syzbot


INFO: task hung in __generic_file_fsync (2)

Status: fixed on 2020/02/18 10:28
Subsystems: fs mm
[Documentation on labels]
Reported-by: syzbot+44c32606d8669fb0d45c@syzkaller.appspotmail.com
Fix commit: 85a8ce62c2ea block: add bio_truncate to fix guard_bio_eod
First crash: 1729d, last: 1604d
Cause bisection: introduced by (bisect log) :
commit 6dc4f100c175dd0511ae8674786e7c9006cdfbfa
Author: Ming Lei <ming.lei@redhat.com>
Date: Fri Feb 15 11:13:19 2019 +0000

  block: allow bio_for_each_segment_all() to iterate over multi-page bvec

Crash: kernel BUG at mm/filemap.c:LINE! (log)
Repro: C syz .config
  
Fix bisection: fixed by (bisect log) :
commit 85a8ce62c2eabe28b9d76ca4eecf37922402df93
Author: Ming Lei <ming.lei@redhat.com>
Date: Fri Dec 27 23:05:48 2019 +0000

  block: add bio_truncate to fix guard_bio_eod

  
Discussions (1)
Title Replies (including bot) Last reply
INFO: task hung in __generic_file_fsync (2) 1 (3) 2020/02/02 07:05
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 INFO: task hung in __generic_file_fsync ext4 C 211 449d 882d 0/1 upstream: reported C repro on 2021/12/25 03:26
android-49 INFO: task hung in __generic_file_fsync 1 1725d 1725d 0/3 auto-closed as invalid on 2020/01/02 10:29
upstream INFO: task hung in __generic_file_fsync (3) exfat ntfs3 C inconclusive done 8 147d 654d 26/26 fixed on 2024/02/21 18:23

Sample crash report:
INFO: task syz-executor072:10629 blocked for more than 143 seconds.
      Not tainted 5.5.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor072 D25264 10629  10066 0x00004004
Call Trace:
 context_switch kernel/sched/core.c:3385 [inline]
 __schedule+0x934/0x1f90 kernel/sched/core.c:4081
 schedule+0xdc/0x2b0 kernel/sched/core.c:4155
 io_schedule+0x1c/0x70 kernel/sched/core.c:5799
 wait_on_page_bit_common mm/filemap.c:1175 [inline]
 wait_on_page_bit+0x27c/0xa60 mm/filemap.c:1224
 wait_on_page_writeback+0x1b2/0x4f0 mm/page-writeback.c:2822
 __filemap_fdatawait_range+0x145/0x340 mm/filemap.c:526
 file_write_and_wait_range+0x1ac/0x210 mm/filemap.c:786
 __generic_file_fsync+0x79/0x200 fs/libfs.c:1000
 fat_file_fsync+0x78/0x210 fs/fat/file.c:190
 vfs_fsync_range+0x141/0x230 fs/sync.c:197
 generic_write_sync include/linux/fs.h:2856 [inline]
 generic_file_write_iter+0x4ea/0x68e mm/filemap.c:3474
 call_write_iter include/linux/fs.h:1902 [inline]
 do_iter_readv_writev+0x5f8/0x8f0 fs/read_write.c:693
 do_iter_write fs/read_write.c:970 [inline]
 do_iter_write+0x184/0x610 fs/read_write.c:951
 vfs_iter_write+0x77/0xb0 fs/read_write.c:983
 iter_file_splice_write+0x717/0xc10 fs/splice.c:760
 do_splice_from fs/splice.c:863 [inline]
 direct_splice_actor+0x123/0x190 fs/splice.c:1037
 splice_direct_to_actor+0x3b4/0xa30 fs/splice.c:992
 do_splice_direct+0x1da/0x2a0 fs/splice.c:1080
 do_sendfile+0x597/0xd00 fs/read_write.c:1464
 __do_sys_sendfile64 fs/read_write.c:1525 [inline]
 __se_sys_sendfile64 fs/read_write.c:1511 [inline]
 __x64_sys_sendfile64+0x1dd/0x220 fs/read_write.c:1511
 do_syscall_64+0xfa/0x790 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x445e59
Code: Bad RIP value.
RSP: 002b:00007ffc4bfab018 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000445e59
RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000402fe0 R09: 0000000000402fe0
R10: 00008080fffffffe R11: 0000000000000246 R12: 0000000000000082
R13: 0000000000402fe0 R14: 0000000000000000 R15: 0000000000000000

Showing all locks held in the system:
1 lock held by khungtaskd/1116:
 #0: ffffffff899a5680 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 kernel/locking/lockdep.c:5334
1 lock held by rs:main Q:Reg/9913:
 #0: ffff8880ae937358 (&rq->lock){-.-.}, at: newidle_balance+0xa28/0xe80 kernel/sched/fair.c:10177
1 lock held by rsyslogd/9915:
 #0: ffff888087f713e0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801
2 locks held by getty/10037:
 #0: ffff8880a2d26090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900018132e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10038:
 #0: ffff88809f419090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900018932e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10039:
 #0: ffff8880a2725090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900018732e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10040:
 #0: ffff8880966a2090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900018832e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10041:
 #0: ffff88809e168090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900017f32e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10042:
 #0: ffff8880a7c45090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900018332e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/10043:
 #0: ffff88809958e090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900011402e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor072/10629:
 #0: ffff88809a52a428 (sb_writers#9){.+.+}, at: file_start_write include/linux/fs.h:2885 [inline]
 #0: ffff88809a52a428 (sb_writers#9){.+.+}, at: do_sendfile+0x9b9/0xd00 fs/read_write.c:1463

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1116 Comm: khungtaskd Not tainted 5.5.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x197/0x210 lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x70/0xb2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x23b/0x28b lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0xb11/0x10c0 kernel/hung_task.c:289
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:60

Crashes (28):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/12/28 20:27 upstream bf8d1cd43865 af6b8ef8 .config console log report syz C ci-upstream-kasan-gce-selinux-root
2019/12/29 13:29 linux-next 7ddd09fc4b74 af6b8ef8 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2020/01/03 02:58 upstream 7ca4ad5ba886 25a0186e .config console log report ci-upstream-kasan-gce-root
2019/12/27 19:44 upstream 46cf053efec6 be5c2c81 .config console log report ci-upstream-kasan-gce-root
2019/12/24 01:33 upstream 46cf053efec6 be5c2c81 .config console log report ci-upstream-kasan-gce-root
2019/12/22 05:25 upstream b8e382a185eb bc586918 .config console log report ci-upstream-kasan-gce-root
2019/11/30 04:42 upstream 81b6b96475ac 3a75be00 .config console log report ci-upstream-kasan-gce-selinux-root
2019/11/29 20:21 upstream 81b6b96475ac d29b9e84 .config console log report ci-upstream-kasan-gce-root
2019/11/29 14:37 upstream 81b6b96475ac d29b9e84 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/29 00:23 upstream 81b6b96475ac 76357d6f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/27 21:23 upstream d76886972823 0d63f89c .config console log report ci-upstream-kasan-gce-smack-root
2019/11/27 07:49 upstream 89d57dddd7d3 1048481f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/27 07:38 upstream 89d57dddd7d3 1048481f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/26 17:57 upstream be2eca94d144 1048481f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/26 13:18 upstream 0be0ee71816b f746151a .config console log report ci-upstream-kasan-gce-smack-root
2019/11/25 00:25 upstream 6b8a79467876 598ca6c8 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/24 11:20 upstream 6b8a79467876 598ca6c8 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/23 19:50 upstream 2027cabe6afe 598ca6c8 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/23 10:56 upstream 2027cabe6afe 598ca6c8 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/22 00:47 upstream 81429eb8d9ca 8098ea0f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/21 04:12 upstream c74386d50fba 8098ea0f .config console log report ci-upstream-kasan-gce-root
2019/11/20 21:13 upstream c74386d50fba 8098ea0f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/20 20:10 upstream c74386d50fba 8098ea0f .config console log report ci-upstream-kasan-gce-smack-root
2019/11/20 18:32 upstream c74386d50fba f4b7ed07 .config console log report ci-upstream-kasan-gce-smack-root
2019/11/20 10:50 upstream c74386d50fba f4b7ed07 .config console log report ci-upstream-kasan-gce-smack-root
2019/09/02 09:47 upstream 9f159ae07f07 db7c31ca .config console log report ci-upstream-kasan-gce-root
2019/08/31 04:33 upstream 6525771f58cb fd37b39e .config console log report ci-upstream-kasan-gce-selinux-root
2019/12/26 08:47 linux-next 7ddd09fc4b74 be5c2c81 .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.