syzbot


INFO: task hung in blkdev_issue_zeroout (2)

Status: auto-closed as invalid on 2020/03/09 08:50
Reported-by: syzbot+be1b506fa4221aa0cd95@syzkaller.appspotmail.com
First crash: 1677d, last: 1677d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 INFO: task hung in blkdev_issue_zeroout 2 2167d 2170d 0/3 auto-closed as invalid on 2019/02/22 13:49
android-414 INFO: task hung in blkdev_issue_zeroout 1 1941d 1887d 0/1 auto-closed as invalid on 2019/08/18 07:18

Sample crash report:
audit: type=1400 audit(1573375740.930:26209): avc:  denied  { map } for  pid=1904 comm="getty" path="/etc/ld.so.cache" dev="sda1" ino=2503 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
INFO: task syz-executor.2:1776 blocked for more than 140 seconds.
      Not tainted 4.14.152+ #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2  D28144  1776  24419 0x00000004
Call Trace:
 schedule+0x92/0x1c0 kernel/sched/core.c:3498
 schedule_timeout+0x752/0xe90 kernel/time/timer.c:1723
 io_schedule_timeout+0x26/0x80 kernel/sched/core.c:5091
 do_wait_for_common kernel/sched/completion.c:91 [inline]
 __wait_for_common kernel/sched/completion.c:112 [inline]
 wait_for_common_io.constprop.0+0x274/0x3b0 kernel/sched/completion.c:129
 submit_bio_wait+0x107/0x170 block/bio.c:1016
 blkdev_issue_zeroout+0x217/0x4c0 block/blk-lib.c:408
 blkdev_fallocate+0x297/0x3b0 fs/block_dev.c:2017
 vfs_fallocate+0x348/0x790 fs/open.c:328
 SYSC_fallocate fs/open.c:351 [inline]
 SyS_fallocate+0x4a/0x80 fs/open.c:345
 do_syscall_64+0x19b/0x520 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45a219
RSP: 002b:00007f22d606ec78 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045a219
RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004
RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000100000001 R11: 0000000000000246 R12: 00007f22d606f6d4
R13: 00000000004c0b96 R14: 00000000004d3700 R15: 00000000ffffffff

Showing all locks held in the system:
1 lock held by khungtaskd/23:
 #0:  (tasklist_lock){.+.+}, at: [<0000000057722d69>] debug_show_all_locks+0x7c/0x21a kernel/locking/lockdep.c:4544
2 locks held by getty/1762:
 #0:  (&tty->ldisc_sem){++++}, at: [<000000008069097f>] tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:284
 #1:  (&ldata->atomic_read_lock){+.+.}, at: [<0000000095bf5b7e>] n_tty_read+0x1f7/0x1700 drivers/tty/n_tty.c:2156

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 23 Comm: khungtaskd Not tainted 4.14.152+ #0
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0xca/0x134 lib/dump_stack.c:53
 nmi_cpu_backtrace.cold+0x47/0x86 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x119/0x147 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:195 [inline]
 watchdog+0x629/0xbe0 kernel/hung_task.c:274
 kthread+0x31f/0x430 kernel/kthread.c:232
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 26933 Comm: loop0 Not tainted 4.14.152+ #0
task: 00000000093985f5 task.stack: 000000001450a7ec
RIP: 0010:strlen+0x4d/0x90 lib/string.c:482
RSP: 0018:ffff8881940175e8 EFLAGS: 00000803
RAX: ffffffff9df2736e RBX: dffffc0000000000 RCX: ffffffff9df2736e
RDX: 1ffffffff3be4e6d RSI: ffffffff9fa237b0 RDI: ffffffff9df27360
RBP: ffffffff9df27360 R08: 0000000000000001 R09: fffffbfff3d06066
R10: fffffbfff3d06065 R11: ffffffff9e83032b R12: 1ffff11032802ec7
R13: 0000000000000000 R14: ffffffff9e4c0de0 R15: ffff8881940176b8
FS:  0000000000000000(0000) GS:ffff8881db800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000013893e0 CR3: 000000011da26003 CR4: 00000000001606b0
DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
Call Trace:
 trace_event_get_offsets_lock include/trace/events/lock.h:39 [inline]
 perf_trace_lock+0xe1/0x4e0 include/trace/events/lock.h:39
 trace_lock_release include/trace/events/lock.h:58 [inline]
 lock_release+0x4e9/0x740 kernel/locking/lockdep.c:4012
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:158 [inline]
 _raw_spin_unlock_irqrestore+0x1b/0x70 kernel/locking/spinlock.c:192
 spin_unlock_irqrestore include/linux/spinlock.h:372 [inline]
 avc_reclaim_node security/selinux/avc.c:539 [inline]
 avc_alloc_node security/selinux/avc.c:557 [inline]
 avc_alloc_node+0x2bb/0x3f0 security/selinux/avc.c:545
 avc_insert security/selinux/avc.c:668 [inline]
 avc_compute_av+0x17c/0x550 security/selinux/avc.c:974
 avc_has_perm_noaudit security/selinux/avc.c:1110 [inline]
 avc_has_perm+0x318/0x350 security/selinux/avc.c:1144
 inode_has_perm security/selinux/hooks.c:1796 [inline]
 file_has_perm+0x374/0x470 security/selinux/hooks.c:1886
 selinux_revalidate_file_permission security/selinux/hooks.c:3466 [inline]
 selinux_file_permission+0x304/0x440 security/selinux/hooks.c:3487
 security_file_permission+0x7c/0x1e0 security/security.c:867
 rw_verify_area+0xd9/0x290 fs/read_write.c:386
 do_iter_write+0xd6/0x550 fs/read_write.c:953
 vfs_iter_write+0x70/0xa0 fs/read_write.c:971
 lo_write_bvec+0x127/0x340 drivers/block/loop.c:272
 lo_write_simple drivers/block/loop.c:294 [inline]
 do_req_filebacked drivers/block/loop.c:577 [inline]
 loop_handle_cmd drivers/block/loop.c:1769 [inline]
 loop_queue_work+0x461/0x1deb drivers/block/loop.c:1783
 kthread_worker_fn+0x28f/0x6d0 kernel/kthread.c:642
 kthread+0x31f/0x430 kernel/kthread.c:232
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:404
Code: e2 07 38 d0 7f 04 84 c0 75 48 80 7d 00 00 74 39 48 bb 00 00 00 00 00 fc ff df 48 89 e8 48 83 c0 01 48 89 c2 48 89 c1 48 c1 ea 03 <83> e1 07 0f b6 14 1a 38 ca 7f 04 84 d2 75 1f 80 38 00 75 de 48 

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/10 08:49 android-4.14 81144e705f48 dc438b91 .config console log report ci-android-414-kasan-gce-root
* Struck through repros no longer work on HEAD.