[v5.15] INFO: task hung in freeze_super
3 views
Skip to first unread message
syzbot
Aug 10, 2024, 3:01:23 PM8/10/24
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7e89efd3ae1c Linux 5.15.164
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=148808a3980000
kernel config: https://syzkaller.appspot.com/x/.config?x=8e7768447c833306
dashboard link: https://syzkaller.appspot.com/bug?extid=7d9d1948a31610fcb0a8
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12af59d3980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13f8caf3980000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/3d929e236949/disk-7e89efd3.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/8a76a46947c4/vmlinux-7e89efd3.xz
kernel image: https://storage.googleapis.com/syzbot-assets/12f4fa036ad7/Image-7e89efd3.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/94aebe7b07e7/mount_2.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7d9d19...@syzkaller.appspotmail.com
INFO: task kworker/1:1H:149 blocked for more than 143 seconds.
Not tainted 5.15.164-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1H state:D stack: 0 pid: 149 ppid: 2 flags:0x00000008
Workqueue: glock_workqueue glock_work_func
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5030 [inline]
__schedule+0xf10/0x1e48 kernel/sched/core.c:6376
schedule+0x11c/0x1c8 kernel/sched/core.c:6459
rwsem_down_write_slowpath+0xd94/0x17e0 kernel/locking/rwsem.c:1165
__down_write_common kernel/locking/rwsem.c:1292 [inline]
__down_write kernel/locking/rwsem.c:1301 [inline]
down_write+0xe8/0x12c kernel/locking/rwsem.c:1552
freeze_super+0x5c/0x388 fs/super.c:1682
freeze_go_sync+0x128/0x31c fs/gfs2/glops.c:587
do_xmote+0x304/0x1054 fs/gfs2/glock.c:742
run_queue+0x3f8/0x6bc fs/gfs2/glock.c:872
glock_work_func+0x27c/0x470 fs/gfs2/glock.c:1039
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:334
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
INFO: task syz-executor110:4038 blocked for more than 143 seconds.
Not tainted 5.15.164-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor110 state:D stack: 0 pid: 4038 ppid: 4037 flags:0x0000000d
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5030 [inline]
__schedule+0xf10/0x1e48 kernel/sched/core.c:6376
schedule+0x11c/0x1c8 kernel/sched/core.c:6459
schedule_timeout+0xb8/0x344 kernel/time/timer.c:1890
do_wait_for_common+0x214/0x388 kernel/sched/completion.c:85
__wait_for_common kernel/sched/completion.c:106 [inline]
wait_for_common kernel/sched/completion.c:117 [inline]
wait_for_completion+0x4c/0x64 kernel/sched/completion.c:138
flush_workqueue+0x580/0x11c4 kernel/workqueue.c:2882
gfs2_gl_hash_clear+0xd4/0x2f4 fs/gfs2/glock.c:2182
gfs2_fill_super+0x1b9c/0x2010 fs/gfs2/ops_fstype.c:1309
get_tree_bdev+0x360/0x54c fs/super.c:1312
gfs2_get_tree+0x54/0x1b4 fs/gfs2/ops_fstype.c:1332
vfs_get_tree+0x90/0x274 fs/super.c:1517
do_new_mount+0x278/0x8fc fs/namespace.c:3005
path_mount+0x594/0x101c fs/namespace.c:3335
do_mount fs/namespace.c:3348 [inline]
__do_sys_mount fs/namespace.c:3556 [inline]
__se_sys_mount fs/namespace.c:3533 [inline]
__arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3533
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffff800014c91660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:311
3 locks held by kworker/1:1H/149:
#0: ffff0000c6874938 ((wq_completion)glock_workqueue){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8 kernel/workqueue.c:2283
#1: ffff80001a5b7c00 ((work_completion)(&(&gl->gl_work)->work)){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8 kernel/workqueue.c:2285
#2: ffff0000cb03e0e0 (&type->s_umount_key#41){+.+.}-{3:3}, at: freeze_super+0x5c/0x388 fs/super.c:1682
2 locks held by getty/3776:
#0: ffff0000d356a098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x40/0x50 drivers/tty/tty_ldsem.c:340
#1: ffff800018fd32e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1204 drivers/tty/n_tty.c:2158
1 lock held by syz-executor110/4038:
#0: ffff0000cb03e0e0 (&type->s_umount_key#40/1){+.+.}-{3:3}, at: alloc_super+0x1b8/0x844 fs/super.c:229
=============================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 7e89efd3ae1c Linux 5.15.164
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=148808a3980000
kernel config: https://syzkaller.appspot.com/x/.config?x=8e7768447c833306
dashboard link: https://syzkaller.appspot.com/bug?extid=7d9d1948a31610fcb0a8
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=12af59d3980000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=13f8caf3980000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/3d929e236949/disk-7e89efd3.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/8a76a46947c4/vmlinux-7e89efd3.xz
kernel image: https://storage.googleapis.com/syzbot-assets/12f4fa036ad7/Image-7e89efd3.gz.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/94aebe7b07e7/mount_2.gz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7d9d19...@syzkaller.appspotmail.com
INFO: task kworker/1:1H:149 blocked for more than 143 seconds.
Not tainted 5.15.164-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:1H state:D stack: 0 pid: 149 ppid: 2 flags:0x00000008
Workqueue: glock_workqueue glock_work_func
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5030 [inline]
__schedule+0xf10/0x1e48 kernel/sched/core.c:6376
schedule+0x11c/0x1c8 kernel/sched/core.c:6459
rwsem_down_write_slowpath+0xd94/0x17e0 kernel/locking/rwsem.c:1165
__down_write_common kernel/locking/rwsem.c:1292 [inline]
__down_write kernel/locking/rwsem.c:1301 [inline]
down_write+0xe8/0x12c kernel/locking/rwsem.c:1552
freeze_super+0x5c/0x388 fs/super.c:1682
freeze_go_sync+0x128/0x31c fs/gfs2/glops.c:587
do_xmote+0x304/0x1054 fs/gfs2/glock.c:742
run_queue+0x3f8/0x6bc fs/gfs2/glock.c:872
glock_work_func+0x27c/0x470 fs/gfs2/glock.c:1039
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:334
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
INFO: task syz-executor110:4038 blocked for more than 143 seconds.
Not tainted 5.15.164-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor110 state:D stack: 0 pid: 4038 ppid: 4037 flags:0x0000000d
Call trace:
__switch_to+0x308/0x5e8 arch/arm64/kernel/process.c:518
context_switch kernel/sched/core.c:5030 [inline]
__schedule+0xf10/0x1e48 kernel/sched/core.c:6376
schedule+0x11c/0x1c8 kernel/sched/core.c:6459
schedule_timeout+0xb8/0x344 kernel/time/timer.c:1890
do_wait_for_common+0x214/0x388 kernel/sched/completion.c:85
__wait_for_common kernel/sched/completion.c:106 [inline]
wait_for_common kernel/sched/completion.c:117 [inline]
wait_for_completion+0x4c/0x64 kernel/sched/completion.c:138
flush_workqueue+0x580/0x11c4 kernel/workqueue.c:2882
gfs2_gl_hash_clear+0xd4/0x2f4 fs/gfs2/glock.c:2182
gfs2_fill_super+0x1b9c/0x2010 fs/gfs2/ops_fstype.c:1309
get_tree_bdev+0x360/0x54c fs/super.c:1312
gfs2_get_tree+0x54/0x1b4 fs/gfs2/ops_fstype.c:1332
vfs_get_tree+0x90/0x274 fs/super.c:1517
do_new_mount+0x278/0x8fc fs/namespace.c:3005
path_mount+0x594/0x101c fs/namespace.c:3335
do_mount fs/namespace.c:3348 [inline]
__do_sys_mount fs/namespace.c:3556 [inline]
__se_sys_mount fs/namespace.c:3533 [inline]
__arm64_sys_mount+0x510/0x5e0 fs/namespace.c:3533
__invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:52
el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
do_el0_svc+0x58/0x14c arch/arm64/kernel/syscall.c:181
el0_svc+0x7c/0x1f0 arch/arm64/kernel/entry-common.c:608
el0t_64_sync_handler+0x84/0xe4 arch/arm64/kernel/entry-common.c:626
el0t_64_sync+0x1a0/0x1a4 arch/arm64/kernel/entry.S:584
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffff800014c91660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:311
3 locks held by kworker/1:1H/149:
#0: ffff0000c6874938 ((wq_completion)glock_workqueue){+.+.}-{0:0}, at: process_one_work+0x66c/0x11b8 kernel/workqueue.c:2283
#1: ffff80001a5b7c00 ((work_completion)(&(&gl->gl_work)->work)){+.+.}-{0:0}, at: process_one_work+0x6ac/0x11b8 kernel/workqueue.c:2285
#2: ffff0000cb03e0e0 (&type->s_umount_key#41){+.+.}-{3:3}, at: freeze_super+0x5c/0x388 fs/super.c:1682
2 locks held by getty/3776:
#0: ffff0000d356a098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x40/0x50 drivers/tty/tty_ldsem.c:340
#1: ffff800018fd32e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1204 drivers/tty/n_tty.c:2158
1 lock held by syz-executor110/4038:
#0: ffff0000cb03e0e0 (&type->s_umount_key#40/1){+.+.}-{3:3}, at: alloc_super+0x1b8/0x844 fs/super.c:229
=============================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages