syzbot

 sign-in | mailing list | source | docs
🐞 Open [966] 🐞 Fixed [3918] 🐞 Invalid [8487] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

INFO: task hung in __do_page_fault (2)

Status: closed as invalid on 2022/02/08 10:55
Reported-by: syzbot+6b074f741adbd93d2df5@syzkaller.appspotmail.com
First crash: 1440d, last: 1096d

Cause bisection: introduced by (bisect log) :
commit 0161028b7c8aebef64194d3d73e43bc3b53b5c66
Author: Andy Lutomirski <luto@kernel.org>
Date: Mon May 9 22:48:51 2016 +0000

  perf/core: Change the default paranoia level to 2

Crash: INFO: task hung in khugepaged (log)
Repro: C syz .config

Fix bisection: failed (bisect log)
similar bugs (6):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-44 INFO: task hung in __do_page_fault C 1 1269d 1211d 0/2 public: reported C repro on 2019/04/14 00:00
linux-4.14 INFO: task hung in __do_page_fault C error 15 50d 1206d 0/1 upstream: reported C repro on 2019/04/19 08:53
android-49 INFO: task hung in __do_page_fault C 5 1037d 1211d 0/3 public: reported C repro on 2019/04/14 08:51
linux-4.19 INFO: task hung in __do_page_fault C error 24 48d 1156d 0/1 upstream: reported C repro on 2019/06/08 06:01
android-414 INFO: task hung in __do_page_fault C 7 1046d 1213d 0/1 public: reported C repro on 2019/04/12 00:01
upstream INFO: task hung in __do_page_fault 1 1575d 1574d 6/23 fixed on 2018/05/17 10:02

Sample crash report:
INFO: task syz-executor159:10407 blocked for more than 143 seconds.
      Not tainted 5.3.0-rc3+ #94
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor159 D24544 10407  10406 0x00000000
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x755/0x1580 kernel/sched/core.c:3880
 schedule+0xa8/0x270 kernel/sched/core.c:3944
 rwsem_down_read_slowpath+0x4cc/0xfb0 kernel/locking/rwsem.c:1090
 __down_read kernel/locking/rwsem.c:1320 [inline]
 down_read+0x1f4/0x3f0 kernel/locking/rwsem.c:1463
 do_user_addr_fault arch/x86/mm/fault.c:1392 [inline]
 __do_page_fault+0xaa2/0xdd0 arch/x86/mm/fault.c:1506
 do_page_fault+0x38/0x590 arch/x86/mm/fault.c:1530
 page_fault+0x39/0x40 arch/x86/entry/entry_64.S:1202
RIP: 0033:0x4aeba0
Code: Bad RIP value.
RSP: 002b:00007ffdc546a828 EFLAGS: 00010206
RAX: 00000000004aeba0 RBX: 0000000000000001 RCX: 00000000006e47b0
RDX: 0000000000409e70 RSI: 0000000000000001 RDI: 00000000004d0430
RBP: 00007ffdc546a830 R08: 0000000000000000 R09: 0000000000000000
R10: 00007ffdc546a8b0 R11: 0000000000000000 R12: 0000000000000001
R13: 00000000006e47a0 R14: 000000000000002d R15: 0000000000000006
INFO: lockdep is turned off.
NMI backtrace for cpu 0
CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 5.3.0-rc3+ #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x70/0xb2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x23b/0x28b lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0x9d0/0xef0 kernel/hung_task.c:289
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 10417 Comm: syz-executor159 Not tainted 5.3.0-rc3+ #94
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:lock_acquire+0x1b9/0x410 kernel/locking/lockdep.c:4414
Code: ff 48 b8 00 00 00 00 00 fc ff df 65 48 8b 1c 25 40 fe 01 00 48 8d bb 8c 08 00 00 48 83 c4 20 48 89 fa 48 c1 ea 03 0f b6 14 02 <48> 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 0d 02 00 00 48
RSP: 0018:ffff8880920278a0 EFLAGS: 00000807
RAX: dffffc0000000000 RBX: ffff88808ed74080 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88808ed7490c
RBP: ffff8880920278e8 R08: 0000000000000001 R09: 0000000000000000
R10: fffffbfff134ae67 R11: ffff88808ed74080 R12: ffff8880a1974bd0
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
FS:  00007fdd2663b700(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffff600400 CR3: 0000000096c1e000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __mutex_lock_common kernel/locking/mutex.c:930 [inline]
 __mutex_lock+0x156/0x13c0 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 perf_mmap+0x736/0x19b0 kernel/events/core.c:5700
 call_mmap include/linux/fs.h:1875 [inline]
 mmap_region+0xc35/0x1760 mm/mmap.c:1788
 do_mmap+0x82e/0x1090 mm/mmap.c:1561
 do_mmap_pgoff include/linux/mm.h:2374 [inline]
 vm_mmap_pgoff+0x1c5/0x230 mm/util.c:391
 ksys_mmap_pgoff+0x4aa/0x630 mm/mmap.c:1611
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:100 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:91 [inline]
 __x64_sys_mmap+0xe9/0x1b0 arch/x86/kernel/sys_x86_64.c:91
 do_syscall_64+0xfd/0x6a0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x448d19
Code: e8 7c 1a 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 3b 0c fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fdd2663acd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00000000006dfc58 RCX: 0000000000448d19
RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffd000
RBP: 00000000006dfc50 R08: 0000000000000003 R09: 0000000000000000
R10: 0000000000001011 R11: 0000000000000246 R12: 00000000006dfc5c
R13: 00007ffdc546a80f R14: 00007fdd2663b9c0 R15: 0000000000000005

