ci2 starts bisection 2024-05-31 18:11:35.431044517 +0000 UTC m=+32328.818256743 bisecting fixing commit since 5d96939590c0122be2138255c921e57e3f78b7bd building syzkaller on 3ba885bcb66dec1678d8842ddeb6805786d32a3f ensuring issue is reproducible on original commit 5d96939590c0122be2138255c921e57e3f78b7bd testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: daffaba882e90fee2f05eaae79d94c4e3c4575b842f7297aa402b4ef1eaa955b run #0: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in kernel_clone run #5: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #6: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #7: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #8: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #9: crashed: BUG: scheduling while atomic in do_epoll_wait run #10: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #11: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #12: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #13: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #14: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #15: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #16: crashed: BUG: scheduling while atomic in pipe_read run #17: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #18: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #19: crashed: BUG: soft lockup in syscall_exit_to_user_mode representative crash: BUG: scheduling while atomic in exit_to_user_mode_prepare, types: [ATOMIC_SLEEP] check whether we can drop unnecessary instrumentation disabling configs for [LOCKDEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 902ed5e420c2b6e24fc9f6f0f66186bdc3000cfa4a922bfcc3cd02ac59cb95f2 run #0: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #5: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #6: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #7: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #8: crashed: BUG: scheduling while atomic in futex_wait_queue_me run #9: crashed: BUG: workqueue lockup representative crash: BUG: scheduling while atomic in exit_to_user_mode_prepare, types: [ATOMIC_SLEEP] the bug reproduces without the instrumentation disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed kconfig minimization: base=4920 full=6158 leaves diff=242 split chunks (needed=false): <242> split chunk #0 of len 242 into 5 parts testing without sub-chunk 1/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: a2c1b00feadc4dd4c2511901f41d962618914fa10bafdd1f02cb7ea37ece90cc run #0: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #5: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #6: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #7: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #8: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #9: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare representative crash: BUG: scheduling while atomic in _vm_unmap_aliases, types: [ATOMIC_SLEEP] the chunk can be dropped testing without sub-chunk 2/5 disabling configs for [UBSAN BUG KASAN LOCKDEP HANG LEAK], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 80228311186fcd54552060e762ee6b2c7e8ea5d65ecf5c8bfd42761ae52a4c57 run #0: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: BUG: scheduling while atomic in exit_to_user_mode_prepare, types: [ATOMIC_SLEEP] the chunk can be dropped testing without sub-chunk 3/5 disabling configs for [LEAK UBSAN BUG KASAN LOCKDEP HANG], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 5e93a546c50c482fcf7d6825a27b30e01d4b39d147da2fa579a7393f2e9e8c16 run #0: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: BUG: scheduling while atomic in exit_to_user_mode_prepare, types: [ATOMIC_SLEEP] the chunk can be dropped testing without sub-chunk 4/5 disabling configs for [LOCKDEP HANG LEAK UBSAN BUG KASAN], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: 8d7babc2c242688fd1c03ffa1d43a21a492396d940c94b78b75365b8c1e2bf31 run #0: crashed: BUG: workqueue leaked lock or atomic in wb_workfn run #1: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #4: basic kernel testing failed: failed to copy binary to VM: timedout after 1m0s ["scp" "-P" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "IdentitiesOnly=yes" "-o" "BatchMode=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-v" "/tmp/syz-executor1246859943" "root@10.128.1.12:./syz-executor1246859943"] Executing: program /usr/bin/ssh host 10.128.1.12, user root, command sftp OpenSSH_9.2p1 Debian-2+deb12u2, OpenSSL 3.0.11 19 Sep 2023 debug1: Reading configuration data /dev/null debug1: Connecting to 10.128.1.12 [10.128.1.12] port 22. debug1: fd 3 clearing O_NONBLOCK debug1: Connection established. debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa_sk type -1 debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: identity file /root/.ssh/id_ed25519_sk type -1 debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /root/.ssh/id_xmss type -1 debug1: identity file /root/.ssh/id_xmss-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.1 debug1: compat_banner: match: OpenSSH_9.1 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 10.128.1.12:22 as 'root' debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: sntrup761x25519-sha512@openssh.com debug1: kex: host key algorithm: ssh-ed25519 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: SSH2_MSG_KEX_ECDH_REPLY received debug1: Server host key: ssh-ed25519 SHA256:88IuL3orPAmVsyjIy2DvkKzVRHqGoDXxazNYOfOHasg debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory Warning: Permanently added '10.128.1.12' (ED25519) to the list of known hosts. debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: Will attempt key: /root/.ssh/id_rsa debug1: Will attempt key: /root/.ssh/id_ecdsa debug1: Will attempt key: /root/.ssh/id_ecdsa_sk debug1: Will attempt key: /root/.ssh/id_ed25519 debug1: Will attempt key: /root/.ssh/id_ed25519_sk debug1: Will attempt key: /root/.ssh/id_xmss debug1: Will attempt key: /root/.ssh/id_dsa debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs= debug1: kex_input_ext_info: publickey-hostbound@openssh.com=<0> debug1: SSH2_MSG_SERVICE_ACCEPT received Authenticated to 10.128.1.12 ([10.128.1.12]:22) using "none". debug1: channel 0: new session [client-session] (inactive timeout: 0) debug1: Requesting no-more-sessions@openssh.com debug1: Entering interactive session. debug1: pledge: network debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0 debug1: Sending subsystem: sftp debug1: pledge: fork scp: debug1: stat remote: No such file or directory scp: debug1: truncating at 825544 run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK representative crash: BUG: scheduling while atomic in _vm_unmap_aliases, types: [ATOMIC_SLEEP UNKNOWN] the chunk can be dropped testing without sub-chunk 5/5 disabling configs for [HANG LEAK UBSAN BUG KASAN LOCKDEP], they are not needed testing commit 5d96939590c0122be2138255c921e57e3f78b7bd gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 failed building 5d96939590c0122be2138255c921e57e3f78b7bd: net/socket.c:1191: undefined reference to `wext_handle_ioctl' net/socket.c:3385: undefined reference to `compat_wext_handle_ioctl' net/core/net-procfs.c:343: undefined reference to `wext_proc_exit' net/core/net-procfs.c:327: undefined reference to `wext_proc_init' minimized to 46 configs; suspects: [HID_ZEROPLUS USB_NET_GL620A USB_NET_MCS7830 USB_NET_NET1080 USB_NET_PLUSB USB_NET_RNDIS_HOST USB_NET_SMSC75XX USB_NET_SMSC95XX USB_NET_SR9700 USB_NET_SR9800 USB_NET_ZAURUS USB_OHCI_HCD USB_OHCI_HCD_PCI USB_OHCI_HCD_PLATFORM USB_OTG USB_OTG_FSM USB_PRINTER USB_SERIAL USB_SERIAL_FTDI_SIO USB_SERIAL_GENERIC USB_SERIAL_PL2303 USB_STORAGE_ALAUDA USB_STORAGE_CYPRESS_ATACB USB_STORAGE_DATAFAB USB_STORAGE_FREECOM USB_STORAGE_ISD200 USB_STORAGE_JUMPSHOT USB_STORAGE_KARMA USB_STORAGE_ONETOUCH USB_STORAGE_SDDR09 USB_STORAGE_SDDR55 USB_STORAGE_USBAT USB_TRANCEVIBRATOR USB_U_AUDIO USB_U_ETHER USB_U_SERIAL USB_WDM WLAN WLAN_VENDOR_ATH WLAN_VENDOR_ATMEL WLAN_VENDOR_BROADCOM WLAN_VENDOR_INTERSIL WLAN_VENDOR_MARVELL WLAN_VENDOR_MEDIATEK WLAN_VENDOR_MICROCHIP WLAN_VENDOR_RALINK WLAN_VENDOR_REALTEK WLAN_VENDOR_RSI WLAN_VENDOR_ZYDAS X86_X32 ZEROPLUS_FF] disabling configs for [UBSAN BUG KASAN LOCKDEP HANG LEAK], they are not needed testing current HEAD 424f92bcbe8fa613ada7aec5ebe4ef434d5e50e4 testing commit 424f92bcbe8fa613ada7aec5ebe4ef434d5e50e4 gcc compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.40 kernel signature: e955fa56dfd949a862c5ac37bbdeaec3aa3660dc548864eaf1fffd2d633c1aba run #0: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #1: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #2: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #3: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #4: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #5: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #6: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #7: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #8: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #9: crashed: lost connection to test machine run #10: crashed: BUG: scheduling while atomic in _vm_unmap_aliases run #11: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #12: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #13: crashed: BUG: scheduling while atomic in exit_to_user_mode_prepare run #14: OK run #15: OK run #16: OK run #17: OK run #18: OK run #19: OK representative crash: BUG: scheduling while atomic in exit_to_user_mode_prepare, types: [ATOMIC_SLEEP] crash still not fixed/happens on the oldest tested release reproducer is flaky (0.44 repro chance estimate) revisions tested: 7, total time: 1h29m52.172050421s (build: 23m54.089146133s, test: 1h4m26.066838096s) crash still not fixed or there were kernel test errors commit msg: Merge branch 'android13-5.15' into branch 'android13-5.15-lts' crash: BUG: scheduling while atomic in exit_to_user_mode_prepare BUG: scheduling while atomic: syz-executor.3/1289/0x00000002 Modules linked in: Preemption disabled at: [] is_module_text_address+0x13/0x50 kernel/module.c:4811 CPU: 0 PID: 1289 Comm: syz-executor.3 Not tainted 5.15.149-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x38/0x49 lib/dump_stack.c:106 dump_stack+0x10/0x12 lib/dump_stack.c:113 __schedule_bug.cold+0x80/0xab kernel/sched/core.c:5707 schedule_debug kernel/sched/core.c:5734 [inline] __schedule+0x65d/0x730 kernel/sched/core.c:6402 schedule+0x60/0xf0 kernel/sched/core.c:6595 exit_to_user_mode_loop kernel/entry/common.c:163 [inline] exit_to_user_mode_prepare+0xd0/0x150 kernel/entry/common.c:208 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline] syscall_exit_to_user_mode+0x21/0x40 kernel/entry/common.c:301 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x61/0xcb RIP: 0033:0x7f02eb55bea9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f02eb0dd0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: 0000000000000006 RBX: 00007f02eb689f80 RCX: 00007f02eb55bea9 RDX: 0000000000000048 RSI: 0000000020000b40 RDI: 0000000000000005 RBP: 00007f02eb5a84a4 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 000000000000000b R14: 00007f02eb689f80 R15: 00007ffe791f3278