syzbot

 sign-in | mailing list | source | docs
🐞 Open [951] 🐞 Fixed [4029] 🐞 Invalid [8952] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

INFO: task hung in fuse_simple_request

Status: upstream: reported C repro on 2020/12/13 21:13
Reported-by: syzbot+46fe899420456e014d6b@syzkaller.appspotmail.com
First crash: 766d, last: 10d

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: general protection fault in process_init_reply (log)
Repro: C syz .config
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task can't die in request_wait_answer C error 14 227d 737d 0/24 upstream: reported C repro on 2020/09/23 12:48

Sample crash report:
INFO: task syz-executor027:6715 blocked for more than 143 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27256 pid: 6715 ppid:  6578 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6718 blocked for more than 143 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27824 pid: 6718 ppid:  6575 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6720 blocked for more than 143 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27552 pid: 6720 ppid:  6580 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6730 blocked for more than 144 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27552 pid: 6730 ppid:  6576 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6740 blocked for more than 144 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27192 pid: 6740 ppid:  6579 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6763 blocked for more than 144 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27544 pid: 6763 ppid:  6578 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6769 blocked for more than 144 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27648 pid: 6769 ppid:  6580 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6772 blocked for more than 145 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27752 pid: 6772 ppid:  6575 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6778 blocked for more than 145 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27544 pid: 6778 ppid:  6576 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000
INFO: task syz-executor027:6783 blocked for more than 145 seconds.
      Not tainted 5.15.0-rc4-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor027 state:D stack:27200 pid: 6783 ppid:  6579 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:4940 [inline]
 __schedule+0x940/0x26f0 kernel/sched/core.c:6287
 schedule+0xd3/0x270 kernel/sched/core.c:6366
 request_wait_answer+0x4a4/0x850 fs/fuse/dev.c:411
 __fuse_request_send fs/fuse/dev.c:430 [inline]
 fuse_simple_request+0x58a/0xcd0 fs/fuse/dev.c:515
 fuse_access+0x1ea/0x340 fs/fuse/dir.c:1179
 fuse_permission+0x54a/0x640 fs/fuse/dir.c:1258
 do_inode_permission fs/namei.c:457 [inline]
 inode_permission.part.0+0x236/0x440 fs/namei.c:524
 inode_permission+0x3c/0x140 fs/namei.c:477
 path_permission include/linux/fs.h:2988 [inline]
 __do_sys_chdir fs/open.c:493 [inline]
 __se_sys_chdir fs/open.c:483 [inline]
 __x64_sys_chdir+0x117/0x260 fs/open.c:483
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706d09f9
RSP: 002b:00007f2570678208 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
RAX: ffffffffffffffda RBX: 00007f2570769028 RCX: 00007f25706d09f9
RDX: 00007f25706d09f9 RSI: 94c54783926a4f33 RDI: 00000000200020c0
RBP: 00007f2570769020 R08: 0000000000000000 R09: 00007f2570769028
R10: 00007f2570769028 R11: 0000000000000246 R12: 00007f257076902c
R13: 00007f2570878cdf R14: 00007f2570678300 R15: 0000000000022000

Showing all locks held in the system:
1 lock held by khungtaskd/27:
 #0: ffffffff8b97fe20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6446
1 lock held by in:imklog/6436:
 #0: ffff88801d06aaf0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:990
2 locks held by kworker/u4:7/6738:

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 27 Comm: khungtaskd Not tainted 5.15.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 nmi_cpu_backtrace.cold+0x47/0x144 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x1ae/0x220 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
 watchdog+0xc1d/0xf50 kernel/hung_task.c:295
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 6577 Comm: syz-executor027 Not tainted 5.15.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:check_kcov_mode+0x7/0x40 kernel/kcov.c:163
Code: 00 e9 59 fe ff ff 48 8b 7c 24 08 e8 c3 5d 47 00 e9 61 fd ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc 65 8b 05 c9 f9 8b 7e <89> c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b
RSP: 0018:ffffc90002bffb50 EFLAGS: 00000246
RAX: 0000000080000001 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff888026239c80 RDI: 0000000000000003
RBP: ffffc90002bffd1c R08: 0000000000000000 R09: ffffffff8b60a083
R10: ffffffff81459780 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000040000005 R14: 0000000040000000 R15: ffff888024f23900
FS:  0000555555c43400(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffacf82c018 CR3: 000000006ff23000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 write_comp_data kernel/kcov.c:218 [inline]
 __sanitizer_cov_trace_const_cmp4+0x1c/0x70 kernel/kcov.c:284
 wait_task_stopped kernel/exit.c:1167 [inline]
 wait_consider_task+0x430/0x3b80 kernel/exit.c:1371
 do_wait_thread kernel/exit.c:1397 [inline]
 do_wait+0x6ca/0xce0 kernel/exit.c:1514
 kernel_wait4+0x14c/0x260 kernel/exit.c:1677
 __do_sys_wait4+0x13f/0x150 kernel/exit.c:1705
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f25706cf0a6
Code: 0f 1f 40 00 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
RSP: 002b:00007f2570878d58 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
RAX: ffffffffffffffda RBX: 00000000001da048 RCX: 00007f25706cf0a6
RDX: 0000000040000001 RSI: 00007f2570878d84 RDI: 00000000ffffffff
RBP: 000000000000615d R08: 0000000000000795 R09: 00007fffb6dd1080
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2570878d84
R13: 00007f2570878de0 R14: 00000000000007b7 R15: 431bde82d7b634db
----------------
Code disassembly (best guess), 1 bytes skipped:
   0:	e9 59 fe ff ff       	jmpq   0xfffffe5e
   5:	48 8b 7c 24 08       	mov    0x8(%rsp),%rdi
   a:	e8 c3 5d 47 00       	callq  0x475dd2
   f:	e9 61 fd ff ff       	jmpq   0xfffffd75
  14:	cc                   	int3
  15:	cc                   	int3
  16:	cc                   	int3
  17:	cc                   	int3
  18:	cc                   	int3
  19:	cc                   	int3
  1a:	cc                   	int3
  1b:	cc                   	int3
  1c:	cc                   	int3
  1d:	cc                   	int3
  1e:	cc                   	int3
  1f:	cc                   	int3
  20:	cc                   	int3
  21:	cc                   	int3
  22:	65 8b 05 c9 f9 8b 7e 	mov    %gs:0x7e8bf9c9(%rip),%eax        # 0x7e8bf9f2
* 29:	89 c2                	mov    %eax,%edx <-- trapping instruction
  2b:	81 e2 00 01 00 00    	and    $0x100,%edx
  31:	a9 00 01 ff 00       	test   $0xff0100,%eax
  36:	74 10                	je     0x48
  38:	31 c0                	xor    %eax,%eax
  3a:	85 d2                	test   %edx,%edx
  3c:	74 15                	je     0x53
  3e:	8b                   	.byte 0x8b

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce 2022/08/22 22:55 upstream 072e51356cd5 838e7e2c .config log report syz C
ci-upstream-kasan-gce 2022/04/05 10:32 upstream 312310928417 838e7e2c .config log report syz C
ci-upstream-kasan-gce 2022/02/26 23:59 upstream 2293be58d6a1 838e7e2c .config log report syz C
ci-upstream-kasan-gce-smack-root 2021/10/04 05:08 upstream 9e1ff307c779 f115ae98 .config log report syz C
* Struck through repros no longer work on HEAD.
Crashes (100):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce 2021/10/10 17:56 upstream 7fd2bf83d59a 838e7e2c .config log report syz C INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2021/07/17 02:27 upstream d936eb238744 f115ae98 .config log report syz C INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/08/30 14:48 upstream dcf8e5633e2e 5b44472d .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/07/19 03:07 upstream 80e19f34c288 ff988920 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-selinux-root 2022/07/17 19:44 upstream 972a278fe60c 95cb00d1 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-selinux-root 2022/07/06 17:07 upstream e35e5b6f695d bff65f44 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/07/02 13:45 upstream 089866061428 1434eec0 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/06/16 00:02 upstream 979086f5e006 1719ee24 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/06/03 05:58 upstream 50fd82b3a9a9 02dddea8 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/28 15:47 upstream 9d004b2f4fea a46af346 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/28 12:44 upstream 9d004b2f4fea a46af346 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/27 10:01 upstream 7e284070abe5 116e7a7b .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/23 03:51 upstream 4b0986a3613c 7268fa62 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/22 08:11 upstream eaea45fc0e7b 7268fa62 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/20 02:35 upstream b015dcd62b86 cb1ac2e7 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/06 02:44 upstream fe27d189e3f4 efeff0a5 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/04 07:42 upstream 107c948d1d3e dc9e5259 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/05/03 21:02 upstream ef8e4d3c2ab1 dc9e5259 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/30 08:45 upstream 8013d1d3d2e3 ad6b95d8 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/27 23:57 upstream 8f4dd16603ce 8a1f1f07 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/27 11:01 upstream 46cf2c613f4b 1fa34c1b .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/24 08:34 upstream 22da5264abf4 131df97d .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/23 06:50 upstream c00c5e1d157b 131df97d .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/04/21 03:10 upstream b253435746d9 d4befee1 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/02/28 13:10 upstream 52a025546731 45a13a73 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/01/10 13:45 upstream df0cc57e057f 2ca0d385 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/01/08 09:01 upstream d1587f7bfe9a 2ca0d385 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2022/01/04 18:40 upstream c9e6606c7fe9 0a2584dd .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2022/01/02 14:46 upstream 278218f6778b e1768e9c .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2021/12/28 07:41 upstream a8ad9a2434dc 6b3c5e64 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/24 13:02 upstream 7a29b11da965 6caa12e4 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/23 22:12 upstream 76657eaef4a7 6caa12e4 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/22 21:45 upstream 3f066e882bf1 6caa12e4 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/13 00:33 upstream 90d9fbc16b69 49ca1f59 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/12 07:00 upstream a763d5a5abd6 49ca1f59 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/10 02:15 upstream c741e49150db 4d4ce9bc .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/09 14:08 upstream 2a987e65025e b54aa474 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/12/07 19:10 upstream cd8c917a56f2 0230ba3e .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce 2021/12/07 18:08 upstream cd8c917a56f2 0230ba3e .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/11/08 12:57 upstream 6b75d88fa81b d29682f1 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/10/29 21:15 upstream f25a5481af12 098b5d53 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/10/17 10:34 upstream d999ade1cc86 0c5d9412 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/10/07 15:37 upstream 5af4055fa813 efe0f24d .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-selinux-root 2021/09/04 04:35 upstream 7cca308cfdc0 d236a457 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-selinux-root 2021/08/08 14:07 upstream 85a90500f9a1 6972b106 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2021/07/25 04:32 upstream 6498f6151825 4d1b57d4 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/06/09 13:51 upstream 368094df48e6 84fe5d96 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2021/06/07 09:42 upstream decad3e1d1ed 500c2339 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-root 2021/06/04 23:22 upstream 16f0596fc1d7 966a236b .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-smack-root 2021/04/26 22:04 upstream 9f4ad9e425a1 805b5003 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-386 2022/06/12 16:23 upstream 7a68065eb9cd 0d5abf15 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-386 2022/04/26 11:00 upstream d615b5416f8a 1fa34c1b .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-386 2022/04/13 09:08 upstream a19944809fe9 faabdb86 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-386 2022/03/06 10:07 upstream 0014404f9c18 7bdd8b2c .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce-386 2022/01/27 23:33 upstream 626b2dda7651 64a8e201 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-linux-next-kasan-gce-root 2022/09/21 01:18 linux-next e47eb90a0a9a c4b8ccfd .config log report info INFO: task hung in fuse_simple_request
ci-upstream-linux-next-kasan-gce-root 2022/08/30 08:48 linux-next b27a3ca08ba7 5b44472d .config log report info INFO: task hung in fuse_simple_request
ci-qemu2-riscv64 2022/01/23 16:39 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 64a19591a293 214351e1 .config log report info INFO: task hung in fuse_simple_request
ci-upstream-kasan-gce 2020/12/13 05:19 upstream 7b1b868e1d91 bca53db9 .config log report info
ci-upstream-kasan-gce-root 2020/12/11 06:20 upstream 33dc9614dc20 f900b48c .config log report info
ci-upstream-kasan-gce-root 2020/12/09 20:53 upstream a68a0262abda c090b4da .config log report info
ci-upstream-kasan-gce 2020/08/25 14:33 upstream 6a9dc5fd6170 344da168 .config log report
* Struck through repros no longer work on HEAD.