syzbot


INFO: task syz-executor can't die for more than 143 seconds.

Status: fixed on 2019/10/15 23:40
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+8ab2d0f39fb79fe6ca40@syzkaller.appspotmail.com
Fix commit: 8619e5bdeee8 /dev/mem: Bail out upon SIGKILL. 7c3a6aedcd6a kexec: bail out upon SIGKILL when allocating memory. 8f9e86ee7959 staging: android: ion: Bail out upon SIGKILL when allocating memory.
First crash: 1955d, last: 1839d
Cause bisection: introduced by (bisect log) :
commit 4ddc1b28aac57a90c6426d55e0dea3c1b5eb4782
Author: Chao Yu <yuchao0@huawei.com>
Date: Wed Jul 25 23:19:48 2018 +0000

  f2fs: fix to restrict mount condition when without CONFIG_QUOTA

Crash: no output from test machine (log)
Repro: C syz .config
  
Discussions (25)
Title Replies (including bot) Last reply
[PATCH 5.2 000/313] 5.2.19-stable review 324 (324) 2020/06/23 22:07
[PATCH 3.16 00/72] 3.16.79-rc1 review 87 (87) 2019/12/14 18:44
[PATCH 5.3 000/166] 5.3.5-stable review 177 (177) 2019/11/12 19:42
[PATCH 4.19 000/211] 4.19.77-stable review 227 (227) 2019/11/12 00:25
[PATCH 5.3 000/344] 5.3.4-stable review 360 (360) 2019/11/11 06:01
[PATCH AUTOSEL 5.3 01/71] drivers: thermal: qcom: tsens: Fix memory leak from qfprom read 74 (74) 2019/10/09 03:45
[PATCH 4.19 000/106] 4.19.78-stable review 123 (123) 2019/10/08 23:45
Re: [PATCH] /dev/mem: Bail out upon SIGKILL when reading memory. 10 (10) 2019/10/08 09:57
[PATCH 5.2 000/137] 5.2.20-stable review 142 (142) 2019/10/07 16:24
[PATCH 4.14 00/68] 4.14.148-stable review 73 (73) 2019/10/07 15:52
[PATCH 4.14 000/185] 4.14.147-stable review 191 (191) 2019/10/05 00:10
[PATCH 4.9 000/129] 4.9.195-stable review 135 (135) 2019/10/04 22:56
[PATCH 4.4 00/99] 4.4.195-stable review 105 (105) 2019/10/04 22:55
[PATCH AUTOSEL 4.14 01/29] ima: always return negative code for error 29 (29) 2019/10/01 16:44
[PATCH AUTOSEL 4.19 01/43] ima: always return negative code for error 43 (43) 2019/10/01 16:43
[PATCH AUTOSEL 5.2 01/63] drivers: thermal: qcom: tsens: Fix memory leak from qfprom read 63 (63) 2019/10/01 16:41
[PATCH v3] /dev/mem: Bail out upon SIGKILL. 5 (5) 2019/09/04 10:50
[PATCH] /dev/mem: Bail out upon SIGKILL when reading memory. 21 (21) 2019/08/30 09:56
[PATCH v2] /dev/mem: Bail out upon SIGKILL. 1 (1) 2019/08/23 04:11
[PATCH 5.2 000/144] 5.2.9-stable review 153 (153) 2019/08/16 07:15
[PATCH 4.19 00/91] 4.19.67-stable review 106 (106) 2019/08/16 06:53
[PATCH] kexec: Bail out upon SIGKILL when allocating memory. 4 (4) 2019/07/24 03:09
[PATCH] staging: android: ion: Bail out upon SIGKILL when allocating memory. 1 (1) 2019/07/23 13:28
[PATCH] staging: android: ion: Bail out upon SIGKILL when allocating memory. 5 (5) 2019/07/01 21:21
INFO: task syz-executor can't die for more than 143 seconds. 1 (3) 2019/06/21 09:58
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task syz-executor can't die for more than 143 seconds. (2) C done 2512 1547d 1814d 15/28 fixed on 2020/07/17 17:58
upstream INFO: task syz-executor can't die for more than 143 seconds. (3) fs 2 1543d 1540d 0/28 auto-closed as invalid on 2020/09/18 10:04
Last patch testing requests (1)
Created Duration User Patch Repo Result
2019/08/22 10:21 18m penguin-kernel@i-love.sakura.ne.jp patch git://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git a34a6117538e0030fa8d3af8f23e591ec189a8fc OK

Sample crash report:
INFO: task syz-executor948:8525 can't die for more than 143 seconds.
syz-executor948 R  running task    27424  8525   8523 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3268 [inline]
 __schedule+0x776/0x17d0 kernel/sched/core.c:3937
INFO: task syz-executor948:8530 can't die for more than 144 seconds.
syz-executor948 R  running task    28168  8530   8529 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3265 [inline]
 __schedule+0x76e/0x17d0 kernel/sched/core.c:3937
 preempt_schedule_irq+0xb5/0x160 kernel/sched/core.c:4185
 retint_kernel+0x1b/0x2b
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff88808ddbfb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000cf6
RDX: 0000000000001000 RSI: 000000002060ac38 RDI: ffffc900067979b7
RBP: ffff88808ddbfb48 R08: fffff52000cf3000 R09: 0000000000000000
R10: fffff52000cf47ff R11: ffffc900067a3fff R12: 000000002060b281
R13: 000000002060c281 R14: ffffc900067a3000 R15: 00007ffffffff000
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor948:8531 can't die for more than 145 seconds.
syz-executor948 R  running task    28168  8531   8526 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3265 [inline]
 __schedule+0x76e/0x17d0 kernel/sched/core.c:3937
 preempt_schedule_irq+0xb5/0x160 kernel/sched/core.c:4185
 retint_kernel+0x1b/0x2b
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff888090bcfb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000009
RDX: 0000000000001000 RSI: 0000000020609735 RDI: ffffc900068114b4
RBP: ffff888090bcfb48 R08: fffff52000d02400 R09: 0000000000000000
R10: fffff52000d023ff R11: ffffc90006811fff R12: 0000000020609281
R13: 000000002060a281 R14: ffffc90006811000 R15: 00007ffffffff000
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor948:8532 can't die for more than 146 seconds.
syz-executor948 R  running task    28168  8532   8524 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3268 [inline]
 __schedule+0x776/0x17d0 kernel/sched/core.c:3937
 preempt_schedule_irq+0xb5/0x160 kernel/sched/core.c:4185
 retint_kernel+0x1b/0x2b
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff88809134fb10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 00000000000007d0
RDX: 0000000000001000 RSI: 000000002061d437 RDI: ffffc900068871b6
RBP: ffff88809134fb48 R08: fffff52000d11000 R09: 0000000000000000
R10: fffff52000d10fff R11: ffffc90006887fff R12: 000000002061d281
R13: 000000002061e281 R14: ffffc90006887000 R15: 00007ffffffff000
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor948:8533 can't die for more than 147 seconds.
syz-executor948 R  running task    28168  8533   8527 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3265 [inline]
 __schedule+0x76e/0x17d0 kernel/sched/core.c:3937
 preempt_schedule_irq+0xb5/0x160 kernel/sched/core.c:4185
 retint_kernel+0x1b/0x2b
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff88808dc87b10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000a14
RDX: 0000000000001000 RSI: 0000000020628255 RDI: ffffc900068ebfd4
RBP: ffff88808dc87b48 R08: fffff52000d1d800 R09: 0000000000000000
R10: fffff52000d1f7ff R11: ffffc900068fbfff R12: 0000000020628281
R13: 0000000020629281 R14: ffffc900068fb000 R15: 00007ffffffff000
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000
INFO: task syz-executor948:8534 can't die for more than 148 seconds.
syz-executor948 R  running task    28168  8534   8528 0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3265 [inline]
 __schedule+0x76e/0x17d0 kernel/sched/core.c:3937
 preempt_schedule_irq+0xb5/0x160 kernel/sched/core.c:4185
 retint_kernel+0x1b/0x2b
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff88808e357b10 EFLAGS: 00010206 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000b58
RDX: 0000000000001000 RSI: 0000000020628c53 RDI: ffffc9000696d9d2
RBP: ffff88808e357b48 R08: fffff52000d2dc00 R09: 0000000000000000
R10: fffff52000d2ebff R11: ffffc90006975fff R12: 0000000020629281
R13: 000000002062a281 R14: ffffc90006975000 R15: 00007ffffffff000
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000

Showing all locks held in the system:
1 lock held by khungtaskd/1063:
 #0: ffffffff88fa9ac0 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:5337
1 lock held by rsyslogd/8408:
 #0: ffff8880a1dc98e0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801
2 locks held by getty/8498:
 #0: ffff888091b4e390 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f392e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8499:
 #0: ffff8880876b8410 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f352e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8500:
 #0: ffff888087ac2e10 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f532e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8501:
 #0: ffff888087ac3690 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f4f2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8502:
 #0: ffff888096e91650 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f4b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8503:
 #0: ffff88808f734490 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f432e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156
2 locks held by getty/8504:
 #0: ffff8880942a4310 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc90005f212e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1c10 drivers/tty/n_tty.c:2156

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1063 Comm: khungtaskd Not tainted 5.3.0-rc5-next-20190821 #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x70/0xb2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x23b/0x28b lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:269 [inline]
 watchdog+0xc99/0x1360 kernel/hung_task.c:353
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 8530 Comm: syz-executor948 Not tainted 5.3.0-rc5-next-20190821 #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:205
Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 <f3> a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4
RSP: 0018:ffff88808ddbfb10 EFLAGS: 00010206
RAX: 0000000000000001 RBX: 0000000000001000 RCX: 0000000000000a1e
RDX: 0000000000001000 RSI: 0000000020642863 RDI: ffffc90006a1f5e2
RBP: ffff88808ddbfb48 R08: fffff52000d44000 R09: 0000000000000000
R10: fffff52000d43fff R11: ffffc90006a1ffff R12: 0000000020642281
R13: 0000000020643281 R14: ffffc90006a1f000 R15: 00007ffffffff000
FS:  00005555566ee880(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000221b000 CR3: 0000000094aa8000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 copy_from_user include/linux/uaccess.h:144 [inline]
 write_mem+0x137/0x210 drivers/char/mem.c:249
 do_loop_readv_writev.part.0+0x2ac/0x460 fs/read_write.c:720
 do_loop_readv_writev fs/read_write.c:706 [inline]
 do_iter_write fs/read_write.c:978 [inline]
 do_iter_write+0x2fa/0x380 fs/read_write.c:957
 vfs_writev+0x1b3/0x2f0 fs/read_write.c:1021
 do_pwritev+0x1c4/0x280 fs/read_write.c:1118
 __do_sys_pwritev fs/read_write.c:1165 [inline]
 __se_sys_pwritev fs/read_write.c:1160 [inline]
 __x64_sys_pwritev+0x9a/0xf0 fs/read_write.c:1160
 do_syscall_64+0xfa/0x760 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x441329
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffc00d93af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000128
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441329
RDX: 0000000000000002 RSI: 0000000020000740 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 00000000febfffff R11: 0000000000000246 R12: 00000000004020a0
R13: 0000000000402130 R14: 0000000000000000 R15: 0000000000000000

Crashes (61):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/22 04:44 linux-next a34a6117538e 984250d5 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/06/12 20:52 linux-next 81a72c79224f 794a1ad7 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2019/09/28 18:56 linux-next bb2aee77c82d eb6b9855 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/17 15:02 linux-next f84e1c16f08d 13dcda9b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/15 22:13 linux-next 6d028043b55e 32d59357 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/12 01:34 linux-next 6d028043b55e f4e53c10 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/11 08:52 linux-next 6d028043b55e a60cb4cd .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/04 00:02 linux-next 6d028043b55e 526709ff .config console log report ci-upstream-linux-next-kasan-gce-root
2019/09/01 03:31 linux-next 6d028043b55e bad3cce2 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/28 07:56 linux-next ed2393ca0910 fd37b39e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/26 12:57 linux-next 9733a7c62c66 d21c5d9d .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/25 07:56 linux-next 9733a7c62c66 d21c5d9d .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/23 04:24 linux-next b5835edc8dd4 ca6f3cfa .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/20 16:15 linux-next 54c851a8cc73 cfc9868f .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/15 12:25 linux-next 17da61ae48ec 0d298d6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/12 05:13 linux-next 87b983f55b8c acb51638 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/09 18:23 linux-next 87b983f55b8c ede31a9b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/08/09 03:47 linux-next 2ae256317763 ede31a9b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/28 13:00 linux-next fde50b96be82 c85e1c5b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/26 17:32 linux-next fde50b96be82 3e5d1beb .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/26 01:39 linux-next 13bf6d6a51df 732bc5a0 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/25 09:21 linux-next 13bf6d6a51df 32329ceb .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/25 02:30 linux-next 9e6dfe8045f8 32329ceb .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/24 21:43 linux-next 9e6dfe8045f8 32329ceb .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/23 15:04 linux-next 6d21a41b7b1f de453f34 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/23 03:04 linux-next 6d21a41b7b1f 55e0c077 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/22 19:45 linux-next 6d21a41b7b1f b3c615f5 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/21 21:21 linux-next 6d21a41b7b1f 1656845f .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/21 10:30 linux-next 6d21a41b7b1f 1656845f .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/20 18:43 linux-next 6d21a41b7b1f 1656845f .config console log report ci-upstream-linux-next-kasan-gce-root
2019/07/18 12:47 linux-next 6d21a41b7b1f 7bb222f7 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/30 06:35 linux-next 48568d8c7f47 7509bf36 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/30 05:21 linux-next 48568d8c7f47 7509bf36 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/27 22:58 linux-next 8087b004bd09 7509bf36 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/27 16:10 linux-next 8087b004bd09 7509bf36 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/26 12:16 linux-next 902031767aec 4d342240 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/26 05:51 linux-next 902031767aec 0a8d1a96 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/25 11:39 linux-next 9ffadb46f3db 82c13b6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/25 08:00 linux-next 9ffadb46f3db 82c13b6b .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/24 19:54 linux-next e2d28c40292b 472f0082 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/24 17:06 linux-next e2d28c40292b 472f0082 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/22 04:18 linux-next dc636f5d78de 34bf9440 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/21 12:43 linux-next dc636f5d78de 34bf9440 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/20 11:42 linux-next c0e4c41afeef 34bf9440 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/20 08:49 linux-next c0e4c41afeef 34bf9440 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/20 03:11 linux-next c0e4c41afeef 34bf9440 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/16 05:41 linux-next f4788d37bc84 442206d7 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/15 15:24 linux-next f4788d37bc84 442206d7 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/15 00:49 linux-next f4788d37bc84 442206d7 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/12 17:28 linux-next 81a72c79224f 794a1ad7 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/11 18:09 linux-next f08776cae7f5 5b5826d0 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/10 11:31 linux-next 3f310e51ceb1 0159583c .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/10 10:33 linux-next 3f310e51ceb1 0159583c .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/10 04:05 linux-next 3f310e51ceb1 0159583c .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/09 23:28 linux-next 3f310e51ceb1 0159583c .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/09 21:43 linux-next 3f310e51ceb1 0159583c .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/08 11:08 linux-next 3f310e51ceb1 cf9c3a50 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/05 19:46 linux-next b2924447b98a bfb4a51e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/05 02:07 linux-next 56b697c6c13b bfb4a51e .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/04 21:43 linux-next 56b697c6c13b e41a20c5 .config console log report ci-upstream-linux-next-kasan-gce-root
2019/06/04 07:31 linux-next 56b697c6c13b ce07a7ae .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.