INFO: task hung in ext4_map_blocks
11 views
Skip to first unread message
syzbot
Apr 10, 2019, 12:14:09 PM4/10/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 80d7b065 Merge 4.14.97 into android-4.14
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=11e2b2df400000
kernel config: https://syzkaller.appspot.com/x/.config?x=64c69c1b60cc6d61
dashboard link: https://syzkaller.appspot.com/bug?extid=e394de1f87d35877a433
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+e394de...@syzkaller.appspotmail.com
INFO: task kworker/u4:4:1849 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:4 D26256 1849 2 0x80000000
Workqueue: writeback wb_workfn (flush-8:0)
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
ext4_map_blocks+0x728/0x1580 fs/ext4/inode.c:629
mpage_map_one_extent fs/ext4/inode.c:2462 [inline]
mpage_map_and_submit_extent fs/ext4/inode.c:2515 [inline]
ext4_writepages+0x166f/0x3030 fs/ext4/inode.c:2886
do_writepages+0xe5/0x280 mm/page-writeback.c:2348
__writeback_single_inode+0xd2/0x1040 fs/fs-writeback.c:1320
writeback_sb_inodes+0x4b7/0xd00 fs/fs-writeback.c:1584
__writeback_inodes_wb+0xbc/0x200 fs/fs-writeback.c:1653
wb_writeback+0x5f7/0xb70 fs/fs-writeback.c:1762
wb_check_old_data_flush fs/fs-writeback.c:1875 [inline]
wb_do_writeback fs/fs-writeback.c:1899 [inline]
wb_workfn+0x83d/0xdd0 fs/fs-writeback.c:1928
process_one_work+0x7c6/0x14e0 kernel/workqueue.c:2114
worker_thread+0x5d7/0x1080 kernel/workqueue.c:2248
kthread+0x310/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
INFO: task syz-executor5:5120 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D28768 5120 1841 0x00000004
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
inode_lock include/linux/fs.h:715 [inline]
do_truncate2+0x10c/0x1e0 fs/open.c:61
handle_truncate fs/namei.c:3039 [inline]
do_last fs/namei.c:3464 [inline]
path_openat+0x1208/0x2b70 fs/namei.c:3597
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1071
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
INFO: task syz-executor5:5122 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D28896 5122 1841 0x00000004
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
inode_lock include/linux/fs.h:715 [inline]
do_truncate2+0x10c/0x1e0 fs/open.c:61
handle_truncate fs/namei.c:3039 [inline]
do_last fs/namei.c:3464 [inline]
path_openat+0x1208/0x2b70 fs/namei.c:3597
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1071
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.+}, at: [<ffffffffa23fff4c>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
1 lock held by rsyslogd/1622:
#0: (&f->f_pos_lock){+.+.}, at: [<ffffffffa27b99c6>]
__fdget_pos+0xa6/0xc0 fs/file.c:768
2 locks held by getty/1750:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa2f37052>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa2f32477>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
5 locks held by kworker/u4:4/1849:
#0: ("writeback"){+.+.}, at: [<ffffffffa2327e25>]
process_one_work+0x6e5/0x14e0 kernel/workqueue.c:2085
#1: ((&(&wb->dwork)->work)){+.+.}, at: [<ffffffffa2327e5b>]
process_one_work+0x71b/0x14e0 kernel/workqueue.c:2089
#2: (&type->s_umount_key#34){++++}, at: [<ffffffffa275f37b>]
trylock_super+0x1b/0xe0 fs/super.c:402
#3: (&sbi->s_journal_flag_rwsem){.+.+}, at: [<ffffffffa264f555>]
do_writepages+0xe5/0x280 mm/page-writeback.c:2348
#4: (&ei->i_data_sem){++++}, at: [<ffffffffa293fff8>]
ext4_map_blocks+0x728/0x1580 fs/ext4/inode.c:629
2 locks held by syz-executor5/5120:
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>] sb_start_write
include/linux/fs.h:1545 [inline]
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>]
mnt_want_write+0x3a/0xb0 fs/namespace.c:387
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
do_truncate2+0x10c/0x1e0 fs/open.c:61
2 locks held by syz-executor5/5122:
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>] sb_start_write
include/linux/fs.h:1545 [inline]
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>]
mnt_want_write+0x3a/0xb0 fs/namespace.c:387
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
do_truncate2+0x10c/0x1e0 fs/open.c:61
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.97+ #1
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x10e lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffffa3a508a2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 80d7b065 Merge 4.14.97 into android-4.14
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=11e2b2df400000
kernel config: https://syzkaller.appspot.com/x/.config?x=64c69c1b60cc6d61
dashboard link: https://syzkaller.appspot.com/bug?extid=e394de1f87d35877a433
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+e394de...@syzkaller.appspotmail.com
INFO: task kworker/u4:4:1849 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:4 D26256 1849 2 0x80000000
Workqueue: writeback wb_workfn (flush-8:0)
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
ext4_map_blocks+0x728/0x1580 fs/ext4/inode.c:629
mpage_map_one_extent fs/ext4/inode.c:2462 [inline]
mpage_map_and_submit_extent fs/ext4/inode.c:2515 [inline]
ext4_writepages+0x166f/0x3030 fs/ext4/inode.c:2886
do_writepages+0xe5/0x280 mm/page-writeback.c:2348
__writeback_single_inode+0xd2/0x1040 fs/fs-writeback.c:1320
writeback_sb_inodes+0x4b7/0xd00 fs/fs-writeback.c:1584
__writeback_inodes_wb+0xbc/0x200 fs/fs-writeback.c:1653
wb_writeback+0x5f7/0xb70 fs/fs-writeback.c:1762
wb_check_old_data_flush fs/fs-writeback.c:1875 [inline]
wb_do_writeback fs/fs-writeback.c:1899 [inline]
wb_workfn+0x83d/0xdd0 fs/fs-writeback.c:1928
process_one_work+0x7c6/0x14e0 kernel/workqueue.c:2114
worker_thread+0x5d7/0x1080 kernel/workqueue.c:2248
kthread+0x310/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
INFO: task syz-executor5:5120 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D28768 5120 1841 0x00000004
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
inode_lock include/linux/fs.h:715 [inline]
do_truncate2+0x10c/0x1e0 fs/open.c:61
handle_truncate fs/namei.c:3039 [inline]
do_last fs/namei.c:3464 [inline]
path_openat+0x1208/0x2b70 fs/namei.c:3597
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1071
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
INFO: task syz-executor5:5122 blocked for more than 140 seconds.
Not tainted 4.14.97+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D28896 5122 1841 0x00000004
Call Trace:
schedule+0x92/0x1c0 kernel/sched/core.c:3490
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:565 [inline]
rwsem_down_write_failed+0x3b1/0x760 kernel/locking/rwsem-xadd.c:594
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:105
__down_write arch/x86/include/asm/rwsem.h:126 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:56
inode_lock include/linux/fs.h:715 [inline]
do_truncate2+0x10c/0x1e0 fs/open.c:61
handle_truncate fs/namei.c:3039 [inline]
do_last fs/namei.c:3464 [inline]
path_openat+0x1208/0x2b70 fs/namei.c:3597
do_filp_open+0x1a1/0x280 fs/namei.c:3631
do_sys_open+0x2ca/0x590 fs/open.c:1071
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.+}, at: [<ffffffffa23fff4c>]
debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4541
1 lock held by rsyslogd/1622:
#0: (&f->f_pos_lock){+.+.}, at: [<ffffffffa27b99c6>]
__fdget_pos+0xa6/0xc0 fs/file.c:768
2 locks held by getty/1750:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa2f37052>]
tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa2f32477>]
n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156
5 locks held by kworker/u4:4/1849:
#0: ("writeback"){+.+.}, at: [<ffffffffa2327e25>]
process_one_work+0x6e5/0x14e0 kernel/workqueue.c:2085
#1: ((&(&wb->dwork)->work)){+.+.}, at: [<ffffffffa2327e5b>]
process_one_work+0x71b/0x14e0 kernel/workqueue.c:2089
#2: (&type->s_umount_key#34){++++}, at: [<ffffffffa275f37b>]
trylock_super+0x1b/0xe0 fs/super.c:402
#3: (&sbi->s_journal_flag_rwsem){.+.+}, at: [<ffffffffa264f555>]
do_writepages+0xe5/0x280 mm/page-writeback.c:2348
#4: (&ei->i_data_sem){++++}, at: [<ffffffffa293fff8>]
ext4_map_blocks+0x728/0x1580 fs/ext4/inode.c:629
2 locks held by syz-executor5/5120:
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>] sb_start_write
include/linux/fs.h:1545 [inline]
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>]
mnt_want_write+0x3a/0xb0 fs/namespace.c:387
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
do_truncate2+0x10c/0x1e0 fs/open.c:61
2 locks held by syz-executor5/5122:
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>] sb_start_write
include/linux/fs.h:1545 [inline]
#0: (sb_writers#4){.+.+}, at: [<ffffffffa27c1b9a>]
mnt_want_write+0x3a/0xb0 fs/namespace.c:387
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
inode_lock include/linux/fs.h:715 [inline]
#1: (&sb->s_type->i_mutex_key#9){++++}, at: [<ffffffffa274d02c>]
do_truncate2+0x10c/0x1e0 fs/open.c:61
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.97+ #1
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x10e lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffffa3a508a2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 14, 2019, 4:51:24 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: b8bd066f kernel/sched: Fix up 4.9.135 merge
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=1205115b400000
kernel config: https://syzkaller.appspot.com/x/.config?x=3303f42e9d7e07c5
dashboard link: https://syzkaller.appspot.com/bug?extid=976f2bdea3f9cdcbc38b
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=17b7b005400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=168ee3ad400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
INFO: task kworker/u4:0:6 blocked for more than 140 seconds.
