INFO: task can't die in corrupted
11 views
Skip to first unread message
syzbot
Oct 7, 2020, 5:18:20 AM10/7/20
to ch...@kernel.org, jae...@kernel.org, linux-f2...@lists.sourceforge.net, linux-...@vger.kernel.org, linux-...@vger.kernel.org, syzkall...@googlegroups.com, vi...@zeniv.linux.org.uk
Hello,
syzbot found the following issue on:
HEAD commit: a804ab08 Add linux-next specific files for 20201006
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=17fe30bf900000
kernel config: https://syzkaller.appspot.com/x/.config?x=26c1b4cc4a62ccb
dashboard link: https://syzkaller.appspot.com/bug?extid=ee250ac8137be41d7b13
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1336413b900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f7392b900000
The issue was bisected to:
commit eede846af512572b1f30b34f9889d7df64c017d4
Author: Jaegeuk Kim <jae...@kernel.org>
Date: Fri Oct 2 21:17:35 2020 +0000
f2fs: f2fs_get_meta_page_nofail should not be failed
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=10a8aafb900000
console output: https://syzkaller.appspot.com/x/log.txt?x=14a8aafb900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ee250a...@syzkaller.appspotmail.com
Fixes: eede846af512 ("f2fs: f2fs_get_meta_page_nofail should not be failed")
INFO: task syz-executor178:6870 can't die for more than 143 seconds.
task:syz-executor178 state:R
stack:26960 pid: 6870 ppid: 6869 flags:0x00004006
Call Trace:
Showing all locks held in the system:
1 lock held by khungtaskd/1179:
#0: ffffffff8a554da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6242
1 lock held by systemd-journal/3920:
1 lock held by in:imklog/6769:
#0: ffff88809eebc130 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:930
1 lock held by syz-executor178/6870:
#0: ffff8880925120e0 (&type->s_umount_key#47/1){+.+.}-{3:3}, at: alloc_super+0x201/0xaf0 fs/super.c:229
=============================================
Kernel panic - not syncing: hung_task: blocked tasks
CPU: 0 PID: 1179 Comm: khungtaskd Not tainted 5.9.0-rc8-next-20201006-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x198/0x1fb lib/dump_stack.c:118
panic+0x382/0x7fb kernel/panic.c:231
check_hung_uninterruptible_tasks kernel/hung_task.c:257 [inline]
watchdog.cold+0x23e/0x248 kernel/hung_task.c:339
kthread+0x3af/0x4a0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: a804ab08 Add linux-next specific files for 20201006
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=17fe30bf900000
kernel config: https://syzkaller.appspot.com/x/.config?x=26c1b4cc4a62ccb
dashboard link: https://syzkaller.appspot.com/bug?extid=ee250ac8137be41d7b13
compiler: gcc (GCC) 10.1.0-syz 20200507
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1336413b900000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f7392b900000
The issue was bisected to:
commit eede846af512572b1f30b34f9889d7df64c017d4
Author: Jaegeuk Kim <jae...@kernel.org>
Date: Fri Oct 2 21:17:35 2020 +0000
f2fs: f2fs_get_meta_page_nofail should not be failed
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=10a8aafb900000
console output: https://syzkaller.appspot.com/x/log.txt?x=14a8aafb900000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ee250a...@syzkaller.appspotmail.com
Fixes: eede846af512 ("f2fs: f2fs_get_meta_page_nofail should not be failed")
INFO: task syz-executor178:6870 can't die for more than 143 seconds.
task:syz-executor178 state:R
stack:26960 pid: 6870 ppid: 6869 flags:0x00004006
Call Trace:
Showing all locks held in the system:
1 lock held by khungtaskd/1179:
#0: ffffffff8a554da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6242
1 lock held by systemd-journal/3920:
1 lock held by in:imklog/6769:
#0: ffff88809eebc130 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:930
1 lock held by syz-executor178/6870:
#0: ffff8880925120e0 (&type->s_umount_key#47/1){+.+.}-{3:3}, at: alloc_super+0x201/0xaf0 fs/super.c:229
=============================================
Kernel panic - not syncing: hung_task: blocked tasks
CPU: 0 PID: 1179 Comm: khungtaskd Not tainted 5.9.0-rc8-next-20201006-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x198/0x1fb lib/dump_stack.c:118
panic+0x382/0x7fb kernel/panic.c:231
check_hung_uninterruptible_tasks kernel/hung_task.c:257 [inline]
watchdog.cold+0x23e/0x248 kernel/hung_task.c:339
kthread+0x3af/0x4a0 kernel/kthread.c:292
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
Eric Biggers
Oct 7, 2020, 5:32:56 PM10/7/20
to Jaegeuk Kim, ch...@kernel.org, linux-f2...@lists.sourceforge.net, syzkall...@googlegroups.com, linux-...@vger.kernel.org, syzbot+ee250a...@syzkaller.appspotmail.com
[moved linux-fsdevel to Bcc]
On Wed, Oct 07, 2020 at 02:18:19AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: a804ab08 Add linux-next specific files for 20201006
> git tree: linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=17fe30bf900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=26c1b4cc4a62ccb
> dashboard link: https://syzkaller.appspot.com/bug?extid=ee250ac8137be41d7b13
> compiler: gcc (GCC) 10.1.0-syz 20200507
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1336413b900000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f7392b900000
>
> The issue was bisected to:
>
> commit eede846af512572b1f30b34f9889d7df64c017d4
> Author: Jaegeuk Kim <jae...@kernel.org>
> Date: Fri Oct 2 21:17:35 2020 +0000
>
> f2fs: f2fs_get_meta_page_nofail should not be failed
>
Jaegeuk, it looks like the loop you added in the above commit doesn't terminate
if the requested page is beyond the end of the device.
- Eric
On Wed, Oct 07, 2020 at 02:18:19AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: a804ab08 Add linux-next specific files for 20201006
> git tree: linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=17fe30bf900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=26c1b4cc4a62ccb
> dashboard link: https://syzkaller.appspot.com/bug?extid=ee250ac8137be41d7b13
> compiler: gcc (GCC) 10.1.0-syz 20200507
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1336413b900000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12f7392b900000
>
> The issue was bisected to:
>
> commit eede846af512572b1f30b34f9889d7df64c017d4
> Author: Jaegeuk Kim <jae...@kernel.org>
> Date: Fri Oct 2 21:17:35 2020 +0000
>
> f2fs: f2fs_get_meta_page_nofail should not be failed
>
if the requested page is beyond the end of the device.
- Eric
jae...@kernel.org
Oct 7, 2020, 5:53:07 PM10/7/20
to Eric Biggers, ch...@kernel.org, linux-f2...@lists.sourceforge.net, syzkall...@googlegroups.com, linux-...@vger.kernel.org, syzbot+ee250a...@syzkaller.appspotmail.com
the device reboot. Let me think how to avoid that before trying to get the
wrong lba access.
>
> - Eric
Chao Yu
Oct 8, 2020, 9:42:07 PM10/8/20
to jae...@kernel.org, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
we can just zeroing sum_page in error case, as we have already shutdown f2fs via
calling f2fs_stop_checkpoint(), then f2fs_cp_error() will stop all updates to
filesystem data including summary pages.
Thoughts?
Thanks,
>
>>
>> - Eric
>
>
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2...@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
> .
>
jae...@kernel.org
Oct 8, 2020, 9:50:18 PM10/8/20
to Chao Yu, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
wrong zero'ed summary page.
Chao Yu
Oct 8, 2020, 10:37:07 PM10/8/20
to jae...@kernel.org, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
Thanks,
>
>>
>> Thoughts?
>>
>> Thanks,
>>
>>>
>>>>
>>>> - Eric
>>>
>>>
>>> _______________________________________________
>>> Linux-f2fs-devel mailing list
>>> Linux-f2...@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>> .
>>>
>
jae...@kernel.org
Oct 9, 2020, 12:32:40 AM10/9/20
to Chao Yu, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
f2fs_get_meta_page_nofail.
Chao Yu
Oct 9, 2020, 3:05:34 AM10/9/20
to jae...@kernel.org, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
places where we call f2fs_get_meta_page_nofail()? like the case that
filesystem will always see EIO after we shutdown device via dmflakey?
Thanks,
>
>>
>> Thanks,
>>
>>>
>>>>
>>>> Thoughts?
>>>>
>>>> Thanks,
>>>>
>>>>>
>>>>>>
>>>>>> - Eric
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Linux-f2fs-devel mailing list
>>>>> Linux-f2...@lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>>> .
>>>>>
>>> .
>>>
>
jae...@kernel.org
Oct 9, 2020, 10:56:27 AM10/9/20
to Chao Yu, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
_nofail function which should guarantee no error, instead of hiding the error
with zero'ed page.
Chao Yu
Oct 12, 2020, 10:30:41 PM10/12/20
to jae...@kernel.org, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
Jaegeuk,
I guess you missed sending last applied patch to mailing list?
Thanks,
> .
>
I guess you missed sending last applied patch to mailing list?
Thanks,
>
jae...@kernel.org
Oct 12, 2020, 11:08:48 PM10/12/20
to Chao Yu, Eric Biggers, syzbot+ee250a...@syzkaller.appspotmail.com, syzkall...@googlegroups.com, linux-...@vger.kernel.org, linux-f2...@lists.sourceforge.net
On 10/13, Chao Yu wrote:
> Jaegeuk,
>
> I guess you missed sending last applied patch to mailing list?
I was testing locally and supposed to post it soon before pull request. Putting
> Jaegeuk,
>
> I guess you missed sending last applied patch to mailing list?
it in -dev can give some soak time in -next.
No worries.
Thanks,
Reply all
Reply to author
Forward
0 new messages