bisecting cause commit starting from 9ec5eea5b6acfae7279203097eeec5d02d01d9b7 building syzkaller on 98682e5e2aefc9aad61354f4f3ac93be96002a2a testing commit 9ec5eea5b6acfae7279203097eeec5d02d01d9b7 with gcc (GCC) 10.2.1 20210217 kernel signature: 19dbdabe951e2e94be33c53b5a66d1fc5602875d78db098556b222474a5d6673 all runs: crashed: possible deadlock in inet_stream_connect testing release v5.10 testing commit 2c85ebc57b3e1817b6ce1a6b703928e113a90442 with gcc (GCC) 10.2.1 20210217 kernel signature: ad0020076c568fd04e3712999367961eadbdf96cf6f928f88e3fec927cee834c all runs: OK # git bisect start 9ec5eea5b6acfae7279203097eeec5d02d01d9b7 2c85ebc57b3e1817b6ce1a6b703928e113a90442 Bisecting: 8558 revisions left to test after this (roughly 13 steps) [571b12dd1ad41f371448b693c0bd2e64968c7af4] Merge tag 'hyperv-next-signed-20201214' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux testing commit 571b12dd1ad41f371448b693c0bd2e64968c7af4 with gcc (GCC) 10.2.1 20210217 kernel signature: 22b1bef34345855c372ff8988c71a61f5c2794bab4128bbe907019bf2a4a8347 all runs: OK # git bisect good 571b12dd1ad41f371448b693c0bd2e64968c7af4 Bisecting: 4271 revisions left to test after this (roughly 12 steps) [1375b9803e007842493c64d0d73d7dd0e385e17c] Merge branch 'akpm' (patches from Andrew) testing commit 1375b9803e007842493c64d0d73d7dd0e385e17c with gcc (GCC) 10.2.1 20210217 kernel signature: fb3b0a8b146a871c0626446533e5bdcc0ccc66654ccb4a1409dd33b306de264f all runs: OK # git bisect good 1375b9803e007842493c64d0d73d7dd0e385e17c Bisecting: 2136 revisions left to test after this (roughly 11 steps) [6642d600b541b81931fb1ab0c041b0d68f77be7e] Merge tag '5.11-rc5-smb3' of git://git.samba.org/sfrench/cifs-2.6 testing commit 6642d600b541b81931fb1ab0c041b0d68f77be7e with gcc (GCC) 10.2.1 20210217 kernel signature: f44fc56c7923f490c276434cd49bc91ee25ed298acefd6d91a23ca639368323f all runs: OK # git bisect good 6642d600b541b81931fb1ab0c041b0d68f77be7e Bisecting: 1068 revisions left to test after this (roughly 10 steps) [ea92000d5430304b22f46d61508ea95b5342373c] Revert "net: Have netpoll bring-up DSA management interface" testing commit ea92000d5430304b22f46d61508ea95b5342373c with gcc (GCC) 10.2.1 20210217 kernel signature: 592ce074f61656ff12dcf292582f48cc8b5cefd856fbff830aa38cf278e0e6dd all runs: OK # git bisect good ea92000d5430304b22f46d61508ea95b5342373c Bisecting: 534 revisions left to test after this (roughly 9 steps) [7360a4de36a4826cc998ce5a89fbc9b5a2182758] net: phy: icplus: use PHY_ID_MATCH_EXACT() for IP101A/G testing commit 7360a4de36a4826cc998ce5a89fbc9b5a2182758 with gcc (GCC) 10.2.1 20210217 kernel signature: 4e60a51ab100e288dfc6753cfe521c4f92995f4e9b4b9af7aedc871ab7041682 all runs: OK # git bisect good 7360a4de36a4826cc998ce5a89fbc9b5a2182758 Bisecting: 300 revisions left to test after this (roughly 8 steps) [9d083348e938eb0330639ad08dcfe493a59a8a40] rtw88: 8822c: update RF_B (2/2) parameter tables to v60 testing commit 9d083348e938eb0330639ad08dcfe493a59a8a40 with gcc (GCC) 10.2.1 20210217 kernel signature: 0288ee0937adbcdce7f7a22051300b35dfd1f877735825e07b01a3da3b0e8d0f all runs: OK # git bisect good 9d083348e938eb0330639ad08dcfe493a59a8a40 Bisecting: 150 revisions left to test after this (roughly 7 steps) [4a8d0c999fede59b75045ea5ee40c8a6098a45b2] mac80211: minstrel_ht: show sampling rates in debugfs testing commit 4a8d0c999fede59b75045ea5ee40c8a6098a45b2 with gcc (GCC) 10.2.1 20210217 kernel signature: eaa09868c2f207f085e65ed47a58de572e113e608a7be46e656453ca7ade803d all runs: OK # git bisect good 4a8d0c999fede59b75045ea5ee40c8a6098a45b2 Bisecting: 74 revisions left to test after this (roughly 6 steps) [762d17b991608a6845704b500a5712900779c4b4] Merge branch 'tcp-mem-pressure-vs-SO_RCVLOWAT' testing commit 762d17b991608a6845704b500a5712900779c4b4 with gcc (GCC) 10.2.1 20210217 kernel signature: e3ff650cb2cebd8729ba42afb682f0e0540ed3d6d1e1aaee0861a3ac3f982d87 all runs: crashed: possible deadlock in inet_stream_connect # git bisect bad 762d17b991608a6845704b500a5712900779c4b4 Bisecting: 35 revisions left to test after this (roughly 5 steps) [21cc70c75be0d1a38da34095d1933a75ce784b1d] Merge tag 'mac80211-next-for-net-next-2021-02-12' of git://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211-next testing commit 21cc70c75be0d1a38da34095d1933a75ce784b1d with gcc (GCC) 10.2.1 20210217 kernel signature: 1ef187db79c9e00e5e74db76b04aefcb1fb92c16ec5283ca008d7b9f3d8fb1b0 all runs: crashed: possible deadlock in inet_stream_connect # git bisect bad 21cc70c75be0d1a38da34095d1933a75ce784b1d Bisecting: 19 revisions left to test after this (roughly 4 steps) [f384221a381751508f390b36d0e51bd5a7beb627] selftests: mptcp: fix ACKRX debug message testing commit f384221a381751508f390b36d0e51bd5a7beb627 with gcc (GCC) 10.2.1 20210217 kernel signature: 162295d4afb8b60ba20f974e9a13b1be66197e5ec2b071ba0d7fdbe3b78d6144 all runs: OK # git bisect good f384221a381751508f390b36d0e51bd5a7beb627 Bisecting: 9 revisions left to test after this (roughly 3 steps) [b911c97c7dc771633c68ea9b8f15070f8af3d323] mptcp: add netlink event support testing commit b911c97c7dc771633c68ea9b8f15070f8af3d323 with gcc (GCC) 10.2.1 20210217 kernel signature: f16c5a992f12c005a5ebe9cbc8d365913112bb3d225ee1a0a004ddf67f3fb1a2 run #0: crashed: possible deadlock in inet_stream_connect run #1: crashed: possible deadlock in inet_stream_connect run #2: crashed: possible deadlock in inet_stream_connect run #3: crashed: possible deadlock in inet_stream_connect run #4: crashed: possible deadlock in inet_stream_connect run #5: crashed: possible deadlock in inet_stream_connect run #6: crashed: possible deadlock in inet_stream_connect run #7: crashed: WARNING: lock held when returning to user space in inet_stream_connect run #8: crashed: possible deadlock in inet_stream_connect run #9: crashed: possible deadlock in inet_stream_connect # git bisect bad b911c97c7dc771633c68ea9b8f15070f8af3d323 Bisecting: 4 revisions left to test after this (roughly 2 steps) [a141e02e393370e082b25636401c49978b61bfcf] mptcp: split __mptcp_close_ssk helper testing commit a141e02e393370e082b25636401c49978b61bfcf with gcc (GCC) 10.2.1 20210217 kernel signature: 64456a31e87e3bc84100d034dbf54e697bb6b43a4a29979c591187189cd2ddb4 all runs: OK # git bisect good a141e02e393370e082b25636401c49978b61bfcf Bisecting: 2 revisions left to test after this (roughly 1 step) [b263b0d7d60baecda3c840a0703bb6d511f7ae2d] mptcp: move subflow close loop after sk close check testing commit b263b0d7d60baecda3c840a0703bb6d511f7ae2d with gcc (GCC) 10.2.1 20210217 kernel signature: 69e299a4e3a7c242c7b4f650dee40af196b9bc1614818a45ad635d1980493e3a run #0: crashed: possible deadlock in inet_stream_connect run #1: crashed: possible deadlock in inet_stream_connect run #2: crashed: possible deadlock in inet_stream_connect run #3: crashed: possible deadlock in inet_stream_connect run #4: crashed: possible deadlock in inet_stream_connect run #5: crashed: INFO: trying to register non-static key in inet_stream_connect run #6: crashed: possible deadlock in inet_stream_connect run #7: crashed: possible deadlock in inet_stream_connect run #8: crashed: possible deadlock in inet_stream_connect run #9: crashed: possible deadlock in inet_stream_connect # git bisect bad b263b0d7d60baecda3c840a0703bb6d511f7ae2d Bisecting: 0 revisions left to test after this (roughly 0 steps) [40947e13997a1cba4e875893ca6e5d5e61a0689d] mptcp: schedule worker when subflow is closed testing commit 40947e13997a1cba4e875893ca6e5d5e61a0689d with gcc (GCC) 10.2.1 20210217 kernel signature: 9870e1d46e1ce9ed0adf109886e109d0ba1d644c3df6c2518600bcf329dd8afa all runs: crashed: possible deadlock in inet_stream_connect # git bisect bad 40947e13997a1cba4e875893ca6e5d5e61a0689d 40947e13997a1cba4e875893ca6e5d5e61a0689d is the first bad commit commit 40947e13997a1cba4e875893ca6e5d5e61a0689d Author: Florian Westphal Date: Fri Feb 12 15:59:56 2021 -0800 mptcp: schedule worker when subflow is closed When remote side closes a subflow we should schedule the worker to dispose of the subflow in a timely manner. Otherwise, SF_CLOSED event won't be generated until the mptcp socket itself is closing or local side is closing another subflow. Signed-off-by: Florian Westphal Signed-off-by: Mat Martineau Signed-off-by: David S. Miller net/mptcp/protocol.c | 4 ++++ net/mptcp/subflow.c | 25 +++++++++++++++++++++++-- 2 files changed, 27 insertions(+), 2 deletions(-) culprit signature: 9870e1d46e1ce9ed0adf109886e109d0ba1d644c3df6c2518600bcf329dd8afa parent signature: 64456a31e87e3bc84100d034dbf54e697bb6b43a4a29979c591187189cd2ddb4 revisions tested: 16, total time: 4h6m52.110349459s (build: 1h49m57.428303084s, test: 2h15m37.266609884s) first bad commit: 40947e13997a1cba4e875893ca6e5d5e61a0689d mptcp: schedule worker when subflow is closed recipients (to): ["davem@davemloft.net" "fw@strlen.de" "mathew.j.martineau@linux.intel.com"] recipients (cc): [] crash: possible deadlock in inet_stream_connect ============================================ WARNING: possible recursive locking detected 5.11.0-rc7-syzkaller #0 Not tainted -------------------------------------------- syz-executor.0/10480 is trying to acquire lock: ffff88801a836320 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1598 [inline] ffff88801a836320 (sk_lock-AF_INET6){+.+.}-{0:0}, at: inet_stream_connect+0x3a/0xa0 net/ipv4/af_inet.c:724 but task is already holding lock: ffff88802bdbc920 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1598 [inline] ffff88802bdbc920 (sk_lock-AF_INET6){+.+.}-{0:0}, at: mptcp_stream_connect+0x80/0x700 net/mptcp/protocol.c:3163 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(sk_lock-AF_INET6); lock(sk_lock-AF_INET6); *** DEADLOCK *** May be due to missing lock nesting notation 1 lock held by syz-executor.0/10480: #0: ffff88802bdbc920 (sk_lock-AF_INET6){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1598 [inline] #0: ffff88802bdbc920 (sk_lock-AF_INET6){+.+.}-{0:0}, at: mptcp_stream_connect+0x80/0x700 net/mptcp/protocol.c:3163 stack backtrace: CPU: 1 PID: 10480 Comm: syz-executor.0 Not tainted 5.11.0-rc7-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x9a/0xcc lib/dump_stack.c:120 print_deadlock_bug kernel/locking/lockdep.c:2761 [inline] check_deadlock kernel/locking/lockdep.c:2804 [inline] validate_chain kernel/locking/lockdep.c:3595 [inline] __lock_acquire.cold+0x117/0x3ab kernel/locking/lockdep.c:4832 lock_acquire kernel/locking/lockdep.c:5442 [inline] lock_acquire+0x1a8/0x720 kernel/locking/lockdep.c:5407 lock_sock_nested+0xad/0xf0 net/core/sock.c:3071 lock_sock include/net/sock.h:1598 [inline] inet_stream_connect+0x3a/0xa0 net/ipv4/af_inet.c:724 mptcp_stream_connect+0x138/0x700 net/mptcp/protocol.c:3192 __sys_connect+0xf5/0x120 net/socket.c:1852 __do_sys_connect net/socket.c:1862 [inline] __se_sys_connect net/socket.c:1859 [inline] __x64_sys_connect+0x6a/0xb0 net/socket.c:1859 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x465d99 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f16c8ac3188 EFLAGS: 00000246 ORIG_RAX: 000000000000002a RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465d99 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00000000004bcf27 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007ffd6d54185f R14: 00007f16c8ac3300 R15: 0000000000022000