Warning: Permanently added '10.128.0.120' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 42.263803][ T7000] [ 42.266201][ T7000] ======================================================== [ 42.273377][ T7000] WARNING: possible irq lock inversion dependency detected [ 42.280619][ T7000] 5.6.0-syzkaller #0 Not tainted [ 42.285530][ T7000] -------------------------------------------------------- [ 42.292816][ T7000] syz-executor941/7000 just changed the state of lock: [ 42.299644][ T7000] ffff88808d9b18d8 (&info->lock){+.+.}-{2:2}, at: shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 42.309261][ T7000] but this lock was taken by another, SOFTIRQ-safe lock in the past: [ 42.317563][ T7000] (&xa->xa_lock#4){..-.}-{2:2} [ 42.317572][ T7000] [ 42.317572][ T7000] [ 42.317572][ T7000] and interrupts could create inverse lock ordering between them. [ 42.317572][ T7000] [ 42.336683][ T7000] [ 42.336683][ T7000] other info that might help us debug this: [ 42.344764][ T7000] Possible interrupt unsafe locking scenario: [ 42.344764][ T7000] [ 42.353076][ T7000] CPU0 CPU1 [ 42.358829][ T7000] ---- ---- [ 42.364171][ T7000] lock(&info->lock); [ 42.368211][ T7000] local_irq_disable(); [ 42.374939][ T7000] lock(&xa->xa_lock#4); [ 42.381852][ T7000] lock(&info->lock); [ 42.388418][ T7000] [ 42.391845][ T7000] lock(&xa->xa_lock#4); [ 42.396331][ T7000] [ 42.396331][ T7000] *** DEADLOCK *** [ 42.396331][ T7000] [ 42.404462][ T7000] 2 locks held by syz-executor941/7000: [ 42.409975][ T7000] #0: ffff88809edf10e8 (&mm->mmap_sem#2){++++}-{3:3}, at: mcopy_atomic+0x17a/0x1ba0 [ 42.419431][ T7000] #1: ffff888098e211f8 (ptlock_ptr(page)#2){+.+.}-{2:2}, at: shmem_mfill_atomic_pte+0xf73/0x1e10 [ 42.429989][ T7000] [ 42.429989][ T7000] the shortest dependencies between 2nd lock and 1st lock: [ 42.439362][ T7000] -> (&xa->xa_lock#4){..-.}-{2:2} { [ 42.444635][ T7000] IN-SOFTIRQ-W at: [ 42.448689][ T7000] lock_acquire+0x169/0x480 [ 42.455065][ T7000] _raw_spin_lock_irqsave+0x9e/0xc0 [ 42.462072][ T7000] test_clear_page_writeback+0x2d8/0xac0 [ 42.469669][ T7000] end_page_writeback+0x212/0x390 [ 42.476515][ T7000] end_bio_bh_io_sync+0xb1/0x110 [ 42.483283][ T7000] blk_update_request+0x437/0x1070 [ 42.490203][ T7000] scsi_end_request+0x7a/0x7f0 [ 42.496801][ T7000] scsi_io_completion+0x178/0x1be0 [ 42.503724][ T7000] blk_done_softirq+0x2f2/0x360 [ 42.510500][ T7000] __do_softirq+0x268/0x80c [ 42.516813][ T7000] irq_exit+0x223/0x230 [ 42.522812][ T7000] do_IRQ+0xfb/0x1d0 [ 42.528517][ T7000] ret_from_intr+0x0/0x2b [ 42.534659][ T7000] unwind_next_frame+0x20b/0x1cf0 [ 42.541495][ T7000] arch_stack_walk+0xb4/0xe0 [ 42.547888][ T7000] stack_trace_save+0xad/0x150 [ 42.554455][ T7000] __kasan_kmalloc+0x114/0x160 [ 42.561049][ T7000] __kmalloc+0x24b/0x330 [ 42.567108][ T7000] tomoyo_realpath_from_path+0xd8/0x630 [ 42.574454][ T7000] tomoyo_check_open_permission+0x1b6/0x900 [ 42.582159][ T7000] security_file_open+0x50/0xc0 [ 42.588808][ T7000] do_dentry_open+0x35d/0x10b0 [ 42.595404][ T7000] path_openat+0x2790/0x38b0 [ 42.602023][ T7000] do_filp_open+0x191/0x3a0 [ 42.608562][ T7000] do_sys_openat2+0x463/0x770 [ 42.615142][ T7000] __x64_sys_open+0x1af/0x1e0 [ 42.621624][ T7000] do_syscall_64+0xf3/0x1b0 [ 42.627928][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.635890][ T7000] INITIAL USE at: [ 42.639873][ T7000] lock_acquire+0x169/0x480 [ 42.646098][ T7000] _raw_spin_lock_irq+0x67/0x80 [ 42.652670][ T7000] __add_to_page_cache_locked+0x53d/0xc70 [ 42.660113][ T7000] add_to_page_cache_lru+0x17f/0x4d0 [ 42.667324][ T7000] do_read_cache_page+0x209/0xd00 [ 42.674085][ T7000] read_part_sector+0xd8/0x2d0 [ 42.684432][ T7000] adfspart_check_ICS+0x45/0x640 [ 42.691091][ T7000] blk_add_partitions+0x3ce/0x1240 [ 42.697913][ T7000] bdev_disk_changed+0x446/0x5d0 [ 42.704566][ T7000] __blkdev_get+0xb2b/0x13d0 [ 42.710926][ T7000] __device_add_disk+0x95f/0x1040 [ 42.717672][ T7000] brd_init+0x349/0x42a [ 42.723787][ T7000] do_one_initcall+0x14b/0x350 [ 42.730300][ T7000] do_initcall_level+0x101/0x14c [ 42.736950][ T7000] do_initcalls+0x59/0x9b [ 42.743098][ T7000] kernel_init_freeable+0x2fa/0x418 [ 42.750010][ T7000] kernel_init+0xd/0x290 [ 42.755980][ T7000] ret_from_fork+0x24/0x30 [ 42.762117][ T7000] } [ 42.764688][ T7000] ... key at: [] xa_init_flags.__key+0x0/0x10 [ 42.772927][ T7000] ... acquired at: [ 42.776798][ T7000] lock_acquire+0x169/0x480 [ 42.781453][ T7000] _raw_spin_lock_irqsave+0x9e/0xc0 [ 42.786826][ T7000] shmem_uncharge+0x34/0x4c0 [ 42.791567][ T7000] __split_huge_page+0xda8/0x1900 [ 42.796736][ T7000] split_huge_page_to_list+0x10a4/0x15f0 [ 42.802547][ T7000] shmem_punch_compound+0x17d/0x1c0 [ 42.807889][ T7000] shmem_undo_range+0x5da/0x1d00 [ 42.813108][ T7000] shmem_setattr+0x4e3/0x8a0 [ 42.817849][ T7000] notify_change+0xad5/0xfb0 [ 42.822888][ T7000] do_sys_ftruncate+0x55f/0x690 [ 42.827892][ T7000] do_syscall_64+0xf3/0x1b0 [ 42.832588][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.838748][ T7000] [ 42.841078][ T7000] -> (&info->lock){+.+.}-{2:2} { [ 42.846004][ T7000] HARDIRQ-ON-W at: [ 42.849994][ T7000] lock_acquire+0x169/0x480 [ 42.856128][ T7000] _raw_spin_lock+0x2a/0x40 [ 42.862288][ T7000] shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 42.869820][ T7000] shmem_mcopy_atomic_pte+0x3a/0x50 [ 42.876655][ T7000] mcopy_atomic+0x84f/0x1ba0 [ 42.883347][ T7000] userfaultfd_ioctl+0x2289/0x4890 [ 42.890096][ T7000] __se_sys_ioctl+0xf9/0x160 [ 42.896644][ T7000] do_syscall_64+0xf3/0x1b0 [ 42.903045][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.911104][ T7000] SOFTIRQ-ON-W at: [ 42.915328][ T7000] lock_acquire+0x169/0x480 [ 42.921470][ T7000] _raw_spin_lock+0x2a/0x40 [ 42.927607][ T7000] shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 42.935409][ T7000] shmem_mcopy_atomic_pte+0x3a/0x50 [ 42.942264][ T7000] mcopy_atomic+0x84f/0x1ba0 [ 42.948657][ T7000] userfaultfd_ioctl+0x2289/0x4890 [ 42.955425][ T7000] __se_sys_ioctl+0xf9/0x160 [ 42.961649][ T7000] do_syscall_64+0xf3/0x1b0 [ 42.967950][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 42.975720][ T7000] INITIAL USE at: [ 42.979619][ T7000] lock_acquire+0x169/0x480 [ 42.985744][ T7000] _raw_spin_lock_irq+0x67/0x80 [ 42.992206][ T7000] shmem_getpage_gfp+0x2160/0x3120 [ 42.998861][ T7000] shmem_write_begin+0xcd/0x1a0 [ 43.005521][ T7000] generic_perform_write+0x23b/0x4e0 [ 43.012351][ T7000] __generic_file_write_iter+0x22b/0x4e0 [ 43.019556][ T7000] generic_file_write_iter+0x4a6/0x650 [ 43.026555][ T7000] __vfs_write+0x54c/0x710 [ 43.032511][ T7000] vfs_write+0x274/0x580 [ 43.038419][ T7000] ksys_write+0x11b/0x220 [ 43.044295][ T7000] do_syscall_64+0xf3/0x1b0 [ 43.050383][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 43.057812][ T7000] } [ 43.060307][ T7000] ... key at: [] shmem_get_inode.__key+0x0/0x10 [ 43.068776][ T7000] ... acquired at: [ 43.072919][ T7000] mark_lock+0x529/0x1b00 [ 43.077494][ T7000] __lock_acquire+0xb95/0x2b90 [ 43.082555][ T7000] lock_acquire+0x169/0x480 [ 43.087225][ T7000] _raw_spin_lock+0x2a/0x40 [ 43.091912][ T7000] shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 43.097737][ T7000] shmem_mcopy_atomic_pte+0x3a/0x50 [ 43.103182][ T7000] mcopy_atomic+0x84f/0x1ba0 [ 43.107928][ T7000] userfaultfd_ioctl+0x2289/0x4890 [ 43.113320][ T7000] __se_sys_ioctl+0xf9/0x160 [ 43.118092][ T7000] do_syscall_64+0xf3/0x1b0 [ 43.122812][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 43.129013][ T7000] [ 43.131335][ T7000] [ 43.131335][ T7000] stack backtrace: [ 43.137214][ T7000] CPU: 1 PID: 7000 Comm: syz-executor941 Not tainted 5.6.0-syzkaller #0 [ 43.145635][ T7000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.155683][ T7000] Call Trace: [ 43.158961][ T7000] dump_stack+0x1e9/0x30e [ 43.163292][ T7000] print_irq_inversion_bug+0xb67/0xe90 [ 43.168774][ T7000] ? arch_stack_walk+0x98/0xe0 [ 43.173544][ T7000] check_usage_backwards+0x13f/0x240 [ 43.178837][ T7000] ? save_trace+0x692/0xb60 [ 43.183329][ T7000] mark_lock+0x529/0x1b00 [ 43.187754][ T7000] ? save_trace+0xb60/0xb60 [ 43.192263][ T7000] ? register_lock_class+0x97/0x10d0 [ 43.198536][ T7000] __lock_acquire+0xb95/0x2b90 [ 43.203653][ T7000] ? lockdep_hardirqs_on+0x4a4/0x8a0 [ 43.209050][ T7000] ? _raw_spin_unlock_irq+0x1f/0x80 [ 43.214247][ T7000] ? check_preemption_disabled+0xb0/0x240 [ 43.220022][ T7000] ? __this_cpu_preempt_check+0x9/0x20 [ 43.225473][ T7000] lock_acquire+0x169/0x480 [ 43.229968][ T7000] ? shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 43.237266][ T7000] ? debug_smp_processor_id+0x5/0x20 [ 43.242552][ T7000] _raw_spin_lock+0x2a/0x40 [ 43.247187][ T7000] ? shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 43.252918][ T7000] shmem_mfill_atomic_pte+0x13f4/0x1e10 [ 43.258451][ T7000] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 43.263899][ T7000] ? lock_acquire+0x169/0x480 [ 43.268583][ T7000] ? mcopy_atomic+0x17a/0x1ba0 [ 43.273330][ T7000] shmem_mcopy_atomic_pte+0x3a/0x50 [ 43.278514][ T7000] mcopy_atomic+0x84f/0x1ba0 [ 43.283263][ T7000] userfaultfd_ioctl+0x2289/0x4890 [ 43.288439][ T7000] ? do_vfs_ioctl+0x6ea/0x1910 [ 43.293185][ T7000] ? userfaultfd_poll+0x1b0/0x1b0 [ 43.298761][ T7000] __se_sys_ioctl+0xf9/0x160 [ 43.303488][ T7000] do_syscall_64+0xf3/0x1b0 [ 43.308330][ T7000] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 43.314216][ T7000] RIP: 0033:0x444399 [ 43.318237][ T7000] Code: 0d d8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db d7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 43.338460][ T7000] RSP: 002b:00007ffd0974a4a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 43.346958][ T7000] RAX: ffffffffffffffda RBX: 00000000004002e0 RCX: 0000000000444399 [ 43.354915][ T7000] RDX: 00000000200a0fe0 RSI: 00000000c028aa03 RDI: 0000000000000004 [ 43.363314][ T7000] RBP: 00000000006cf018 R08: 00000000004002e0 R09: 00000000004002e0 [ 43.372106][ T7000] R10: 00000000004002e0 R11: 0000000000000246 R12: 0000000000402000 [ 43.380519][ T7000] R13: 0000000000402090 R14: 0000000000000000 R15: 0000000000000000