INFO: task hung in __blkdev_get
10 views
Skip to first unread message
syzbot
Apr 11, 2019, 9:17:12 AM4/11/19
to syzkaller...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 1ec8f1f0 Linux 4.14.111
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15bc0abf200000
kernel config: https://syzkaller.appspot.com/x/.config?x=fdadf290ea9fc6f9
dashboard link: https://syzkaller.appspot.com/bug?extid=0d4351f3b3165ccaee9e
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
INFO: task syz-executor.2:7182 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D25168 7182 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffce3cd1958 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac2e RCX: 0000000000412270
RDX: 00007ffce3cd19ea RSI: 0000000000000002 RDI: 00007ffce3cd19e0
RBP: 000000000000024f R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffce3cd1990 R14: 000000000002abcf R15: 00007ffce3cd19a0
INFO: task syz-executor.5:7183 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5 D24992 7183 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__lo_release drivers/block/loop.c:1644 [inline]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
__blkdev_put+0x436/0x7f0 fs/block_dev.c:1791
blkdev_put+0x88/0x510 fs/block_dev.c:1856
blkdev_close+0x8b/0xb0 fs/block_dev.c:1863
__fput+0x277/0x7a0 fs/file_table.c:210
____fput+0x16/0x20 fs/file_table.c:244
task_work_run+0x119/0x190 kernel/task_work.c:113
tracehook_notify_resume include/linux/tracehook.h:191 [inline]
exit_to_usermode_loop+0x1da/0x220 arch/x86/entry/common.c:163
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x4a9/0x630 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412090
RSP: 002b:00007ffc0cc71ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000412090
RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003
RBP: 00000000000002fb R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc0cc71d20 R14: 000000000002ab87 R15: 00007ffc0cc71d30
INFO: task syz-executor.4:7185 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4 D24920 7185 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffcb72492d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac86 RCX: 0000000000412270
RDX: 00007ffcb724936a RSI: 0000000000000002 RDI: 00007ffcb7249360
RBP: 00000000000002ad R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcb7249310 R14: 000000000002ab8c R15: 00007ffcb7249320
INFO: task syz-executor.0:7186 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D25168 7186 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007fff19deda78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac99 RCX: 0000000000412270
RDX: 00007fff19dedb0a RSI: 0000000000000002 RDI: 00007fff19dedb00
RBP: 00000000000002c9 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff19dedab0 R14: 000000000002ab83 R15: 00007fff19dedac0
INFO: task syz-executor.1:7187 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D24992 7187 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffe6d2e66a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002aebf RCX: 0000000000412270
RDX: 00007ffe6d2e673a RSI: 0000000000000002 RDI: 00007ffe6d2e6730
RBP: 000000000000019d R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe6d2e66e0 R14: 000000000002ab92 R15: 00007ffe6d2e66f0
INFO: task syz-executor.3:12707 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D28944 12707 7184 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:615
loop_set_status+0xc28/0x1200 drivers/block/loop.c:1184
loop_set_status64+0xa6/0xf0 drivers/block/loop.c:1302
lo_ioctl+0x5c1/0x1c70 drivers/block/loop.c:1432
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458167
RSP: 002b:00007f34b1eb39f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f34b1eb46d4 RCX: 0000000000458167
RDX: 00007f34b1eb3ab0 RSI: 0000000000004c04 RDI: 0000000000000006
RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000005
R13: 0000000000000005 R14: 0000000000000006 R15: 00000000ffffffff
INFO: task blkid:12706 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D28368 12706 7147 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f05f02d8120
RSP: 002b:00007fff5ebc0908 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05f02d8120
RDX: 00007fff5ebc1f34 RSI: 0000000000000000 RDI: 00007fff5ebc1f34
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001e7f030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:12712 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D28632 12712 7146 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0xab1/0x1120 fs/block_dev.c:1537
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7fc02fc62120
RSP: 002b:00007ffc573eaed8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc02fc62120
RDX: 00007ffc573ecf41 RSI: 0000000000000000 RDI: 00007ffc573ecf41
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001a5a030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:12713 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D29040 12713 7308 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f68d593a120
RSP: 002b:00007ffc2d563a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f68d593a120
RDX: 00007ffc2d565f34 RSI: 0000000000000000 RDI: 00007ffc2d565f34
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000011bf030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
Showing all locks held in the system:
1 lock held by khungtaskd/1009:
#0: (tasklist_lock){.+.+}, at: [<ffffffff81486028>]
debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4544
2 locks held by getty/7138:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7139:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7140:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7141:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7142:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7143:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7144:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.2/7182:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
3 locks held by syz-executor.5/7183:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a2bc6>]
__blkdev_put+0xa6/0x7f0 fs/block_dev.c:1778
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83735a2e>]
lo_release+0x1e/0x1b0 drivers/block/loop.c:1667
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff83735a94>] __lo_release
drivers/block/loop.c:1644 [inline]
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff83735a94>]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
2 locks held by syz-executor.4/7185:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.0/7186:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.1/7187:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.3/12707:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff83737707>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82ca511f>]
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
2 locks held by blkid/12706:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by blkid/12712:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
1 lock held by blkid/12713:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1009 Comm: khungtaskd Not tainted 4.14.111 #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:194 [inline]
watchdog+0x5d8/0xb80 kernel/hung_task.c:250
kthread+0x31c/0x430 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff861a94c2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 1ec8f1f0 Linux 4.14.111
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15bc0abf200000
kernel config: https://syzkaller.appspot.com/x/.config?x=fdadf290ea9fc6f9
dashboard link: https://syzkaller.appspot.com/bug?extid=0d4351f3b3165ccaee9e
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
INFO: task syz-executor.2:7182 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D25168 7182 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffce3cd1958 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac2e RCX: 0000000000412270
RDX: 00007ffce3cd19ea RSI: 0000000000000002 RDI: 00007ffce3cd19e0
RBP: 000000000000024f R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffce3cd1990 R14: 000000000002abcf R15: 00007ffce3cd19a0
INFO: task syz-executor.5:7183 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5 D24992 7183 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__lo_release drivers/block/loop.c:1644 [inline]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
__blkdev_put+0x436/0x7f0 fs/block_dev.c:1791
blkdev_put+0x88/0x510 fs/block_dev.c:1856
blkdev_close+0x8b/0xb0 fs/block_dev.c:1863
__fput+0x277/0x7a0 fs/file_table.c:210
____fput+0x16/0x20 fs/file_table.c:244
task_work_run+0x119/0x190 kernel/task_work.c:113
tracehook_notify_resume include/linux/tracehook.h:191 [inline]
exit_to_usermode_loop+0x1da/0x220 arch/x86/entry/common.c:163
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x4a9/0x630 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412090
RSP: 002b:00007ffc0cc71ce8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000412090
RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003
RBP: 00000000000002fb R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc0cc71d20 R14: 000000000002ab87 R15: 00007ffc0cc71d30
INFO: task syz-executor.4:7185 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4 D24920 7185 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffcb72492d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac86 RCX: 0000000000412270
RDX: 00007ffcb724936a RSI: 0000000000000002 RDI: 00007ffcb7249360
RBP: 00000000000002ad R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcb7249310 R14: 000000000002ab8c R15: 00007ffcb7249320
INFO: task syz-executor.0:7186 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D25168 7186 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007fff19deda78 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002ac99 RCX: 0000000000412270
RDX: 00007fff19dedb0a RSI: 0000000000000002 RDI: 00007fff19dedb00
RBP: 00000000000002c9 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff19dedab0 R14: 000000000002ab83 R15: 00007fff19dedac0
INFO: task syz-executor.1:7187 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D24992 7187 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412270
RSP: 002b:00007ffe6d2e66a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000000000002aebf RCX: 0000000000412270
RDX: 00007ffe6d2e673a RSI: 0000000000000002 RDI: 00007ffe6d2e6730
RBP: 000000000000019d R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffe6d2e66e0 R14: 000000000002ab92 R15: 00007ffe6d2e66f0
INFO: task syz-executor.3:12707 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D28944 12707 7184 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:615
loop_set_status+0xc28/0x1200 drivers/block/loop.c:1184
loop_set_status64+0xa6/0xf0 drivers/block/loop.c:1302
lo_ioctl+0x5c1/0x1c70 drivers/block/loop.c:1432
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458167
RSP: 002b:00007f34b1eb39f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007f34b1eb46d4 RCX: 0000000000458167
RDX: 00007f34b1eb3ab0 RSI: 0000000000004c04 RDI: 0000000000000006
RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000005
R13: 0000000000000005 R14: 0000000000000006 R15: 00000000ffffffff
INFO: task blkid:12706 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D28368 12706 7147 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f05f02d8120
RSP: 002b:00007fff5ebc0908 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f05f02d8120
RDX: 00007fff5ebc1f34 RSI: 0000000000000000 RDI: 00007fff5ebc1f34
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001e7f030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:12712 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D28632 12712 7146 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0xab1/0x1120 fs/block_dev.c:1537
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7fc02fc62120
RSP: 002b:00007ffc573eaed8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc02fc62120
RDX: 00007ffc573ecf41 RSI: 0000000000000000 RDI: 00007ffc573ecf41
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001a5a030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:12713 blocked for more than 140 seconds.
