Re: [syzbot] possible deadlock in blkdev_put (2)
7 views
Skip to first unread message
syzbot
Jan 19, 2022, 3:41:09 AM1/19/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
ec0egsee fo M pt
9573][ T1vii-5V tue deiergtrd io
.5174[ 1 ii-05:CCaatrcec1rgseefoHM tt0
.727] 1]vvi-05:VL2uptdevc eitrd a d2
.705[ T ii-05:VL atuedevc eitrd sv0,uorraadlcV
.5252] 1v-05V2ottecrgie a i1 uortrwnsiedB
.732] 1 vvd05: 42cpur dic eitrd swao
5717[ 1 vvd05:VL eevr dvc eitreda ai0
.701] 1]vvd05V2 tasiterevc eitrdsrd1
.709[ 1 ii-05:VL eaaa cpur eiereite side5
.71[ T] ii-05: 42mtdta otu eic egsrdsieo
.794] T]vvd05: L oc aptr eiergieeavlou
5890[ 1 ivd06:uin ige pnafra I
598[ T]vvd006 C dpe ec eitrdfo DIiu0
.25] 1 vi-06:V4 cpu dvcergseed ie7
.902[ 1 ii-6 C aatrcec3rgsee fo D uu 0
9537] 1 iv-06: 42otutdev rgstrd asvdo2
534] 1]ii-06:VL adeieriseeda i,upordlceBI
.563] T]vvd-06V42otu evc eitrd sv13uprswa iedB
.941[ ] ii-06: 42cpuedei rgseed ssai
5828[ 1 ii-06:VL2rcie dviergseed srdo2
592] T]vvd06:VL rnmtte eiergstrdsri1
9602] 1 ii-06:VL eaaa te eiereseea de2
.60131[ T vd-06 V42 meadaa tutdvc regserda vdeo3
.031] 1vd64L2tuhcpuedv gialou6
.027] T]vvd7usn uta frtAI
.6] ]vvd07:CCaatre ste frDIip
.656] T]vvd-07:VL ate deiergseed ie3
.657[ 1 ii-07:CCadpe ec1 eite foDot0
.69] T1 vvd007: 42tptdevc eitrd sve2
.18] T ii-07:VL atr deiergstrd sb1,uporran cVB
.199[ 1 iid07:V42otu ee eitrd sv1,sor aa iedV
.202][ 1 vii-07V4 atredeiergseed wdo
9.02] 1 ii-07: 42rcie deieretesai
18[ 1vid07:VL tasiterdvc eitard5
.21[ 1 ii-07:VL eaaa cpuedvc reitre sd
9371] 1]vvd07V42mtdt otptdeierese ie3
.289] 1]vd07V2 oc aptr iried svlou7
.27 1vid08:uigsnl plnrfra PI
.348[ ]vvd08:CCaatrce1 eitrdfo DMnt0
.350[ 1 ii-08 Lcpuedeiergseeds e3
.381] T]vvd008 t cec7rgsdfrMp0
99] Tvi08V42otu deviergse a do
9609] T1 ivd08: 42cpuedeic eitrd sb1,upor an lcdB
.40] T]vvd008:V42otu ecergsed av1,uorsr nsiedB
.435[ 1 ivd08:VL cpuedevc eitrd ssai
9634] 1 ii-08:VL eevr dic eitres ai1
.466[ 1 ii-08:VL rnmtte eiergstr sio
6461[ T]vid08:VL edaa cpuedeieresrdsido7
.476][ 1 ii-08:VL eaa tptdvc egtr ieo
.483[ 1 ii-08:VL oc ptr eiergisrdsvlo8
.482] T] ii-09: sn ulila om I
96951[ T]vv-09:CCaatrce eitdfrDIiu
96074[ 1 vvd09:VL tudi esred ve3
.672] T]vvd-09:C ec1 esrdfDMopt 0
62 1vi-09V42oudee este sie0
.681] 1 ii-09:VL atr deiergerd svi8 uporsrwa lceB
.654] T1 ii-09:4L up devc eite av1,uortr nledV
6633[ ] ii-09 L2apr diresrda do
97] T]ii-09:VL eevr dvceeie r1
.644[ 1 iid92nitreverestdra9
9.650[ 1 ii-09:VLmeaa ptr eieresrdavd
676[ T1 id09 V2 eaaa otu ev ee aieo
.768[ 1 ii-09:VLo cptrdieids4-oc9
.785[ 1 ivd00:usn igeplna omtAI
615[ vd00CCdprec eifo M nt0
629] ]id00 L ctu dei eieeda i
647 T]vvd00:CE dtere1 gsrdfHM pu 0
.850[ T]vvi-104Lutu ev eite sve4
.863[ 1 iid10tedeiergsed b0 pot asicdV
68[ T1 ii-00:VL up ee eitrd v2uprt ndie B
.03] 1 ii-1042 atr dcergsrda rdi0
913 T1 i-0 VL eevr viergsee ai0
.6277[ T]vii-10:VL rnmtte eieritedsai1
.909] 1 vvd00:VL taaa cpuedieresedavde4
99[ 1 vd10 4 td uteite4
9.69] 1vii-10:VL c aptr eieeiteea ltoc1
6988[ 1 ii-11:uigmtilanrfrt I
078 vi01C at ec2eiedfoHMiu
.044[ 1 vvd01 L2apuedeie eited sde7
.75] T]ii-11:CCaatre re fDot0
76] vd11 2utu eic eitd a ie4
.199[ 1 iid11:VL atredeie eieed bi,upo a n ice I
.735[ T]vvd01:VL uutdevc eitr svi,sprt ad ce B
784[ 1 ii011:VL atr deiergsed ssai1
.188[ 1 ii-11:VL cie dvc eitre rio
.180[ 1 ii-11:VL rnmterdvc eitedasdo3
.181] T]vii-11: 42mtdt cptr eierseeavdo9
.189] 1 ivd014L eaaa tpt ec etedsieo0
.706][ T]vd-11:V2 tuhcptr eieeiesv-ouh
.728] T]viid12usgsnl pln raAI
.722] 1]vvd02:CCaatrcec4rgitdfHD pt
9737] 1 ii-12:VL aprdvc eitrd sie5
.362[ 1 ivd012: E dptrcec2 eite foMItu0
.358][ 1 vvd012:VL2otu devcergsed avde2
.386[ T1 ii-12 L2cpu deieritrd sb2 uoraanscV
.344[ T]vvd02: 42otu ecrgstd av2,uprtrw scedB
.366] T ii02V4 cpuedviergseed swa2
.476[ 1 ii-12:VL eevr dvc eitredsao4
.769] 1 ii-12:VL rnmtte ei rgstedadi5
.473] T] ii-12:VL mtdt catr eieresees d
.435] 1 vv-12V42mtaaa tptdeieregsee sve4
726[ T]vvd02:VLtuc aptr vergisr s4toc1
.7624[ T]vvd03:usn lpaafraAI
.543] T iid03:CC dpe ec6rgitrdfHD nt0
.534[ 1 ii-13:VL atu deiergseed ve5
.586] T] ii013:CCaatrcec7rgseefrHMop 0
567[ T]vvd013: 42otu devc eisee a do
.668[ Tvi-13: 42catr deic eitrd svi,uporsa dsce B
.666[ T1 ii-13 VL uptdevc eitrd a i7 port wadlcedV
.6] T1 ii-3V4 apuedeiergseeda di3
.664 T]vvd03:VL eir dvc estreda ado
.687[ 1 ii-13:VL ntt icergstrdsri7
.679[ T]vv-03:VL eaaa atr ei rgsrda ide
.70[ T vi03:VL eaaa otu eieree vie5
9764] 1 ii-13:VL oc aptr eierierdaltoc1
97855[ T]vvd04: sn igepna omtPI
7754] 1 ii-14:CCaatrcec8ritrdfo DIipt0
.7929[ T]vvd04V42cpuedeiergseed do9
.736] T]vvi-14CE dpe ec9rgtefoHM tu0
982[ 1 ii-14:VL uptdevergsee avd6
.817 T1 iid4:VL atredeiergstrd sb2,spot aadlcdV
9826] T]vvd-14: 4 otu ec rised avi9sprt n ledB
.747][ T]vii-04:VL cpuedevc egseed sswaio4
7856[ 1 ii04:42rev dvcrgsredsri2
783] T]vv-04:42 rnmtte eiergstre sao9
97740[ T vvd04 V2 edaa cpuedvergt d
9.82[ ]iv04VL eaaa opude eer sveo2
.893] ]vvd04:VL oc aptr eierisedav-oc4
9.922[ 1 vvd05:uin utpana omtAI
.042[ 1 ii-15: E apt ec0rgsee fo Mpu0
.056[ 1 ii-54catr dicrgseed sio
.045] T]vvd05:C aatrcec1resedfo I pu0
.8363[ T]vvd05:VL uptdeic eieed avd6
.048] T]vii-15 V4L atuedicrgitrda i0spo r dsce I
986] vi15V2 ttevcetrd ai3 uort asiedB
.874] T1 ivd05:VL atue deiergseed wdo5
988] T1vd5 4ree dvc eitredsri3
8099[ T vvd05:V42tasitte eiergstedsri3
08[ T1 ivd05V4 eaaa catuedvcreieea de5
8181 1 ii-15:VL eaaa otu eieretedsve
9 T]vd15:VL ohcaprecrisee svloch
98324[ 1 vm2vm2.:Dvc egitrds dv/vdo
814] T]vcdc vioe.:Deie steu-nod' eisee as/dvvdo8
.143[ 1 ioe vioe.:Dvce tafdod' eiee asdvve6
9884][ 1d vdc0 eie 'ttls-eodrrgsee aevio0
8296 T] vdv DV:reitrn nwaatr(b_vdvbig)
.864] T]ic 2-0: V:rgsride on (mydedfrV-/T2/S).
9.69] ]dbv dvra_e_ett ein meo f BT2CS2 gtre.
31] 1vb d_etmi_nit:md nty've' rstd
4 1vtvidv:ucsslitiidvtv
9.733[ 1 scoe rgstrdnwiercedie risr
985 T]uboe gierd e inefc ir risr2
.82] T1uscr: rgseednw inefedir dr0
004[ 1ubo: resee nwinefcedv rd-i7
8426[ T1uboe rgsee e inefe ie ri-bi73
.828] 1 scr: rgsee e intraedir aom0
9831] ] scr: isee ewinefc ie rdoke
.831] 1 uoe reitrd e intfaedier iom90
852] 1 scr: rire e inefc rver rai-aeon
89 1]ubcr: gtrdnwierc rvr pw_s
9 icaeo FIMDLHE iaed uia Aaeswilntb crddi eI og
.531 T]dvmap:uetvero1.3
830 T]dvc-mar otl .450icl(2-32iniise:mde@dhto
99] ]dieape:ula rnrbn rsn12lae
954] T]eceap: tp egh ero02 ad
958] 1 eiema:ulp v-:vesn0.lade
56] 1dvemaperrai:odi ae rio11.
.8811[ T]Buoh:CU ie v 2
83 TBhIR ooo esed
957] T]BothIUT ooBCPeie
.648 T1 letoh: C ATpooco L eitred
.812][ 1 ButohH ATpooclTreir (5 gsr
61[ T ueh U roc serd
29[ T leohI Rpro GXrgtrd
9.830][ T]Butoth: C ATpooco avl eisee
98589[ T]uboe rgsee e inerae rie bm03
.695] T]ubcr: rgstrd e inefc rvr ba0
9877 T usoe risee wifa rv bu
887][ T bcr: gseednwinefc ie ts
8656[ 1 scre rgstrdnw ircerv ak
8702] TP2. satdpwt mo mdewr
9726 1odaISin .
.722] E girPFS pcofmy
820 DP dle
975 1]INdp:S ocsver 0se Tieus1fs
876] 1 ID:Laye-1oe-drie e.2.0
93[ 1 rul eieeter
98893] T]uboe gsee eieraedie CSS
89 T ne_te:Ume nspoe
.930[ 1 U30Drie o atstae Ciqollieo 0
993] 1br: rgtreirae vr b0
922 1 scr: rgser e inefc die uh
.6 1 ssi:estedtasor ie)
9999[ ]StiRP tce
8978[ T]Die frmbfe'ws ualt et w u_ye ceotbcath sw niaie.
4] 1]ir'mmooe ual eierwthbsy 'botbcus ebsa nntaie
1 irvut ei h bsye'eoo cueh uwsonti
.0[ 1dr HDe deC iiKin
.68][ T ipt ImExS2eei Eloe oues /eiepfor/84/ei1/ip/u
97[ ] boe: ied e itrae rvr ub
950 T]ubhd USBHDcor rve
9924[ ] scr: rgser nwierir s_iv
.98] T1 cmd:veso ..6- ht:/w.odrg
.986] T]uscr: isee e inefc die dt82
.561[ T]sboe rgseeew inefaedie n651
.540[ T1 scre rgstrdnw inefc dvr ubx
.524[ T1 scr: rgsednwinerfedv dfs
590] T]uboe rgsee e iedv ubusga
.5] T]ubo: rgsee e ieaedie vk0x
98[ ] oe: eee e itfcev rmu
5] 1usce: rgsee e intraedie r72
.9340[ T1 smm intaie
.696[ 1 ryu: reitrdnwdrvrhd
.648] T1 rys: rgsee e drvbp
.625[ 1 bgpy: eitrdnw die s
.6523[ Tau_m:AUSWeei v d
103 T1 soe: ried e ieraedie sdubado
1001 T1uoe reitd eiecdrv -10
1.03][ 1]usore rgsee e ieraerie d-b-s2
1.138 T]ubcr gitrne inefc rvr sdubu12
0117] 1 sboe rgitrdne intra die d-s-aa
.136] 1 uboe gitrdne ieaedivr ds-fie
1.104] ]uboe risee e inefc rvr sdub-fc
.00[ T]uboe: reitrdnwinefc rer sdcd00
10114 T]uboe rgsee ewierfc drie d_sbpo
0.104[ T]uboe rgsee e inefc rvr sdubpdd
.188] Tuc: isee e intraedivr dsbtnprt
1.18] 1 uboe: reitrd e inerae rvr sn_sbvra
1.169[ 1 rpmnit: ntaing ewr rpmoio evc
05[ ] T:RgiseeLCprooo aiy
1012] T]GC rbailyo
01] ei n
1.026] T]SmlCato od
1] 1]ee:verso .
0079] T u2 lssiir
093] 1 eforac ones o
003[ ] ntdiehc n
0087] T] Aton ofgue
.0][ T]n_cntrac_rc ald rise epes
0071] 1 fotrak_ne ald orgse elpr
1.048] T nonrc_pfie trgtelpr
glT
nbs,y
v
ri
rg
ci
lg
oi
vg
be
Sbr
hi
hi
hi
eg
qi
we
id
v d
E t
Gn
erg
T d
izk
R
i
R6
e
OI
b
6 l
u
iTy
ir
it
ir
u
giMy
iSp
Nip
twr
ir
ar
cla
st
thy
h e
h1
1ht
h a
ha
hu
ha
hno
ha
i
d
r
ir
_c
_c
ev
:l
lL
ln
:pr
6:uf)
iTy
0r
tT
tTe
su)
eir
ed
ep
t
ip
Tan
ir
n
gip
i0a
g
d e ve
thp
gi
o:r
ht
sd
ma
ob,21
es
c9e
. tf60
o
__ gas
p co
l
t
e
K o
ed g
oac3t
r
t
:pn
T,ay
clc
. tf60
or
ai
tts
ui
ui
uC
uN)
uP
u
u
u
C
g0
c]
li
p
:
:eiu
:e0e7
o Diorh
ayr
i
m
o
r 1
[ 76.264810][ T7] cfg80211: failed to load regulatory.db
[ 286.184138][ T27] INFO: task swapper/0:1 blocked for more than 143 seconds.
[ 286.191471][ T27] Not tainted 5.16.0-syzkaller #0
[ 286.197050][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.205734][ T27] task:swapper/0 state:D stack:23112 pid: 1 ppid: 0 flags:0x00004000
[ 286.214936][ T27] Call Trace:
[ 286.218203][ T27] <TASK>
[ 286.221123][ T27] __schedule+0xab2/0x4f00
[ 286.225737][ T27] ? lock_acquire+0x442/0x510
[ 286.230437][ T27] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.235965][ T27] ? prepare_to_wait_event+0xc8/0x690
[ 286.241378][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.246356][ T27] ? trace_hardirqs_on+0x5b/0x1c0
[ 286.251414][ T27] ? io_schedule_timeout+0x180/0x180
[ 286.256702][ T27] ? trace_hardirqs_on+0x5b/0x1c0
[ 286.261723][ T27] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 286.267573][ T27] schedule+0xd2/0x260
[ 286.271636][ T27] wait_for_device_probe+0x1ba/0x220
[ 286.276993][ T27] ? driver_sysfs_add+0x350/0x350
[ 286.282050][ T27] ? finish_wait+0x270/0x270
[ 286.286661][ T27] ? init_eaccess+0xa2/0xd3
[ 286.291227][ T27] ? init_chmod+0xd6/0xd6
[ 286.295657][ T27] prepare_namespace+0x46/0x234
[ 286.300502][ T27] kernel_init_freeable+0x722/0x73a
[ 286.305718][ T27] ? rest_init+0x3e0/0x3e0
[ 286.310154][ T27] kernel_init+0x1a/0x1d0
[ 286.314484][ T27] ? rest_init+0x3e0/0x3e0
[ 286.318894][ T27] ret_from_fork+0x1f/0x30
[ 286.323320][ T27] </TASK>
[ 286.326351][ T27] INFO: task kworker/u4:0:8 blocked for more than 143 seconds.
