INFO: task hung in __do_page

INFO: task hung in __do_page_fault (2)
Status: upstream: reported C repro on 2018/10/27 08:09
Reported-by: syzbot+6b074f741adbd93d2df5@syzkaller.appspotmail.com
First crash: 967d, last: 623d

Cause bisection: introduced by (bisect log) :
commit 0161028b7c8aebef64194d3d73e43bc3b53b5c66
Author: Andy Lutomirski <luto@kernel.org>
Date: Mon May 9 22:48:51 2016 +0000

perf/core: Change the default paranoia level to 2

Crash: INFO: task hung in khugepaged (log)
Repro: C syz .config

Fix bisection: failed (bisect log)

similar bugs (6):
Kernel	Title	Repro	Fix bisect	Count	Last	Reported	Patched	Status
android-44	INFO: task hung in __do_page_fault	C		1	796d	738d	0/2	public: reported C repro on 2019/04/14 00:00
linux-4.14	INFO: task hung in __do_page_fault	C	error	4	317d	733d	0/1	upstream: reported C repro on 2019/04/19 08:53
android-49	INFO: task hung in __do_page_fault	C		5	564d	738d	0/3	public: reported C repro on 2019/04/14 08:51
linux-4.19	INFO: task hung in __do_page_fault	C		6	28d	683d	0/1	upstream: reported C repro on 2019/06/08 06:01
android-414	INFO: task hung in __do_page_fault	C		7	573d	740d	0/1	public: reported C repro on 2019/04/12 00:01
upstream	INFO: task hung in __do_page_fault			1	1102d	1101d	6/22	fixed on 2018/05/17 10:02

Sample crash report:

INFO: task syz-executor159:10407 blocked for more than 143 seconds.
      Not tainted 5.3.0-rc3+ #94
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor159 D24544 10407  10406 0x00000000
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x755/0x1580 kernel/sched/core.c:3880
 schedule+0xa8/0x270 kernel/sched/core.c:3944
 rwsem_down_read_slowpath+0x4cc/0xfb0 kernel/locking/rwsem.c:1090
 __down_read kernel/locking/rwsem.c:1320 [inline]
 down_read+0x1f4/0x3f0 kernel/locking/rwsem.c:1463
 do_user_addr_fault arch/x86/mm/fault.c:1392 [inline]
 __do_page_fault+0xaa2/0xdd0 arch/x86/mm/fault.c:1506
 do_page_fault+0x38/0x590 arch/x86/mm/fault.c:1530
 page_fault+0x39/0x40 arch/x86/entry/entry_64.S:1202
RIP: 0033:0x4aeba0
Code: Bad RIP value.
RSP: 002b:00007ffdc546a828 EFLAGS: 00010206
RAX: 00000000004aeba0 RBX: 0000000000000001 RCX: 00000000006e47b0
RDX: 0000000000409e70 RSI: 0000000000000001 RDI: 00000000004d0430
RBP: 00007ffdc546a830 R08: 0000000000000000 R09: 0000000000000000
R10: 00007ffdc546a8b0 R11: 0000000000000000 R12: 0000000000000001
R13: 00000000006e47a0 R14: 000000000000002d R15: 0000000000000006
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 5.3.0-rc3+ #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x70/0xb2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x23b/0x28b lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0x9d0/0xef0 kernel/hung_task.c:289
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 10417 Comm: syz-executor159 Not tainted 5.3.0-rc3+ #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:lock_acquire+0x1b9/0x410 kernel/locking/lockdep.c:4414
Code: ff 48 b8 00 00 00 00 00 fc ff df 65 48 8b 1c 25 40 fe 01 00 48 8d bb 8c 08 00 00 48 83 c4 20 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 0d 02 00 00 48
RSP: 0018:ffff8880920278a0 EFLAGS: 00000807
RAX: dffffc0000000000 RBX: ffff88808ed74080 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88808ed7490c
RBP: ffff8880920278e8 R08: 0000000000000001 R09: 0000000000000000
R10: fffffbfff134ae67 R11: ffff88808ed74080 R12: ffff8880a1974bd0
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  00007fdd2663b700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffff600400 CR3: 0000000096c1e000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __mutex_lock_common kernel/locking/mutex.c:930 [inline]
 __mutex_lock+0x156/0x13c0 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 perf_mmap+0x736/0x19b0 kernel/events/core.c:5700
 call_mmap include/linux/fs.h:1875 [inline]
 mmap_region+0xc35/0x1760 mm/mmap.c:1788
 do_mmap+0x82e/0x1090 mm/mmap.c:1561
 do_mmap_pgoff include/linux/mm.h:2374 [inline]
 vm_mmap_pgoff+0x1c5/0x230 mm/util.c:391
 ksys_mmap_pgoff+0x4aa/0x630 mm/mmap.c:1611
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:100 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:91 [inline]
 __x64_sys_mmap+0xe9/0x1b0 arch/x86/kernel/sys_x86_64.c:91
 do_syscall_64+0xfd/0x6a0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x448d19
Code: e8 7c 1a 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fdd2663acd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00000000006dfc58 RCX: 0000000000448d19
RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffd000
RBP: 00000000006dfc50 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000001011 R11: 0000000000000246 R12: 00000000006dfc5c
R13: 00007ffdc546a80f R14: 00007fdd2663b9c0 R15: 0000000000000005

Crashes (34):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro
ci-upstream-kasan-gce-selinux-root	2019/08/07 10:26	upstream	33920f1e	cdde7486	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2019/08/07 09:33	upstream	f4eb1423	cdde7486	.config	log	report	syz	C
ci-upstream-kasan-gce	2019/07/27 22:35	upstream	5168afe6	c85e1c5b	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2019/06/08 20:41	upstream	79c3ba32	0159583c	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2019/06/08 19:12	upstream	79c3ba32	0159583c	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2019/06/08 17:36	upstream	79c3ba32	0159583c	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2019/04/21 17:54	upstream	9e5de623	b0e8efcb	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2019/04/13 07:06	upstream	8ee15f32	c402d8f1	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2018/10/27 01:56	upstream	18d0eae3	a8292de9	.config	log	report	syz	C
ci-upstream-kasan-gce-selinux-root	2018/10/27 01:55	upstream	18d0eae3	a8292de9	.config	log	report	syz	C
ci-upstream-kasan-gce-root	2018/10/27 01:55	upstream	18d0eae3	a8292de9	.config	log	report	syz	C
ci-upstream-kasan-gce-386	2019/07/27 22:53	upstream	5168afe6	c85e1c5b	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2019/07/29 07:32	linux-next	fde50b96	c85e1c5b	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2019/06/26 05:02	linux-next	90203176	0a8d1a96	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2019/06/18 03:22	linux-next	a125097c	442206d7	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2019/04/22 14:08	linux-next	3f018f4a	0a77c33c	.config	log	report	syz	C
ci-upstream-linux-next-kasan-gce-root	2018/10/27 01:54	linux-next	8c60c36d	a8292de9	.config	log	report	syz	C
ci-upstream-kasan-gce-smack-root	2019/06/15 22:51	upstream	e01e060f	442206d7	.config	log	report
ci-upstream-kasan-gce-root	2019/06/11 01:19	upstream	01ccc3ad	0159583c	.config	log	report
ci-upstream-kasan-gce	2019/06/06 15:35	upstream	156c0591	698773cb	.config	log	report
ci-upstream-kasan-gce-root	2019/03/26 18:36	upstream	a3ac7917	55684ce1	.config	log	report
ci-upstream-kasan-gce-smack-root	2019/03/14 05:33	upstream	ebc551f2	2881fc25	.config	log	report
ci-upstream-kasan-gce-smack-root	2019/02/28 05:44	upstream	7d762d69	34ec456b	.config	log	report
ci-upstream-kasan-gce-smack-root	2019/02/23 18:25	upstream	cb268d80	18107ce0	.config	log	report
ci-upstream-kasan-gce-smack-root	2019/02/04 10:43	upstream	8834f560	c198d5dd	.config	log	report
ci-upstream-kasan-gce-smack-root	2019/01/24 03:59	upstream	30bac164	56558f63	.config	log	report
ci-upstream-kasan-gce-selinux-root	2019/01/24 03:57	upstream	30bac164	56558f63	.config	log	report
ci-upstream-kasan-gce-root	2019/01/01 07:40	upstream	f12e840c	3d85f48c	.config	log	report
ci-upstream-kasan-gce-selinux-root	2018/10/22 04:25	upstream	467e050e	ecb386fe	.config	log	report
ci-upstream-kasan-gce-root	2018/08/28 10:04	upstream	050cdc6c	7ef1de9e	.config	log	report
ci-upstream-kasan-gce-386	2019/03/07 10:39	upstream	f90d6448	8c085c5e	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2019/07/04 21:36	linux-next	f9ca7f5a	429efa16	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2019/02/21 21:25	linux-next	550f4769	7ff74a98	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2018/11/29 16:53	linux-next	442b8cea	4b6d14f2	.config	log	report