===================================================== WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected syzkaller #0 Not tainted ----------------------------------------------------- syz.0.0/5322 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire: ffffffff9a041b30 (&p->sequence){+.-.}-{0:0}, at: __fprop_add_percpu_max+0x10d/0x210 lib/flex_proportions.c:186 and this task is already holding: ffff888055c64240 (&xa->xa_lock#12){-.-.}-{3:3}, at: __folio_end_writeback+0x157/0x770 mm/page-writeback.c:2990 which would create a new lock dependency: (&xa->xa_lock#12){-.-.}-{3:3} -> (&p->sequence){+.-.}-{0:0} but this new dependency connects a HARDIRQ-irq-safe lock: (&xa->xa_lock#12){-.-.}-{3:3} ... which became HARDIRQ-irq-safe at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x40/0x60 kernel/locking/spinlock.c:162 __folio_end_writeback+0x157/0x770 mm/page-writeback.c:2990 folio_end_writeback_no_dropbehind+0x151/0x290 mm/filemap.c:1661 folio_end_writeback+0xea/0x220 mm/filemap.c:1687 end_bio_bh_io_sync+0xbd/0x120 fs/buffer.c:2776 blk_update_request+0x57e/0xe60 block/blk-mq.c:1007 scsi_end_request+0x7c/0x820 drivers/scsi/scsi_lib.c:646 scsi_io_completion+0x131/0x360 drivers/scsi/scsi_lib.c:1087 ata_qc_complete_multiple+0x1ae/0x280 drivers/ata/libata-sata.c:789 ahci_qc_complete drivers/ata/libahci.c:1887 [inline] ahci_handle_port_interrupt+0x3d5/0x610 drivers/ata/libahci.c:1954 ahci_port_intr drivers/ata/libahci.c:1965 [inline] ahci_handle_port_intr+0x19f/0x2e0 drivers/ata/libahci.c:1996 ahci_single_level_irq_intr+0x9b/0xe0 drivers/ata/libahci.c:2030 __handle_irq_event_percpu+0x216/0x960 kernel/irq/handle.c:211 handle_irq_event_percpu kernel/irq/handle.c:248 [inline] handle_irq_event+0x8b/0x1e0 kernel/irq/handle.c:265 handle_edge_irq+0x23b/0xa10 kernel/irq/chip.c:855 generic_handle_irq_desc include/linux/irqdesc.h:172 [inline] handle_irq arch/x86/kernel/irq.c:255 [inline] call_irq_handler arch/x86/kernel/irq.c:-1 [inline] __common_interrupt+0x141/0x1f0 arch/x86/kernel/irq.c:326 common_interrupt+0xb6/0xe0 arch/x86/kernel/irq.c:319 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:688 lock_release+0x2d7/0x3a0 kernel/locking/lockdep.c:5893 rcu_lock_release include/linux/rcupdate.h:341 [inline] rcu_read_unlock_sched include/linux/rcupdate.h:979 [inline] pfn_valid include/linux/mmzone.h:2194 [inline] bvec_phys+0x48c/0x560 include/linux/bvec.h:295 blk_map_iter_next+0x18f/0xc80 block/blk-mq-dma.c:42 __blk_rq_map_sg+0x3c3/0x5b0 block/blk-mq-dma.c:298 scsi_alloc_sgtables+0x2f7/0xc50 drivers/scsi/scsi_lib.c:1160 sd_setup_read_write_cmnd drivers/scsi/sd.c:1366 [inline] sd_init_command+0x558/0x2000 drivers/scsi/sd.c:1488 scsi_prepare_cmd drivers/scsi/scsi_lib.c:1728 [inline] scsi_queue_rq+0x121d/0x32a0 drivers/scsi/scsi_lib.c:1876 blk_mq_dispatch_rq_list+0xa70/0x1910 block/blk-mq.c:2138 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:168 [inline] blk_mq_do_dispatch_sched block/blk-mq-sched.c:182 [inline] __blk_mq_sched_dispatch_requests+0xdce/0x15d0 block/blk-mq-sched.c:307 blk_mq_sched_dispatch_requests+0xd7/0x190 block/blk-mq-sched.c:329 blk_mq_run_work_fn+0x22e/0x300 block/blk-mq.c:2552 process_one_work kernel/workqueue.c:3257 [inline] process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3340 worker_thread+0xda6/0x1360 kernel/workqueue.c:3421 kthread+0x726/0x8b0 kernel/kthread.c:463 ret_from_fork+0x51b/0xa40 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246 to a HARDIRQ-irq-unsafe lock: (&p->sequence){+.-.}-{0:0} ... which became HARDIRQ-irq-unsafe at: ... lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 do_write_seqcount_begin_nested include/linux/seqlock.h:477 [inline] do_write_seqcount_begin include/linux/seqlock.h:503 [inline] fprop_new_period+0x1a3/0x3a0 lib/flex_proportions.c:74 writeout_period+0x8b/0x130 mm/page-writeback.c:615 call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0x103/0x170 kernel/time/timer.c:2405 handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:81 arch_safe_halt arch/x86/kernel/process.c:766 [inline] default_idle+0x9/0x20 arch/x86/kernel/process.c:767 default_idle_call+0x72/0xb0 kernel/sched/idle.c:122 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x1bd/0x500 kernel/sched/idle.c:332 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:430 rest_init+0x2de/0x300 init/main.c:757 start_kernel+0x380/0x3d0 init/main.c:1206 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x147 other info that might help us debug this: Possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&p->sequence); local_irq_disable(); lock(&xa->xa_lock#12); lock(&p->sequence); lock(&xa->xa_lock#12); *** DEADLOCK *** 2 locks held by syz.0.0/5322: #0: ffff888055c64638 (&fi->lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock.h:351 [inline] #0: ffff888055c64638 (&fi->lock){+.+.}-{3:3}, at: fuse_writepage_end+0x17e/0x4d0 fs/fuse/file.c:2001 #1: ffff888055c64240 (&xa->xa_lock#12){-.-.}-{3:3}, at: __folio_end_writeback+0x157/0x770 mm/page-writeback.c:2990 the dependencies between HARDIRQ-irq-safe lock and the holding lock: -> (&xa->xa_lock#12){-.-.}-{3:3} { IN-HARDIRQ-W at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x40/0x60 kernel/locking/spinlock.c:162 __folio_end_writeback+0x157/0x770 mm/page-writeback.c:2990 folio_end_writeback_no_dropbehind+0x151/0x290 mm/filemap.c:1661 folio_end_writeback+0xea/0x220 mm/filemap.c:1687 end_bio_bh_io_sync+0xbd/0x120 fs/buffer.c:2776 blk_update_request+0x57e/0xe60 block/blk-mq.c:1007 scsi_end_request+0x7c/0x820 drivers/scsi/scsi_lib.c:646 scsi_io_completion+0x131/0x360 drivers/scsi/scsi_lib.c:1087 ata_qc_complete_multiple+0x1ae/0x280 drivers/ata/libata-sata.c:789 ahci_qc_complete drivers/ata/libahci.c:1887 [inline] ahci_handle_port_interrupt+0x3d5/0x610 drivers/ata/libahci.c:1954 ahci_port_intr drivers/ata/libahci.c:1965 [inline] ahci_handle_port_intr+0x19f/0x2e0 drivers/ata/libahci.c:1996 ahci_single_level_irq_intr+0x9b/0xe0 drivers/ata/libahci.c:2030 __handle_irq_event_percpu+0x216/0x960 kernel/irq/handle.c:211 handle_irq_event_percpu kernel/irq/handle.c:248 [inline] handle_irq_event+0x8b/0x1e0 kernel/irq/handle.c:265 handle_edge_irq+0x23b/0xa10 kernel/irq/chip.c:855 generic_handle_irq_desc include/linux/irqdesc.h:172 [inline] handle_irq arch/x86/kernel/irq.c:255 [inline] call_irq_handler arch/x86/kernel/irq.c:-1 [inline] __common_interrupt+0x141/0x1f0 arch/x86/kernel/irq.c:326 common_interrupt+0xb6/0xe0 arch/x86/kernel/irq.c:319 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:688 lock_release+0x2d7/0x3a0 kernel/locking/lockdep.c:5893 rcu_lock_release include/linux/rcupdate.h:341 [inline] rcu_read_unlock_sched include/linux/rcupdate.h:979 [inline] pfn_valid include/linux/mmzone.h:2194 [inline] bvec_phys+0x48c/0x560 include/linux/bvec.h:295 blk_map_iter_next+0x18f/0xc80 block/blk-mq-dma.c:42 __blk_rq_map_sg+0x3c3/0x5b0 block/blk-mq-dma.c:298 scsi_alloc_sgtables+0x2f7/0xc50 drivers/scsi/scsi_lib.c:1160 sd_setup_read_write_cmnd drivers/scsi/sd.c:1366 [inline] sd_init_command+0x558/0x2000 drivers/scsi/sd.c:1488 scsi_prepare_cmd drivers/scsi/scsi_lib.c:1728 [inline] scsi_queue_rq+0x121d/0x32a0 drivers/scsi/scsi_lib.c:1876 blk_mq_dispatch_rq_list+0xa70/0x1910 block/blk-mq.c:2138 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:168 [inline] blk_mq_do_dispatch_sched block/blk-mq-sched.c:182 [inline] __blk_mq_sched_dispatch_requests+0xdce/0x15d0 block/blk-mq-sched.c:307 blk_mq_sched_dispatch_requests+0xd7/0x190 block/blk-mq-sched.c:329 blk_mq_run_work_fn+0x22e/0x300 block/blk-mq.c:2552 process_one_work kernel/workqueue.c:3257 [inline] process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3340 worker_thread+0xda6/0x1360 kernel/workqueue.c:3421 kthread+0x726/0x8b0 kernel/kthread.c:463 ret_from_fork+0x51b/0xa40 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246 IN-SOFTIRQ-W at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x40/0x60 kernel/locking/spinlock.c:162 __folio_end_writeback+0x157/0x770 mm/page-writeback.c:2990 folio_end_writeback_no_dropbehind+0x151/0x290 mm/filemap.c:1661 folio_end_writeback+0xea/0x220 mm/filemap.c:1687 end_bio_bh_io_sync+0xbd/0x120 fs/buffer.c:2776 blk_update_request+0x57e/0xe60 block/blk-mq.c:1007 scsi_end_request+0x7c/0x820 drivers/scsi/scsi_lib.c:646 scsi_io_completion+0x131/0x360 drivers/scsi/scsi_lib.c:1087 ata_qc_complete_multiple+0x1ae/0x280 drivers/ata/libata-sata.c:789 ahci_qc_complete drivers/ata/libahci.c:1887 [inline] ahci_handle_port_interrupt+0x3d5/0x610 drivers/ata/libahci.c:1954 ahci_port_intr drivers/ata/libahci.c:1965 [inline] ahci_handle_port_intr+0x19f/0x2e0 drivers/ata/libahci.c:1996 ahci_single_level_irq_intr+0x9b/0xe0 drivers/ata/libahci.c:2030 __handle_irq_event_percpu+0x216/0x960 kernel/irq/handle.c:211 handle_irq_event_percpu kernel/irq/handle.c:248 [inline] handle_irq_event+0x8b/0x1e0 kernel/irq/handle.c:265 handle_edge_irq+0x23b/0xa10 kernel/irq/chip.c:855 generic_handle_irq_desc include/linux/irqdesc.h:172 [inline] handle_irq arch/x86/kernel/irq.c:255 [inline] call_irq_handler arch/x86/kernel/irq.c:-1 [inline] __common_interrupt+0x141/0x1f0 arch/x86/kernel/irq.c:326 common_interrupt+0x5e/0xe0 arch/x86/kernel/irq.c:319 asm_common_interrupt+0x26/0x40 arch/x86/include/asm/idtentry.h:688 native_irq_enable arch/x86/include/asm/irqflags.h:-1 [inline] arch_local_irq_enable arch/x86/include/asm/irqflags.h:119 [inline] handle_softirqs+0x160/0x7c0 kernel/softirq.c:606 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:152 [inline] _raw_spin_unlock_irqrestore+0x47/0x80 kernel/locking/spinlock.c:194 spin_unlock_irqrestore include/linux/spinlock.h:406 [inline] ata_scsi_queuecmd+0x3f9/0x5b0 drivers/ata/libata-scsi.c:4406 scsi_dispatch_cmd drivers/scsi/scsi_lib.c:1646 [inline] scsi_queue_rq+0x1835/0x32a0 drivers/scsi/scsi_lib.c:1903 blk_mq_dispatch_rq_list+0xa70/0x1910 block/blk-mq.c:2138 __blk_mq_do_dispatch_sched block/blk-mq-sched.c:168 [inline] blk_mq_do_dispatch_sched block/blk-mq-sched.c:182 [inline] __blk_mq_sched_dispatch_requests+0xdce/0x15d0 block/blk-mq-sched.c:307 blk_mq_sched_dispatch_requests+0xd7/0x190 block/blk-mq-sched.c:329 blk_mq_run_work_fn+0x22e/0x300 block/blk-mq.c:2552 process_one_work kernel/workqueue.c:3257 [inline] process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3340 worker_thread+0xda6/0x1360 kernel/workqueue.c:3421 kthread+0x726/0x8b0 kernel/kthread.c:463 ret_from_fork+0x51b/0xa40 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246 INITIAL USE at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline] _raw_spin_lock_irq+0x3d/0x50 kernel/locking/spinlock.c:170 spin_lock_irq include/linux/spinlock.h:376 [inline] shmem_add_to_page_cache+0x7b2/0xd40 mm/shmem.c:904 shmem_alloc_and_add_folio+0x869/0xf80 mm/shmem.c:1958 shmem_get_folio_gfp+0x5a9/0x1670 mm/shmem.c:2556 shmem_read_folio_gfp+0x8a/0xe0 mm/shmem.c:5970 drm_gem_get_pages+0x26c/0xab0 drivers/gpu/drm/drm_gem.c:654 drm_gem_shmem_get_pages_locked+0x22b/0x480 drivers/gpu/drm/drm_gem_shmem_helper.c:240 drm_gem_shmem_pin_locked+0x251/0x4d0 drivers/gpu/drm/drm_gem_shmem_helper.c:301 drm_gem_shmem_vmap_locked+0x499/0x7d0 drivers/gpu/drm/drm_gem_shmem_helper.c:405 drm_gem_vmap_locked drivers/gpu/drm/drm_gem.c:1273 [inline] drm_gem_vmap+0x10a/0x1d0 drivers/gpu/drm/drm_gem.c:1315 drm_client_buffer_vmap+0x6c/0xb0 drivers/gpu/drm/drm_client.c:355 drm_fbdev_shmem_driver_fbdev_probe+0x273/0x8a0 drivers/gpu/drm/drm_fbdev_shmem.c:159 drm_fb_helper_single_fb_probe drivers/gpu/drm/drm_fb_helper.c:1572 [inline] __drm_fb_helper_initial_config_and_unlock+0x1421/0x1c60 drivers/gpu/drm/drm_fb_helper.c:1751 drm_fbdev_client_hotplug+0x16c/0x230 drivers/gpu/drm/clients/drm_fbdev_client.c:66 drm_client_register+0x172/0x210 drivers/gpu/drm/drm_client.c:143 drm_fbdev_client_setup+0x1a0/0x3f0 drivers/gpu/drm/clients/drm_fbdev_client.c:168 drm_client_setup+0x107/0x220 drivers/gpu/drm/clients/drm_client_setup.c:46 vkms_create+0x413/0x4d0 drivers/gpu/drm/vkms/vkms_drv.c:211 vkms_init+0x57/0x80 drivers/gpu/drm/vkms/vkms_drv.c:239 do_one_initcall+0x250/0x840 init/main.c:1378 do_initcall_level+0x104/0x190 init/main.c:1440 do_initcalls+0x59/0xa0 init/main.c:1456 kernel_init_freeable+0x2a6/0x3d0 init/main.c:1688 kernel_init+0x1d/0x1d0 init/main.c:1578 ret_from_fork+0x51b/0xa40 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246 } ... key at: [] xa_init_flags.__key+0x0/0x20 the dependencies between the lock to be acquired and HARDIRQ-irq-unsafe lock: -> (&p->sequence){+.-.}-{0:0} { HARDIRQ-ON-W at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 do_write_seqcount_begin_nested include/linux/seqlock.h:477 [inline] do_write_seqcount_begin include/linux/seqlock.h:503 [inline] fprop_new_period+0x1a3/0x3a0 lib/flex_proportions.c:74 writeout_period+0x8b/0x130 mm/page-writeback.c:615 call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0x103/0x170 kernel/time/timer.c:2405 handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:81 arch_safe_halt arch/x86/kernel/process.c:766 [inline] default_idle+0x9/0x20 arch/x86/kernel/process.c:767 default_idle_call+0x72/0xb0 kernel/sched/idle.c:122 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x1bd/0x500 kernel/sched/idle.c:332 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:430 rest_init+0x2de/0x300 init/main.c:757 start_kernel+0x380/0x3d0 init/main.c:1206 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x147 IN-SOFTIRQ-W at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 do_write_seqcount_begin_nested include/linux/seqlock.h:477 [inline] do_write_seqcount_begin include/linux/seqlock.h:503 [inline] fprop_new_period+0x1a3/0x3a0 lib/flex_proportions.c:74 writeout_period+0x8b/0x130 mm/page-writeback.c:615 call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0x103/0x170 kernel/time/timer.c:2405 handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:81 arch_safe_halt arch/x86/kernel/process.c:766 [inline] default_idle+0x9/0x20 arch/x86/kernel/process.c:767 default_idle_call+0x72/0xb0 kernel/sched/idle.c:122 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x1bd/0x500 kernel/sched/idle.c:332 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:430 rest_init+0x2de/0x300 init/main.c:757 start_kernel+0x380/0x3d0 init/main.c:1206 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x147 INITIAL USE at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 do_write_seqcount_begin_nested include/linux/seqlock.h:477 [inline] do_write_seqcount_begin include/linux/seqlock.h:503 [inline] fprop_new_period+0x1a3/0x3a0 lib/flex_proportions.c:74 writeout_period+0x8b/0x130 mm/page-writeback.c:615 call_timer_fn+0x192/0x5a0 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1799 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x652/0x8b0 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0x103/0x170 kernel/time/timer.c:2405 handle_softirqs+0x22a/0x7c0 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x5f/0x150 kernel/softirq.c:723 irq_exit_rcu+0x9/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697 native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline] pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:81 arch_safe_halt arch/x86/kernel/process.c:766 [inline] default_idle+0x9/0x20 arch/x86/kernel/process.c:767 default_idle_call+0x72/0xb0 kernel/sched/idle.c:122 cpuidle_idle_call kernel/sched/idle.c:191 [inline] do_idle+0x1bd/0x500 kernel/sched/idle.c:332 cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:430 rest_init+0x2de/0x300 init/main.c:757 start_kernel+0x380/0x3d0 init/main.c:1206 x86_64_start_reservations+0x24/0x30 arch/x86/kernel/head64.c:310 x86_64_start_kernel+0x143/0x1c0 arch/x86/kernel/head64.c:291 common_startup_64+0x13e/0x147 INITIAL READ USE at: lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 seqcount_lockdep_reader_access include/linux/seqlock.h:72 [inline] fprop_fraction_percpu+0xe3/0x300 lib/flex_proportions.c:155 __wb_calc_thresh+0x120/0x4b0 mm/page-writeback.c:913 wb_bg_dirty_limits mm/page-writeback.c:2130 [inline] domain_over_bg_thresh mm/page-writeback.c:2144 [inline] wb_over_bg_thresh+0x1ab/0x470 mm/page-writeback.c:2165 wb_check_background_flush fs/fs-writeback.c:2278 [inline] wb_do_writeback fs/fs-writeback.c:2376 [inline] wb_workfn+0xb38/0xef0 fs/fs-writeback.c:2403 process_one_work kernel/workqueue.c:3257 [inline] process_scheduled_works+0xaec/0x17a0 kernel/workqueue.c:3340 worker_thread+0xda6/0x1360 kernel/workqueue.c:3421 kthread+0x726/0x8b0 kernel/kthread.c:463 ret_from_fork+0x51b/0xa40 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246 } ... key at: [] fprop_global_init.__key.1+0x0/0x20 ... acquired at: seqcount_lockdep_reader_access include/linux/seqlock.h:72 [inline] fprop_fraction_percpu+0xa7/0x300 lib/flex_proportions.c:155 __fprop_add_percpu_max+0x10d/0x210 lib/flex_proportions.c:186 wb_domain_writeout_add mm/page-writeback.c:562 [inline] __wb_writeout_add+0xa5/0x290 mm/page-writeback.c:586 __folio_end_writeback+0x40d/0x770 mm/page-writeback.c:2997 folio_end_writeback_no_dropbehind+0x151/0x290 mm/filemap.c:1661 folio_end_writeback+0xea/0x220 mm/filemap.c:1687 fuse_writepage_finish fs/fuse/file.c:1903 [inline] fuse_writepage_end+0x2da/0x4d0 fs/fuse/file.c:2003 fuse_request_end+0xbe2/0xed0 fs/fuse/dev.c:507 fuse_dev_end_requests fs/fuse/dev.c:2415 [inline] fuse_abort_conn+0x11ac/0x1340 fs/fuse/dev.c:2513 fuse_dev_release+0x4b3/0x530 fs/fuse/dev.c:2556 __fput+0x44f/0xa70 fs/file_table.c:468 fput_close_sync+0x11f/0x240 fs/file_table.c:573 __do_sys_close fs/open.c:1573 [inline] __se_sys_close fs/open.c:1558 [inline] __x64_sys_close+0x7e/0x110 fs/open.c:1558 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f stack backtrace: CPU: 0 UID: 0 PID: 5322 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120 print_bad_irq_dependency kernel/locking/lockdep.c:2616 [inline] check_irq_usage kernel/locking/lockdep.c:2857 [inline] check_prev_add kernel/locking/lockdep.c:3169 [inline] check_prevs_add kernel/locking/lockdep.c:3284 [inline] validate_chain kernel/locking/lockdep.c:3908 [inline] __lock_acquire+0x2a94/0x2cf0 kernel/locking/lockdep.c:5237 lock_acquire+0x106/0x330 kernel/locking/lockdep.c:5868 seqcount_lockdep_reader_access include/linux/seqlock.h:72 [inline] fprop_fraction_percpu+0xa7/0x300 lib/flex_proportions.c:155 __fprop_add_percpu_max+0x10d/0x210 lib/flex_proportions.c:186 wb_domain_writeout_add mm/page-writeback.c:562 [inline] __wb_writeout_add+0xa5/0x290 mm/page-writeback.c:586 __folio_end_writeback+0x40d/0x770 mm/page-writeback.c:2997 folio_end_writeback_no_dropbehind+0x151/0x290 mm/filemap.c:1661 folio_end_writeback+0xea/0x220 mm/filemap.c:1687 fuse_writepage_finish fs/fuse/file.c:1903 [inline] fuse_writepage_end+0x2da/0x4d0 fs/fuse/file.c:2003 fuse_request_end+0xbe2/0xed0 fs/fuse/dev.c:507 fuse_dev_end_requests fs/fuse/dev.c:2415 [inline] fuse_abort_conn+0x11ac/0x1340 fs/fuse/dev.c:2513 fuse_dev_release+0x4b3/0x530 fs/fuse/dev.c:2556 __fput+0x44f/0xa70 fs/file_table.c:468 fput_close_sync+0x11f/0x240 fs/file_table.c:573 __do_sys_close fs/open.c:1573 [inline] __se_sys_close fs/open.c:1558 [inline] __x64_sys_close+0x7e/0x110 fs/open.c:1558 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xe2/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f318539aeb9 Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f31862c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000003 RAX: ffffffffffffffda RBX: 00007f3185616270 RCX: 00007f318539aeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 RBP: 00007f3185408c1f R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007f3185616308 R14: 00007f3185616270 R15: 00007fff970015f8