bisecting cause commit starting from b2d229d4ddb17db541098b83524d901257e93845 building syzkaller on 8bcc32a67bc7180173447e1a78c03dae096b4231 testing commit b2d229d4ddb17db541098b83524d901257e93845 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: eb5b66436226dea4fbfc24f0c4887ceeacdfade44b96689a1f176ce61ca6b410 run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: crashed: INFO: rcu detected stall in sys_setxattr run #2: crashed: INFO: rcu detected stall in sys_setxattr run #3: crashed: INFO: rcu detected stall in sys_setxattr run #4: crashed: INFO: rcu detected stall in sys_setxattr run #5: crashed: INFO: rcu detected stall in sys_setxattr run #6: crashed: INFO: rcu detected stall in sys_setxattr run #7: crashed: INFO: rcu detected stall in sys_setxattr run #8: crashed: INFO: rcu detected stall in sys_setxattr run #9: crashed: INFO: rcu detected stall in sys_setxattr run #10: crashed: INFO: rcu detected stall in sys_setxattr run #11: crashed: INFO: rcu detected stall in sys_setxattr run #12: crashed: INFO: rcu detected stall in sys_setxattr run #13: crashed: INFO: rcu detected stall in sys_setxattr run #14: crashed: INFO: rcu detected stall in sys_setxattr run #15: crashed: INFO: rcu detected stall in sys_setxattr run #16: crashed: INFO: rcu detected stall in sys_setxattr run #17: crashed: INFO: rcu detected stall in sys_setxattr run #18: crashed: INFO: rcu detected stall in sys_setxattr run #19: crashed: INFO: rcu detected stall in sys_setxattr testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 035705f2f410c9ab614f133d24722ee604c41c968d3b1ab1fea3b4c8c168e316 all runs: OK # git bisect start b2d229d4ddb17db541098b83524d901257e93845 f443e374ae131c168a065ea1748feac6b2e76613 Bisecting: 7350 revisions left to test after this (roughly 13 steps) [169e77764adc041b1dacba84ea90516a895d43b2] Merge tag 'net-next-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next testing commit 169e77764adc041b1dacba84ea90516a895d43b2 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9e34bb5eebea4479d67c7fa5593fe2069fb78be2f4935b3f59576bb6fcd43732 run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: failed to write control pipe: write |NUM: broken pipe run #1: crashed: INFO: rcu detected stall in sys_setxattr run #2: crashed: INFO: rcu detected stall in sys_setxattr run #3: crashed: INFO: rcu detected stall in sys_setxattr run #4: crashed: INFO: rcu detected stall in sys_setxattr run #5: crashed: INFO: rcu detected stall in sys_setxattr run #6: crashed: INFO: rcu detected stall in sys_setxattr run #7: crashed: INFO: rcu detected stall in sys_setxattr run #8: crashed: INFO: rcu detected stall in sys_setxattr run #9: crashed: INFO: rcu detected stall in sys_setxattr # git bisect bad 169e77764adc041b1dacba84ea90516a895d43b2 Bisecting: 3788 revisions left to test after this (roughly 12 steps) [b4bc93bd76d4da32600795cd323c971f00a2e788] Merge tag 'arm-drivers-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit b4bc93bd76d4da32600795cd323c971f00a2e788 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 01d42ed52c2de981ca479fbe071370863cb668557a4e06a9598caad2822dd461 run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: failed to write control pipe: write |NUM: broken pipe run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good b4bc93bd76d4da32600795cd323c971f00a2e788 Bisecting: 1893 revisions left to test after this (roughly 11 steps) [4c7d2e179576e821b461bb4a58d0a834916601fa] Merge branch '100GbE' of git://git.kernel.org/pub/scm/linux/kernel/git/tnguy/next-queue testing commit 4c7d2e179576e821b461bb4a58d0a834916601fa compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3a29e507c1fd94e9ebbfe0b83a0de6ed9181d70f860f4e347af2206108b6747c all runs: OK # git bisect good 4c7d2e179576e821b461bb4a58d0a834916601fa Bisecting: 932 revisions left to test after this (roughly 10 steps) [1ebdbeb03efe89f01f15df038a589077df3d21f5] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit 1ebdbeb03efe89f01f15df038a589077df3d21f5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6bd151cf3ac8528f301ce613fc8c4ac8b3e26b6bb5d2b37b2446b30d0590862e run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: crashed: INFO: rcu detected stall in sys_setxattr run #2: crashed: INFO: rcu detected stall in sys_setxattr run #3: crashed: INFO: rcu detected stall in sys_setxattr run #4: crashed: INFO: rcu detected stall in sys_setxattr run #5: crashed: INFO: rcu detected stall in sys_setxattr run #6: crashed: INFO: rcu detected stall in sys_setxattr run #7: crashed: INFO: rcu detected stall in sys_setxattr run #8: crashed: INFO: rcu detected stall in sys_setxattr run #9: crashed: INFO: rcu detected stall in sys_setxattr # git bisect bad 1ebdbeb03efe89f01f15df038a589077df3d21f5 Bisecting: 484 revisions left to test after this (roughly 9 steps) [d2717584521a87dd410a408526bdb12b0c1e18f0] Merge tag 'ti-k3-dt-for-v5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/ti/linux into arm/dt testing commit d2717584521a87dd410a408526bdb12b0c1e18f0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: be9c9100eb820e535a2878f04549f0445c14549b7d4efad66a03f42c42b720a9 all runs: OK # git bisect good d2717584521a87dd410a408526bdb12b0c1e18f0 Bisecting: 228 revisions left to test after this (roughly 8 steps) [714797c98eddae34e81b444c906e60f890885678] Merge tag 'kvmarm-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/kvmarm/kvmarm into HEAD testing commit 714797c98eddae34e81b444c906e60f890885678 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5ce41f9fb5b79612d013ea4d0e99949b20658006d89754cd40b9552a4f990516 all runs: OK # git bisect good 714797c98eddae34e81b444c906e60f890885678 Bisecting: 103 revisions left to test after this (roughly 7 steps) [29cefaaf2b3579a0146849ea590055a563a14db5] Merge tag 'qcom-arm64-for-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into arm/dt testing commit 29cefaaf2b3579a0146849ea590055a563a14db5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 5523fc821311ba42dae0bac12f7f03b348918c702e914a0942ae8deb5d8197a2 all runs: OK # git bisect good 29cefaaf2b3579a0146849ea590055a563a14db5 Bisecting: 50 revisions left to test after this (roughly 6 steps) [dd5d787f481d999e0f76a82b112e4605fe214541] Merge tag 'arm-soc/for-5.18/devicetree' of https://github.com/Broadcom/stblinux into arm/dt testing commit dd5d787f481d999e0f76a82b112e4605fe214541 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1a5736c065c93550eb67e5f631c228109b51c9ffcefc7d2d391c2313ac1fd714 all runs: OK # git bisect good dd5d787f481d999e0f76a82b112e4605fe214541 Bisecting: 25 revisions left to test after this (roughly 5 steps) [bfb60ede2c3e5ce6281ab3fb3861c333fe131897] arm64: dts: fsd: Add the MCT support testing commit bfb60ede2c3e5ce6281ab3fb3861c333fe131897 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 1be6b000d6d3ecc128765396ca3c66e4eaee8d8fbdd8495cd4e615d7c7a7315b all runs: OK # git bisect good bfb60ede2c3e5ce6281ab3fb3861c333fe131897 Bisecting: 12 revisions left to test after this (roughly 4 steps) [cd4699c5fd66b00211f4709b9957bfd7b0a02ddc] Merge tag 'prlimit-tasklist_lock-for-v5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace testing commit cd4699c5fd66b00211f4709b9957bfd7b0a02ddc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f0c5300cf6e902739f688fa3d4a341c5459543982b08ca58a865d88113a6a0a1 all runs: crashed: INFO: rcu detected stall in sys_setxattr # git bisect bad cd4699c5fd66b00211f4709b9957bfd7b0a02ddc Bisecting: 7 revisions left to test after this (roughly 3 steps) [e257039f0fc7da36ac3a522ef9a5cb4ae7852e67] mount_setattr(): clean the control flow and calling conventions testing commit e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 794f418e612815fe57160ad209cc164f164960a1310e5a37a8066e41a5392cb3 all runs: crashed: INFO: rcu detected stall in sys_setxattr # git bisect bad e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 Bisecting: 2 revisions left to test after this (roughly 1 step) [03b6abee9ba67c20c4e5253e1a347d8c26edc511] fs: simplify check in mount_setattr_commit() testing commit 03b6abee9ba67c20c4e5253e1a347d8c26edc511 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 3fc08923835944750d3c7ac387d19bc62f358e64ecc81e699dc7ac78584bacec all runs: OK # git bisect good 03b6abee9ba67c20c4e5253e1a347d8c26edc511 Bisecting: 0 revisions left to test after this (roughly 1 step) [87bb5b60019c60e1f902e6885734cc4e5135c2d9] fs: clean up mount_setattr control flow testing commit 87bb5b60019c60e1f902e6885734cc4e5135c2d9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: cbbcfbd9bff6d7552bfc19c4af408bbc7d2dad03d17e889e78da052a22fecb1e all runs: OK # git bisect good 87bb5b60019c60e1f902e6885734cc4e5135c2d9 e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 is the first bad commit commit e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 Author: Al Viro Date: Mon Feb 28 23:04:20 2022 -0500 mount_setattr(): clean the control flow and calling conventions separate the "cleanup" and "apply" codepaths (they have almost no overlap), fold the "cleanup" into "prepare" (which eliminates the need of ->revert) and make loops more idiomatic. Signed-off-by: Al Viro fs/namespace.c | 82 ++++++++++++++++++++++++++++------------------------------ 1 file changed, 40 insertions(+), 42 deletions(-) culprit signature: 794f418e612815fe57160ad209cc164f164960a1310e5a37a8066e41a5392cb3 parent signature: cbbcfbd9bff6d7552bfc19c4af408bbc7d2dad03d17e889e78da052a22fecb1e revisions tested: 15, total time: 2h43m43.435401063s (build: 1h29m19.330274233s, test: 1h12m56.793267358s) first bad commit: e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 mount_setattr(): clean the control flow and calling conventions recipients (to): ["linux-kernel@vger.kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): ["linux-fsdevel@vger.kernel.org" "viro@zeniv.linux.org.uk"] crash: INFO: rcu detected stall in sys_setxattr rcu: INFO: rcu_preempt self-detected stall on CPU rcu: 0-....: (10500 ticks this GP) idle=61d/1/0x4000000000000000 softirq=6020/6020 fqs=5250 (t=10502 jiffies g=5745 q=363) NMI backtrace for cpu 0 CPU: 0 PID: 4056 Comm: syz-executor140 Not tainted 5.17.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 nmi_cpu_backtrace.cold+0x30/0xc0 lib/nmi_backtrace.c:111 nmi_trigger_cpumask_backtrace+0x18f/0x1d0 lib/nmi_backtrace.c:62 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline] rcu_dump_cpu_stacks+0x25e/0x3f0 kernel/rcu/tree_stall.h:343 print_cpu_stall kernel/rcu/tree_stall.h:604 [inline] check_cpu_stall kernel/rcu/tree_stall.h:688 [inline] rcu_pending kernel/rcu/tree.c:3919 [inline] rcu_sched_clock_irq.cold+0x5c/0x759 kernel/rcu/tree.c:2617 update_process_times+0x13b/0x1c0 kernel/time/timer.c:1785 tick_sched_handle+0x6f/0x130 kernel/time/tick-sched.c:226 tick_sched_timer+0x132/0x210 kernel/time/tick-sched.c:1428 __run_hrtimer kernel/time/hrtimer.c:1685 [inline] __hrtimer_run_queues+0x18a/0xb00 kernel/time/hrtimer.c:1749 hrtimer_interrupt+0x2f5/0x780 kernel/time/hrtimer.c:1811 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline] __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103 sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:__mnt_want_write+0x85/0x230 fs/namespace.c:347 Code: 84 c0 74 08 3c 03 0f 8e 5d 01 00 00 8b 43 10 f6 c4 02 74 2e 48 b8 00 00 00 00 00 fc ff df 4c 89 e5 48 c1 ed 03 48 01 c5 f3 90 <0f> b6 45 00 84 c0 74 08 3c 03 0f 8e 3c 01 00 00 8b 43 10 f6 c4 02 RSP: 0018:ffffc90001b3fe00 EFLAGS: 00000202 RAX: 0000000000000220 RBX: ffff8880108739a0 RCX: 1ffffffff1e6e920 RDX: 1ffff1100210e736 RSI: ffffffff88cb9200 RDI: ffff888078cb9458 RBP: ffffed100210e736 R08: 0000000000000001 R09: ffffffff8e16b15f R10: fffffbfff1c2d62b R11: 000000000007a078 R12: ffff8880108739b0 R13: ffff8880108739d0 R14: 0000000000000000 R15: 0000000000000000 mnt_want_write+0x103/0x310 fs/namespace.c:378 path_setxattr+0x9d/0x170 fs/xattr.c:593 __do_sys_setxattr fs/xattr.c:611 [inline] __se_sys_setxattr fs/xattr.c:607 [inline] __x64_sys_setxattr+0xbb/0x150 fs/xattr.c:607 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f4138249cc9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f41381da2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc RAX: ffffffffffffffda RBX: 00007f41382d14b0 RCX: 00007f4138249cc9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000200 RBP: 00007f413829f074 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e R13: 695f70756f72672c R14: 695f726573752c30 R15: 00007f41382d14b8 ---------------- Code disassembly (best guess): 0: 84 c0 test %al,%al 2: 74 08 je 0xc 4: 3c 03 cmp $0x3,%al 6: 0f 8e 5d 01 00 00 jle 0x169 c: 8b 43 10 mov 0x10(%rbx),%eax f: f6 c4 02 test $0x2,%ah 12: 74 2e je 0x42 14: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 1b: fc ff df 1e: 4c 89 e5 mov %r12,%rbp 21: 48 c1 ed 03 shr $0x3,%rbp 25: 48 01 c5 add %rax,%rbp 28: f3 90 pause * 2a: 0f b6 45 00 movzbl 0x0(%rbp),%eax <-- trapping instruction 2e: 84 c0 test %al,%al 30: 74 08 je 0x3a 32: 3c 03 cmp $0x3,%al 34: 0f 8e 3c 01 00 00 jle 0x176 3a: 8b 43 10 mov 0x10(%rbx),%eax 3d: f6 c4 02 test $0x2,%ah