* possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance)
@ 2025-04-29 14:18 Jianzhou Zhao
2025-04-29 14:54 ` Jianzhou Zhao
2025-04-29 15:49 ` possible " Peter Zijlstra
0 siblings, 2 replies; 3+ messages in thread
From: Jianzhou Zhao @ 2025-04-29 14:18 UTC (permalink / raw)
To: stable
Cc: alexander.shishkin, peterz, mingo, acme, namhyung, mark.rutland,
jolsa, irogers, adrian.hunter, kan.liang, linux-perf-users,
linux-kernel
Hello, I found a potential bug titled " possible deadlock in perf_ctx_lock " with modified syzkaller in the Linux6.12.25(longterm maintenance, last updated on April 25, 2025)
If you fix this issue, please add the following tag to the commit: Reported-by: Jianzhou Zhao <luckd0g@163.com>, xingwei lee <xrivendell7@gmail.com>
The commit of the kernel is : ef4999852d307d38cfdecd91ed6892cc03beb9b8
kernel config: https://syzkaller.appspot.com/text?tag=KernelConfig&x=55f8591b98dd132
compiler: gcc version 11.4.0
Unfortunately, I am unable to reproduce this bug.
------------[ cut here ]-----------------------------------------
TITLE: possible deadlock in perf_ctx_lock
------------[ cut here ]------------
------------[ cut here ]------------
======================================================
WARNING: possible circular locking dependency detected
6.12.25 #3 Not tainted
------------------------------------------------------
syz.9.499/15835 is trying to acquire lock:
ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: console_trylock_spinning kernel/printk/printk.c:2029 [inline]
ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: vprintk_emit kernel/printk/printk.c:2406 [inline]
ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: vprintk_emit+0x377/0x6d0 kernel/printk/printk.c:2353
but task is already holding lock:
ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: perf_ctx_lock+0x6a/0xe0 kernel/events/core.c:183
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #5 (&ctx->lock){-...}-{2:2}:
__raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
_raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
perf_event_context_sched_out kernel/events/core.c:3668 [inline]
__perf_event_task_sched_out+0x4b3/0x18a0 kernel/events/core.c:3772
perf_event_task_sched_out include/linux/perf_event.h:1547 [inline]
prepare_task_switch kernel/sched/core.c:5136 [inline]
context_switch kernel/sched/core.c:5279 [inline]
__schedule+0x2250/0x5b20 kernel/sched/core.c:6710
__schedule_loop kernel/sched/core.c:6787 [inline]
schedule+0xe7/0x350 kernel/sched/core.c:6802
futex_wait_queue+0x101/0x1f0 kernel/futex/waitwake.c:370
__futex_wait+0x23d/0x3c0 kernel/futex/waitwake.c:669
futex_wait+0xdc/0x370 kernel/futex/waitwake.c:697
do_futex+0x250/0x360 kernel/futex/syscalls.c:102
__do_sys_futex kernel/futex/syscalls.c:179 [inline]
__se_sys_futex kernel/futex/syscalls.c:160 [inline]
__x64_sys_futex+0x1c6/0x4c0 kernel/futex/syscalls.c:160
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
-> #4 (&rq->__lock){-.-.}-{2:2}:
_raw_spin_lock_nested+0x34/0x40 kernel/locking/spinlock.c:378
raw_spin_rq_lock_nested+0x2f/0x120 kernel/sched/core.c:598
raw_spin_rq_lock kernel/sched/sched.h:1515 [inline]
task_rq_lock+0xd3/0x390 kernel/sched/core.c:700
cgroup_move_task+0x70/0x220 kernel/sched/psi.c:1161
css_set_move_task+0x280/0x570 kernel/cgroup/cgroup.c:898
cgroup_post_fork+0x20c/0x9d0 kernel/cgroup/cgroup.c:6705
copy_process+0x4bf6/0x8960 kernel/fork.c:2623
kernel_clone+0xeb/0x8f0 kernel/fork.c:2809
user_mode_thread+0xc9/0x110 kernel/fork.c:2887
rest_init+0x23/0x2b0 init/main.c:712
start_kernel+0x3dd/0x4c0 init/main.c:1105
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
common_startup_64+0x13e/0x148
-> #3 (&p->pi_lock){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]
try_to_wake_up+0xb1/0x14b0 kernel/sched/core.c:4168
autoremove_wake_function+0x16/0x150 kernel/sched/wait.c:384
__wake_up_common+0x135/0x1f0 kernel/sched/wait.c:89
__wake_up_common_lock kernel/sched/wait.c:106 [inline]
__wake_up+0x31/0x60 kernel/sched/wait.c:127
tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69
serial8250_tx_chars+0x6a8/0x8a0 drivers/tty/serial/8250/8250_port.c:1821
serial8250_handle_irq+0x6a2/0xbb0 drivers/tty/serial/8250/8250_port.c:1929
serial8250_default_handle_irq+0x9a/0x210 drivers/tty/serial/8250/8250_port.c:1949
serial8250_interrupt+0x103/0x210 drivers/tty/serial/8250/8250_core.c:86
__handle_irq_event_percpu+0x22a/0x7b0 kernel/irq/handle.c:158
handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210
handle_edge_irq+0x265/0xd10 kernel/irq/chip.c:831
generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
handle_irq arch/x86/kernel/irq.c:249 [inline]
call_irq_handler arch/x86/kernel/irq.c:261 [inline]
__common_interrupt+0xe0/0x250 arch/x86/kernel/irq.c:287
common_interrupt+0xf2/0x110 arch/x86/kernel/irq.c:280
asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
pv_native_safe_halt+0x1e/0x30 arch/x86/kernel/paravirt.c:105
arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
default_idle+0x1d/0x30 arch/x86/kernel/process.c:747
default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117
cpuidle_idle_call kernel/sched/idle.c:185 [inline]
do_idle+0x318/0x3c0 kernel/sched/idle.c:326
cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:424
rest_init+0x16b/0x2b0 init/main.c:747
start_kernel+0x3dd/0x4c0 init/main.c:1105
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
common_startup_64+0x13e/0x148
-> #2 (&tty->write_wait){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
__wake_up_common_lock kernel/sched/wait.c:105 [inline]
__wake_up+0x1c/0x60 kernel/sched/wait.c:127
tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69
serial8250_tx_chars+0x6a8/0x8a0 drivers/tty/serial/8250/8250_port.c:1821
serial8250_handle_irq+0x6a2/0xbb0 drivers/tty/serial/8250/8250_port.c:1929
serial8250_default_handle_irq+0x9a/0x210 drivers/tty/serial/8250/8250_port.c:1949
serial8250_interrupt+0x103/0x210 drivers/tty/serial/8250/8250_core.c:86
__handle_irq_event_percpu+0x22a/0x7b0 kernel/irq/handle.c:158
handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210
handle_edge_irq+0x265/0xd10 kernel/irq/chip.c:831
generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
handle_irq arch/x86/kernel/irq.c:249 [inline]