Not tainted 4.9.135+ #59
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/u4:0 D24840 6 2 0x80000000
Workqueue: writeback wb_workfn (flush-8:0)
ffff8801da678000 0000000000000000 ffff8801d4c60580 ffff8801da6b2f80
ffff8801db721018 ffff8801da687120 ffffffff827f3192 ffff8801da6870f8
ffffffff81206ab7 0000000000000000 00ff8801da6788a8 ffff8801db7218f0
Call Trace:
[<ffffffff827f46bf>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
[<ffffffff827fe47a>] __rwsem_down_write_failed_common
kernel/locking/rwsem-xadd.c:526 [inline]
[<ffffffff827fe47a>] rwsem_down_write_failed+0x39a/0x730
kernel/locking/rwsem-xadd.c:555
[<ffffffff81b69177>] call_rwsem_down_write_failed+0x17/0x30
arch/x86/lib/rwsem.S:105
[<ffffffff827fd2ac>] __down_write arch/x86/include/asm/rwsem.h:125 [inline]
[<ffffffff827fd2ac>] down_write+0x5c/0xa0 kernel/locking/rwsem.c:54
[<ffffffff816c8d63>] ext4_map_blocks+0x6d3/0x16d0 fs/ext4/inode.c:605
[<ffffffff816d5ee1>] mpage_map_one_extent fs/ext4/inode.c:2387 [inline]
[<ffffffff816d5ee1>] mpage_map_and_submit_extent fs/ext4/inode.c:2443
[inline]
[<ffffffff816d5ee1>] ext4_writepages+0x1551/0x2e00 fs/ext4/inode.c:2783
[<ffffffff81433c8f>] do_writepages+0xef/0x1d0 mm/page-writeback.c:2331
[<ffffffff8159eaa9>] __writeback_single_inode+0xd9/0x1020
fs/fs-writeback.c:1320
[<ffffffff8159fe9c>] writeback_sb_inodes+0x4ac/0xe70 fs/fs-writeback.c:1584
[<ffffffff815a095b>] __writeback_inodes_wb+0xfb/0x1e0
fs/fs-writeback.c:1653
[<ffffffff815a0f52>] wb_writeback+0x512/0xbd0 fs/fs-writeback.c:1762
[<ffffffff815a46cc>] wb_check_old_data_flush fs/fs-writeback.c:1877
[inline]
[<ffffffff815a46cc>] wb_do_writeback fs/fs-writeback.c:1901 [inline]
[<ffffffff815a46cc>] wb_workfn+0x8bc/0xe90 fs/fs-writeback.c:1930
[<ffffffff81130d61>] process_one_work+0x831/0x1530 kernel/workqueue.c:2092
[<ffffffff81131b36>] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226
[<ffffffff811428dd>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff828035dc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Showing all locks held in the system:
#0: ("writeback"){.+.+.+}, at: [<ffffffff81130c6c>]
process_one_work+0x73c/0x1530 kernel/workqueue.c:2085
#1: ((&(&wb->dwork)->work)){+.+.+.}, at: [<ffffffff81130ca4>]
process_one_work+0x774/0x1530 kernel/workqueue.c:2089
#2: (&type->s_umount_key#32){++++++}, at: [<ffffffff815149e0>]
trylock_super+0x20/0xf0 fs/super.c:393
#3: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [<ffffffff81433c8f>]
do_writepages+0xef/0x1d0 mm/page-writeback.c:2331
#4: (&ei->i_data_sem){++++..}, at: [<ffffffff816c8d63>]
ext4_map_blocks+0x6d3/0x16d0 fs/ext4/inode.c:605
2 locks held by khungtaskd/24:
#0: (rcu_read_lock){......}, at: [<ffffffff8131bb4c>]
check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
#0: (rcu_read_lock){......}, at: [<ffffffff8131bb4c>]
watchdog+0x11c/0xa20 kernel/hung_task.c:239
#1: (tasklist_lock){.+.+..}, at: [<ffffffff813fe314>]
debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
2 locks held by getty/2044:
#0: (&tty->ldisc_sem){++++++}, at: [<ffffffff828014e2>]
ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
#1: (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff81d2b032>]
n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
=============================================
NMI backtrace for cpu 1
ffff8801d9907d08 ffffffff81b36bf9 0000000000000000 0000000000000001
0000000000000001 0000000000000001 ffffffff81098330 ffff8801d9907d40
ffffffff81b41d09 0000000000000001 0000000000000000 0000000000000003
Call Trace:
[<ffffffff81b36bf9>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81b36bf9>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81b41d09>] nmi_cpu_backtrace.cold.0+0x48/0x87
lib/nmi_backtrace.c:99
[<ffffffff81b41c9c>] nmi_trigger_cpumask_backtrace+0x12c/0x151
lib/nmi_backtrace.c:60
[<ffffffff81098434>] arch_trigger_cpumask_backtrace+0x14/0x20
arch/x86/kernel/apic/hw_nmi.c:37
[<ffffffff8131c0dd>] trigger_all_cpu_backtrace include/linux/nmi.h:58
[inline]
[<ffffffff8131c0dd>] check_hung_task kernel/hung_task.c:125 [inline]
[<ffffffff8131c0dd>] check_hung_uninterruptible_tasks
kernel/hung_task.c:182 [inline]
[<ffffffff8131c0dd>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
[<ffffffff811428dd>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff828035dc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 2173 Comm: syz-executor526 Not tainted 4.9.135+ #59
NMI backtrace for cpu 0
task: ffff8801c4988000 task.stack: ffff8801ca198000
RIP: 0010:[<ffffffff8131b4ed>] c [<ffffffff8131b4ed>] get_current
arch/x86/include/asm/current.h:14 [inline]
RIP: 0010:[<ffffffff8131b4ed>] c [<ffffffff8131b4ed>]
__sanitizer_cov_trace_pc+0xd/0x50 kernel/kcov.c:99
RSP: 0018:ffff8801ca19f6a0 EFLAGS: 00000287
RAX: ffff8801c4988000 RBX: ffff8801d9964000 RCX: 1ffff1003b32c800
RDX: 0000000000000000 RSI: ffffffff81774036 RDI: ffff8801c4001844
RBP: ffff8801ca19f6a0 R08: ffff8801c4988970 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 000000002a0de2f0
R13: ffff8801ca19f8f8 R14: ffff8801c4001a20 R15: 0000000000008010
FS: 00000000019a5880(0000) GS:ffff8801db600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000247c308 CR3: 00000001ca684000 CR4: 00000000001606b0
Stack:
ffff8801ca19f760 c ffffffff817b9b37 c 0000000000000000 c 1ffff10039433edb c
ffff8801c4001836 c fffffff10719f708 c ffff8801c4001830 c 0000000041b58ab3 c
ffffffff82e42eaf c ffffffff817b9a70 c ffff8801c4001110 c ffff8801d9964000 c
Call Trace:
[<ffffffff817b9b37>] ext_depth fs/ext4/ext4_extents.h:189 [inline]
[<ffffffff817b9b37>] get_ext_path fs/ext4/move_extent.c:42 [inline]
[<ffffffff817b9b37>] mext_check_coverage.constprop.2+0xc7/0x400
fs/ext4/move_extent.c:106
[<ffffffff817bb6db>] move_extent_per_page fs/ext4/move_extent.c:333
[inline]
[<ffffffff817bb6db>] ext4_move_extents+0x17bb/0x2a50
fs/ext4/move_extent.c:681
[<ffffffff816ed76c>] ext4_ioctl+0x27fc/0x3620 fs/ext4/ioctl.c:594
[<ffffffff81546ddc>] vfs_ioctl fs/ioctl.c:43 [inline]
[<ffffffff81546ddc>] file_ioctl fs/ioctl.c:493 [inline]
[<ffffffff81546ddc>] do_vfs_ioctl+0x1ac/0x11a0 fs/ioctl.c:677
[<ffffffff81547e5f>] SYSC_ioctl fs/ioctl.c:694 [inline]
[<ffffffff81547e5f>] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:685
[<ffffffff810056ef>] do_syscall_64+0x19f/0x550 arch/x86/entry/common.c:285
[<ffffffff82803413>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Code: cff c4c c89 cff ce8 ce5 c7a c1d c00 ce9 c9e cfe cff cff
c4c c89 ce7 ce8 cd8 c7a c1d c00 ce9 c23 cfe cff cff c0f c1f
c00 c55 c48 c89 ce5 c65 c48 c8b c04 c25 c00 c7e c01 c00
c<65> c8b c15 c9c cc8 ccf c7e c81 ce2 c00 c01 c1f c00 c48
c8b c75 c08 c75 c2b c8b c90 c
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
https://goo.gl/tpsmEJ#testing-patches
syzbot
Sep 13, 2019, 4:17:05 PM9/13/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages