http://bugzilla.opensuse.org/show_bug.cgi?id=1045105 Bug ID: 1045105 Summary: DELL 5510, nouveau, iwlwifi UBSAN and lock debugging messages Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: x86-64 OS: Linux Status: NEW Severity: Minor Priority: P5 - None Component: Kernel Assignee: kernel-maintainers@forge.provo.novell.com Reporter: richard.palethorpe@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 729486 --> http://bugzilla.opensuse.org/attachment.cgi?id=729486&action=edit unfiltered kernel log I accidentally ran the syzkaller kernel on my laptop and got some messages from UBSAN and lock debugging which may be of interest, mainly because the laptop has been known to crash in the past. If any of them turn out to be important I can slpit this into multiple bug reports. ================================================================================ Jun 20 08:54:42 linux-v3j5 kernel: UBSAN: Undefined behaviour in ../drivers/gpu/drm/nouveau/nvkm/subdev/gpio/base.c:167:16 Jun 20 08:54:42 linux-v3j5 kernel: shift exponent 32 is too large for 32-bit type 'int' Jun 20 08:54:42 linux-v3j5 kernel: Hardware name: Dell Inc. Precision 5510/0N8J4R, BIOS 01.02.00 04/07/2016 Jun 20 08:54:42 linux-v3j5 kernel: Call Trace: Jun 20 08:54:42 linux-v3j5 kernel: dump_stack+0x100/0x180 Jun 20 08:54:42 linux-v3j5 kernel: ? _atomic_dec_and_lock+0x100/0x100 Jun 20 08:54:42 linux-v3j5 kernel: ubsan_epilogue+0x12/0x8f Jun 20 08:54:42 linux-v3j5 kernel: __ubsan_handle_shift_out_of_bounds+0x29c/0x300 Jun 20 08:54:42 linux-v3j5 kernel: ? __ubsan_handle_load_invalid_value+0x1bd/0x1bd Jun 20 08:54:42 linux-v3j5 kernel: ? trace_hardirqs_on_caller+0x46c/0x6b0 Jun 20 08:54:42 linux-v3j5 kernel: ? g94_i2c_pad_mode+0x1c0/0x450 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_i2c_pad_mode_locked+0x23c/0x370 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_gpio_fini+0x20a/0x2f0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_gpio_fini+0x20a/0x2f0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_gpio_intr_init+0x140/0x140 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? trace_hardirqs_on_caller+0x46c/0x6b0 Jun 20 08:54:42 linux-v3j5 kernel: ? ktime_get+0x12b/0x1c0 Jun 20 08:54:42 linux-v3j5 kernel: nvkm_subdev_fini+0x113/0x730 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_gpio_intr_init+0x140/0x140 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_device_fini+0xce/0x530 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_device_init+0x256/0x660 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_udevice_init+0xd0/0x190 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_udevice_fini+0x1c0/0x1c0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_object_init+0xfa/0x790 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_ioctl_new+0x504/0xd60 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_client_child_new+0x70/0x70 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_ioctl_del+0x2f0/0x2f0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? pci_device_probe+0x2e9/0x3a0 Jun 20 08:54:42 linux-v3j5 kernel: ? __driver_attach+0x20d/0x290 Jun 20 08:54:42 linux-v3j5 kernel: ? bus_for_each_dev+0x15a/0x1f0 Jun 20 08:54:42 linux-v3j5 kernel: ? driver_attach+0x47/0x70 Jun 20 08:54:42 linux-v3j5 kernel: ? bus_add_driver+0x45f/0x880 Jun 20 08:54:42 linux-v3j5 kernel: ? driver_register+0x1d6/0x410 Jun 20 08:54:42 linux-v3j5 kernel: ? __pci_register_driver+0x1a6/0x250 Jun 20 08:54:42 linux-v3j5 kernel: ? drm_pci_init+0x414/0x540 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_drm_init+0x320/0x1000 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? do_one_initcall+0x159/0x2e0 Jun 20 08:54:42 linux-v3j5 kernel: ? do_init_module+0x272/0x64d Jun 20 08:54:42 linux-v3j5 kernel: ? load_module+0x3268/0x5450 Jun 20 08:54:42 linux-v3j5 kernel: ? SYSC_finit_module+0x169/0x1a0 Jun 20 08:54:42 linux-v3j5 kernel: ? SyS_finit_module+0xe/0x10 Jun 20 08:54:42 linux-v3j5 kernel: ? do_syscall_64+0x1ae/0x520 Jun 20 08:54:42 linux-v3j5 kernel: ? entry_SYSCALL64_slow_path+0x25/0x25 Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_client_notify+0x1a0/0x1a0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_udevice_rd08+0x120/0x120 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_object_search+0x44/0x230 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? mark_held_locks+0xff/0x280 Jun 20 08:54:42 linux-v3j5 kernel: nvkm_ioctl+0x547/0xda0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvkm_client_ioctl+0x3d/0x50 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_client_map+0x30/0x30 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvif_object_ioctl+0x1cf/0x2f0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvif_object_init+0x311/0x4c0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nvif_device_init+0x46/0xd0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nouveau_cli_init+0x3c9/0x770 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_drm_preclose+0x440/0x440 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_drm_load+0xb1/0x2090 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nouveau_drm_load+0x134/0x2090 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? trace_hardirqs_on+0xd/0x10 Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_pmops_runtime_resume+0x3b0/0x3b0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? drm_dev_register+0x36a/0x7b0 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? kasan_slab_free+0x89/0xc0 Jun 20 08:54:42 linux-v3j5 kernel: ? kfree+0x136/0x580 Jun 20 08:54:42 linux-v3j5 kernel: drm_dev_register+0x23e/0x7b0 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_pmops_runtime_resume+0x3b0/0x3b0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: drm_get_pci_dev+0x1cb/0x700 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? drm_pci_agp_destroy+0x120/0x120 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? nvkm_device_pci_new+0x45/0x9d0 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: nouveau_drm_probe+0x4e1/0x790 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? _raw_spin_unlock_irqrestore+0x53/0x70 Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_drm_open+0x890/0x890 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: ? trace_hardirqs_on+0xd/0x10 Jun 20 08:54:42 linux-v3j5 kernel: ? nouveau_drm_open+0x890/0x890 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: local_pci_probe+0xfc/0x1f0 Jun 20 08:54:42 linux-v3j5 kernel: pci_device_probe+0x2e9/0x3a0 Jun 20 08:54:42 linux-v3j5 kernel: ? pci_device_remove+0x280/0x280 Jun 20 08:54:42 linux-v3j5 kernel: ? driver_sysfs_add+0x133/0x310 Jun 20 08:54:42 linux-v3j5 kernel: ? pci_device_remove+0x280/0x280 Jun 20 08:54:42 linux-v3j5 kernel: driver_probe_device+0x72a/0xff0 Jun 20 08:54:42 linux-v3j5 kernel: ? driver_probe_device+0xff0/0xff0 Jun 20 08:54:42 linux-v3j5 kernel: __driver_attach+0x20d/0x290 Jun 20 08:54:42 linux-v3j5 kernel: bus_for_each_dev+0x15a/0x1f0 Jun 20 08:54:42 linux-v3j5 kernel: ? subsys_dev_iter_init+0x110/0x110 Jun 20 08:54:42 linux-v3j5 kernel: driver_attach+0x47/0x70 Jun 20 08:54:42 linux-v3j5 kernel: bus_add_driver+0x45f/0x880 Jun 20 08:54:42 linux-v3j5 kernel: driver_register+0x1d6/0x410 Jun 20 08:54:42 linux-v3j5 kernel: ? __raw_spin_lock_init+0x32/0x120 Jun 20 08:54:42 linux-v3j5 kernel: __pci_register_driver+0x1a6/0x250 Jun 20 08:54:42 linux-v3j5 kernel: ? load_module+0x3268/0x5450 Jun 20 08:54:42 linux-v3j5 kernel: ? pci_pm_runtime_idle+0x1d0/0x1d0 Jun 20 08:54:42 linux-v3j5 kernel: ? 0xffffffffc0578000 Jun 20 08:54:42 linux-v3j5 kernel: drm_pci_init+0x414/0x540 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? drm_get_pci_dev+0x700/0x700 [drm] Jun 20 08:54:42 linux-v3j5 kernel: ? 0xffffffffc0578000 Jun 20 08:54:42 linux-v3j5 kernel: ? 0xffffffffc0578000 Jun 20 08:54:42 linux-v3j5 kernel: ? 0xffffffffc0578000 Jun 20 08:54:42 linux-v3j5 kernel: nouveau_drm_init+0x320/0x1000 [nouveau] Jun 20 08:54:42 linux-v3j5 kernel: do_one_initcall+0x159/0x2e0 Jun 20 08:54:42 linux-v3j5 kernel: ? initcall_blacklisted+0x1d0/0x1d0 Jun 20 08:54:42 linux-v3j5 kernel: ? kasan_kmalloc+0xad/0xe0 Jun 20 08:54:42 linux-v3j5 kernel: ? kasan_unpoison_shadow+0x35/0x50 Jun 20 08:54:42 linux-v3j5 kernel: ? __asan_register_globals+0x7c/0xa0 Jun 20 08:54:42 linux-v3j5 kernel: do_init_module+0x272/0x64d Jun 20 08:54:42 linux-v3j5 kernel: ? kzalloc.constprop.33+0x10/0x10 Jun 20 08:54:42 linux-v3j5 kernel: load_module+0x3268/0x5450 Jun 20 08:54:42 linux-v3j5 kernel: ? layout_and_allocate+0x4710/0x4710 Jun 20 08:54:42 linux-v3j5 kernel: ? read_code+0x50/0x50 Jun 20 08:54:42 linux-v3j5 kernel: ? __fget_light+0xb6/0x260 Jun 20 08:54:42 linux-v3j5 kernel: ? kernel_read_file_from_fd+0x76/0x90 Jun 20 08:54:42 linux-v3j5 kernel: SYSC_finit_module+0x169/0x1a0 Jun 20 08:54:42 linux-v3j5 kernel: ? SYSC_init_module+0x1e0/0x1e0 Jun 20 08:54:42 linux-v3j5 kernel: ? __secure_computing+0xfc/0x460 Jun 20 08:54:42 linux-v3j5 kernel: ? SyS_init_module+0x10/0x10 Jun 20 08:54:42 linux-v3j5 kernel: SyS_finit_module+0xe/0x10 Jun 20 08:54:42 linux-v3j5 kernel: do_syscall_64+0x1ae/0x520 Jun 20 08:54:42 linux-v3j5 kernel: entry_SYSCALL64_slow_path+0x25/0x25 Jun 20 08:54:42 linux-v3j5 kernel: RIP: 0033:0x7f6109561389 Jun 20 08:54:42 linux-v3j5 kernel: RSP: 002b:00007ffe6224f0e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 Jun 20 08:54:42 linux-v3j5 kernel: RAX: ffffffffffffffda RBX: 000055e000ff2200 RCX: 00007f6109561389 Jun 20 08:54:42 linux-v3j5 kernel: RDX: 0000000000000000 RSI: 00007f6109e7bfa5 RDI: 0000000000000011 Jun 20 08:54:42 linux-v3j5 kernel: RBP: 00007f6109e7bfa5 R08: 0000000000000000 R09: 000055e000febd00 Jun 20 08:54:42 linux-v3j5 kernel: R10: 0000000000000011 R11: 0000000000000246 R12: 000055e000feacc0 Jun 20 08:54:42 linux-v3j5 kernel: R13: 0000000000020000 R14: 0000000000000000 R15: 000055e000392602 Jun 20 08:54:42 linux-v3j5 kernel: ================================================================================ Jun 20 08:55:32 linux-v3j5 kernel: ================================================================================ Jun 20 08:55:32 linux-v3j5 kernel: UBSAN: Undefined behaviour in ../drivers/net/wireless/intel/iwlwifi/mvm/utils.c:667:49 Jun 20 08:55:32 linux-v3j5 kernel: shift exponent 255 is too large for 64-bit type 'long unsigned int' Jun 20 08:55:32 linux-v3j5 kernel: CPU: 2 PID: 1590 Comm: wpa_supplicant Not tainted 4.11.2-1-syzkaller #1 Jun 20 08:55:32 linux-v3j5 kernel: Hardware name: Dell Inc. Precision 5510/0N8J4R, BIOS 01.02.00 04/07/2016 Jun 20 08:55:32 linux-v3j5 kernel: Call Trace: Jun 20 08:55:32 linux-v3j5 kernel: dump_stack+0x100/0x180 Jun 20 08:55:32 linux-v3j5 kernel: ? _atomic_dec_and_lock+0x100/0x100 Jun 20 08:55:32 linux-v3j5 kernel: ubsan_epilogue+0x12/0x8f Jun 20 08:55:32 linux-v3j5 kernel: __ubsan_handle_shift_out_of_bounds+0x29c/0x300 Jun 20 08:55:32 linux-v3j5 kernel: ? __ubsan_handle_load_invalid_value+0x1bd/0x1bd Jun 20 08:55:32 linux-v3j5 kernel: ? trace_hardirqs_on+0xd/0x10 Jun 20 08:55:32 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 08:55:32 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_enable_txq+0xc7/0x1080 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: iwl_mvm_enable_txq+0xc6d/0x1080 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_enable_txq+0xc6d/0x1080 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_reconfig_scd+0x360/0x360 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: iwl_mvm_send_add_bcast_sta+0x275/0x850 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_send_add_bcast_sta+0x275/0x850 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_del_aux_sta+0x200/0x200 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_alloc_bcast_sta+0x198/0x330 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: iwl_mvm_add_bcast_sta+0x11b/0x280 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: ? iwl_mvm_alloc_bcast_sta+0x330/0x330 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: iwl_mvm_mac_add_interface+0x51f/0x8b0 [iwlmvm] Jun 20 08:55:32 linux-v3j5 kernel: drv_add_interface+0x1a7/0x8c0 [mac80211] Jun 20 08:55:32 linux-v3j5 kernel: ieee80211_do_open+0xdff/0x2790 [mac80211] Jun 20 08:55:32 linux-v3j5 kernel: ? __mutex_unlock_slowpath+0x88/0x780 Jun 20 08:55:32 linux-v3j5 kernel: ? ieee80211_del_virtual_monitor+0x70/0x70 [mac80211] Jun 20 08:55:32 linux-v3j5 kernel: ieee80211_start_p2p_device+0xac/0xf0 [mac80211] Jun 20 08:55:32 linux-v3j5 kernel: nl80211_start_p2p_device+0x25d/0xab0 [cfg80211] Jun 20 08:55:32 linux-v3j5 kernel: genl_family_rcv_msg+0x835/0xf10 Jun 20 08:55:32 linux-v3j5 kernel: ? genl_bind+0x240/0x240 Jun 20 08:55:32 linux-v3j5 kernel: ? __radix_tree_insert+0x740/0x740 Jun 20 08:55:32 linux-v3j5 kernel: genl_rcv_msg+0xd0/0x1c0 Jun 20 08:55:32 linux-v3j5 kernel: netlink_rcv_skb+0x226/0x310 Jun 20 08:55:32 linux-v3j5 kernel: ? genl_family_rcv_msg+0xf10/0xf10 Jun 20 08:55:32 linux-v3j5 kernel: genl_rcv+0x2d/0x40 Jun 20 08:55:32 linux-v3j5 kernel: netlink_unicast+0x631/0x9d0 Jun 20 08:55:32 linux-v3j5 kernel: ? netlink_attachskb+0x6d0/0x6d0 Jun 20 08:55:32 linux-v3j5 kernel: ? security_netlink_send+0x8b/0xc0 Jun 20 08:55:32 linux-v3j5 kernel: netlink_sendmsg+0xa2e/0xf60 Jun 20 08:55:32 linux-v3j5 kernel: ? netlink_unicast+0x9d0/0x9d0 Jun 20 08:55:32 linux-v3j5 kernel: ? security_socket_sendmsg+0x93/0xd0 Jun 20 08:55:32 linux-v3j5 kernel: ? netlink_unicast+0x9d0/0x9d0 Jun 20 08:55:32 linux-v3j5 kernel: sock_sendmsg+0xf7/0x180 Jun 20 08:55:32 linux-v3j5 kernel: ___sys_sendmsg+0x777/0xa60 Jun 20 08:55:32 linux-v3j5 kernel: ? ___sys_recvmsg+0x3d8/0x610 Jun 20 08:55:32 linux-v3j5 kernel: ? copy_msghdr_from_user+0x520/0x520 Jun 20 08:55:32 linux-v3j5 kernel: ? ___sys_sendmsg+0xa60/0xa60 Jun 20 08:55:32 linux-v3j5 kernel: ? kernfs_iop_getattr+0xb7/0x110 Jun 20 08:55:32 linux-v3j5 kernel: ? filename_lookup+0x29f/0x410 Jun 20 08:55:32 linux-v3j5 kernel: ? debug_lockdep_rcu_enabled+0x7b/0x90 Jun 20 08:55:32 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 08:55:32 linux-v3j5 kernel: ? mntput_no_expire+0x5/0xb40 Jun 20 08:55:32 linux-v3j5 kernel: ? mntput_no_expire+0x15b/0xb40 Jun 20 08:55:32 linux-v3j5 kernel: ? cp_new_stat+0x52a/0x6c0 Jun 20 08:55:32 linux-v3j5 kernel: ? __fget_light+0xb6/0x260 Jun 20 08:55:32 linux-v3j5 kernel: __sys_sendmsg+0xd6/0x170 Jun 20 08:55:32 linux-v3j5 kernel: ? __sys_sendmsg+0xd6/0x170 Jun 20 08:55:32 linux-v3j5 kernel: ? SyS_shutdown+0x1d0/0x1d0 Jun 20 08:55:32 linux-v3j5 kernel: ? SYSC_newlstat+0x99/0xe0 Jun 20 08:55:32 linux-v3j5 kernel: ? SYSC_newstat+0xe0/0xe0 Jun 20 08:55:32 linux-v3j5 kernel: ? trace_hardirqs_on_caller+0x46c/0x6b0 Jun 20 08:55:32 linux-v3j5 kernel: SyS_sendmsg+0x32/0x50 Jun 20 08:55:32 linux-v3j5 kernel: entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 08:55:32 linux-v3j5 kernel: RIP: 0033:0x7f2744eaa067 Jun 20 08:55:32 linux-v3j5 kernel: RSP: 002b:00007ffdce85dda8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e Jun 20 08:55:32 linux-v3j5 kernel: RAX: ffffffffffffffda RBX: 0000000001fae560 RCX: 00007f2744eaa067 Jun 20 08:55:32 linux-v3j5 kernel: RDX: 0000000000000000 RSI: 00007ffdce85dde0 RDI: 0000000000000006 Jun 20 08:55:32 linux-v3j5 kernel: RBP: 0000000000000046 R08: 0000000000000000 R09: 00000000000000f0 Jun 20 08:55:32 linux-v3j5 kernel: R10: 0000000000010980 R11: 0000000000000246 R12: 00007f274515bb38 Jun 20 08:55:32 linux-v3j5 kernel: R13: 0000000000004010 R14: 0000000001fd5560 R15: 00007f274515bae0 Jun 20 08:55:32 linux-v3j5 kernel: ================================================================= =============== Jun 20 08:56:48 linux-v3j5 kernel: ====================================================== Jun 20 08:56:48 linux-v3j5 kernel: [ INFO: possible circular locking dependency detected ] Jun 20 08:56:48 linux-v3j5 kernel: 4.11.2-1-syzkaller #1 Not tainted Jun 20 08:56:48 linux-v3j5 kernel: ------------------------------------------------------- Jun 20 08:56:48 linux-v3j5 kernel: X/9387 is trying to acquire lock: Jun 20 08:56:48 linux-v3j5 kernel: (reservation_ww_class_mutex){+.+.+.}, at: [<ffffffffc0832b2e>] i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: but task is already holding lock: Jun 20 08:56:48 linux-v3j5 kernel: (&dev->struct_mutex){+.+.+.}, at: [<ffffffffc085df66>] i915_mutex_lock_interruptible+0xb6/0x310 [i915] Jun 20 08:56:48 linux-v3j5 kernel: which lock already depends on the new lock. Jun 20 08:56:48 linux-v3j5 kernel: the existing dependency chain (in reverse order) is: Jun 20 08:56:48 linux-v3j5 kernel: -> #1 (&dev->struct_mutex){+.+.+.}: Jun 20 08:56:48 linux-v3j5 kernel: lock_acquire+0x16f/0x400 Jun 20 08:56:48 linux-v3j5 kernel: drm_gem_object_unreference_unlocked+0x70/0x1a0 [drm] Jun 20 08:56:48 linux-v3j5 kernel: validate_fini_no_ticket+0x167/0x620 [nouveau] Jun 20 08:56:48 linux-v3j5 kernel: nouveau_gem_ioctl_pushbuf+0x963/0x44e0 [nouveau] Jun 20 08:56:48 linux-v3j5 kernel: drm_ioctl+0x88e/0xd10 [drm] Jun 20 08:56:48 linux-v3j5 kernel: nouveau_drm_ioctl+0x135/0x290 [nouveau] Jun 20 08:56:48 linux-v3j5 kernel: do_vfs_ioctl+0x1b5/0x1300 Jun 20 08:56:48 linux-v3j5 kernel: SyS_ioctl+0x94/0xc0 Jun 20 08:56:48 linux-v3j5 kernel: entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 08:56:48 linux-v3j5 kernel: -> #0 (reservation_ww_class_mutex){+.+.+.}: Jun 20 08:56:48 linux-v3j5 kernel: __lock_acquire+0x2ee0/0x36d0 Jun 20 08:56:48 linux-v3j5 kernel: lock_acquire+0x16f/0x400 Jun 20 08:56:48 linux-v3j5 kernel: __ww_mutex_lock.constprop.4+0x127/0x3900 Jun 20 08:56:48 linux-v3j5 kernel: ww_mutex_lock+0x34/0x40 Jun 20 08:56:48 linux-v3j5 kernel: i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: i915_gem_execbuffer2+0x156/0x500 [i915] Jun 20 08:56:48 linux-v3j5 kernel: drm_ioctl+0x88e/0xd10 [drm] Jun 20 08:56:48 linux-v3j5 kernel: do_vfs_ioctl+0x1b5/0x1300 Jun 20 08:56:48 linux-v3j5 kernel: SyS_ioctl+0x94/0xc0 Jun 20 08:56:48 linux-v3j5 kernel: entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 08:56:48 linux-v3j5 kernel: other info that might help us debug this: Jun 20 08:56:48 linux-v3j5 kernel: Possible unsafe locking scenario: Jun 20 08:56:48 linux-v3j5 kernel: CPU0 CPU1 Jun 20 08:56:48 linux-v3j5 kernel: ---- ---- Jun 20 08:56:48 linux-v3j5 kernel: lock(&dev->struct_mutex); Jun 20 08:56:48 linux-v3j5 kernel: lock(reservation_ww_class_mutex); Jun 20 08:56:48 linux-v3j5 kernel: lock(&dev->struct_mutex); Jun 20 08:56:48 linux-v3j5 kernel: lock(reservation_ww_class_mutex); Jun 20 08:56:48 linux-v3j5 kernel: *** DEADLOCK *** Jun 20 08:56:48 linux-v3j5 kernel: 1 lock held by X/9387: Jun 20 08:56:48 linux-v3j5 kernel: #0: (&dev->struct_mutex){+.+.+.}, at: [<ffffffffc085df66>] i915_mutex_lock_interruptible+0xb6/0x310 [i915] Jun 20 08:56:48 linux-v3j5 kernel: stack backtrace: Jun 20 08:56:48 linux-v3j5 kernel: CPU: 3 PID: 9387 Comm: X Not tainted 4.11.2-1-syzkaller #1 Jun 20 08:56:48 linux-v3j5 kernel: Hardware name: Dell Inc. Precision 5510/0N8J4R, BIOS 01.02.00 04/07/2016 Jun 20 08:56:48 linux-v3j5 kernel: Call Trace: Jun 20 08:56:48 linux-v3j5 kernel: dump_stack+0x100/0x180 Jun 20 08:56:48 linux-v3j5 kernel: ? _atomic_dec_and_lock+0x100/0x100 Jun 20 08:56:48 linux-v3j5 kernel: print_circular_bug+0x2ab/0x3e0 Jun 20 08:56:48 linux-v3j5 kernel: __lock_acquire+0x2ee0/0x36d0 Jun 20 08:56:48 linux-v3j5 kernel: ? debug_check_no_locks_freed+0x350/0x350 Jun 20 08:56:48 linux-v3j5 kernel: ? __lock_acquire+0x1d57/0x36d0 Jun 20 08:56:48 linux-v3j5 kernel: lock_acquire+0x16f/0x400 Jun 20 08:56:48 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: __ww_mutex_lock.constprop.4+0x127/0x3900 Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? gen8_emit_flush_render+0x522/0xf50 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? mutex_lock_interruptible_nested+0x20/0x20 Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_request_add_to_client+0x1b2/0x3e0 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? i915_vma_move_to_active+0x38b/0x1350 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? gen8_emit_bb_start+0x521/0x1190 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_execbuffer_relocate_vma_slow+0x370/0x370 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ww_mutex_lock+0x34/0x40 Jun 20 08:56:48 linux-v3j5 kernel: ? ww_mutex_lock+0x34/0x40 Jun 20 08:56:48 linux-v3j5 kernel: i915_gem_do_execbuffer.isra.12+0x3d2e/0x4710 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? save_stack_trace+0x1b/0x20 Jun 20 08:56:48 linux-v3j5 kernel: ? save_stack+0x46/0xd0 Jun 20 08:56:48 linux-v3j5 kernel: ? kasan_kmalloc+0xad/0xe0 Jun 20 08:56:48 linux-v3j5 kernel: ? __kmalloc+0x165/0x540 Jun 20 08:56:48 linux-v3j5 kernel: ? drm_malloc_gfp.constprop.13+0x51/0xc0 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_execbuffer2+0xa6/0x500 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? do_vfs_ioctl+0x1b5/0x1300 Jun 20 08:56:48 linux-v3j5 kernel: ? entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 08:56:48 linux-v3j5 kernel: ? i915_vma_move_to_active+0x1350/0x1350 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? alloc_debug_processing+0x16a/0x350 Jun 20 08:56:48 linux-v3j5 kernel: ? rcu_read_lock+0x90/0x90 Jun 20 08:56:48 linux-v3j5 kernel: ? drm_malloc_gfp.constprop.13+0x51/0xc0 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? kasan_unpoison_shadow+0x35/0x50 Jun 20 08:56:48 linux-v3j5 kernel: ? kasan_kmalloc+0xad/0xe0 Jun 20 08:56:48 linux-v3j5 kernel: ? _copy_from_user+0x8c/0xf0 Jun 20 08:56:48 linux-v3j5 kernel: i915_gem_execbuffer2+0x156/0x500 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? _copy_from_user+0x8c/0xf0 Jun 20 08:56:48 linux-v3j5 kernel: drm_ioctl+0x88e/0xd10 [drm] Jun 20 08:56:48 linux-v3j5 kernel: ? i915_gem_execbuffer+0xc80/0xc80 [i915] Jun 20 08:56:48 linux-v3j5 kernel: ? copy_user_overflow+0x40/0x40 [drm] Jun 20 08:56:48 linux-v3j5 kernel: ? trace_hardirqs_on+0xd/0x10 Jun 20 08:56:48 linux-v3j5 kernel: ? __pm_runtime_suspend+0x6e/0xb0 Jun 20 08:56:48 linux-v3j5 kernel: ? copy_user_overflow+0x40/0x40 [drm] Jun 20 08:56:48 linux-v3j5 kernel: do_vfs_ioctl+0x1b5/0x1300 Jun 20 08:56:48 linux-v3j5 kernel: ? ioctl_preallocate+0x270/0x270 Jun 20 08:56:48 linux-v3j5 kernel: ? __fget+0x29f/0x4c0 Jun 20 08:56:48 linux-v3j5 kernel: ? security_file_ioctl+0x93/0xd0 Jun 20 08:56:48 linux-v3j5 kernel: SyS_ioctl+0x94/0xc0 Jun 20 08:56:48 linux-v3j5 kernel: entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 08:56:48 linux-v3j5 kernel: RIP: 0033:0x7f25d597bbd7 Jun 20 08:56:48 linux-v3j5 kernel: RSP: 002b:00007fff5c0a32e8 EFLAGS: 00003246 ORIG_RAX: 0000000000000010 Jun 20 08:56:48 linux-v3j5 kernel: RAX: ffffffffffffffda RBX: 00007f25d7fdd040 RCX: 00007f25d597bbd7 Jun 20 08:56:48 linux-v3j5 kernel: RDX: 00007fff5c0a3340 RSI: 0000000040406469 RDI: 000000000000000e Jun 20 08:56:48 linux-v3j5 kernel: RBP: 0000000000000046 R08: 0000000000000001 R09: 000000000000000e Jun 20 08:56:48 linux-v3j5 kernel: R10: 000000000194e570 R11: 0000000000003246 R12: 00007fff5c0a3458 Jun 20 08:56:48 linux-v3j5 kernel: R13: 00007f25cdc05ba0 R14: 0000000000000000 R15: 00000000019ea8e0 Jun 20 09:03:38 linux-v3j5 kernel: ================================================================================ Jun 20 09:03:38 linux-v3j5 kernel: UBSAN: Undefined behaviour in ../drivers/net/wireless/intel/iwlwifi/mvm/utils.c:748:5 Jun 20 09:03:38 linux-v3j5 kernel: shift exponent 255 is too large for 64-bit type 'long unsigned int' Jun 20 09:03:38 linux-v3j5 kernel: CPU: 2 PID: 1590 Comm: wpa_supplicant Not tainted 4.11.2-1-syzkaller #1 Jun 20 09:03:38 linux-v3j5 kernel: Hardware name: Dell Inc. Precision 5510/0N8J4R, BIOS 01.02.00 04/07/2016 Jun 20 09:03:38 linux-v3j5 kernel: Call Trace: Jun 20 09:03:38 linux-v3j5 kernel: dump_stack+0x100/0x180 Jun 20 09:03:38 linux-v3j5 kernel: ? _atomic_dec_and_lock+0x100/0x100 Jun 20 09:03:38 linux-v3j5 kernel: ubsan_epilogue+0x12/0x8f Jun 20 09:03:38 linux-v3j5 kernel: __ubsan_handle_shift_out_of_bounds+0x29c/0x300 Jun 20 09:03:38 linux-v3j5 kernel: ? __ubsan_handle_load_invalid_value+0x1bd/0x1bd Jun 20 09:03:38 linux-v3j5 kernel: ? __synchronize_srcu+0xf9/0x5c0 Jun 20 09:03:38 linux-v3j5 kernel: ? _find_next_bit+0x100/0x160 Jun 20 09:03:38 linux-v3j5 kernel: ? mntput+0x6b/0xa0 Jun 20 09:03:38 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 09:03:38 linux-v3j5 kernel: ? lock_acquire+0x16f/0x400 Jun 20 09:03:38 linux-v3j5 kernel: ? iwl_mvm_disable_txq+0xf4/0xec0 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: iwl_mvm_disable_txq+0xab7/0xec0 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: ? iwl_mvm_disable_txq+0xab7/0xec0 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: ? iwl_mvm_enable_txq+0x1080/0x1080 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: ? process_srcu+0x330/0x330 Jun 20 09:03:38 linux-v3j5 kernel: ? rcu_panic+0x20/0x20 Jun 20 09:03:38 linux-v3j5 kernel: iwl_mvm_send_rm_bcast_sta+0x2e4/0x530 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: ? iwl_mvm_send_rm_bcast_sta+0x2e4/0x530 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: iwl_mvm_rm_bcast_sta+0xaf/0x250 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: ? iwl_mvm_dealloc_bcast_sta+0x1b0/0x1b0 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: iwl_mvm_mac_remove_interface+0x232/0x3c0 [iwlmvm] Jun 20 09:03:38 linux-v3j5 kernel: drv_remove_interface+0xfd/0x860 [mac80211] Jun 20 09:03:38 linux-v3j5 kernel: ieee80211_do_stop+0xef5/0x2560 [mac80211] Jun 20 09:03:38 linux-v3j5 kernel: ? __mutex_lock+0xeb5/0x15a0 Jun 20 09:03:38 linux-v3j5 kernel: ? debug_check_no_locks_freed+0x350/0x350 Jun 20 09:03:38 linux-v3j5 kernel: ? ieee80211_adjust_monitor_flags+0x390/0x390 [mac80211] Jun 20 09:03:38 linux-v3j5 kernel: ? nla_memcpy+0x76/0xe0 Jun 20 09:03:38 linux-v3j5 kernel: ? __cfg80211_wdev_from_attrs+0x120/0x660 [cfg80211] Jun 20 09:03:38 linux-v3j5 kernel: ieee80211_sdata_stop+0x58/0xe0 [mac80211] Jun 20 09:03:38 linux-v3j5 kernel: ieee80211_stop_p2p_device+0x1b/0x20 [mac80211] Jun 20 09:03:38 linux-v3j5 kernel: cfg80211_stop_p2p_device+0x189/0xb50 [cfg80211] Jun 20 09:03:38 linux-v3j5 kernel: nl80211_stop_p2p_device+0x111/0x1c0 [cfg80211] Jun 20 09:03:38 linux-v3j5 kernel: genl_family_rcv_msg+0x835/0xf10 Jun 20 09:03:38 linux-v3j5 kernel: ? genl_bind+0x240/0x240 Jun 20 09:03:38 linux-v3j5 kernel: ? __radix_tree_insert+0x740/0x740 Jun 20 09:03:38 linux-v3j5 kernel: ? netlink_lookup+0xf8/0x950 Jun 20 09:03:38 linux-v3j5 kernel: genl_rcv_msg+0xd0/0x1c0 Jun 20 09:03:38 linux-v3j5 kernel: netlink_rcv_skb+0x226/0x310 Jun 20 09:03:38 linux-v3j5 kernel: ? genl_family_rcv_msg+0xf10/0xf10 Jun 20 09:03:38 linux-v3j5 kernel: genl_rcv+0x2d/0x40 Jun 20 09:03:38 linux-v3j5 kernel: netlink_unicast+0x631/0x9d0 Jun 20 09:03:38 linux-v3j5 kernel: ? netlink_attachskb+0x6d0/0x6d0 Jun 20 09:03:38 linux-v3j5 kernel: ? security_netlink_send+0x8b/0xc0 Jun 20 09:03:38 linux-v3j5 kernel: netlink_sendmsg+0xa2e/0xf60 Jun 20 09:03:38 linux-v3j5 kernel: ? netlink_unicast+0x9d0/0x9d0 Jun 20 09:03:38 linux-v3j5 kernel: ? security_socket_sendmsg+0x93/0xd0 Jun 20 09:03:38 linux-v3j5 kernel: ? netlink_unicast+0x9d0/0x9d0 Jun 20 09:03:38 linux-v3j5 kernel: sock_sendmsg+0xf7/0x180 Jun 20 09:03:38 linux-v3j5 kernel: ___sys_sendmsg+0x777/0xa60 Jun 20 09:03:38 linux-v3j5 kernel: ? ___sys_recvmsg+0x3d8/0x610 Jun 20 09:03:38 linux-v3j5 kernel: ? copy_msghdr_from_user+0x520/0x520 Jun 20 09:03:38 linux-v3j5 kernel: ? ___sys_sendmsg+0xa60/0xa60 Jun 20 09:03:38 linux-v3j5 kernel: ? lockref_put_or_lock+0x19/0x90 Jun 20 09:03:38 linux-v3j5 kernel: ? dput+0x48/0x960 Jun 20 09:03:38 linux-v3j5 kernel: ? note_gp_changes+0x340/0x340 Jun 20 09:03:38 linux-v3j5 kernel: ? __delete_object+0x8f/0x150 Jun 20 09:03:38 linux-v3j5 kernel: ? mntput_no_expire+0x5/0xb40 Jun 20 09:03:38 linux-v3j5 kernel: ? mntput_no_expire+0x15b/0xb40 Jun 20 09:03:38 linux-v3j5 kernel: ? __fget_light+0xb6/0x260 Jun 20 09:03:38 linux-v3j5 kernel: __sys_sendmsg+0xd6/0x170 Jun 20 09:03:38 linux-v3j5 kernel: ? __sys_sendmsg+0xd6/0x170 Jun 20 09:03:38 linux-v3j5 kernel: ? SyS_shutdown+0x1d0/0x1d0 Jun 20 09:03:38 linux-v3j5 kernel: ? mntput+0x70/0xa0 Jun 20 09:03:38 linux-v3j5 kernel: ? __fput+0x47c/0x790 Jun 20 09:03:38 linux-v3j5 kernel: SyS_sendmsg+0x32/0x50 Jun 20 09:03:38 linux-v3j5 kernel: entry_SYSCALL_64_fastpath+0x23/0xc6 Jun 20 09:03:38 linux-v3j5 kernel: RIP: 0033:0x7f2744eaa067 Jun 20 09:03:38 linux-v3j5 kernel: RSP: 002b:00007ffdce85e768 EFLAGS: 00000246 ORIG_RAX: 000000000000002e Jun 20 09:03:38 linux-v3j5 kernel: RAX: ffffffffffffffda RBX: 0000000001fae560 RCX: 00007f2744eaa067 Jun 20 09:03:38 linux-v3j5 kernel: RDX: 0000000000000000 RSI: 00007ffdce85e7a0 RDI: 0000000000000006 Jun 20 09:03:38 linux-v3j5 kernel: RBP: 0000000001fd0760 R08: 0000000000000000 R09: 00000000000000f0 Jun 20 09:03:38 linux-v3j5 kernel: R10: 0000000000000050 R11: 0000000000000246 R12: 0000000001fd0780 Jun 20 09:03:38 linux-v3j5 kernel: R13: 0000000000000001 R14: 0000000001fd3b78 R15: 0000000001fd30f4 Jun 20 09:03:38 linux-v3j5 kernel: ================================================================================ -- You are receiving this mail because: You are on the CC list for the bug.