net/core/link_watch.c:167
__linkwatch_run_queue+0x424/0x730 net/core/link_watch.c:213
linkwatch_event+0x58/0x68 net/core/link_watch.c:252
process_one_work+0x84c/0x14b8 kernel/workqueue.c:2306
worker_thread+0x910/0x1034 kernel/workqueue.c:2453
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
-> #0 ((console_sem).lock){-.-.}-{2:2}:
check_prev_add kernel/locking/lockdep.c:3053 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3787 [inline]
__lock_acquire+0x32cc/0x7620 kernel/locking/lockdep.c:5011
lock_acquire+0x2c0/0x89c kernel/locking/lockdep.c:5622
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
__down_trylock_console_sem+0x80/0x144 kernel/printk/printk.c:239
console_trylock+0xb8/0x1f8 kernel/printk/printk.c:2565
console_trylock_spinning+0x1c/0x280 kernel/printk/printk.c:1867
vprintk_emit+0x120/0x218 kernel/printk/printk.c:2267
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
__warn_printk+0xb4/0x134 kernel/panic.c:710
depot_alloc_stack lib/stackdepot.c:114 [inline]
stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
other info that might help us debug this:
Chain exists of:
(console_sem).lock --> &rq->__lock --> depot_lock
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(depot_lock);
lock(&rq->__lock);
lock(depot_lock);
lock((console_sem).lock);
*** DEADLOCK ***
4 locks held by syz-executor.1/28729:
#0: ffff0000d3f20460 (sb_writers#3){.+.+}-{0:0}, at: do_coredump+0x12a4/0x2890 fs/coredump.c:825
#1: ffff00015fd12bd0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
#1: ffff00015fd12bd0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_buffered_write_iter+0xa4/0x538 fs/ext4/file.c:263
#2: ffff0000d3f0e990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfb4/0x12c0 fs/jbd2/transaction.c:466
#3: ffff800015188898 (depot_lock){-.-.}-{2:2}, at: stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
stack backtrace:
CPU: 0 PID: 28729 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
print_circular_bug+0x150/0x1b8 kernel/locking/lockdep.c:2011
check_noncircular+0x2cc/0x378 kernel/locking/lockdep.c:2133
check_prev_add kernel/locking/lockdep.c:3053 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3787 [inline]
__lock_acquire+0x32cc/0x7620 kernel/locking/lockdep.c:5011
lock_acquire+0x2c0/0x89c kernel/locking/lockdep.c:5622
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
__down_trylock_console_sem+0x80/0x144 kernel/printk/printk.c:239
console_trylock+0xb8/0x1f8 kernel/printk/printk.c:2565
console_trylock_spinning+0x1c/0x280 kernel/printk/printk.c:1867
vprintk_emit+0x120/0x218 kernel/printk/printk.c:2267
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
__warn_printk+0xb4/0x134 kernel/panic.c:710
depot_alloc_stack lib/stackdepot.c:114 [inline]
stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Stack depot reached limit capacity
WARNING: CPU: 0 PID: 28729 at lib/stackdepot.c:114 stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
Modules linked in:
CPU: 0 PID: 28729 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
lr : depot_alloc_stack lib/stackdepot.c:114 [inline]
lr : stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
sp : ffff800008007af0
x29: ffff800008007b00 x28: 0000000000000160 x27: 00000000000000c0
x26: 0000000000000000 x25: 00000000000ef75e x24: ffff0001b3000000
x23: 00000000646ef75e x22: 0000000000000140 x21: 0000000000000000
x20: 0000000000000028 x19: ffff800008007b60 x18: 0000000000010002
x17: ff808000083386a0 x16: ffff800011a05534 x15: ffff8000083386a0
x14: 00000000ffffffff x13: ffffffffffffffff x12: 0000000000000000
x11: ff80800008330148 x10: 0000000000010001 x9 : af1751a4d82d0600
x8 : af1751a4d82d0600 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800008007258 x4 : ffff800014aa0780 x3 : ffff8000085517f0
x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000022
Call trace:
stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 57862
hardirqs last enabled at (57861): [<ffff800011a039c8>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:81 [inline]
hardirqs last enabled at (57861): [<ffff800011a039c8>] exit_to_kernel_mode+0x100/0x178 arch/arm64/kernel/entry-common.c:91
hardirqs last disabled at (57862): [<ffff800011a03c10>] enter_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:227
softirqs last enabled at (57846): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (57846): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (57533): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (57533): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (57533): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 459e8abf3d2c38b8 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 8020ae3c051d Linux 5.15.103
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=158521d2c80000
kernel config: https://syzkaller.appspot.com/x/.config?x=f95b212e0ccdd4d1
dashboard link: https://syzkaller.appspot.com/bug?extid=51bb01c6f3ce02b258bb
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6153dfa8dcc0/disk-8020ae3c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/2093d52db59f/vmlinux-8020ae3c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/85041d0bd356/Image-8020ae3c.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+51bb01...@syzkaller.appspotmail.com
------------[ cut here ]------------
======================================================
WARNING: possible circular locking dependency detected
5.15.103-syzkaller #0 Not tainted
------------------------------------------------------
syz-executor.1/28729 is trying to acquire lock:
ffff800014a702d8 ((console_sem).lock){-.-.}-{2:2}, at: down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
but task is already holding lock:
ffff800015188898 (depot_lock){-.-.}-{2:2}, at: stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #3 (depot_lock){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
tell_cpu_to_push+0x1d8/0x408 kernel/sched/rt.c:2149
pull_rt_task kernel/sched/rt.c:2215 [inline]
balance_rt+0x268/0x354 kernel/sched/rt.c:1560
put_prev_task_balance kernel/sched/core.c:5617 [inline]
__pick_next_task kernel/sched/core.c:5657 [inline]
pick_next_task kernel/sched/core.c:6185 [inline]
__schedule+0x724/0x1f1c kernel/sched/core.c:6333
schedule+0x11c/0x1c8 kernel/sched/core.c:6452
freezable_schedule include/linux/freezer.h:172 [inline]
futex_wait_queue_me+0x1f4/0x40c kernel/futex/core.c:2853
futex_wait+0x24c/0x56c kernel/futex/core.c:2954
do_futex+0xfcc/0x2d88 kernel/futex/core.c:3972
__do_sys_futex kernel/futex/core.c:4049 [inline]
__se_sys_futex kernel/futex/core.c:4030 [inline]
__arm64_sys_futex+0x424/0x498 kernel/futex/core.c:4030
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
-> #2 (&rq->__lock){-.-.}-{2:2}:
_raw_spin_lock_nested+0xb4/0x110 kernel/locking/spinlock.c:368
raw_spin_rq_lock_nested+0x2c/0x44 kernel/sched/core.c:475
raw_spin_rq_lock kernel/sched/sched.h:1325 [inline]
rq_lock kernel/sched/sched.h:1620 [inline]
task_fork_fair+0x7c/0x23c kernel/sched/fair.c:11328
sched_cgroup_fork+0x334/0x3d8 kernel/sched/core.c:4459
copy_process+0x24d4/0x3750 kernel/fork.c:2312
kernel_clone+0x1d8/0xbe0 kernel/fork.c:2601
kernel_thread+0x148/0x1bc kernel/fork.c:2653
rest_init+0x2c/0x38c init/main.c:701
arch_call_rest_init+0x14/0x20 init/main.c:889
start_kernel+0x440/0x600 init/main.c:1144
__primary_switched+0xa8/0xb0 arch/arm64/kernel/head.S:468
-> #1 (&p->pi_lock){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
try_to_wake_up+0xb0/0xc2c kernel/sched/core.c:4023
wake_up_process+0x18/0x24 kernel/sched/core.c:4208
__up+0x11c/0x148 kernel/locking/semaphore.c:265
up+0x90/0xb0 kernel/locking/semaphore.c:190
__up_console_sem+0x8c/0x100 kernel/printk/printk.c:256
console_unlock+0x1160/0x1394 kernel/printk/printk.c:2750
vprintk_emit+0x13c/0x218 kernel/printk/printk.c:2268
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
addrconf_notify+0x9e8/0xc58 net/ipv6/addrconf.c:3632
notifier_call_chain kernel/notifier.c:83 [inline]
raw_notifier_call_chain+0xd4/0x164 kernel/notifier.c:391
call_netdevice_notifiers_info net/core/dev.c:1998 [inline]
netdev_state_change+0x180/0x22c net/core/dev.c:1389
linkwatch_do_dev+0x2b0/0x3c8 net/core/link_watch.c:167
__linkwatch_run_queue+0x424/0x730 net/core/link_watch.c:213
linkwatch_event+0x58/0x68 net/core/link_watch.c:252
process_one_work+0x84c/0x14b8 kernel/workqueue.c:2306
worker_thread+0x910/0x1034 kernel/workqueue.c:2453
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
-> #0 ((console_sem).lock){-.-.}-{2:2}:
check_prev_add kernel/locking/lockdep.c:3053 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3787 [inline]
__lock_acquire+0x32cc/0x7620 kernel/locking/lockdep.c:5011
lock_acquire+0x2c0/0x89c kernel/locking/lockdep.c:5622
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
__down_trylock_console_sem+0x80/0x144 kernel/printk/printk.c:239
console_trylock+0xb8/0x1f8 kernel/printk/printk.c:2565
console_trylock_spinning+0x1c/0x280 kernel/printk/printk.c:1867
vprintk_emit+0x120/0x218 kernel/printk/printk.c:2267
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
__warn_printk+0xb4/0x134 kernel/panic.c:710
depot_alloc_stack lib/stackdepot.c:114 [inline]
stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
other info that might help us debug this:
Chain exists of:
(console_sem).lock --> &rq->__lock --> depot_lock
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(depot_lock);
lock(&rq->__lock);
lock(depot_lock);
lock((console_sem).lock);
*** DEADLOCK ***
4 locks held by syz-executor.1/28729:
#0: ffff0000d3f20460 (sb_writers#3){.+.+}-{0:0}, at: do_coredump+0x12a4/0x2890 fs/coredump.c:825
#1: ffff00015fd12bd0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
#1: ffff00015fd12bd0 (&sb->s_type->i_mutex_key#9){++++}-{3:3}, at: ext4_buffered_write_iter+0xa4/0x538 fs/ext4/file.c:263
#2: ffff0000d3f0e990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0xfb4/0x12c0 fs/jbd2/transaction.c:466
#3: ffff800015188898 (depot_lock){-.-.}-{2:2}, at: stack_depot_save+0x204/0x4a0 lib/stackdepot.c:307
stack backtrace:
CPU: 0 PID: 28729 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Call trace:
dump_backtrace+0x0/0x530 arch/arm64/kernel/stacktrace.c:152
show_stack+0x2c/0x3c arch/arm64/kernel/stacktrace.c:216
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x108/0x170 lib/dump_stack.c:106
dump_stack+0x1c/0x58 lib/dump_stack.c:113
print_circular_bug+0x150/0x1b8 kernel/locking/lockdep.c:2011
check_noncircular+0x2cc/0x378 kernel/locking/lockdep.c:2133
check_prev_add kernel/locking/lockdep.c:3053 [inline]
check_prevs_add kernel/locking/lockdep.c:3172 [inline]
validate_chain kernel/locking/lockdep.c:3787 [inline]
__lock_acquire+0x32cc/0x7620 kernel/locking/lockdep.c:5011
lock_acquire+0x2c0/0x89c kernel/locking/lockdep.c:5622
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0xc4/0x14c kernel/locking/spinlock.c:162
down_trylock+0x28/0xd8 kernel/locking/semaphore.c:138
__down_trylock_console_sem+0x80/0x144 kernel/printk/printk.c:239
console_trylock+0xb8/0x1f8 kernel/printk/printk.c:2565
console_trylock_spinning+0x1c/0x280 kernel/printk/printk.c:1867
vprintk_emit+0x120/0x218 kernel/printk/printk.c:2267
vprintk_default+0xa0/0xe4 kernel/printk/printk.c:2279
vprintk+0x218/0x2f0 kernel/printk/printk_safe.c:50
_printk+0xdc/0x128 kernel/printk/printk.c:2289
__warn_printk+0xb4/0x134 kernel/panic.c:710
depot_alloc_stack lib/stackdepot.c:114 [inline]
stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Stack depot reached limit capacity
WARNING: CPU: 0 PID: 28729 at lib/stackdepot.c:114 stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
Modules linked in:
CPU: 0 PID: 28729 Comm: syz-executor.1 Not tainted 5.15.103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
lr : depot_alloc_stack lib/stackdepot.c:114 [inline]
lr : stack_depot_save+0x490/0x4a0 lib/stackdepot.c:312
sp : ffff800008007af0
x29: ffff800008007b00 x28: 0000000000000160 x27: 00000000000000c0
x26: 0000000000000000 x25: 00000000000ef75e x24: ffff0001b3000000
x23: 00000000646ef75e x22: 0000000000000140 x21: 0000000000000000
x20: 0000000000000028 x19: ffff800008007b60 x18: 0000000000010002
x17: ff808000083386a0 x16: ffff800011a05534 x15: ffff8000083386a0
x14: 00000000ffffffff x13: ffffffffffffffff x12: 0000000000000000