[ 286.333879][ T27] Not tainted 5.16.0-syzkaller #0
[ 286.339424][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.348149][ T27] task:kworker/u4:0 state:D stack:26560 pid: 8 ppid: 2 flags:0x00004000
[ 286.357445][ T27] Workqueue: events_unbound async_run_entry_fn
[ 286.363694][ T27] Call Trace:
[ 286.367023][ T27] <TASK>
[ 286.369956][ T27] __schedule+0xab2/0x4f00
[ 286.374408][ T27] ? dump_stack_lvl+0x120/0x134
[ 286.379328][ T27] ? lock_acquire+0x442/0x510
[ 286.384045][ T27] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.389498][ T27] ? lock_release+0x522/0x720
[ 286.394230][ T27] ? io_schedule_timeout+0x180/0x180
[ 286.399537][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.404505][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 286.410932][ T27] schedule+0xd2/0x260
[ 286.415137][ T27] schedule_preempt_disabled+0xf/0x20
[ 286.420573][ T27] __mutex_lock+0xa32/0x12f0
[ 286.425260][ T27] ? blk_drop_partitions+0x72/0x110
[ 286.430657][ T27] ? mutex_lock_io_nested+0x1150/0x1150
[ 286.436244][ T27] ? __mutex_lock+0x21a/0x12f0
[ 286.440999][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 286.447265][ T27] ? filemap_check_errors+0xa5/0x150
[ 286.452635][ T27] ? xas_reload+0x440/0x440
[ 286.457163][ T27] ? mutex_lock_io_nested+0x1150/0x1150
[ 286.462804][ T27] blk_drop_partitions+0x72/0x110
[ 286.467887][ T27] ? bdev_resize_partition+0x1a0/0x1a0
[ 286.473359][ T27] bdev_disk_changed+0x177/0xee0
[ 286.478500][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 286.484836][ T27] blkdev_get_whole+0x2fc/0x400
[ 286.489782][ T27] blkdev_get_by_dev.part.0+0x35a/0x9a0
[ 286.495365][ T27] ? devcgroup_check_permission+0x1bb/0x410
[ 286.501521][ T27] blkdev_get_by_dev+0x6b/0x80
[ 286.506336][ T27] disk_scan_partitions+0x118/0x1a0
[ 286.511533][ T27] device_add_disk+0xb9d/0xd70
[ 286.516367][ T27] sd_probe+0xac7/0x10a0
[ 286.520690][ T27] ? sd_open+0x7b0/0x7b0
[ 286.524981][ T27] really_probe+0x245/0xcc0
[ 286.529493][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 286.535766][ T27] __driver_probe_device+0x338/0x4d0
[ 286.541169][ T27] driver_probe_device+0x4c/0x1a0
[ 286.546261][ T27] __device_attach_driver+0x20b/0x2f0
[ 286.551627][ T27] ? driver_allows_async_probing+0x150/0x150
[ 286.557714][ T27] bus_for_each_drv+0x15f/0x1e0
[ 286.562620][ T27] ? bus_for_each_dev+0x1d0/0x1d0
[ 286.567665][ T27] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 286.573487][ T27] ? lockdep_hardirqs_on+0x79/0x100
[ 286.578707][ T27] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 286.584592][ T27] ? state_synced_show+0x80/0x80
[ 286.589522][ T27] __device_attach_async_helper+0x1c9/0x280
[ 286.595423][ T27] ? state_synced_show+0x80/0x80
[ 286.600359][ T27] ? lockdep_hardirqs_on+0x79/0x100
[ 286.605590][ T27] ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[ 286.611300][ T27] ? ktime_get+0x30b/0x470
[ 286.615802][ T27] async_run_entry_fn+0x9d/0x550
[ 286.620769][ T27] process_one_work+0x9ac/0x1650
[ 286.625820][ T27] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 286.631196][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.636173][ T27] ? _raw_spin_lock_irq+0x41/0x50
[ 286.641205][ T27] worker_thread+0x657/0x1110
[ 286.645939][ T27] ? process_one_work+0x1650/0x1650
[ 286.651145][ T27] kthread+0x2e9/0x3a0
[ 286.655261][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 286.660889][ T27] ret_from_fork+0x1f/0x30
[ 286.665443][ T27] </TASK>
[ 286.669359][ T27] INFO: lockdep is turned off.
[ 286.674155][ T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 286.680993][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.16.0-syzkaller #0
[ 286.688786][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 286.698827][ T27] Call Trace:
[ 286.702094][ T27] <TASK>
[ 286.705014][ T27] dump_stack_lvl+0xcd/0x134
[ 286.709594][ T27] panic+0x2b0/0x6dd
[ 286.713517][ T27] ? __warn_printk+0xf3/0xf3
[ 286.718100][ T27] ? check_same_owner+0x260/0x260
[ 286.723158][ T27] ? watchdog.cold+0x130/0x158
[ 286.727941][ T27] watchdog.cold+0x141/0x158
[ 286.732519][ T27] ? reset_hung_task_detector+0x30/0x30
[ 286.738055][ T27] kthread+0x2e9/0x3a0
[ 286.742136][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 286.747760][ T27] ret_from_fork+0x1f/0x30
[ 286.752169][ T27] </TASK>
[ 286.755456][ T27] Kernel Offset: disabled
[ 286.759775][ T27] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=14278aebb00000
Tested on:
commit: d0b248cc loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git part_tbl_mutex
kernel config: https://syzkaller.appspot.com/x/.config?x=8783c5ec5e03b91
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot tried to test the proposed patch but the build/boot failed:
ec0egsee fo M pt
9573][ T1vii-5V tue deiergtrd io
.5174[ 1 ii-05:CCaatrcec1rgseefoHM tt0
.727] 1]vvi-05:VL2uptdevc eitrd a d2
.705[ T ii-05:VL atuedevc eitrd sv0,uorraadlcV
.5252] 1v-05V2ottecrgie a i1 uortrwnsiedB
.732] 1 vvd05: 42cpur dic eitrd swao
5717[ 1 vvd05:VL eevr dvc eitreda ai0
.701] 1]vvd05V2 tasiterevc eitrdsrd1
.709[ 1 ii-05:VL eaaa cpur eiereite side5
.71[ T] ii-05: 42mtdta otu eic egsrdsieo
.794] T]vvd05: L oc aptr eiergieeavlou
5890[ 1 ivd06:uin ige pnafra I
598[ T]vvd006 C dpe ec eitrdfo DIiu0
.25] 1 vi-06:V4 cpu dvcergseed ie7
.902[ 1 ii-6 C aatrcec3rgsee fo D uu 0
9537] 1 iv-06: 42otutdev rgstrd asvdo2
534] 1]ii-06:VL adeieriseeda i,upordlceBI
.563] T]vvd-06V42otu evc eitrd sv13uprswa iedB
.941[ ] ii-06: 42cpuedei rgseed ssai
5828[ 1 ii-06:VL2rcie dviergseed srdo2
592] T]vvd06:VL rnmtte eiergstrdsri1
9602] 1 ii-06:VL eaaa te eiereseea de2
.60131[ T vd-06 V42 meadaa tutdvc regserda vdeo3
.031] 1vd64L2tuhcpuedv gialou6
.027] T]vvd7usn uta frtAI
.6] ]vvd07:CCaatre ste frDIip
.656] T]vvd-07:VL ate deiergseed ie3
.657[ 1 ii-07:CCadpe ec1 eite foDot0
.69] T1 vvd007: 42tptdevc eitrd sve2
.18] T ii-07:VL atr deiergstrd sb1,uporran cVB
.199[ 1 iid07:V42otu ee eitrd sv1,sor aa iedV
.202][ 1 vii-07V4 atredeiergseed wdo
9.02] 1 ii-07: 42rcie deieretesai
18[ 1vid07:VL tasiterdvc eitard5
.21[ 1 ii-07:VL eaaa cpuedvc reitre sd
9371] 1]vvd07V42mtdt otptdeierese ie3
.289] 1]vd07V2 oc aptr iried svlou7
.27 1vid08:uigsnl plnrfra PI
.348[ ]vvd08:CCaatrce1 eitrdfo DMnt0
.350[ 1 ii-08 Lcpuedeiergseeds e3
.381] T]vvd008 t cec7rgsdfrMp0
99] Tvi08V42otu deviergse a do
9609] T1 ivd08: 42cpuedeic eitrd sb1,upor an lcdB
.40] T]vvd008:V42otu ecergsed av1,uorsr nsiedB
.435[ 1 ivd08:VL cpuedevc eitrd ssai
9634] 1 ii-08:VL eevr dic eitres ai1
.466[ 1 ii-08:VL rnmtte eiergstr sio
6461[ T]vid08:VL edaa cpuedeieresrdsido7
.476][ 1 ii-08:VL eaa tptdvc egtr ieo
.483[ 1 ii-08:VL oc ptr eiergisrdsvlo8
.482] T] ii-09: sn ulila om I
96951[ T]vv-09:CCaatrce eitdfrDIiu
96074[ 1 vvd09:VL tudi esred ve3
.672] T]vvd-09:C ec1 esrdfDMopt 0
62 1vi-09V42oudee este sie0
.681] 1 ii-09:VL atr deiergerd svi8 uporsrwa lceB
.654] T1 ii-09:4L up devc eite av1,uortr nledV
6633[ ] ii-09 L2apr diresrda do
97] T]ii-09:VL eevr dvceeie r1
.644[ 1 iid92nitreverestdra9
9.650[ 1 ii-09:VLmeaa ptr eieresrdavd
676[ T1 id09 V2 eaaa otu ev ee aieo
.768[ 1 ii-09:VLo cptrdieids4-oc9
.785[ 1 ivd00:usn igeplna omtAI
615[ vd00CCdprec eifo M nt0
629] ]id00 L ctu dei eieeda i
647 T]vvd00:CE dtere1 gsrdfHM pu 0
.850[ T]vvi-104Lutu ev eite sve4
.863[ 1 iid10tedeiergsed b0 pot asicdV
68[ T1 ii-00:VL up ee eitrd v2uprt ndie B
.03] 1 ii-1042 atr dcergsrda rdi0
913 T1 i-0 VL eevr viergsee ai0
.6277[ T]vii-10:VL rnmtte eieritedsai1
.909] 1 vvd00:VL taaa cpuedieresedavde4
99[ 1 vd10 4 td uteite4
9.69] 1vii-10:VL c aptr eieeiteea ltoc1
6988[ 1 ii-11:uigmtilanrfrt I
078 vi01C at ec2eiedfoHMiu
.044[ 1 vvd01 L2apuedeie eited sde7
.75] T]ii-11:CCaatre re fDot0
76] vd11 2utu eic eitd a ie4
.199[ 1 iid11:VL atredeie eieed bi,upo a n ice I
.735[ T]vvd01:VL uutdevc eitr svi,sprt ad ce B
784[ 1 ii011:VL atr deiergsed ssai1
.188[ 1 ii-11:VL cie dvc eitre rio
.180[ 1 ii-11:VL rnmterdvc eitedasdo3
.181] T]vii-11: 42mtdt cptr eierseeavdo9
.189] 1 ivd014L eaaa tpt ec etedsieo0
.706][ T]vd-11:V2 tuhcptr eieeiesv-ouh
.728] T]viid12usgsnl pln raAI
.722] 1]vvd02:CCaatrcec4rgitdfHD pt
9737] 1 ii-12:VL aprdvc eitrd sie5
.362[ 1 ivd012: E dptrcec2 eite foMItu0
.358][ 1 vvd012:VL2otu devcergsed avde2
.386[ T1 ii-12 L2cpu deieritrd sb2 uoraanscV
.344[ T]vvd02: 42otu ecrgstd av2,uprtrw scedB
.366] T ii02V4 cpuedviergseed swa2
.476[ 1 ii-12:VL eevr dvc eitredsao4
.769] 1 ii-12:VL rnmtte ei rgstedadi5
.473] T] ii-12:VL mtdt catr eieresees d
.435] 1 vv-12V42mtaaa tptdeieregsee sve4
726[ T]vvd02:VLtuc aptr vergisr s4toc1
.7624[ T]vvd03:usn lpaafraAI
.543] T iid03:CC dpe ec6rgitrdfHD nt0
.534[ 1 ii-13:VL atu deiergseed ve5
.586] T] ii013:CCaatrcec7rgseefrHMop 0
567[ T]vvd013: 42otu devc eisee a do
.668[ Tvi-13: 42catr deic eitrd svi,uporsa dsce B
.666[ T1 ii-13 VL uptdevc eitrd a i7 port wadlcedV
.6] T1 ii-3V4 apuedeiergseeda di3
.664 T]vvd03:VL eir dvc estreda ado
.687[ 1 ii-13:VL ntt icergstrdsri7
.679[ T]vv-03:VL eaaa atr ei rgsrda ide
.70[ T vi03:VL eaaa otu eieree vie5
9764] 1 ii-13:VL oc aptr eierierdaltoc1
97855[ T]vvd04: sn igepna omtPI
7754] 1 ii-14:CCaatrcec8ritrdfo DIipt0
.7929[ T]vvd04V42cpuedeiergseed do9
.736] T]vvi-14CE dpe ec9rgtefoHM tu0
982[ 1 ii-14:VL uptdevergsee avd6
.817 T1 iid4:VL atredeiergstrd sb2,spot aadlcdV
9826] T]vvd-14: 4 otu ec rised avi9sprt n ledB
.747][ T]vii-04:VL cpuedevc egseed sswaio4
7856[ 1 ii04:42rev dvcrgsredsri2
783] T]vv-04:42 rnmtte eiergstre sao9
97740[ T vvd04 V2 edaa cpuedvergt d
9.82[ ]iv04VL eaaa opude eer sveo2
.893] ]vvd04:VL oc aptr eierisedav-oc4
9.922[ 1 vvd05:uin utpana omtAI
.042[ 1 ii-15: E apt ec0rgsee fo Mpu0
.056[ 1 ii-54catr dicrgseed sio
.045] T]vvd05:C aatrcec1resedfo I pu0
.8363[ T]vvd05:VL uptdeic eieed avd6
.048] T]vii-15 V4L atuedicrgitrda i0spo r dsce I
986] vi15V2 ttevcetrd ai3 uort asiedB
.874] T1 ivd05:VL atue deiergseed wdo5
988] T1vd5 4ree dvc eitredsri3
8099[ T vvd05:V42tasitte eiergstedsri3
08[ T1 ivd05V4 eaaa catuedvcreieea de5
8181 1 ii-15:VL eaaa otu eieretedsve
9 T]vd15:VL ohcaprecrisee svloch
98324[ 1 vm2vm2.:Dvc egitrds dv/vdo
814] T]vcdc vioe.:Deie steu-nod' eisee as/dvvdo8
.143[ 1 ioe vioe.:Dvce tafdod' eiee asdvve6
9884][ 1d vdc0 eie 'ttls-eodrrgsee aevio0
8296 T] vdv DV:reitrn nwaatr(b_vdvbig)
.864] T]ic 2-0: V:rgsride on (mydedfrV-/T2/S).
9.69] ]dbv dvra_e_ett ein meo f BT2CS2 gtre.
31] 1vb d_etmi_nit:md nty've' rstd
4 1vtvidv:ucsslitiidvtv
9.733[ 1 scoe rgstrdnwiercedie risr
985 T]uboe gierd e inefc ir risr2
.82] T1uscr: rgseednw inefedir dr0
004[ 1ubo: resee nwinefcedv rd-i7
8426[ T1uboe rgsee e inefe ie ri-bi73
.828] 1 scr: rgsee e intraedir aom0
9831] ] scr: isee ewinefc ie rdoke
.831] 1 uoe reitrd e intfaedier iom90
852] 1 scr: rire e inefc rver rai-aeon
89 1]ubcr: gtrdnwierc rvr pw_s
9 icaeo FIMDLHE iaed uia Aaeswilntb crddi eI og
.531 T]dvmap:uetvero1.3
830 T]dvc-mar otl .450icl(2-32iniise:mde@dhto
99] ]dieape:ula rnrbn rsn12lae
954] T]eceap: tp egh ero02 ad
958] 1 eiema:ulp v-:vesn0.lade
56] 1dvemaperrai:odi ae rio11.
.8811[ T]Buoh:CU ie v 2
83 TBhIR ooo esed
957] T]BothIUT ooBCPeie
.648 T1 letoh: C ATpooco L eitred
.812][ 1 ButohH ATpooclTreir (5 gsr
61[ T ueh U roc serd
29[ T leohI Rpro GXrgtrd
9.830][ T]Butoth: C ATpooco avl eisee
98589[ T]uboe rgsee e inerae rie bm03
.695] T]ubcr: rgstrd e inefc rvr ba0
9877 T usoe risee wifa rv bu
887][ T bcr: gseednwinefc ie ts
8656[ 1 scre rgstrdnw ircerv ak
8702] TP2. satdpwt mo mdewr
9726 1odaISin .
.722] E girPFS pcofmy
820 DP dle
975 1]INdp:S ocsver 0se Tieus1fs
876] 1 ID:Laye-1oe-drie e.2.0
93[ 1 rul eieeter
98893] T]uboe gsee eieraedie CSS
89 T ne_te:Ume nspoe
.930[ 1 U30Drie o atstae Ciqollieo 0
993] 1br: rgtreirae vr b0
922 1 scr: rgser e inefc die uh
.6 1 ssi:estedtasor ie)
9999[ ]StiRP tce
8978[ T]Die frmbfe'ws ualt et w u_ye ceotbcath sw niaie.
4] 1]ir'mmooe ual eierwthbsy 'botbcus ebsa nntaie
1 irvut ei h bsye'eoo cueh uwsonti
.0[ 1dr HDe deC iiKin
.68][ T ipt ImExS2eei Eloe oues /eiepfor/84/ei1/ip/u
97[ ] boe: ied e itrae rvr ub
950 T]ubhd USBHDcor rve
9924[ ] scr: rgser nwierir s_iv
.98] T1 cmd:veso ..6- ht:/w.odrg
.986] T]uscr: isee e inefc die dt82
.561[ T]sboe rgseeew inefaedie n651
.540[ T1 scre rgstrdnw inefc dvr ubx
.524[ T1 scr: rgsednwinerfedv dfs
590] T]uboe rgsee e iedv ubusga
.5] T]ubo: rgsee e ieaedie vk0x
98[ ] oe: eee e itfcev rmu
5] 1usce: rgsee e intraedie r72
.9340[ T1 smm intaie
.696[ 1 ryu: reitrdnwdrvrhd
.648] T1 rys: rgsee e drvbp
.625[ 1 bgpy: eitrdnw die s
.6523[ Tau_m:AUSWeei v d
103 T1 soe: ried e ieraedie sdubado
1001 T1uoe reitd eiecdrv -10
1.03][ 1]usore rgsee e ieraerie d-b-s2
1.138 T]ubcr gitrne inefc rvr sdubu12
0117] 1 sboe rgitrdne intra die d-s-aa
.136] 1 uboe gitrdne ieaedivr ds-fie
1.104] ]uboe risee e inefc rvr sdub-fc
.00[ T]uboe: reitrdnwinefc rer sdcd00
10114 T]uboe rgsee ewierfc drie d_sbpo
0.104[ T]uboe rgsee e inefc rvr sdubpdd
.188] Tuc: isee e intraedivr dsbtnprt
1.18] 1 uboe: reitrd e inerae rvr sn_sbvra
1.169[ 1 rpmnit: ntaing ewr rpmoio evc
05[ ] T:RgiseeLCprooo aiy
1012] T]GC rbailyo
01] ei n
1.026] T]SmlCato od
1] 1]ee:verso .
