[UPSTREAM] a0f50e9477: WARNING:suspicious_RCU_usage

Sunday, 31 October 2021

Greeting,

FYI, we noticed the following commit (built with gcc-9):

commit: a0f50e9477c4a34381ecb04ffd5872bf138184a2 ("UPSTREAM: x86, kfence: enable
KFENCE for x86")
https://chromium.googlesource.com/chromiumos/third_party/kernel chromeos-5.10

in testcase: trinity
version: trinity-i386-4d2343bd-1_20200320
with following parameters:

	runtime: 300s
	group: group-04

test-description: Trinity is a linux system call fuzz tester.
test-url: http://codemonkey.org.uk/projects/trinity/

on test machine: qemu-system-i386 -enable-kvm -cpu SandyBridge -smp 2 -m 4G

caused below changes (please refer to attached dmesg/kmsg for entire log/backtrace):

+------------------------------------------------------------------------------------+------------+------------+
|                                                                                    |
df2a560320 | a0f50e9477 |
+------------------------------------------------------------------------------------+------------+------------+
| boot_successes                                                                     | 36 
       | 26         |
| boot_failures                                                                      | 0  
       | 9          |
| WARNING:suspicious_RCU_usage                                                       | 0  
       | 9          |
| include/linux/rcupdate.h:#Illegal_context_switch_in_RCU_read-side_critical_section | 0  
       | 9          |
| BUG:sleeping_function_called_from_invalid_context_at_kernel/locking/rwsem.c        | 0  
       | 9          |
| BUG:scheduling_while_atomic                                                        | 0  
       | 3          |
| WARNING:at_lib/iov_iter.c:#copyout                                                 | 0  
       | 1          |
| EIP:copyout                                                                        | 0  
       | 1          |
+------------------------------------------------------------------------------------+------------+------------+

If you fix the issue, kindly add following tag
Reported-by: kernel test robot <oliver.sang(a)intel.com&gt;

[  134.564806][ T2107]
[  134.564961][ T2107] =============================
[  134.565172][ T2107] WARNING: suspicious RCU usage
[  134.565384][ T2107] 5.10.75-12411-ga0f50e9477c4 #1 Not tainted
[  134.565679][ T2107] -----------------------------
[  134.565891][ T2107] include/linux/rcupdate.h:322 Illegal context switch in RCU
read-side critical section!
[  134.566306][ T2107]
[  134.566306][ T2107] other info that might help us debug this:
[  134.566306][ T2107]
[  134.566757][ T2107]
[  134.566757][ T2107] rcu_scheduler_active = 2, debug_locks = 1
[  134.567101][ T2107] 4 locks held by trinity-c0/2107:
[  134.567320][ T2107]  #0: f4ce8d10 (&f->f_pos_lock){+.+.}-{3:3}, at:
__fdget_pos+0x9b/0xc0
[  134.567719][ T2107]  #1: f4d37de0 (&p->lock){+.+.}-{3:3}, at:
seq_read_iter+0x83/0xee0
[  134.568087][ T2107]  #2: c52b9f0c (uid_lock){+.+.}-{0:0}, at: uid_io_show+0x29/0x640
[  134.568443][ T2107]  #3: c5029164 (rcu_read_lock){....}-{1:2}, at:
update_io_stats_all_locked+0x153/0x6e0
[  134.568892][ T2107]
[  134.568892][ T2107] stack backtrace:
[  134.569148][ T2107] CPU: 0 PID: 2107 Comm: trinity-c0 Not tainted
5.10.75-12411-ga0f50e9477c4 #1
[  134.569528][ T2107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.12.0-1 04/01/2014
[  134.569939][ T2107] Call Trace:
[  134.570086][ T2107]  dump_stack+0x45/0x63
[  134.570268][ T2107]  lockdep_rcu_suspicious+0x12b/0x144
[  134.570500][ T2107]  ___might_sleep+0x379/0x3a0
[  134.570719][ T2107]  ? lock_release_holdtime+0x46/0x3c0
[  134.570951][ T2107]  ? find_held_lock+0x37/0x120
[  134.571158][ T2107]  __might_sleep+0x13f/0x280
[  134.571356][ T2107]  ? debug_spin_unlock+0x130/0x300
[  134.571600][ T2107]  down_write+0x2d/0x220
[  134.571784][ T2107]  ? _raw_spin_unlock+0x50/0xa0
[  134.571998][ T2107]  ? __get_task_comm+0x56/0x80
[  134.572204][ T2107]  get_full_task_comm+0x13e/0x6a0
[  134.572422][ T2107]  ? validate_chain+0x68b/0x940
[  134.572654][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.572901][ T2107]  ? mark_held_locks+0x94/0xe0
[  134.573105][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.573350][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.573602][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.573840][ T2107]  ? kmem_cache_alloc_trace+0xbc8/0x14a0
[  134.574082][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.574316][ T2107]  find_or_register_task+0x211/0x360
[  134.574542][ T2107]  add_uid_io_stats+0x204/0x4a0
[  134.574770][ T2107]  update_io_stats_all_locked+0x296/0x6e0
[  134.575015][ T2107]  ? update_io_stats_all_locked+0x2c7/0x6e0
[  134.575268][ T2107]  uid_io_show+0x3c/0x640
[  134.575455][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.575712][ T2107]  ? trace_kmalloc+0x78/0x220
[  134.575919][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.576125][ T2107]  ? __kmalloc+0xc04/0x1360
[  134.576319][ T2107]  ? __mutex_lock+0xc55/0x11c0
[  134.576524][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.576759][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.576966][ T2107]  ? kvm_sched_clock_read+0x3d/0x80
[  134.577189][ T2107]  seq_read_iter+0x239/0xee0
[  134.577387][ T2107]  seq_read+0x290/0x380
[  134.577567][ T2107]  ? fsnotify_perm+0x1e0/0x3c0
[  134.577789][ T2107]  ? seq_read_iter+0xee0/0xee0
[  134.577996][ T2107]  proc_reg_read+0x1f9/0x300
[  134.578194][ T2107]  ? proc_reg_unlocked_ioctl+0x300/0x300
[  134.578435][ T2107]  do_loop_readv_writev+0x7f/0x240
[  134.578674][ T2107]  do_iter_read+0x285/0x320
[  134.578870][ T2107]  ? import_iovec+0x34/0x60
[  134.579063][ T2107]  vfs_readv+0x75/0xc0
[  134.579240][ T2107]  ? lock_release_holdtime+0x46/0x3c0
[  134.579469][ T2107]  ? find_held_lock+0x37/0x120
[  134.579694][ T2107]  ? mutex_lock_nested+0x3c/0x60
[  134.579912][ T2107]  ? __fdget_pos+0x9b/0xc0
[  134.580128][ T2107]  do_readv+0x9d/0x260
[  134.580304][ T2107]  __ia32_sys_readv+0x52/0x80
[  134.580512][ T2107]  do_int80_syscall_32+0x8c/0xe0
[  134.580762][ T2107]  entry_INT80_32+0x128/0x128
[  134.580967][ T2107] EIP: 0xb7f1aa02
[  134.581127][ T2107] Code: 95 01 00 05 25 36 02 00 83 ec 14 8d 80 e8 99 ff ff 50 6a 02
e8 1f ff 00 00 c7 04 24 7f 00 00 00 e8 7e 87 01 00 66 90 90 cd 80 <c3> 8d b6 00 00
00 00 8d bc 27 00 00 00 00 8b 1c 24 c3 8d b6 00 00
[  134.581963][ T2107] EAX: ffffffda EBX: 00000078 ECX: 0117c628 EDX: 00000074
[  134.582266][ T2107] ESI: d7d7d7d7 EDI: 35353535 EBP: 00000033 ESP: bfb84208
[  134.582567][ T2107] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000296
[  134.582904][ T2107] BUG: sleeping function called from invalid context at
kernel/locking/rwsem.c:1556
[  134.583309][ T2107] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 2107, name:
trinity-c0
[  134.583753][ T2107] 4 locks held by trinity-c0/2107:
[  134.583985][ T2107]  #0: f4ce8d10 (&f->f_pos_lock){+.+.}-{3:3}, at:
__fdget_pos+0x9b/0xc0
[  134.584369][ T2107]  #1: f4d37de0 (&p->lock){+.+.}-{3:3}, at:
seq_read_iter+0x83/0xee0
[  134.584756][ T2107]  #2: c52b9f0c (uid_lock){+.+.}-{0:0}, at: uid_io_show+0x29/0x640
[  134.585111][ T2107]  #3: c5029164 (rcu_read_lock){....}-{1:2}, at:
update_io_stats_all_locked+0x153/0x6e0
[  134.585547][ T2107] CPU: 0 PID: 2107 Comm: trinity-c0 Not tainted
5.10.75-12411-ga0f50e9477c4 #1
[  134.585947][ T2107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.12.0-1 04/01/2014
[  134.586341][ T2107] Call Trace:
[  134.586486][ T2107]  dump_stack+0x45/0x63
[  134.586684][ T2107]  ___might_sleep.cold+0x16e/0x223
[  134.586909][ T2107]  __might_sleep+0x13f/0x280
[  134.587109][ T2107]  ? debug_spin_unlock+0x130/0x300
[  134.587332][ T2107]  down_write+0x2d/0x220
[  134.587517][ T2107]  ? _raw_spin_unlock+0x50/0xa0
[  134.587743][ T2107]  ? __get_task_comm+0x56/0x80
[  134.587955][ T2107]  get_full_task_comm+0x13e/0x6a0
[  134.588172][ T2107]  ? validate_chain+0x68b/0x940
[  134.588381][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.588647][ T2107]  ? mark_held_locks+0x94/0xe0
[  134.588854][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.589100][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.589335][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.589575][ T2107]  ? kmem_cache_alloc_trace+0xbc8/0x14a0
[  134.589832][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.590067][ T2107]  find_or_register_task+0x211/0x360
[  134.590294][ T2107]  add_uid_io_stats+0x204/0x4a0
[  134.590503][ T2107]  update_io_stats_all_locked+0x296/0x6e0
[  134.590770][ T2107]  ? update_io_stats_all_locked+0x2c7/0x6e0
[  134.591025][ T2107]  uid_io_show+0x3c/0x640
[  134.591213][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.591450][ T2107]  ? trace_kmalloc+0x78/0x220
[  134.591668][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.591875][ T2107]  ? __kmalloc+0xc04/0x1360
[  134.592078][ T2107]  ? __mutex_lock+0xc55/0x11c0
[  134.592285][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.592491][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.592722][ T2107]  ? kvm_sched_clock_read+0x3d/0x80
[  134.592948][ T2107]  seq_read_iter+0x239/0xee0
[  134.593147][ T2107]  seq_read+0x290/0x380
[  134.593327][ T2107]  ? fsnotify_perm+0x1e0/0x3c0
[  134.593533][ T2107]  ? seq_read_iter+0xee0/0xee0
[  134.593753][ T2107]  proc_reg_read+0x1f9/0x300
[  134.593954][ T2107]  ? proc_reg_unlocked_ioctl+0x300/0x300
[  134.594196][ T2107]  do_loop_readv_writev+0x7f/0x240
[  134.594416][ T2107]  do_iter_read+0x285/0x320
[  134.594631][ T2107]  ? import_iovec+0x34/0x60
[  134.594827][ T2107]  vfs_readv+0x75/0xc0
[  134.595005][ T2107]  ? lock_release_holdtime+0x46/0x3c0
[  134.595235][ T2107]  ? find_held_lock+0x37/0x120
[  134.595441][ T2107]  ? mutex_lock_nested+0x3c/0x60
[  134.595671][ T2107]  ? __fdget_pos+0x9b/0xc0
[  134.595864][ T2107]  do_readv+0x9d/0x260
[  134.596044][ T2107]  __ia32_sys_readv+0x52/0x80
[  134.596245][ T2107]  do_int80_syscall_32+0x8c/0xe0
[  134.596457][ T2107]  entry_INT80_32+0x128/0x128
[  134.596674][ T2107] EIP: 0xb7f1aa02
[  134.596834][ T2107] Code: 95 01 00 05 25 36 02 00 83 ec 14 8d 80 e8 99 ff ff 50 6a 02
e8 1f ff 00 00 c7 04 24 7f 00 00 00 e8 7e 87 01 00 66 90 90 cd 80 <c3> 8d b6 00 00
00 00 8d bc 27 00 00 00 00 8b 1c 24 c3 8d b6 00 00
[  134.597668][ T2107] EAX: ffffffda EBX: 00000078 ECX: 0117c628 EDX: 00000074
[  134.597970][ T2107] ESI: d7d7d7d7 EDI: 35353535 EBP: 00000033 ESP: bfb84208
[  134.598272][ T2107] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000296
[  134.598614][ T2107]
[  134.598714][ T2107] =============================
[  134.598917][ T2107] [ BUG: Invalid wait context ]
[  134.599121][ T2107] 5.10.75-12411-ga0f50e9477c4 #1 Tainted: G        W
[  134.599428][ T2107] -----------------------------
[  134.599636][ T2107] trinity-c0/2107 is trying to lock:
[  134.599851][ T2107] c027b728 (&mm->mmap_lock#2){++++}-{3:3}, at:
get_full_task_comm+0x13e/0x6a0
[  134.600222][ T2107] other info that might help us debug this:
[  134.600462][ T2107] context-{4:4}
[  134.600608][ T2107] 4 locks held by trinity-c0/2107:
[  134.600816][ T2107]  #0: f4ce8d10 (&f->f_pos_lock){+.+.}-{3:3}, at:
__fdget_pos+0x9b/0xc0
[  134.601160][ T2107]  #1: f4d37de0 (&p->lock){+.+.}-{3:3}, at:
seq_read_iter+0x83/0xee0
[  134.601493][ T2107]  #2: c52b9f0c (uid_lock){+.+.}-{0:0}, at: uid_io_show+0x29/0x640
[  134.601826][ T2107]  #3: c5029164 (rcu_read_lock){....}-{1:2}, at:
update_io_stats_all_locked+0x153/0x6e0
[  134.602228][ T2107] stack backtrace:
[  134.602382][ T2107] CPU: 0 PID: 2107 Comm: trinity-c0 Tainted: G        W        
5.10.75-12411-ga0f50e9477c4 #1
[  134.602806][ T2107] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.12.0-1 04/01/2014
[  134.603179][ T2107] Call Trace:
[  134.603316][ T2107]  dump_stack+0x45/0x63
[  134.603487][ T2107]  __lock_acquire.cold+0x343/0x3c6
[  134.603705][ T2107]  lock_acquire+0x140/0x4a0
[  134.603890][ T2107]  ? get_full_task_comm+0x13e/0x6a0
[  134.604106][ T2107]  ? __might_sleep+0x13f/0x280
[  134.604301][ T2107]  down_write+0x84/0x220
[  134.604475][ T2107]  ? get_full_task_comm+0x13e/0x6a0
[  134.604695][ T2107]  get_full_task_comm+0x13e/0x6a0
[  134.604901][ T2107]  ? validate_chain+0x68b/0x940
[  134.605100][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.605333][ T2107]  ? mark_held_locks+0x94/0xe0
[  134.605528][ T2107]  ? pvclock_clocksource_read+0x1b6/0x3e0
[  134.605766][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.605990][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.606217][ T2107]  ? kmem_cache_alloc_trace+0xbc8/0x14a0
[  134.606447][ T2107]  ? find_or_register_task+0x1e4/0x360
[  134.606693][ T2107]  find_or_register_task+0x211/0x360
[  134.606910][ T2107]  add_uid_io_stats+0x204/0x4a0
[  134.607110][ T2107]  update_io_stats_all_locked+0x296/0x6e0
[  134.607344][ T2107]  ? update_io_stats_all_locked+0x2c7/0x6e0
[  134.607594][ T2107]  uid_io_show+0x3c/0x640
[  134.607772][ T2107]  ? rcu_read_lock_sched_held+0x3b/0xc0
[  134.608008][ T2107]  ? trace_kmalloc+0x78/0x220
[  134.608201][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.608397][ T2107]  ? __kmalloc+0xc04/0x1360
[  134.608589][ T2107]  ? __mutex_lock+0xc55/0x11c0
[  134.608786][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.608981][ T2107]  ? kvmalloc_node+0x184/0x220
[  134.609175][ T2107]  ? kvm_sched_clock_read+0x3d/0x80
[  134.609387][ T2107]  seq_read_iter+0x239/0xee0
[  134.609581][ T2107]  seq_read+0x290/0x380
[  134.609753][ T2107]  ? fsnotify_perm+0x1e0/0x3c0
[  134.609947][ T2107]  ? seq_read_iter+0xee0/0xee0
[  134.610142][ T2107]  proc_reg_read+0x1f9/0x300
[  134.610331][ T2107]  ? proc_reg_unlocked_ioctl+0x300/0x300
[  134.610560][ T2107]  do_loop_readv_writev+0x7f/0x240
[  134.610775][ T2107]  do_iter_read+0x285/0x320
[  134.610959][ T2107]  ? import_iovec+0x34/0x60
[  134.611144][ T2107]  vfs_readv+0x75/0xc0
[  134.611311][ T2107]  ? lock_release_holdtime+0x46/0x3c0
[  134.611531][ T2107]  ? find_held_lock+0x37/0x120
[  134.611732][ T2107]  ? mutex_lock_nested+0x3c/0x60
[  134.611939][ T2107]  ? __fdget_pos+0x9b/0xc0
[  134.612121][ T2107]  do_readv+0x9d/0x260
[  134.612288][ T2107]  __ia32_sys_readv+0x52/0x80
[  134.612480][ T2107]  do_int80_syscall_32+0x8c/0xe0
[  134.612691][ T2107]  entry_INT80_32+0x128/0x128
[  134.612882][ T2107] EIP: 0xb7f1aa02
[  134.613032][ T2107] Code: 95 01 00 05 25 36 02 00 83 ec 14 8d 80 e8 99 ff ff 50 6a 02
e8 1f ff 00 00 c7 04 24 7f 00 00 00 e8 7e 87 01 00 66 90 90 cd 80 <c3> 8d b6 00 00
00 00 8d bc 27 00 00 00 00 8b 1c 24 c3 8d b6 00 00
[  134.613830][ T2107] EAX: ffffffda EBX: 00000078 ECX: 0117c628 EDX: 00000074
[  134.614120][ T2107] ESI: d7d7d7d7 EDI: 35353535 EBP: 00000033 ESP: bfb84208
[  134.614409][ T2107] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b EFLAGS: 00000296

To reproduce:

        # build kernel
	cd linux
	cp config-5.10.75-12411-ga0f50e9477c4 .config
	make HOSTCC=gcc-9 CC=gcc-9 ARCH=i386 olddefconfig prepare modules_prepare bzImage

        git clone https://github.com/intel/lkp-tests.git
        cd lkp-tests
        bin/lkp qemu -k <bzImage> job-script # job-script is attached in this email

        # if come across any failure that blocks the test,
        # please remove ~/.lkp and /lkp dir to run from a clean state.

---
0DAY/LKP+ Test Infrastructure                   Open Source Technology Center
https://lists.01.org/hyperkitty/list/lkp@lists.01.org       Intel Corporation

Thanks,
Oliver Sang

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013