bisecting cause commit starting from 7c8ca8129ee9724cb1527895fe6dec942ef07f19
building syzkaller on bd2a760b69f2df56a20577ba8c0665105766f3bd
testing commit 7c8ca8129ee9724cb1527895fe6dec942ef07f19 with gcc (GCC) 8.1.0
kernel signature: 93ebc89aa22096de38b049c5e1948e8c813b69e7504718df766a7260a515d232
all runs: crashed: INFO: task hung in __io_uring_files_cancel
testing release v5.9
testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0
kernel signature: a82b63d060ceb014a456a27cdef2f1ec1d15fc82de1427bc4784201d6479e67b
all runs: OK
# git bisect start 7c8ca8129ee9724cb1527895fe6dec942ef07f19 bbf5c979011a099af5dc76498918ed7df445635b
Bisecting: 11201 revisions left to test after this (roughly 14 steps)
[49dc6fbce33011733601e4e81c551e066f1682fc] Merge tag 'kgdb-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/danielt/linux
testing commit 49dc6fbce33011733601e4e81c551e066f1682fc with gcc (GCC) 8.1.0
kernel signature: ce8ea1b7ea31644fcf1ba40afc1ed247f9ed23bf439675cc41a5152ef6bdbe39
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 49dc6fbce33011733601e4e81c551e066f1682fc
Bisecting: 5824 revisions left to test after this (roughly 13 steps)
[726eb70e0d34dc4bc4dada71f52bba8ed638431e] Merge tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc
testing commit 726eb70e0d34dc4bc4dada71f52bba8ed638431e with gcc (GCC) 8.1.0
kernel signature: d5bd28ba36e60e83ed074ec70cf139f5bc065cfc4d5edf0dfe079783098eed4e
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 726eb70e0d34dc4bc4dada71f52bba8ed638431e
Bisecting: 2690 revisions left to test after this (roughly 11 steps)
[527f6750d92beb9c787d8aba48477b1e834d64e5] kasan: remove mentions of unsupported Clang versions
testing commit 527f6750d92beb9c787d8aba48477b1e834d64e5 with gcc (GCC) 8.1.0
kernel signature: 7a9c31039090fe1cbcde8b3fe9e6fd4a69113a7b63335b9d7e8c5c085a5f33c5
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 527f6750d92beb9c787d8aba48477b1e834d64e5
Bisecting: 1326 revisions left to test after this (roughly 10 steps)
[647412daeb454b6dad12a6c6961ab90aac9e5d29] Merge tag 'mmc-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
testing commit 647412daeb454b6dad12a6c6961ab90aac9e5d29 with gcc (GCC) 8.1.0
kernel signature: 7d1d62a2633770e9926affe2d928bf62bb5dfe9f521c45c61724148210a280ca
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 647412daeb454b6dad12a6c6961ab90aac9e5d29
Bisecting: 687 revisions left to test after this (roughly 9 steps)
[3bff6112c80cecb76af5fe485506f96e8adb6122] Merge tag 'perf-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit 3bff6112c80cecb76af5fe485506f96e8adb6122 with gcc (GCC) 8.1.0
kernel signature: 9df8ab64eb68a26d43ed878cd913ddbc0700bcdbfaf229c1cf653a8e6a0b2704
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 3bff6112c80cecb76af5fe485506f96e8adb6122
Bisecting: 370 revisions left to test after this (roughly 8 steps)
[f5f59336a9ae8f683772d6b8cb2d6732b5e567ea] Merge tag 'timers-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit f5f59336a9ae8f683772d6b8cb2d6732b5e567ea with gcc (GCC) 8.1.0
kernel signature: bb408c90d534046327cc0f4f7118c8eddc58e67a41e33c26f90e42ad57957f81
all runs: OK
# git bisect good f5f59336a9ae8f683772d6b8cb2d6732b5e567ea
Bisecting: 203 revisions left to test after this (roughly 8 steps)
[edaa5ddf3833669a25654d42c0fb653dfdd906df] Merge tag 'sched-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit edaa5ddf3833669a25654d42c0fb653dfdd906df with gcc (GCC) 8.1.0
