Debian GNU/Linux 7 syzkaller ttyS0 2017/08/27 15:10:21 parsed 1 programs 2017/08/27 15:10:21 executed programs: 0 syzkaller login: [ 34.713476] mmap: syz-executor3 (3088) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.txt. 2017/08/27 15:10:26 executed programs: 501 [ 42.720085] [ 42.720512] ====================================================== [ 42.721729] WARNING: possible circular locking dependency detected [ 42.723045] 4.13.0-rc6-next-20170825+ #9 Not tainted [ 42.723047] ------------------------------------------------------ [ 42.723050] kworker/0:1/37 is trying to acquire lock: [ 42.723051] ((shepherd).work){+.+.}, at: [] process_one_work+0xb2c/0x1be0 [ 42.723063] [ 42.723063] but now in release context of a crosslock acquired at the following: [ 42.723064] ((complete)&rcu.completion){+.+.}, at: [] __synchronize_srcu+0x1b5/0x250 [ 42.723073] [ 42.723073] which lock already depends on the new lock. [ 42.723073] [ 42.723074] [ 42.723074] the existing dependency chain (in reverse order) is: [ 42.723076] [ 42.723076] -> #2 ((complete)&rcu.completion){+.+.}: [ 42.723085] __lock_acquire+0x3286/0x4620 [ 42.723089] lock_acquire+0x1d5/0x580 [ 42.723094] wait_for_completion+0xc8/0x770 [ 42.723097] __synchronize_srcu+0x1b5/0x250 [ 42.723101] synchronize_srcu+0x1a3/0x560 [ 42.723106] quarantine_remove_cache+0xd7/0xf0 [ 42.723110] kasan_cache_shrink+0x9/0x10 [ 42.723114] kmem_cache_shrink+0x15/0x30 [ 42.723119] acpi_os_purge_cache+0x15/0x20 [ 42.723123] acpi_purge_cached_objects+0x38/0xc9 [ 42.723129] acpi_initialize_objects+0xc5/0x112 [ 42.723132] acpi_init+0x23c/0x8e6 [ 42.723137] do_one_initcall+0x9e/0x330 [ 42.723141] kernel_init_freeable+0x469/0x521 [ 42.723144] kernel_init+0x13/0x172 [ 42.723148] ret_from_fork+0x2a/0x40 [ 42.723149] [ 42.723149] -> #1 (cpu_hotplug_lock.rw_sem){++++}: [ 42.723158] __lock_acquire+0x3286/0x4620 [ 42.723162] lock_acquire+0x1d5/0x580 [ 42.723166] cpus_read_lock+0x42/0x90 [ 42.723170] vmstat_shepherd+0x3d/0x1b0 [ 42.723174] process_one_work+0xbfd/0x1be0 [ 42.723177] worker_thread+0x223/0x1860 [ 42.723181] kthread+0x39c/0x470 [ 42.723185] ret_from_fork+0x2a/0x40 [ 42.723186] [ 42.723186] -> #0 ((shepherd).work){+.+.}: [ 42.723193] process_one_work+0xba5/0x1be0 [ 42.723197] worker_thread+0x223/0x1860 [ 42.723200] kthread+0x39c/0x470 [ 42.723204] ret_from_fork+0x2a/0x40 [ 42.723207] 0xffffffffffffffff [ 42.723212] [ 42.723212] other info that might help us debug this: [ 42.723212] [ 42.723213] Chain exists of: [ 42.723213] (shepherd).work --> cpu_hotplug_lock.rw_sem --> (complete)&rcu.completion [ 42.723213] [ 42.723220] Possible unsafe locking scenario by crosslock: [ 42.723220] [ 42.723221] CPU0 CPU1 [ 42.723222] ---- ---- [ 42.723223] lock(cpu_hotplug_lock.rw_sem); [ 42.723226] lock((complete)&rcu.completion); [ 42.723229] lock((shepherd).work); [ 42.723232] unlock((complete)&rcu.completion); [ 42.723235] [ 42.723235] *** DEADLOCK *** [ 42.723235] [ 42.723270] 3 locks held by kworker/0:1/37: [ 42.723279] #0: ("events_power_efficient"){.+.+}, at: [] process_one_work+0xad4/0x1be0 [ 42.723365] #1: ((&(&sdp->work)->work)){+.+.}, at: [] process_one_work+0xb2c/0x1be0 [ 42.723437] #2: (&x->wait#5){....}, at: [] complete+0x18/0x80 [ 42.723495] [ 42.723495] stack backtrace: [ 42.723540] CPU: 0 PID: 37 Comm: kworker/0:1 Not tainted 4.13.0-rc6-next-20170825+ #9 [ 42.723549] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 42.723604] Workqueue: events_power_efficient srcu_invoke_callbacks [ 42.723623] Call Trace: [ 42.723659] dump_stack+0x194/0x257 [ 42.723715] ? arch_local_irq_restore+0x53/0x53 [ 42.723767] print_circular_bug+0x503/0x710 [ 42.723775] ? print_circular_bug_entry+0xb0/0xb0 [ 42.723783] check_prev_add+0x865/0x1520 [ 42.723788] ? graph_lock+0x170/0x170 [ 42.723794] ? check_usage+0xb70/0xb70 [ 42.723802] ? hlock_class+0x140/0x140 [ 42.723809] lock_commit_crosslock+0xe73/0x1d10 [ 42.723814] ? lock_commit_crosslock+0xe73/0x1d10 [ 42.723818] ? perf_trace_lock+0x860/0x860 [ 42.723826] ? check_prev_add+0x1520/0x1520 [ 42.723843] ? lock_acquire+0x1d5/0x580 [ 42.723846] ? complete+0x18/0x80 [ 42.723853] ? lock_release+0xd70/0xd70 [ 42.723890] ? do_raw_spin_trylock+0x190/0x190 [ 42.723928] complete+0x24/0x80 [ 42.723975] wakeme_after_rcu+0xd/0x10 [ 42.723995] srcu_invoke_callbacks+0x280/0x4d0 [ 42.724024] ? srcu_queue_delayed_work_on+0x240/0x240 [ 42.724038] ? __lock_is_held+0xbc/0x140 [ 42.724047] process_one_work+0xbfd/0x1be0 [ 42.724052] ? check_noncircular+0x20/0x20 [ 42.724060] ? pwq_dec_nr_in_flight+0x450/0x450 [ 42.724064] ? finish_task_switch+0x1d3/0x740 [ 42.724068] ? finish_task_switch+0x1aa/0x740 [ 42.724080] ? perf_trace_lock_acquire+0xfe/0x900 [ 42.724085] ? __sched_text_start+0x8/0x8 [ 42.724091] ? perf_trace_lock+0x860/0x860 [ 42.724098] ? find_held_lock+0x39/0x1d0 [ 42.724108] ? lock_acquire+0x1d5/0x580 [ 42.724112] ? worker_thread+0x4a3/0x1860 [ 42.724118] ? lock_release+0xd70/0xd70 [ 42.724122] ? do_raw_spin_trylock+0x190/0x190 [ 42.724127] ? pr_cont_work+0x130/0x130 [ 42.724136] worker_thread+0x223/0x1860 [ 42.724147] ? process_one_work+0x1be0/0x1be0 [ 42.724152] ? check_noncircular+0x20/0x20 [ 42.724157] ? _raw_spin_unlock_irq+0x27/0x70 [ 42.724162] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 42.724198] ? trace_hardirqs_on+0xd/0x10 [ 42.724225] ? _raw_spin_unlock_irq+0x27/0x70 [ 42.724271] ? finish_task_switch+0x1d3/0x740 [ 42.724297] ? finish_task_switch+0x1aa/0x740 [ 42.724327] ? preempt_notifier_dec+0x20/0x20 [ 42.724385] ? __schedule+0x8f0/0x2070 [ 42.724441] ? __x2apic_send_IPI_dest.constprop.7+0x5b/0x80 [ 42.724481] ? try_to_wake_up+0xf9/0x1600 [ 42.724539] ? find_held_lock+0x39/0x1d0 [ 42.724587] ? lock_downgrade+0x990/0x990 [ 42.724635] ? complete+0x18/0x80 [ 42.724655] ? __schedule+0x2070/0x2070 [ 42.724697] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 42.724703] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 42.724708] ? trace_hardirqs_on+0xd/0x10 [ 42.724713] ? __kthread_parkme+0x173/0x240 [ 42.724719] kthread+0x39c/0x470 [ 42.724723] ? process_one_work+0x1be0/0x1be0 [ 42.724727] ? kthread_create_on_node+0x100/0x100 [ 42.724732] ret_from_fork+0x2a/0x40