Crashes (34):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2019/08/07 10:26 upstream 33920f1ec5bf cdde7486 .config log report syz C
ci-upstream-kasan-gce-root 2019/08/07 09:33 upstream f4eb1423e433 cdde7486 .config log report syz C
ci-upstream-kasan-gce 2019/07/27 22:35 upstream 5168afe6ef59 c85e1c5b .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/06/08 20:41 upstream 79c3ba3206c7 0159583c .config log report syz C
ci-upstream-kasan-gce-root 2019/06/08 19:12 upstream 79c3ba3206c7 0159583c .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/06/08 17:36 upstream 79c3ba3206c7 0159583c .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/04/21 17:54 upstream 9e5de623a0cb b0e8efcb .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/04/13 07:06 upstream 8ee15f324866 c402d8f1 .config log report syz C
ci-upstream-kasan-gce-smack-root 2018/10/27 01:56 upstream 18d0eae30e6a a8292de9 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2018/10/27 01:55 upstream 18d0eae30e6a a8292de9 .config log report syz C
ci-upstream-kasan-gce-root 2018/10/27 01:55 upstream 18d0eae30e6a a8292de9 .config log report syz C
ci-upstream-kasan-gce-386 2019/07/27 22:53 upstream 5168afe6ef59 c85e1c5b .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/07/29 07:32 linux-next fde50b96be82 c85e1c5b .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/06/26 05:02 linux-next 902031767aec 0a8d1a96 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/06/18 03:22 linux-next a125097c8410 442206d7 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/04/22 14:08 linux-next 3f018f4a019a 0a77c33c .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2018/10/27 01:54 linux-next 8c60c36d0b8c a8292de9 .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/06/15 22:51 upstream e01e060fe00d 442206d7 .config log report
ci-upstream-kasan-gce-root 2019/06/11 01:19 upstream 01ccc3ad4413 0159583c .config log report
ci-upstream-kasan-gce 2019/06/06 15:35 upstream 156c05917e09 698773cb .config log report
ci-upstream-kasan-gce-root 2019/03/26 18:36 upstream a3ac7917b730 55684ce1 .config log report
ci-upstream-kasan-gce-smack-root 2019/03/14 05:33 upstream ebc551f2b8f9 2881fc25 .config log report
ci-upstream-kasan-gce-smack-root 2019/02/28 05:44 upstream 7d762d69145a 34ec456b .config log report
ci-upstream-kasan-gce-smack-root 2019/02/23 18:25 upstream cb268d806972 18107ce0 .config log report
ci-upstream-kasan-gce-smack-root 2019/02/04 10:43 upstream 8834f5600cf3 c198d5dd .config log report
ci-upstream-kasan-gce-smack-root 2019/01/24 03:59 upstream 30bac164aca7 56558f63 .config log report
ci-upstream-kasan-gce-selinux-root 2019/01/24 03:57 upstream 30bac164aca7 56558f63 .config log report
ci-upstream-kasan-gce-root 2019/01/01 07:40 upstream f12e840c819b 3d85f48c .config log report
ci-upstream-kasan-gce-selinux-root 2018/10/22 04:25 upstream 467e050e9760 ecb386fe .config log report
ci-upstream-kasan-gce-root 2018/08/28 10:04 upstream 050cdc6c9501 7ef1de9e .config log report
ci-upstream-kasan-gce-386 2019/03/07 10:39 upstream f90d64483ebd 8c085c5e .config log report
ci-upstream-linux-next-kasan-gce-root 2019/07/04 21:36 linux-next f9ca7f5a1eb9 429efa16 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/02/21 21:25 linux-next 550f4769c7c4 7ff74a98 .config log report
ci-upstream-linux-next-kasan-gce-root 2018/11/29 16:53 linux-next 442b8cea2477 4b6d14f2 .config log report