0079] T u2 lssiir
093] 1 eforac ones o
003[ ] ntdiehc n
0087] T] Aton ofgue
.0][ T]n_cntrac_rc ald rise epes
0071] 1 fotrak_ne ald orgse elpr
1.048] T nonrc_pfie trgtelpr
glT
nbs,y
v
ri
rg
ci
lg
oi
vg
be
Sbr
hi
hi
hi
eg
qi
we
id
v d
E t
Gn
erg
T d
izk
R
i
R6
e
OI
b
6 l
u
iTy
ir
it
ir
u
giMy
iSp
Nip
twr
ir
ar
cla
st
thy
h e
h1
1ht
h a
ha
hu
ha
hno
ha
i
d
r
ir
_c
_c
ev
:l
lL
ln
:pr
6:uf)
iTy
0r
tT
tTe
su)
eir
ed
ep
t
ip
Tan
ir
n
gip
i0a
g
d e ve
thp
gi
o:r
ht
sd
ma
ob,21
es
c9e
. tf60
o
__ gas
p co
l
t
e
K o
ed g
oac3t
r
t
:pn
T,ay
clc
. tf60
or
ai
tts
ui
ui
uC
uN)
uP
u
u
u
C
g0
c]
li
p
:
:eiu
:e0e7
o Diorh
ayr
i
m
o
r 1
[ 76.264810][ T7] cfg80211: failed to load regulatory.db
[ 286.184138][ T27] INFO: task swapper/0:1 blocked for more than 143 seconds.
[ 286.191471][ T27] Not tainted 5.16.0-syzkaller #0
[ 286.197050][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.205734][ T27] task:swapper/0 state:D stack:23112 pid: 1 ppid: 0 flags:0x00004000
[ 286.214936][ T27] Call Trace:
[ 286.218203][ T27] <TASK>
[ 286.221123][ T27] __schedule+0xab2/0x4f00
[ 286.225737][ T27] ? lock_acquire+0x442/0x510
[ 286.230437][ T27] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.235965][ T27] ? prepare_to_wait_event+0xc8/0x690
[ 286.241378][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.246356][ T27] ? trace_hardirqs_on+0x5b/0x1c0
[ 286.251414][ T27] ? io_schedule_timeout+0x180/0x180
[ 286.256702][ T27] ? trace_hardirqs_on+0x5b/0x1c0
[ 286.261723][ T27] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 286.267573][ T27] schedule+0xd2/0x260
[ 286.271636][ T27] wait_for_device_probe+0x1ba/0x220
[ 286.276993][ T27] ? driver_sysfs_add+0x350/0x350
[ 286.282050][ T27] ? finish_wait+0x270/0x270
[ 286.286661][ T27] ? init_eaccess+0xa2/0xd3
[ 286.291227][ T27] ? init_chmod+0xd6/0xd6
[ 286.295657][ T27] prepare_namespace+0x46/0x234
[ 286.300502][ T27] kernel_init_freeable+0x722/0x73a
[ 286.305718][ T27] ? rest_init+0x3e0/0x3e0
[ 286.310154][ T27] kernel_init+0x1a/0x1d0
[ 286.314484][ T27] ? rest_init+0x3e0/0x3e0
[ 286.318894][ T27] ret_from_fork+0x1f/0x30
[ 286.323320][ T27] </TASK>
[ 286.326351][ T27] INFO: task kworker/u4:0:8 blocked for more than 143 seconds.
[ 286.333879][ T27] Not tainted 5.16.0-syzkaller #0
[ 286.339424][ T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 286.348149][ T27] task:kworker/u4:0 state:D stack:26560 pid: 8 ppid: 2 flags:0x00004000
[ 286.357445][ T27] Workqueue: events_unbound async_run_entry_fn
[ 286.363694][ T27] Call Trace:
[ 286.367023][ T27] <TASK>
[ 286.369956][ T27] __schedule+0xab2/0x4f00
[ 286.374408][ T27] ? dump_stack_lvl+0x120/0x134
[ 286.379328][ T27] ? lock_acquire+0x442/0x510
[ 286.384045][ T27] ? rcu_read_lock_sched_held+0xd/0x70
[ 286.389498][ T27] ? lock_release+0x522/0x720
[ 286.394230][ T27] ? io_schedule_timeout+0x180/0x180
[ 286.399537][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.404505][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 286.410932][ T27] schedule+0xd2/0x260
[ 286.415137][ T27] schedule_preempt_disabled+0xf/0x20
[ 286.420573][ T27] __mutex_lock+0xa32/0x12f0
[ 286.425260][ T27] ? blk_drop_partitions+0x72/0x110
[ 286.430657][ T27] ? mutex_lock_io_nested+0x1150/0x1150
[ 286.436244][ T27] ? __mutex_lock+0x21a/0x12f0
[ 286.440999][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 286.447265][ T27] ? filemap_check_errors+0xa5/0x150
[ 286.452635][ T27] ? xas_reload+0x440/0x440
[ 286.457163][ T27] ? mutex_lock_io_nested+0x1150/0x1150
[ 286.462804][ T27] blk_drop_partitions+0x72/0x110
[ 286.467887][ T27] ? bdev_resize_partition+0x1a0/0x1a0
[ 286.473359][ T27] bdev_disk_changed+0x177/0xee0
[ 286.478500][ T27] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 286.484836][ T27] blkdev_get_whole+0x2fc/0x400
[ 286.489782][ T27] blkdev_get_by_dev.part.0+0x35a/0x9a0
[ 286.495365][ T27] ? devcgroup_check_permission+0x1bb/0x410
[ 286.501521][ T27] blkdev_get_by_dev+0x6b/0x80
[ 286.506336][ T27] disk_scan_partitions+0x118/0x1a0
[ 286.511533][ T27] device_add_disk+0xb9d/0xd70
[ 286.516367][ T27] sd_probe+0xac7/0x10a0
[ 286.520690][ T27] ? sd_open+0x7b0/0x7b0
[ 286.524981][ T27] really_probe+0x245/0xcc0
[ 286.529493][ T27] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 286.535766][ T27] __driver_probe_device+0x338/0x4d0
[ 286.541169][ T27] driver_probe_device+0x4c/0x1a0
[ 286.546261][ T27] __device_attach_driver+0x20b/0x2f0
[ 286.551627][ T27] ? driver_allows_async_probing+0x150/0x150
[ 286.557714][ T27] bus_for_each_drv+0x15f/0x1e0
[ 286.562620][ T27] ? bus_for_each_dev+0x1d0/0x1d0
[ 286.567665][ T27] ? _raw_spin_unlock_irqrestore+0x50/0x70
[ 286.573487][ T27] ? lockdep_hardirqs_on+0x79/0x100
[ 286.578707][ T27] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 286.584592][ T27] ? state_synced_show+0x80/0x80
[ 286.589522][ T27] __device_attach_async_helper+0x1c9/0x280
[ 286.595423][ T27] ? state_synced_show+0x80/0x80
[ 286.600359][ T27] ? lockdep_hardirqs_on+0x79/0x100
[ 286.605590][ T27] ? __sanitizer_cov_trace_cmp4+0x1c/0x70
[ 286.611300][ T27] ? ktime_get+0x30b/0x470
[ 286.615802][ T27] async_run_entry_fn+0x9d/0x550
[ 286.620769][ T27] process_one_work+0x9ac/0x1650
[ 286.625820][ T27] ? pwq_dec_nr_in_flight+0x2a0/0x2a0
[ 286.631196][ T27] ? rwlock_bug.part.0+0x90/0x90
[ 286.636173][ T27] ? _raw_spin_lock_irq+0x41/0x50
[ 286.641205][ T27] worker_thread+0x657/0x1110
[ 286.645939][ T27] ? process_one_work+0x1650/0x1650
[ 286.651145][ T27] kthread+0x2e9/0x3a0
[ 286.655261][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 286.660889][ T27] ret_from_fork+0x1f/0x30
[ 286.665443][ T27] </TASK>
[ 286.669359][ T27] INFO: lockdep is turned off.
[ 286.674155][ T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 286.680993][ T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.16.0-syzkaller #0
[ 286.688786][ T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 286.698827][ T27] Call Trace:
[ 286.702094][ T27] <TASK>
[ 286.705014][ T27] dump_stack_lvl+0xcd/0x134
[ 286.709594][ T27] panic+0x2b0/0x6dd
[ 286.713517][ T27] ? __warn_printk+0xf3/0xf3
[ 286.718100][ T27] ? check_same_owner+0x260/0x260
[ 286.723158][ T27] ? watchdog.cold+0x130/0x158
[ 286.727941][ T27] watchdog.cold+0x141/0x158
[ 286.732519][ T27] ? reset_hung_task_detector+0x30/0x30
[ 286.738055][ T27] kthread+0x2e9/0x3a0
[ 286.742136][ T27] ? kthread_complete_and_exit+0x40/0x40
[ 286.747760][ T27] ret_from_fork+0x1f/0x30
[ 286.752169][ T27] </TASK>
[ 286.755456][ T27] Kernel Offset: disabled
[ 286.759775][ T27] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=14278aebb00000
Tested on:
commit: d0b248cc loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git part_tbl_mutex
kernel config: https://syzkaller.appspot.com/x/.config?x=8783c5ec5e03b91
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Jan 19, 2022, 4:09:11 AM1/19/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
possible deadlock in blkdev_put_whole
======================================================
WARNING: possible circular locking dependency detected
5.16.0-syzkaller #0 Not tainted
------------------------------------------------------
udevd/4227 is trying to acquire lock:
ffff88807e9dd138 ((wq_completion)loop2){+.+.}-{0:0}, at: flush_workqueue+0xe1/0x13a0 kernel/workqueue.c:2824
but task is already holding lock:
ffff88801a4161a8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put_whole+0x4f/0x1b0 block/bdev.c:728
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #6 (&disk->open_mutex){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
blkdev_get_whole+0x4f/0x3c0 block/bdev.c:705
blkdev_get_by_dev.part.0+0x35a/0x9a0 block/bdev.c:862
blkdev_get_by_dev+0x6b/0x80 block/bdev.c:878
swsusp_check+0x97/0x420 kernel/power/swap.c:1526
software_resume.part.0+0x102/0x1f0 kernel/power/hibernate.c:979
software_resume kernel/power/hibernate.c:86 [inline]
resume_store+0x161/0x190 kernel/power/hibernate.c:1181
kobj_attr_store+0x50/0x80 lib/kobject.c:856
sysfs_kf_write+0x110/0x160 fs/sysfs/file.c:136
kernfs_fop_write_iter+0x342/0x500 fs/kernfs/file.c:296
call_write_iter include/linux/fs.h:2086 [inline]
new_sync_write+0x431/0x660 fs/read_write.c:503
vfs_write+0x7cd/0xae0 fs/read_write.c:590
ksys_write+0x12d/0x250 fs/read_write.c:643
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #5 (system_transition_mutex/1){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
software_resume.part.0+0x19/0x1f0 kernel/power/hibernate.c:934
software_resume kernel/power/hibernate.c:86 [inline]
resume_store+0x161/0x190 kernel/power/hibernate.c:1181
kobj_attr_store+0x50/0x80 lib/kobject.c:856
sysfs_kf_write+0x110/0x160 fs/sysfs/file.c:136
kernfs_fop_write_iter+0x342/0x500 fs/kernfs/file.c:296
call_write_iter include/linux/fs.h:2086 [inline]
new_sync_write+0x431/0x660 fs/read_write.c:503
vfs_write+0x7cd/0xae0 fs/read_write.c:590
ksys_write+0x12d/0x250 fs/read_write.c:643
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #4 (&of->mutex){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
kernfs_seq_start+0x4b/0x260 fs/kernfs/file.c:112
seq_read_iter+0x2c6/0x1280 fs/seq_file.c:225
kernfs_fop_read_iter+0x44f/0x5f0 fs/kernfs/file.c:241
call_read_iter include/linux/fs.h:2080 [inline]
new_sync_read+0x429/0x6e0 fs/read_write.c:400
vfs_read+0x35c/0x600 fs/read_write.c:481
ksys_read+0x12d/0x250 fs/read_write.c:619
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #3 (&p->lock){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
seq_read_iter+0xdf/0x1280 fs/seq_file.c:182
call_read_iter include/linux/fs.h:2080 [inline]
generic_file_splice_read+0x45b/0x6d0 fs/splice.c:311
do_splice_to+0x1bf/0x250 fs/splice.c:796
splice_direct_to_actor+0x2c2/0x8c0 fs/splice.c:870
do_splice_direct+0x1b3/0x280 fs/splice.c:979
do_sendfile+0xaf2/0x1250 fs/read_write.c:1245
__do_sys_sendfile64 fs/read_write.c:1310 [inline]
__se_sys_sendfile64 fs/read_write.c:1296 [inline]
__x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #2 (sb_writers#3){.+.+}-{0:0}:
percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
__sb_start_write include/linux/fs.h:1734 [inline]
sb_start_write include/linux/fs.h:1804 [inline]
file_start_write include/linux/fs.h:2949 [inline]
lo_write_bvec drivers/block/loop.c:242 [inline]
lo_write_simple drivers/block/loop.c:265 [inline]
do_req_filebacked drivers/block/loop.c:494 [inline]
loop_handle_cmd drivers/block/loop.c:1812 [inline]
loop_process_work+0x1499/0x1db0 drivers/block/loop.c:1852
process_one_work+0x9ac/0x1650 kernel/workqueue.c:2307
worker_thread+0x657/0x1110 kernel/workqueue.c:2454
kthread+0x2e9/0x3a0 kernel/kthread.c:359
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
-> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}:
process_one_work+0x91b/0x1650 kernel/workqueue.c:2283
worker_thread+0x657/0x1110 kernel/workqueue.c:2454
kthread+0x2e9/0x3a0 kernel/kthread.c:359
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
-> #0 ((wq_completion)loop2){+.+.}-{0:0}:
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a2c/0x5470 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5639 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604
flush_workqueue+0x110/0x13a0 kernel/workqueue.c:2827
drain_workqueue+0x1a5/0x3c0 kernel/workqueue.c:2992
destroy_workqueue+0x71/0x800 kernel/workqueue.c:4429
__loop_clr_fd+0x1a7/0xd20 drivers/block/loop.c:1116
lo_release+0x1a7/0x1f0 drivers/block/loop.c:1716
blkdev_put_whole+0xf6/0x1b0 block/bdev.c:732
blkdev_put+0x228/0x670 block/bdev.c:946
blkdev_close+0x6a/0x80 block/fops.c:515
__fput+0x286/0x9f0 fs/file_table.c:280
task_work_run+0xdd/0x1a0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:188 [inline]
exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207
__syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300
do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x44/0xae
other info that might help us debug this:
Chain exists of:
(wq_completion)loop2 --> system_transition_mutex/1 --> &disk->open_mutex
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&disk->open_mutex);
lock(system_transition_mutex/1);
lock(&disk->open_mutex);
lock((wq_completion)loop2);
*** DEADLOCK ***
1 lock held by udevd/4227:
#0: ffff88801a4161a8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put_whole+0x4f/0x1b0 block/bdev.c:728
stack backtrace:
CPU: 1 PID: 4227 Comm: udevd Not tainted 5.16.0-syzkaller #0
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2143
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a2c/0x5470 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5639 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604
flush_workqueue+0x110/0x13a0 kernel/workqueue.c:2827
drain_workqueue+0x1a5/0x3c0 kernel/workqueue.c:2992
destroy_workqueue+0x71/0x800 kernel/workqueue.c:4429
__loop_clr_fd+0x1a7/0xd20 drivers/block/loop.c:1116
lo_release+0x1a7/0x1f0 drivers/block/loop.c:1716
blkdev_put_whole+0xf6/0x1b0 block/bdev.c:732
blkdev_put+0x228/0x670 block/bdev.c:946
blkdev_close+0x6a/0x80 block/fops.c:515
__fput+0x286/0x9f0 fs/file_table.c:280
task_work_run+0xdd/0x1a0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:188 [inline]
exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207
__syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300
do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f65eae64fc3
Code: 48 ff ff ff b8 ff ff ff ff e9 3e ff ff ff 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8
RSP: 002b:00007ffe5f57a1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 00007f65ead0d6a8 RCX: 00007f65eae64fc3
RDX: 000000000000001c RSI: 00007ffe5f5799f8 RDI: 0000000000000008
RBP: 000055b7e2a660c0 R08: 0000000000000007 R09: 000055b7e2a61a60
R10: 000000000176fad2 R11: 0000000000000246 R12: 0000000000000002
R13: 000055b7e2a5a640 R14: 0000000000000008 R15: 000055b7e2a40910
</TASK>
I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 1, async page read
I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 2, async page read
I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 1, async page read
Buffer I/O error on dev loop3, logical block 2, async page read
Buffer I/O error on dev loop1, logical block 1, async page read
Buffer I/O error on dev loop1, logical block 2, async page read
I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
buffer_io_error: 14 callbacks suppressed
Buffer I/O error on dev loop3, logical block 1, async page read
Buffer I/O error on dev loop3, logical block 2, async page read
Buffer I/O error on dev loop3, logical block 3, async page read
Buffer I/O error on dev loop3, logical block 4, async page read
Buffer I/O error on dev loop3, logical block 5, async page read
Buffer I/O error on dev loop3, logical block 6, async page read
Buffer I/O error on dev loop3, logical block 7, async page read
Buffer I/O error on dev loop3, logical block 1, async page read
I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
I/O error, dev loop5, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop5, logical block 1, async page read
Tested on:
commit: a0b72af7 loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git
console output: https://syzkaller.appspot.com/x/log.txt?x=10777867b00000
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
possible deadlock in blkdev_put_whole
======================================================
WARNING: possible circular locking dependency detected
5.16.0-syzkaller #0 Not tainted
------------------------------------------------------
udevd/4227 is trying to acquire lock:
ffff88807e9dd138 ((wq_completion)loop2){+.+.}-{0:0}, at: flush_workqueue+0xe1/0x13a0 kernel/workqueue.c:2824
but task is already holding lock:
ffff88801a4161a8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put_whole+0x4f/0x1b0 block/bdev.c:728
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #6 (&disk->open_mutex){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
blkdev_get_whole+0x4f/0x3c0 block/bdev.c:705
blkdev_get_by_dev.part.0+0x35a/0x9a0 block/bdev.c:862
blkdev_get_by_dev+0x6b/0x80 block/bdev.c:878
swsusp_check+0x97/0x420 kernel/power/swap.c:1526
software_resume.part.0+0x102/0x1f0 kernel/power/hibernate.c:979
software_resume kernel/power/hibernate.c:86 [inline]
resume_store+0x161/0x190 kernel/power/hibernate.c:1181
kobj_attr_store+0x50/0x80 lib/kobject.c:856
sysfs_kf_write+0x110/0x160 fs/sysfs/file.c:136
kernfs_fop_write_iter+0x342/0x500 fs/kernfs/file.c:296
call_write_iter include/linux/fs.h:2086 [inline]
new_sync_write+0x431/0x660 fs/read_write.c:503
vfs_write+0x7cd/0xae0 fs/read_write.c:590
ksys_write+0x12d/0x250 fs/read_write.c:643
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #5 (system_transition_mutex/1){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
software_resume.part.0+0x19/0x1f0 kernel/power/hibernate.c:934
software_resume kernel/power/hibernate.c:86 [inline]
resume_store+0x161/0x190 kernel/power/hibernate.c:1181
kobj_attr_store+0x50/0x80 lib/kobject.c:856
sysfs_kf_write+0x110/0x160 fs/sysfs/file.c:136
kernfs_fop_write_iter+0x342/0x500 fs/kernfs/file.c:296
call_write_iter include/linux/fs.h:2086 [inline]
new_sync_write+0x431/0x660 fs/read_write.c:503
vfs_write+0x7cd/0xae0 fs/read_write.c:590
ksys_write+0x12d/0x250 fs/read_write.c:643
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #4 (&of->mutex){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
kernfs_seq_start+0x4b/0x260 fs/kernfs/file.c:112
seq_read_iter+0x2c6/0x1280 fs/seq_file.c:225
kernfs_fop_read_iter+0x44f/0x5f0 fs/kernfs/file.c:241
call_read_iter include/linux/fs.h:2080 [inline]
new_sync_read+0x429/0x6e0 fs/read_write.c:400
vfs_read+0x35c/0x600 fs/read_write.c:481
ksys_read+0x12d/0x250 fs/read_write.c:619
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #3 (&p->lock){+.+.}-{3:3}:
__mutex_lock_common kernel/locking/mutex.c:600 [inline]
__mutex_lock+0x12f/0x12f0 kernel/locking/mutex.c:733
seq_read_iter+0xdf/0x1280 fs/seq_file.c:182
call_read_iter include/linux/fs.h:2080 [inline]
generic_file_splice_read+0x45b/0x6d0 fs/splice.c:311
do_splice_to+0x1bf/0x250 fs/splice.c:796
splice_direct_to_actor+0x2c2/0x8c0 fs/splice.c:870
do_splice_direct+0x1b3/0x280 fs/splice.c:979
do_sendfile+0xaf2/0x1250 fs/read_write.c:1245
__do_sys_sendfile64 fs/read_write.c:1310 [inline]
__se_sys_sendfile64 fs/read_write.c:1296 [inline]
__x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
-> #2 (sb_writers#3){.+.+}-{0:0}:
percpu_down_read include/linux/percpu-rwsem.h:51 [inline]
__sb_start_write include/linux/fs.h:1734 [inline]
sb_start_write include/linux/fs.h:1804 [inline]
file_start_write include/linux/fs.h:2949 [inline]
lo_write_bvec drivers/block/loop.c:242 [inline]
lo_write_simple drivers/block/loop.c:265 [inline]
do_req_filebacked drivers/block/loop.c:494 [inline]
loop_handle_cmd drivers/block/loop.c:1812 [inline]
loop_process_work+0x1499/0x1db0 drivers/block/loop.c:1852
process_one_work+0x9ac/0x1650 kernel/workqueue.c:2307
worker_thread+0x657/0x1110 kernel/workqueue.c:2454
kthread+0x2e9/0x3a0 kernel/kthread.c:359
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
-> #1 ((work_completion)(&lo->rootcg_work)){+.+.}-{0:0}:
process_one_work+0x91b/0x1650 kernel/workqueue.c:2283
worker_thread+0x657/0x1110 kernel/workqueue.c:2454
kthread+0x2e9/0x3a0 kernel/kthread.c:359
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
-> #0 ((wq_completion)loop2){+.+.}-{0:0}:
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a2c/0x5470 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5639 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604
flush_workqueue+0x110/0x13a0 kernel/workqueue.c:2827
drain_workqueue+0x1a5/0x3c0 kernel/workqueue.c:2992
destroy_workqueue+0x71/0x800 kernel/workqueue.c:4429
__loop_clr_fd+0x1a7/0xd20 drivers/block/loop.c:1116
lo_release+0x1a7/0x1f0 drivers/block/loop.c:1716
blkdev_put_whole+0xf6/0x1b0 block/bdev.c:732
blkdev_put+0x228/0x670 block/bdev.c:946
blkdev_close+0x6a/0x80 block/fops.c:515
__fput+0x286/0x9f0 fs/file_table.c:280
task_work_run+0xdd/0x1a0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:188 [inline]
exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207
__syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300
do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x44/0xae
other info that might help us debug this:
Chain exists of:
(wq_completion)loop2 --> system_transition_mutex/1 --> &disk->open_mutex
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&disk->open_mutex);
lock(system_transition_mutex/1);
lock(&disk->open_mutex);
lock((wq_completion)loop2);
*** DEADLOCK ***
1 lock held by udevd/4227:
#0: ffff88801a4161a8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_put_whole+0x4f/0x1b0 block/bdev.c:728
stack backtrace:
CPU: 1 PID: 4227 Comm: udevd Not tainted 5.16.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
check_noncircular+0x25f/0x2e0 kernel/locking/lockdep.c:2143
check_prev_add kernel/locking/lockdep.c:3063 [inline]
check_prevs_add kernel/locking/lockdep.c:3186 [inline]
validate_chain kernel/locking/lockdep.c:3801 [inline]
__lock_acquire+0x2a2c/0x5470 kernel/locking/lockdep.c:5027
lock_acquire kernel/locking/lockdep.c:5639 [inline]
lock_acquire+0x1ab/0x510 kernel/locking/lockdep.c:5604
flush_workqueue+0x110/0x13a0 kernel/workqueue.c:2827
drain_workqueue+0x1a5/0x3c0 kernel/workqueue.c:2992
destroy_workqueue+0x71/0x800 kernel/workqueue.c:4429
__loop_clr_fd+0x1a7/0xd20 drivers/block/loop.c:1116
lo_release+0x1a7/0x1f0 drivers/block/loop.c:1716
blkdev_put_whole+0xf6/0x1b0 block/bdev.c:732
blkdev_put+0x228/0x670 block/bdev.c:946
blkdev_close+0x6a/0x80 block/fops.c:515
__fput+0x286/0x9f0 fs/file_table.c:280
task_work_run+0xdd/0x1a0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:188 [inline]
exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
exit_to_user_mode_prepare+0x27e/0x290 kernel/entry/common.c:207
__syscall_exit_to_user_mode_work kernel/entry/common.c:289 [inline]
syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:300
do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f65eae64fc3
Code: 48 ff ff ff b8 ff ff ff ff e9 3e ff ff ff 66 0f 1f 84 00 00 00 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8
RSP: 002b:00007ffe5f57a1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 00007f65ead0d6a8 RCX: 00007f65eae64fc3
RDX: 000000000000001c RSI: 00007ffe5f5799f8 RDI: 0000000000000008
RBP: 000055b7e2a660c0 R08: 0000000000000007 R09: 000055b7e2a61a60
R10: 000000000176fad2 R11: 0000000000000246 R12: 0000000000000002
R13: 000055b7e2a5a640 R14: 0000000000000008 R15: 000055b7e2a40910
</TASK>
I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 1, async page read
I/O error, dev loop3, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 2, async page read
I/O error, dev loop3, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop3, logical block 1, async page read
Buffer I/O error on dev loop3, logical block 2, async page read
Buffer I/O error on dev loop1, logical block 1, async page read
Buffer I/O error on dev loop1, logical block 2, async page read
I/O error, dev loop0, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 3 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
I/O error, dev loop0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
buffer_io_error: 14 callbacks suppressed
Buffer I/O error on dev loop3, logical block 1, async page read
Buffer I/O error on dev loop3, logical block 2, async page read
Buffer I/O error on dev loop3, logical block 3, async page read
Buffer I/O error on dev loop3, logical block 4, async page read
Buffer I/O error on dev loop3, logical block 5, async page read
Buffer I/O error on dev loop3, logical block 6, async page read
Buffer I/O error on dev loop3, logical block 7, async page read
Buffer I/O error on dev loop3, logical block 1, async page read
I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
I/O error, dev loop5, sector 1 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
Buffer I/O error on dev loop5, logical block 1, async page read
Tested on:
commit: a0b72af7 loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git
console output: https://syzkaller.appspot.com/x/log.txt?x=10777867b00000
syzbot
Jan 20, 2022, 2:58:16 AM1/20/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
commit: bafaf27e make autoclear operation synchronous again
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
commit: bafaf27e make autoclear operation synchronous again
git tree: git://git.infradead.org/users/hch/block.git part_tbl_mutex
kernel config: https://syzkaller.appspot.com/x/.config?x=bea51c746f88ab17
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
Note: testing is done by a robot and is best-effort only.
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Jan 25, 2022, 3:28:11 AM1/25/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to create VM pool: failed to create GCE image: create image operation failed: &{Code:PERMISSIONS_ERROR Location: Message:Required 'read' permission for 'disks/ci-upstream-linux-next-kasan-gce-root-test-job-test-job-image.tar.gz' ForceSendFields:[] NullFields:[]}.
Tested on:
commit: 291aaf2d loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
syzbot tried to test the proposed patch but the build/boot failed:
failed to create VM pool: failed to create GCE image: create image operation failed: &{Code:PERMISSIONS_ERROR Location: Message:Required 'read' permission for 'disks/ci-upstream-linux-next-kasan-gce-root-test-job-test-job-image.tar.gz' ForceSendFields:[] NullFields:[]}.
Tested on:
commit: 291aaf2d loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
syzbot
Jan 25, 2022, 10:37:07 AM1/25/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
failed to checkout kernel repo git://git.infradead.org/users/hch/block.git/loop-fix.2: failed to run ["git" "fetch" "--force" "dd4b44b9d93e402518491dd46b75e6c5682e16a7" "loop-fix.2"]: exit status 128
syzbot tried to test the proposed patch but the build/boot failed:
fatal: unable to connect to git.infradead.org:
git.infradead.org[0: 90.155.50.34]: errno=Network is unreachable
git.infradead.org[1: 2001:8b0:10b:1236::1]: errno=Network is unreachable
Tested on:
commit: [unknown
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
syzbot
Jan 25, 2022, 4:16:18 PM1/25/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: ODEBUG bug in loop_configure
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING: CPU: 0 PID: 5815 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
CPU: 0 PID: 5815 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 00 fd 05 8a 4c 89 ee 48 c7 c7 00 f1 05 8a e8 ec a3 26 05 <0f> 0b 83 05 95 f3 b3 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
RSP: 0018:ffffc9000377f8f0 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff88801c361d00 RSI: ffffffff815f9f48 RDI: fffff520006eff10
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff815f3cae R11: 0000000000000000 R12: ffffffff89ae21e0
R13: ffffffff8a05f600 R14: ffffffff8166bb70 R15: ffffffff90791738
FS: 00007ffa980b8700(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f834a75b000 CR3: 000000007ac86000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
__debug_object_init+0x524/0xd10 lib/debugobjects.c:593
debug_timer_init kernel/time/timer.c:724 [inline]
debug_init kernel/time/timer.c:772 [inline]
init_timer_key+0x2d/0x340 kernel/time/timer.c:816
loop_configure+0x955/0x19b0 drivers/block/loop.c:1025
lo_ioctl+0x278/0x17b0 drivers/block/loop.c:1529
blkdev_ioctl+0x37a/0x800 block/ioctl.c:588
vfs_ioctl fs/ioctl.c:51 [inline]
__do_sys_ioctl fs/ioctl.c:874 [inline]
__se_sys_ioctl fs/ioctl.c:860 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:860
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7ffa989428b7
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 04 54 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffa980b7f48 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007ffa9898c9c8 RCX: 00007ffa989428b7
RDX: 0000000000000003 RSI: 0000000000004c00 RDI: 0000000000000004
RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
R13: 0000000000000003 R14: 0000000020000560 R15: 0000000000000004
</TASK>
Tested on:
commit: 291aaf2d loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
console output: https://syzkaller.appspot.com/x/log.txt?x=12e3a000700000
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
syzbot
Jan 26, 2022, 3:14:23 AM1/26/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
BUG: corrupted list in loop_queue_rq
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
list_del corruption. prev->next should be ffff888013ff5d70, but was ffff88801aa76160. (prev=ffff88801aa76160)
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:51!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 3954 Comm: syz-executor.4 Not tainted 5.17.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_del_entry_valid.cold+0x12/0x50 lib/list_debug.c:51
Code: f1 ff 0f 0b 48 89 f1 48 c7 c7 e0 ee 05 8a 4c 89 e6 e8 e6 7d f1 ff 0f 0b 4c 89 e1 48 89 ee 48 c7 c7 80 f0 05 8a e8 d2 7d f1 ff <0f> 0b 4c 89 ea 48 89 ee 48 c7 c7 c0 ef 05 8a e8 be 7d f1 ff 0f 0b
RSP: 0018:ffffc90002b4f618 EFLAGS: 00010082
RAX: 000000000000006d RBX: ffff88801aac71c0 RCX: 0000000000000000
RDX: ffff88801ff20000 RSI: ffffffff815f9f48 RDI: fffff52000569eb5
RBP: ffff888013ff5d70 R08: 000000000000006d R09: 0000000000000000
R10: ffffffff815f3cae R11: 0000000000000000 R12: ffff88801aa76160
R13: ffff88801aa76160 R14: ffff88801aa76000 R15: ffff888013ff5d78
FS: 00007fc815a7f700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffef4d537e8 CR3: 000000007c233000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
__list_del_entry include/linux/list.h:134 [inline]
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<TASK>
list_del_init include/linux/list.h:206 [inline]
loop_queue_work drivers/block/loop.c:878 [inline]
loop_queue_rq+0x6af/0x1200 drivers/block/loop.c:1823
__blk_mq_issue_directly block/blk-mq.c:2420 [inline]
__blk_mq_try_issue_directly+0x56a/0x790 block/blk-mq.c:2473
blk_mq_try_issue_directly+0x21/0x90 block/blk-mq.c:2497
blk_mq_submit_bio+0x1606/0x2150 block/blk-mq.c:2837
__submit_bio+0x2a8/0x360 block/blk-core.c:806
__submit_bio_noacct_mq block/blk-core.c:881 [inline]
submit_bio_noacct block/blk-core.c:907 [inline]
submit_bio_noacct+0x6c9/0x8a0 block/blk-core.c:896
submit_bio block/blk-core.c:968 [inline]
submit_bio+0x1ea/0x430 block/blk-core.c:926
submit_bh_wbc+0x5e8/0x7e0 fs/buffer.c:3055
submit_bh fs/buffer.c:3061 [inline]
__bread_slow fs/buffer.c:1180 [inline]
__bread_gfp+0x17b/0x3c0 fs/buffer.c:1382
sb_bread include/linux/buffer_head.h:303 [inline]
fat_fill_super+0x33e/0x36e0 fs/fat/inode.c:1647
mount_bdev+0x34d/0x410 fs/super.c:1367
legacy_get_tree+0x105/0x220 fs/fs_context.c:610
vfs_get_tree+0x89/0x2f0 fs/super.c:1497
do_new_mount fs/namespace.c:2994 [inline]
path_mount+0x1320/0x1fa0 fs/namespace.c:3324
do_mount fs/namespace.c:3337 [inline]
__do_sys_mount fs/namespace.c:3545 [inline]
__se_sys_mount fs/namespace.c:3522 [inline]
__x64_sys_mount+0x27f/0x300 fs/namespace.c:3522
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fc81630b02a
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
Code: 48 c7 c2 bc ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 b8 04 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fc815a7efa8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000020000500 RCX: 00007fc81630b02a
RDX: 0000000020000000 RSI: 00000000200001c0 RDI: 00007fc815a7f000
RBP: 00007fc815a7f040 R08: 00007fc815a7f040 R09: 0000000020000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000020000000
R13: 00000000200001c0 R14: 00007fc815a7f000 R15: 0000000020010d00
</TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:__list_del_entry_valid.cold+0x12/0x50 lib/list_debug.c:51
Code: f1 ff 0f 0b 48 89 f1 48 c7 c7 e0 ee 05 8a 4c 89 e6 e8 e6 7d f1 ff 0f 0b 4c 89 e1 48 89 ee 48 c7 c7 80 f0 05 8a e8 d2 7d f1 ff <0f> 0b 4c 89 ea 48 89 ee 48 c7 c7 c0 ef 05 8a e8 be 7d f1 ff 0f 0b
RSP: 0018:ffffc90002b4f618 EFLAGS: 00010082
RAX: 000000000000006d RBX: ffff88801aac71c0 RCX: 0000000000000000
RDX: ffff88801ff20000 RSI: ffffffff815f9f48 RDI: fffff52000569eb5
RBP: ffff888013ff5d70 R08: 000000000000006d R09: 0000000000000000
R10: ffffffff815f3cae R11: 0000000000000000 R12: ffff88801aa76160
R13: ffff88801aa76160 R14: ffff88801aa76000 R15: ffff888013ff5d78
FS: 00007fc815a7f700(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffef4d537e8 CR3: 000000007c233000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Tested on:
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
commit: 6c6943f4 loop: make autoclear operation synchronous ag..
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
console output: https://syzkaller.appspot.com/x/log.txt?x=160d995bb00000
syzbot
Jan 26, 2022, 4:05:09 AM1/26/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
commit: 4ae000ff loop: make autoclear operation synchronous ag..
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
Dmitry Vyukov
Jan 26, 2022, 5:58:45 AM1/26/22
to syzbot, h...@lst.de, syzkall...@googlegroups.com, syzkaller
On Tue, 25 Jan 2022 at 09:28, syzbot
<syzbot+643e4c...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot tried to test the proposed patch but the build/boot failed:
>
> failed to create VM pool: failed to create GCE image: create image operation failed: &{Code:PERMISSIONS_ERROR Location: Message:Required 'read' permission for 'disks/ci-upstream-linux-next-kasan-gce-root-test-job-test-job-image.tar.gz' ForceSendFields:[] NullFields:[]}.
Hi Christoph,
<syzbot+643e4c...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot tried to test the proposed patch but the build/boot failed:
>
> failed to create VM pool: failed to create GCE image: create image operation failed: &{Code:PERMISSIONS_ERROR Location: Message:Required 'read' permission for 'disks/ci-upstream-linux-next-kasan-gce-root-test-job-test-job-image.tar.gz' ForceSendFields:[] NullFields:[]}.
I've filed https://github.com/google/syzkaller/issues/2988 for this.
These happen very infrequently, but maybe it's possible to retry on
our side or something.
syzbot
Jan 26, 2022, 10:48:09 AM1/26/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
commit: 0ef1fda1 loop: make autoclear operation synchronous ag..
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
git tree: git://git.infradead.org/users/hch/block.git loop-fix.2
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
kernel config: https://syzkaller.appspot.com/x/.config?x=cecefa10aece93a
dashboard link: https://syzkaller.appspot.com/bug?extid=643e4ce4b6ad1347d372
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syzbot
Jan 28, 2022, 2:40:09 AM1/28/22
to h...@lst.de, syzkall...@googlegroups.com
Hello,
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
commit: e88021fa loop: make autoclear operation synchronous ag..
syzbot has tested the proposed patch and the reproducer did not trigger any issue:
Reported-and-tested-by: syzbot+643e4c...@syzkaller.appspotmail.com
Tested on:
git tree: git://git.infradead.org/users/hch/block.git loop-fix.3
Reply all
Reply to author
Forward
0 new messages