INFO: task hung in nbd_add_socket
10 views
Skip to first unread message
syzbot
Mar 8, 2021, 2:04:15 PM3/8/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 1d177c08 Linux 4.14.224
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17ba72c6d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d474f9d9298a6d6a
dashboard link: https://syzkaller.appspot.com/bug?extid=19942674ad2a8b4d40bf
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+199426...@syzkaller.appspotmail.com
INFO: task syz-executor.0:14597 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D29408 14597 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
blk_mq_freeze_queue_wait+0xf8/0x1f0 block/blk-mq.c:154
nbd_add_socket+0x158/0x7e0 drivers/block/nbd.c:959
__nbd_ioctl drivers/block/nbd.c:1307 [inline]
nbd_ioctl+0x394/0xa80 drivers/block/nbd.c:1374
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bdaa188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffd50b9322f R14: 00007fd60bdaa300 R15: 0000000000022000
INFO: task syz-executor.0:14610 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14610 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd89188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008
R13: 00007ffd50b9322f R14: 00007fd60bd89300 R15: 0000000000022000
INFO: task syz-executor.0:14616 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D29824 14616 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd68188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c0b0 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000005
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0b0
R13: 00007ffd50b9322f R14: 00007fd60bd68300 R15: 0000000000022000
INFO: task syz-executor.0:14622 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14622 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd47188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c158 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000005
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c158
R13: 00007ffd50b9322f R14: 00007fd60bd47300 R15: 0000000000022000
INFO: task syz-executor.0:14630 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14630 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd26188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c200 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c200
R13: 00007ffd50b9322f R14: 00007fd60bd26300 R15: 0000000000022000
INFO: task syz-executor.0:14635 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D27896 14635 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c2a8 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c2a8
R13: 00007ffd50b9322f R14: 00007fd60bd05300 R15: 0000000000022000
Showing all locks held in the system:
1 lock held by khungtaskd/1531:
#0: (tasklist_lock){.+.+}, at: [<ffffffff86ff2967>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
2 locks held by agetty/7915:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff83536f82>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8352c303>] n_tty_read+0x1e3/0x1680 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.0/14597:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14610:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14616:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14622:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14630:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14635:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1531 Comm: khungtaskd Not tainted 4.14.224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x281 lib/dump_stack.c:58
nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x13a/0x180 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
watchdog+0x5b9/0xb40 kernel/hung_task.c:274
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 14519 Comm: syz-executor.1 Not tainted 4.14.224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880968e6640 task.stack: ffff88808eb00000
RIP: 0010:__lock_acquire+0x4b1/0x3f20 kernel/locking/lockdep.c:3446
RSP: 0000:ffff88808eb07a10 EFLAGS: 00000006
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffff11012d1cddd RSI: 0000000000000000 RDI: ffff8880968e6eec
RBP: 0000000000000000 R08: 0000000000000001 R09: 00000000000c008d
R10: ffff8880968e6ec8 R11: ffff8880968e6640 R12: ffff8880968e6ee0
R13: 000000000000008d R14: 000000000000008d R15: ffffffff8beb5d40
FS: 00007f1e54bb1700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc12ad50ff CR3: 00000000a5754000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160
force_sig_info+0x51/0x410 kernel/signal.c:1243
force_sig_info_fault.constprop.0+0x185/0x260 arch/x86/mm/fault.c:225
__bad_area_nosemaphore+0x1d6/0x2c0 arch/x86/mm/fault.c:940
__bad_area arch/x86/mm/fault.c:974 [inline]
bad_area_access_error+0x219/0x3e0 arch/x86/mm/fault.c:1013
__do_page_fault+0x4da/0xad0 arch/x86/mm/fault.c:1422
page_fault+0x45/0x50 arch/x86/entry/entry_64.S:1123
RIP: 12ad50ff:0x7f1e54bb1300
RSP: 56bf68:000000000056bf60 EFLAGS: 0056bf6c
Code: c5 41 8b 42 20 41 09 e9 8b ac 24 c8 01 00 00 25 ff 1f 00 00 c1 e5 14 41 09 e9 41 09 c1 48 b8 00 00 00 00 00 fc ff df 45 89 4a 20 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 1d177c08 Linux 4.14.224
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17ba72c6d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d474f9d9298a6d6a
dashboard link: https://syzkaller.appspot.com/bug?extid=19942674ad2a8b4d40bf
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+199426...@syzkaller.appspotmail.com
INFO: task syz-executor.0:14597 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D29408 14597 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
blk_mq_freeze_queue_wait+0xf8/0x1f0 block/blk-mq.c:154
nbd_add_socket+0x158/0x7e0 drivers/block/nbd.c:959
__nbd_ioctl drivers/block/nbd.c:1307 [inline]
nbd_ioctl+0x394/0xa80 drivers/block/nbd.c:1374
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bdaa188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffd50b9322f R14: 00007fd60bdaa300 R15: 0000000000022000
INFO: task syz-executor.0:14610 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14610 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd89188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008
R13: 00007ffd50b9322f R14: 00007fd60bd89300 R15: 0000000000022000
INFO: task syz-executor.0:14616 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D29824 14616 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd68188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c0b0 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000005
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0b0
R13: 00007ffd50b9322f R14: 00007fd60bd68300 R15: 0000000000022000
INFO: task syz-executor.0:14622 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14622 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd47188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c158 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000005
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c158
R13: 00007ffd50b9322f R14: 00007fd60bd47300 R15: 0000000000022000
INFO: task syz-executor.0:14630 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D30168 14630 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd26188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c200 RCX: 0000000000465f69
RDX: 0000000000000006 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c200
R13: 00007ffd50b9322f R14: 00007fd60bd26300 R15: 0000000000022000
INFO: task syz-executor.0:14635 blocked for more than 140 seconds.
Not tainted 4.14.224-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0 D27896 14635 13249 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3486
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x669/0x1310 kernel/locking/mutex.c:893
nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
__blkdev_driver_ioctl block/ioctl.c:297 [inline]
blkdev_ioctl+0x540/0x1830 block/ioctl.c:594
block_ioctl+0xd9/0x120 fs/block_dev.c:1893
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:500 [inline]
do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684
SYSC_ioctl fs/ioctl.c:701 [inline]
SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x465f69
RSP: 002b:00007fd60bd05188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c2a8 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c2a8
R13: 00007ffd50b9322f R14: 00007fd60bd05300 R15: 0000000000022000
Showing all locks held in the system:
1 lock held by khungtaskd/1531:
#0: (tasklist_lock){.+.+}, at: [<ffffffff86ff2967>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4548
2 locks held by agetty/7915:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffff83536f82>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffff8352c303>] n_tty_read+0x1e3/0x1680 drivers/tty/n_tty.c:2156
1 lock held by syz-executor.0/14597:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14610:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14616:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14622:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14630:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
1 lock held by syz-executor.0/14635:
#0: (&nbd->config_lock){+.+.}, at: [<ffffffff838cc21f>] nbd_ioctl+0x11f/0xa80 drivers/block/nbd.c:1367
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1531 Comm: khungtaskd Not tainted 4.14.224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x1b2/0x281 lib/dump_stack.c:58
nmi_cpu_backtrace.cold+0x57/0x93 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x13a/0x180 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
watchdog+0x5b9/0xb40 kernel/hung_task.c:274
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 14519 Comm: syz-executor.1 Not tainted 4.14.224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880968e6640 task.stack: ffff88808eb00000
RIP: 0010:__lock_acquire+0x4b1/0x3f20 kernel/locking/lockdep.c:3446
RSP: 0000:ffff88808eb07a10 EFLAGS: 00000006
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffff11012d1cddd RSI: 0000000000000000 RDI: ffff8880968e6eec
RBP: 0000000000000000 R08: 0000000000000001 R09: 00000000000c008d
R10: ffff8880968e6ec8 R11: ffff8880968e6640 R12: ffff8880968e6ee0
R13: 000000000000008d R14: 000000000000008d R15: ffffffff8beb5d40
FS: 00007f1e54bb1700(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffc12ad50ff CR3: 00000000a5754000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998
__raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline]
_raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:160
force_sig_info+0x51/0x410 kernel/signal.c:1243
force_sig_info_fault.constprop.0+0x185/0x260 arch/x86/mm/fault.c:225
__bad_area_nosemaphore+0x1d6/0x2c0 arch/x86/mm/fault.c:940
__bad_area arch/x86/mm/fault.c:974 [inline]
bad_area_access_error+0x219/0x3e0 arch/x86/mm/fault.c:1013
__do_page_fault+0x4da/0xad0 arch/x86/mm/fault.c:1422
page_fault+0x45/0x50 arch/x86/entry/entry_64.S:1123
RIP: 12ad50ff:0x7f1e54bb1300
RSP: 56bf68:000000000056bf60 EFLAGS: 0056bf6c
Code: c5 41 8b 42 20 41 09 e9 8b ac 24 c8 01 00 00 25 ff 1f 00 00 c1 e5 14 41 09 e9 41 09 c1 48 b8 00 00 00 00 00 fc ff df 45 89 4a 20 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Mar 8, 2021, 6:07:22 PM3/8/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 2cae3e25 Linux 4.19.179
syzbot found the following issue on:
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=105d05a2d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=6362bb600ad8bf7
dashboard link: https://syzkaller.appspot.com/bug?extid=20a832a4769c765c4bef
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
Bluetooth: hci3: command 0x0406 tx timeout
ieee802154 phy0 wpan0: encryption failed: -22
ieee802154 phy1 wpan1: encryption failed: -22
INFO: task syz-executor.3:28272 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D28560 28272 15536 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blk_mq_freeze_queue_wait+0x119/0x270 block/blk-mq.c:152
nbd_add_socket+0x168/0x840 drivers/block/nbd.c:973
__nbd_ioctl drivers/block/nbd.c:1320 [inline]
nbd_ioctl+0x584/0xbe0 drivers/block/nbd.c:1387
__blkdev_driver_ioctl block/ioctl.c:303 [inline]
blkdev_ioctl+0x5cb/0x1a80 block/ioctl.c:601
block_ioctl+0xe9/0x130 fs/block_dev.c:1906
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688
ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x465f69
Code: 10 e8 db ec fa ff 48 8b 6c 24 20 48 83 c4 28 c3 e8 cc 48 00 00 eb 8a cc cc cc cc cc cc cc cc cc cc 64 48 8b 0c 25 f8 ff ff ff <48> 3b 61 10 76 3a 48 83 ec 20 48 89 6c 24 18 48 8d 6c 24 18 48 8b
RSP: 002b:00007f61c6c3d188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465f69
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffee00c016f R14: 00007f61c6c3d300 R15: 0000000000022000
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
INFO: task syz-executor.3:28292 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D28104 28292 15536 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1002 [inline]
__mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
__blkdev_driver_ioctl block/ioctl.c:303 [inline]
blkdev_ioctl+0x5cb/0x1a80 block/ioctl.c:601
block_ioctl+0xe9/0x130 fs/block_dev.c:1906
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688
ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x465f69
Code: Bad RIP value.
RSP: 002b:00007f61c6c1c188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c008 RCX: 0000000000465f69
RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000006
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008
R13: 00007ffee00c016f R14: 00007f61c6c1c300 R15: 0000000000022000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c008
INFO: task syz-executor.3:28331 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3 D29152 28331 15536 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1002 [inline]
__mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
__blkdev_driver_ioctl block/ioctl.c:303 [inline]
blkdev_ioctl+0x5cb/0x1a80 block/ioctl.c:601
block_ioctl+0xe9/0x130 fs/block_dev.c:1906
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688
ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x465f69
Code: Bad RIP value.
