bisecting cause commit starting from 40354149f4d738dc3492d9998e45b3f02950369a building syzkaller on 8bcc32a67bc7180173447e1a78c03dae096b4231 testing commit 40354149f4d738dc3492d9998e45b3f02950369a compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: f276dfd0398ae91396c19d91c12ecc63a5a208c1b625a5dfadd716f68512396a all runs: crashed: INFO: rcu detected stall in corrupted testing release v5.17 testing commit f443e374ae131c168a065ea1748feac6b2e76613 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 11e66e16121399f50d87e8c78f63f09b4c08c04260bb7ae51d53ffb50cc5301d all runs: OK # git bisect start 40354149f4d738dc3492d9998e45b3f02950369a f443e374ae131c168a065ea1748feac6b2e76613 Bisecting: 9460 revisions left to test after this (roughly 13 steps) [b1f8ccdaae0310332d16f65bf0f622f9d4ae2391] Merge tag 'for-5.18/dm-changes' of git://git.kernel.org/pub/scm/linux/kernel/git/device-mapper/linux-dm testing commit b1f8ccdaae0310332d16f65bf0f622f9d4ae2391 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6ae7973c271d1abd96e0c18f486ad7f40c65118a7df0c29e18cf2e1544bb4ab6 all runs: crashed: INFO: rcu detected stall in sys_lsetxattr # git bisect bad b1f8ccdaae0310332d16f65bf0f622f9d4ae2391 Bisecting: 4669 revisions left to test after this (roughly 12 steps) [1ebdbeb03efe89f01f15df038a589077df3d21f5] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit 1ebdbeb03efe89f01f15df038a589077df3d21f5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 6696c1319d6c9650c799929d76bdd808ca914c646be9e1bcd4519ee1bd9dca83 all runs: crashed: INFO: rcu detected stall in sys_lsetxattr # git bisect bad 1ebdbeb03efe89f01f15df038a589077df3d21f5 Bisecting: 2342 revisions left to test after this (roughly 11 steps) [5bebe2c9ae0e0d3c6b25b8e1048bf66b1a3df621] Merge tag 'mmc-v5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc testing commit 5bebe2c9ae0e0d3c6b25b8e1048bf66b1a3df621 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 83b7102a7b9fb579b1fc240290322d0ec3b823ecd2c13794d0c986132b718de4 all runs: OK # git bisect good 5bebe2c9ae0e0d3c6b25b8e1048bf66b1a3df621 Bisecting: 1170 revisions left to test after this (roughly 10 steps) [8ffa5709e577385a1c8d20fb434cb02732f1d991] Merge tag 'arm-defconfig-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit 8ffa5709e577385a1c8d20fb434cb02732f1d991 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 53613910c7845aac894525d0cd1d38e1cde78a9e6dd025fa0a87835a295f352f all runs: OK # git bisect good 8ffa5709e577385a1c8d20fb434cb02732f1d991 Bisecting: 566 revisions left to test after this (roughly 9 steps) [29cefaaf2b3579a0146849ea590055a563a14db5] Merge tag 'qcom-arm64-for-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/qcom/linux into arm/dt testing commit 29cefaaf2b3579a0146849ea590055a563a14db5 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 421043245039264ddc969eb1dd7836d85a87a0d795f43aaf5e8178d9de6d834b all runs: OK # git bisect good 29cefaaf2b3579a0146849ea590055a563a14db5 Bisecting: 279 revisions left to test after this (roughly 8 steps) [ed4643521e6af8ab8ed1e467630a85884d2696cf] Merge tag 'arm-dt-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc testing commit ed4643521e6af8ab8ed1e467630a85884d2696cf compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 654dffb002c6dc5cd151d51a516f17f9669cbb5cf16428f6c2f2e692339d581f run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: OK run #2: OK run #3: OK run #4: OK run #5: OK run #6: OK run #7: OK run #8: OK run #9: OK # git bisect good ed4643521e6af8ab8ed1e467630a85884d2696cf Bisecting: 139 revisions left to test after this (roughly 7 steps) [a57a31684d7be2d4427292db21ef622ea9591f5b] KVM: x86: Treat x2APIC's ICR as a 64-bit register, not two 32-bit regs testing commit a57a31684d7be2d4427292db21ef622ea9591f5b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 arch/x86/kvm/lapic.c:2629:10: error: implicit declaration of function '__kvm_lapic_get_reg'; did you mean '__kvm_lapic_set_reg'? [-Werror=implicit-function-declaration] # git bisect skip a57a31684d7be2d4427292db21ef622ea9591f5b Bisecting: 139 revisions left to test after this (roughly 7 steps) [e2b5b21d3a815b7d88fc4c90e9ccc42ea9bac4f0] KVM: x86/mmu: Add dedicated helper to zap TDP MMU root shadow page testing commit e2b5b21d3a815b7d88fc4c90e9ccc42ea9bac4f0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 565e1050caf3a355cb927c22ed7e762ce9e9957c6722fa4b3e20e43a174a2e62 all runs: OK # git bisect good e2b5b21d3a815b7d88fc4c90e9ccc42ea9bac4f0 Bisecting: 57 revisions left to test after this (roughly 6 steps) [21ea457842759a236eefed2cfaa8cc7e5dc967a0] KVM: arm64: fix typos in comments testing commit 21ea457842759a236eefed2cfaa8cc7e5dc967a0 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c46338ea0b5d254b7a39c9ffa85f2a33bd84e6025bebd6297bbd8686b2b20b63 all runs: OK # git bisect good 21ea457842759a236eefed2cfaa8cc7e5dc967a0 Bisecting: 24 revisions left to test after this (roughly 5 steps) [cf5019816d87cdef7f81beea0c008bacae1c0aaa] Merge tag 'kvm-riscv-5.18-1' of https://github.com/kvm-riscv/linux into HEAD testing commit cf5019816d87cdef7f81beea0c008bacae1c0aaa compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c46efba99c02a5520900d2b1d372f7ed718d359a60d2254d50f684388be71191 all runs: OK # git bisect good cf5019816d87cdef7f81beea0c008bacae1c0aaa Bisecting: 11 revisions left to test after this (roughly 4 steps) [3ce62cf4dc3b01d1cbee1293049ca5d4c7d6d749] Merge tag 'flexible-array-transformations-5.18-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gustavoars/linux testing commit 3ce62cf4dc3b01d1cbee1293049ca5d4c7d6d749 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 8264673f940a11bb9ec37630d8dd56ca8cb401e6a5f93d50b7ebef541e825cac run #0: basic kernel testing failed: BUG: program execution failed: executor NUM: exit status NUM run #1: crashed: INFO: rcu detected stall in sys_lsetxattr run #2: crashed: INFO: rcu detected stall in sys_lsetxattr run #3: crashed: INFO: rcu detected stall in sys_lsetxattr run #4: crashed: INFO: rcu detected stall in sys_lsetxattr run #5: crashed: INFO: rcu detected stall in sys_lsetxattr run #6: crashed: INFO: rcu detected stall in sys_lsetxattr run #7: crashed: INFO: rcu detected stall in sys_lsetxattr run #8: crashed: INFO: rcu detected stall in sys_lsetxattr run #9: crashed: INFO: rcu detected stall in sys_lsetxattr # git bisect bad 3ce62cf4dc3b01d1cbee1293049ca5d4c7d6d749 Bisecting: 6 revisions left to test after this (roughly 3 steps) [15f2e3d6c1f713050d2d51f822fc4253f67ae7ac] Merge tag 'fs.v5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux testing commit 15f2e3d6c1f713050d2d51f822fc4253f67ae7ac compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: c3307801bac5f72fd73c005f0daf3ab48d0bd173d1cb72777ed9c6469cccabe7 all runs: crashed: INFO: rcu detected stall in sys_lsetxattr # git bisect bad 15f2e3d6c1f713050d2d51f822fc4253f67ae7ac Bisecting: 2 revisions left to test after this (roughly 2 steps) [ad1844a0127af8fbb87d3d7019907260daf6466b] fs: don't open-code mnt_hold_writers() testing commit ad1844a0127af8fbb87d3d7019907260daf6466b compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 9fac4709c6b11e420dc8812c1e30e0de19d9f3384e523321898148363eb713e4 all runs: OK # git bisect good ad1844a0127af8fbb87d3d7019907260daf6466b Bisecting: 1 revision left to test after this (roughly 1 step) [87bb5b60019c60e1f902e6885734cc4e5135c2d9] fs: clean up mount_setattr control flow testing commit 87bb5b60019c60e1f902e6885734cc4e5135c2d9 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 7ca4699fa9d22ff630bb9d0cacf7bfe4b4a3ac0d89f411ce24758b03ac03c208 all runs: OK # git bisect good 87bb5b60019c60e1f902e6885734cc4e5135c2d9 Bisecting: 0 revisions left to test after this (roughly 0 steps) [e257039f0fc7da36ac3a522ef9a5cb4ae7852e67] mount_setattr(): clean the control flow and calling conventions testing commit e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 compiler: gcc (GCC) 10.2.1 20210217, GNU ld (GNU Binutils for Debian) 2.35.2 kernel signature: 70ffb8959587d34bfccaa2ebdf781ca0ca70f26a10bef0974fd9d3c137074eae all runs: crashed: INFO: rcu detected stall in sys_lsetxattr # git bisect bad e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 is the first bad commit commit e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 Author: Al Viro Date: Mon Feb 28 23:04:20 2022 -0500 mount_setattr(): clean the control flow and calling conventions separate the "cleanup" and "apply" codepaths (they have almost no overlap), fold the "cleanup" into "prepare" (which eliminates the need of ->revert) and make loops more idiomatic. Signed-off-by: Al Viro fs/namespace.c | 82 ++++++++++++++++++++++++++++------------------------------ 1 file changed, 40 insertions(+), 42 deletions(-) culprit signature: 70ffb8959587d34bfccaa2ebdf781ca0ca70f26a10bef0974fd9d3c137074eae parent signature: 7ca4699fa9d22ff630bb9d0cacf7bfe4b4a3ac0d89f411ce24758b03ac03c208 revisions tested: 16, total time: 3h11m32.114544336s (build: 1h55m27.414148977s, test: 1h14m21.839395971s) first bad commit: e257039f0fc7da36ac3a522ef9a5cb4ae7852e67 mount_setattr(): clean the control flow and calling conventions recipients (to): ["linux-kernel@vger.kernel.org" "viro@zeniv.linux.org.uk"] recipients (cc): ["linux-fsdevel@vger.kernel.org" "viro@zeniv.linux.org.uk"] crash: INFO: rcu detected stall in sys_lsetxattr rcu: INFO: rcu_preempt self-detected stall on CPU rcu: 1-....: (10500 ticks this GP) idle=cdb/1/0x4000000000000000 softirq=6263/6263 fqs=5250 (t=10502 jiffies g=5713 q=362) NMI backtrace for cpu 1 CPU: 1 PID: 4060 Comm: syz-executor376 Not tainted 5.17.0-rc2-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x57/0x7d lib/dump_stack.c:106 nmi_cpu_backtrace.cold+0x30/0xc0 lib/nmi_backtrace.c:111 nmi_trigger_cpumask_backtrace+0x11f/0x170 lib/nmi_backtrace.c:62 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline] rcu_dump_cpu_stacks+0x25e/0x3f0 kernel/rcu/tree_stall.h:343 print_cpu_stall kernel/rcu/tree_stall.h:604 [inline] check_cpu_stall kernel/rcu/tree_stall.h:688 [inline] rcu_pending kernel/rcu/tree.c:3919 [inline] rcu_sched_clock_irq.cold+0x5c/0x759 kernel/rcu/tree.c:2617 update_process_times+0x13b/0x1c0 kernel/time/timer.c:1785 tick_sched_handle+0x6f/0x130 kernel/time/tick-sched.c:226 tick_sched_timer+0x132/0x210 kernel/time/tick-sched.c:1428 __run_hrtimer kernel/time/hrtimer.c:1685 [inline] __hrtimer_run_queues+0x18a/0xb00 kernel/time/hrtimer.c:1749 hrtimer_interrupt+0x2f5/0x780 kernel/time/hrtimer.c:1811 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline] __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103 sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1097 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:__mnt_want_write+0x85/0x230 fs/namespace.c:347 Code: 84 c0 74 08 3c 03 0f 8e 5d 01 00 00 8b 43 10 f6 c4 02 74 2e 48 b8 00 00 00 00 00 fc ff df 4c 89 e5 48 c1 ed 03 48 01 c5 f3 90 <0f> b6 45 00 84 c0 74 08 3c 03 0f 8e 3c 01 00 00 8b 43 10 f6 c4 02 RSP: 0018:ffffc90001b2fe00 EFLAGS: 00000202 RAX: 0000000000000220 RBX: ffff888020de36a0 RCX: 1ffffffff1e7f920 RDX: 1ffff110041bc6d6 RSI: ffffffff88cb9880 RDI: ffff888018506b58 RBP: ffffed10041bc6d6 R08: 0000000000000001 R09: ffffffff8e1f3167 R10: fffffbfff1c3e62c R11: 0000000000000000 R12: ffff888020de36b0 R13: ffff888020de36d0 R14: 0000000000000000 R15: 0000000000000000 mnt_want_write+0x103/0x310 fs/namespace.c:378 path_setxattr+0x9d/0x170 fs/xattr.c:593 __do_sys_lsetxattr fs/xattr.c:618 [inline] __se_sys_lsetxattr fs/xattr.c:614 [inline] __x64_sys_lsetxattr+0xb8/0x150 fs/xattr.c:614 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x35/0x80 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f1d0fa19cc9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 11 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f1d0f9aa2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd RAX: ffffffffffffffda RBX: 00007f1d0faa14b0 RCX: 00007f1d0fa19cc9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000600 RBP: 00007f1d0fa6f074 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0030656c69662f2e R13: 695f70756f72672c R14: 695f726573752c30 R15: 00007f1d0faa14b8 ---------------- Code disassembly (best guess): 0: 84 c0 test %al,%al 2: 74 08 je 0xc 4: 3c 03 cmp $0x3,%al 6: 0f 8e 5d 01 00 00 jle 0x169 c: 8b 43 10 mov 0x10(%rbx),%eax f: f6 c4 02 test $0x2,%ah 12: 74 2e je 0x42 14: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 1b: fc ff df 1e: 4c 89 e5 mov %r12,%rbp 21: 48 c1 ed 03 shr $0x3,%rbp 25: 48 01 c5 add %rax,%rbp 28: f3 90 pause * 2a: 0f b6 45 00 movzbl 0x0(%rbp),%eax <-- trapping instruction 2e: 84 c0 test %al,%al 30: 74 08 je 0x3a 32: 3c 03 cmp $0x3,%al 34: 0f 8e 3c 01 00 00 jle 0x176 3a: 8b 43 10 mov 0x10(%rbx),%eax 3d: f6 c4 02 test $0x2,%ah