bisecting cause commit starting from 9152a993930d53e94f4857d79681152b9b58636b building syzkaller on 269d24e857a757d09a898086a2fa6fa5d827c3e1 testing commit 9152a993930d53e94f4857d79681152b9b58636b with gcc (GCC) 8.1.0 kernel signature: c8a17723af904913cfbd0471303b93ad0fb81c20ce17518ad12a20c271943373 all runs: crashed: BUG: sleeping function called from invalid context in mm_access testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 8.1.0 kernel signature: 395a614079c9030036488f72c030c4708fae86b9aba956ca15d15003efd3a593 all runs: OK # git bisect start 9152a993930d53e94f4857d79681152b9b58636b 2c85ebc57b3e1817b6ce1a6b703928e113a90442 Bisecting: 8521 revisions left to test after this (roughly 13 steps) [ba1d41a55e4d07c7b27ee2f6e7cf5b5348849261] Merge tag 'pstore-v5.11-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux testing commit ba1d41a55e4d07c7b27ee2f6e7cf5b5348849261 with gcc (GCC) 8.1.0 kernel signature: c581044ad986d37375d5831fa28a336adcd63d2a41080b373d1817986ae58691 all runs: OK # git bisect good ba1d41a55e4d07c7b27ee2f6e7cf5b5348849261 Bisecting: 4264 revisions left to test after this (roughly 12 steps) [c45647f9f562b52915b43b6bb447827cebf511bd] Merge tag 'for-linus' of git://git.armlinux.org.uk/~rmk/linux testing commit c45647f9f562b52915b43b6bb447827cebf511bd with gcc (GCC) 8.1.0 kernel signature: 7b498b3ac6bfc77371f95b98148c9ef23a4fa3ec5a79a09ce19c69fef6f0bb8d run #0: basic kernel testing failed: timed out run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good c45647f9f562b52915b43b6bb447827cebf511bd Bisecting: 2119 revisions left to test after this (roughly 11 steps) [45b9c7e9dedb801490309871a67505f10992efde] Merge remote-tracking branch 'vfs/for-next' testing commit 45b9c7e9dedb801490309871a67505f10992efde with gcc (GCC) 8.1.0 kernel signature: 4c89896891603e4646de0c038451d1faf89d0c1b7559d268eeca0e3bdb4edd83 all runs: OK # git bisect good 45b9c7e9dedb801490309871a67505f10992efde Bisecting: 1050 revisions left to test after this (roughly 10 steps) [88f193b51baf037087fa4243478ae050396a9d17] Merge remote-tracking branch 'mmc/next' testing commit 88f193b51baf037087fa4243478ae050396a9d17 with gcc (GCC) 8.1.0 kernel signature: 05d39f831b487d3966e1156ddc66a9dbfe89938cf4cec39a5e6b337dd93e7ee8 all runs: OK # git bisect good 88f193b51baf037087fa4243478ae050396a9d17 Bisecting: 518 revisions left to test after this (roughly 9 steps) [4775197007c8330685868df8683d7761e32f45f6] Merge remote-tracking branch 'phy-next/next' testing commit 4775197007c8330685868df8683d7761e32f45f6 with gcc (GCC) 8.1.0 kernel signature: b8820d0f51244a2501228e2f34a756df6a1d87b4755aae8a00ce2b9675d30a98 all runs: OK # git bisect good 4775197007c8330685868df8683d7761e32f45f6 Bisecting: 250 revisions left to test after this (roughly 8 steps) [3fcb7a89ec2c6679934c3cdf0e56013a093959c2] Merge remote-tracking branch 'livepatching/for-next' testing commit 3fcb7a89ec2c6679934c3cdf0e56013a093959c2 with gcc (GCC) 8.1.0 kernel signature: a2a3301a889dd9008501509b61037665aa693b8e8f7bbceda5e3fda3a9105ab6 all runs: OK # git bisect good 3fcb7a89ec2c6679934c3cdf0e56013a093959c2 Bisecting: 125 revisions left to test after this (roughly 7 steps) [1f732e852831c1b2a33eb10cfb5cb562713a7cae] kfence, kasan: make KFENCE compatible with KASAN testing commit 1f732e852831c1b2a33eb10cfb5cb562713a7cae with gcc (GCC) 8.1.0 kernel signature: 939024ddfb7c88af300fc7d1ea2429f89fa26f83f0623684eecbbeb2bc98ed96 all runs: OK # git bisect good 1f732e852831c1b2a33eb10cfb5cb562713a7cae Bisecting: 62 revisions left to test after this (roughly 6 steps) [bcfe91588c7c3c0c05a168851dceb289de0c2f33] Merge remote-tracking branch 'mhi/mhi-next' testing commit bcfe91588c7c3c0c05a168851dceb289de0c2f33 with gcc (GCC) 8.1.0 kernel signature: ca9e2dc79770c1610041e40ad4b58fb0f54f956ada949c92d35634712fea3c8c all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad bcfe91588c7c3c0c05a168851dceb289de0c2f33 Bisecting: 32 revisions left to test after this (roughly 5 steps) [a432f69cd46c42554cfa91059c2445ac7c8167f9] Merge remote-tracking branch 'nvmem/for-next' testing commit a432f69cd46c42554cfa91059c2445ac7c8167f9 with gcc (GCC) 8.1.0 kernel signature: 7f6e1808862c52429d71a1306194f18160a332f7df866ba640c5fed2fcc93134 all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad a432f69cd46c42554cfa91059c2445ac7c8167f9 Bisecting: 14 revisions left to test after this (roughly 4 steps) [09b812ac146f5266ad26bd4435c44a369a6d24b8] arm64: disable recordmcount with DYNAMIC_FTRACE_WITH_REGS testing commit 09b812ac146f5266ad26bd4435c44a369a6d24b8 with gcc (GCC) 8.1.0 kernel signature: 686a1cf27965d4631af2d2202c845780c182f9688bb852248f1570578a5bcbd8 all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad 09b812ac146f5266ad26bd4435c44a369a6d24b8 Bisecting: 7 revisions left to test after this (roughly 3 steps) [7918ea64195df1c9b0046ff5b93d2cfd83da2c0c] init: lto: ensure initcall ordering testing commit 7918ea64195df1c9b0046ff5b93d2cfd83da2c0c with gcc (GCC) 8.1.0 kernel signature: 259c83950a5fabdcb956b290c1492c3693f39a9ea739a3fb177468c19de3d652 all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad 7918ea64195df1c9b0046ff5b93d2cfd83da2c0c Bisecting: 3 revisions left to test after this (roughly 2 steps) [6eb20c5338a064513059a33198d28a1ed48e894a] kbuild: lto: fix module versioning testing commit 6eb20c5338a064513059a33198d28a1ed48e894a with gcc (GCC) 8.1.0 kernel signature: e28f09a1629759137676aabb30abde7aba3aafe0d5c09b3dfab63126aa0dd761 all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad 6eb20c5338a064513059a33198d28a1ed48e894a Bisecting: 0 revisions left to test after this (roughly 1 step) [833174494976b3526d0108822c2b3c4202794403] kbuild: add support for Clang LTO testing commit 833174494976b3526d0108822c2b3c4202794403 with gcc (GCC) 8.1.0 kernel signature: e28f09a1629759137676aabb30abde7aba3aafe0d5c09b3dfab63126aa0dd761 all runs: crashed: BUG: sleeping function called from invalid context in mm_access # git bisect bad 833174494976b3526d0108822c2b3c4202794403 Bisecting: 0 revisions left to test after this (roughly 0 steps) [3b15cdc15956673ba1551d79bceae471436ac6a9] tracing: move function tracer options to Kconfig testing commit 3b15cdc15956673ba1551d79bceae471436ac6a9 with gcc (GCC) 8.1.0 kernel signature: f543b6f8c9eb51f03e508db6f69f02f7a145ff0491979e7f54cbbe8a70a89e07 all runs: OK # git bisect good 3b15cdc15956673ba1551d79bceae471436ac6a9 833174494976b3526d0108822c2b3c4202794403 is the first bad commit commit 833174494976b3526d0108822c2b3c4202794403 Author: Sami Tolvanen Date: Fri Dec 11 10:46:19 2020 -0800 kbuild: add support for Clang LTO This change adds build system support for Clang's Link Time Optimization (LTO). With -flto, instead of ELF object files, Clang produces LLVM bitcode, which is compiled into native code at link time, allowing the final binary to be optimized globally. For more details, see: https://llvm.org/docs/LinkTimeOptimization.html The Kconfig option CONFIG_LTO_CLANG is implemented as a choice, which defaults to LTO being disabled. To use LTO, the architecture must select ARCH_SUPPORTS_LTO_CLANG and support: - compiling with Clang, - compiling all assembly code with Clang's integrated assembler, - and linking with LLD. While using CONFIG_LTO_CLANG_FULL results in the best runtime performance, the compilation is not scalable in time or memory. CONFIG_LTO_CLANG_THIN enables ThinLTO, which allows parallel optimization and faster incremental builds. ThinLTO is used by default if the architecture also selects ARCH_SUPPORTS_LTO_CLANG_THIN: https://clang.llvm.org/docs/ThinLTO.html To enable LTO, LLVM tools must be used to handle bitcode files, by passing LLVM=1 and LLVM_IAS=1 options to make: $ make LLVM=1 LLVM_IAS=1 defconfig $ scripts/config -e LTO_CLANG_THIN $ make LLVM=1 LLVM_IAS=1 To prepare for LTO support with other compilers, common parts are gated behind the CONFIG_LTO option, and LTO can be disabled for specific files by filtering out CC_FLAGS_LTO. Signed-off-by: Sami Tolvanen Reviewed-by: Kees Cook Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20201211184633.3213045-3-samitolvanen@google.com Makefile | 19 +++++++- arch/Kconfig | 91 +++++++++++++++++++++++++++++++++++++++ fs/proc/array.c | 11 +++-- fs/proc/base.c | 21 ++++----- include/asm-generic/vmlinux.lds.h | 11 +++-- mm/mempolicy.c | 11 +++-- mm/migrate.c | 16 ++++--- scripts/Makefile.build | 9 +++- scripts/Makefile.modfinal | 9 +++- scripts/Makefile.modpost | 21 ++++++++- scripts/link-vmlinux.sh | 32 ++++++++++---- 11 files changed, 208 insertions(+), 43 deletions(-) culprit signature: e28f09a1629759137676aabb30abde7aba3aafe0d5c09b3dfab63126aa0dd761 parent signature: f543b6f8c9eb51f03e508db6f69f02f7a145ff0491979e7f54cbbe8a70a89e07 revisions tested: 16, total time: 2h51m3.914708929s (build: 1h12m9.345047393s, test: 1h37m14.069985673s) first bad commit: 833174494976b3526d0108822c2b3c4202794403 kbuild: add support for Clang LTO recipients (to): ["akpm@linux-foundation.org" "arnd@arndb.de" "clang-built-linux@googlegroups.com" "keescook@chromium.org" "linux-arch@vger.kernel.org" "linux-fsdevel@vger.kernel.org" "linux-kbuild@vger.kernel.org" "linux-mm@kvack.org" "masahiroy@kernel.org" "michal.lkml@markovi.net" "natechancellor@gmail.com" "ndesaulniers@google.com" "samitolvanen@google.com"] recipients (cc): ["adobriyan@gmail.com" "aneesh.kumar@linux.ibm.com" "ebiederm@xmission.com" "gladkov.alexey@gmail.com" "keescook@chromium.org" "linux-kernel@vger.kernel.org" "peterz@infradead.org" "rppt@kernel.org" "yifeifz2@illinois.edu"] crash: BUG: sleeping function called from invalid context in mm_access BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1375 in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 10191, name: syz-executor.1 1 lock held by syz-executor.1/10191: #0: ffffffff84e190c0 (rcu_read_lock){....}-{1:2}, at: kernel_migrate_pages+0x6d/0x3d0 mm/mempolicy.c:1527 Preemption disabled at: [<0000000000000000>] 0x0 CPU: 0 PID: 10191 Comm: syz-executor.1 Not tainted 5.11.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x77/0x97 lib/dump_stack.c:120 ___might_sleep.cold.120+0xf2/0x106 kernel/sched/core.c:7901 down_read_killable+0x18/0x170 kernel/locking/rwsem.c:1375 mm_access+0x1d/0x90 kernel/fork.c:1228 kernel_migrate_pages+0xf9/0x3d0 mm/mempolicy.c:1546 __do_sys_migrate_pages mm/mempolicy.c:1599 [inline] __se_sys_migrate_pages mm/mempolicy.c:1595 [inline] __x64_sys_migrate_pages+0x15/0x20 mm/mempolicy.c:1595 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e219 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fecc710fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 RBP: 000000000119bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c R13: 00007ffe50697aaf R14: 00007fecc71109c0 R15: 000000000119bf8c ============================= [ BUG: Invalid wait context ] 5.11.0-rc2-syzkaller #0 Tainted: G W ----------------------------- syz-executor.1/10191 is trying to lock: ffff88811e72c5d8 (&sig->exec_update_lock){++++}-{3:3}, at: mm_access+0x1d/0x90 kernel/fork.c:1228 other info that might help us debug this: context-{4:4} 1 lock held by syz-executor.1/10191: #0: ffffffff84e190c0 (rcu_read_lock){....}-{1:2}, at: kernel_migrate_pages+0x6d/0x3d0 mm/mempolicy.c:1527 stack backtrace: CPU: 1 PID: 10191 Comm: syz-executor.1 Tainted: G W 5.11.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x77/0x97 lib/dump_stack.c:120 print_lock_invalid_wait_context kernel/locking/lockdep.c:4484 [inline] check_wait_context kernel/locking/lockdep.c:4545 [inline] __lock_acquire.cold.74+0x1e1/0x2be kernel/locking/lockdep.c:4782 lock_acquire+0xd0/0x3e0 kernel/locking/lockdep.c:5437 down_read_killable+0x3a/0x170 kernel/locking/rwsem.c:1376 mm_access+0x1d/0x90 kernel/fork.c:1228 kernel_migrate_pages+0xf9/0x3d0 mm/mempolicy.c:1546 __do_sys_migrate_pages mm/mempolicy.c:1599 [inline] __se_sys_migrate_pages mm/mempolicy.c:1595 [inline] __x64_sys_migrate_pages+0x15/0x20 mm/mempolicy.c:1595 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e219 Code: 0d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007fecc710fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000100 RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000000 RBP: 000000000119bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000119bf8c R13: 00007ffe50697aaf R14: 00007fecc71109c0 R15: 000000000119bf8c