INFO: task hung in kernfs_dop_revalidate
27 views
Skip to first unread message
syzbot
Aug 3, 2019, 12:25:05 PM8/3/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 2ea88150 Merge remote-tracking branch 'origin/upstream-f2f..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=16a90230600000
kernel config: https://syzkaller.appspot.com/x/.config?x=cfce353b92031d07
dashboard link: https://syzkaller.appspot.com/bug?extid=4f0307c3e7572274dc8d
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+4f0307...@syzkaller.appspotmail.com
[13490] 0 13490 18178 8971 26 4 0
0 syz-executor.4
[13731] 0 13731 18145 8747 25 3 0
0 syz-executor.2
[13736] 0 13736 18244 8753 25 3 0
0 syz-executor.2
INFO: task blkid:26166 blocked for more than 140 seconds.
[13831] 0 13831 18178 8976 26 4 0
0 syz-executor.1
Not tainted 4.14.135+ #26
[13927] 0 13927 18267 8980 27 4 0
0 syz-executor.1
[14004] 0 14004 18211 8974 27 4 0
0 syz-executor.0
[14043] 0 14043 18211 8975 26 4 0
0 syz-executor.1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D27752 26166 26151 0x00000000
Call Trace:
[14141] 0 14141 18178 8994 27 4 0
0 syz-executor.5
[14251] 0 14251 18178 8973 26 4 0
0 syz-executor.1
[14263] 0 14263 18145 8746 25 3 0
0 syz-executor.1
[14603] 0 14603 18178 8970 33 4 0
0 syz-executor.4
[14667] 0 14667 18277 8979 26 4 0
0 syz-executor.1
[14690] 0 14690 18145 8762 26 3 0
0 syz-executor.1
[14693] 0 14693 18195 8750 26 3 0
0 syz-executor.1
[14699] 0 14699 18261 8979 27 4 0
0 /selinux/status
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
d_revalidate fs/namei.c:799 [inline]
lookup_fast+0x927/0xea0 fs/namei.c:1658
walk_component+0xd3/0xbf0 fs/namei.c:1835
[14717] 0 14717 18244 8979 27 4 0
0 syz-executor.0
[14743] 0 14743 18244 8979 27 4 0
0 syz-executor.0
[15034] 0 15034 18244 8996 27 4 0
0 syz-executor.5
[15040] 0 15040 18244 8996 27 4 0
0 syz-executor.5
[15175] 0 15175 18145 8746 25 3 0
0 syz-executor.1
[15253] 0 15253 18211 8750 28 3 0
0 syz-executor.1
link_path_walk+0x84a/0x1110 fs/namei.c:2168
path_openat+0x178/0x2be0 fs/namei.c:3596
[15257] 0 15257 18211 8750 32 3 0
0 syz-executor.1
[15310] 0 15310 18178 8973 26 4 0
0 syz-executor.1
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1096
[15312] 0 15312 18178 8749 25 3 0
0 syz-executor.1
[15337] 0 15337 18211 8976 27 4 0
0 syz-executor.1
[15431] 0 15431 18244 8975 26 4 0
0 syz-executor.2
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task blkid:26167 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
[15515] 0 15515 18178 8970 26 4 0
0 syz-executor.4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D27776 26167 26154 0x00000000
Call Trace:
[15520] 0 15520 18178 8970 26 4 0
0 syz-executor.4
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[15771] 0 15771 18244 8996 27 4 0
0 syz-executor.5
[15774] 0 15774 18244 8996 27 4 0
0 syz-executor.5
[16051] 0 16051 18145 8968 26 4 0
0 syz-executor.4
[16062] 0 16062 18178 8750 25 3 0
0 syz-executor.1
[16079] 0 16079 18244 8754 25 3 0
0 syz-executor.1
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
[16126] 0 16126 18142 8747 25 3 0
0 syz-executor.1
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[16134] 0 16134 18175 8756 26 3 0
0 syz-executor.1
[16211] 0 16211 18244 9012 27 4 0
0 syz-executor.5
[16227] 0 16227 18211 8993 26 4 0
0 syz-executor.3
[16253] 0 16253 18211 8993 26 4 0
0 syz-executor.3
[16310] 0 16310 18145 8746 25 3 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[16316] 0 16316 18145 8968 26 4 0
0 syz-executor.4
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[16321] 0 16321 18178 8749 25 3 0
0 syz-executor.1
[16322] 0 16322 18178 8749 25 3 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[16325] 0 16325 18244 8977 26 4 0
0 syz-executor.1
[16326] 0 16326 18244 8753 25 3 0
0 syz-executor.1
[16345] 0 16345 18178 8793 26 3 0
0 syz-executor.2
INFO: task udevd:26177 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[16365] 0 16365 18211 9678 27 3 0
0 syz-executor.2
udevd D25696 26177 190 0x00000000
[16382] 0 16382 18145 8746 26 3 0
0 syz-executor.0
Call Trace:
[16388] 0 16388 18178 8751 26 3 0
0 syz-executor.0
[16399] 0 16399 18178 8972 26 4 0
0 syz-executor.1
[16426] 0 16426 18211 8974 26 4 0
0 syz-executor.1
[16435] 0 16435 18211 8995 26 4 0
0 syz-executor.3
[16480] 0 16480 18145 8989 26 4 0
0 syz-executor.3
[16622] 0 16622 18277 8980 27 4 0
0 syz-executor.4
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[16653] 0 16653 18145 8737 24 3 0
0 syz-executor.1
[16655] 0 16655 18145 8746 25 3 0
0 syz-executor.1
[16684] 0 16684 18244 8976 26 4 0
0 syz-executor.1
[16752] 0 16752 18178 8748 25 3 0
0 syz-executor.2
[16758] 0 16758 18211 8750 25 3 0
0 syz-executor.2
[16821] 0 16821 18145 8970 27 4 0
0 syz-executor.0
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
[17261] 0 17261 18178 8972 26 4 0
0 syz-executor.2
[17386] 0 17386 18145 8746 25 3 0
0 syz-executor.3
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[17434] 0 17434 18211 8974 27 4 0
0 syz-executor.0
[17829] 0 17829 18145 8747 25 3 0
0 syz-executor.4
[17843] 0 17843 18244 8754 26 3 0
0 syz-executor.4
[17934] 0 17934 18145 8746 25 3 0
0 syz-executor.4
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[17936] 0 17936 18211 8994 26 4 0
0 syz-executor.3
[17954] 0 17954 18178 8991 26 4 0
0 syz-executor.3
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[17977] 0 17977 18211 8975 27 4 0
0 syz-executor.1
[17995] 0 17995 18211 8975 27 4 0
0 syz-executor.1
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[18142] 0 18142 18178 8973 27 4 0
0 syz-executor.0
[18192] 0 18192 18145 8745 25 3 0
0 syz-executor.4
[18195] 0 18195 18211 8974 27 4 0
0 syz-executor.0
[18252] 0 18252 18343 8983 26 4 0
0 syz-executor.2
[18304] 0 18304 18211 8975 26 4 0
0 syz-executor.1
[18330] 0 18330 18244 8975 26 4 0
0 syz-executor.2
[18335] 0 18335 18178 8748 25 3 0
0 syz-executor.1
[18470] 0 18470 18145 8992 27 4 0
0 syz-executor.5
[18480] 0 18480 18178 8972 26 4 0
0 syz-executor.1
[18487] 0 18487 18178 8972 26 4 0
0 syz-executor.1
[18514] 0 18514 18178 13262 33 3 0
0 syz-executor.5
[18539] 0 18539 18209 13322 33 3 0
0 syz-executor.5
[18553] 0 18553 18376 8989 26 4 0
0 syz-executor.1
[18593] 0 18593 18178 8974 26 4 0
0 syz-executor.2
[18639] 0 18639 34662 9018 28 4 0
0 syz-executor.1
[18671] 0 18671 34662 9018 28 4 0
0 syz-executor.1
[18732] 0 18732 18178 8971 26 4 0
0 syz-executor.2
[18827] 0 18827 18178 8981 26 4 0
0 syz-executor.4
[18864] 0 18864 18310 8979 26 4 0
0 syz-executor.2
[18909] 0 18909 18178 8971 26 4 0
0 syz-executor.2
[18915] 0 18915 18244 8976 27 4 0
0 syz-executor.0
[18951] 0 18951 18244 8976 27 4 0
0 syz-executor.0
[19202] 0 19202 18178 8749 25 3 0
0 syz-executor.3
[19206] 0 19206 18211 8751 25 3 0
0 syz-executor.3
[19213] 0 19213 18178 8749 25 3 0
0 syz-executor.1
[19219] 0 19219 18211 8751 25 3 0
0 syz-executor.1
[19351] 0 19351 18145 8967 25 4 0
0 syz-executor.4
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[19418] 0 19418 18178 8970 27 4 0
0 syz-executor.0
[19528] 0 19528 18178 8990 26 4 0
0 syz-executor.3
INFO: task udevd:26178 blocked for more than 140 seconds.
[19609] 0 19609 18178 8971 26 4 0
0 syz-executor.2
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D26272 26178 190 0x00000000
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[19684] 0 19684 18244 8977 26 4 0
0 syz-executor.2
[19701] 0 19701 18244 8976 26 4 0
0 syz-executor.1
[19757] 0 19757 18211 8972 26 4 0
0 syz-executor.4
[19837] 0 19837 18211 8993 27 4 0
0 syz-executor.5
[19840] 0 19840 18178 8990 26 4 0
0 syz-executor.3
[19854] 0 19854 18178 8749 25 3 0
0 syz-executor.3
[19857] 0 19857 18244 8755 25 3 0
0 syz-executor.3
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[19895] 0 19895 18244 8974 27 4 0
0 syz-executor.4
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task udevd:26180 blocked for more than 140 seconds.
[19952] 0 19952 18145 8736 24 3 0
0 syz-executor.2
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D28296 26180 190 0x00000000
[19967] 0 19967 18178 8748 25 3 0
0 syz-executor.2
[20015] 0 20015 18178 9004 26 4 0
0 syz-executor.3
[20034] 0 20034 18244 9009 27 4 0
0 syz-executor.3
Call Trace:
[20041] 0 20041 34629 9018 28 4 0
0 syz-executor.1
[20048] 0 20048 18244 8994 26 4 0
0 syz-executor.3
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[20055] 0 20055 18145 8747 26 3 0
0 syz-executor.5
kernfs_iop_getattr+0x85/0xd0 fs/kernfs/inode.c:209
vfs_getattr_nosec+0x107/0x170 fs/stat.c:79
vfs_getattr+0x3f/0x60 fs/stat.c:116
vfs_statx+0x100/0x180 fs/stat.c:189
[20061] 0 20061 18178 8753 26 3 0
0 syz-executor.5
[20069] 0 20069 18178 8748 26 3 0
0 syz-executor.0
[20076] 0 20076 34629 9018 28 4 0
0 syz-executor.1
[20078] 0 20078 18211 8750 26 3 0
0 syz-executor.0
vfs_stat include/linux/fs.h:3085 [inline]
SYSC_newstat fs/stat.c:337 [inline]
SyS_newstat+0x96/0x110 fs/stat.c:333
[20080] 0 20080 18244 8994 26 4 0
0 syz-executor.3
[20194] 0 20194 18211 8976 26 4 0
0 syz-executor.1
[20261] 0 20261 18211 8973 26 4 0
0 syz-executor.2
[20328] 0 20328 18145 8746 26 3 0
0 syz-executor.0
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[20330] 0 20330 18211 8975 27 4 0
0 syz-executor.0
[20331] 0 20331 18178 8749 26 3 0
0 syz-executor.0
[20332] 0 20332 18178 8749 26 3 0
0 syz-executor.0
INFO: task udevd:26181 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D25600 26181 190 0x00000000
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[20358] 0 20358 18178 8989 26 4 0
0 syz-executor.3
[20410] 0 20410 18178 8971 26 4 0
0 syz-executor.2
[20435] 0 20435 18211 8976 26 4 0
0 syz-executor.1
[20506] 0 20506 18244 8978 26 4 0
0 syz-executor.2
[20510] 0 20510 18178 8750 26 3 0
0 syz-executor.5
[20513] 0 20513 18244 9003 27 4 0
0 syz-executor.5
[20515] 0 20515 18211 8752 26 3 0
0 syz-executor.5
[20522] 0 20522 18244 8752 26 3 0
0 syz-executor.5
[20602] 0 20602 18178 8999 26 4 0
0 syz-executor.3
[20608] 0 20608 18178 8999 26 4 0
0 syz-executor.3
[20616] 0 20616 18178 8974 26 4 0
0 syz-executor.4
[20632] 0 20632 18178 8748 25 3 0
0 syz-executor.1
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[20633] 0 20633 18178 8748 25 3 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
user_path_at include/linux/namei.h:57 [inline]
vfs_statx+0xe1/0x180 fs/stat.c:185
vfs_stat include/linux/fs.h:3085 [inline]
SYSC_newstat fs/stat.c:337 [inline]
SyS_newstat+0x96/0x110 fs/stat.c:333
[20635] 0 20635 18178 8748 25 3 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task udevd:26186 blocked for more than 140 seconds.
[20636] 0 20636 18211 8750 25 3 0
0 syz-executor.1
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[20720] 0 20720 18211 8975 26 4 0
0 syz-executor.1
udevd D28072 26186 190 0x00000000
[20738] 0 20738 18145 8994 27 4 0
0 syz-executor.5
Call Trace:
[20759] 0 20759 18211 8975 27 4 0
0 syz-executor.2
[20796] 0 20796 18178 8992 26 4 0
0 syz-executor.3
[21185] 0 21185 18178 8972 26 4 0
0 syz-executor.1
[21214] 0 21214 18178 8738 24 3 0
0 syz-executor.2
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[21217] 0 21217 18178 8747 25 3 0
0 syz-executor.2
[21272] 0 21272 18145 8987 26 4 0
0 syz-executor.3
[21302] 0 21302 18178 8975 28 4 0
0 syz-executor.0
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
[21341] 0 21341 18145 8971 26 4 0
0 syz-executor.1
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[21434] 0 21434 18145 8747 25 3 0
0 syz-executor.1
[21438] 0 21438 18211 8751 25 3 0
0 syz-executor.1
[21440] 0 21440 18211 8975 26 4 0
0 syz-executor.1
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[21520] 0 21520 18178 8749 25 3 0
0 syz-executor.4
[21545] 0 21545 18343 10518 30 4 0
0 syz-executor.2
[21560] 0 21560 18178 8972 26 4 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[21594] 0 21594 18211 8974 26 4 0
0 syz-executor.1
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[21611] 0 21611 18178 8972 26 4 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[21622] 0 21622 18145 8990 28 4 0
0 syz-executor.3
[21741] 0 21741 18178 8975 26 4 0
0 syz-executor.1
[21771] 0 21771 18145 8736 24 3 0
0 syz-executor.2
INFO: task udevd:26188 blocked for more than 140 seconds.
[21864] 0 21864 18244 8976 26 4 0
0 syz-executor.2
Not tainted 4.14.135+ #26
[21873] 0 21873 18145 8970 26 4 0
0 syz-executor.4
[21896] 0 21896 18145 8745 25 3 0
0 syz-executor.2
[21983] 0 21983 18145 8988 26 4 0
0 syz-executor.3
[21997] 0 21997 18178 8748 26 3 0
0 syz-executor.0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D26976 26188 190 0x00000000
Call Trace:
[21998] 0 21998 18244 8976 27 4 0
0 syz-executor.0
schedule+0x92/0x1c0 kernel/sched/core.c:3498
[21999] 0 21999 18178 8748 26 3 0
0 syz-executor.0
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
[22003] 0 22003 18244 8752 26 3 0
0 syz-executor.0
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[22005] 0 22005 18244 8752 26 3 0
0 syz-executor.0
[22144] 0 22144 18244 8976 27 4 0
0 syz-executor.0
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
d_revalidate fs/namei.c:799 [inline]
lookup_fast+0x927/0xea0 fs/namei.c:1658
[22146] 0 22146 18145 8747 25 3 0
0 syz-executor.4
walk_component+0xd3/0xbf0 fs/namei.c:1835
[22147] 0 22147 18211 8975 26 4 0
0 syz-executor.4
[22239] 0 22239 18277 8998 26 4 0
0 syz-executor.3
[22261] 0 22261 18277 8998 26 4 0
0 syz-executor.3
link_path_walk+0x84a/0x1110 fs/namei.c:2168
[22462] 0 22462 18145 8746 25 3 0
0 syz-executor.3
[22466] 0 22466 18244 9000 26 4 0
0 syz-executor.3
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[22467] 0 22467 18178 8748 25 3 0
0 syz-executor.3
[22470] 0 22470 18211 8750 25 3 0
0 syz-executor.3
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[22475] 0 22475 18244 8752 25 3 0
0 syz-executor.3
[22724] 0 22724 18178 11809 31 4 0
0 syz-executor.4
[22831] 0 22831 18145 8988 26 4 0
0 syz-executor.3
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.?}, at: [<00000000dd936af1>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
3 locks held by udevd/190:
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] dup_mmap
kernel/fork.c:609 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] dup_mm
kernel/fork.c:1211 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] copy_mm
kernel/fork.c:1266 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>]
copy_process.part.0+0x1fd6/0x68b0 kernel/fork.c:1789
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] dup_mmap
kernel/fork.c:610 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] dup_mm
kernel/fork.c:1211 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] copy_mm
kernel/fork.c:1266 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>]
copy_process.part.0+0x1ff2/0x68b0 kernel/fork.c:1789
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] dup_mmap
kernel/fork.c:619 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] dup_mm
kernel/fork.c:1211 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] copy_mm
kernel/fork.c:1266 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>]
copy_process.part.0+0x203a/0x68b0 kernel/fork.c:1789
1 lock held by rsyslogd/1630:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by cron/1673:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
2 locks held by getty/1759:
#0: (&tty->ldisc_sem){++++}, at: [<000000000aeb5305>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
#1: (&ldata->atomic_read_lock){+.+.}, at: [<0000000028fead91>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
1 lock held by syz-fuzzer/1781:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by syz-fuzzer/1791:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by udevd/3038:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25935:
#0: (
[22853] 0 22853 18177 8993 26 4 0
0 syz-executor.3
&mm->mmap_sem
[22868] 0 22868 18211 8975 26 4 0
0 syz-executor.1
){++++}, at: [<000000001951196b>] __do_page_fault+0x282/0xbb0
arch/x86/mm/fault.c:1352
1 lock held by udevd/25954:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25969:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25971:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
[23096] 0 23096 18178 13293 32 3 0
0 syz-executor.4
1 lock held by blkid/25975:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25977:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25981:
[23108] 0 23108 18178 11757 30 3 0
0 syz-executor.4
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25978:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25982:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25983:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25984:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26030:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26033:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26034:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26035:
[23131] 0 23131 18145 8747 25 3 0
0 syz-executor.1
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26036:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26037:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26038:
[23134] 0 23134 18211 8751 25 3 0
0 syz-executor.1
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26039:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26040:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26045:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26166:
#0: (kernfs_mutex){+.+.}, at: [<000000005664d0eb>]
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
1 lock held by blkid/26167:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26168:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26170:
[23170] 0 23170 18178 8972 26 4 0
0 syz-executor.4
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26171:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by blkid/26172:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26174:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26175:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
[23171] 0 23171 18178 8972 26 4 0
0 syz-executor.4
1 lock held by udevd/26176:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by udevd/26177:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26178:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26180:
#0: (kernfs_mutex){+.+.}, at: [<0000000052cdcda2>]
kernfs_iop_getattr+0x85/0xd0 fs/kernfs/inode.c:209
1 lock held by udevd/26181:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by blkid/26182:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by blkid/26184:
#0: (&mm->mmap_sem){++++}, at: [<00000000ba651771>]
setup_arg_pages+0x255/0x710 fs/exec.c:734
1 lock held by blkid/26185:
#0: (&mm->mmap_sem){++++}, at: [<00000000ba651771>]
setup_arg_pages+0x255/0x710 fs/exec.c:734
[23190] 0 23190 18211 8992 26 4 0
0 syz-executor.3
1 lock held by udevd/26186:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26188:
#0: (kernfs_mutex){+.+.}, at: [<000000005664d0eb>]
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
1 lock held by udevd/26189:
#0: (&sig->cred_guard_mutex){+.+.}, at: [<000000003fb3dd20>]
prepare_bprm_creds+0x51/0x110 fs/exec.c:1389
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.135+ #26
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xca/0x134 lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 26111 Comm: blkid Not tainted 4.14.135+ #26
task: 00000000ca107cfd task.stack: 0000000029bf46fc
RIP: 0010:__lock_acquire+0x5d2/0x4320 kernel/locking/lockdep.c:3448
RSP: 0000:ffff88814fc97330 EFLAGS: 00000002
RAX: 0000000000000001 RBX: 0000000000000002 RCX: 1ffff11034dfb114
RDX: 0000000000000008 RSI: ffff8881a6fd8880 RDI: ffff8881a6fd8000
RBP: ffff88814fc97500 R08: 0000000000000001 R09: 0000000000000002
R10: ffff8881a6fd8880 R11: 0000000000000236 R12: ffff8881a6fd88a2
R13: 0000000000040236 R14: ffff8881a6fd8000 R15: 0000000000000000
FS: 00007fad0042e740(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc4fea26000 CR3: 000000016e0a8004 CR4: 00000000001606a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
lock_acquire+0x12b/0x360 kernel/locking/lockdep.c:3991
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152
spin_lock include/linux/spinlock.h:317 [inline]
__list_lru_count_one mm/list_lru.c:167 [inline]
list_lru_count_one+0x7f/0x1d0 mm/list_lru.c:178
list_lru_shrink_count include/linux/list_lru.h:118 [inline]
super_cache_count+0x133/0x2b0 fs/super.c:143
do_shrink_slab mm/vmscan.c:329 [inline]
shrink_slab.part.0+0x255/0xae0 mm/vmscan.c:505
shrink_slab mm/vmscan.c:469 [inline]
shrink_node+0x895/0xc30 mm/vmscan.c:2671
shrink_zones mm/vmscan.c:2818 [inline]
do_try_to_free_pages+0x350/0xd80 mm/vmscan.c:2876
try_to_free_pages+0x27c/0x710 mm/vmscan.c:3082
__perform_reclaim mm/page_alloc.c:3602 [inline]
__alloc_pages_direct_reclaim mm/page_alloc.c:3624 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4011 [inline]
__alloc_pages_nodemask+0xaee/0x2370 mm/page_alloc.c:4220
__alloc_pages include/linux/gfp.h:461 [inline]
__alloc_pages_node include/linux/gfp.h:474 [inline]
alloc_pages_node include/linux/gfp.h:488 [inline]
alloc_zeroed_user_highpage_movable include/linux/highmem.h:184 [inline]
do_anonymous_page mm/memory.c:3133 [inline]
handle_pte_fault mm/memory.c:3987 [inline]
__handle_mm_fault+0x1116/0x2700 mm/memory.c:4113
handle_mm_fault+0x2f1/0x6da mm/memory.c:4150
__do_page_fault+0x477/0xbb0 arch/x86/mm/fault.c:1423
page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1120
RIP: 07ff:0xa6b320
RSP: ff552f10:0000000000a6aeb0 EFLAGS: 00000001
Code: c0 44 8b 4c 24 68 44 8b 5c 24 60 0f 84 e9 03 00 00 4c 89 d6 ba 08 00
00 00 4c 89 f7 44 89 5c 24 60 44 89 4c 24 68 4c 89 54 24 70 <e8> 29 e4 ff
ff 4c 8b 54 24 70 85 c0 44 8b 4c 24 68 44 8b 5c 24
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 2ea88150 Merge remote-tracking branch 'origin/upstream-f2f..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=16a90230600000
kernel config: https://syzkaller.appspot.com/x/.config?x=cfce353b92031d07
dashboard link: https://syzkaller.appspot.com/bug?extid=4f0307c3e7572274dc8d
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+4f0307...@syzkaller.appspotmail.com
[13490] 0 13490 18178 8971 26 4 0
0 syz-executor.4
[13731] 0 13731 18145 8747 25 3 0
0 syz-executor.2
[13736] 0 13736 18244 8753 25 3 0
0 syz-executor.2
INFO: task blkid:26166 blocked for more than 140 seconds.
[13831] 0 13831 18178 8976 26 4 0
0 syz-executor.1
Not tainted 4.14.135+ #26
[13927] 0 13927 18267 8980 27 4 0
0 syz-executor.1
[14004] 0 14004 18211 8974 27 4 0
0 syz-executor.0
[14043] 0 14043 18211 8975 26 4 0
0 syz-executor.1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D27752 26166 26151 0x00000000
Call Trace:
[14141] 0 14141 18178 8994 27 4 0
0 syz-executor.5
[14251] 0 14251 18178 8973 26 4 0
0 syz-executor.1
[14263] 0 14263 18145 8746 25 3 0
0 syz-executor.1
[14603] 0 14603 18178 8970 33 4 0
0 syz-executor.4
[14667] 0 14667 18277 8979 26 4 0
0 syz-executor.1
[14690] 0 14690 18145 8762 26 3 0
0 syz-executor.1
[14693] 0 14693 18195 8750 26 3 0
0 syz-executor.1
[14699] 0 14699 18261 8979 27 4 0
0 /selinux/status
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
d_revalidate fs/namei.c:799 [inline]
lookup_fast+0x927/0xea0 fs/namei.c:1658
walk_component+0xd3/0xbf0 fs/namei.c:1835
[14717] 0 14717 18244 8979 27 4 0
0 syz-executor.0
[14743] 0 14743 18244 8979 27 4 0
0 syz-executor.0
[15034] 0 15034 18244 8996 27 4 0
0 syz-executor.5
[15040] 0 15040 18244 8996 27 4 0
0 syz-executor.5
[15175] 0 15175 18145 8746 25 3 0
0 syz-executor.1
[15253] 0 15253 18211 8750 28 3 0
0 syz-executor.1
link_path_walk+0x84a/0x1110 fs/namei.c:2168
path_openat+0x178/0x2be0 fs/namei.c:3596
[15257] 0 15257 18211 8750 32 3 0
0 syz-executor.1
[15310] 0 15310 18178 8973 26 4 0
0 syz-executor.1
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1096
[15312] 0 15312 18178 8749 25 3 0
0 syz-executor.1
[15337] 0 15337 18211 8976 27 4 0
0 syz-executor.1
[15431] 0 15431 18244 8975 26 4 0
0 syz-executor.2
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task blkid:26167 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
[15515] 0 15515 18178 8970 26 4 0
0 syz-executor.4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D27776 26167 26154 0x00000000
Call Trace:
[15520] 0 15520 18178 8970 26 4 0
0 syz-executor.4
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[15771] 0 15771 18244 8996 27 4 0
0 syz-executor.5
[15774] 0 15774 18244 8996 27 4 0
0 syz-executor.5
[16051] 0 16051 18145 8968 26 4 0
0 syz-executor.4
[16062] 0 16062 18178 8750 25 3 0
0 syz-executor.1
[16079] 0 16079 18244 8754 25 3 0
0 syz-executor.1
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
[16126] 0 16126 18142 8747 25 3 0
0 syz-executor.1
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[16134] 0 16134 18175 8756 26 3 0
0 syz-executor.1
[16211] 0 16211 18244 9012 27 4 0
0 syz-executor.5
[16227] 0 16227 18211 8993 26 4 0
0 syz-executor.3
[16253] 0 16253 18211 8993 26 4 0
0 syz-executor.3
[16310] 0 16310 18145 8746 25 3 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[16316] 0 16316 18145 8968 26 4 0
0 syz-executor.4
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[16321] 0 16321 18178 8749 25 3 0
0 syz-executor.1
[16322] 0 16322 18178 8749 25 3 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[16325] 0 16325 18244 8977 26 4 0
0 syz-executor.1
[16326] 0 16326 18244 8753 25 3 0
0 syz-executor.1
[16345] 0 16345 18178 8793 26 3 0
0 syz-executor.2
INFO: task udevd:26177 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[16365] 0 16365 18211 9678 27 3 0
0 syz-executor.2
udevd D25696 26177 190 0x00000000
[16382] 0 16382 18145 8746 26 3 0
0 syz-executor.0
Call Trace:
[16388] 0 16388 18178 8751 26 3 0
0 syz-executor.0
[16399] 0 16399 18178 8972 26 4 0
0 syz-executor.1
[16426] 0 16426 18211 8974 26 4 0
0 syz-executor.1
[16435] 0 16435 18211 8995 26 4 0
0 syz-executor.3
[16480] 0 16480 18145 8989 26 4 0
0 syz-executor.3
[16622] 0 16622 18277 8980 27 4 0
0 syz-executor.4
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[16653] 0 16653 18145 8737 24 3 0
0 syz-executor.1
[16655] 0 16655 18145 8746 25 3 0
0 syz-executor.1
[16684] 0 16684 18244 8976 26 4 0
0 syz-executor.1
[16752] 0 16752 18178 8748 25 3 0
0 syz-executor.2
[16758] 0 16758 18211 8750 25 3 0
0 syz-executor.2
[16821] 0 16821 18145 8970 27 4 0
0 syz-executor.0
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
[17261] 0 17261 18178 8972 26 4 0
0 syz-executor.2
[17386] 0 17386 18145 8746 25 3 0
0 syz-executor.3
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[17434] 0 17434 18211 8974 27 4 0
0 syz-executor.0
[17829] 0 17829 18145 8747 25 3 0
0 syz-executor.4
[17843] 0 17843 18244 8754 26 3 0
0 syz-executor.4
[17934] 0 17934 18145 8746 25 3 0
0 syz-executor.4
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[17936] 0 17936 18211 8994 26 4 0
0 syz-executor.3
[17954] 0 17954 18178 8991 26 4 0
0 syz-executor.3
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[17977] 0 17977 18211 8975 27 4 0
0 syz-executor.1
[17995] 0 17995 18211 8975 27 4 0
0 syz-executor.1
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[18142] 0 18142 18178 8973 27 4 0
0 syz-executor.0
[18192] 0 18192 18145 8745 25 3 0
0 syz-executor.4
[18195] 0 18195 18211 8974 27 4 0
0 syz-executor.0
[18252] 0 18252 18343 8983 26 4 0
0 syz-executor.2
[18304] 0 18304 18211 8975 26 4 0
0 syz-executor.1
[18330] 0 18330 18244 8975 26 4 0
0 syz-executor.2
[18335] 0 18335 18178 8748 25 3 0
0 syz-executor.1
[18470] 0 18470 18145 8992 27 4 0
0 syz-executor.5
[18480] 0 18480 18178 8972 26 4 0
0 syz-executor.1
[18487] 0 18487 18178 8972 26 4 0
0 syz-executor.1
[18514] 0 18514 18178 13262 33 3 0
0 syz-executor.5
[18539] 0 18539 18209 13322 33 3 0
0 syz-executor.5
[18553] 0 18553 18376 8989 26 4 0
0 syz-executor.1
[18593] 0 18593 18178 8974 26 4 0
0 syz-executor.2
[18639] 0 18639 34662 9018 28 4 0
0 syz-executor.1
[18671] 0 18671 34662 9018 28 4 0
0 syz-executor.1
[18732] 0 18732 18178 8971 26 4 0
0 syz-executor.2
[18827] 0 18827 18178 8981 26 4 0
0 syz-executor.4
[18864] 0 18864 18310 8979 26 4 0
0 syz-executor.2
[18909] 0 18909 18178 8971 26 4 0
0 syz-executor.2
[18915] 0 18915 18244 8976 27 4 0
0 syz-executor.0
[18951] 0 18951 18244 8976 27 4 0
0 syz-executor.0
[19202] 0 19202 18178 8749 25 3 0
0 syz-executor.3
[19206] 0 19206 18211 8751 25 3 0
0 syz-executor.3
[19213] 0 19213 18178 8749 25 3 0
0 syz-executor.1
[19219] 0 19219 18211 8751 25 3 0
0 syz-executor.1
[19351] 0 19351 18145 8967 25 4 0
0 syz-executor.4
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[19418] 0 19418 18178 8970 27 4 0
0 syz-executor.0
[19528] 0 19528 18178 8990 26 4 0
0 syz-executor.3
INFO: task udevd:26178 blocked for more than 140 seconds.
[19609] 0 19609 18178 8971 26 4 0
0 syz-executor.2
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D26272 26178 190 0x00000000
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[19684] 0 19684 18244 8977 26 4 0
0 syz-executor.2
[19701] 0 19701 18244 8976 26 4 0
0 syz-executor.1
[19757] 0 19757 18211 8972 26 4 0
0 syz-executor.4
[19837] 0 19837 18211 8993 27 4 0
0 syz-executor.5
[19840] 0 19840 18178 8990 26 4 0
0 syz-executor.3
[19854] 0 19854 18178 8749 25 3 0
0 syz-executor.3
[19857] 0 19857 18244 8755 25 3 0
0 syz-executor.3
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[19895] 0 19895 18244 8974 27 4 0
0 syz-executor.4
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task udevd:26180 blocked for more than 140 seconds.
[19952] 0 19952 18145 8736 24 3 0
0 syz-executor.2
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D28296 26180 190 0x00000000
[19967] 0 19967 18178 8748 25 3 0
0 syz-executor.2
[20015] 0 20015 18178 9004 26 4 0
0 syz-executor.3
[20034] 0 20034 18244 9009 27 4 0
0 syz-executor.3
Call Trace:
[20041] 0 20041 34629 9018 28 4 0
0 syz-executor.1
[20048] 0 20048 18244 8994 26 4 0
0 syz-executor.3
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[20055] 0 20055 18145 8747 26 3 0
0 syz-executor.5
kernfs_iop_getattr+0x85/0xd0 fs/kernfs/inode.c:209
vfs_getattr_nosec+0x107/0x170 fs/stat.c:79
vfs_getattr+0x3f/0x60 fs/stat.c:116
vfs_statx+0x100/0x180 fs/stat.c:189
[20061] 0 20061 18178 8753 26 3 0
0 syz-executor.5
[20069] 0 20069 18178 8748 26 3 0
0 syz-executor.0
[20076] 0 20076 34629 9018 28 4 0
0 syz-executor.1
[20078] 0 20078 18211 8750 26 3 0
0 syz-executor.0
vfs_stat include/linux/fs.h:3085 [inline]
SYSC_newstat fs/stat.c:337 [inline]
SyS_newstat+0x96/0x110 fs/stat.c:333
[20080] 0 20080 18244 8994 26 4 0
0 syz-executor.3
[20194] 0 20194 18211 8976 26 4 0
0 syz-executor.1
[20261] 0 20261 18211 8973 26 4 0
0 syz-executor.2
[20328] 0 20328 18145 8746 26 3 0
0 syz-executor.0
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[20330] 0 20330 18211 8975 27 4 0
0 syz-executor.0
[20331] 0 20331 18178 8749 26 3 0
0 syz-executor.0
[20332] 0 20332 18178 8749 26 3 0
0 syz-executor.0
INFO: task udevd:26181 blocked for more than 140 seconds.
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D25600 26181 190 0x00000000
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[20358] 0 20358 18178 8989 26 4 0
0 syz-executor.3
[20410] 0 20410 18178 8971 26 4 0
0 syz-executor.2
[20435] 0 20435 18211 8976 26 4 0
0 syz-executor.1
[20506] 0 20506 18244 8978 26 4 0
0 syz-executor.2
[20510] 0 20510 18178 8750 26 3 0
0 syz-executor.5
[20513] 0 20513 18244 9003 27 4 0
0 syz-executor.5
[20515] 0 20515 18211 8752 26 3 0
0 syz-executor.5
[20522] 0 20522 18244 8752 26 3 0
0 syz-executor.5
[20602] 0 20602 18178 8999 26 4 0
0 syz-executor.3
[20608] 0 20608 18178 8999 26 4 0
0 syz-executor.3
[20616] 0 20616 18178 8974 26 4 0
0 syz-executor.4
[20632] 0 20632 18178 8748 25 3 0
0 syz-executor.1
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[20633] 0 20633 18178 8748 25 3 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
user_path_at include/linux/namei.h:57 [inline]
vfs_statx+0xe1/0x180 fs/stat.c:185
vfs_stat include/linux/fs.h:3085 [inline]
SYSC_newstat fs/stat.c:337 [inline]
SyS_newstat+0x96/0x110 fs/stat.c:333
[20635] 0 20635 18178 8748 25 3 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
INFO: task udevd:26186 blocked for more than 140 seconds.
[20636] 0 20636 18211 8750 25 3 0
0 syz-executor.1
Not tainted 4.14.135+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[20720] 0 20720 18211 8975 26 4 0
0 syz-executor.1
udevd D28072 26186 190 0x00000000
[20738] 0 20738 18145 8994 27 4 0
0 syz-executor.5
Call Trace:
[20759] 0 20759 18211 8975 27 4 0
0 syz-executor.2
[20796] 0 20796 18178 8992 26 4 0
0 syz-executor.3
[21185] 0 21185 18178 8972 26 4 0
0 syz-executor.1
[21214] 0 21214 18178 8738 24 3 0
0 syz-executor.2
schedule+0x92/0x1c0 kernel/sched/core.c:3498
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[21217] 0 21217 18178 8747 25 3 0
0 syz-executor.2
[21272] 0 21272 18145 8987 26 4 0
0 syz-executor.3
[21302] 0 21302 18178 8975 28 4 0
0 syz-executor.0
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
[21341] 0 21341 18145 8971 26 4 0
0 syz-executor.1
do_inode_permission fs/namei.c:386 [inline]
__inode_permission2+0x22c/0x2c0 fs/namei.c:428
inode_permission2+0x2d/0x100 fs/namei.c:485
may_lookup fs/namei.c:1731 [inline]
link_path_walk+0x8a6/0x1110 fs/namei.c:2111
[21434] 0 21434 18145 8747 25 3 0
0 syz-executor.1
[21438] 0 21438 18211 8751 25 3 0
0 syz-executor.1
[21440] 0 21440 18211 8975 26 4 0
0 syz-executor.1
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[21520] 0 21520 18178 8749 25 3 0
0 syz-executor.4
[21545] 0 21545 18343 10518 30 4 0
0 syz-executor.2
[21560] 0 21560 18178 8972 26 4 0
0 syz-executor.1
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[21594] 0 21594 18211 8974 26 4 0
0 syz-executor.1
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
[21611] 0 21611 18178 8972 26 4 0
0 syz-executor.1
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
[21622] 0 21622 18145 8990 28 4 0
0 syz-executor.3
[21741] 0 21741 18178 8975 26 4 0
0 syz-executor.1
[21771] 0 21771 18145 8736 24 3 0
0 syz-executor.2
INFO: task udevd:26188 blocked for more than 140 seconds.
[21864] 0 21864 18244 8976 26 4 0
0 syz-executor.2
Not tainted 4.14.135+ #26
[21873] 0 21873 18145 8970 26 4 0
0 syz-executor.4
[21896] 0 21896 18145 8745 25 3 0
0 syz-executor.2
[21983] 0 21983 18145 8988 26 4 0
0 syz-executor.3
[21997] 0 21997 18178 8748 26 3 0
0 syz-executor.0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D26976 26188 190 0x00000000
Call Trace:
[21998] 0 21998 18244 8976 27 4 0
0 syz-executor.0
schedule+0x92/0x1c0 kernel/sched/core.c:3498
[21999] 0 21999 18178 8748 26 3 0
0 syz-executor.0
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3556
[22003] 0 22003 18244 8752 26 3 0
0 syz-executor.0
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x595/0x13e0 kernel/locking/mutex.c:893
[22005] 0 22005 18244 8752 26 3 0
0 syz-executor.0
[22144] 0 22144 18244 8976 27 4 0
0 syz-executor.0
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
d_revalidate fs/namei.c:799 [inline]
lookup_fast+0x927/0xea0 fs/namei.c:1658
[22146] 0 22146 18145 8747 25 3 0
0 syz-executor.4
walk_component+0xd3/0xbf0 fs/namei.c:1835
[22147] 0 22147 18211 8975 26 4 0
0 syz-executor.4
[22239] 0 22239 18277 8998 26 4 0
0 syz-executor.3
[22261] 0 22261 18277 8998 26 4 0
0 syz-executor.3
link_path_walk+0x84a/0x1110 fs/namei.c:2168
[22462] 0 22462 18145 8746 25 3 0
0 syz-executor.3
[22466] 0 22466 18244 9000 26 4 0
0 syz-executor.3
path_lookupat.isra.0+0xde/0x7e0 fs/namei.c:2356
[22467] 0 22467 18178 8748 25 3 0
0 syz-executor.3
[22470] 0 22470 18211 8750 25 3 0
0 syz-executor.3
filename_lookup+0x1a1/0x3b0 fs/namei.c:2391
[22475] 0 22475 18244 8752 25 3 0
0 syz-executor.3
[22724] 0 22724 18178 11809 31 4 0
0 syz-executor.4
[22831] 0 22831 18145 8988 26 4 0
0 syz-executor.3
SYSC_readlinkat fs/stat.c:394 [inline]
SyS_readlinkat+0xbe/0x2b0 fs/stat.c:382
do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.?}, at: [<00000000dd936af1>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
3 locks held by udevd/190:
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] dup_mmap
kernel/fork.c:609 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] dup_mm
kernel/fork.c:1211 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>] copy_mm
kernel/fork.c:1266 [inline]
#0: (&dup_mmap_sem){.+.+}, at: [<00000000f4f5b6b9>]
copy_process.part.0+0x1fd6/0x68b0 kernel/fork.c:1789
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] dup_mmap
kernel/fork.c:610 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] dup_mm
kernel/fork.c:1211 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>] copy_mm
kernel/fork.c:1266 [inline]
#1: (&mm->mmap_sem){++++}, at: [<00000000d4266cac>]
copy_process.part.0+0x1ff2/0x68b0 kernel/fork.c:1789
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] dup_mmap
kernel/fork.c:619 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] dup_mm
kernel/fork.c:1211 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>] copy_mm
kernel/fork.c:1266 [inline]
#2: (&mm->mmap_sem/1){+.+.}, at: [<00000000b71f412f>]
copy_process.part.0+0x203a/0x68b0 kernel/fork.c:1789
1 lock held by rsyslogd/1630:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by cron/1673:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
2 locks held by getty/1759:
#0: (&tty->ldisc_sem){++++}, at: [<000000000aeb5305>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
#1: (&ldata->atomic_read_lock){+.+.}, at: [<0000000028fead91>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
1 lock held by syz-fuzzer/1781:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by syz-fuzzer/1791:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by udevd/3038:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25935:
#0: (
[22853] 0 22853 18177 8993 26 4 0
0 syz-executor.3
&mm->mmap_sem
[22868] 0 22868 18211 8975 26 4 0
0 syz-executor.1
){++++}, at: [<000000001951196b>] __do_page_fault+0x282/0xbb0
arch/x86/mm/fault.c:1352
1 lock held by udevd/25954:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25969:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25971:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
[23096] 0 23096 18178 13293 32 3 0
0 syz-executor.4
1 lock held by blkid/25975:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25977:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25981:
[23108] 0 23108 18178 11757 30 3 0
0 syz-executor.4
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25978:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25982:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/25983:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/25984:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26030:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26033:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26034:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26035:
[23131] 0 23131 18145 8747 25 3 0
0 syz-executor.1
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26036:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26037:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26038:
[23134] 0 23134 18211 8751 25 3 0
0 syz-executor.1
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26039:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26040:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26045:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26166:
#0: (kernfs_mutex){+.+.}, at: [<000000005664d0eb>]
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
1 lock held by blkid/26167:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26168:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by udevd/26170:
[23170] 0 23170 18178 8972 26 4 0
0 syz-executor.4
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26171:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by blkid/26172:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26174:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
1 lock held by blkid/26175:
#0: (&mm->mmap_sem){++++}, at: [<000000001951196b>]
__do_page_fault+0x282/0xbb0 arch/x86/mm/fault.c:1352
[23171] 0 23171 18178 8972 26 4 0
0 syz-executor.4
1 lock held by udevd/26176:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by udevd/26177:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26178:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26180:
#0: (kernfs_mutex){+.+.}, at: [<0000000052cdcda2>]
kernfs_iop_getattr+0x85/0xd0 fs/kernfs/inode.c:209
1 lock held by udevd/26181:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by blkid/26182:
#0: (&ei->i_mmap_sem){++++}, at: [<0000000045873517>]
ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6196
1 lock held by blkid/26184:
#0: (&mm->mmap_sem){++++}, at: [<00000000ba651771>]
setup_arg_pages+0x255/0x710 fs/exec.c:734
1 lock held by blkid/26185:
#0: (&mm->mmap_sem){++++}, at: [<00000000ba651771>]
setup_arg_pages+0x255/0x710 fs/exec.c:734
[23190] 0 23190 18211 8992 26 4 0
0 syz-executor.3
1 lock held by udevd/26186:
#0: (kernfs_mutex){+.+.}, at: [<000000005f445f4d>]
kernfs_iop_permission+0x4e/0x90 fs/kernfs/inode.c:301
1 lock held by udevd/26188:
#0: (kernfs_mutex){+.+.}, at: [<000000005664d0eb>]
kernfs_dop_revalidate+0x8d/0x370 fs/kernfs/dir.c:570
1 lock held by udevd/26189:
#0: (&sig->cred_guard_mutex){+.+.}, at: [<000000003fb3dd20>]
prepare_bprm_creds+0x51/0x110 fs/exec.c:1389
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.135+ #26
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xca/0x134 lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 26111 Comm: blkid Not tainted 4.14.135+ #26
task: 00000000ca107cfd task.stack: 0000000029bf46fc
RIP: 0010:__lock_acquire+0x5d2/0x4320 kernel/locking/lockdep.c:3448
RSP: 0000:ffff88814fc97330 EFLAGS: 00000002
RAX: 0000000000000001 RBX: 0000000000000002 RCX: 1ffff11034dfb114
RDX: 0000000000000008 RSI: ffff8881a6fd8880 RDI: ffff8881a6fd8000
RBP: ffff88814fc97500 R08: 0000000000000001 R09: 0000000000000002
R10: ffff8881a6fd8880 R11: 0000000000000236 R12: ffff8881a6fd88a2
R13: 0000000000040236 R14: ffff8881a6fd8000 R15: 0000000000000000
FS: 00007fad0042e740(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fc4fea26000 CR3: 000000016e0a8004 CR4: 00000000001606a0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
lock_acquire+0x12b/0x360 kernel/locking/lockdep.c:3991
__raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
_raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152
spin_lock include/linux/spinlock.h:317 [inline]
__list_lru_count_one mm/list_lru.c:167 [inline]
list_lru_count_one+0x7f/0x1d0 mm/list_lru.c:178
list_lru_shrink_count include/linux/list_lru.h:118 [inline]
super_cache_count+0x133/0x2b0 fs/super.c:143
do_shrink_slab mm/vmscan.c:329 [inline]
shrink_slab.part.0+0x255/0xae0 mm/vmscan.c:505
shrink_slab mm/vmscan.c:469 [inline]
shrink_node+0x895/0xc30 mm/vmscan.c:2671
shrink_zones mm/vmscan.c:2818 [inline]
do_try_to_free_pages+0x350/0xd80 mm/vmscan.c:2876
try_to_free_pages+0x27c/0x710 mm/vmscan.c:3082
__perform_reclaim mm/page_alloc.c:3602 [inline]
__alloc_pages_direct_reclaim mm/page_alloc.c:3624 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4011 [inline]
__alloc_pages_nodemask+0xaee/0x2370 mm/page_alloc.c:4220
__alloc_pages include/linux/gfp.h:461 [inline]
__alloc_pages_node include/linux/gfp.h:474 [inline]
alloc_pages_node include/linux/gfp.h:488 [inline]
alloc_zeroed_user_highpage_movable include/linux/highmem.h:184 [inline]
do_anonymous_page mm/memory.c:3133 [inline]
handle_pte_fault mm/memory.c:3987 [inline]
__handle_mm_fault+0x1116/0x2700 mm/memory.c:4113
handle_mm_fault+0x2f1/0x6da mm/memory.c:4150
__do_page_fault+0x477/0xbb0 arch/x86/mm/fault.c:1423
page_fault+0x42/0x50 arch/x86/entry/entry_64.S:1120
RIP: 07ff:0xa6b320
RSP: ff552f10:0000000000a6aeb0 EFLAGS: 00000001
Code: c0 44 8b 4c 24 68 44 8b 5c 24 60 0f 84 e9 03 00 00 4c 89 d6 ba 08 00
00 00 4c 89 f7 44 89 5c 24 60 44 89 4c 24 68 4c 89 54 24 70 <e8> 29 e4 ff
ff 4c 8b 54 24 70 85 c0 44 8b 4c 24 68 44 8b 5c 24
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Dec 1, 2019, 10:25:05 AM12/1/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages