bisecting cause commit starting from fb0155a09b0224a7147cb07a4ce6034c8d29667f building syzkaller on 1b88c6d5c8477f1d4fb3b389443b200acc32e9a8 testing commit fb0155a09b0224a7147cb07a4ce6034c8d29667f with gcc (GCC) 8.1.0 kernel signature: f85d7c81cee8389cd416db0d8472517ce42e977cf9bd3a8cd634bb034cbac0b0 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in do_read_cache_page run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page testing release v5.8 testing commit bcf876870b95592b52519ed4aafcf9d95999bc9c with gcc (GCC) 8.1.0 kernel signature: 77dfc5ff0b1f2aa920c345920728e5e3cd02a5bf46de837fff1b9d7f5cfbe605 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put testing release v5.7 testing commit 3d77e6a8804abcc0504c904bd6e5cdf3a5cf8162 with gcc (GCC) 8.1.0 kernel signature: 9668430e978f1a8a66b788a62dd74e40ceb2b09def65ac7b53407131f03a5c33 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put testing release v5.6 testing commit 7111951b8d4973bda27ff663f2cf18b663d15b48 with gcc (GCC) 8.1.0 kernel signature: 3254b5782800f55622c3ab0c13c80f1187c3957b73c9d34d44944eca524f492c run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put testing release v5.5 testing commit d5226fa6dbae0569ee43ecfc08bdcd6770fc4755 with gcc (GCC) 8.1.0 kernel signature: db0ef64374c9ed2d8de237e76005e80b8821e81953e49964a015be2609e42744 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in blkdev_put testing release v5.4 testing commit 219d54332a09e8d8741c1e1982f5eae56099de85 with gcc (GCC) 8.1.0 kernel signature: 4a530c756bb3c7bd927f149b54a11d75b71958122c0f9c9e269d3cb6e7791f7f run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put testing release v5.3 testing commit 4d856f72c10ecb060868ed10ff1b1453943fc6c8 with gcc (GCC) 8.1.0 kernel signature: 46230ab46dd5302b0c3c540474191352dba2d900cd98f6e13520cfe82372d4c0 all runs: OK # git bisect start 219d54332a09e8d8741c1e1982f5eae56099de85 4d856f72c10ecb060868ed10ff1b1453943fc6c8 Bisecting: 7882 revisions left to test after this (roughly 13 steps) [a9f8b38a071b468276a243ea3ea5a0636e848cf2] Merge tag 'for-linus-5.4-1' of git://github.com/cminyard/linux-ipmi testing commit a9f8b38a071b468276a243ea3ea5a0636e848cf2 with gcc (GCC) 8.1.0 kernel signature: 3e4d2e8c202d74c697c48d0b703b4adece1e12781116ea4619ce28e0c34d0d3d run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad a9f8b38a071b468276a243ea3ea5a0636e848cf2 Bisecting: 3920 revisions left to test after this (roughly 12 steps) [fe38bd6862074c0a2b9be7f31f043aaa70b2af5f] Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm testing commit fe38bd6862074c0a2b9be7f31f043aaa70b2af5f with gcc (GCC) 8.1.0 kernel signature: 45c40055b0802f0c9588a207fcdc5c8eb1cd62d6b9dbd8aac346b1675f531693 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put # git bisect bad fe38bd6862074c0a2b9be7f31f043aaa70b2af5f Bisecting: 1970 revisions left to test after this (roughly 11 steps) [fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35] Merge branch 'x86-build-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip testing commit fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35 with gcc (GCC) 8.1.0 kernel signature: cafb65806aa5a898be0cc1436ca6e0076555ec2239529f9e6ded5d6f5fa301fb all runs: OK # git bisect good fc6fd1392a8f3d5f3d722ad9c92314477c1a2a35 Bisecting: 1254 revisions left to test after this (roughly 10 steps) [ea982ba7f79141d86eb7a440fcba6796ed718b9b] Merge tag 'mmc-v5.4' of git://git.kernel.org/pub/scm/linux/kernel/git/ulfh/mmc testing commit ea982ba7f79141d86eb7a440fcba6796ed718b9b with gcc (GCC) 8.1.0 kernel signature: 127cd3275ac2d68d75b836862f01bc076534ce2c153a1b42478ee6778831179b run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in do_read_cache_page run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad ea982ba7f79141d86eb7a440fcba6796ed718b9b Bisecting: 358 revisions left to test after this (roughly 9 steps) [6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a] Merge tag 'xtensa-20190917' of git://github.com/jcmvbkbc/linux-xtensa testing commit 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a with gcc (GCC) 8.1.0 kernel signature: eec13cfb6c27418e794d76aba049b7eae53c4e2337ba411dce3919957ba3e753 all runs: OK # git bisect good 6dec8c15e5faa2a3c02d2e1d1b03b926b545ec0a Bisecting: 179 revisions left to test after this (roughly 8 steps) [21fa1004ff5d749c90cef77525b73a49ef5583dc] Merge branch 'nvme-5.4' of git://git.infradead.org/nvme into for-5.4/block testing commit 21fa1004ff5d749c90cef77525b73a49ef5583dc with gcc (GCC) 8.1.0 kernel signature: dbc3c6c2b98c2a08a35b84b0d32f58cdc8ef5d383f0273f6c030573334fecd47 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put # git bisect bad 21fa1004ff5d749c90cef77525b73a49ef5583dc Bisecting: 89 revisions left to test after this (roughly 7 steps) [10407ec9b42d30a6ebc49f7f84e2bb2131438699] nvme-tcp: Use protocol specific operations while reading socket testing commit 10407ec9b42d30a6ebc49f7f84e2bb2131438699 with gcc (GCC) 8.1.0 kernel signature: 644319df5241081ba46f09f3eca7de16117504bb6a04619f4820582f5714e9db run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in do_read_cache_page run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in do_read_cache_page run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in do_read_cache_page run #9: crashed: INFO: task hung in blkdev_put # git bisect bad 10407ec9b42d30a6ebc49f7f84e2bb2131438699 Bisecting: 44 revisions left to test after this (roughly 6 steps) [5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960] block: sed-opal: Add/remove spaces testing commit 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960 with gcc (GCC) 8.1.0 kernel signature: 7002b0532b0078ee61469ddc7827d5f1ce64ed6eb918951cf2d5e7291de0f900 all runs: OK # git bisect good 5cc23ed75b629dfb0f8f7a7d0c80e0bab36b3960 Bisecting: 22 revisions left to test after this (roughly 5 steps) [97b27821b4854ca744946dae32a3f2fd55bcd5bc] writeback, memcg: Implement foreign dirty flushing testing commit 97b27821b4854ca744946dae32a3f2fd55bcd5bc with gcc (GCC) 8.1.0 kernel signature: d3a5ca50d02e9fc892648cb5f64c6a5b3acb8e8e4b21147356c4b9503720b6f6 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in do_read_cache_page run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in do_read_cache_page # git bisect bad 97b27821b4854ca744946dae32a3f2fd55bcd5bc Bisecting: 10 revisions left to test after this (roughly 4 steps) [d4b186ed227b80334abf1fe2c918c0ddc4374f38] null_blk: move duplicate code to callers testing commit d4b186ed227b80334abf1fe2c918c0ddc4374f38 with gcc (GCC) 8.1.0 kernel signature: 74777bd936be77c5fb73866283b1131f288bd87ee2713b1722363bc1d1ac7155 all runs: crashed: INFO: task hung in blkdev_put # git bisect bad d4b186ed227b80334abf1fe2c918c0ddc4374f38 Bisecting: 5 revisions left to test after this (roughly 3 steps) [887e975c4172d0d5670c39ead2f18ba1e4ec8133] nbd: add missing config put testing commit 887e975c4172d0d5670c39ead2f18ba1e4ec8133 with gcc (GCC) 8.1.0 kernel signature: b776d92ee390dcad749722a389c699987af004d249640cc0dca685c358173903 all runs: OK # git bisect good 887e975c4172d0d5670c39ead2f18ba1e4ec8133 Bisecting: 2 revisions left to test after this (roughly 2 steps) [320ea869a12cec206756207c6ca5f817ec45c7f2] block: improve the gap check in __bio_add_pc_page testing commit 320ea869a12cec206756207c6ca5f817ec45c7f2 with gcc (GCC) 8.1.0 kernel signature: 56263442324d7e4041684a70be7d97a10c5f6e13483b7468c3edd89c2ad327ed run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in blkdev_put run #2: crashed: INFO: task hung in blkdev_put run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in do_read_cache_page run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put # git bisect bad 320ea869a12cec206756207c6ca5f817ec45c7f2 Bisecting: 0 revisions left to test after this (roughly 1 step) [e9e006f5fcf2bab59149cb38a48a4817c1b538b4] nbd: fix max number of supported devs testing commit e9e006f5fcf2bab59149cb38a48a4817c1b538b4 with gcc (GCC) 8.1.0 kernel signature: e2be725edb7375faa81a102cf2dc98b1c522ce6a81e684354d50f0682d83df52 all runs: crashed: INFO: task hung in blkdev_put # git bisect bad e9e006f5fcf2bab59149cb38a48a4817c1b538b4 Bisecting: 0 revisions left to test after this (roughly 0 steps) [2da22da573481cc4837e246d0eee4d518b3f715e] nbd: fix zero cmd timeout handling v2 testing commit 2da22da573481cc4837e246d0eee4d518b3f715e with gcc (GCC) 8.1.0 kernel signature: 9931fa332e3af2a950fc440b157fe364dc7646289894dcac578bc9552ba92698 run #0: crashed: INFO: task hung in blkdev_put run #1: crashed: INFO: task hung in do_read_cache_page run #2: crashed: INFO: task hung in do_read_cache_page run #3: crashed: INFO: task hung in blkdev_put run #4: crashed: INFO: task hung in blkdev_put run #5: crashed: INFO: task hung in blkdev_put run #6: crashed: INFO: task hung in blkdev_put run #7: crashed: INFO: task hung in blkdev_put run #8: crashed: INFO: task hung in blkdev_put run #9: crashed: INFO: task hung in blkdev_put # git bisect bad 2da22da573481cc4837e246d0eee4d518b3f715e 2da22da573481cc4837e246d0eee4d518b3f715e is the first bad commit commit 2da22da573481cc4837e246d0eee4d518b3f715e Author: Mike Christie Date: Tue Aug 13 11:39:52 2019 -0500 nbd: fix zero cmd timeout handling v2 This fixes a regression added in 4.9 with commit: commit 0eadf37afc2500e1162c9040ec26a705b9af8d47 Author: Josef Bacik Date: Thu Sep 8 12:33:40 2016 -0700 nbd: allow block mq to deal with timeouts where before the patch userspace would set the timeout to 0 to disable it. With the above patch, a zero timeout tells the block layer to use the default value of 30 seconds. For setups where commands can take a long time or experience transient issues like network disruptions this then results in IO errors being sent to the application. To fix this, the patch still uses the common block layer timeout framework, but if zero is set, nbd just logs a message and then resets the timer when it expires. Reviewed-by: Josef Bacik Signed-off-by: Mike Christie Signed-off-by: Jens Axboe drivers/block/nbd.c | 29 +++++++++++++++++++++++------ 1 file changed, 23 insertions(+), 6 deletions(-) culprit signature: 9931fa332e3af2a950fc440b157fe364dc7646289894dcac578bc9552ba92698 parent signature: b776d92ee390dcad749722a389c699987af004d249640cc0dca685c358173903 revisions tested: 21, total time: 4h49m21.271792036s (build: 2h22m26.943375657s, test: 2h24m44.856178879s) first bad commit: 2da22da573481cc4837e246d0eee4d518b3f715e nbd: fix zero cmd timeout handling v2 recipients (to): ["axboe@kernel.dk" "josef@toxicpanda.com" "mchristi@redhat.com"] recipients (cc): [] crash: INFO: task hung in blkdev_put INFO: task syz-executor.3:8397 blocked for more than 143 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27816 8397 6817 0x00000004 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4176f1 Code: 8b 44 24 20 48 89 04 24 48 8b 44 24 28 48 89 44 24 08 e8 a2 c8 fe ff 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc 64 <48> 8b 0c 25 f8 ff ff ff 48 3b 61 10 0f 86 b3 00 00 00 48 83 ec 38 RSP: 002b:00007ffe5cf93380 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004176f1 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: 00007ffe5cf93470 R11: 0000000000000293 R12: 000000000118c9a0 R13: 000000000118c9a0 R14: ffffffffffffffff R15: 000000000118bf2c INFO: task syz-executor.3:8410 blocked for more than 143 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.3 D27816 8410 6817 0x00004006 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 get_signal+0x150d/0x1d00 kernel/signal.c:2523 do_signal+0x87/0x1620 arch/x86/kernel/signal.c:815 exit_to_usermode_loop+0x114/0x2e0 arch/x86/entry/common.c:159 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45dd99 Code: 05 fd 1a 24 00 48 89 04 24 48 c7 44 24 08 10 00 00 00 e8 8a 47 fd ff 90 e8 f4 21 00 00 eb c2 cc cc 64 48 8b 0c 25 f8 ff ff ff <48> 3b 61 10 0f 86 af 01 00 00 48 83 ec 70 48 89 6c 24 68 48 8d 6c RSP: 002b:00007fafc8be1c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: fffffffffffffe00 RBX: 0000000000012fc0 RCX: 000000000045dd99 RDX: ffffffffffffffff RSI: 000000000000ab03 RDI: 0000000000000003 RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007ffe5cf9330f R14: 00007fafc8be29c0 R15: 000000000118bf2c INFO: task systemd-udevd:8416 blocked for more than 143 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 8416 3935 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fd2a5d65840 Code: Bad RIP value. RSP: 002b:00007ffc9fe025f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00005560a005aa10 RCX: 00007fd2a5d65840 RDX: 000055609f639fe3 RSI: 00000000000a0800 RDI: 00005560a00599b0 RBP: 00007ffc9fe02770 R08: 000055609f639670 R09: 0000000000000010 R10: 000055609f639d0c R11: 0000000000000246 R12: 00007ffc9fe026c0 R13: 00005560a005a3f0 R14: 0000000000000003 R15: 000000000000000e INFO: task systemd-udevd:8418 blocked for more than 144 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 8418 3935 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fd2a5d65840 Code: Bad RIP value. RSP: 002b:00007ffc9fe02be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00005560a00593b0 RCX: 00007fd2a5d65840 RDX: 000055609f639fe3 RSI: 00000000000a0800 RDI: 00005560a0053c50 RBP: 00007ffc9fe02d60 R08: 000055609f639670 R09: 0000000000000010 R10: 000055609f639d0c R11: 0000000000000246 R12: 00007ffc9fe02cb0 R13: 00005560a0058e20 R14: 0000000000000003 R15: 000000000000000e INFO: task systemd-udevd:8428 blocked for more than 144 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 8428 3935 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fd2a5d65840 Code: Bad RIP value. RSP: 002b:00007ffc9fe02be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00005560a00593b0 RCX: 00007fd2a5d65840 RDX: 000055609f639fe3 RSI: 00000000000a0800 RDI: 00005560a005b030 RBP: 00007ffc9fe02d60 R08: 000055609f639670 R09: 0000000000000010 R10: 000055609f639d0c R11: 0000000000000246 R12: 00007ffc9fe02cb0 R13: 00005560a00557b0 R14: 0000000000000003 R15: 000000000000000e INFO: task systemd-udevd:8433 blocked for more than 144 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 8433 3935 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fd2a5d65840 Code: Bad RIP value. RSP: 002b:00007ffc9fe02be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00005560a00593b0 RCX: 00007fd2a5d65840 RDX: 000055609f639fe3 RSI: 00000000000a0800 RDI: 00005560a0056780 RBP: 00007ffc9fe02d60 R08: 000055609f639670 R09: 0000000000000010 R10: 000055609f639d0c R11: 0000000000000246 R12: 00007ffc9fe02cb0 R13: 00005560a0056330 R14: 0000000000000003 R15: 000000000000000e INFO: task syz-executor.1:8438 blocked for more than 145 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D27816 8438 6821 0x00000004 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4176f1 Code: 8b 44 24 20 48 89 04 24 48 8b 44 24 28 48 89 44 24 08 e8 a2 c8 fe ff 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc 64 <48> 8b 0c 25 f8 ff ff ff 48 3b 61 10 0f 86 b3 00 00 00 48 83 ec 38 RSP: 002b:00007fffcc9ea1a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004176f1 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: 00007fffcc9ea290 R11: 0000000000000293 R12: 000000000118c9a0 R13: 000000000118c9a0 R14: ffffffffffffffff R15: 000000000118bf2c INFO: task syz-executor.1:8453 blocked for more than 145 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D27816 8453 6821 0x00004006 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 get_signal+0x150d/0x1d00 kernel/signal.c:2523 do_signal+0x87/0x1620 arch/x86/kernel/signal.c:815 exit_to_usermode_loop+0x114/0x2e0 arch/x86/entry/common.c:159 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x45dd99 Code: 05 fd 1a 24 00 48 89 04 24 48 c7 44 24 08 10 00 00 00 e8 8a 47 fd ff 90 e8 f4 21 00 00 eb c2 cc cc 64 48 8b 0c 25 f8 ff ff ff <48> 3b 61 10 0f 86 af 01 00 00 48 83 ec 70 48 89 6c 24 68 48 8d 6c RSP: 002b:00007f0419cd0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: fffffffffffffe00 RBX: 0000000000012fc0 RCX: 000000000045dd99 RDX: ffffffffffffffff RSI: 000000000000ab03 RDI: 0000000000000003 RBP: 000000000118bf60 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118bf2c R13: 00007fffcc9ea12f R14: 00007f0419cd19c0 R15: 000000000118bf2c INFO: task systemd-udevd:8482 blocked for more than 145 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. systemd-udevd D26568 8482 3935 0x00004100 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 io_schedule+0x1c/0x70 kernel/sched/core.c:5600 wait_on_page_bit_common mm/filemap.c:1166 [inline] wait_on_page_bit+0x357/0x8a0 mm/filemap.c:1215 wait_on_page_locked include/linux/pagemap.h:517 [inline] wait_on_page_read mm/filemap.c:2793 [inline] do_read_cache_page+0x36f/0xbf0 mm/filemap.c:2836 read_cache_page+0x3a/0x60 mm/filemap.c:2920 read_mapping_page include/linux/pagemap.h:386 [inline] read_dev_sector+0x68/0x320 block/partition-generic.c:667 read_part_sector block/partitions/check.h:38 [inline] adfspart_check_ICS+0x109/0xde0 block/partitions/acorn.c:361 check_partition+0x314/0x5da block/partitions/check.c:167 rescan_partitions+0x192/0x8b0 block/partition-generic.c:531 __blkdev_get+0xdc6/0x12e0 fs/block_dev.c:1680 blkdev_get+0x18e/0x210 fs/block_dev.c:1750 blkdev_open+0x19f/0x200 fs/block_dev.c:1886 do_dentry_open+0x3f1/0x1010 fs/open.c:797 vfs_open+0x9a/0xc0 fs/open.c:906 do_last fs/namei.c:3416 [inline] path_openat+0x89e/0x29c0 fs/namei.c:3533 do_filp_open+0x177/0x250 fs/namei.c:3563 do_sys_open+0x1dd/0x3b0 fs/open.c:1089 __do_sys_open fs/open.c:1107 [inline] __se_sys_open fs/open.c:1102 [inline] __x64_sys_open+0x79/0xb0 fs/open.c:1102 do_syscall_64+0xd0/0x540 arch/x86/entry/common.c:296 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fd2a5d65840 Code: Bad RIP value. RSP: 002b:00007ffc9fe02be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 00005560a0049770 RCX: 00007fd2a5d65840 RDX: 000055609f639fe3 RSI: 00000000000a0800 RDI: 00005560a0059970 RBP: 00007ffc9fe02d60 R08: 000055609f639670 R09: 0000000000000010 R10: 000055609f639d0c R11: 0000000000000246 R12: 00007ffc9fe02cb0 R13: 00005560a0054f60 R14: 0000000000000003 R15: 000000000000000e INFO: task syz-executor.2:8492 blocked for more than 146 seconds. Not tainted 5.3.0-rc3-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.2 D27816 8492 6818 0x00000004 Call Trace: context_switch kernel/sched/core.c:3254 [inline] __schedule+0x82a/0x18e0 kernel/sched/core.c:3880 schedule+0x8f/0x260 kernel/sched/core.c:3944 schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:4003 __mutex_lock_common kernel/locking/mutex.c:1007 [inline] __mutex_lock+0x420/0x1460 kernel/locking/mutex.c:1077 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1092 blkdev_put+0x25/0x480 fs/block_dev.c:1927 blkdev_close+0x88/0xd0 fs/block_dev.c:1976 __fput+0x25a/0x780 fs/file_table.c:280 ____fput+0x9/0x10 fs/file_table.c:313 task_work_run+0x108/0x180 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x1f2/0x2e0 arch/x86/entry/common.c:163 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline] syscall_return_slowpath arch/x86/entry/common.c:274 [inline] do_syscall_64+0x462/0x540 arch/x86/entry/common.c:299 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x4176f1 Code: 8b 44 24 20 48 89 04 24 48 8b 44 24 28 48 89 44 24 08 e8 a2 c8 fe ff 48 8b 6c 24 10 48 83 c4 18 c3 cc cc cc cc cc cc cc cc 64 <48> 8b 0c 25 f8 ff ff ff 48 3b 61 10 0f 86 b3 00 00 00 48 83 ec 38 RSP: 002b:00007ffd85345cc0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00000000004176f1 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 R10: 00007ffd85345db0 R11: 0000000000000293 R12: 000000000118c9a0 R13: 000000000118c9a0 R14: ffffffffffffffff R15: 000000000118bf2c INFO: lockdep is turned off. NMI backtrace for cpu 1 CPU: 1 PID: 1112 Comm: khungtaskd Not tainted 5.3.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x165/0x21a lib/dump_stack.c:113 nmi_cpu_backtrace.cold.0+0x49/0x86 lib/nmi_backtrace.c:101 nmi_trigger_cpumask_backtrace+0x194/0x1bd lib/nmi_backtrace.c:62 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline] watchdog+0x6a3/0xb60 kernel/hung_task.c:289 kthread+0x331/0x3f0 kernel/kthread.c:255 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x12/0x20 arch/x86/include/asm/irqflags.h:60