RSP: 002b:00007f61c6bfb188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056c0b0 RCX: 0000000000465f69
RDX: 0000000000000f53 RSI: 000000000000ab07 RDI: 0000000000000003
RBP: 00000000004bfa67 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0b0
R13: 00007ffee00c016f R14: 00007f61c6bfb300 R15: 0000000000022000
Showing all locks held in the system:
#0: 00000000d4268a41 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4440
1 lock held by syz-executor.3/28272:
#0: 000000003a1f18b7 (&nbd->config_lock){+.+.}, at: nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
1 lock held by syz-executor.3/28292:
#0: 000000003a1f18b7 (&nbd->config_lock){+.+.}, at: nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
1 lock held by syz-executor.3/28331:
#0: 000000003a1f18b7 (&nbd->config_lock){+.+.}, at: nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 1567 Comm: khungtaskd Not tainted 4.19.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
Call Trace:
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
watchdog+0x991/0xe60 kernel/hung_task.c:287
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 7850 Comm: rs:main Q:Reg Not tainted 4.19.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:ext4_inode_csum+0x2d/0x920 fs/ext4/inode.c:55
Code: 56 41 55 49 bd 00 00 00 00 00 fc ff df 41 54 49 89 f4 55 48 89 d5 53 48 89 fb 48 81 ec d0 00 00 00 48 c7 44 24 30 b3 8a b5 41 <48> 8d 44 24 30 48 c7 44 24 38 b8 b9 b8 89 48 c1 e8 03 48 89 44 24
RSP: 0018:ffff88808ec3f5c8 EFLAGS: 00000282
RAX: ffff88809d9b45c0 RBX: ffff88808e4aa730 RCX: ffffffff81de96dd
RDX: ffff88808e4aa540 RSI: ffff88809a0cd000 RDI: ffff88808e4aa730
RBP: ffff88808e4aa540 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000005 R11: 0000000000000000 R12: ffff88809a0cd000
R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88808e4aa758
FS: 00007fe9152e3700(0000) GS:ffff8880ba000000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f47bd7b1000 CR3: 00000000a0f31000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
ext4_inode_csum_set+0x15e/0x360 fs/ext4/inode.c:116
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
ext4_do_update_inode fs/ext4/inode.c:5375 [inline]
ext4_mark_iloc_dirty+0x1795/0x2b10 fs/ext4/inode.c:5920
ext4_mark_inode_dirty+0x21a/0x870 fs/ext4/inode.c:6114
ext4_dirty_inode+0x88/0xb0 fs/ext4/inode.c:6145
__mark_inode_dirty+0x16b/0x1260 fs/fs-writeback.c:2181
mark_inode_dirty include/linux/fs.h:2086 [inline]
__generic_write_end+0x26a/0x300 fs/buffer.c:2129
ext4_da_write_end+0x623/0xa70 fs/ext4/inode.c:3202
generic_perform_write+0x2ae/0x4d0 mm/filemap.c:3181
__generic_file_write_iter+0x24b/0x610 mm/filemap.c:3295
ext4_file_write_iter+0x2fe/0xf20 fs/ext4/file.c:272
call_write_iter include/linux/fs.h:1821 [inline]
new_sync_write fs/read_write.c:474 [inline]
__vfs_write+0x51b/0x770 fs/read_write.c:487
vfs_write+0x1f3/0x540 fs/read_write.c:549
ksys_write+0x12b/0x2a0 fs/read_write.c:599
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fe917d271cd
Code: c2 20 00 00 75 10 b8 01 00 00 00 0f 05 48 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 ae fc ff ff 48 89 04 24 b8 01 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 f7 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
RSP: 002b:00007fe9152e2590 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007fe908010e80 RCX: 00007fe917d271cd
RDX: 000000000000049f RSI: 00007fe908010e80 RDI: 0000000000000006
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 00007fe908010c00
R13: 00007fe9152e25b0 R14: 000055df72141360 R15: 000000000000049f
syzbot
Mar 9, 2021, 12:18:22 AM3/9/21
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: 2cae3e25 Linux 4.19.179
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=123b5cc6d00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1157f6ecd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+20a832...@syzkaller.appspotmail.com
Dev nbd0: unable to read RDB block 0
nbd0: unable to read partition table
ldm_validate_partition_table(): Disk read failed.
Dev nbd0: unable to read RDB block 0
nbd0: unable to read partition table
INFO: task syz-executor050:8120 blocked for more than 140 seconds.
Code: Bad RIP value.
