syzbot


INFO: task hung in kernfs_iop_permission

Status: auto-closed as invalid on 2020/07/06 20:13
Reported-by: syzbot+2f6c1ee66584e760a6b1@syzkaller.appspotmail.com
First crash: 1481d, last: 1481d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in kernfs_iop_permission (3) kernfs arm 6 410d 484d 0/26 auto-obsoleted due to no activity on 2023/05/13 13:27
upstream INFO: task hung in kernfs_iop_permission (2) kernfs 3 592d 685d 0/26 auto-obsoleted due to no activity on 2022/11/12 03:55
upstream INFO: task hung in kernfs_iop_permission kernfs 2 1703d 1706d 0/26 auto-closed as invalid on 2019/10/28 16:51
android-414 INFO: task hung in kernfs_iop_permission 2 1688d 1736d 0/1 auto-closed as invalid on 2019/12/12 06:07

Sample crash report:
Free swap  = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
344636 pages reserved
INFO: task syz-executor.5:8590 blocked for more than 140 seconds.
      Not tainted 4.19.108-syzkaller #0
0 pages cma reserved
Out of memory: Kill process 9057 (syz-executor.1) score 1005 or sacrifice child
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.5  D24160  8590   8588 0x00000000
Call Trace:
Killed process 9057 (syz-executor.1) total-vm:74700kB, anon-rss:4240kB, file-rss:34816kB, shmem-rss:0kB
 schedule+0x8d/0x1b0 kernel/sched/core.c:3559
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3617
 __mutex_lock_common kernel/locking/mutex.c:1002 [inline]
 __mutex_lock+0x726/0x1300 kernel/locking/mutex.c:1072
 kernfs_iop_permission+0x5f/0xb0 fs/kernfs/inode.c:301
 do_inode_permission fs/namei.c:386 [inline]
 inode_permission+0x35e/0x550 fs/namei.c:451
 may_lookup fs/namei.c:1703 [inline]
 link_path_walk.part.0+0x94e/0x1210 fs/namei.c:2085
 link_path_walk fs/namei.c:2073 [inline]
 path_openat+0x1ed/0x4200 fs/namei.c:3536
 do_filp_open+0x1a1/0x280 fs/namei.c:3567
syz-fuzzer invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=0
syz-fuzzer cpuset=/ mems_allowed=0-1
CPU: 1 PID: 8551 Comm: syz-fuzzer Not tainted 4.19.108-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 do_sys_open+0x3c0/0x500 fs/open.c:1088
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x188/0x20d lib/dump_stack.c:118
 dump_header+0x159/0xa5e mm/oom_kill.c:441
 oom_kill_process.cold+0x10/0x6dc mm/oom_kill.c:954
 out_of_memory mm/oom_kill.c:1130 [inline]
 out_of_memory+0x349/0x1250 mm/oom_kill.c:1062
 __alloc_pages_may_oom mm/page_alloc.c:3551 [inline]
 __alloc_pages_slowpath+0x1f84/0x26a0 mm/page_alloc.c:4253
 __alloc_pages_nodemask+0x5b6/0x6a0 mm/page_alloc.c:4417
 alloc_pages_current+0xff/0x200 mm/mempolicy.c:2197
 alloc_pages include/linux/gfp.h:532 [inline]
 __page_cache_alloc mm/filemap.c:969 [inline]
 __page_cache_alloc+0x2ba/0x450 mm/filemap.c:954
 page_cache_read mm/filemap.c:2408 [inline]
 filemap_fault+0xeef/0x1d20 mm/filemap.c:2592
 ext4_filemap_fault+0x84/0xb0 fs/ext4/inode.c:6365
 __do_fault+0x10d/0x470 mm/memory.c:3269
 do_read_fault mm/memory.c:3681 [inline]
 do_fault mm/memory.c:3810 [inline]
 handle_pte_fault mm/memory.c:4041 [inline]
 __handle_mm_fault+0x2ae7/0x3b60 mm/memory.c:4165
 handle_mm_fault+0x1a5/0x670 mm/memory.c:4202
 __do_page_fault+0x5ed/0xdd0 arch/x86/mm/fault.c:1390
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1204
RIP: 0033:0x4284f0
Code: Bad RIP value.
RSP: 002b:000000c42003dea8 EFLAGS: 00010202
RAX: ffffffffffffff92 RBX: 000000003ae47886 RCX: 000000000045b153
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001ec3d40
RBP: 000000c42003dee8 R08: 0000000000000000 R09: 0000000000000000
R10: 000000c42003ded8 R11: 0000000000000202 R12: 000000c446868b18
R13: 000000000000001f R14: 0000000000c9e6a0 R15: ffffffffffffaf81
Mem-Info:
active_anon:1350231 inactive_anon:282 isolated_anon:0
 active_file:36 inactive_file:89 isolated_file:40
 unevictable:0 dirty:0 writeback:0 unstable:0
 slab_reclaimable:17771 slab_unreclaimable:120108
 mapped:52319 shmem:549 pagetables:8034 bounce:0
 free:24961 free_pcp:190 free_cma:0
Node 0 active_anon:1725028kB inactive_anon:1128kB active_file:244kB inactive_file:100kB unevictable:0kB isolated(anon):0kB isolated(file):160kB mapped:209212kB dirty:0kB writeback:0kB shmem:2196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 305152kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45a420
Code: Bad RIP value.
RSP: 002b:00007ffe4b7ce4e0 EFLAGS: 00000202 ORIG_RAX: 0000000000000002
Node 1 active_anon:3675996kB inactive_anon:0kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:64kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045a420
RDX: 0000000000000000 RSI: 0000000000090800 RDI: 00000000004c105c
Node 0 DMA free:10336kB min:220kB low:272kB high:324kB active_anon:5176kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RBP: 000000000000213d R08: 0000000000000001 R09: 0000000001f08940
R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
R13: 00007ffe4b7ce5c0 R14: 00000000001a655f R15: 00007ffe4b7ce5d0
INFO: task kworker/0:4:7768 blocked for more than 140 seconds.
      Not tainted 4.19.108-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/0:4     D26896  7768      2 0x80000000
lowmem_reserve[]: 0 2533 2535 2535 2535
Workqueue: events kernfs_notify_workfn
Node 0 DMA32 free:35684kB min:36064kB low:45080kB high:54096kB active_anon:1720864kB inactive_anon:1128kB active_file:248kB inactive_file:164kB unevictable:0kB writepending:0kB present:3129332kB managed:2597388kB mlocked:0kB kernel_stack:11424kB pagetables:14440kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB
Call Trace:
 schedule+0x8d/0x1b0 kernel/sched/core.c:3559
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3617

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/03/08 20:12 linux-4.19.y 7472c4028e23 2e9971bb .config console log report ci2-linux-4-19
* Struck through repros no longer work on HEAD.