kernel signature: 88fabfce4dd682c33f07d1682d4d454d6b90ba3cf129c338c8d9d85c4ab3f6b3
all runs: OK
# git bisect good edaa5ddf3833669a25654d42c0fb653dfdd906df
Bisecting: 104 revisions left to test after this (roughly 7 steps)
[e6412f9833db23740ee848ab3d6e7af18dff82a6] Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit e6412f9833db23740ee848ab3d6e7af18dff82a6 with gcc (GCC) 8.1.0
kernel signature: 52fd7ba20e92362af44da212b012125ce8369475b452e38e7ad793c68ef1253f
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad e6412f9833db23740ee848ab3d6e7af18dff82a6
Bisecting: 54 revisions left to test after this (roughly 6 steps)
[e705d397965811ac528d7213b42d74ffe43caf38] Merge branch 'locking/urgent' into locking/core, to pick up fixes
testing commit e705d397965811ac528d7213b42d74ffe43caf38 with gcc (GCC) 8.1.0
kernel signature: 3212850ca64286f450a96c527dc825ec059085f082fecb4539b7d6b4ed8ae963
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad e705d397965811ac528d7213b42d74ffe43caf38
Bisecting: 21 revisions left to test after this (roughly 5 steps)
[ad56450db86413ff911eb527b5a49e04a4345e61] locking/selftest: Add test cases for queued_read_lock()
testing commit ad56450db86413ff911eb527b5a49e04a4345e61 with gcc (GCC) 8.1.0
kernel signature: bc70a2801d9553166757bd5a4e2d6b41e603abd5a010ecbebcd76dc5f65941e0
all runs: OK
# git bisect good ad56450db86413ff911eb527b5a49e04a4345e61
Bisecting: 10 revisions left to test after this (roughly 4 steps)
[5cdd25572a29e46f932d3e6eedbd07429de66431] seqlock: Use unique prefix for seqcount_t property accessors
testing commit 5cdd25572a29e46f932d3e6eedbd07429de66431 with gcc (GCC) 8.1.0
kernel signature: d219c59d1ca27b2e669345df2a607370f8c31c2354474f0461763829588f0e1d
all runs: OK
# git bisect good 5cdd25572a29e46f932d3e6eedbd07429de66431
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[6d1823ccc480866e571ab1206665d693aeb600cf] lockdep: Optimize the memory usage of circular queue
testing commit 6d1823ccc480866e571ab1206665d693aeb600cf with gcc (GCC) 8.1.0
kernel signature: 17d1bcd30791528234aef754d69676f5bb6aa26b3ae658058fc1f56f2e68baad
all runs: OK
# git bisect good 6d1823ccc480866e571ab1206665d693aeb600cf
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710] lockdep: Revert "lockdep: Use raw_cpu_*() for per-cpu variables"
testing commit baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710 with gcc (GCC) 8.1.0
kernel signature: 60579c1d1837803a6128fc31f7588e94a7a634bb0e453c0cd46a1b35a087c4ae
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710
Bisecting: 0 revisions left to test after this (roughly 1 step)
[4d004099a668c41522242aa146a38cc4eb59cb1e] lockdep: Fix lockdep recursion
testing commit 4d004099a668c41522242aa146a38cc4eb59cb1e with gcc (GCC) 8.1.0
kernel signature: a38b0eb913450aa1c17ee2dd35f46ad53f8c91d4dc1b5e6823b9c25eb85b56cf
all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
# git bisect bad 4d004099a668c41522242aa146a38cc4eb59cb1e
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[2bb8945bcc1a768f2bc402a16c9610bba8d5187d] lockdep: Fix usage_traceoverflow
testing commit 2bb8945bcc1a768f2bc402a16c9610bba8d5187d with gcc (GCC) 8.1.0
kernel signature: fb483928c6ec840830468d2993415815eab079a2d22a0cbb7dad4966af144b72
all runs: OK
# git bisect good 2bb8945bcc1a768f2bc402a16c9610bba8d5187d
4d004099a668c41522242aa146a38cc4eb59cb1e is the first bad commit
commit 4d004099a668c41522242aa146a38cc4eb59cb1e
Author: Peter Zijlstra <peterz@infradead.org>
Date:   Fri Oct 2 11:04:21 2020 +0200

    lockdep: Fix lockdep recursion
    
    Steve reported that lockdep_assert*irq*(), when nested inside lockdep
    itself, will trigger a false-positive.
    
    One example is the stack-trace code, as called from inside lockdep,
    triggering tracing, which in turn calls RCU, which then uses
    lockdep_assert_irqs_disabled().
    
    Fixes: a21ee6055c30 ("lockdep: Change hardirq{s_enabled,_context} to per-cpu variables")
    Reported-by: Steven Rostedt <rostedt@goodmis.org>
    Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
    Signed-off-by: Ingo Molnar <mingo@kernel.org>

 include/linux/lockdep.h  | 13 ++++---
 kernel/locking/lockdep.c | 99 +++++++++++++++++++++++++++++-------------------
 2 files changed, 67 insertions(+), 45 deletions(-)
culprit signature: a38b0eb913450aa1c17ee2dd35f46ad53f8c91d4dc1b5e6823b9c25eb85b56cf
parent  signature: fb483928c6ec840830468d2993415815eab079a2d22a0cbb7dad4966af144b72
revisions tested: 17, total time: 2h55m3.020603066s (build: 1h16m6.294745518s, test: 1h37m23.616424351s)
first bad commit: 4d004099a668c41522242aa146a38cc4eb59cb1e lockdep: Fix lockdep recursion
recipients (to): ["linux-kernel@vger.kernel.org" "mingo@kernel.org" "mingo@redhat.com" "peterz@infradead.org" "peterz@infradead.org" "will@kernel.org"]
recipients (cc): []
crash: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10172
caller is lockdep_hardirqs_on_prepare+0x2f/0x1a0 kernel/locking/lockdep.c:3684
CPU: 0 PID: 10172 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0xa0 lib/dump_stack.c:118
 check_preemption_disabled+0xab/0xc0 lib/smp_processor_id.c:48
 lockdep_hardirqs_on_prepare+0x2f/0x1a0 kernel/locking/lockdep.c:3684
 trace_hardirqs_on+0x1c/0x100 kernel/trace/trace_preemptirq.c:49
 __bad_area_nosemaphore+0x5e/0x1c0 arch/x86/mm/fault.c:797
 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline]
 handle_page_fault arch/x86/mm/fault.c:1429 [inline]
 exc_page_fault+0x587/0x690 arch/x86/mm/fault.c:1482
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538
RIP: 0033:0x445125
Code: 01 74 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c <8b> 0e 89 0f 48 83 c6 04 48 83 c7 04 f6 c2 08 74 0e 48 8b 0e 48 89
RSP: 002b:00007f208750ac68 EFLAGS: 00010202
RAX: 0000000000000040 RBX: 000000000118bfc8 RCX: 0000000000000000
RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000040
RBP: 000000000118c018 R08: 0000000000000004 R09: 0000000000000000
R10: 00007f208750b9d0 R11: 0000000000000246 R12: 000000000118bfd4
R13: 00007ffdfadf4e9f R14: 00007f208750b9c0 R15: 000000000118bfd4
BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.2/10172
caller is lockdep_hardirqs_on+0x38/0x110 kernel/locking/lockdep.c:3753
CPU: 0 PID: 10172 Comm: syz-executor.2 Not tainted 5.9.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x77/0xa0 lib/dump_stack.c:118
 check_preemption_disabled+0xab/0xc0 lib/smp_processor_id.c:48
 lockdep_hardirqs_on+0x38/0x110 kernel/locking/lockdep.c:3753
 __bad_area_nosemaphore+0x5e/0x1c0 arch/x86/mm/fault.c:797
 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline]
 handle_page_fault arch/x86/mm/fault.c:1429 [inline]
 exc_page_fault+0x587/0x690 arch/x86/mm/fault.c:1482
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538
RIP: 0033:0x445125
Code: 01 74 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c <8b> 0e 89 0f 48 83 c6 04 48 83 c7 04 f6 c2 08 74 0e 48 8b 0e 48 89
RSP: 002b:00007f208750ac68 EFLAGS: 00010202
RAX: 0000000000000040 RBX: 000000000118bfc8 RCX: 0000000000000000
RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000040
RBP: 000000000118c018 R08: 0000000000000004 R09: 0000000000000000
R10: 00007f208750b9d0 R11: 0000000000000246 R12: 000000000118bfd4
R13: 00007ffdfadf4e9f R14: 00007f208750b9c0 R15: 000000000118bfd4