x11: ff80800008330148 x10: 0000000000010001 x9 : af1751a4d82d0600
x8 : af1751a4d82d0600 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800008007258 x4 : ffff800014aa0780 x3 : ffff8000085517f0
x2 : 0000000000000001 x1 : 0000000100010001 x0 : 0000000000000022
Call trace:
stack_depot_save+0x494/0x4a0 lib/stackdepot.c:312
kasan_save_stack+0x54/0x68 mm/kasan/common.c:40
kasan_record_aux_stack+0xd4/0x11c mm/kasan/generic.c:348
irq_work_queue_on+0xcc/0x224 kernel/irq_work.c:101
rto_push_irq_work_func+0x13c/0x340 kernel/sched/rt.c:2187
irq_work_single+0xbc/0x1e4 kernel/irq_work.c:155
irq_work_run_list kernel/irq_work.c:177 [inline]
irq_work_run+0x108/0x25c kernel/irq_work.c:186
do_handle_IPI arch/arm64/kernel/smp.c:925 [inline]
ipi_handler+0x108/0x7d4 arch/arm64/kernel/smp.c:948
handle_percpu_devid_irq+0x174/0x300 kernel/irq/chip.c:933
generic_handle_irq_desc include/linux/irqdesc.h:158 [inline]
handle_irq_desc kernel/irq/irqdesc.c:651 [inline]
handle_domain_irq+0xec/0x178 kernel/irq/irqdesc.c:706
gic_handle_irq+0x78/0x1c8 drivers/irqchip/irq-gic-v3.c:757
call_on_irq_stack+0x2c/0x54 arch/arm64/kernel/entry.S:899
do_interrupt_handler+0x74/0x94 arch/arm64/kernel/entry-common.c:267
el1_interrupt+0x30/0x58 arch/arm64/kernel/entry-common.c:442
el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:458
el1h_64_irq+0x78/0x7c arch/arm64/kernel/entry.S:580
_compound_head include/linux/page-flags.h:196 [inline]
mark_page_accessed+0x40/0x1238 mm/swap.c:404
touch_buffer+0x1d8/0x480 fs/buffer.c:63
__find_get_block+0x1e8/0xdd4 fs/buffer.c:1314
__getblk_gfp+0x48/0x700 fs/buffer.c:1332
sb_getblk include/linux/buffer_head.h:361 [inline]
__ext4_get_inode_loc+0x3ac/0xb14 fs/ext4/inode.c:4321
ext4_get_inode_loc fs/ext4/inode.c:4445 [inline]
ext4_reserve_inode_write+0x160/0x328 fs/ext4/inode.c:5769
__ext4_mark_inode_dirty+0x33c/0xab8 fs/ext4/inode.c:5946
ext4_dirty_inode+0xd0/0x100 fs/ext4/inode.c:5983
__mark_inode_dirty+0x458/0x16d4 fs/fs-writeback.c:2439
mark_inode_dirty include/linux/fs.h:2393 [inline]
generic_write_end+0x15c/0x238 fs/buffer.c:2204
ext4_da_write_end+0x6a0/0x9b0 fs/ext4/inode.c:3091
generic_perform_write+0x354/0x520 mm/filemap.c:3787
ext4_buffered_write_iter+0x3d8/0x538 fs/ext4/file.c:269
ext4_file_write_iter+0x688/0x163c
__kernel_write+0x488/0x8b0 fs/read_write.c:539
__dump_emit+0x200/0x338 fs/coredump.c:875
dump_emit+0x288/0x36c fs/coredump.c:912
dump_user_range+0xd0/0x35c fs/coredump.c:949
elf_core_dump+0x2ef4/0x3640 fs/binfmt_elf.c:2285
do_coredump+0x12c8/0x2890 fs/coredump.c:826
get_signal+0x3dc/0x1550 kernel/signal.c:2875
do_signal arch/arm64/kernel/signal.c:890 [inline]
do_notify_resume+0x320/0x32b8 arch/arm64/kernel/signal.c:943
prepare_exit_to_user_mode arch/arm64/kernel/entry-common.c:133 [inline]
exit_to_user_mode arch/arm64/kernel/entry-common.c:138 [inline]
el0_da+0x118/0x20c arch/arm64/kernel/entry-common.c:483
el0t_64_sync_handler+0xc0/0xe4 arch/arm64/kernel/entry-common.c:617
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
irq event stamp: 57862
hardirqs last enabled at (57861): [<ffff800011a039c8>] __exit_to_kernel_mode arch/arm64/kernel/entry-common.c:81 [inline]
hardirqs last enabled at (57861): [<ffff800011a039c8>] exit_to_kernel_mode+0x100/0x178 arch/arm64/kernel/entry-common.c:91
hardirqs last disabled at (57862): [<ffff800011a03c10>] enter_el1_irq_or_nmi+0x10/0x1c arch/arm64/kernel/entry-common.c:227
softirqs last enabled at (57846): [<ffff800008020e34>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last enabled at (57846): [<ffff800008020e34>] __do_softirq+0xcc4/0xf60 kernel/softirq.c:587
softirqs last disabled at (57533): [<ffff8000081b7b48>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (57533): [<ffff8000081b7b48>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (57533): [<ffff8000081b7b48>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace 459e8abf3d2c38b8 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Aug 22, 2023, 11:19:50 AM8/22/23
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages