ci2 starts bisection 2023-07-21 11:12:23.377575119 +0000 UTC m=+33246.669471931 bisecting cause commit starting from 59b65efafe20d18e4d05e8b3f63445bc12cb2cda building syzkaller on 022df2bb9a105c303cf24c910b8e787cf642a3f3 ensuring issue is reproducible on original commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c8125c3444f1e3e46b3e6266f8244fcc0daeb898b83d54169b338d5c92dfedcf run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: crashed: BUG: corrupted list in p9_fd_cancelled run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: crashed: BUG: corrupted list in p9_fd_cancelled run #6: OK run #7: crashed: BUG: corrupted list in p9_fd_cancelled run #8: crashed: BUG: corrupted list in p9_fd_cancelled run #9: crashed: BUG: corrupted list in corrupted run #10: crashed: BUG: corrupted list in corrupted run #11: crashed: general protection fault in p9_fd_cancelled run #12: crashed: general protection fault in p9_fd_cancelled run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK run #22: OK run #23: OK run #24: OK run #25: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] check whether we can drop unnecessary instrumentation disabling configs for [UBSAN KASAN LOCKDEP ATOMIC_SLEEP HANG LEAK], they are not needed testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d7fa02f475a0b46dc4b50f52b46f7c6ba5930bb321ce72eddeeabbbfeafbb747 run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] kconfig minimization: base=4789 full=6022 leaves diff=240 split chunks (needed=false): <240> split chunk #0 of len 240 into 5 parts testing without sub-chunk 1/5 testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: ede1e8b44f2b9f1d5943f527c35a8f0b4b4faac02c8f47a5ed2bcd85c7c00cc9 run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: OK run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] testing without sub-chunk 2/5 testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 32e4f53d4d231352d8407836f6df8f605a4cd130e84c4761a42221a5bc6b6da1 all runs: OK false negative chance: 0.001 testing without sub-chunk 3/5 testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: c302036762034601423bc1b11c80fa165b828c31ae59dd6f0d5e92c7237bd618 run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: OK run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: OK run #6: crashed: BUG: corrupted list in p9_fd_cancelled run #7: crashed: BUG: corrupted list in p9_fd_cancelled run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK run #22: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] testing without sub-chunk 4/5 testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e88681fdb9eba37ea9656b67d9d64857425f03ce0c682c5932933e7d96daa231 run #0: OK run #1: crashed: BUG: corrupted list in p9_conn_cancel run #2: crashed: BUG: corrupted list in p9_conn_cancel run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: crashed: BUG: corrupted list in p9_fd_cancelled run #6: crashed: BUG: corrupted list in p9_fd_cancelled run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK run #22: OK representative crash: BUG: corrupted list in p9_conn_cancel, types: [BUG] testing without sub-chunk 5/5 testing commit 59b65efafe20d18e4d05e8b3f63445bc12cb2cda gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 22a1cf23b1d7b17bb9b8ad8639610372021c12f5bc123ccabc72ee00416f955c run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: crashed: BUG: corrupted list in p9_fd_cancelled run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in corrupted run #5: crashed: BUG: corrupted list in corrupted run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK run #22: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] minimized to 240 configs; suspects: [BLK_DEV_INITRD CFG80211 CFG80211_REQUIRE_SIGNED_REGDB CFG80211_USE_KERNEL_REGDB_KEYS DEBUG_INFO_BTF DRAGONRISE_FF DRM DRM_BRIDGE DRM_GEM_SHMEM_HELPER DRM_KMS_HELPER DRM_PANEL DRM_PANEL_BRIDGE DRM_PANEL_ORIENTATION_QUIRKS DRM_TTM DRM_TTM_DMA_PAGE_POOL DRM_VIRTIO_GPU DUMMY_CONSOLE DVB_CORE FB FB_CMDLINE FB_DEFERRED_IO FB_NOTIFY FB_SYS_COPYAREA FB_SYS_FILLRECT FB_SYS_FOPS FB_SYS_IMAGEBLIT GPIOLIB_IRQCHIP GREENASIA_FF HDMI HID_A4TECH HID_ACRUX HID_ACRUX_FF HID_APPLEIR HID_AUREAL HID_BELKIN HID_CHERRY HID_CHICONY HID_CP2112 HID_CYPRESS HID_DRAGONRISE HID_ELO HID_EMS_FF HID_EZKEY HID_GREENASIA HID_GT683R HID_GYRATION HID_HOLTEK HID_ICADE HID_ITE HID_KENSINGTON HID_KEYTOUCH HID_KYE HID_LCPOWER HID_LED HID_LENOVO HID_MONTEREY HID_NTI HID_NTRIG HID_ORTEK HID_PANTHERLORD HID_PENMOUNT HID_PETALYNX HID_PICOLCD_FB HID_PICOLCD_LEDS HID_PID HID_PRIMAX HID_PRODIKEYS HID_RMI HID_SAITEK HID_SAMSUNG HID_SENSOR_CUSTOM_SENSOR HID_SENSOR_HUB HID_SMARTJOYPLUS HID_SPEEDLINK HID_STEELSERIES HID_SUNPLUS HID_THINGM HID_THRUSTMASTER HID_TIVO HID_TOPSEED HID_TWINHAN HID_WALTOP HID_XINMO HID_ZEROPLUS HID_ZYDACRON HOLTEK_FF HOTPLUG_PCI HWMON HW_CONSOLE I2C_MUX INPUT_JOYSTICK INPUT_LEDS INPUT_MOUSE INPUT_TABLET INPUT_TOUCHSCREEN INTEGRITY INTEGRITY_AUDIT JOYSTICK_XPAD JOYSTICK_XPAD_FF JOYSTICK_XPAD_LEDS KCOV KCOV_ENABLE_COMPARISONS KCOV_INSTRUMENT_ALL LCD_CLASS_DEVICE LOCALVERSION_AUTO LOGIG940_FF LOGIRUMBLEPAD2_FF LOGITECH_FF LOGIWHEELS_FF MAC80211 MAC80211_HAS_RC MAC80211_RC_DEFAULT_MINSTREL MAC80211_RC_MINSTREL MEDIA_ANALOG_TV_SUPPORT MEDIA_ATTACH MEDIA_DIGITAL_TV_SUPPORT MEDIA_RADIO_SUPPORT MEDIA_TUNER MFD_CORE NL80211_TESTMODE NOP_USB_XCEIV PANTHERLORD_FF RADIO_ADAPTERS REGMAP_SPI RESET_CONTROLLER RFKILL RFKILL_LEDS RMI4_2D_SENSOR RMI4_CORE RMI4_F03 RMI4_F03_SERIO RMI4_F11 RMI4_F12 RMI4_F30 SMARTJOYPLUS_FF SMSC_PHY SND SND_COMPRESS_OFFLOAD SND_DMAENGINE_PCM SND_DMA_SGBUF SND_DYNAMIC_MINORS SND_HRTIMER SND_HWDEP SND_PCI SND_PCM SND_PCM_TIMER SND_PROC_FS SND_RAWMIDI SND_SOC SND_SOC_ACPI SND_SOC_ACPI_INTEL_MATCH SND_SOC_COMPRESS SND_SOC_GENERIC_DMAENGINE_PCM SND_SOC_I2C_AND_SPI SND_SOC_INTEL_MACH SND_SOC_INTEL_SST_TOPLEVEL SND_SOC_TOPOLOGY SND_SPI SND_SST_ATOM_HIFI2_PLATFORM SND_SST_ATOM_HIFI2_PLATFORM_ACPI SND_TIMER SND_USB SND_USB_AUDIO SND_USB_AUDIO_USE_MEDIA_CONTROLLER SND_VERBOSE_PROCFS SND_X86 SOUND TABLET_USB_ACECAD TABLET_USB_AIPTEK TABLET_USB_GTCO TABLET_USB_HANWANG TABLET_USB_KBTAB THRUSTMASTER_FF TOUCHSCREEN_PROPERTIES TYPEC_FUSB302 USB_ARMLINUX USB_BELKIN USB_CONFIGFS USB_CONFIGFS_ACM USB_CONFIGFS_ECM USB_CONFIGFS_ECM_SUBSET USB_CONFIGFS_EEM USB_CONFIGFS_F_ACC USB_CONFIGFS_F_AUDIO_SRC USB_CONFIGFS_F_FS USB_CONFIGFS_F_HID USB_CONFIGFS_F_LB_SS USB_CONFIGFS_F_MIDI USB_CONFIGFS_F_PRINTER USB_CONFIGFS_F_UAC1 USB_CONFIGFS_F_UAC1_LEGACY USB_CONFIGFS_F_UAC2 USB_CONFIGFS_F_UVC USB_CONFIGFS_MASS_STORAGE USB_CONFIGFS_NCM USB_CONFIGFS_OBEX USB_CONFIGFS_RNDIS USB_CONFIGFS_SERIAL USB_CONFIGFS_UEVENT USB_EHCI_ROOT_HUB_TT USB_EHSET_TEST_FIXTURE USB_F_ACC USB_F_ACM USB_F_AUDIO_SRC USB_F_ECM USB_F_EEM USB_F_FS USB_F_HID USB_F_MASS_STORAGE USB_F_MIDI USB_F_NCM USB_F_OBEX USB_F_PRINTER USB_F_RNDIS USB_F_SERIAL USB_F_SS_LB USB_F_SUBSET USB_F_UAC1 USB_F_UAC1_LEGACY USB_F_UAC2 USB_F_UVC USB_GADGET_DEBUG_FILES USB_GADGET_DEBUG_FS USB_IPHETH USB_ISP1760 USB_ISP1760_HCD USB_ISP1760_HOST_ROLE USB_LIBCOMPOSITE USB_LINK_LAYER_TEST USB_MON USB_NET_CDC_MBIM USB_NET_CDC_SUBSET USB_NET_CDC_SUBSET_ENABLE USB_NET_DM9601 USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL USB_SERIAL_FTDI_SIO USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM VT WIRELESS WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_ZYDAS X86_X32 ZEROPLUS_FF] testing release v5.10.186 testing commit 381518b4a9165cd793599c1668c82079fcbcbe1f gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 55eb0e2afa1654ee5ca3f57c1f7411388a46d6a903046c6fac8953286e288727 run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: crashed: BUG: corrupted list in p9_fd_cancelled run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] testing release v5.10.185 testing commit ef0d5feb32ab7007d1316e9c5037cd7d9f7febbf gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: caa4894728734b5e156924d9e0ae961ea492e0ef23307daa4d488f600aa9b666 all runs: OK false negative chance: 0.001 # git bisect start 381518b4a9165cd793599c1668c82079fcbcbe1f ef0d5feb32ab7007d1316e9c5037cd7d9f7febbf Bisecting: 40 revisions left to test after this (roughly 5 steps) [ced13bc50ef0f0ba4f6ea8808792c472a0bcf308] net: qca_spi: Avoid high load if QCA7000 is not available testing commit ced13bc50ef0f0ba4f6ea8808792c472a0bcf308 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 32edf360756cc3b53a3cc95183e725b4f315531db87bc90f81ce7e719fee0adc run #0: crashed: BUG: corrupted list in p9_conn_cancel run #1: crashed: BUG: corrupted list in p9_conn_cancel run #2: crashed: general protection fault in p9_fd_cancelled run #3: crashed: general protection fault in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: crashed: BUG: corrupted list in p9_fd_cancelled run #6: OK run #7: crashed: BUG: corrupted list in p9_fd_cancelled run #8: crashed: BUG: corrupted list in p9_fd_cancelled run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK run #22: OK run #23: OK representative crash: BUG: corrupted list in p9_conn_cancel, types: [BUG UNKNOWN] # git bisect bad ced13bc50ef0f0ba4f6ea8808792c472a0bcf308 Bisecting: 20 revisions left to test after this (roughly 4 steps) [bc35f93e4bd7b134c09506c9d1f794c0c93f467c] regulator: pca9450: Fix LDO3OUT and LDO4OUT MASK testing commit bc35f93e4bd7b134c09506c9d1f794c0c93f467c gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: b959581c49e4dd4f9a631ef96874b86197fd95189cf022f22374bacd5fd4f236 run #0: OK run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: crashed: BUG: corrupted list in p9_fd_cancelled run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] # git bisect bad bc35f93e4bd7b134c09506c9d1f794c0c93f467c Bisecting: 9 revisions left to test after this (roughly 3 steps) [8b8c9812c04828dd8304e9680e88a1e0b458da67] Drivers: hv: vmbus: Fix vmbus_wait_for_unload() to scan present CPUs testing commit 8b8c9812c04828dd8304e9680e88a1e0b458da67 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d2a149ff06dcfab397c353a7e314b90b5337b12e6d94d3899b1f8c93a0e86cb1 all runs: OK false negative chance: 0.039 # git bisect good 8b8c9812c04828dd8304e9680e88a1e0b458da67 Bisecting: 4 revisions left to test after this (roughly 2 steps) [63608437a83ddabe497cfc163237e654eb563701] cgroup: Do not corrupt task iteration when rebinding subsystem testing commit 63608437a83ddabe497cfc163237e654eb563701 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: d0954e598892b0cb162cd3c8420b920e49fcc594d926961dd191ab73197564e1 all runs: OK false negative chance: 0.039 # git bisect good 63608437a83ddabe497cfc163237e654eb563701 Bisecting: 2 revisions left to test after this (roughly 1 step) [1be288fd3b0d2f6c7a763680faa614f4b5a08449] mmc: meson-gx: remove redundant mmc_request_done() call from irq context testing commit 1be288fd3b0d2f6c7a763680faa614f4b5a08449 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 6f84a8b1552d48fe69271a8afb44b4363a5a98e364e9f4e1e318d6a282a775f7 run #0: crashed: BUG: corrupted list in p9_fd_cancelled run #1: crashed: BUG: corrupted list in p9_fd_cancelled run #2: OK run #3: crashed: BUG: corrupted list in p9_fd_cancelled run #4: crashed: BUG: corrupted list in p9_fd_cancelled run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK run #10: OK run #11: OK run #12: OK run #13: OK run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK run #20: OK run #21: OK representative crash: BUG: corrupted list in p9_fd_cancelled, types: [BUG] # git bisect bad 1be288fd3b0d2f6c7a763680faa614f4b5a08449 Bisecting: 0 revisions left to test after this (roughly 0 steps) [1b97630cd9a9d66c9f5189a0a6a65438735f5b0c] mmc: sdhci-msm: Disable broken 64-bit DMA on MSM8916 testing commit 1b97630cd9a9d66c9f5189a0a6a65438735f5b0c gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 84cc1a3c47af9bec0cce2e45a2ef62461d7624bbfd540215b52b57f4444534ca all runs: OK false negative chance: 0.069 # git bisect good 1b97630cd9a9d66c9f5189a0a6a65438735f5b0c 1be288fd3b0d2f6c7a763680faa614f4b5a08449 is the first bad commit commit 1be288fd3b0d2f6c7a763680faa614f4b5a08449 Author: Martin Hundebøll Date: Wed Jun 7 10:27:12 2023 +0200 mmc: meson-gx: remove redundant mmc_request_done() call from irq context commit 3c40eb8145325b0f5b93b8a169146078cb2c49d6 upstream. The call to mmc_request_done() can schedule, so it must not be called from irq context. Wake the irq thread if it needs to be called, and let its existing logic do its work. Fixes the following kernel bug, which appears when running an RT patched kernel on the AmLogic Meson AXG A113X SoC: [ 11.111407] BUG: scheduling while atomic: kworker/0:1H/75/0x00010001 [ 11.111438] Modules linked in: [ 11.111451] CPU: 0 PID: 75 Comm: kworker/0:1H Not tainted 6.4.0-rc3-rt2-rtx-00081-gfd07f41ed6b4-dirty #1 [ 11.111461] Hardware name: RTX AXG A113X Linux Platform Board (DT) [ 11.111469] Workqueue: kblockd blk_mq_run_work_fn [ 11.111492] Call trace: [ 11.111497] dump_backtrace+0xac/0xe8 [ 11.111510] show_stack+0x18/0x28 [ 11.111518] dump_stack_lvl+0x48/0x60 [ 11.111530] dump_stack+0x18/0x24 [ 11.111537] __schedule_bug+0x4c/0x68 [ 11.111548] __schedule+0x80/0x574 [ 11.111558] schedule_loop+0x2c/0x50 [ 11.111567] schedule_rtlock+0x14/0x20 [ 11.111576] rtlock_slowlock_locked+0x468/0x730 [ 11.111587] rt_spin_lock+0x40/0x64 [ 11.111596] __wake_up_common_lock+0x5c/0xc4 [ 11.111610] __wake_up+0x18/0x24 [ 11.111620] mmc_blk_mq_req_done+0x68/0x138 [ 11.111633] mmc_request_done+0x104/0x118 [ 11.111644] meson_mmc_request_done+0x38/0x48 [ 11.111654] meson_mmc_irq+0x128/0x1f0 [ 11.111663] __handle_irq_event_percpu+0x70/0x114 [ 11.111674] handle_irq_event_percpu+0x18/0x4c [ 11.111683] handle_irq_event+0x80/0xb8 [ 11.111691] handle_fasteoi_irq+0xa4/0x120 [ 11.111704] handle_irq_desc+0x20/0x38 [ 11.111712] generic_handle_domain_irq+0x1c/0x28 [ 11.111721] gic_handle_irq+0x8c/0xa8 [ 11.111735] call_on_irq_stack+0x24/0x4c [ 11.111746] do_interrupt_handler+0x88/0x94 [ 11.111757] el1_interrupt+0x34/0x64 [ 11.111769] el1h_64_irq_handler+0x18/0x24 [ 11.111779] el1h_64_irq+0x64/0x68 [ 11.111786] __add_wait_queue+0x0/0x4c [ 11.111795] mmc_blk_rw_wait+0x84/0x118 [ 11.111804] mmc_blk_mq_issue_rq+0x5c4/0x654 [ 11.111814] mmc_mq_queue_rq+0x194/0x214 [ 11.111822] blk_mq_dispatch_rq_list+0x3ac/0x528 [ 11.111834] __blk_mq_sched_dispatch_requests+0x340/0x4d0 [ 11.111847] blk_mq_sched_dispatch_requests+0x38/0x70 [ 11.111858] blk_mq_run_work_fn+0x3c/0x70 [ 11.111865] process_one_work+0x17c/0x1f0 [ 11.111876] worker_thread+0x1d4/0x26c [ 11.111885] kthread+0xe4/0xf4 [ 11.111894] ret_from_fork+0x10/0x20 Fixes: 51c5d8447bd7 ("MMC: meson: initial support for GX platforms") Cc: stable@vger.kernel.org Signed-off-by: Martin Hundebøll Link: https://lore.kernel.org/r/20230607082713.517157-1-martin@geanix.com Signed-off-by: Ulf Hansson Signed-off-by: Greg Kroah-Hartman drivers/mmc/host/meson-gx-mmc.c | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) accumulated error probability: 0.14 culprit signature: 6f84a8b1552d48fe69271a8afb44b4363a5a98e364e9f4e1e318d6a282a775f7 parent signature: 84cc1a3c47af9bec0cce2e45a2ef62461d7624bbfd540215b52b57f4444534ca reproducer is flaky (0.12 repro chance estimate) revisions tested: 15, total time: 4h5m47.101187289s (build: 1h43m21.412684037s, test: 2h16m48.735008177s) first bad commit: 1be288fd3b0d2f6c7a763680faa614f4b5a08449 mmc: meson-gx: remove redundant mmc_request_done() call from irq context recipients (to): ["gregkh@linuxfoundation.org" "martin@geanix.com" "ulf.hansson@linaro.org"] recipients (cc): [] crash: BUG: corrupted list in p9_fd_cancelled list_del corruption, ffff88810823e848->next is LIST_POISON1 (dead000000000100) ------------[ cut here ]------------ kernel BUG at lib/list_debug.c:53! invalid opcode: 0000 [#1] PREEMPT SMP KASAN CPU: 1 PID: 1104 Comm: syz-executor.0 Not tainted 5.10.185-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2023 RIP: 0010:__list_del_entry_valid.cold+0x59/0x6c lib/list_debug.c:53 Code: e8 05 d1 fd ff 0f 0b 4c 89 e6 48 c7 c7 00 23 01 85 e8 f4 d0 fd ff 0f 0b 4c 89 f2 4c 89 e6 48 c7 c7 c0 23 01 85 e8 e0 d0 fd ff <0f> 0b 4c 89 e6 48 c7 c7 e0 24 01 85 e8 cf d0 fd ff 0f 0b 49 83 cf RSP: 0018:ffffc90000e576d0 EFLAGS: 00010282 RAX: 000000000000004e RBX: 0000000000000005 RCX: 0000000000000000 RDX: ffff888107565d00 RSI: ffffffff814c5e8a RDI: fffff520001caecc RBP: ffffc90000e576e8 R08: 000000000000004e R09: 0000000000000000 R10: 0000000080000001 R11: 6c65645f7473696c R12: ffff88810823e848 R13: dead000000000122 R14: dead000000000100 R15: ffff88810823e850 FS: 00007fad663c96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020404030 CR3: 000000011955a000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: __list_del_entry include/linux/list.h:132 [inline] list_del include/linux/list.h:146 [inline] p9_fd_cancelled+0x78/0x250 net/9p/trans_fd.c:725 p9_client_flush+0x379/0x480 net/9p/client.c:677 p9_client_rpc+0x10e9/0x12f0 net/9p/client.c:784 p9_client_version net/9p/client.c:952 [inline] p9_client_create+0xacd/0x1250 net/9p/client.c:1052 v9fs_session_init+0x1e6/0x1720 fs/9p/v9fs.c:406 v9fs_mount+0x7d/0x940 fs/9p/vfs_super.c:126 legacy_get_tree+0xf6/0x200 fs/fs_context.c:592 vfs_get_tree+0x88/0x2e0 fs/super.c:1550 do_new_mount fs/namespace.c:2899 [inline] path_mount+0x6ca/0x2110 fs/namespace.c:3229 do_mount fs/namespace.c:3242 [inline] __do_sys_mount fs/namespace.c:3450 [inline] __se_sys_mount fs/namespace.c:3427 [inline] __x64_sys_mount+0x2aa/0x340 fs/namespace.c:3427 do_syscall_64+0x32/0x80 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x61/0xc6 RIP: 0033:0x7fad66888b29 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fad663c90c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00007fad669a8120 RCX: 00007fad66888b29 RDX: 00000000200001c0 RSI: 0000000020000040 RDI: 0000000000000000 RBP: 00007fad668d447a R08: 0000000020000300 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000006e R14: 00007fad669a8120 R15: 00007fffb1e98c88 Modules linked in: ---[ end trace bddfcf50fbbcf43b ]--- RIP: 0010:__list_del_entry_valid.cold+0x59/0x6c lib/list_debug.c:53 Code: e8 05 d1 fd ff 0f 0b 4c 89 e6 48 c7 c7 00 23 01 85 e8 f4 d0 fd ff 0f 0b 4c 89 f2 4c 89 e6 48 c7 c7 c0 23 01 85 e8 e0 d0 fd ff <0f> 0b 4c 89 e6 48 c7 c7 e0 24 01 85 e8 cf d0 fd ff 0f 0b 49 83 cf RSP: 0018:ffffc90000e576d0 EFLAGS: 00010282 RAX: 000000000000004e RBX: 0000000000000005 RCX: 0000000000000000 RDX: ffff888107565d00 RSI: ffffffff814c5e8a RDI: fffff520001caecc RBP: ffffc90000e576e8 R08: 000000000000004e R09: 0000000000000000 R10: 0000000080000001 R11: 6c65645f7473696c R12: ffff88810823e848 R13: dead000000000122 R14: dead000000000100 R15: ffff88810823e850 FS: 00007fad663c96c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020404030 CR3: 000000011955a000 CR4: 00000000003506a0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400