Not tainted 4.14.111 #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D29040 12713 7308 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f68d593a120
RSP: 002b:00007ffc2d563a88 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f68d593a120
RDX: 00007ffc2d565f34 RSI: 0000000000000000 RDI: 00007ffc2d565f34
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000011bf030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
Showing all locks held in the system:
1 lock held by khungtaskd/1009:
#0: (tasklist_lock){.+.+}, at: [<ffffffff81486028>]
debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4544
2 locks held by getty/7138:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7139:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7140:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7141:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7142:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7143:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7144:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861a89e3>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff83107006>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.2/7182:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
3 locks held by syz-executor.5/7183:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a2bc6>]
__blkdev_put+0xa6/0x7f0 fs/block_dev.c:1778
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83735a2e>]
lo_release+0x1e/0x1b0 drivers/block/loop.c:1667
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff83735a94>] __lo_release
drivers/block/loop.c:1644 [inline]
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff83735a94>]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
2 locks held by syz-executor.4/7185:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.0/7186:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.1/7187:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.3/12707:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff83737707>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82ca511f>]
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
2 locks held by blkid/12706:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by blkid/12712:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff83730e7d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
1 lock held by blkid/12713:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a3455>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1009 Comm: khungtaskd Not tainted 4.14.111 #1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:194 [inline]
watchdog+0x5d8/0xb80 kernel/hung_task.c:250
kthread+0x31c/0x430 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff861a94c2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 28, 2019, 11:52:06 PM4/28/19
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: fa5941f4 Linux 4.14.114
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15bc0a98a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d7780000df8e070e
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
INFO: task syz-executor.3:7103 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007fff3e914528 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87e2 RCX: 0000000000412d20
RDX: 00007fff3e9145ba RSI: 0000000000000002 RDI: 00007fff3e9145b0
RBP: 000000000000000d R08: 0000000000000000 R09: 000000000000000a
INFO: task syz-executor.2:7105 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffd1901c2e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ef RCX: 0000000000412d20
RDX: 00007ffd1901c37a RSI: 0000000000000002 RDI: 00007ffd1901c370
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
INFO: task syz-executor.0:7107 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
lo_ioctl+0x8d0/0x1c70 drivers/block/loop.c:1415
RSP: 002b:00007fff88b58378 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c17
INFO: task syz-executor.1:7109 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffefcf0da68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ed RCX: 0000000000412d20
RDX: 00007ffefcf0dafa RSI: 0000000000000002 RDI: 00007ffefcf0daf0
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
INFO: task syz-executor.5:7111 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffd96261898 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ef RCX: 0000000000412d20
RDX: 00007ffd9626192a RSI: 0000000000000002 RDI: 00007ffd96261920
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
INFO: task blkid:7257 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffefb16a298 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc4e4d072b0
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001ee6030
R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000005
INFO: task syz-executor.4:7260 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffc568ca328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9
RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000003
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000135a914
R13: 00000000004c2093 R14: 00000000004d4958 R15: 00000000ffffffff
INFO: task blkid:7264 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
RSP: 002b:00007ffcf255b308 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f996ce2a120
RDX: 00007ffcf255cf33 RSI: 0000000000000000 RDI: 00007ffcf255cf33
Not tainted 4.14.114 #4
RSP: 002b:00007ffc0ac5f4e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f677b6f2120
RDX: 00007ffc0ac60f40 RSI: 0000000000000000 RDI: 00007ffc0ac60f40
Not tainted 4.14.114 #4
RSP: 002b:00007ffef0a42998 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdaf06dc120
RDX: 00007ffef0a44f33 RSI: 0000000000000000 RDI: 00007ffef0a44f33
#0: (tasklist_lock){.+.+}, at: [<ffffffff81487148>]
debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4541
1 lock held by rsyslogd/6935:
#0: (&f->f_pos_lock){+.+.}, at: [<ffffffff81942e9b>]
__fdget_pos+0xab/0xd0 fs/file.c:769
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7059:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7064:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.3/7103:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
2 locks held by syz-executor.2/7105:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.0/7107:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff8373dc27>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82cab2af>]
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
2 locks held by syz-executor.1/7109:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.5/7111:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
3 locks held by blkid/7257:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a7b16>]
__blkdev_put+0xa6/0x7f0 fs/block_dev.c:1778
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373bf4e>]
lo_release+0x1e/0x1b0 drivers/block/loop.c:1667
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff8373bfb4>] __lo_release
drivers/block/loop.c:1644 [inline]
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff8373bfb4>]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
1 lock held by syz-executor.4/7260:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff8373dc27>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
2 locks held by blkid/7264:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by blkid/7267:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
1 lock held by blkid/7268:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
1 lock held by blkid/7270:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
1 lock held by blkid/7271:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1007 Comm: khungtaskd Not tainted 4.14.114 #4
watchdog+0x5e7/0xb90 kernel/hung_task.c:274
task: ffff8880a9790080 task.stack: ffff8880a00d8000
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:778
[inline]
RIP: 0010:lock_release+0x44b/0x940 kernel/locking/lockdep.c:4013
RSP: 0018:ffff8880a00dfc48 EFLAGS: 00000086
RAX: 1ffffffff0ee296d RBX: 1ffff1101401bf8f RCX: 1ffff110152f211e
RDX: dffffc0000000000 RSI: 0000000000000003 RDI: 0000000000000282
RBP: ffff8880a00dfce0 R08: ffff8880a9790080 R09: 0000000000000002
R10: 0000000000000000 R11: ffff8880a9790080 R12: ffff8880a9790080
R13: ffffffff8603a30d R14: 0000000000000003 R15: ffff8880a00dfcb8
FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000007984ec CR3: 0000000096ff9000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
rcu_lock_release include/linux/rcupdate.h:249 [inline]
rcu_read_unlock include/linux/rcupdate.h:687 [inline]
batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:420 [inline]
batadv_nc_worker+0x1d8/0x6d0 net/batman-adv/network-coding.c:726
process_one_work+0x868/0x1610 kernel/workqueue.c:2114
worker_thread+0x5d9/0x1050 kernel/workqueue.c:2248
00 00 48 83 3d 67 05 29 06 00 0f 84 c2 01 00 00 48 8b 7d 88 <57> 9d 0f 1f
44 00 00 48 b8 00 00 00 00 00 fc ff df 48 c7 04 03
HEAD commit: fa5941f4 Linux 4.14.114
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15bc0a98a00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d7780000df8e070e
dashboard link: https://syzkaller.appspot.com/bug?extid=0d4351f3b3165ccaee9e
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15a4bb90a00000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
INFO: task syz-executor.3:7103 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D24840 7103 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412d20
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007fff3e914528 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87e2 RCX: 0000000000412d20
RDX: 00007fff3e9145ba RSI: 0000000000000002 RDI: 00007fff3e9145b0
RBP: 000000000000000d R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff3e914560 R14: 00000000000f87d6 R15: 00007fff3e914570
INFO: task syz-executor.2:7105 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D24864 7105 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412d20
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffd1901c2e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ef RCX: 0000000000412d20
RDX: 00007ffd1901c37a RSI: 0000000000000002 RDI: 00007ffd1901c370
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd1901c320 R14: 00000000000f87ca R15: 00007ffd1901c330
INFO: task syz-executor.0:7107 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D24992 7107 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:615
loop_clr_fd+0x844/0xae0 drivers/block/loop.c:1069
loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:615
lo_ioctl+0x8d0/0x1c70 drivers/block/loop.c:1415
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458c17
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007fff88b58378 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458c17
RDX: 0000000000000000 RSI: 0000000000004c01 RDI: 0000000000000003
RBP: 0000000000000004 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fff88b583b0 R14: 00000000000f878e R15: 00007fff88b583c0
INFO: task syz-executor.1:7109 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D25152 7109 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412d20
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffefcf0da68 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ed RCX: 0000000000412d20
RDX: 00007ffefcf0dafa RSI: 0000000000000002 RDI: 00007ffefcf0daf0
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffefcf0daa0 R14: 00000000000f87d7 R15: 00007ffefcf0dab0
INFO: task syz-executor.5:7111 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5 D25168 7111 1 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x412d20
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffd96261898 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00000000000f87ef RCX: 0000000000412d20
RDX: 00007ffd9626192a RSI: 0000000000000002 RDI: 00007ffd96261920
RBP: 0000000000000005 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffd962618d0 R14: 00000000000f87d5 R15: 00007ffd962618e0
INFO: task blkid:7257 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D28512 7257 7216 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__lo_release drivers/block/loop.c:1644 [inline]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
__blkdev_put+0x436/0x7f0 fs/block_dev.c:1791
blkdev_put+0x88/0x510 fs/block_dev.c:1856
blkdev_close+0x8b/0xb0 fs/block_dev.c:1863
__fput+0x277/0x7a0 fs/file_table.c:210
____fput+0x16/0x20 fs/file_table.c:244
task_work_run+0x119/0x190 kernel/task_work.c:113
tracehook_notify_resume include/linux/tracehook.h:191 [inline]
exit_to_usermode_loop+0x1da/0x220 arch/x86/entry/common.c:163
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x4a9/0x630 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7fc4e4d072b0
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__lo_release drivers/block/loop.c:1644 [inline]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
__blkdev_put+0x436/0x7f0 fs/block_dev.c:1791
blkdev_put+0x88/0x510 fs/block_dev.c:1856
blkdev_close+0x8b/0xb0 fs/block_dev.c:1863
__fput+0x277/0x7a0 fs/file_table.c:210
____fput+0x16/0x20 fs/file_table.c:244
task_work_run+0x119/0x190 kernel/task_work.c:113
tracehook_notify_resume include/linux/tracehook.h:191 [inline]
exit_to_usermode_loop+0x1da/0x220 arch/x86/entry/common.c:163
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x4a9/0x630 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffefb16a298 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fc4e4d072b0
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000001ee6030
R13: 0000000000000000 R14: 0000000000000003 R15: 0000000000000005
INFO: task syz-executor.4:7260 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4 D28528 7260 7112 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458da9
blkdev_ioctl+0x983/0x1880 block/ioctl.c:594
block_ioctl+0xde/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffc568ca328 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000458da9
RDX: 0000000000000004 RSI: 0000000000004c00 RDI: 0000000000000003
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000135a914
R13: 00000000004c2093 R14: 00000000004d4958 R15: 00000000ffffffff
INFO: task blkid:7264 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D29040 7264 7219 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f996ce2a120
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0x2c9/0x1120 fs/block_dev.c:1472
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffcf255b308 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f996ce2a120
RDX: 00007ffcf255cf33 RSI: 0000000000000000 RDI: 00007ffcf255cf33
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000162e030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:7267 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D29040 7267 7065 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0xab1/0x1120 fs/block_dev.c:1537
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f677b6f2120
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
lo_open+0x1d/0xb0 drivers/block/loop.c:1624
__blkdev_get+0xab1/0x1120 fs/block_dev.c:1537
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffc0ac5f4e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f677b6f2120
RDX: 00007ffc0ac60f40 RSI: 0000000000000000 RDI: 00007ffc0ac60f40
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000007ff030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
INFO: task blkid:7268 blocked for more than 140 seconds.
Not tainted 4.14.114 #4
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
blkid D29040 7268 7066 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7be/0x1cf0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3485
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x73c/0x1470 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7fdaf06dc120
blkdev_get+0xa8/0x8e0 fs/block_dev.c:1612
blkdev_open+0x1d1/0x260 fs/block_dev.c:1770
do_dentry_open+0x73e/0xeb0 fs/open.c:758
vfs_open+0x105/0x230 fs/open.c:872
do_last fs/namei.c:3425 [inline]
path_openat+0x8bd/0x3f70 fs/namei.c:3566
do_filp_open+0x18e/0x250 fs/namei.c:3600
do_sys_open+0x2c5/0x430 fs/open.c:1065
SYSC_open fs/open.c:1083 [inline]
SyS_open+0x2d/0x40 fs/open.c:1078
do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RSP: 002b:00007ffef0a42998 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fdaf06dc120
RDX: 00007ffef0a44f33 RSI: 0000000000000000 RDI: 00007ffef0a44f33
RBP: 0000000000000000 R08: 0000000000000078 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000bf9030
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005
Showing all locks held in the system:
1 lock held by khungtaskd/1007:
Showing all locks held in the system:
#0: (tasklist_lock){.+.+}, at: [<ffffffff81487148>]
debug_show_all_locks+0x7f/0x21f kernel/locking/lockdep.c:4541
1 lock held by rsyslogd/6935:
#0: (&f->f_pos_lock){+.+.}, at: [<ffffffff81942e9b>]
__fdget_pos+0xab/0xd0 fs/file.c:769
2 locks held by getty/7058:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7059:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7060:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
2 locks held by getty/7060:
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7061:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
2 locks held by getty/7061:
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7062:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
2 locks held by getty/7062:
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7063:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
2 locks held by getty/7063:
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
2 locks held by getty/7064:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff861af743>]
ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:377
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8310d3c6>]
n_tty_read+0x1e6/0x17b0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.3/7103:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
2 locks held by syz-executor.2/7105:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.0/7107:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff8373dc27>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82cab2af>]
blkdev_reread_part+0x1f/0x40 block/ioctl.c:192
2 locks held by syz-executor.1/7109:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by syz-executor.5/7111:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
3 locks held by blkid/7257:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a7b16>]
__blkdev_put+0xa6/0x7f0 fs/block_dev.c:1778
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373bf4e>]
lo_release+0x1e/0x1b0 drivers/block/loop.c:1667
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff8373bfb4>] __lo_release
drivers/block/loop.c:1644 [inline]
#2: (loop_ctl_mutex#2){+.+.}, at: [<ffffffff8373bfb4>]
lo_release+0x84/0x1b0 drivers/block/loop.c:1668
1 lock held by syz-executor.4/7260:
#0: (loop_ctl_mutex/1){+.+.}, at: [<ffffffff8373dc27>]
lo_ioctl+0x87/0x1c70 drivers/block/loop.c:1405
2 locks held by blkid/7264:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
2 locks held by blkid/7267:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
#1: (loop_index_mutex){+.+.}, at: [<ffffffff8373739d>] lo_open+0x1d/0xb0
drivers/block/loop.c:1624
1 lock held by blkid/7268:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
1 lock held by blkid/7270:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
1 lock held by blkid/7271:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff819a83a5>]
__blkdev_get+0x145/0x1120 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1007 Comm: khungtaskd Not tainted 4.14.114 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
watchdog+0x5e7/0xb90 kernel/hung_task.c:274
kthread+0x31c/0x430 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 0 to CPUs 1:
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
NMI backtrace for cpu 1
CPU: 1 PID: 7131 Comm: kworker/u4:4 Not tainted 4.14.114 #4
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: bat_events batadv_nc_worker
Google 01/01/2011
task: ffff8880a9790080 task.stack: ffff8880a00d8000
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:778
[inline]
RIP: 0010:lock_release+0x44b/0x940 kernel/locking/lockdep.c:4013
RSP: 0018:ffff8880a00dfc48 EFLAGS: 00000086
RAX: 1ffffffff0ee296d RBX: 1ffff1101401bf8f RCX: 1ffff110152f211e
RDX: dffffc0000000000 RSI: 0000000000000003 RDI: 0000000000000282
RBP: ffff8880a00dfce0 R08: ffff8880a9790080 R09: 0000000000000002
R10: 0000000000000000 R11: ffff8880a9790080 R12: ffff8880a9790080
R13: ffffffff8603a30d R14: 0000000000000003 R15: ffff8880a00dfcb8
FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000007984ec CR3: 0000000096ff9000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
rcu_lock_release include/linux/rcupdate.h:249 [inline]
rcu_read_unlock include/linux/rcupdate.h:687 [inline]
batadv_nc_purge_orig_hash net/batman-adv/network-coding.c:420 [inline]
batadv_nc_worker+0x1d8/0x6d0 net/batman-adv/network-coding.c:726
process_one_work+0x868/0x1610 kernel/workqueue.c:2114
worker_thread+0x5d9/0x1050 kernel/workqueue.c:2248
kthread+0x31c/0x430 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Code: c7 84 24 7c 08 00 00 00 00 00 00 48 c1 e8 03 80 3c 10 00 0f 85 39 03
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
00 00 48 83 3d 67 05 29 06 00 0f 84 c2 01 00 00 48 8b 7d 88 <57> 9d 0f 1f
44 00 00 48 b8 00 00 00 00 00 fc ff df 48 c7 04 03
syzbot
Jul 4, 2020, 7:03:21 AM7/4/20
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: b850307b Linux 4.14.184
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15ae8aa7100000
kernel config: https://syzkaller.appspot.com/x/.config?x=ddc0f08dd6b981c5
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=135442d5100000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
INFO: task systemd-udevd:6724 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f8bf3428840
RSP: 002b:00007ffed30aee48 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00005651490f92f0 RCX: 00007f8bf3428840
RDX: 000056514811efe3 RSI: 00000000000a0800 RDI: 00005651490ff990
RBP: 00007ffed30aefc0 R08: 000056514811e670 R09: 0000000000000010
R10: 000056514811ed0c R11: 0000000000000246 R12: 00007ffed30aef10
R13: 00005651490f5d10 R14: 0000000000000003 R15: 000000000000000e
INFO: task syz-executor562:7879 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x91d/0x17c0 block/ioctl.c:594
ioctl_by_bdev+0xa0/0x110 fs/block_dev.c:2066
isofs_get_last_session fs/isofs/inode.c:571 [inline]
isofs_fill_super+0x1cb5/0x25b0 fs/isofs/inode.c:670
mount_bdev+0x2b3/0x360 fs/super.c:1134
mount_fs+0x92/0x2a0 fs/super.c:1237
vfs_kern_mount.part.0+0x5b/0x3c0 fs/namespace.c:1046
vfs_kern_mount fs/namespace.c:1036 [inline]
do_new_mount fs/namespace.c:2549 [inline]
do_mount+0x3c9/0x25e0 fs/namespace.c:2879
SYSC_mount fs/namespace.c:3095 [inline]
SyS_mount+0xa8/0x120 fs/namespace.c:3072
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x4485ea
RSP: 002b:00007ffd5afd7b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00000000018a4914 RCX: 00000000004485ea
RDX: 00007ffd5afd7bd0 RSI: 0000000020000140 RDI: 00007ffd5afd7bf0
RBP: 00000000000ad066 R08: 00007ffd5afd7c30 R09: 00000000000ad066
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000004 R15: 0000000000000000
INFO: task syz-executor562:7881 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
__rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
rwsem_down_read_failed+0x1fc/0x380 kernel/locking/rwsem-xadd.c:309
call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
__down_read arch/x86/include/asm/rwsem.h:66 [inline]
down_read+0x45/0xa0 kernel/locking/rwsem.c:26
__get_super.part.0+0x1c6/0x280 fs/super.c:678
__get_super include/linux/spinlock.h:317 [inline]
get_super+0x2b/0x50 fs/super.c:707
fsync_bdev+0x14/0xd0 fs/block_dev.c:495
invalidate_partition+0x31/0x60 block/genhd.c:1506
drop_partitions block/partition-generic.c:442 [inline]
rescan_partitions+0xe1/0x860 block/partition-generic.c:515
__blkdev_reread_part+0x140/0x1d0 block/ioctl.c:173
blkdev_reread_part+0x23/0x40 block/ioctl.c:193
loop_reread_partitions+0x72/0x80 drivers/block/loop.c:624
loop_set_status+0xbfd/0x11f0 drivers/block/loop.c:1193
loop_set_status_old+0x1f5/0x2c0 drivers/block/loop.c:1301
lo_ioctl+0x9a9/0x1c00 drivers/block/loop.c:1431
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x91d/0x17c0 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1881
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x445c69
RSP: 002b:00007ffd5afd7d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445c69
RDX: 0000000020000540 RSI: 0000000000004c02 RDI: 0000000000000003
RBP: 00000000000ad0b7 R08: 00000000000ad0b7 R09: 0000000000402e30
R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7886 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad0e5 R08: 000000000000000f R09: 00000000000ad0e5
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7887 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad130 R08: 000000000000000f R09: 00000000000ad130
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7891 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad14e R08: 000000000000000f R09: 00000000000ad14e
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7902 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad192 R08: 000000000000000f R09: 00000000000ad192
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
Showing all locks held in the system:
1 lock held by khungtaskd/1057:
#0: (tasklist_lock){.+.+}, at: [<ffffffff8146c8d0>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
1 lock held by systemd-udevd/6724:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
2 locks held by syz-executor562/7879:
#0: (&type->s_umount_key#56/1){+.+.}, at: [<ffffffff818c1cf6>] alloc_super fs/super.c:251 [inline]
#0: (&type->s_umount_key#56/1){+.+.}, at: [<ffffffff818c1cf6>] sget_userns+0x556/0xc30 fs/super.c:516
#1: (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839db197>] lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
3 locks held by syz-executor562/7881:
#0: (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839db197>] lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82f040fb>] blkdev_reread_part+0x1b/0x40 block/ioctl.c:192
#2: (&type->s_umount_key#57){.+.+}, at: [<ffffffff818c2f96>] __get_super.part.0+0x1c6/0x280 fs/super.c:678
1 lock held by syz-executor562/7886:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7887:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7891:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7902:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1057 Comm: khungtaskd Not tainted 4.14.184-syzkaller #0
nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x13a/0x17f lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
watchdog+0x5e2/0xb80 kernel/hung_task.c:274
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
HEAD commit: b850307b Linux 4.14.184
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15ae8aa7100000
kernel config: https://syzkaller.appspot.com/x/.config?x=ddc0f08dd6b981c5
dashboard link: https://syzkaller.appspot.com/bug?extid=0d4351f3b3165ccaee9e
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10a68c6b100000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=135442d5100000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+0d4351...@syzkaller.appspotmail.com
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
ISOFS: Unable to identify CD-ROM format.
INFO: task systemd-udevd:6724 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
systemd-udevd D28256 6724 3641 0x00000100
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x7f8bf3428840
RSP: 002b:00007ffed30aee48 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00005651490f92f0 RCX: 00007f8bf3428840
RDX: 000056514811efe3 RSI: 00000000000a0800 RDI: 00005651490ff990
RBP: 00007ffed30aefc0 R08: 000056514811e670 R09: 0000000000000010
R10: 000056514811ed0c R11: 0000000000000246 R12: 00007ffed30aef10
R13: 00005651490f5d10 R14: 0000000000000003 R15: 000000000000000e
INFO: task syz-executor562:7879 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28928 7879 6341 0x80000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x91d/0x17c0 block/ioctl.c:594
ioctl_by_bdev+0xa0/0x110 fs/block_dev.c:2066
isofs_get_last_session fs/isofs/inode.c:571 [inline]
isofs_fill_super+0x1cb5/0x25b0 fs/isofs/inode.c:670
mount_bdev+0x2b3/0x360 fs/super.c:1134
mount_fs+0x92/0x2a0 fs/super.c:1237
vfs_kern_mount.part.0+0x5b/0x3c0 fs/namespace.c:1046
vfs_kern_mount fs/namespace.c:1036 [inline]
do_new_mount fs/namespace.c:2549 [inline]
do_mount+0x3c9/0x25e0 fs/namespace.c:2879
SYSC_mount fs/namespace.c:3095 [inline]
SyS_mount+0xa8/0x120 fs/namespace.c:3072
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x4485ea
RSP: 002b:00007ffd5afd7b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00000000018a4914 RCX: 00000000004485ea
RDX: 00007ffd5afd7bd0 RSI: 0000000020000140 RDI: 00007ffd5afd7bf0
RBP: 00000000000ad066 R08: 00007ffd5afd7c30 R09: 00000000000ad066
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000004 R15: 0000000000000000
INFO: task syz-executor562:7881 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28848 7881 6346 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
__rwsem_down_read_failed_common kernel/locking/rwsem-xadd.c:292 [inline]
rwsem_down_read_failed+0x1fc/0x380 kernel/locking/rwsem-xadd.c:309
call_rwsem_down_read_failed+0x14/0x30 arch/x86/lib/rwsem.S:94
__down_read arch/x86/include/asm/rwsem.h:66 [inline]
down_read+0x45/0xa0 kernel/locking/rwsem.c:26
__get_super.part.0+0x1c6/0x280 fs/super.c:678
__get_super include/linux/spinlock.h:317 [inline]
get_super+0x2b/0x50 fs/super.c:707
fsync_bdev+0x14/0xd0 fs/block_dev.c:495
invalidate_partition+0x31/0x60 block/genhd.c:1506
drop_partitions block/partition-generic.c:442 [inline]
rescan_partitions+0xe1/0x860 block/partition-generic.c:515
__blkdev_reread_part+0x140/0x1d0 block/ioctl.c:173
blkdev_reread_part+0x23/0x40 block/ioctl.c:193
loop_reread_partitions+0x72/0x80 drivers/block/loop.c:624
loop_set_status+0xbfd/0x11f0 drivers/block/loop.c:1193
loop_set_status_old+0x1f5/0x2c0 drivers/block/loop.c:1301
lo_ioctl+0x9a9/0x1c00 drivers/block/loop.c:1431
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x91d/0x17c0 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1881
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xfe0 fs/ioctl.c:684
file_ioctl fs/ioctl.c:500 [inline]
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x445c69
RSP: 002b:00007ffd5afd7d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445c69
RDX: 0000000020000540 RSI: 0000000000004c02 RDI: 0000000000000003
RBP: 00000000000ad0b7 R08: 00000000000ad0b7 R09: 0000000000402e30
R10: 000000000000000f R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7886 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28928 7886 6343 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad0e5 R08: 000000000000000f R09: 00000000000ad0e5
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7887 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28928 7887 6344 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad130 R08: 000000000000000f R09: 00000000000ad130
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7891 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28928 7891 6342 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad14e R08: 000000000000000f R09: 00000000000ad14e
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor562:7902 blocked for more than 140 seconds.
Not tainted 4.14.184-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor562 D28928 7902 6345 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x8a6/0x1d70 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x5f0/0x1430 kernel/locking/mutex.c:893
__blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
blkdev_get+0x84/0x8a0 fs/block_dev.c:1612
blkdev_open+0x1cc/0x250 fs/block_dev.c:1770
do_dentry_open+0x44b/0xec0 fs/open.c:777
vfs_open+0x105/0x220 fs/open.c:888
do_last fs/namei.c:3428 [inline]
path_openat+0xb68/0x2aa0 fs/namei.c:3569
do_filp_open+0x18e/0x250 fs/namei.c:3603
do_sys_open+0x292/0x3e0 fs/open.c:1081
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x401aa0
RSP: 002b:00007ffd5afd7928 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000401aa0
RDX: 0000000000000000 RSI: 00000000000a0141 RDI: 00007ffd5afd7940
RBP: 00000000000ad192 R08: 000000000000000f R09: 00000000000ad192
R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000402da0
R13: 0000000000402e30 R14: 0000000000000000 R15: 0000000000000000
Showing all locks held in the system:
#0: (tasklist_lock){.+.+}, at: [<ffffffff8146c8d0>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
1 lock held by systemd-udevd/6724:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
2 locks held by syz-executor562/7879:
#0: (&type->s_umount_key#56/1){+.+.}, at: [<ffffffff818c1cf6>] alloc_super fs/super.c:251 [inline]
#0: (&type->s_umount_key#56/1){+.+.}, at: [<ffffffff818c1cf6>] sget_userns+0x556/0xc30 fs/super.c:516
#1: (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839db197>] lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
3 locks held by syz-executor562/7881:
#0: (&lo->lo_ctl_mutex/1){+.+.}, at: [<ffffffff839db197>] lo_ioctl+0x87/0x1c00 drivers/block/loop.c:1414
#1: (&bdev->bd_mutex){+.+.}, at: [<ffffffff82f040fb>] blkdev_reread_part+0x1b/0x40 block/ioctl.c:192
#2: (&type->s_umount_key#57){.+.+}, at: [<ffffffff818c2f96>] __get_super.part.0+0x1c6/0x280 fs/super.c:678
1 lock held by syz-executor562/7886:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7887:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7891:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
1 lock held by syz-executor562/7902:
#0: (&bdev->bd_mutex){+.+.}, at: [<ffffffff81981122>] __blkdev_get+0x192/0x10c0 fs/block_dev.c:1457
=============================================
NMI backtrace for cpu 1
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x283 lib/dump_stack.c:58
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x13a/0x17f lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
watchdog+0x5e2/0xb80 kernel/hung_task.c:274
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff863e461e
Reply all
Reply to author
Forward
0 new messages