RSP: 002b:00007fb1e4e15308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000004cb508 RCX: 000000000044a169
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004cb50c
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
INFO: task syz-executor050:8121 blocked for more than 140 seconds.
generic_make_request+0x3fe/0xdf0 block/blk-core.c:2404
submit_bio+0xb1/0x430 block/blk-core.c:2576
submit_bh_wbc+0x5a7/0x760 fs/buffer.c:3090
submit_bh fs/buffer.c:3096 [inline]
block_read_full_page+0x7cf/0xd10 fs/buffer.c:2310
do_read_cache_page+0x533/0x1170 mm/filemap.c:2828
read_mapping_page include/linux/pagemap.h:402 [inline]
read_dev_sector+0xbf/0x500 block/partition-generic.c:671
read_part_sector block/partitions/check.h:38 [inline]
adfspart_check_ICS+0x114/0xe70 block/partitions/acorn.c:366
check_partition+0x390/0x690 block/partitions/check.c:167
rescan_partitions+0x1b5/0x970 block/partition-generic.c:535
bdev_disk_changed+0x179/0x1b0 fs/block_dev.c:1435
__blkdev_get+0x1282/0x1480 fs/block_dev.c:1561
blkdev_get+0xb0/0x940 fs/block_dev.c:1627
blkdev_open+0x202/0x290 fs/block_dev.c:1788
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x406994
Code: Bad RIP value.
RSP: 002b:00007fb1e4df3e60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000406994
RDX: 0000000000000000 RSI: 00007fb1e4df3ef0 RDI: 00000000ffffff9c
RBP: 00007fb1e4df3ef0 R08: 0000000000000000 R09: 002364626e2f7665
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
INFO: task syz-executor050:8122 blocked for more than 140 seconds.
blkdev_get+0xb0/0x940 fs/block_dev.c:1627
blkdev_open+0x202/0x290 fs/block_dev.c:1788
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x406994
Code: Bad RIP value.
RSP: 002b:00007fb1e4dd2e60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000406994
RDX: 0000000000000000 RSI: 00007fb1e4dd2ef0 RDI: 00000000ffffff9c
RBP: 00007fb1e4dd2ef0 R08: 0000000000000000 R09: 002364626e2f7665
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
Showing all locks held in the system:
1 lock held by khungtaskd/1567:
#0: 0000000067ae6e13 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4440
1 lock held by in:imklog/7792:
#0: 0000000050b4f35e (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767
1 lock held by systemd-udevd/8114:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839
1 lock held by syz-executor050/8120:
#0: 000000004f4c6e31 (&nbd->config_lock){+.+.}, at: nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
1 lock held by syz-executor050/8121:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478
1 lock held by syz-executor050/8122:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1567 Comm: khungtaskd Not tainted 4.19.179-syzkaller #0
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x52/0xe0 kernel/locking/spinlock.c:184
Code: 48 c7 c0 48 82 f1 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 72 48 83 3d dd ee da 01 00 74 64 48 89 df 57 9d <0f> 1f 44 00 00 e8 b4 f9 50 f9 bf 01 00 00 00 e8 3a dc 2a f9 65 8b
RSP: 0018:ffff8880b5a77a68 EFLAGS: 00000086
RAX: 1ffffffff13e3049 RBX: 0000000000000086 RCX: ffffffff814bc6c0
RDX: dffffc0000000000 RSI: 0000000000000004 RDI: 0000000000000086
RBP: ffffffff8d3ce7c8 R08: 0000000000000000 R09: fffffbfff1a79cf9
R10: ffffffff8d3ce7cb R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff11016b4ef52 R14: ffff8880b5a77cc0 R15: ffffffff8d3ce7c8
FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
debug_object_deactivate+0x1f9/0x2e0 lib/debugobjects.c:529
debug_timer_deactivate kernel/time/timer.c:723 [inline]
debug_deactivate kernel/time/timer.c:779 [inline]
detach_timer kernel/time/timer.c:824 [inline]
detach_if_pending+0x82/0x460 kernel/time/timer.c:843
try_to_del_timer_sync+0xaa/0x110 kernel/time/timer.c:1240
del_timer_sync+0x1a4/0x270 kernel/time/timer.c:1305
schedule_timeout+0x4d7/0xfe0 kernel/time/timer.c:1819
rcu_gp_kthread+0xdad/0x21c0 kernel/rcu/tree.c:2202
HEAD commit: 2cae3e25 Linux 4.19.179
git tree: linux-4.19.y
kernel config: https://syzkaller.appspot.com/x/.config?x=6362bb600ad8bf7
dashboard link: https://syzkaller.appspot.com/bug?extid=20a832a4769c765c4bef
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=141f1156d00000
dashboard link: https://syzkaller.appspot.com/bug?extid=20a832a4769c765c4bef
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1157f6ecd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+20a832...@syzkaller.appspotmail.com
nbd0: unable to read partition table
ldm_validate_partition_table(): Disk read failed.
Dev nbd0: unable to read RDB block 0
nbd0: unable to read partition table
INFO: task syz-executor050:8120 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor050 D26224 8120 8105 0x00000004
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blk_mq_freeze_queue_wait+0x119/0x270 block/blk-mq.c:152
nbd_add_socket+0x168/0x840 drivers/block/nbd.c:973
__nbd_ioctl drivers/block/nbd.c:1320 [inline]
nbd_ioctl+0x584/0xbe0 drivers/block/nbd.c:1387
__blkdev_driver_ioctl block/ioctl.c:303 [inline]
blkdev_ioctl+0x5cb/0x1a80 block/ioctl.c:601
block_ioctl+0xe9/0x130 fs/block_dev.c:1906
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688
ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x44a169
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blk_mq_freeze_queue_wait+0x119/0x270 block/blk-mq.c:152
nbd_add_socket+0x168/0x840 drivers/block/nbd.c:973
__nbd_ioctl drivers/block/nbd.c:1320 [inline]
nbd_ioctl+0x584/0xbe0 drivers/block/nbd.c:1387
__blkdev_driver_ioctl block/ioctl.c:303 [inline]
blkdev_ioctl+0x5cb/0x1a80 block/ioctl.c:601
block_ioctl+0xe9/0x130 fs/block_dev.c:1906
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xcdb/0x12e0 fs/ioctl.c:688
ksys_ioctl+0x9b/0xc0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:710
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Code: Bad RIP value.
RSP: 002b:00007fb1e4e15308 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000004cb508 RCX: 000000000044a169
RDX: 0000000000000004 RSI: 000000000000ab00 RDI: 0000000000000003
RBP: 00000000004cb500 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004cb50c
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
INFO: task syz-executor050:8121 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor050 D26960 8121 8105 0x00000004
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blk_queue_enter+0x66f/0xb70 block/blk-core.c:959
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
generic_make_request+0x3fe/0xdf0 block/blk-core.c:2404
submit_bio+0xb1/0x430 block/blk-core.c:2576
submit_bh_wbc+0x5a7/0x760 fs/buffer.c:3090
submit_bh fs/buffer.c:3096 [inline]
block_read_full_page+0x7cf/0xd10 fs/buffer.c:2310
do_read_cache_page+0x533/0x1170 mm/filemap.c:2828
read_mapping_page include/linux/pagemap.h:402 [inline]
read_dev_sector+0xbf/0x500 block/partition-generic.c:671
read_part_sector block/partitions/check.h:38 [inline]
adfspart_check_ICS+0x114/0xe70 block/partitions/acorn.c:366
check_partition+0x390/0x690 block/partitions/check.c:167
rescan_partitions+0x1b5/0x970 block/partition-generic.c:535
bdev_disk_changed+0x179/0x1b0 fs/block_dev.c:1435
__blkdev_get+0x1282/0x1480 fs/block_dev.c:1561
blkdev_get+0xb0/0x940 fs/block_dev.c:1627
blkdev_open+0x202/0x290 fs/block_dev.c:1788
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x406994
Code: Bad RIP value.
RSP: 002b:00007fb1e4df3e60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000406994
RDX: 0000000000000000 RSI: 00007fb1e4df3ef0 RDI: 00000000ffffff9c
RBP: 00007fb1e4df3ef0 R08: 0000000000000000 R09: 002364626e2f7665
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
INFO: task syz-executor050:8122 blocked for more than 140 seconds.
Not tainted 4.19.179-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor050 D29160 8122 8105 0x00000004
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1002 [inline]
__mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
__blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1002 [inline]
__mutex_lock+0x647/0x1260 kernel/locking/mutex.c:1072
blkdev_get+0xb0/0x940 fs/block_dev.c:1627
blkdev_open+0x202/0x290 fs/block_dev.c:1788
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x406994
Code: Bad RIP value.
RSP: 002b:00007fb1e4dd2e60 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000406994
RDX: 0000000000000000 RSI: 00007fb1e4dd2ef0 RDI: 00000000ffffff9c
RBP: 00007fb1e4dd2ef0 R08: 0000000000000000 R09: 002364626e2f7665
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
R13: 000000000049b08c R14: 64626e2f7665642f R15: 0000000000022000
Showing all locks held in the system:
1 lock held by khungtaskd/1567:
1 lock held by in:imklog/7792:
#0: 0000000050b4f35e (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x26f/0x310 fs/file.c:767
1 lock held by systemd-udevd/8114:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: blkdev_put+0x30/0x520 fs/block_dev.c:1839
1 lock held by syz-executor050/8120:
#0: 000000004f4c6e31 (&nbd->config_lock){+.+.}, at: nbd_ioctl+0x151/0xbe0 drivers/block/nbd.c:1380
1 lock held by syz-executor050/8121:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478
1 lock held by syz-executor050/8122:
#0: 00000000eb902899 (&bdev->bd_mutex){+.+.}, at: __blkdev_get+0x1d0/0x1480 fs/block_dev.c:1478
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 1567 Comm: khungtaskd Not tainted 4.19.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
watchdog+0x991/0xe60 kernel/hung_task.c:287
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
Sending NMI from CPU 0 to CPUs 1:
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1a6/0x1f0 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:203 [inline]
watchdog+0x991/0xe60 kernel/hung_task.c:287
kthread+0x33f/0x460 kernel/kthread.c:259
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
NMI backtrace for cpu 1
CPU: 1 PID: 10 Comm: rcu_preempt Not tainted 4.19.179-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x52/0xe0 kernel/locking/spinlock.c:184
Code: 48 c7 c0 48 82 f1 89 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 72 48 83 3d dd ee da 01 00 74 64 48 89 df 57 9d <0f> 1f 44 00 00 e8 b4 f9 50 f9 bf 01 00 00 00 e8 3a dc 2a f9 65 8b
RSP: 0018:ffff8880b5a77a68 EFLAGS: 00000086
RAX: 1ffffffff13e3049 RBX: 0000000000000086 RCX: ffffffff814bc6c0
RDX: dffffc0000000000 RSI: 0000000000000004 RDI: 0000000000000086
RBP: ffffffff8d3ce7c8 R08: 0000000000000000 R09: fffffbfff1a79cf9
R10: ffffffff8d3ce7cb R11: 0000000000000000 R12: dffffc0000000000
R13: 1ffff11016b4ef52 R14: ffff8880b5a77cc0 R15: ffffffff8d3ce7c8
FS: 0000000000000000(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f86d11a6000 CR3: 00000000a2132000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
debug_object_deactivate lib/debugobjects.c:568 [inline]
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
debug_object_deactivate+0x1f9/0x2e0 lib/debugobjects.c:529
debug_timer_deactivate kernel/time/timer.c:723 [inline]
debug_deactivate kernel/time/timer.c:779 [inline]
detach_timer kernel/time/timer.c:824 [inline]
detach_if_pending+0x82/0x460 kernel/time/timer.c:843
try_to_del_timer_sync+0xaa/0x110 kernel/time/timer.c:1240
del_timer_sync+0x1a4/0x270 kernel/time/timer.c:1305
schedule_timeout+0x4d7/0xfe0 kernel/time/timer.c:1819
rcu_gp_kthread+0xdad/0x21c0 kernel/rcu/tree.c:2202
syzbot
Jul 6, 2021, 3:04:17 PM7/6/21
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages