bisecting cause commit starting from 9ff9b0d392ea08090cd1780fb196f36dbb586529 building syzkaller on 6e262c73cd452097096f0b4d5d96f5ae496bc021 testing commit 9ff9b0d392ea08090cd1780fb196f36dbb586529 with gcc (GCC) 8.1.0 kernel signature: ab7713d3d5a567b1561f95687dbfa64db3b60e1558f5895c4dc62bce367bfbf8 all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on testing release v5.9 testing commit bbf5c979011a099af5dc76498918ed7df445635b with gcc (GCC) 8.1.0 kernel signature: c04b7eee2df0f17eacd076233dfcd0a83ff46ba77c4a24e59461d0b3d5af75a0 all runs: OK # git bisect start 9ff9b0d392ea08090cd1780fb196f36dbb586529 bbf5c979011a099af5dc76498918ed7df445635b Bisecting: 5248 revisions left to test after this (roughly 12 steps) [726eb70e0d34dc4bc4dada71f52bba8ed638431e] Merge tag 'char-misc-5.10-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/char-misc testing commit 726eb70e0d34dc4bc4dada71f52bba8ed638431e with gcc (GCC) 8.1.0 kernel signature: 0ca56c494f3c0b012f3f99fb6f351b6583a0722950a24dea555170e255d1e9a4 all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad 726eb70e0d34dc4bc4dada71f52bba8ed638431e Bisecting: 2690 revisions left to test after this (roughly 11 steps) [527f6750d92beb9c787d8aba48477b1e834d64e5] kasan: remove mentions of unsupported Clang versions testing commit 527f6750d92beb9c787d8aba48477b1e834d64e5 with gcc (GCC) 8.1.0 kernel signature: 197fd0316870149ef3f879a296cf09f4fa95a1ba975c2e17a72cd35e96bdd08a all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad 527f6750d92beb9c787d8aba48477b1e834d64e5 Bisecting: 1326 revisions left to test after this (roughly 10 steps) [647412daeb454b6dad12a6c6961ab90aac9e5d29] Merge tag 'mmc-v5.10' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc testing commit 647412daeb454b6dad12a6c6961ab90aac9e5d29 with gcc (GCC) 8.1.0 kernel signature: 4aba9edab57d4b2339784a7b28282a0f3c9785e3daaa36d5acdbec85538cc481 all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad 647412daeb454b6dad12a6c6961ab90aac9e5d29 Bisecting: 687 revisions left to test after this (roughly 9 steps) [3bff6112c80cecb76af5fe485506f96e8adb6122] Merge tag 'perf-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit 3bff6112c80cecb76af5fe485506f96e8adb6122 with gcc (GCC) 8.1.0 kernel signature: 7c275240367f5782aad83d0dd7f7bdd261babc2ddbc83d85a84babdeb85a4abe all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad 3bff6112c80cecb76af5fe485506f96e8adb6122 Bisecting: 370 revisions left to test after this (roughly 8 steps) [f5f59336a9ae8f683772d6b8cb2d6732b5e567ea] Merge tag 'timers-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit f5f59336a9ae8f683772d6b8cb2d6732b5e567ea with gcc (GCC) 8.1.0 kernel signature: 2bebced1faf1d041a41da5bd4c40ba8466082c23171ae92d1e90a535571e6863 all runs: OK # git bisect good f5f59336a9ae8f683772d6b8cb2d6732b5e567ea Bisecting: 203 revisions left to test after this (roughly 8 steps) [edaa5ddf3833669a25654d42c0fb653dfdd906df] Merge tag 'sched-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit edaa5ddf3833669a25654d42c0fb653dfdd906df with gcc (GCC) 8.1.0 kernel signature: 269baead2b9a09596f8d705c6baf8ab389a88d48df963c5cc91c274f9a55172d all runs: OK # git bisect good edaa5ddf3833669a25654d42c0fb653dfdd906df Bisecting: 104 revisions left to test after this (roughly 7 steps) [e6412f9833db23740ee848ab3d6e7af18dff82a6] Merge tag 'efi-core-2020-10-12' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit e6412f9833db23740ee848ab3d6e7af18dff82a6 with gcc (GCC) 8.1.0 kernel signature: 6317f42d8fbf32c310e45bd15ebf90468b8540b4c1cade48de12793a307c666a all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad e6412f9833db23740ee848ab3d6e7af18dff82a6 Bisecting: 54 revisions left to test after this (roughly 6 steps) [e705d397965811ac528d7213b42d74ffe43caf38] Merge branch 'locking/urgent' into locking/core, to pick up fixes testing commit e705d397965811ac528d7213b42d74ffe43caf38 with gcc (GCC) 8.1.0 kernel signature: c1c633b384ba8b6f950ab041db61bf8f59eebb9edbc2dfc9851305e52536c87f all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad e705d397965811ac528d7213b42d74ffe43caf38 Bisecting: 21 revisions left to test after this (roughly 5 steps) [ad56450db86413ff911eb527b5a49e04a4345e61] locking/selftest: Add test cases for queued_read_lock() testing commit ad56450db86413ff911eb527b5a49e04a4345e61 with gcc (GCC) 8.1.0 kernel signature: 5721866f40a4fb15fc763f52de90c4d54953c0ea37f8f40939bf0226e0067305 all runs: OK # git bisect good ad56450db86413ff911eb527b5a49e04a4345e61 Bisecting: 10 revisions left to test after this (roughly 4 steps) [5cdd25572a29e46f932d3e6eedbd07429de66431] seqlock: Use unique prefix for seqcount_t property accessors testing commit 5cdd25572a29e46f932d3e6eedbd07429de66431 with gcc (GCC) 8.1.0 kernel signature: 84ddd74fefe0c2e8a58b1b7a3f1fa12dd07c042e03ad58951cd4807f81ae0f70 all runs: OK # git bisect good 5cdd25572a29e46f932d3e6eedbd07429de66431 Bisecting: 5 revisions left to test after this (roughly 3 steps) [6d1823ccc480866e571ab1206665d693aeb600cf] lockdep: Optimize the memory usage of circular queue testing commit 6d1823ccc480866e571ab1206665d693aeb600cf with gcc (GCC) 8.1.0 kernel signature: 65c41462a2c4c825befc0447b5778d3829a7f796fc1c6cfffd6e29134c61309a all runs: OK # git bisect good 6d1823ccc480866e571ab1206665d693aeb600cf Bisecting: 2 revisions left to test after this (roughly 2 steps) [baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710] lockdep: Revert "lockdep: Use raw_cpu_*() for per-cpu variables" testing commit baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710 with gcc (GCC) 8.1.0 kernel signature: 90bf2860a9364348421cef4cb3600179df954f4db3807ce1e5465020d2ed2613 all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad baffd723e44dc3d7f84f0b8f1fe1ece00ddd2710 Bisecting: 0 revisions left to test after this (roughly 1 step) [4d004099a668c41522242aa146a38cc4eb59cb1e] lockdep: Fix lockdep recursion testing commit 4d004099a668c41522242aa146a38cc4eb59cb1e with gcc (GCC) 8.1.0 kernel signature: 3a755cd6b5fdd0b61623b4fd4e0edb294f59cd09122c9b6c4b70984d63550c63 all runs: crashed: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on # git bisect bad 4d004099a668c41522242aa146a38cc4eb59cb1e Bisecting: 0 revisions left to test after this (roughly 0 steps) [2bb8945bcc1a768f2bc402a16c9610bba8d5187d] lockdep: Fix usage_traceoverflow testing commit 2bb8945bcc1a768f2bc402a16c9610bba8d5187d with gcc (GCC) 8.1.0 kernel signature: f10b190f0574a13ab6886dfa43e176ad98e777ffdf081bf88d304cf071da3448 all runs: OK # git bisect good 2bb8945bcc1a768f2bc402a16c9610bba8d5187d 4d004099a668c41522242aa146a38cc4eb59cb1e is the first bad commit commit 4d004099a668c41522242aa146a38cc4eb59cb1e Author: Peter Zijlstra Date: Fri Oct 2 11:04:21 2020 +0200 lockdep: Fix lockdep recursion Steve reported that lockdep_assert*irq*(), when nested inside lockdep itself, will trigger a false-positive. One example is the stack-trace code, as called from inside lockdep, triggering tracing, which in turn calls RCU, which then uses lockdep_assert_irqs_disabled(). Fixes: a21ee6055c30 ("lockdep: Change hardirq{s_enabled,_context} to per-cpu variables") Reported-by: Steven Rostedt Signed-off-by: Peter Zijlstra (Intel) Signed-off-by: Ingo Molnar include/linux/lockdep.h | 13 ++++--- kernel/locking/lockdep.c | 99 +++++++++++++++++++++++++++++------------------- 2 files changed, 67 insertions(+), 45 deletions(-) culprit signature: 3a755cd6b5fdd0b61623b4fd4e0edb294f59cd09122c9b6c4b70984d63550c63 parent signature: f10b190f0574a13ab6886dfa43e176ad98e777ffdf081bf88d304cf071da3448 revisions tested: 16, total time: 3h16m25.23353872s (build: 1h36m31.417434813s, test: 1h38m22.573771341s) first bad commit: 4d004099a668c41522242aa146a38cc4eb59cb1e lockdep: Fix lockdep recursion recipients (to): ["linux-kernel@vger.kernel.org" "mingo@kernel.org" "mingo@redhat.com" "peterz@infradead.org" "peterz@infradead.org" "will@kernel.org"] recipients (cc): [] crash: BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8554 caller is lockdep_hardirqs_on_prepare+0x2f/0x1d0 kernel/locking/lockdep.c:3684 CPU: 0 PID: 8554 Comm: syz-executor.1 Not tainted 5.9.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 check_preemption_disabled+0xbe/0xd0 lib/smp_processor_id.c:48 lockdep_hardirqs_on_prepare+0x2f/0x1d0 kernel/locking/lockdep.c:3684 trace_hardirqs_on+0x1c/0x100 kernel/trace/trace_preemptirq.c:49 __bad_area_nosemaphore+0x5e/0x210 arch/x86/mm/fault.c:797 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline] handle_page_fault arch/x86/mm/fault.c:1429 [inline] exc_page_fault+0x602/0x720 arch/x86/mm/fault.c:1482 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538 RIP: 0033:0x43c650 Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 RSP: 002b:00007f6b6c69dba8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f6b6c69dbb0 R10: 0000000000000000 R11: 000000000000000f R12: 00007f6b6c69dbf0 R13: 00007ffd7e5c121f R14: 00007f6b6c69f9c0 R15: 000000000118bf2c BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8554 caller is lockdep_hardirqs_on+0x34/0x120 kernel/locking/lockdep.c:3753 CPU: 0 PID: 8554 Comm: syz-executor.1 Not tainted 5.9.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 check_preemption_disabled+0xbe/0xd0 lib/smp_processor_id.c:48 lockdep_hardirqs_on+0x34/0x120 kernel/locking/lockdep.c:3753 __bad_area_nosemaphore+0x5e/0x210 arch/x86/mm/fault.c:797 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline] handle_page_fault arch/x86/mm/fault.c:1429 [inline] exc_page_fault+0x602/0x720 arch/x86/mm/fault.c:1482 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538 RIP: 0033:0x43c650 Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 RSP: 002b:00007f6b6c69dba8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f6b6c69dbb0 R10: 0000000000000000 R11: 000000000000000f R12: 00007f6b6c69dbf0 R13: 00007ffd7e5c121f R14: 00007f6b6c69f9c0 R15: 000000000118bf2c BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8554 caller is lockdep_hardirqs_on_prepare+0x2f/0x1d0 kernel/locking/lockdep.c:3684 CPU: 0 PID: 8554 Comm: syz-executor.1 Not tainted 5.9.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 check_preemption_disabled+0xbe/0xd0 lib/smp_processor_id.c:48 lockdep_hardirqs_on_prepare+0x2f/0x1d0 kernel/locking/lockdep.c:3684 trace_hardirqs_on+0x1c/0x100 kernel/trace/trace_preemptirq.c:49 __bad_area_nosemaphore+0x5e/0x210 arch/x86/mm/fault.c:797 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline] handle_page_fault arch/x86/mm/fault.c:1429 [inline] exc_page_fault+0x602/0x720 arch/x86/mm/fault.c:1482 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538 RIP: 0033:0x43c650 Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 RSP: 002b:00007f6b6c69dba8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f6b6c69dbb0 R10: 0000000000000000 R11: 000000000000000f R12: 00007f6b6c69dbf0 R13: 00007ffd7e5c121f R14: 00007f6b6c69f9c0 R15: 000000000118bf2c BUG: using __this_cpu_read() in preemptible [00000000] code: syz-executor.1/8554 caller is lockdep_hardirqs_on+0x34/0x120 kernel/locking/lockdep.c:3753 CPU: 0 PID: 8554 Comm: syz-executor.1 Not tainted 5.9.0-rc8-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0xa3/0xcc lib/dump_stack.c:118 check_preemption_disabled+0xbe/0xd0 lib/smp_processor_id.c:48 lockdep_hardirqs_on+0x34/0x120 kernel/locking/lockdep.c:3753 __bad_area_nosemaphore+0x5e/0x210 arch/x86/mm/fault.c:797 do_user_addr_fault arch/x86/mm/fault.c:1345 [inline] handle_page_fault arch/x86/mm/fault.c:1429 [inline] exc_page_fault+0x602/0x720 arch/x86/mm/fault.c:1482 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538 RIP: 0033:0x43c650 Code: 66 0f ef c0 66 0f ef c9 66 0f ef d2 66 0f ef db 48 89 f8 48 89 f9 48 81 e1 ff 0f 00 00 48 81 f9 cf 0f 00 00 77 74 48 83 e0 f0 <66> 0f 74 00 66 0f 74 48 10 66 0f 74 50 20 66 0f 74 58 30 66 0f d7 RSP: 002b:00007f6b6c69dba8 EFLAGS: 00010246 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000000 RBP: 0000000000000003 R08: 0000000000000004 R09: 00007f6b6c69dbb0 R10: 0000000000000000 R11: 000000000000000f R12: 00007f6b6c69dbf0 R13: 00007ffd7e5c121f R14: 00007f6b6c69f9c0 R15: 000000000118bf2c