call_irq_handler arch/x86/kernel/irq.c:261 [inline]
__common_interrupt+0xe0/0x250 arch/x86/kernel/irq.c:287
common_interrupt+0xf2/0x110 arch/x86/kernel/irq.c:280
asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
pv_native_safe_halt+0x1e/0x30 arch/x86/kernel/paravirt.c:105
arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
default_idle+0x1d/0x30 arch/x86/kernel/process.c:747
default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117
cpuidle_idle_call kernel/sched/idle.c:185 [inline]
do_idle+0x318/0x3c0 kernel/sched/idle.c:326
cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:424
rest_init+0x16b/0x2b0 init/main.c:747
start_kernel+0x3dd/0x4c0 init/main.c:1105
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
common_startup_64+0x13e/0x148
-> #1 (&port_lock_key){-.-.}-{2:2}:
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
uart_port_lock_irqsave include/linux/serial_core.h:711 [inline]
serial8250_console_write+0xb3e/0x19b0 drivers/tty/serial/8250/8250_port.c:3381
console_emit_next_record kernel/printk/printk.c:3090 [inline]
console_flush_all+0x767/0xc30 kernel/printk/printk.c:3178
__console_flush_and_unlock kernel/printk/printk.c:3237 [inline]
console_unlock+0xc3/0x1f0 kernel/printk/printk.c:3277
vprintk_emit kernel/printk/printk.c:2407 [inline]
vprintk_emit+0x4fb/0x6d0 kernel/printk/printk.c:2353
vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
_printk+0xbf/0x100 kernel/printk/printk.c:2432
register_console+0xc11/0x11b0 kernel/printk/printk.c:4067
univ8250_console_init+0x62/0x90 drivers/tty/serial/8250/8250_core.c:513
console_init+0xcc/0x680 kernel/printk/printk.c:4260
start_kernel+0x293/0x4c0 init/main.c:1040
x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
common_startup_64+0x13e/0x148
-> #0 (console_owner){-.-.}-{0:0}:
check_prev_add kernel/locking/lockdep.c:3161 [inline]
check_prevs_add kernel/locking/lockdep.c:3280 [inline]
validate_chain kernel/locking/lockdep.c:3904 [inline]
__lock_acquire+0x2425/0x3b90 kernel/locking/lockdep.c:5202
lock_acquire.part.0+0x11b/0x370 kernel/locking/lockdep.c:5825
console_trylock_spinning kernel/printk/printk.c:2029 [inline]
vprintk_emit kernel/printk/printk.c:2406 [inline]
vprintk_emit+0x38c/0x6d0 kernel/printk/printk.c:2353
vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
_printk+0xbf/0x100 kernel/printk/printk.c:2432
__report_bug lib/bug.c:195 [inline]
report_bug+0x27c/0x500 lib/bug.c:219
handle_bug+0xe5/0x180 arch/x86/kernel/traps.c:285
exc_invalid_op+0x35/0x80 arch/x86/kernel/traps.c:309
asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
event_sched_in+0x434/0xac0 kernel/events/core.c:2629
group_sched_in kernel/events/core.c:2662 [inline]
merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
pmu_groups_sched_in kernel/events/core.c:3967 [inline]
__pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
perf_event_context_sched_in kernel/events/core.c:4077 [inline]
__perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
context_switch kernel/sched/core.c:5335 [inline]
__schedule+0x1156/0x5b20 kernel/sched/core.c:6710
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
__sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:127
rcu_read_unlock include/linux/rcupdate.h:878 [inline]
count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
mm_account_fault mm/memory.c:5947 [inline]
handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
handle_page_fault arch/x86/mm/fault.c:1481 [inline]
exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
other info that might help us debug this:
Chain exists of:
console_owner --> &rq->__lock --> &ctx->lock
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&ctx->lock);
lock(&rq->__lock);
lock(&ctx->lock);
lock(console_owner);
*** DEADLOCK ***
5 locks held by syz.9.499/15835:
#0: ffff88804a983b68 (&vma->vm_lock->lock){++++}-{3:3}, at: vma_start_read include/linux/mm.h:704 [inline]
#0: ffff88804a983b68 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x141/0x9a0 mm/memory.c:6247
#1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
#1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
#1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: count_memcg_events_mm.constprop.0+0x3a/0x330 include/linux/memcontrol.h:1042
#2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
#2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
#2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: perf_event_context_sched_in kernel/events/core.c:4039 [inline]
#2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: __perf_event_task_sched_in+0xd3/0x6f0 kernel/events/core.c:4106
#3: ffff88802b837af8 (&cpuctx_lock){-.-.}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
#3: ffff88802b837af8 (&cpuctx_lock){-.-.}-{2:2}, at: perf_ctx_lock+0x15/0xe0 kernel/events/core.c:181
#4: ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
#4: ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: perf_ctx_lock+0x6a/0xe0 kernel/events/core.c:183
stack backtrace:
CPU: 0 UID: 0 PID: 15835 Comm: syz.9.499 Not tainted 6.12.25 #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120
print_circular_bug+0x406/0x5c0 kernel/locking/lockdep.c:2074
check_noncircular+0x2f7/0x3e0 kernel/locking/lockdep.c:2206
check_prev_add kernel/locking/lockdep.c:3161 [inline]
check_prevs_add kernel/locking/lockdep.c:3280 [inline]
validate_chain kernel/locking/lockdep.c:3904 [inline]
__lock_acquire+0x2425/0x3b90 kernel/locking/lockdep.c:5202
lock_acquire.part.0+0x11b/0x370 kernel/locking/lockdep.c:5825
console_trylock_spinning kernel/printk/printk.c:2029 [inline]
vprintk_emit kernel/printk/printk.c:2406 [inline]
vprintk_emit+0x38c/0x6d0 kernel/printk/printk.c:2353
vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
_printk+0xbf/0x100 kernel/printk/printk.c:2432
__report_bug lib/bug.c:195 [inline]
report_bug+0x27c/0x500 lib/bug.c:219
handle_bug+0xe5/0x180 arch/x86/kernel/traps.c:285
exc_invalid_op+0x35/0x80 arch/x86/kernel/traps.c:309
asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
RIP: 0010:perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 64 48 89 ab f8 01 00 00 48 89 df e8 b1 ab 26 00 e9 f3 fd ff ff e8 37 87 f6 ff 90 <0f> 0b 90 41 bc ea ff ff ff e9 77 ff ff ff e8 23 c5 56 00 e9 8a fd
RSP: 0018:ffffc9000713f7f0 EFLAGS: 00010006
RAX: 0000000040000002 RBX: ffff88802a069880 RCX: ffffffff8195a68e
RDX: ffff888045ec2500 RSI: ffffffff8195a839 RDI: ffffffff8deabf48
RBP: 0000000000000000 R08: 0000000000000001 R09: fffff52000e27eef
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8deabee0 R14: ffff88802a069928 R15: ffff888051237200
event_sched_in+0x434/0xac0 kernel/events/core.c:2629
group_sched_in kernel/events/core.c:2662 [inline]
merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
pmu_groups_sched_in kernel/events/core.c:3967 [inline]
__pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
perf_event_context_sched_in kernel/events/core.c:4077 [inline]
__perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
context_switch kernel/sched/core.c:5335 [inline]
__schedule+0x1156/0x5b20 kernel/sched/core.c:6710
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:210
Code: 5d 41 5c 41 5d c3 cc cc cc cc 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 04 ae 77 7e 65 8b 05 05 ae 77 7e a9 00 01
RSP: 0000:ffffc9000713fe20 EFLAGS: 00000212
RAX: 000000000000fe4d RBX: 0000000000000200 RCX: ffffc9002f801000
RDX: 0000000000080000 RSI: ffffffff81d2e884 RDI: 0000000000000007
RBP: 0000000000000000 R08: 0000000000000001 R09: fffffbfff2d84fa6
R10: 0000000000000200 R11: 0000000000000000 R12: ffff888020dea000
R13: ffff88804a8558c8 R14: 0000000000000040 R15: ffff88804f13f200
rcu_read_unlock include/linux/rcupdate.h:878 [inline]
count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
mm_account_fault mm/memory.c:5947 [inline]
handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
handle_page_fault arch/x86/mm/fault.c:1481 [inline]
exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0033:0x7fe4fdc4f757
Code: 70 48 63 d5 48 01 c2 49 3b 55 08 77 4e 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c6 77 1c 49 8b 7d 00 49 89 c1 49 29 f1 <46> 0f b6 0c 0f 45 84 c9 74 08 44 88 0c 07 49 8b 45 10 48 83 c0 01
RSP: 002b:00007fe4fec1b420 EFLAGS: 00010206
RAX: 0000000000067001 RBX: 00007fe4fec1b480 RCX: 0000000000000000
RDX: 000000000000004c RSI: 0000000000000001 RDI: 00007fe4f3600000
RBP: 0000000000000102 R08: 0000000000000001 R09: 0000000000067000
R10: 0000000000000000 R11: 00007fe4fec1b490 R12: 00007fe4fec1b490
R13: 00007fe4fec1b520 R14: 0000000000000001 R15: 0000000000000000
</TASK>
WARNING: CPU: 0 PID: 15835 at kernel/trace/trace_event_perf.c:375 perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
Modules linked in:
CPU: 0 UID: 0 PID: 15835 Comm: syz.9.499 Not tainted 6.12.25 #3
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
RIP: 0010:perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 64 48 89 ab f8 01 00 00 48 89 df e8 b1 ab 26 00 e9 f3 fd ff ff e8 37 87 f6 ff 90 <0f> 0b 90 41 bc ea ff ff ff e9 77 ff ff ff e8 23 c5 56 00 e9 8a fd
RSP: 0018:ffffc9000713f7f0 EFLAGS: 00010006
RAX: 0000000040000002 RBX: ffff88802a069880 RCX: ffffffff8195a68e
RDX: ffff888045ec2500 RSI: ffffffff8195a839 RDI: ffffffff8deabf48
RBP: 0000000000000000 R08: 0000000000000001 R09: fffff52000e27eef
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffffffff8deabee0 R14: ffff88802a069928 R15: ffff888051237200
FS: 00007fe4fec1c640(0000) GS:ffff88802b800000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f50219e7bac CR3: 00000000743bc000 CR4: 0000000000752ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 80000000
Call Trace:
<TASK>
event_sched_in+0x434/0xac0 kernel/events/core.c:2629
group_sched_in kernel/events/core.c:2662 [inline]
merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
pmu_groups_sched_in kernel/events/core.c:3967 [inline]
__pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
perf_event_context_sched_in kernel/events/core.c:4077 [inline]
__perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
context_switch kernel/sched/core.c:5335 [inline]
__schedule+0x1156/0x5b20 kernel/sched/core.c:6710
preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
irqentry_exit+0x36/0x90 kernel/entry/common.c:354
asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:210
Code: 5d 41 5c 41 5d c3 cc cc cc cc 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 04 ae 77 7e 65 8b 05 05 ae 77 7e a9 00 01
RSP: 0000:ffffc9000713fe20 EFLAGS: 00000212
RAX: 000000000000fe4d RBX: 0000000000000200 RCX: ffffc9002f801000
RDX: 0000000000080000 RSI: ffffffff81d2e884 RDI: 0000000000000007
RBP: 0000000000000000 R08: 0000000000000001 R09: fffffbfff2d84fa6
R10: 0000000000000200 R11: 0000000000000000 R12: ffff888020dea000
R13: ffff88804a8558c8 R14: 0000000000000040 R15: ffff88804f13f200
rcu_read_unlock include/linux/rcupdate.h:878 [inline]
count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
mm_account_fault mm/memory.c:5947 [inline]
handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
handle_page_fault arch/x86/mm/fault.c:1481 [inline]
exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
RIP: 0033:0x7fe4fdc4f757
Code: 70 48 63 d5 48 01 c2 49 3b 55 08 77 4e 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c6 77 1c 49 8b 7d 00 49 89 c1 49 29 f1 <46> 0f b6 0c 0f 45 84 c9 74 08 44 88 0c 07 49 8b 45 10 48 83 c0 01
RSP: 002b:00007fe4fec1b420 EFLAGS: 00010206
RAX: 0000000000067001 RBX: 00007fe4fec1b480 RCX: 0000000000000000
RDX: 000000000000004c RSI: 0000000000000001 RDI: 00007fe4f3600000
RBP: 0000000000000102 R08: 0000000000000001 R09: 0000000000067000
R10: 0000000000000000 R11: 00007fe4fec1b490 R12: 00007fe4fec1b490
R13: 00007fe4fec1b520 R14: 0000000000000001 R15: 0000000000000000
</TASK>
----------------
Code disassembly (best guess):
0: 5d pop %rbp
1: 41 5c pop %r12
3: 41 5d pop %r13
5: c3 ret
6: cc int3
7: cc int3
8: cc int3
9: cc int3
a: 48 c7 c0 f4 ff ff ff mov $0xfffffffffffffff4,%rax
11: eb 92 jmp 0xffffffa5
13: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
1a: 90 nop
1b: 90 nop
1c: 90 nop
1d: 90 nop
1e: 90 nop
1f: 90 nop
20: 90 nop
21: 90 nop
22: 90 nop
23: 90 nop
24: 90 nop
25: 90 nop
26: 90 nop
27: 90 nop
28: 90 nop
29: 90 nop
* 2a: f3 0f 1e fa endbr64 <-- trapping instruction
2e: 65 48 8b 15 04 ae 77 mov %gs:0x7e77ae04(%rip),%rdx # 0x7e77ae3a
35: 7e
36: 65 8b 05 05 ae 77 7e mov %gs:0x7e77ae05(%rip),%eax # 0x7e77ae42
3d: a9 .byte 0xa9
3e: 00 01 add %al,(%rcx)
===================================================================
I hope it helps.
Best regards
Jianzhou Zhao
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re:possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance)
2025-04-29 14:18 possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance) Jianzhou Zhao
@ 2025-04-29 14:54 ` Jianzhou Zhao
2025-04-29 15:49 ` possible " Peter Zijlstra
1 sibling, 0 replies; 3+ messages in thread
From: Jianzhou Zhao @ 2025-04-29 14:54 UTC (permalink / raw)
To: stable
Cc: alexander.shishkin, peterz, mingo, acme, namhyung, mark.rutland,
jolsa, irogers, adrian.hunter, kan.liang, linux-perf-users,
linux-kernel
When I attempted to reproduce the bug using the crashed log with the help of syzkaller, the following reproduction program was generated. Hope this is helpful to you.
#define _GNU_SOURCE
#include <endian.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/syscall.h>
#include <sys/types.h>
#include <unistd.h>
#define BITMASK(bf_off, bf_len) (((1ull << (bf_len)) - 1) << (bf_off))
#define STORE_BY_BITMASK(type, htobe, addr, val, bf_off, bf_len) \
*(type*)(addr) = \
htobe((htobe(*(type*)(addr)) & ~BITMASK((bf_off), (bf_len))) | \
(((type)(val) << (bf_off)) & BITMASK((bf_off), (bf_len))))
int main(void)
{
syscall(__NR_mmap, /*addr=*/0x1ffffffff000ul, /*len=*/0x1000ul, /*prot=*/0ul,
/*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
/*fd=*/(intptr_t)-1, /*offset=*/0ul);
syscall(__NR_mmap, /*addr=*/0x200000000000ul, /*len=*/0x1000000ul,
/*prot=PROT_WRITE|PROT_READ|PROT_EXEC*/ 7ul,
/*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
/*fd=*/(intptr_t)-1, /*offset=*/0ul);
syscall(__NR_mmap, /*addr=*/0x200001000000ul, /*len=*/0x1000ul, /*prot=*/0ul,
/*flags=MAP_FIXED|MAP_ANONYMOUS|MAP_PRIVATE*/ 0x32ul,
/*fd=*/(intptr_t)-1, /*offset=*/0ul);
const char* reason;
(void)reason;
if (write(1, "executing program\n", sizeof("executing program\n") - 1)) {
}
*(uint32_t*)0x200000000000 = 2;
*(uint32_t*)0x200000000004 = 0x80;
*(uint8_t*)0x200000000008 = 0xef;
*(uint8_t*)0x200000000009 = 0;
*(uint8_t*)0x20000000000a = 0;
*(uint8_t*)0x20000000000b = 0;
*(uint32_t*)0x20000000000c = 0;
*(uint64_t*)0x200000000010 = 0;
*(uint64_t*)0x200000000018 = 0;
*(uint64_t*)0x200000000020 = 0;
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 0, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 1, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 2, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 3, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 4, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 5, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 6, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 7, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 8, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 9, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 10, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 11, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 12, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 13, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 14, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 15, 2);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 17, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 18, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 19, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 20, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 21, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 22, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 23, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 24, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 25, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 26, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 27, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 28, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 29, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 30, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 31, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 32, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 33, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 34, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 35, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 36, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 37, 1);
STORE_BY_BITMASK(uint64_t, , 0x200000000028, 0, 38, 26);
*(uint32_t*)0x200000000030 = 0;
*(uint32_t*)0x200000000034 = 0;
*(uint64_t*)0x200000000038 = 0;
*(uint64_t*)0x200000000040 = 0;
*(uint64_t*)0x200000000048 = 0x6000;
*(uint64_t*)0x200000000050 = 0xfffffffffffffffd;
*(uint32_t*)0x200000000058 = 0;
*(uint32_t*)0x20000000005c = 0;
*(uint64_t*)0x200000000060 = 0;
*(uint32_t*)0x200000000068 = 0;
*(uint16_t*)0x20000000006c = 0x10;
*(uint16_t*)0x20000000006e = 0;
*(uint32_t*)0x200000000070 = 0;
*(uint32_t*)0x200000000074 = 0;
*(uint64_t*)0x200000000078 = 0;
syscall(__NR_perf_event_open, /*attr=*/0x200000000000ul, /*pid=*/0,
/*cpu=*/0ul, /*group=*/(intptr_t)-1, /*flags=*/0ul);
return 0;
}
At 2025-04-29 22:18:04, "Jianzhou Zhao" <luckd0g@163.com> wrote:
>Hello, I found a potential bug titled " possible deadlock in perf_ctx_lock " with modified syzkaller in the Linux6.12.25(longterm maintenance, last updated on April 25, 2025)
>If you fix this issue, please add the following tag to the commit: Reported-by: Jianzhou Zhao <luckd0g@163.com>, xingwei lee <xrivendell7@gmail.com>
>The commit of the kernel is : ef4999852d307d38cfdecd91ed6892cc03beb9b8
>kernel config: https://syzkaller.appspot.com/text?tag=KernelConfig&x=55f8591b98dd132
>compiler: gcc version 11.4.0
>
>Unfortunately, I am unable to reproduce this bug.
>
>------------[ cut here ]-----------------------------------------
> TITLE: possible deadlock in perf_ctx_lock
>------------[ cut here ]------------
>------------[ cut here ]------------
>======================================================
>WARNING: possible circular locking dependency detected
>6.12.25 #3 Not tainted
>------------------------------------------------------
>syz.9.499/15835 is trying to acquire lock:
>ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: console_trylock_spinning kernel/printk/printk.c:2029 [inline]
>ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: vprintk_emit kernel/printk/printk.c:2406 [inline]
>ffffffff8dec35a0 (console_owner){-.-.}-{0:0}, at: vprintk_emit+0x377/0x6d0 kernel/printk/printk.c:2353
>
>but task is already holding lock:
>ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
>ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: perf_ctx_lock+0x6a/0xe0 kernel/events/core.c:183
>
>which lock already depends on the new lock.
>
>
>the existing dependency chain (in reverse order) is:
>
>-> #5 (&ctx->lock){-...}-{2:2}:
> __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline]
> _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154
> perf_event_context_sched_out kernel/events/core.c:3668 [inline]
> __perf_event_task_sched_out+0x4b3/0x18a0 kernel/events/core.c:3772
> perf_event_task_sched_out include/linux/perf_event.h:1547 [inline]
> prepare_task_switch kernel/sched/core.c:5136 [inline]
> context_switch kernel/sched/core.c:5279 [inline]
> __schedule+0x2250/0x5b20 kernel/sched/core.c:6710
> __schedule_loop kernel/sched/core.c:6787 [inline]
> schedule+0xe7/0x350 kernel/sched/core.c:6802
> futex_wait_queue+0x101/0x1f0 kernel/futex/waitwake.c:370
> __futex_wait+0x23d/0x3c0 kernel/futex/waitwake.c:669
> futex_wait+0xdc/0x370 kernel/futex/waitwake.c:697
> do_futex+0x250/0x360 kernel/futex/syscalls.c:102
> __do_sys_futex kernel/futex/syscalls.c:179 [inline]
> __se_sys_futex kernel/futex/syscalls.c:160 [inline]
> __x64_sys_futex+0x1c6/0x4c0 kernel/futex/syscalls.c:160
> do_syscall_x64 arch/x86/entry/common.c:52 [inline]
> do_syscall_64+0xcb/0x250 arch/x86/entry/common.c:83
> entry_SYSCALL_64_after_hwframe+0x77/0x7f
>
>-> #4 (&rq->__lock){-.-.}-{2:2}:
> _raw_spin_lock_nested+0x34/0x40 kernel/locking/spinlock.c:378
> raw_spin_rq_lock_nested+0x2f/0x120 kernel/sched/core.c:598
> raw_spin_rq_lock kernel/sched/sched.h:1515 [inline]
> task_rq_lock+0xd3/0x390 kernel/sched/core.c:700
> cgroup_move_task+0x70/0x220 kernel/sched/psi.c:1161
> css_set_move_task+0x280/0x570 kernel/cgroup/cgroup.c:898
> cgroup_post_fork+0x20c/0x9d0 kernel/cgroup/cgroup.c:6705
> copy_process+0x4bf6/0x8960 kernel/fork.c:2623
> kernel_clone+0xeb/0x8f0 kernel/fork.c:2809
> user_mode_thread+0xc9/0x110 kernel/fork.c:2887
> rest_init+0x23/0x2b0 init/main.c:712
> start_kernel+0x3dd/0x4c0 init/main.c:1105
> x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
> x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
> common_startup_64+0x13e/0x148
>
>-> #3 (&p->pi_lock){-.-.}-{2:2}:
> __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
> _raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
> class_raw_spinlock_irqsave_constructor include/linux/spinlock.h:551 [inline]
> try_to_wake_up+0xb1/0x14b0 kernel/sched/core.c:4168
> autoremove_wake_function+0x16/0x150 kernel/sched/wait.c:384
> __wake_up_common+0x135/0x1f0 kernel/sched/wait.c:89
> __wake_up_common_lock kernel/sched/wait.c:106 [inline]
> __wake_up+0x31/0x60 kernel/sched/wait.c:127
> tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69
> serial8250_tx_chars+0x6a8/0x8a0 drivers/tty/serial/8250/8250_port.c:1821
> serial8250_handle_irq+0x6a2/0xbb0 drivers/tty/serial/8250/8250_port.c:1929
> serial8250_default_handle_irq+0x9a/0x210 drivers/tty/serial/8250/8250_port.c:1949
> serial8250_interrupt+0x103/0x210 drivers/tty/serial/8250/8250_core.c:86
> __handle_irq_event_percpu+0x22a/0x7b0 kernel/irq/handle.c:158
> handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
> handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210
> handle_edge_irq+0x265/0xd10 kernel/irq/chip.c:831
> generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
> handle_irq arch/x86/kernel/irq.c:249 [inline]
> call_irq_handler arch/x86/kernel/irq.c:261 [inline]
> __common_interrupt+0xe0/0x250 arch/x86/kernel/irq.c:287
> common_interrupt+0xf2/0x110 arch/x86/kernel/irq.c:280
> asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
> native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
> pv_native_safe_halt+0x1e/0x30 arch/x86/kernel/paravirt.c:105
> arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
> default_idle+0x1d/0x30 arch/x86/kernel/process.c:747
> default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117
> cpuidle_idle_call kernel/sched/idle.c:185 [inline]
> do_idle+0x318/0x3c0 kernel/sched/idle.c:326
> cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:424
> rest_init+0x16b/0x2b0 init/main.c:747
> start_kernel+0x3dd/0x4c0 init/main.c:1105
> x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
> x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
> common_startup_64+0x13e/0x148
>
>-> #2 (&tty->write_wait){-.-.}-{2:2}:
> __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
> _raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
> __wake_up_common_lock kernel/sched/wait.c:105 [inline]
> __wake_up+0x1c/0x60 kernel/sched/wait.c:127
> tty_port_default_wakeup+0x2a/0x40 drivers/tty/tty_port.c:69
> serial8250_tx_chars+0x6a8/0x8a0 drivers/tty/serial/8250/8250_port.c:1821
> serial8250_handle_irq+0x6a2/0xbb0 drivers/tty/serial/8250/8250_port.c:1929
> serial8250_default_handle_irq+0x9a/0x210 drivers/tty/serial/8250/8250_port.c:1949
> serial8250_interrupt+0x103/0x210 drivers/tty/serial/8250/8250_core.c:86
> __handle_irq_event_percpu+0x22a/0x7b0 kernel/irq/handle.c:158
> handle_irq_event_percpu kernel/irq/handle.c:193 [inline]
> handle_irq_event+0xab/0x1e0 kernel/irq/handle.c:210
> handle_edge_irq+0x265/0xd10 kernel/irq/chip.c:831
> generic_handle_irq_desc include/linux/irqdesc.h:173 [inline]
> handle_irq arch/x86/kernel/irq.c:249 [inline]
> call_irq_handler arch/x86/kernel/irq.c:261 [inline]
> __common_interrupt+0xe0/0x250 arch/x86/kernel/irq.c:287
> common_interrupt+0xf2/0x110 arch/x86/kernel/irq.c:280
> asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:693
> native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
> pv_native_safe_halt+0x1e/0x30 arch/x86/kernel/paravirt.c:105
> arch_safe_halt arch/x86/include/asm/paravirt.h:112 [inline]
> default_idle+0x1d/0x30 arch/x86/kernel/process.c:747
> default_idle_call+0x6d/0xb0 kernel/sched/idle.c:117
> cpuidle_idle_call kernel/sched/idle.c:185 [inline]
> do_idle+0x318/0x3c0 kernel/sched/idle.c:326
> cpu_startup_entry+0x4f/0x60 kernel/sched/idle.c:424
> rest_init+0x16b/0x2b0 init/main.c:747
> start_kernel+0x3dd/0x4c0 init/main.c:1105
> x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
> x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
> common_startup_64+0x13e/0x148
>
>-> #1 (&port_lock_key){-.-.}-{2:2}:
> __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
> _raw_spin_lock_irqsave+0x3d/0x60 kernel/locking/spinlock.c:162
> uart_port_lock_irqsave include/linux/serial_core.h:711 [inline]
> serial8250_console_write+0xb3e/0x19b0 drivers/tty/serial/8250/8250_port.c:3381
> console_emit_next_record kernel/printk/printk.c:3090 [inline]
> console_flush_all+0x767/0xc30 kernel/printk/printk.c:3178
> __console_flush_and_unlock kernel/printk/printk.c:3237 [inline]
> console_unlock+0xc3/0x1f0 kernel/printk/printk.c:3277
> vprintk_emit kernel/printk/printk.c:2407 [inline]
> vprintk_emit+0x4fb/0x6d0 kernel/printk/printk.c:2353
> vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
> _printk+0xbf/0x100 kernel/printk/printk.c:2432
> register_console+0xc11/0x11b0 kernel/printk/printk.c:4067
> univ8250_console_init+0x62/0x90 drivers/tty/serial/8250/8250_core.c:513
> console_init+0xcc/0x680 kernel/printk/printk.c:4260
> start_kernel+0x293/0x4c0 init/main.c:1040
> x86_64_start_reservations+0x18/0x30 arch/x86/kernel/head64.c:507
> x86_64_start_kernel+0xb3/0xc0 arch/x86/kernel/head64.c:488
> common_startup_64+0x13e/0x148
>
>-> #0 (console_owner){-.-.}-{0:0}:
> check_prev_add kernel/locking/lockdep.c:3161 [inline]
> check_prevs_add kernel/locking/lockdep.c:3280 [inline]
> validate_chain kernel/locking/lockdep.c:3904 [inline]
> __lock_acquire+0x2425/0x3b90 kernel/locking/lockdep.c:5202
> lock_acquire.part.0+0x11b/0x370 kernel/locking/lockdep.c:5825
> console_trylock_spinning kernel/printk/printk.c:2029 [inline]
> vprintk_emit kernel/printk/printk.c:2406 [inline]
> vprintk_emit+0x38c/0x6d0 kernel/printk/printk.c:2353
> vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
> _printk+0xbf/0x100 kernel/printk/printk.c:2432
> __report_bug lib/bug.c:195 [inline]
> report_bug+0x27c/0x500 lib/bug.c:219
> handle_bug+0xe5/0x180 arch/x86/kernel/traps.c:285
> exc_invalid_op+0x35/0x80 arch/x86/kernel/traps.c:309
> asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
> perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
> event_sched_in+0x434/0xac0 kernel/events/core.c:2629
> group_sched_in kernel/events/core.c:2662 [inline]
> merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
> visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
> pmu_groups_sched_in kernel/events/core.c:3967 [inline]
> __pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
> ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
> perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
> perf_event_context_sched_in kernel/events/core.c:4077 [inline]
> __perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
> perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
> finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
> context_switch kernel/sched/core.c:5335 [inline]
> __schedule+0x1156/0x5b20 kernel/sched/core.c:6710
> preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
> irqentry_exit+0x36/0x90 kernel/entry/common.c:354
> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
> __sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:127
> rcu_read_unlock include/linux/rcupdate.h:878 [inline]
> count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
> count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
> mm_account_fault mm/memory.c:5947 [inline]
> handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
> do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
> handle_page_fault arch/x86/mm/fault.c:1481 [inline]
> exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
> asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
>
>other info that might help us debug this:
>
>Chain exists of:
> console_owner --> &rq->__lock --> &ctx->lock
>
> Possible unsafe locking scenario:
>
> CPU0 CPU1
> ---- ----
> lock(&ctx->lock);
> lock(&rq->__lock);
> lock(&ctx->lock);
> lock(console_owner);
>
> *** DEADLOCK ***
>
>5 locks held by syz.9.499/15835:
> #0: ffff88804a983b68 (&vma->vm_lock->lock){++++}-{3:3}, at: vma_start_read include/linux/mm.h:704 [inline]
> #0: ffff88804a983b68 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x141/0x9a0 mm/memory.c:6247
> #1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
> #1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
> #1: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: count_memcg_events_mm.constprop.0+0x3a/0x330 include/linux/memcontrol.h:1042
> #2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
> #2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
> #2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: perf_event_context_sched_in kernel/events/core.c:4039 [inline]
> #2: ffffffff8dfb62a0 (rcu_read_lock){....}-{1:2}, at: __perf_event_task_sched_in+0xd3/0x6f0 kernel/events/core.c:4106
> #3: ffff88802b837af8 (&cpuctx_lock){-.-.}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
> #3: ffff88802b837af8 (&cpuctx_lock){-.-.}-{2:2}, at: perf_ctx_lock+0x15/0xe0 kernel/events/core.c:181
> #4: ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: __perf_ctx_lock kernel/events/core.c:174 [inline]
> #4: ffff88804ed2b818 (&ctx->lock){-...}-{2:2}, at: perf_ctx_lock+0x6a/0xe0 kernel/events/core.c:183
>
>stack backtrace:
>CPU: 0 UID: 0 PID: 15835 Comm: syz.9.499 Not tainted 6.12.25 #3
>Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
>Call Trace:
> <TASK>
> __dump_stack lib/dump_stack.c:94 [inline]
> dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120
> print_circular_bug+0x406/0x5c0 kernel/locking/lockdep.c:2074
> check_noncircular+0x2f7/0x3e0 kernel/locking/lockdep.c:2206
> check_prev_add kernel/locking/lockdep.c:3161 [inline]
> check_prevs_add kernel/locking/lockdep.c:3280 [inline]
> validate_chain kernel/locking/lockdep.c:3904 [inline]
> __lock_acquire+0x2425/0x3b90 kernel/locking/lockdep.c:5202
> lock_acquire.part.0+0x11b/0x370 kernel/locking/lockdep.c:5825
> console_trylock_spinning kernel/printk/printk.c:2029 [inline]
> vprintk_emit kernel/printk/printk.c:2406 [inline]
> vprintk_emit+0x38c/0x6d0 kernel/printk/printk.c:2353
> vprintk+0x93/0xb0 kernel/printk/printk_safe.c:73
> _printk+0xbf/0x100 kernel/printk/printk.c:2432
> __report_bug lib/bug.c:195 [inline]
> report_bug+0x27c/0x500 lib/bug.c:219
> handle_bug+0xe5/0x180 arch/x86/kernel/traps.c:285
> exc_invalid_op+0x35/0x80 arch/x86/kernel/traps.c:309
> asm_exc_invalid_op+0x1a/0x20 arch/x86/include/asm/idtentry.h:621
>RIP: 0010:perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
>Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 64 48 89 ab f8 01 00 00 48 89 df e8 b1 ab 26 00 e9 f3 fd ff ff e8 37 87 f6 ff 90 <0f> 0b 90 41 bc ea ff ff ff e9 77 ff ff ff e8 23 c5 56 00 e9 8a fd
>RSP: 0018:ffffc9000713f7f0 EFLAGS: 00010006
>RAX: 0000000040000002 RBX: ffff88802a069880 RCX: ffffffff8195a68e
>RDX: ffff888045ec2500 RSI: ffffffff8195a839 RDI: ffffffff8deabf48
>RBP: 0000000000000000 R08: 0000000000000001 R09: fffff52000e27eef
>R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
>R13: ffffffff8deabee0 R14: ffff88802a069928 R15: ffff888051237200
> event_sched_in+0x434/0xac0 kernel/events/core.c:2629
> group_sched_in kernel/events/core.c:2662 [inline]
> merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
> visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
> pmu_groups_sched_in kernel/events/core.c:3967 [inline]
> __pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
> ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
> perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
> perf_event_context_sched_in kernel/events/core.c:4077 [inline]
> __perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
> perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
> finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
> context_switch kernel/sched/core.c:5335 [inline]
> __schedule+0x1156/0x5b20 kernel/sched/core.c:6710
> preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
> irqentry_exit+0x36/0x90 kernel/entry/common.c:354
> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
>RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:210
>Code: 5d 41 5c 41 5d c3 cc cc cc cc 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 04 ae 77 7e 65 8b 05 05 ae 77 7e a9 00 01
>RSP: 0000:ffffc9000713fe20 EFLAGS: 00000212
>RAX: 000000000000fe4d RBX: 0000000000000200 RCX: ffffc9002f801000
>RDX: 0000000000080000 RSI: ffffffff81d2e884 RDI: 0000000000000007
>RBP: 0000000000000000 R08: 0000000000000001 R09: fffffbfff2d84fa6
>R10: 0000000000000200 R11: 0000000000000000 R12: ffff888020dea000
>R13: ffff88804a8558c8 R14: 0000000000000040 R15: ffff88804f13f200
> rcu_read_unlock include/linux/rcupdate.h:878 [inline]
> count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
> count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
> mm_account_fault mm/memory.c:5947 [inline]
> handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
> do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
> handle_page_fault arch/x86/mm/fault.c:1481 [inline]
> exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
> asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
>RIP: 0033:0x7fe4fdc4f757
>Code: 70 48 63 d5 48 01 c2 49 3b 55 08 77 4e 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c6 77 1c 49 8b 7d 00 49 89 c1 49 29 f1 <46> 0f b6 0c 0f 45 84 c9 74 08 44 88 0c 07 49 8b 45 10 48 83 c0 01
>RSP: 002b:00007fe4fec1b420 EFLAGS: 00010206
>RAX: 0000000000067001 RBX: 00007fe4fec1b480 RCX: 0000000000000000
>RDX: 000000000000004c RSI: 0000000000000001 RDI: 00007fe4f3600000
>RBP: 0000000000000102 R08: 0000000000000001 R09: 0000000000067000
>R10: 0000000000000000 R11: 00007fe4fec1b490 R12: 00007fe4fec1b490
>R13: 00007fe4fec1b520 R14: 0000000000000001 R15: 0000000000000000
> </TASK>
>WARNING: CPU: 0 PID: 15835 at kernel/trace/trace_event_perf.c:375 perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
>Modules linked in:
>CPU: 0 UID: 0 PID: 15835 Comm: syz.9.499 Not tainted 6.12.25 #3
>Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
>RIP: 0010:perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
>Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 64 48 89 ab f8 01 00 00 48 89 df e8 b1 ab 26 00 e9 f3 fd ff ff e8 37 87 f6 ff 90 <0f> 0b 90 41 bc ea ff ff ff e9 77 ff ff ff e8 23 c5 56 00 e9 8a fd
>RSP: 0018:ffffc9000713f7f0 EFLAGS: 00010006
>RAX: 0000000040000002 RBX: ffff88802a069880 RCX: ffffffff8195a68e
>RDX: ffff888045ec2500 RSI: ffffffff8195a839 RDI: ffffffff8deabf48
>RBP: 0000000000000000 R08: 0000000000000001 R09: fffff52000e27eef
>R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
>R13: ffffffff8deabee0 R14: ffff88802a069928 R15: ffff888051237200
>FS: 00007fe4fec1c640(0000) GS:ffff88802b800000(0000) knlGS:0000000000000000
>CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
>CR2: 00007f50219e7bac CR3: 00000000743bc000 CR4: 0000000000752ef0
>DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
>PKRU: 80000000
>Call Trace:
> <TASK>
> event_sched_in+0x434/0xac0 kernel/events/core.c:2629
> group_sched_in kernel/events/core.c:2662 [inline]
> merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
> visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
> pmu_groups_sched_in kernel/events/core.c:3967 [inline]
> __pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
> ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
> perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
> perf_event_context_sched_in kernel/events/core.c:4077 [inline]
> __perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
> perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
> finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
> context_switch kernel/sched/core.c:5335 [inline]
> __schedule+0x1156/0x5b20 kernel/sched/core.c:6710
> preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
> irqentry_exit+0x36/0x90 kernel/entry/common.c:354
> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
>RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x80 kernel/kcov.c:210
>Code: 5d 41 5c 41 5d c3 cc cc cc cc 48 c7 c0 f4 ff ff ff eb 92 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 65 48 8b 15 04 ae 77 7e 65 8b 05 05 ae 77 7e a9 00 01
>RSP: 0000:ffffc9000713fe20 EFLAGS: 00000212
>RAX: 000000000000fe4d RBX: 0000000000000200 RCX: ffffc9002f801000
>RDX: 0000000000080000 RSI: ffffffff81d2e884 RDI: 0000000000000007
>RBP: 0000000000000000 R08: 0000000000000001 R09: fffffbfff2d84fa6
>R10: 0000000000000200 R11: 0000000000000000 R12: ffff888020dea000
>R13: ffff88804a8558c8 R14: 0000000000000040 R15: ffff88804f13f200
> rcu_read_unlock include/linux/rcupdate.h:878 [inline]
> count_memcg_events_mm.constprop.0+0x12a/0x330 include/linux/memcontrol.h:1046
> count_memcg_event_mm include/linux/memcontrol.h:1052 [inline]
> mm_account_fault mm/memory.c:5947 [inline]
> handle_mm_fault+0x5af/0xab0 mm/memory.c:6107
> do_user_addr_fault+0x61b/0x13a0 arch/x86/mm/fault.c:1338
> handle_page_fault arch/x86/mm/fault.c:1481 [inline]
> exc_page_fault+0x98/0x180 arch/x86/mm/fault.c:1539
> asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623
>RIP: 0033:0x7fe4fdc4f757
>Code: 70 48 63 d5 48 01 c2 49 3b 55 08 77 4e 8d 55 ff 85 ed 74 35 0f 1f 80 00 00 00 00 48 39 c6 77 1c 49 8b 7d 00 49 89 c1 49 29 f1 <46> 0f b6 0c 0f 45 84 c9 74 08 44 88 0c 07 49 8b 45 10 48 83 c0 01
>RSP: 002b:00007fe4fec1b420 EFLAGS: 00010206
>RAX: 0000000000067001 RBX: 00007fe4fec1b480 RCX: 0000000000000000
>RDX: 000000000000004c RSI: 0000000000000001 RDI: 00007fe4f3600000
>RBP: 0000000000000102 R08: 0000000000000001 R09: 0000000000067000
>R10: 0000000000000000 R11: 00007fe4fec1b490 R12: 00007fe4fec1b490
>R13: 00007fe4fec1b520 R14: 0000000000000001 R15: 0000000000000000
> </TASK>
>----------------
>Code disassembly (best guess):
> 0: 5d pop %rbp
> 1: 41 5c pop %r12
> 3: 41 5d pop %r13
> 5: c3 ret
> 6: cc int3
> 7: cc int3
> 8: cc int3
> 9: cc int3
> a: 48 c7 c0 f4 ff ff ff mov $0xfffffffffffffff4,%rax
> 11: eb 92 jmp 0xffffffa5
> 13: 0f 1f 80 00 00 00 00 nopl 0x0(%rax)
> 1a: 90 nop
> 1b: 90 nop
> 1c: 90 nop
> 1d: 90 nop
> 1e: 90 nop
> 1f: 90 nop
> 20: 90 nop
> 21: 90 nop
> 22: 90 nop
> 23: 90 nop
> 24: 90 nop
> 25: 90 nop
> 26: 90 nop
> 27: 90 nop
> 28: 90 nop
> 29: 90 nop
>* 2a: f3 0f 1e fa endbr64 <-- trapping instruction
> 2e: 65 48 8b 15 04 ae 77 mov %gs:0x7e77ae04(%rip),%rdx # 0x7e77ae3a
> 35: 7e
> 36: 65 8b 05 05 ae 77 7e mov %gs:0x7e77ae05(%rip),%eax # 0x7e77ae42
> 3d: a9 .byte 0xa9
> 3e: 00 01 add %al,(%rcx)
>===================================================================
>
>
>I hope it helps.
>Best regards
>Jianzhou Zhao
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance)
2025-04-29 14:18 possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance) Jianzhou Zhao
2025-04-29 14:54 ` Jianzhou Zhao
@ 2025-04-29 15:49 ` Peter Zijlstra
1 sibling, 0 replies; 3+ messages in thread
From: Peter Zijlstra @ 2025-04-29 15:49 UTC (permalink / raw)
To: Jianzhou Zhao
Cc: stable, alexander.shishkin, mingo, acme, namhyung, mark.rutland,
jolsa, irogers, adrian.hunter, kan.liang, linux-perf-users,
linux-kernel
On Tue, Apr 29, 2025 at 10:18:04PM +0800, Jianzhou Zhao wrote:
> Hello, I found a potential bug titled " possible deadlock in perf_ctx_lock " with modified syzkaller in the Linux6.12.25(longterm maintenance, last updated on April 25, 2025)
Nah, you hit a WARN and then printk being lousy made it explode worse.
> WARNING: CPU: 0 PID: 15835 at kernel/trace/trace_event_perf.c:375 perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
> Modules linked in:
> CPU: 0 UID: 0 PID: 15835 Comm: syz.9.499 Not tainted 6.12.25 #3
> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014
> RIP: 0010:perf_trace_add+0x2da/0x390 kernel/trace/trace_event_perf.c:375
> Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 64 48 89 ab f8 01 00 00 48 89 df e8 b1 ab 26 00 e9 f3 fd ff ff e8 37 87 f6 ff 90 <0f> 0b 90 41 bc ea ff ff ff e9 77 ff ff ff e8 23 c5 56 00 e9 8a fd
> RSP: 0018:ffffc9000713f7f0 EFLAGS: 00010006
> RAX: 0000000040000002 RBX: ffff88802a069880 RCX: ffffffff8195a68e
> RDX: ffff888045ec2500 RSI: ffffffff8195a839 RDI: ffffffff8deabf48
> RBP: 0000000000000000 R08: 0000000000000001 R09: fffff52000e27eef
> R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
> R13: ffffffff8deabee0 R14: ffff88802a069928 R15: ffff888051237200
> FS: 00007fe4fec1c640(0000) GS:ffff88802b800000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00007f50219e7bac CR3: 00000000743bc000 CR4: 0000000000752ef0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> PKRU: 80000000
> Call Trace:
> <TASK>
> event_sched_in+0x434/0xac0 kernel/events/core.c:2629
> group_sched_in kernel/events/core.c:2662 [inline]
> merge_sched_in+0x895/0x1570 kernel/events/core.c:3940
> visit_groups_merge.constprop.0.isra.0+0x6d2/0x1250 kernel/events/core.c:3885
> pmu_groups_sched_in kernel/events/core.c:3967 [inline]
> __pmu_ctx_sched_in kernel/events/core.c:3979 [inline]
> ctx_sched_in+0x5c1/0xa30 kernel/events/core.c:4030
> perf_event_sched_in+0x5d/0x90 kernel/events/core.c:2760
> perf_event_context_sched_in kernel/events/core.c:4077 [inline]
> __perf_event_task_sched_in+0x33a/0x6f0 kernel/events/core.c:4106
> perf_event_task_sched_in include/linux/perf_event.h:1524 [inline]
> finish_task_switch.isra.0+0x5f9/0xcb0 kernel/sched/core.c:5201
> context_switch kernel/sched/core.c:5335 [inline]
> __schedule+0x1156/0x5b20 kernel/sched/core.c:6710
> preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7032
> irqentry_exit+0x36/0x90 kernel/entry/common.c:354
> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
Not quite sure which of the WARNs that is, as I don't keep the stable
trees around and .12 is quite old by now.
Anyway, if you can reproduce I'll take a look.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-04-29 15:49 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-04-29 14:18 possible deadlock in perf_ctx_lock in linux6.12.25(longterm maintenance) Jianzhou Zhao
2025-04-29 14:54 ` Jianzhou Zhao
2025-04-29 15:49 ` possible " Peter Zijlstra
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox