INFO: task hung in shmem_add_seals
4 views
Skip to first unread message
syzbot
Apr 13, 2019, 8:02:25 PM4/13/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: fab7352c Merge upstream-f2fs-stable-linux-4.14.y into andr..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=11a6147b400000
kernel config: https://syzkaller.appspot.com/x/.config?x=9ed317eef2eaa25
dashboard link: https://syzkaller.appspot.com/bug?extid=d633442b91da6a6621cf
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d63344...@syzkaller.appspotmail.com
[ 1635] 0 1635 17601 8195 24 3 0
1000 syz-executor1
[ 1639] 0 1639 17601 8196 23 3 0
1000 syz-executor3
[ 1641] 0 1641 17700 8209 31 3 0
0 syz-executor5
[ 1658] 0 1658 17601 8199 24 3 0
1000 syz-executor2
INFO: task syz-executor1:6512 blocked for more than 140 seconds.
Not tainted 4.14.92+ #5
[ 1663] 0 1663 17601 8199 24 3 0
1000 syz-executor2
[ 1670] 0 1670 17601 8199 24 3 0
1000 syz-executor2
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1676] 0 1676 17601 8196 23 3 0
1000 syz-executor0
[ 1678] 0 1678 17601 8203 25 3 0
0 syz-executor5
syz-executor1 D
[ 1682] 0 1682 17601 8195 24 3 0
1000 syz-executor1
29744 6512 30199 0x10000000
Call Trace:
[ 1684] 0 1684 17601 8195 24 3 0
1000 syz-executor4
[ 1686] 0 1686 17601 8199 24 3 0
1000 syz-executor2
[ 1689] 0 1689 17601 8196 23 3 0
1000 syz-executor3
[ 1698] 0 1698 17601 8199 24 3 0
1000 syz-executor2
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 1704] 0 1704 17667 8207 31 3 0
0 syz-executor5
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 1716] 0 1716 17601 8199 24 3 0
1000 syz-executor2
[ 1719] 0 1719 17601 8197 25 3 0
1000 syz-executor4
[ 1729] 0 1729 17601 8196 23 3 0
1000 syz-executor3
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 1730] 0 1730 17601 8197 24 3 0
1000 syz-executor0
[ 1733] 0 1733 17601 8203 25 3 0
0 syz-executor5
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 1735] 0 1735 17601 8199 24 3 0
1000 syz-executor2
[ 1748] 0 1748 17667 8207 25 3 0
0 syz-executor5
[ 1751] 0 1751 17601 8199 24 3 0
1000 syz-executor2
[ 1755] 0 1755 17601 8195 24 3 0
1000 syz-executor1
[ 1771] 0 1771 17601 8196 23 3 0
1000 syz-executor3
[ 1778] 0 1778 17601 8197 24 3 0
1000 syz-executor0
[ 1784] 0 1784 17601 8199 24 3 0
1000 syz-executor2
[ 1788] 0 1788 17601 8203 25 3 0
0 syz-executor5
[ 1797] 0 1797 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 1800] 0 1800 17601 8197 25 3 0
1000 syz-executor4
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 1815] 0 1815 17601 8199 24 3 0
1000 syz-executor2
[ 1819] 0 1819 17601 8197 24 3 0
1000 syz-executor0
[ 1821] 0 1821 17667 8207 31 3 0
0 syz-executor5
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 1829] 0 1829 17601 8196 23 3 0
1000 syz-executor3
[ 1830] 0 1830 17601 8195 24 3 0
1000 syz-executor1
[ 1841] 0 1841 17601 8197 25 3 0
1000 syz-executor4
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 1848] 0 1848 17601 8199 24 3 0
1000 syz-executor2
[ 1854] 0 1854 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor5:6490 blocked for more than 140 seconds.
Not tainted 4.14.92+ #5
[ 1862] 0 1862 17601 8203 25 3 0
0 syz-executor5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1874] 0 1874 17601 8196 23 3 0
1000 syz-executor3
[ 1875] 0 1875 17601 8195 24 3 0
1000 syz-executor1
[ 1885] 0 1885 17601 8197 24 3 0
1000 syz-executor0
[ 1895] 0 1895 17601 8196 23 3 0
1000 syz-executor3
syz-executor5 D27040 6490 1851 0x10000000
[ 1897] 0 1897 17601 8195 24 3 0
1000 syz-executor1
[ 1901] 0 1901 17700 8209 26 3 0
0 syz-executor5
Call Trace:
[ 1905] 0 1905 17601 8199 24 3 0
1000 syz-executor2
[ 1911] 0 1911 17601 8197 25 3 0
1000 syz-executor4
[ 1920] 0 1920 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 1934] 0 1934 17601 8196 23 3 0
1000 syz-executor3
__rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:269 [inline]
rwsem_down_read_failed+0x21f/0x3c0 kernel/locking/rwsem-xadd.c:286
[ 1937] 0 1937 17601 8195 24 3 0
1000 syz-executor1
[ 1941] 0 1941 17601 8202 25 3 0
0 syz-executor5
call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
[ 1953] 0 1953 17601 8199 24 3 0
1000 syz-executor2
__down_read arch/x86/include/asm/rwsem.h:66 [inline]
down_read+0x45/0xa0 kernel/locking/rwsem.c:26
[ 1958] 0 1958 17667 8206 31 3 0
0 syz-executor5
[ 1963] 0 1963 17601 8197 25 3 0
1000 syz-executor4
[ 1965] 0 1965 17601 8197 24 3 0
1000 syz-executor0
__do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361
[ 1975] 0 1975 17601 8203 25 3 0
0 syz-executor5
[ 1987] 0 1987 17601 8197 25 3 0
1000 syz-executor1
[ 2000] 0 2000 17601 8199 24 3 0
1000 syz-executor2
[ 2004] 0 2004 17667 8207 31 3 0
0 syz-executor5
[ 2009] 0 2009 17601 8197 25 3 0
1000 syz-executor4
[ 2012] 0 2012 17601 8197 24 3 0
1000 syz-executor0
[ 2022] 0 2022 17601 8203 25 3 0
0 syz-executor5
page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1104
RIP: 31957700:0x73bfac
[ 2023] 0 2023 17601 8196 23 3 0
1000 syz-executor3
RSP: 31957700:000000000000000f EFLAGS: 7ffe1eb54360
INFO: task syz-executor3:6505 blocked for more than 140 seconds.
[ 2026] 0 2026 17601 8197 25 3 0
1000 syz-executor1
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor3 D30192 6505 30196 0x10000000
[ 2037] 0 2037 17667 8207 31 3 0
0 syz-executor5
Call Trace:
[ 2042] 0 2042 17601 8197 24 3 0
1000 syz-executor0
[ 2054] 0 2054 17601 8196 23 3 0
1000 syz-executor3
[ 2056] 0 2056 17601 8197 25 3 0
1000 syz-executor1
[ 2058] 0 2058 17601 8197 25 3 0
1000 syz-executor4
[ 2064] 0 2064 17601 8203 25 3 0
0 syz-executor5
[ 2081] 0 2081 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2087] 0 2087 17601 8195 24 3 0
1000 syz-executor1
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2089] 0 2089 17601 8199 24 3 0
1000 syz-executor2
[ 2090] 0 2090 17700 8209 31 3 0
0 syz-executor5
[ 2094] 0 2094 17601 8196 23 3 0
1000 syz-executor3
[ 2103] 0 2103 17601 8203 25 3 0
0 syz-executor5
[ 2109] 0 2109 17601 8197 24 3 0
1000 syz-executor0
[ 2118] 0 2118 17700 8209 31 3 0
0 syz-executor5
[ 2122] 0 2122 17601 8197 25 3 0
1000 syz-executor1
[ 2130] 0 2130 17601 8197 24 3 0
1000 syz-executor0
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2140] 0 2140 17601 8199 24 3 0
1000 syz-executor2
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2143] 0 2143 17601 8196 23 3 0
1000 syz-executor3
[ 2144] 0 2144 17601 8203 25 3 0
0 syz-executor5
[ 2146] 0 2146 17601 8197 25 3 0
1000 syz-executor4
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2165] 0 2165 17700 8209 31 3 0
0 syz-executor5
[ 2169] 0 2169 17601 8195 24 3 0
1000 syz-executor1
[ 2172] 0 2172 17601 8197 24 3 0
1000 syz-executor0
[ 2174] 0 2174 17601 8201 24 3 0
0 syz-executor5
[ 2177] 0 2177 17601 8196 23 3 0
1000 syz-executor3
[ 2187] 0 2187 17601 8197 24 3 0
1000 syz-executor0
[ 2199] 0 2199 17601 8197 25 3 0
1000 syz-executor4
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2203] 0 2203 17601 8201 25 3 0
1000 syz-executor2
[ 2205] 0 2205 17601 8203 25 3 0
0 syz-executor5
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2214] 0 2214 17601 8196 23 3 0
1000 syz-executor3
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2224] 0 2224 17601 8195 24 3 0
1000 syz-executor1
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2225] 0 2225 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor2:6508 blocked for more than 140 seconds.
[ 2233] 0 2233 17601 8196 23 3 0
1000 syz-executor3
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2237] 0 2237 17601 8197 24 3 0
1000 syz-executor0
syz-executor2 D28600 6508 30167 0x10000000
[ 2243] 0 2243 17601 8197 25 3 0
1000 syz-executor4
Call Trace:
[ 2252] 0 2252 17601 8196 23 3 0
1000 syz-executor3
[ 2258] 0 2258 17601 8197 24 3 0
1000 syz-executor0
[ 2263] 0 2263 17601 8197 25 3 0
1000 syz-executor4
[ 2299] 0 2299 17601 8195 24 3 0
1000 syz-executor1
[ 2304] 0 2304 17601 8197 24 3 0
1000 syz-executor0
[ 2308] 0 2308 17601 8196 23 3 0
1000 syz-executor3
[ 2320] 0 2320 17601 8197 24 3 0
1000 syz-executor0
[ 2329] 0 2329 17601 8197 25 3 0
1000 syz-executor4
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2336] 0 2336 17601 8196 23 3 0
1000 syz-executor3
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2353] 0 2353 17601 8195 24 3 0
1000 syz-executor1
[ 2354] 0 2354 17601 8192 23 3 0
0 syz-executor5
[ 2364] 0 2364 17667 8205 24 3 0
0 syz-executor5
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2376] 0 2376 17601 8197 25 3 0
1000 syz-executor4
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2378] 0 2378 17601 8197 24 3 0
1000 syz-executor0
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2414] 0 2414 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2417] 0 2417 17601 8197 25 3 0
1000 syz-executor4
[ 2420] 0 2420 17601 8197 24 3 0
1000 syz-executor0
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2423] 0 2423 17601 8196 23 3 0
1000 syz-executor3
[ 2442] 0 2442 17601 8196 23 3 0
1000 syz-executor3
[ 2456] 0 2456 17601 8197 24 3 0
1000 syz-executor0
[ 2458] 0 2458 17601 8197 25 3 0
1000 syz-executor4
[ 2462] 0 2462 17601 8195 24 3 0
1000 syz-executor1
[ 2466] 0 2466 17601 8201 24 3 0
0 syz-executor5
[ 2477] 0 2477 17601 8197 25 3 0
1000 syz-executor4
[ 2488] 0 2488 17601 8196 23 3 0
1000 syz-executor3
[ 2505] 0 2505 17601 8197 24 3 0
1000 syz-executor0
[ 2512] 0 2512 17601 8195 24 3 0
1000 syz-executor1
[ 2524] 0 2524 17601 8197 25 3 0
1000 syz-executor4
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2526] 0 2526 17601 8201 24 3 0
0 syz-executor5
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2544] 0 2544 17601 8196 23 3 0
1000 syz-executor3
[ 2558] 0 2558 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor4:6503 blocked for more than 140 seconds.
[ 2560] 0 2560 17601 8197 25 3 0
1000 syz-executor4
[ 2565] 0 2565 17601 8201 24 3 0
0 syz-executor5
[ 2566] 0 2566 17601 8195 24 3 0
1000 syz-executor1
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2581] 0 2581 17601 8197 25 3 0
1000 syz-executor4
syz-executor4 D29888 6503 30193 0x10000000
[ 2610] 0 2610 17601 8201 24 3 0
0 syz-executor5
[ 2617] 0 2617 17601 8195 24 3 0
1000 syz-executor1
Call Trace:
[ 2618] 0 2618 17601 8197 24 3 0
1000 syz-executor0
[ 2620] 0 2620 17601 8198 24 3 0
1000 syz-executor3
[ 2646] 0 2646 17601 8196 23 3 0
1000 syz-executor3
[ 2652] 0 2652 17601 8196 25 3 0
1000 syz-executor4
[ 2657] 0 2657 17601 8195 24 3 0
1000 syz-executor1
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2660] 0 2660 17601 8197 24 3 0
1000 syz-executor0
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2669] 0 2669 17601 8203 25 3 0
0 syz-executor5
[ 2698] 0 2698 17601 8196 25 3 0
1000 syz-executor4
[ 2702] 0 2702 17601 8195 24 3 0
1000 syz-executor1
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2706] 0 2706 17601 8196 23 3 0
1000 syz-executor3
[ 2708] 0 2708 17601 8197 24 3 0
1000 syz-executor0
[ 2720] 0 2720 17601 8196 25 3 0
1000 syz-executor4
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2734] 0 2734 17601 8201 24 3 0
0 syz-executor5
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2754] 0 2754 17601 8196 23 3 0
1000 syz-executor3
[ 2756] 0 2756 17601 8197 24 3 0
1000 syz-executor0
[ 2758] 0 2758 17601 8195 24 3 0
1000 syz-executor1
[ 2783] 0 2783 17601 8201 24 3 0
0 syz-executor5
[ 2786] 0 2786 17601 8197 24 3 0
1000 syz-executor0
[ 2788] 0 2788 17601 8197 25 3 0
1000 syz-executor4
[ 2793] 0 2793 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2820] 0 2820 17601 8197 24 3 0
1000 syz-executor0
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2822] 0 2822 17601 8196 23 3 0
1000 syz-executor3
[ 2826] 0 2826 17601 8201 24 3 0
0 syz-executor5
[ 2829] 0 2829 17601 8195 24 3 0
1000 syz-executor1
[ 2831] 0 2831 17601 8196 25 3 0
1000 syz-executor4
[ 2869] 0 2869 17601 8195 24 3 0
1000 syz-executor1
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2871] 0 2871 17601 8197 24 3 0
1000 syz-executor0
[ 2876] 0 2876 17601 8196 23 3 0
1000 syz-executor3
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2878] 0 2878 17601 8201 24 3 0
0 syz-executor5
INFO: task syz-executor0:6507 blocked for more than 140 seconds.
[ 2884] 0 2884 17601 8197 25 3 0
1000 syz-executor4
Not tainted 4.14.92+ #5
[ 2895] 0 2895 17601 8199 24 3 0
1000 syz-executor2
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2909] 0 2909 17601 8195 24 3 0
1000 syz-executor1
[ 2912] 0 2912 17601 8198 25 3 0
1000 syz-executor0
syz-executor0 D30192 6507 30194 0x10000000
[ 2915] 0 2915 17601 8196 23 3 0
1000 syz-executor3
Call Trace:
[ 2919] 0 2919 17601 8201 24 3 0
0 syz-executor5
[ 2924] 0 2924 17601 8195 24 3 0
1000 syz-executor1
[ 2926] 0 2926 17601 8197 25 3 0
1000 syz-executor4
[ 2941] 0 2941 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2944] 0 2944 17601 8199 24 3 0
1000 syz-executor2
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2946] 0 2946 17601 8195 24 3 0
1000 syz-executor1
[ 2954] 0 2954 17601 8196 23 3 0
1000 syz-executor3
[ 2961] 0 2961 17601 8196 24 3 0
1000 syz-executor4
[ 2966] 0 2966 17601 8202 25 3 0
0 syz-executor5
[ 2977] 0 2977 17601 8196 23 3 0
1000 syz-executor3
[ 2979] 0 2979 17601 8197 24 3 0
1000 syz-executor0
[ 2984] 0 2984 17601 8194 23 3 0
1000 syz-executor1
[ 2990] 0 2990 17601 8195 24 3 0
1000 syz-executor4
[ 2996] 0 2996 17601 8201 24 3 0
0 syz-executor5
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 3010] 0 3010 17601 8194 23 3 0
1000 syz-executor1
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 3012] 0 3012 17601 8194 23 3 0
1000 syz-executor4
[ 3020] 0 3020 17601 8197 24 3 0
1000 syz-executor0
[ 3021] 0 3021 17601 8196 23 3 0
1000 syz-executor3
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 3024] 0 3024 17601 8199 24 3 0
1000 syz-executor2
[ 3037] 0 3037 17601 8194 23 3 0
1000 syz-executor1
[ 3038] 0 3038 17601 8194 23 3 0
1000 syz-executor4
[ 3042] 0 3042 17601 8202 25 3 0
0 syz-executor5
[ 3053] 0 3053 17601 8196 23 3 0
1000 syz-executor3
[ 3061] 0 3061 17601 8194 23 3 0
1000 syz-executor4
[ 3068] 0 3068 17601 8200 25 3 0
1000 syz-executor2
[ 3071] 0 3071 17601 8198 25 3 0
1000 syz-executor0
[ 3075] 0 3075 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 3085] 0 3085 17601 8196 23 3 0
1000 syz-executor3
[ 3088] 0 3088 17601 8195 24 3 0
1000 syz-executor4
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 3093] 0 3093 17601 8201 24 3 0
0 syz-executor5
Showing all locks held in the system:
2 locks held by init/1:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by khungtaskd/23:
[ 3107] 0 3107 17601 8203 25 3 0
0 syz-executor5
#0: (tasklist_lock){.+.+}, at: [<ffffffffa0bff9cc>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
2 locks held by rsyslogd/1622:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
[ 3115] 0 3115 17601 8196 23 3 0
1000 syz-executor3
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by cron/1673:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by getty/1754:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa1737492>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa17328b7>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
2 locks held by kworker/u4:2/1843:
#0: ("events_unbound"){+.+.}, at: [<ffffffffa0b27d65>]
process_one_work+0x6e5/0x14e0 kernel/workqueue.c:2085
#1: ((&sub_info->work)
[ 3118] 0 3118 17601 8194 23 3 0
1000 syz-executor1
){+.+.}, at: [<ffffffffa0b27d9b>] process_one_work+0x71b/0x14e0
kernel/workqueue.c:2089
2 locks held by syz-executor5/1851:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor3/30196:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor3/31345:
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>] sb_start_intwrite
include/linux/fs.h:1592 [inline]
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>]
ext4_evict_inode+0x364/0x1520 fs/ext4/inode.c:250
1 lock held by syz-executor4/5905:
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>] sb_start_intwrite
include/linux/fs.h:1592 [inline]
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>]
ext4_evict_inode+0x364/0x1520 fs/ext4/inode.c:250
[ 3119] 0 3119 17601 8195 24 3 0
1000 syz-executor4
2 locks held by syz-executor1/6488:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor1/6512:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor1/6516:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor5/6490:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab49e1>]
__do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361
3 locks held by syz-executor5/6494:
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] dup_mmap
kernel/fork.c:609 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] dup_mm
kernel/fork.c:1202 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] copy_mm
kernel/fork.c:1256 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>]
copy_process.part.0+0x39bd/0x6540 kernel/fork.c:1762
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] dup_mmap
kernel/fork.c:610 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] dup_mm
kernel/fork.c:1202 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] copy_mm
kernel/fork.c:1256 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>]
copy_process.part.0+0x39d9/0x6540 kernel/fork.c:1762
[ 3130] 0 3130 17601 8201 25 3 0
1000 syz-executor2
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] dup_mmap
kernel/fork.c:619 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] dup_mm
kernel/fork.c:1202 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] copy_mm
kernel/fork.c:1256 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>]
copy_process.part.0+0x3a21/0x6540 kernel/fork.c:1762
1 lock held by syz-executor3/6505:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor2/6492:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor2/6497:
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] file_start_write
include/linux/fs.h:2726 [inline]
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] vfs_write+0x3d8/0x4d0
fs/read_write.c:545
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
generic_file_write_iter+0x99/0x650 mm/filemap.c:3187
1 lock held by syz-executor2/6508:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
1 lock held by syz-executor4/6503:
#0: (
[ 3136] 0 3136 17601 8198 25 3 0
1000 syz-executor0
&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>] inode_lock
include/linux/fs.h:715 [inline]
&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor0/6499:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor0/6504:
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] file_start_write
include/linux/fs.h:2726 [inline]
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] vfs_write+0x3d8/0x4d0
fs/read_write.c:545
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
generic_file_write_iter+0x99/0x650 mm/filemap.c:3187
1 lock held by syz-executor0/6507:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.92+ #5
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x10e lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
[ 3145] 0 3145 17601 8195 24 3 0
1000 syz-executor4
[ 3146] 0 3146 17601 8194 23 3 0
1000 syz-executor1
[ 3158] 0 3158 17601 8196 23 3 0
1000 syz-executor3
[ 3160] 0 3160 17601 8202 25 3 0
0 syz-executor5
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 6501 Comm: syz-executor0 Not tainted 4.14.92+ #5
task: ffff8881a1970000 task.stack: ffff88809b1f8000
RIP: 0010:trace_lock_release include/trace/events/lock.h:58 [inline]
RIP: 0010:lock_release+0x4e4/0x730 kernel/locking/lockdep.c:4009
RSP: 0000:ffff8881dbb07cb8 EFLAGS: 00000046
RAX: 1ffff1103951c591 RBX: 1ffff1103b760f9a RCX: 0000000000000001
RDX: 1ffffd1fffea0c4e RSI: 1ffffffff4599285 RDI: ffffffffa2cc9428
RBP: ffff8881ca8e2c88 R08: 0000000000007edf R09: 0000000000000000
R10: 0000000000000006 R11: 0000000000000001 R12: ffffffffa44b0c00
R13: ffffffffa0bf0d50 R14: 1ffff1103b760fb4 R15: dffffc0000000000
FS: 00007f7d41231700(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000457d30 CR3: 00000000418b6005 CR4: 00000000001606a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
</IRQ>
Code: 80 3c 3a 00 0f 85 2d 02 00 00 48 8b 7d 08 48 83 c5 18 4c 89 e6 48 8b
54 24 08 e8 d8 5a a0 01 48 89 e8 48 c1 e8 03 42 80 3c 38 00 <0f> 85 f9 01
00 00 4c 8b 6d 00 4d 85 ed 75 ba 65 ff 0d 86 07 42
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: fab7352c Merge upstream-f2fs-stable-linux-4.14.y into andr..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=11a6147b400000
kernel config: https://syzkaller.appspot.com/x/.config?x=9ed317eef2eaa25
dashboard link: https://syzkaller.appspot.com/bug?extid=d633442b91da6a6621cf
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d63344...@syzkaller.appspotmail.com
[ 1635] 0 1635 17601 8195 24 3 0
1000 syz-executor1
[ 1639] 0 1639 17601 8196 23 3 0
1000 syz-executor3
[ 1641] 0 1641 17700 8209 31 3 0
0 syz-executor5
[ 1658] 0 1658 17601 8199 24 3 0
1000 syz-executor2
INFO: task syz-executor1:6512 blocked for more than 140 seconds.
Not tainted 4.14.92+ #5
[ 1663] 0 1663 17601 8199 24 3 0
1000 syz-executor2
[ 1670] 0 1670 17601 8199 24 3 0
1000 syz-executor2
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1676] 0 1676 17601 8196 23 3 0
1000 syz-executor0
[ 1678] 0 1678 17601 8203 25 3 0
0 syz-executor5
syz-executor1 D
[ 1682] 0 1682 17601 8195 24 3 0
1000 syz-executor1
29744 6512 30199 0x10000000
Call Trace:
[ 1684] 0 1684 17601 8195 24 3 0
1000 syz-executor4
[ 1686] 0 1686 17601 8199 24 3 0
1000 syz-executor2
[ 1689] 0 1689 17601 8196 23 3 0
1000 syz-executor3
[ 1698] 0 1698 17601 8199 24 3 0
1000 syz-executor2
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 1704] 0 1704 17667 8207 31 3 0
0 syz-executor5
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 1716] 0 1716 17601 8199 24 3 0
1000 syz-executor2
[ 1719] 0 1719 17601 8197 25 3 0
1000 syz-executor4
[ 1729] 0 1729 17601 8196 23 3 0
1000 syz-executor3
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 1730] 0 1730 17601 8197 24 3 0
1000 syz-executor0
[ 1733] 0 1733 17601 8203 25 3 0
0 syz-executor5
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 1735] 0 1735 17601 8199 24 3 0
1000 syz-executor2
[ 1748] 0 1748 17667 8207 25 3 0
0 syz-executor5
[ 1751] 0 1751 17601 8199 24 3 0
1000 syz-executor2
[ 1755] 0 1755 17601 8195 24 3 0
1000 syz-executor1
[ 1771] 0 1771 17601 8196 23 3 0
1000 syz-executor3
[ 1778] 0 1778 17601 8197 24 3 0
1000 syz-executor0
[ 1784] 0 1784 17601 8199 24 3 0
1000 syz-executor2
[ 1788] 0 1788 17601 8203 25 3 0
0 syz-executor5
[ 1797] 0 1797 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 1800] 0 1800 17601 8197 25 3 0
1000 syz-executor4
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 1815] 0 1815 17601 8199 24 3 0
1000 syz-executor2
[ 1819] 0 1819 17601 8197 24 3 0
1000 syz-executor0
[ 1821] 0 1821 17667 8207 31 3 0
0 syz-executor5
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 1829] 0 1829 17601 8196 23 3 0
1000 syz-executor3
[ 1830] 0 1830 17601 8195 24 3 0
1000 syz-executor1
[ 1841] 0 1841 17601 8197 25 3 0
1000 syz-executor4
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 1848] 0 1848 17601 8199 24 3 0
1000 syz-executor2
[ 1854] 0 1854 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor5:6490 blocked for more than 140 seconds.
Not tainted 4.14.92+ #5
[ 1862] 0 1862 17601 8203 25 3 0
0 syz-executor5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1874] 0 1874 17601 8196 23 3 0
1000 syz-executor3
[ 1875] 0 1875 17601 8195 24 3 0
1000 syz-executor1
[ 1885] 0 1885 17601 8197 24 3 0
1000 syz-executor0
[ 1895] 0 1895 17601 8196 23 3 0
1000 syz-executor3
syz-executor5 D27040 6490 1851 0x10000000
[ 1897] 0 1897 17601 8195 24 3 0
1000 syz-executor1
[ 1901] 0 1901 17700 8209 26 3 0
0 syz-executor5
Call Trace:
[ 1905] 0 1905 17601 8199 24 3 0
1000 syz-executor2
[ 1911] 0 1911 17601 8197 25 3 0
1000 syz-executor4
[ 1920] 0 1920 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 1934] 0 1934 17601 8196 23 3 0
1000 syz-executor3
__rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:269 [inline]
rwsem_down_read_failed+0x21f/0x3c0 kernel/locking/rwsem-xadd.c:286
[ 1937] 0 1937 17601 8195 24 3 0
1000 syz-executor1
[ 1941] 0 1941 17601 8202 25 3 0
0 syz-executor5
call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
[ 1953] 0 1953 17601 8199 24 3 0
1000 syz-executor2
__down_read arch/x86/include/asm/rwsem.h:66 [inline]
down_read+0x45/0xa0 kernel/locking/rwsem.c:26
[ 1958] 0 1958 17667 8206 31 3 0
0 syz-executor5
[ 1963] 0 1963 17601 8197 25 3 0
1000 syz-executor4
[ 1965] 0 1965 17601 8197 24 3 0
1000 syz-executor0
__do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361
[ 1975] 0 1975 17601 8203 25 3 0
0 syz-executor5
[ 1987] 0 1987 17601 8197 25 3 0
1000 syz-executor1
[ 2000] 0 2000 17601 8199 24 3 0
1000 syz-executor2
[ 2004] 0 2004 17667 8207 31 3 0
0 syz-executor5
[ 2009] 0 2009 17601 8197 25 3 0
1000 syz-executor4
[ 2012] 0 2012 17601 8197 24 3 0
1000 syz-executor0
[ 2022] 0 2022 17601 8203 25 3 0
0 syz-executor5
page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1104
RIP: 31957700:0x73bfac
[ 2023] 0 2023 17601 8196 23 3 0
1000 syz-executor3
RSP: 31957700:000000000000000f EFLAGS: 7ffe1eb54360
INFO: task syz-executor3:6505 blocked for more than 140 seconds.
[ 2026] 0 2026 17601 8197 25 3 0
1000 syz-executor1
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor3 D30192 6505 30196 0x10000000
[ 2037] 0 2037 17667 8207 31 3 0
0 syz-executor5
Call Trace:
[ 2042] 0 2042 17601 8197 24 3 0
1000 syz-executor0
[ 2054] 0 2054 17601 8196 23 3 0
1000 syz-executor3
[ 2056] 0 2056 17601 8197 25 3 0
1000 syz-executor1
[ 2058] 0 2058 17601 8197 25 3 0
1000 syz-executor4
[ 2064] 0 2064 17601 8203 25 3 0
0 syz-executor5
[ 2081] 0 2081 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2087] 0 2087 17601 8195 24 3 0
1000 syz-executor1
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2089] 0 2089 17601 8199 24 3 0
1000 syz-executor2
[ 2090] 0 2090 17700 8209 31 3 0
0 syz-executor5
[ 2094] 0 2094 17601 8196 23 3 0
1000 syz-executor3
[ 2103] 0 2103 17601 8203 25 3 0
0 syz-executor5
[ 2109] 0 2109 17601 8197 24 3 0
1000 syz-executor0
[ 2118] 0 2118 17700 8209 31 3 0
0 syz-executor5
[ 2122] 0 2122 17601 8197 25 3 0
1000 syz-executor1
[ 2130] 0 2130 17601 8197 24 3 0
1000 syz-executor0
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2140] 0 2140 17601 8199 24 3 0
1000 syz-executor2
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2143] 0 2143 17601 8196 23 3 0
1000 syz-executor3
[ 2144] 0 2144 17601 8203 25 3 0
0 syz-executor5
[ 2146] 0 2146 17601 8197 25 3 0
1000 syz-executor4
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2165] 0 2165 17700 8209 31 3 0
0 syz-executor5
[ 2169] 0 2169 17601 8195 24 3 0
1000 syz-executor1
[ 2172] 0 2172 17601 8197 24 3 0
1000 syz-executor0
[ 2174] 0 2174 17601 8201 24 3 0
0 syz-executor5
[ 2177] 0 2177 17601 8196 23 3 0
1000 syz-executor3
[ 2187] 0 2187 17601 8197 24 3 0
1000 syz-executor0
[ 2199] 0 2199 17601 8197 25 3 0
1000 syz-executor4
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2203] 0 2203 17601 8201 25 3 0
1000 syz-executor2
[ 2205] 0 2205 17601 8203 25 3 0
0 syz-executor5
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2214] 0 2214 17601 8196 23 3 0
1000 syz-executor3
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2224] 0 2224 17601 8195 24 3 0
1000 syz-executor1
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2225] 0 2225 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor2:6508 blocked for more than 140 seconds.
[ 2233] 0 2233 17601 8196 23 3 0
1000 syz-executor3
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2237] 0 2237 17601 8197 24 3 0
1000 syz-executor0
syz-executor2 D28600 6508 30167 0x10000000
[ 2243] 0 2243 17601 8197 25 3 0
1000 syz-executor4
Call Trace:
[ 2252] 0 2252 17601 8196 23 3 0
1000 syz-executor3
[ 2258] 0 2258 17601 8197 24 3 0
1000 syz-executor0
[ 2263] 0 2263 17601 8197 25 3 0
1000 syz-executor4
[ 2299] 0 2299 17601 8195 24 3 0
1000 syz-executor1
[ 2304] 0 2304 17601 8197 24 3 0
1000 syz-executor0
[ 2308] 0 2308 17601 8196 23 3 0
1000 syz-executor3
[ 2320] 0 2320 17601 8197 24 3 0
1000 syz-executor0
[ 2329] 0 2329 17601 8197 25 3 0
1000 syz-executor4
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2336] 0 2336 17601 8196 23 3 0
1000 syz-executor3
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2353] 0 2353 17601 8195 24 3 0
1000 syz-executor1
[ 2354] 0 2354 17601 8192 23 3 0
0 syz-executor5
[ 2364] 0 2364 17667 8205 24 3 0
0 syz-executor5
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2376] 0 2376 17601 8197 25 3 0
1000 syz-executor4
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2378] 0 2378 17601 8197 24 3 0
1000 syz-executor0
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2414] 0 2414 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2417] 0 2417 17601 8197 25 3 0
1000 syz-executor4
[ 2420] 0 2420 17601 8197 24 3 0
1000 syz-executor0
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2423] 0 2423 17601 8196 23 3 0
1000 syz-executor3
[ 2442] 0 2442 17601 8196 23 3 0
1000 syz-executor3
[ 2456] 0 2456 17601 8197 24 3 0
1000 syz-executor0
[ 2458] 0 2458 17601 8197 25 3 0
1000 syz-executor4
[ 2462] 0 2462 17601 8195 24 3 0
1000 syz-executor1
[ 2466] 0 2466 17601 8201 24 3 0
0 syz-executor5
[ 2477] 0 2477 17601 8197 25 3 0
1000 syz-executor4
[ 2488] 0 2488 17601 8196 23 3 0
1000 syz-executor3
[ 2505] 0 2505 17601 8197 24 3 0
1000 syz-executor0
[ 2512] 0 2512 17601 8195 24 3 0
1000 syz-executor1
[ 2524] 0 2524 17601 8197 25 3 0
1000 syz-executor4
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2526] 0 2526 17601 8201 24 3 0
0 syz-executor5
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2544] 0 2544 17601 8196 23 3 0
1000 syz-executor3
[ 2558] 0 2558 17601 8197 24 3 0
1000 syz-executor0
INFO: task syz-executor4:6503 blocked for more than 140 seconds.
[ 2560] 0 2560 17601 8197 25 3 0
1000 syz-executor4
[ 2565] 0 2565 17601 8201 24 3 0
0 syz-executor5
[ 2566] 0 2566 17601 8195 24 3 0
1000 syz-executor1
Not tainted 4.14.92+ #5
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2581] 0 2581 17601 8197 25 3 0
1000 syz-executor4
syz-executor4 D29888 6503 30193 0x10000000
[ 2610] 0 2610 17601 8201 24 3 0
0 syz-executor5
[ 2617] 0 2617 17601 8195 24 3 0
1000 syz-executor1
Call Trace:
[ 2618] 0 2618 17601 8197 24 3 0
1000 syz-executor0
[ 2620] 0 2620 17601 8198 24 3 0
1000 syz-executor3
[ 2646] 0 2646 17601 8196 23 3 0
1000 syz-executor3
[ 2652] 0 2652 17601 8196 25 3 0
1000 syz-executor4
[ 2657] 0 2657 17601 8195 24 3 0
1000 syz-executor1
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2660] 0 2660 17601 8197 24 3 0
1000 syz-executor0
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2669] 0 2669 17601 8203 25 3 0
0 syz-executor5
[ 2698] 0 2698 17601 8196 25 3 0
1000 syz-executor4
[ 2702] 0 2702 17601 8195 24 3 0
1000 syz-executor1
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 2706] 0 2706 17601 8196 23 3 0
1000 syz-executor3
[ 2708] 0 2708 17601 8197 24 3 0
1000 syz-executor0
[ 2720] 0 2720 17601 8196 25 3 0
1000 syz-executor4
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 2734] 0 2734 17601 8201 24 3 0
0 syz-executor5
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 2754] 0 2754 17601 8196 23 3 0
1000 syz-executor3
[ 2756] 0 2756 17601 8197 24 3 0
1000 syz-executor0
[ 2758] 0 2758 17601 8195 24 3 0
1000 syz-executor1
[ 2783] 0 2783 17601 8201 24 3 0
0 syz-executor5
[ 2786] 0 2786 17601 8197 24 3 0
1000 syz-executor0
[ 2788] 0 2788 17601 8197 25 3 0
1000 syz-executor4
[ 2793] 0 2793 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
[ 2820] 0 2820 17601 8197 24 3 0
1000 syz-executor0
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 2822] 0 2822 17601 8196 23 3 0
1000 syz-executor3
[ 2826] 0 2826 17601 8201 24 3 0
0 syz-executor5
[ 2829] 0 2829 17601 8195 24 3 0
1000 syz-executor1
[ 2831] 0 2831 17601 8196 25 3 0
1000 syz-executor4
[ 2869] 0 2869 17601 8195 24 3 0
1000 syz-executor1
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
[ 2871] 0 2871 17601 8197 24 3 0
1000 syz-executor0
[ 2876] 0 2876 17601 8196 23 3 0
1000 syz-executor3
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 2878] 0 2878 17601 8201 24 3 0
0 syz-executor5
INFO: task syz-executor0:6507 blocked for more than 140 seconds.
[ 2884] 0 2884 17601 8197 25 3 0
1000 syz-executor4
Not tainted 4.14.92+ #5
[ 2895] 0 2895 17601 8199 24 3 0
1000 syz-executor2
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2909] 0 2909 17601 8195 24 3 0
1000 syz-executor1
[ 2912] 0 2912 17601 8198 25 3 0
1000 syz-executor0
syz-executor0 D30192 6507 30194 0x10000000
[ 2915] 0 2915 17601 8196 23 3 0
1000 syz-executor3
Call Trace:
[ 2919] 0 2919 17601 8201 24 3 0
0 syz-executor5
[ 2924] 0 2924 17601 8195 24 3 0
1000 syz-executor1
[ 2926] 0 2926 17601 8197 25 3 0
1000 syz-executor4
[ 2941] 0 2941 17601 8197 24 3 0
1000 syz-executor0
schedule+0x92/0x1c0 kernel/sched/core.c:3490
[ 2944] 0 2944 17601 8199 24 3 0
1000 syz-executor2
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
[ 2946] 0 2946 17601 8195 24 3 0
1000 syz-executor1
[ 2954] 0 2954 17601 8196 23 3 0
1000 syz-executor3
[ 2961] 0 2961 17601 8196 24 3 0
1000 syz-executor4
[ 2966] 0 2966 17601 8202 25 3 0
0 syz-executor5
[ 2977] 0 2977 17601 8196 23 3 0
1000 syz-executor3
[ 2979] 0 2979 17601 8197 24 3 0
1000 syz-executor0
[ 2984] 0 2984 17601 8194 23 3 0
1000 syz-executor1
[ 2990] 0 2990 17601 8195 24 3 0
1000 syz-executor4
[ 2996] 0 2996 17601 8201 24 3 0
0 syz-executor5
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
[ 3010] 0 3010 17601 8194 23 3 0
1000 syz-executor1
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
[ 3012] 0 3012 17601 8194 23 3 0
1000 syz-executor4
[ 3020] 0 3020 17601 8197 24 3 0
1000 syz-executor0
[ 3021] 0 3021 17601 8196 23 3 0
1000 syz-executor3
inode_lock include/linux/fs.h:715 [inline]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
[ 3024] 0 3024 17601 8199 24 3 0
1000 syz-executor2
[ 3037] 0 3037 17601 8194 23 3 0
1000 syz-executor1
[ 3038] 0 3038 17601 8194 23 3 0
1000 syz-executor4
[ 3042] 0 3042 17601 8202 25 3 0
0 syz-executor5
[ 3053] 0 3053 17601 8196 23 3 0
1000 syz-executor3
[ 3061] 0 3061 17601 8194 23 3 0
1000 syz-executor4
[ 3068] 0 3068 17601 8200 25 3 0
1000 syz-executor2
[ 3071] 0 3071 17601 8198 25 3 0
1000 syz-executor0
[ 3075] 0 3075 17601 8195 24 3 0
1000 syz-executor1
shmem_fcntl+0xea/0x120 mm/shmem.c:2876
do_fcntl+0x5b8/0xc60 fs/fcntl.c:421
[ 3085] 0 3085 17601 8196 23 3 0
1000 syz-executor3
[ 3088] 0 3088 17601 8195 24 3 0
1000 syz-executor4
SYSC_fcntl fs/fcntl.c:463 [inline]
SyS_fcntl+0xc6/0x100 fs/fcntl.c:448
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
[ 3093] 0 3093 17601 8201 24 3 0
0 syz-executor5
Showing all locks held in the system:
2 locks held by init/1:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by khungtaskd/23:
[ 3107] 0 3107 17601 8203 25 3 0
0 syz-executor5
#0: (tasklist_lock){.+.+}, at: [<ffffffffa0bff9cc>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
2 locks held by rsyslogd/1622:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
[ 3115] 0 3115 17601 8196 23 3 0
1000 syz-executor3
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by cron/1673:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by getty/1754:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa1737492>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa17328b7>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
2 locks held by kworker/u4:2/1843:
#0: ("events_unbound"){+.+.}, at: [<ffffffffa0b27d65>]
process_one_work+0x6e5/0x14e0 kernel/workqueue.c:2085
#1: ((&sub_info->work)
[ 3118] 0 3118 17601 8194 23 3 0
1000 syz-executor1
){+.+.}, at: [<ffffffffa0b27d9b>] process_one_work+0x71b/0x14e0
kernel/workqueue.c:2089
2 locks held by syz-executor5/1851:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor3/30196:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor3/31345:
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>] sb_start_intwrite
include/linux/fs.h:1592 [inline]
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>]
ext4_evict_inode+0x364/0x1520 fs/ext4/inode.c:250
1 lock held by syz-executor4/5905:
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>] sb_start_intwrite
include/linux/fs.h:1592 [inline]
#0: (sb_internal){.+.+}, at: [<ffffffffa11599a4>]
ext4_evict_inode+0x364/0x1520 fs/ext4/inode.c:250
[ 3119] 0 3119 17601 8195 24 3 0
1000 syz-executor4
2 locks held by syz-executor1/6488:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor1/6512:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor1/6516:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
1 lock held by syz-executor5/6490:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab49e1>]
__do_page_fault+0x871/0xb80 arch/x86/mm/fault.c:1361
3 locks held by syz-executor5/6494:
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] dup_mmap
kernel/fork.c:609 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] dup_mm
kernel/fork.c:1202 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>] copy_mm
kernel/fork.c:1256 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<ffffffffa0ad0b6d>]
copy_process.part.0+0x39bd/0x6540 kernel/fork.c:1762
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] dup_mmap
kernel/fork.c:610 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] dup_mm
kernel/fork.c:1202 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>] copy_mm
kernel/fork.c:1256 [inline]
#1: (&mm->mmap_sem){++++}, at: [<ffffffffa0ad0b89>]
copy_process.part.0+0x39d9/0x6540 kernel/fork.c:1762
[ 3130] 0 3130 17601 8201 25 3 0
1000 syz-executor2
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] dup_mmap
kernel/fork.c:619 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] dup_mm
kernel/fork.c:1202 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>] copy_mm
kernel/fork.c:1256 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<ffffffffa0ad0bd1>]
copy_process.part.0+0x3a21/0x6540 kernel/fork.c:1762
1 lock held by syz-executor3/6505:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor2/6492:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor2/6497:
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] file_start_write
include/linux/fs.h:2726 [inline]
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] vfs_write+0x3d8/0x4d0
fs/read_write.c:545
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
generic_file_write_iter+0x99/0x650 mm/filemap.c:3187
1 lock held by syz-executor2/6508:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
1 lock held by syz-executor4/6503:
#0: (
[ 3136] 0 3136 17601 8198 25 3 0
1000 syz-executor0
&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>] inode_lock
include/linux/fs.h:715 [inline]
&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
2 locks held by syz-executor0/6499:
#0: (&mm->mmap_sem){++++}, at: [<ffffffffa0ab43e1>]
__do_page_fault+0x271/0xb80 arch/x86/mm/fault.c:1354
#1: (&ei->i_mmap_sem){++++}, at: [<ffffffffa115e19c>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6183
2 locks held by syz-executor0/6504:
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] file_start_write
include/linux/fs.h:2726 [inline]
#0: (sb_writers#6){.+.+}, at: [<ffffffffa0f57d08>] vfs_write+0x3d8/0x4d0
fs/read_write.c:545
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e29289>]
generic_file_write_iter+0x99/0x650 mm/filemap.c:3187
1 lock held by syz-executor0/6507:
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
inode_lock include/linux/fs.h:715 [inline]
#0: (&sb->s_type->i_mutex_key#10){+.+.}, at: [<ffffffffa0e7ca1b>]
shmem_add_seals+0x12b/0x1150 mm/shmem.c:2829
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.92+ #5
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x10e lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
[ 3145] 0 3145 17601 8195 24 3 0
1000 syz-executor4
[ 3146] 0 3146 17601 8194 23 3 0
1000 syz-executor1
[ 3158] 0 3158 17601 8196 23 3 0
1000 syz-executor3
[ 3160] 0 3160 17601 8202 25 3 0
0 syz-executor5
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 6501 Comm: syz-executor0 Not tainted 4.14.92+ #5
task: ffff8881a1970000 task.stack: ffff88809b1f8000
RIP: 0010:trace_lock_release include/trace/events/lock.h:58 [inline]
RIP: 0010:lock_release+0x4e4/0x730 kernel/locking/lockdep.c:4009
RSP: 0000:ffff8881dbb07cb8 EFLAGS: 00000046
RAX: 1ffff1103951c591 RBX: 1ffff1103b760f9a RCX: 0000000000000001
RDX: 1ffffd1fffea0c4e RSI: 1ffffffff4599285 RDI: ffffffffa2cc9428
RBP: ffff8881ca8e2c88 R08: 0000000000007edf R09: 0000000000000000
R10: 0000000000000006 R11: 0000000000000001 R12: ffffffffa44b0c00
R13: ffffffffa0bf0d50 R14: 1ffff1103b760fb4 R15: dffffc0000000000
FS: 00007f7d41231700(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000457d30 CR3: 00000000418b6005 CR4: 00000000001606a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
</IRQ>
Code: 80 3c 3a 00 0f 85 2d 02 00 00 48 8b 7d 08 48 83 c5 18 4c 89 e6 48 8b
54 24 08 e8 d8 5a a0 01 48 89 e8 48 c1 e8 03 42 80 3c 38 00 <0f> 85 f9 01
00 00 4c 8b 6d 00 4d 85 ed 75 ba 65 ff 0d 86 07 42
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Aug 3, 2019, 2:14:04 PM8/3/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages