================================ WARNING: inconsistent lock state 5.12.0-rc2-syzkaller #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-R} usage. sshd/4589 [HC0[0]:SC1[1]:HE0:SE0] takes: 8a63c26c (&inode->i_size_seqcount){+.+-}-{0:0}, at: end_bio_bh_io_sync+0x38/0x54 fs/buffer.c:3006 {SOFTIRQ-ON-W} state was registered at: lock_acquire.part.0+0xf0/0x41c kernel/locking/lockdep.c:5510 lock_acquire+0x6c/0x74 kernel/locking/lockdep.c:5483 do_write_seqcount_begin_nested include/linux/seqlock.h:520 [inline] do_write_seqcount_begin include/linux/seqlock.h:545 [inline] i_size_write include/linux/fs.h:863 [inline] set_capacity+0x13c/0x1f8 block/genhd.c:50 brd_alloc+0x130/0x180 drivers/block/brd.c:401 brd_init+0xcc/0x1e0 drivers/block/brd.c:500 do_one_initcall+0x8c/0x59c init/main.c:1226 do_initcall_level init/main.c:1299 [inline] do_initcalls init/main.c:1315 [inline] do_basic_setup init/main.c:1335 [inline] kernel_init_freeable+0x2cc/0x330 init/main.c:1537 kernel_init+0x10/0x120 init/main.c:1424 ret_from_fork+0x14/0x20 arch/arm/kernel/entry-common.S:158 0x0 irq event stamp: 1252057 hardirqs last enabled at (1252056): [<802011ec>] __do_softirq+0xf4/0x7ac kernel/softirq.c:329 hardirqs last disabled at (1252057): [<8277d260>] __raw_read_lock_irqsave include/linux/rwlock_api_smp.h:157 [inline] hardirqs last disabled at (1252057): [<8277d260>] _raw_read_lock_irqsave+0x84/0x88 kernel/locking/spinlock.c:231 softirqs last enabled at (1252044): [<81e50418>] spin_unlock_bh include/linux/spinlock.h:399 [inline] softirqs last enabled at (1252044): [<81e50418>] __release_sock+0x54/0x140 net/core/sock.c:2549 softirqs last disabled at (1252055): [<8024e224>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline] softirqs last disabled at (1252055): [<8024e224>] invoke_softirq kernel/softirq.c:228 [inline] softirqs last disabled at (1252055): [<8024e224>] __irq_exit_rcu+0x1d8/0x200 kernel/softirq.c:422 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&inode->i_size_seqcount); lock(&inode->i_size_seqcount); *** DEADLOCK *** 2 locks held by sshd/4589: #0: 8a2891c4 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1600 [inline] #0: 8a2891c4 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x20/0x44 net/ipv4/tcp.c:1456 #1: 8a63c010 (&ni->size_lock){...-}-{2:2}, at: ntfs_end_buffer_async_read+0x6c/0x558 fs/ntfs/aops.c:66 stack backtrace: CPU: 0 PID: 4589 Comm: sshd Not tainted 5.12.0-rc2-syzkaller #0 Hardware name: ARM-Versatile Express Backtrace: [<82740468>] (dump_backtrace) from [<827406dc>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:252) r7:00000080 r6:60030193 r5:00000000 r4:8422a3c4 [<827406c4>] (show_stack) from [<82751b58>] (__dump_stack lib/dump_stack.c:79 [inline]) [<827406c4>] (show_stack) from [<82751b58>] (dump_stack+0xb8/0xe8 lib/dump_stack.c:120) [<82751aa0>] (dump_stack) from [<82742918>] (print_usage_bug.part.0+0x228/0x230 kernel/locking/lockdep.c:3806) r7:89a95808 r6:82803274 r5:848a3628 r4:89a95140 [<827426f0>] (print_usage_bug.part.0) from [<802bb4b8>] (print_usage_bug kernel/locking/lockdep.c:3776 [inline]) [<827426f0>] (print_usage_bug.part.0) from [<802bb4b8>] (valid_state kernel/locking/lockdep.c:3818 [inline]) [<827426f0>] (print_usage_bug.part.0) from [<802bb4b8>] (mark_lock_irq kernel/locking/lockdep.c:4021 [inline]) [<827426f0>] (print_usage_bug.part.0) from [<802bb4b8>] (mark_lock.part.0+0xc34/0x136c kernel/locking/lockdep.c:4478) r10:84a42fe8 r9:84437748 r8:00000000 r7:844372d4 r6:00000006 r5:89a95808 r4:00000005 [<802ba884>] (mark_lock.part.0) from [<802bca0c>] (mark_lock kernel/locking/lockdep.c:4442 [inline]) [<802ba884>] (mark_lock.part.0) from [<802bca0c>] (mark_usage kernel/locking/lockdep.c:4365 [inline]) [<802ba884>] (mark_lock.part.0) from [<802bca0c>] (__lock_acquire+0xa84/0x3318 kernel/locking/lockdep.c:4854) r10:89a95808 r9:89a95140 r8:00000001 r7:00040000 r6:0000023a r5:848a3628 r4:00000000 [<802bbf88>] (__lock_acquire) from [<802bfe90>] (lock_acquire.part.0+0xf0/0x41c kernel/locking/lockdep.c:5510) r10:00000080 r9:60030193 r8:00000000 r7:00000000 r6:83ecd680 r5:83ecd680 r4:8a3bf848 [<802bfda0>] (lock_acquire.part.0) from [<802c0228>] (lock_acquire+0x6c/0x74 kernel/locking/lockdep.c:5483) r10:8052dcb4 r9:00000000 r8:00000001 r7:00000002 r6:00000000 r5:00000000 r4:8a63c26c [<802c01bc>] (lock_acquire) from [<808b1af8>] (seqcount_lockdep_reader_access include/linux/seqlock.h:103 [inline]) [<802c01bc>] (lock_acquire) from [<808b1af8>] (i_size_read include/linux/fs.h:838 [inline]) [<802c01bc>] (lock_acquire) from [<808b1af8>] (ntfs_end_buffer_async_read+0xb4/0x558 fs/ntfs/aops.c:68) r10:8a63c000 r9:60030193 r8:8052dcb4 r7:8a63c26c r6:df7443d0 r5:8e108ea0 r4:8a63c1c8 [<808b1a44>] (ntfs_end_buffer_async_read) from [<8052dcb4>] (end_bio_bh_io_sync+0x38/0x54 fs/buffer.c:3006) r10:00000400 r9:00000400 r8:0000000a r7:00000000 r6:8730fdc0 r5:8e108ea0 r4:8af1b3c0 [<8052dc7c>] (end_bio_bh_io_sync) from [<80f0f638>] (bio_endio+0x124/0x338 block/bio.c:1436) r5:80f0f84c r4:8af1b3c0 [<80f0f514>] (bio_endio) from [<80f166cc>] (req_bio_endio block/blk-core.c:265 [inline]) [<80f0f514>] (bio_endio) from [<80f166cc>] (blk_update_request+0x220/0x724 block/blk-core.c:1456) r9:00000400 r8:0000000a r7:00000000 r6:8730fdc0 r5:00000400 r4:8af1b3c0 [<80f164ac>] (blk_update_request) from [<80f23128>] (blk_mq_end_request+0x1c/0x144 block/blk-mq.c:564) r10:00000010 r9:8a3be000 r8:8404ec98 r7:00000000 r6:00000004 r5:8730fdc0 r4:8730fdc0 [<80f2310c>] (blk_mq_end_request) from [<811d1e2c>] (lo_complete_rq+0x98/0xd4 drivers/block/loop.c:497) r7:00000003 r6:00000004 r5:8730fdc0 r4:ffffffc8 [<811d1d94>] (lo_complete_rq) from [<80f21ab4>] (blk_complete_reqs+0x5c/0x68 block/blk-mq.c:576) r5:00000005 r4:ffffffc8 [<80f21a58>] (blk_complete_reqs) from [<80f21b1c>] (blk_done_softirq+0x2c/0x30 block/blk-mq.c:581) r5:00000005 r4:83ed846c [<80f21af0>] (blk_done_softirq) from [<802012fc>] (__do_softirq+0x204/0x7ac kernel/softirq.c:345) r5:00000005 r4:84004090 [<802010f8>] (__do_softirq) from [<8024e224>] (do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]) [<802010f8>] (__do_softirq) from [<8024e224>] (invoke_softirq kernel/softirq.c:228 [inline]) [<802010f8>] (__do_softirq) from [<8024e224>] (__irq_exit_rcu+0x1d8/0x200 kernel/softirq.c:422) r10:8a3bfaf8 r9:8a3bfb60 r8:00000001 r7:00000000 r6:83ed8498 r5:00000000 r4:83ed9d00 [<8024e04c>] (__irq_exit_rcu) from [<8024e3d8>] (irq_exit+0x10/0x3c kernel/softirq.c:446) r5:00000000 r4:83ed8498 [<8024e3c8>] (irq_exit) from [<802d8a34>] (__handle_domain_irq+0xb4/0x120 kernel/irq/irqdesc.c:692) [<802d8980>] (__handle_domain_irq) from [<810109b0>] (handle_domain_irq include/linux/irqdesc.h:176 [inline]) [<802d8980>] (__handle_domain_irq) from [<810109b0>] (gic_handle_irq+0x84/0xac drivers/irqchip/irq-gic.c:370) r10:60030013 r9:40030193 r8:e000200c r7:83ed84bc r6:e0002000 r5:8a3bfb60 r4:8404f4b4 [<8101092c>] (gic_handle_irq) from [<80200abc>] (__irq_svc+0x5c/0x94 arch/arm/kernel/entry-armv.S:205) Exception stack(0x8a3bfb60 to 0x8a3bfba8) fb60: 00000000 83262ba0 20030093 00131ad5 850cae40 89b3fe00 89b3feb8 8a3bfc00 fb80: 8a3bfc04 89b3fe00 60030013 8a3bfbe4 8a3bfb58 8a3bfbb0 82773fac 804aedb8 fba0: 20030013 ffffffff r9:8a3be000 r8:8a3bfc04 r7:8a3bfb94 r6:ffffffff r5:20030013 r4:804aedb8 [<804aed54>] (slab_free_freelist_hook) from [<804b5b88>] (slab_free mm/slub.c:3161 [inline]) [<804aed54>] (slab_free_freelist_hook) from [<804b5b88>] (kmem_cache_free+0x80/0x530 mm/slub.c:3177) r10:8a289100 r9:83126e97 r8:8d4fdf3b r7:84a90980 r6:de1caba0 r5:89b3fe00 r4:850cae40 [<804b5b08>] (kmem_cache_free) from [<81e534e8>] (kfree_skbmem+0x98/0xa4 net/core/skbuff.c:704) r10:8a289100 r9:83126e97 r8:8d4fdf3b r7:5db3c1ae r6:89b3fe00 r5:89b3fe00 r4:89b3fe00 [<81e53450>] (kfree_skbmem) from [<81e58474>] (__kfree_skb+0x30/0x34 net/core/skbuff.c:740) [<81e58444>] (__kfree_skb) from [<820e7b00>] (sk_wmem_free_skb include/net/sock.h:1558 [inline]) [<81e58444>] (__kfree_skb) from [<820e7b00>] (tcp_rtx_queue_unlink_and_free include/net/tcp.h:1878 [inline]) [<81e58444>] (__kfree_skb) from [<820e7b00>] (tcp_clean_rtx_queue net/ipv4/tcp_input.c:3268 [inline]) [<81e58444>] (__kfree_skb) from [<820e7b00>] (tcp_ack+0x690/0x17a8 net/ipv4/tcp_input.c:3813) r5:89b3fe00 r4:00000000 [<820e7470>] (tcp_ack) from [<820eafb0>] (tcp_rcv_established+0x444/0x8ac net/ipv4/tcp_input.c:5796) r10:8436ab5b r9:8404ec98 r8:00000014 r7:00000014 r6:8ad74264 r5:8afeb300 r4:8a289100 [<820eab6c>] (tcp_rcv_established) from [<820fc79c>] (tcp_v4_do_rcv+0x188/0x22c net/ipv4/tcp_ipv4.c:1679) r10:8436ab5b r9:8a289170 r8:832f565c r7:00000000 r6:85b5f900 r5:8afeb300 r4:8a289100 [<820fc614>] (tcp_v4_do_rcv) from [<81e50434>] (sk_backlog_rcv include/net/sock.h:1016 [inline]) [<820fc614>] (tcp_v4_do_rcv) from [<81e50434>] (__release_sock+0x70/0x140 net/core/sock.c:2556) r7:00000000 r6:8a289100 r5:8afeb300 r4:00000000 [<81e503c4>] (__release_sock) from [<81e50538>] (release_sock+0x34/0xa0 net/core/sock.c:3080) r10:00000000 r9:00004024 r8:00000000 r7:8a45d6c0 r6:820da314 r5:8a289170 r4:8a289100 [<81e50504>] (release_sock) from [<820da314>] (tcp_sendmsg+0x3c/0x44 net/ipv4/tcp.c:1458) r7:8a45d6c0 r6:00004024 r5:00004024 r4:8a289100 [<820da2d8>] (tcp_sendmsg) from [<82122bb0>] (inet_sendmsg+0x40/0x4c net/ipv4/af_inet.c:821) r7:8a45d6c0 r6:8a289100 r5:00004024 r4:8a3bfe80 [<82122b70>] (inet_sendmsg) from [<81e45978>] (sock_sendmsg_nosec net/socket.c:654 [inline]) [<82122b70>] (inet_sendmsg) from [<81e45978>] (sock_sendmsg+0x3c/0x4c net/socket.c:674) r7:8a45d6c0 r6:853c53c0 r5:8a45d6c0 r4:8a3bfe80 [<81e4593c>] (sock_sendmsg) from [<81e45a24>] (sock_write_iter+0x9c/0xfc net/socket.c:1001) r5:8a3bff08 r4:8a3bfef0 [<81e45988>] (sock_write_iter) from [<804da638>] (call_write_iter include/linux/fs.h:1977 [inline]) [<81e45988>] (sock_write_iter) from [<804da638>] (new_sync_write fs/read_write.c:518 [inline]) [<81e45988>] (sock_write_iter) from [<804da638>] (vfs_write+0x324/0x350 fs/read_write.c:605) r7:8a3be000 r6:00000000 r5:853c53c0 r4:00000000 [<804da314>] (vfs_write) from [<804da818>] (ksys_write+0xb4/0xec fs/read_write.c:658) r10:00000004 r9:8a3be000 r8:80200224 r7:00004024 r6:02108d90 r5:853c53c0 r4:853c53c0 [<804da764>] (ksys_write) from [<804da860>] (__do_sys_write fs/read_write.c:670 [inline]) [<804da764>] (ksys_write) from [<804da860>] (sys_write+0x10/0x14 fs/read_write.c:667) r7:00000004 r6:76fa6da0 r5:00004024 r4:020e7f88 [<804da850>] (sys_write) from [<80200060>] (ret_fast_syscall+0x0/0x2c arch/arm/mm/proc-v7.S:64) Exception stack(0x8a3bffa8 to 0x8a3bfff0) ffa0: 020e7f88 00004024 00000004 02108d90 00004024 00000000 ffc0: 020e7f88 00004024 76fa6da0 00000004 00000001 00000004 00000004 004d64e9 ffe0: 00512b24 7e95d590 004abe38 76bdd7bc