bisecting cause commit starting from e99332e7b4cda6e60f5b5916cf9943a79dbef902
building syzkaller on 8742a2b9dba1ce2869b29fff6c5359cc9116c719
testing commit e99332e7b4cda6e60f5b5916cf9943a79dbef902 with gcc (GCC) 8.1.0
kernel signature: c9d328435bf6f6e77a8f42525b2d98cb3870032d7493c82d3679a1a61bf76a61
run #0: crashed: INFO: task hung in do_read_cache_page
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in do_read_cache_page
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in blkdev_put
run #9: crashed: INFO: task hung in do_read_cache_page
testing release v5.6
testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0
kernel signature: f572fdf42ab48d13098bdb20a494719a5f3a9243255db3b754bc7be6fadd760b
run #0: crashed: INFO: task hung in do_read_cache_page
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: boot failed: can't ssh into the instance
testing release v5.5
testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0
kernel signature: b810aaa6a823fdc1c95a24facfbc9ddd4866025c411cee61630b21f4e09dda14
run #0: crashed: INFO: task hung in do_read_cache_page
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in blkdev_put
run #9: crashed: INFO: task hung in blkdev_put
testing release v5.4
testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0
kernel signature: 622d927c5e957edf6feb271c79358d5f03b07f1553f2e78f1d77f8a81630ca4a
run #0: crashed: INFO: task hung in do_read_cache_page
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in blkdev_put
run #9: crashed: INFO: task hung in do_read_cache_page
testing release v5.3
testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0
kernel signature: e4faaa20cd27ccefdb7c83640bde319cd106f381f202886ecfe852a4ab867f1a
all runs: OK
# git bisect start 219d54332a09e8d8741c1e1982f5eae56099de85 4d856f72c10ecb060868ed10ff1b1453943fc6c8
Bisecting: 7882 revisions left to test after this (roughly 13 steps)
[a9f8b38a071b468276a243ea3ea5a0636e848cf2] Merge tag 'for-linus-5.4-1' of git://github.com/cminyard/linux-ipmi
testing commit a9f8b38a071b468276a243ea3ea5a0636e848cf2 with gcc (GCC) 8.1.0
kernel signature: 32c30df0739f89fcb21ecc41cd59113e14a1014f8b2c6089f8fde41461e21583
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in blkdev_put
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad a9f8b38a071b468276a243ea3ea5a0636e848cf2
Bisecting: 3920 revisions left to test after this (roughly 12 steps)
[fe38bd6862074c0a2b9be7f31f043aaa70b2af5f] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
testing commit fe38bd6862074c0a2b9be7f31f043aaa70b2af5f with gcc (GCC) 8.1.0
kernel signature: 1a98d947fccec7334ee7cfd3f9235554b859f4daee179bf05444ad0c315d1f1e
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in do_read_cache_page
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad fe38bd6862074c0a2b9be7f31f043aaa70b2af5f
Bisecting: 1970 revisions left to test after this (roughly 11 steps)
[fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35] Merge branch 'x86-build-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
testing commit fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35 with gcc (GCC) 8.1.0
kernel signature: d74c3cb66b3f5c20055e315c5d6becfcebcdaedd5dac12c3651fcb8574c4ef2d
all runs: OK
# git bisect good fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35
Bisecting: 1254 revisions left to test after this (roughly 10 steps)
[ea982ba7f79141d86eb7a440fcba6796ed718b9b] Merge tag 'mmc-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc
testing commit ea982ba7f79141d86eb7a440fcba6796ed718b9b with gcc (GCC) 8.1.0
kernel signature: 4a508d6aae99c4cf36513722f0277f5dc2a9bcdd9f6d22861f2c984a7b0df7d2
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in do_read_cache_page
run #2: crashed: INFO: task hung in do_read_cache_page
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad ea982ba7f79141d86eb7a440fcba6796ed718b9b
Bisecting: 358 revisions left to test after this (roughly 9 steps)
[6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a] Merge tag 'xtensa-20190917' of git://github.com/jcmvbkbc/linux-xtensa
testing commit 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a with gcc (GCC) 8.1.0
kernel signature: f2155fe59b124786bb9534ee6764baa12d1627e40678b7a96e25072c7f7dca13
all runs: OK
# git bisect good 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a
Bisecting: 179 revisions left to test after this (roughly 8 steps)
[21fa1004ff5d749c90cef77525b73a49ef5583dc] Merge branch 'nvme-5.4' of git://git.infradead.org/nvme into for-5.4/block
testing commit 21fa1004ff5d749c90cef77525b73a49ef5583dc with gcc (GCC) 8.1.0
kernel signature: a832239965de48e31eb978045518c2337354e3ee51d04f5a096a8b41ada30048
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in do_read_cache_page
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in do_read_cache_page
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad 21fa1004ff5d749c90cef77525b73a49ef5583dc
Bisecting: 89 revisions left to test after this (roughly 7 steps)
[10407ec9b42d30a6ebc49f7f84e2bb2131438699] nvme-tcp: Use protocol specific operations while reading socket
testing commit 10407ec9b42d30a6ebc49f7f84e2bb2131438699 with gcc (GCC) 8.1.0
kernel signature: 2e26779e3cfc86ed3c853b5a1deda955aee9b2ff10b8a3a073cc452eb6bc1f77
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad 10407ec9b42d30a6ebc49f7f84e2bb2131438699
Bisecting: 44 revisions left to test after this (roughly 6 steps)
[5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960] block: sed-opal: Add/remove spaces
testing commit 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960 with gcc (GCC) 8.1.0
kernel signature: 84ac34e6e77ba85502d14ebbeaff681359f7f7860fa2437584df18b7b51cf8e9
all runs: OK
# git bisect good 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960
Bisecting: 22 revisions left to test after this (roughly 5 steps)
[97b27821b4854ca744946dae32a3f2fd55bcd5bc] writeback, memcg: Implement foreign dirty flushing
testing commit 97b27821b4854ca744946dae32a3f2fd55bcd5bc with gcc (GCC) 8.1.0
kernel signature: 31d5169d1a6f5d1558062d4f3d1e29f6ca43626fda78c25e0c9d6c02ae1f2014
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad 97b27821b4854ca744946dae32a3f2fd55bcd5bc
Bisecting: 10 revisions left to test after this (roughly 4 steps)
[d4b186ed227b80334abf1fe2c918c0ddc4374f38] null_blk: move duplicate code to callers
testing commit d4b186ed227b80334abf1fe2c918c0ddc4374f38 with gcc (GCC) 8.1.0
kernel signature: 506cdc5d5d8fce73c7776bd143f28d0c08262e8339309f8236986e4c63d709f8
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in do_read_cache_page
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in blkdev_put
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in blkdev_put
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad d4b186ed227b80334abf1fe2c918c0ddc4374f38
Bisecting: 5 revisions left to test after this (roughly 3 steps)
[887e975c4172d0d5670c39ead2f18ba1e4ec8133] nbd: add missing config put
testing commit 887e975c4172d0d5670c39ead2f18ba1e4ec8133 with gcc (GCC) 8.1.0
kernel signature: d4a8b787fae84c7fe0978ba73e46707bc04c76bdffeb2b42b6b6ec572ac97b03
all runs: OK
# git bisect good 887e975c4172d0d5670c39ead2f18ba1e4ec8133
Bisecting: 2 revisions left to test after this (roughly 2 steps)
[320ea869a12cec206756207c6ca5f817ec45c7f2] block: improve the gap check in __bio_add_pc_page
testing commit 320ea869a12cec206756207c6ca5f817ec45c7f2 with gcc (GCC) 8.1.0
kernel signature: f9e713f418bf716f17ab6be90e9503e375a7d68597aa67ef5ff8cf67c731e459
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in do_read_cache_page
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in do_read_cache_page
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad 320ea869a12cec206756207c6ca5f817ec45c7f2
Bisecting: 0 revisions left to test after this (roughly 1 step)
[e9e006f5fcf2bab59149cb38a48a4817c1b538b4] nbd: fix max number of supported devs
testing commit e9e006f5fcf2bab59149cb38a48a4817c1b538b4 with gcc (GCC) 8.1.0
kernel signature: ef8e167d3a71eccb627900fb3a405b023b910271c717af049a6a5de1d33a0f48
run #0: crashed: INFO: task hung in do_read_cache_page
run #1: crashed: INFO: task hung in blkdev_put
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in do_read_cache_page
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in blkdev_put
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad e9e006f5fcf2bab59149cb38a48a4817c1b538b4
Bisecting: 0 revisions left to test after this (roughly 0 steps)
[2da22da573481cc4837e246d0eee4d518b3f715e] nbd: fix zero cmd timeout handling v2
testing commit 2da22da573481cc4837e246d0eee4d518b3f715e with gcc (GCC) 8.1.0
kernel signature: 91fa697174740e4d453379d345d94823067ff3a7ca224bb068a9b751487e27f7
run #0: crashed: INFO: task hung in blkdev_put
run #1: crashed: INFO: task hung in do_read_cache_page
run #2: crashed: INFO: task hung in blkdev_put
run #3: crashed: INFO: task hung in blkdev_put
run #4: crashed: INFO: task hung in do_read_cache_page
run #5: crashed: INFO: task hung in blkdev_put
run #6: crashed: INFO: task hung in do_read_cache_page
run #7: crashed: INFO: task hung in do_read_cache_page
run #8: crashed: INFO: task hung in do_read_cache_page
run #9: crashed: INFO: task hung in do_read_cache_page
# git bisect bad 2da22da573481cc4837e246d0eee4d518b3f715e
2da22da573481cc4837e246d0eee4d518b3f715e is the first bad commit
commit 2da22da573481cc4837e246d0eee4d518b3f715e
Author: Mike Christie <mchristi@redhat.com>
Date:   Tue Aug 13 11:39:52 2019 -0500

    nbd: fix zero cmd timeout handling v2
    
    This fixes a regression added in 4.9 with commit:
    
    commit 0eadf37afc2500e1162c9040ec26a705b9af8d47
    Author: Josef Bacik <jbacik@fb.com>
    Date:   Thu Sep 8 12:33:40 2016 -0700
    
        nbd: allow block mq to deal with timeouts
    
    where before the patch userspace would set the timeout to 0 to disable
    it. With the above patch, a zero timeout tells the block layer to use
    the default value of 30 seconds. For setups where commands can take a
    long time or experience transient issues like network disruptions this
    then results in IO errors being sent to the application.
    
    To fix this, the patch still uses the common block layer timeout
    framework, but if zero is set, nbd just logs a message and then resets
    the timer when it expires.
    
    Reviewed-by: Josef Bacik <josef@toxicpanda.com>
    Signed-off-by: Mike Christie <mchristi@redhat.com>
    Signed-off-by: Jens Axboe <axboe@kernel.dk>

 drivers/block/nbd.c | 29 +++++++++++++++++++++++------
 1 file changed, 23 insertions(+), 6 deletions(-)
culprit signature: 91fa697174740e4d453379d345d94823067ff3a7ca224bb068a9b751487e27f7
parent  signature: d4a8b787fae84c7fe0978ba73e46707bc04c76bdffeb2b42b6b6ec572ac97b03
revisions tested: 19, total time: 4h24m26.972881688s (build: 1h56m59.686381698s, test: 2h26m10.125988968s)
first bad commit: 2da22da573481cc4837e246d0eee4d518b3f715e nbd: fix zero cmd timeout handling v2
cc: ["axboe@kernel.dk" "josef@toxicpanda.com" "mchristi@redhat.com"]
crash: INFO: task hung in do_read_cache_page
INFO: task systemd-udevd:8231 blocked for more than 143 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
systemd-udevd   D26568  8231   3899 0x00004100
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 io_schedule+0x1c/0x70 kernel/sched/core.c:5600
 wait_on_page_bit_common mm/filemap.c:1166 [inline]
 wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215
 wait_on_page_locked include/linux/pagemap.h:517 [inline]
 wait_on_page_read mm/filemap.c:2793 [inline]
 do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836
 read_cache_page+0x3a/0x60 mm/filemap.c:2920
 read_mapping_page include/linux/pagemap.h:386 [inline]
 read_dev_sector+0x68/0x320 block/partition-generic.c:667
 read_part_sector block/partitions/check.h:38 [inline]
 adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361
 check_partition+0x314/0x5da block/partitions/check.c:167
 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531
 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680
 blkdev_get+0x18e/0x210 fs/block_dev.c:1750
 blkdev_open+0x19f/0x200 fs/block_dev.c:1886
 do_dentry_open+0x3f1/0x1010 fs/open.c:797
 vfs_open+0x9a/0xc0 fs/open.c:906
 do_last fs/namei.c:3416 [inline]
 path_openat+0x89e/0x29c0 fs/namei.c:3533
 do_filp_open+0x177/0x250 fs/namei.c:3563
 do_sys_open+0x1dd/0x3b0 fs/open.c:1089
 __do_sys_open fs/open.c:1107 [inline]
 __se_sys_open fs/open.c:1102 [inline]
 __x64_sys_open+0x79/0xb0 fs/open.c:1102
 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc9c3fef840
Code: Bad RIP value.
RSP: 002b:00007ffd34f6d9b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00005585dbea54f0 RCX: 00007fc9c3fef840
RDX: 00005585db567fe3 RSI: 00000000000a0800 RDI: 00005585dbea5620
RBP: 00007ffd34f6db30 R08: 00005585db567670 R09: 0000000000000010
R10: 00005585db567d0c R11: 0000000000000246 R12: 00007ffd34f6da80
R13: 00005585dbea3990 R14: 0000000000000003 R15: 000000000000000e
INFO: task systemd-udevd:9096 blocked for more than 143 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
systemd-udevd   D26568  9096   3899 0x00004100
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 io_schedule+0x1c/0x70 kernel/sched/core.c:5600
 wait_on_page_bit_common mm/filemap.c:1166 [inline]
 wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215
 wait_on_page_locked include/linux/pagemap.h:517 [inline]
 wait_on_page_read mm/filemap.c:2793 [inline]
 do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836
 read_cache_page+0x3a/0x60 mm/filemap.c:2920
 read_mapping_page include/linux/pagemap.h:386 [inline]
 read_dev_sector+0x68/0x320 block/partition-generic.c:667
 read_part_sector block/partitions/check.h:38 [inline]
 adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361
 check_partition+0x314/0x5da block/partitions/check.c:167
 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531
 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680
 blkdev_get+0x18e/0x210 fs/block_dev.c:1750
 blkdev_open+0x19f/0x200 fs/block_dev.c:1886
 do_dentry_open+0x3f1/0x1010 fs/open.c:797
 vfs_open+0x9a/0xc0 fs/open.c:906
 do_last fs/namei.c:3416 [inline]
 path_openat+0x89e/0x29c0 fs/namei.c:3533
 do_filp_open+0x177/0x250 fs/namei.c:3563
 do_sys_open+0x1dd/0x3b0 fs/open.c:1089
 __do_sys_open fs/open.c:1107 [inline]
 __se_sys_open fs/open.c:1102 [inline]
 __x64_sys_open+0x79/0xb0 fs/open.c:1102
 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc9c3fef840
Code: Bad RIP value.
RSP: 002b:00007ffd34f6d3c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 00005585dbea54f0 RCX: 00007fc9c3fef840
RDX: 00005585db567fe3 RSI: 00000000000a0800 RDI: 00005585dbea4100
RBP: 00007ffd34f6d540 R08: 00005585db567670 R09: 0000000000000010
R10: 00005585db567d0c R11: 0000000000000246 R12: 00007ffd34f6d490
R13: 00005585dbea3970 R14: 0000000000000003 R15: 000000000000000e
INFO: task syz-executor.4:18508 blocked for more than 144 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D28480 18508   6771 0x00004004
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003
 __mutex_lock_common kernel/locking/mutex.c:1007 [inline]
 __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 blkdev_put+0x25/0x480 fs/block_dev.c:1927
 blkdev_close+0x88/0xd0 fs/block_dev.c:1976
 __fput+0x25a/0x780 fs/file_table.c:280
 ____fput+0x9/0x10 fs/file_table.c:313
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163
 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:274 [inline]
 do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c829
Code: Bad RIP value.
RSP: 002b:00007f3afe1e0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: 0000000000000000 RBX: 00000000004e8e20 RCX: 000000000045c829
RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000409 R14: 00000000004c6a64 R15: 00007f3afe1e16d4
INFO: task syz-executor.4:18530 blocked for more than 144 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.4  D28776 18530   6771 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003
 __mutex_lock_common kernel/locking/mutex.c:1007 [inline]
 __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 __blkdev_get+0x1a1/0x12e0 fs/block_dev.c:1596
 blkdev_get+0x18e/0x210 fs/block_dev.c:1750
 blkdev_open+0x19f/0x200 fs/block_dev.c:1886
 do_dentry_open+0x3f1/0x1010 fs/open.c:797
 vfs_open+0x9a/0xc0 fs/open.c:906
 do_last fs/namei.c:3416 [inline]
 path_openat+0x89e/0x29c0 fs/namei.c:3533
 do_filp_open+0x177/0x250 fs/namei.c:3563
 do_sys_open+0x1dd/0x3b0 fs/open.c:1089
 __do_sys_open fs/open.c:1107 [inline]
 __se_sys_open fs/open.c:1102 [inline]
 __x64_sys_open+0x79/0xb0 fs/open.c:1102
 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x416621
Code: Bad RIP value.
RSP: 002b:00007f3afe1bf7a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000416621
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f3afe1bf850
RBP: 000000000078bfa0 R08: 000000000000000f R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 00000000ffffffff
R13: 0000000000000c0f R14: 00000000004ce39d R15: 00007f3afe1c06d4
INFO: task syz-executor.0:18512 blocked for more than 144 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0  D28480 18512   6773 0x00004004
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003
 __mutex_lock_common kernel/locking/mutex.c:1007 [inline]
 __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 blkdev_put+0x25/0x480 fs/block_dev.c:1927
 blkdev_close+0x88/0xd0 fs/block_dev.c:1976
 __fput+0x25a/0x780 fs/file_table.c:280
 ____fput+0x9/0x10 fs/file_table.c:313
 task_work_run+0x108/0x180 kernel/task_work.c:113
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163
 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:274 [inline]
 do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c829
Code: Bad RIP value.
RSP: 002b:00007f6bcedf3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: 0000000000000000 RBX: 00000000004e8e20 RCX: 000000000045c829
RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000003
RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000409 R14: 00000000004c6a64 R15: 00007f6bcedf46d4
INFO: task syz-executor.0:18531 blocked for more than 144 seconds.
      Not tainted 5.3.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.0  D28776 18531   6773 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:3254 [inline]
 __schedule+0x82a/0x18e0 kernel/sched/core.c:3880
 schedule+0x8f/0x260 kernel/sched/core.c:3944
 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003
 __mutex_lock_common kernel/locking/mutex.c:1007 [inline]
 __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077
 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092
 __blkdev_get+0x1a1/0x12e0 fs/block_dev.c:1596
 blkdev_get+0x18e/0x210 fs/block_dev.c:1750
 blkdev_open+0x19f/0x200 fs/block_dev.c:1886
 do_dentry_open+0x3f1/0x1010 fs/open.c:797
 vfs_open+0x9a/0xc0 fs/open.c:906
 do_last fs/namei.c:3416 [inline]
 path_openat+0x89e/0x29c0 fs/namei.c:3533
 do_filp_open+0x177/0x250 fs/namei.c:3563
 do_sys_open+0x1dd/0x3b0 fs/open.c:1089
 __do_sys_open fs/open.c:1107 [inline]
 __se_sys_open fs/open.c:1102 [inline]
 __x64_sys_open+0x79/0xb0 fs/open.c:1102
 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x416621
Code: Bad RIP value.
RSP: 002b:00007f6bcedd27a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 6666666666666667 RCX: 0000000000416621
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007f6bcedd2850
RBP: 000000000078bfa0 R08: 000000000000000f R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 00000000ffffffff
R13: 0000000000000c0f R14: 00000000004ce39d R15: 00007f6bcedd36d4
INFO: lockdep is turned off.
NMI backtrace for cpu 1
CPU: 1 PID: 1098 Comm: khungtaskd Not tainted 5.3.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x165/0x21a lib/dump_stack.c:113
 nmi_cpu_backtrace.cold.0+0x49/0x86 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x194/0x1bd lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0x6a3/0xb60 kernel/hung_task.c:289
 kthread+0x331/0x3f0 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x12/0x20 arch/x86/include/asm/irqflags.h:60