[v5.15] INFO: task hung in do_truncate (2)
1 view
Skip to first unread message
syzbot
Aug 19, 2023, 4:01:10 AM8/19/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: f6f7927ac664 Linux 5.15.127
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15e0933da80000
kernel config: https://syzkaller.appspot.com/x/.config?x=55f355732ad067d7
dashboard link: https://syzkaller.appspot.com/bug?extid=25c76ba42ecfe2237012
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/ca3051001874/disk-f6f7927a.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fb0f8818e6e8/vmlinux-f6f7927a.xz
kernel image: https://storage.googleapis.com/syzbot-assets/05e287cf01c6/Image-f6f7927a.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+25c76b...@syzkaller.appspotmail.com
INFO: task syz-executor.0:4433 blocked for more than 143 seconds.
Not tainted 5.15.127-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0 state:D stack: 0 pid: 4433 ppid: 4005 flags:0x00000005
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5026 [inline]
__schedule+0xf10/0x1e38 kernel/sched/core.c:6372
schedule+0x11c/0x1c8 kernel/sched/core.c:6455
rwsem_down_write_slowpath+0xca8/0x1340 kernel/locking/rwsem.c:1157
__down_write_common kernel/locking/rwsem.c:1284 [inline]
__down_write kernel/locking/rwsem.c:1293 [inline]
down_write+0x25c/0x260 kernel/locking/rwsem.c:1542
inode_lock include/linux/fs.h:787 [inline]
do_truncate+0x1ac/0x28c fs/open.c:63
handle_truncate fs/namei.c:3195 [inline]
do_open fs/namei.c:3542 [inline]
path_openat+0x20e8/0x26f0 fs/namei.c:3672
do_filp_open+0x1a8/0x3b4 fs/namei.c:3699
do_sys_openat2+0x128/0x3d8 fs/open.c:1211
do_sys_open fs/open.c:1227 [inline]
__do_sys_openat fs/open.c:1243 [inline]
__se_sys_openat fs/open.c:1238 [inline]
__arm64_sys_openat+0x1f0/0x240 fs/open.c:1238
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffff800014ad1a20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:268
2 locks held by kworker/u4:2/148:
1 lock held by udevd/3586:
2 locks held by getty/3723:
#0: ffff0000d3ba3098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x40/0x50 drivers/tty/tty_ldsem.c:340
#1: ffff80001a2fe2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1204 drivers/tty/n_tty.c:2158
1 lock held by syz-executor.1/4037:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
2 locks held by syz-executor.0/4433:
#0: ffff0000c0d98460 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
#1: ffff0000df706380 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
#1: ffff0000df706380 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: do_truncate+0x1ac/0x28c fs/open.c:63
3 locks held by syz-executor.0/4434:
2 locks held by syz-executor.0/8037:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
#1: ffff0001b4817c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x438/0x66c kernel/sched/psi.c:891
4 locks held by syz-executor.4/8046:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
#1: ffff0001b4817c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x438/0x66c kernel/sched/psi.c:891
#2: ffff0000c2acbf98 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xb0/0xc2c kernel/sched/core.c:4026
#3: ffff800014ac7d98 (console_owner_lock){....}-{2:2}, at: console_lock_spinning_disable_and_check+0x28/0xc4 kernel/printk/printk.c:1827
=============================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: f6f7927ac664 Linux 5.15.127
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15e0933da80000
kernel config: https://syzkaller.appspot.com/x/.config?x=55f355732ad067d7
dashboard link: https://syzkaller.appspot.com/bug?extid=25c76ba42ecfe2237012
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/ca3051001874/disk-f6f7927a.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fb0f8818e6e8/vmlinux-f6f7927a.xz
kernel image: https://storage.googleapis.com/syzbot-assets/05e287cf01c6/Image-f6f7927a.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+25c76b...@syzkaller.appspotmail.com
INFO: task syz-executor.0:4433 blocked for more than 143 seconds.
Not tainted 5.15.127-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0 state:D stack: 0 pid: 4433 ppid: 4005 flags:0x00000005
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5026 [inline]
__schedule+0xf10/0x1e38 kernel/sched/core.c:6372
schedule+0x11c/0x1c8 kernel/sched/core.c:6455
rwsem_down_write_slowpath+0xca8/0x1340 kernel/locking/rwsem.c:1157
__down_write_common kernel/locking/rwsem.c:1284 [inline]
__down_write kernel/locking/rwsem.c:1293 [inline]
down_write+0x25c/0x260 kernel/locking/rwsem.c:1542
inode_lock include/linux/fs.h:787 [inline]
do_truncate+0x1ac/0x28c fs/open.c:63
handle_truncate fs/namei.c:3195 [inline]
do_open fs/namei.c:3542 [inline]
path_openat+0x20e8/0x26f0 fs/namei.c:3672
do_filp_open+0x1a8/0x3b4 fs/namei.c:3699
do_sys_openat2+0x128/0x3d8 fs/open.c:1211
do_sys_open fs/open.c:1227 [inline]
__do_sys_openat fs/open.c:1243 [inline]
__se_sys_openat fs/open.c:1238 [inline]
__arm64_sys_openat+0x1f0/0x240 fs/open.c:1238
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:596
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:614
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffff800014ad1a20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:268
2 locks held by kworker/u4:2/148:
1 lock held by udevd/3586:
2 locks held by getty/3723:
#0: ffff0000d3ba3098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x40/0x50 drivers/tty/tty_ldsem.c:340
#1: ffff80001a2fe2e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1204 drivers/tty/n_tty.c:2158
1 lock held by syz-executor.1/4037:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
2 locks held by syz-executor.0/4433:
#0: ffff0000c0d98460 (sb_writers#12){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:377
#1: ffff0000df706380 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: inode_lock include/linux/fs.h:787 [inline]
#1: ffff0000df706380 (&sb->s_type->i_mutex_key#20){+.+.}-{3:3}, at: do_truncate+0x1ac/0x28c fs/open.c:63
3 locks held by syz-executor.0/4434:
2 locks held by syz-executor.0/8037:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
#1: ffff0001b4817c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x438/0x66c kernel/sched/psi.c:891
4 locks held by syz-executor.4/8046:
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested kernel/sched/core.c:475 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock kernel/sched/sched.h:1326 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: rq_lock kernel/sched/sched.h:1621 [inline]
#0: ffff0001b4829d18 (&rq->__lock){-.-.}-{2:2}, at: __schedule+0x328/0x1e38 kernel/sched/core.c:6286
#1: ffff0001b4817c48 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x438/0x66c kernel/sched/psi.c:891
#2: ffff0000c2acbf98 (&p->pi_lock){-.-.}-{2:2}, at: try_to_wake_up+0xb0/0xc2c kernel/sched/core.c:4026
#3: ffff800014ac7d98 (console_owner_lock){....}-{2:2}, at: console_lock_spinning_disable_and_check+0x28/0xc4 kernel/printk/printk.c:1827
=============================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Nov 27, 2023, 3:00:14 AM11/27/23
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages