bisecting cause commit starting from 31ccad9ba50305d346c6a07760e7ef37686219b9
building syzkaller on 1ab4c999204f727316e77b769e51f6ebdaae00ff
testing commit 31ccad9ba50305d346c6a07760e7ef37686219b9 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
testing release v5.1
testing commit e93c9c99a629c61837d5a7fc2120cd2b6c70dbdd with gcc (GCC) 8.1.0
all runs: OK
# git bisect start 31ccad9ba50305d346c6a07760e7ef37686219b9 v5.1
Bisecting: 6388 revisions left to test after this (roughly 13 steps)
[d93c087538bdd0f10429086b20d9f6fbc536f8cd] Merge remote-tracking branch 'v4l-dvb/master'
testing commit d93c087538bdd0f10429086b20d9f6fbc536f8cd with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
# git bisect bad d93c087538bdd0f10429086b20d9f6fbc536f8cd
Bisecting: 3204 revisions left to test after this (roughly 12 steps)
[9556bee36044123c5533a48f7cfb886650d38512] Merge remote-tracking branch 'netfilter/master'
testing commit 9556bee36044123c5533a48f7cfb886650d38512 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 9556bee36044123c5533a48f7cfb886650d38512
Bisecting: 1677 revisions left to test after this (roughly 11 steps)
[bf0d09607870ac0442b01b5b9d2d7039ec3ef528] Merge remote-tracking branch 'tegra/for-next'
testing commit bf0d09607870ac0442b01b5b9d2d7039ec3ef528 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good bf0d09607870ac0442b01b5b9d2d7039ec3ef528
Bisecting: 849 revisions left to test after this (roughly 10 steps)
[dca19154b040d7a8e61d65bb6103987b21092393] Merge remote-tracking branch 'nfs-anna/linux-next'
testing commit dca19154b040d7a8e61d65bb6103987b21092393 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
# git bisect bad dca19154b040d7a8e61d65bb6103987b21092393
Bisecting: 364 revisions left to test after this (roughly 9 steps)
[4771f0e2cd681a69fd5b072f8a207e5679696e54] Merge remote-tracking branch 'powerpc/next'
testing commit 4771f0e2cd681a69fd5b072f8a207e5679696e54 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 4771f0e2cd681a69fd5b072f8a207e5679696e54
Bisecting: 169 revisions left to test after this (roughly 8 steps)
[44cbb6959503c6a3460ff40f44fb6e96f74bb200] Merge remote-tracking branch 'cifs/for-next'
testing commit 44cbb6959503c6a3460ff40f44fb6e96f74bb200 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 44cbb6959503c6a3460ff40f44fb6e96f74bb200
Bisecting: 80 revisions left to test after this (roughly 6 steps)
[e0a8b7a85cad5fb0bc264a3a2df19f71f118d3eb] Merge remote-tracking branch 'f2fs/dev'
testing commit e0a8b7a85cad5fb0bc264a3a2df19f71f118d3eb with gcc (GCC) 8.1.0
all runs: OK
# git bisect good e0a8b7a85cad5fb0bc264a3a2df19f71f118d3eb
Bisecting: 40 revisions left to test after this (roughly 5 steps)
[4ba02e8d0ea5461d0e55e76c91481f1153f63365] xprtrdma: Increase maximum number of backchannel requests
testing commit 4ba02e8d0ea5461d0e55e76c91481f1153f63365 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 4ba02e8d0ea5461d0e55e76c91481f1153f63365
Bisecting: 20 revisions left to test after this (roughly 4 steps)
[b422df915cef80333d7a1732e6ed81f41db12b79] lockd: Store the lockd client credential in struct nlm_host
testing commit b422df915cef80333d7a1732e6ed81f41db12b79 with gcc (GCC) 8.1.0
all runs: OK
# git bisect good b422df915cef80333d7a1732e6ed81f41db12b79
Bisecting: 10 revisions left to test after this (roughly 3 steps)
[7142fd1be3275a64773a2252ed6b97e924677e9f] fuse: fix changelog entry for protocol 7.9
testing commit 7142fd1be3275a64773a2252ed6b97e924677e9f with gcc (GCC) 8.1.0
all runs: OK
# git bisect good 7142fd1be3275a64773a2252ed6b97e924677e9f
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[73947ae141becf05cc718e431a7149aeda350760] SUNRPC: Fix an error code in gss_alloc_msg()
testing commit 73947ae141becf05cc718e431a7149aeda350760 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
# git bisect bad 73947ae141becf05cc718e431a7149aeda350760
Bisecting: 2 revisions left to test after this (roughly 1 step)
[6d3b4157e6a9ce7ca3e93276d93878fe8bd2b3f5] PNFS fallback to MDS if no deviceid found
testing commit 6d3b4157e6a9ce7ca3e93276d93878fe8bd2b3f5 with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
# git bisect bad 6d3b4157e6a9ce7ca3e93276d93878fe8bd2b3f5
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[950a578c6128c2886e295b9c7ecb0b6b22fcc92b] NFS: make nfs_match_client killable
testing commit 950a578c6128c2886e295b9c7ecb0b6b22fcc92b with gcc (GCC) 8.1.0
all runs: crashed: WARNING: locking bug in nfs_get_client
# git bisect bad 950a578c6128c2886e295b9c7ecb0b6b22fcc92b
950a578c6128c2886e295b9c7ecb0b6b22fcc92b is the first bad commit
commit 950a578c6128c2886e295b9c7ecb0b6b22fcc92b
Author: Roberto Bergantinos Corpas <rbergant@redhat.com>
Date:   Thu Apr 25 15:36:51 2019 +0200

    NFS: make nfs_match_client killable
    
        Actually we don't do anything with return value from
        nfs_wait_client_init_complete in nfs_match_client, as a
        consequence if we get a fatal signal and client is not
        fully initialised, we'll loop to "again" label
    
        This has been proven to cause soft lockups on some scenarios
        (no-carrier but configured network interfaces)
    
    Signed-off-by: Roberto Bergantinos Corpas <rbergant@redhat.com>
    Reviewed-by: Benjamin Coddington <bcodding@redhat.com>
    Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>

:040000 040000 23256121ec6cca4fff54b4098eff912053265e48 3343f173e9bba7218fe5b9f5879c86a10d0ef49e M	fs
revisions tested: 15, total time: 4h3m59.51812566s (build: 1h46m20.28942197s, test: 2h9m37.438671856s)
first bad commit: 950a578c6128c2886e295b9c7ecb0b6b22fcc92b NFS: make nfs_match_client killable
cc: ["anna.schumaker@netapp.com" "bcodding@redhat.com" "linux-kernel@vger.kernel.org" "linux-nfs@vger.kernel.org" "rbergant@redhat.com" "trond.myklebust@hammerspace.com"]
crash: WARNING: locking bug in nfs_get_client
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(depth <= 0)
WARNING: CPU: 0 PID: 7167 at kernel/locking/lockdep.c:3961 __lock_release kernel/locking/lockdep.c:3961 [inline]
WARNING: CPU: 0 PID: 7167 at kernel/locking/lockdep.c:3961 lock_release+0x613/0x8b0 kernel/locking/lockdep.c:4230
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 7167 Comm: syz-executor.2 Not tainted 5.1.0-rc6+ #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x113/0x167 lib/dump_stack.c:113
 panic+0x212/0x41d kernel/panic.c:214
 __warn.cold.8+0x1b/0x36 kernel/panic.c:571
 report_bug+0x1a4/0x200 lib/bug.c:186
 fixup_bug arch/x86/kernel/traps.c:179 [inline]
 do_error_trap+0x11b/0x200 arch/x86/kernel/traps.c:272
 do_invalid_op+0x36/0x40 arch/x86/kernel/traps.c:291
 invalid_op+0x14/0x20 arch/x86/entry/entry_64.S:973
RIP: 0010:__lock_release kernel/locking/lockdep.c:3961 [inline]
RIP: 0010:lock_release+0x613/0x8b0 kernel/locking/lockdep.c:4230
Code: 03 38 d0 7c 08 84 d2 0f 85 a3 02 00 00 8b 35 48 dc 83 07 85 f6 75 15 48 c7 c6 a0 af ea 86 48 c7 c7 00 7f ea 86 e8 a0 f5 ec ff <0f> 0b 48 8b 95 70 ff ff ff 4c 89 ee 4c 89 f7 e8 69 56 ff ff e9 df
RSP: 0018:ffff88809011f6d8 EFLAGS: 00010086
RAX: 0000000000000000 RBX: 1ffff11012023edf RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
RBP: ffff88809011f780 R08: fffffbfff10328c5 R09: fffffbfff10328c4
R10: fffffbfff10328c4 R11: ffffffff88194623 R12: ffffffff89cc7a20
R13: ffff88808fe16200 R14: ffff888090418080 R15: ffff8880904188f8
 __raw_spin_unlock include/linux/spinlock_api_smp.h:150 [inline]
 _raw_spin_unlock+0x1a/0x50 kernel/locking/spinlock.c:176
 spin_unlock include/linux/spinlock.h:369 [inline]
 nfs_get_client+0xaca/0x1090 fs/nfs/client.c:412
 nfs_init_server+0x22c/0xd30 fs/nfs/client.c:674
 nfs_create_server+0xfb/0x5b0 fs/nfs/client.c:961
 nfs_try_mount+0x15c/0x790 fs/nfs/super.c:1882
 nfs_fs_mount+0x13f3/0x2230 fs/nfs/super.c:2718
 legacy_get_tree+0xeb/0x1d0 fs/fs_context.c:584
 vfs_get_tree+0x102/0x400 fs/super.c:1481
 do_new_mount fs/namespace.c:2622 [inline]
 do_mount+0x10f7/0x2990 fs/namespace.c:2942
 ksys_mount+0xba/0xe0 fs/namespace.c:3151
 __do_sys_mount fs/namespace.c:3165 [inline]
 __se_sys_mount fs/namespace.c:3162 [inline]
 __x64_sys_mount+0xb9/0x150 fs/namespace.c:3162
 do_syscall_64+0xd6/0x4e0 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458da9
Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fa14cdc6c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000458da9
RDX: 0000000020fb5ffc RSI: 0000000020343ff8 RDI: 0000000000000000
RBP: 000000000073c040 R08: 000000002000a000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa14cdc76d4
R13: 00000000004c4d9b R14: 00000000004d8a08 R15: 00000000ffffffff
Kernel Offset: disabled
Rebooting in 86400 seconds..