Hello,
When using Healer to fuzz the latest Linux kernel, the following crash
was triggered.
HEAD commit: 6880fa6c5660 Linux 5.15-rc1
git tree: upstream
console output:
https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing
kernel config: https://drive.google.com/file/d/1rUzyMbe5vcs6khA3tL9EHTLJvsUdWcgB/view?usp=sharing
Sorry, I don't have a reproducer for this crash, hope the symbolized
report can help.
If you fix this issue, please add the following tag to the commit:
Reported-by: Hao Sun <[email protected]>
INFO: task syz-executor:6566 blocked for more than 143 seconds.
Not tainted 5.15.0-rc1 #16
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor state:D stack:10632 pid: 6566 ppid: 1 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:4940 [inline]
__schedule+0x323/0xae0 kernel/sched/core.c:6287
schedule+0x36/0xe0 kernel/sched/core.c:6366
rwsem_down_write_slowpath kernel/locking/rwsem.c:1107 [inline]
__down_write_common.part.13+0x356/0x7a0 kernel/locking/rwsem.c:1262
__btrfs_tree_lock+0x2e/0x1a0 fs/btrfs/locking.c:112
btrfs_init_new_buffer fs/btrfs/extent-tree.c:4740 [inline]
btrfs_alloc_tree_block+0x19c/0x670 fs/btrfs/extent-tree.c:4818
__btrfs_cow_block+0x16f/0x7d0 fs/btrfs/ctree.c:415
btrfs_cow_block+0x12a/0x300 fs/btrfs/ctree.c:570
btrfs_search_slot+0x6b0/0xee0 fs/btrfs/ctree.c:1768
btrfs_update_root+0x6b/0x430 fs/btrfs/root-tree.c:134
commit_fs_roots+0x151/0x220 fs/btrfs/transaction.c:1373
btrfs_commit_transaction+0x443/0x1430 fs/btrfs/transaction.c:2265
btrfs_sync_fs+0x9a/0x430 fs/btrfs/super.c:1426
__sync_filesystem fs/sync.c:39 [inline]
sync_filesystem+0x9b/0xd0 fs/sync.c:67
generic_shutdown_super+0x30/0x170 fs/super.c:448
kill_anon_super+0x15/0x30 fs/super.c:1057
btrfs_kill_super+0x19/0x30 fs/btrfs/super.c:2348
deactivate_locked_super+0x43/0x80 fs/super.c:335
deactivate_super+0x53/0x80 fs/super.c:366
cleanup_mnt+0x138/0x1b0 fs/namespace.c:1137
task_work_run+0x86/0xd0 kernel/task_work.c:164
tracehook_notify_resume include/linux/tracehook.h:189 [inline]
exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
exit_to_user_mode_prepare+0x271/0x280 kernel/entry/common.c:209
__syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:302
do_syscall_64+0x40/0xb0 arch/x86/entry/common.c:86
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x46c777
RSP: 002b:00007ffc3accc0b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000046c777
RDX: 0000000000404e22 RSI: 0000000000000002 RDI: 00007ffc3accc180
RBP: 00007ffc3accc180 R08: 00000000025c8033 R09: 0000000000000009
R10: 00000000fffffffb R11: 0000000000000246 R12: 00000000004e38c6
R13: 00007ffc3accd230 R14: 00007ffc3accd22c R15: 0000000000000006
INFO: lockdep is turned off.
NMI backtrace for cpu 1
CPU: 1 PID: 39 Comm: khungtaskd Not tainted 5.15.0-rc1 #16
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
Call Trace:
__dump_stack lib/dump_stack.c:88 [inline]
dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106
nmi_cpu_backtrace+0x1e9/0x210 lib/nmi_backtrace.c:105
nmi_trigger_cpumask_backtrace+0x120/0x180 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
watchdog+0x4e1/0x980 kernel/hung_task.c:295
kthread+0x178/0x1b0 kernel/kthread.c:319
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
Sending NMI from CPU 1 to CPUs 0,2-3:
NMI backtrace for cpu 2 skipped: idling at native_safe_halt
arch/x86/include/asm/irqflags.h:51 [inline]
NMI backtrace for cpu 2 skipped: idling at arch_safe_halt
arch/x86/include/asm/irqflags.h:89 [inline]
NMI backtrace for cpu 2 skipped: idling at default_idle+0xb/0x10
arch/x86/kernel/process.c:716
NMI backtrace for cpu 0
CPU: 0 PID: 3014 Comm: systemd-journal Not tainted 5.15.0-rc1 #16
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
RIP: 0010:__seccomp_filter+0x29/0x890 kernel/seccomp.c:1173
Code: 00 41 57 41 56 49 89 f6 41 55 41 54 55 53 48 83 ec 60 65 48 8b
04 25 28 00 00 00 48 89 44 24 58 31 c0 89 7c 24 08 89 54 24 0c <e8> 62
b3 ff ff 4d 85 f6 0f 84 ed 03 00 00 e8 54 b3 ff ff 65 48 8b
RSP: 0018:ffffc900008a3e50 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888104294480 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000027
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000027
R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000
FS: 00007f0e1f6808c0(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f0e1cac7000 CR3: 000000000e6b1000 CR4: 0000000000750ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
__secure_computing+0x66/0x150 kernel/seccomp.c:1311
syscall_trace_enter.isra.17+0x9c/0x270 kernel/entry/common.c:68
do_syscall_64+0x15/0xb0 arch/x86/entry/common.c:76
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f0e1e919f17
Code: ff ff ff 48 8b 4d a0 0f b7 51 fe 48 8b 4d a8 66 89 54 08 fe e9
1a ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 <c3> 0f
1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00
RSP: 002b:00007ffd23799818 EFLAGS: 00000206 ORIG_RAX: 0000000000000027
RAX: ffffffffffffffda RBX: 00005565147301e0 RCX: 00007f0e1e919f17
RDX: 00007ffd237998d8 RSI: 0000000000000001 RDI: 00005565147301e0
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000069 R11: 0000000000000206 R12: 00007ffd237998d8
R13: 0000000000000bc6 R14: 00007ffd2379c6c0 R15: 00007ffd23799cd0
NMI backtrace for cpu 3 skipped: idling at native_safe_halt
arch/x86/include/asm/irqflags.h:51 [inline]
NMI backtrace for cpu 3 skipped: idling at arch_safe_halt
arch/x86/include/asm/irqflags.h:89 [inline]
NMI backtrace for cpu 3 skipped: idling at default_idle+0xb/0x10
arch/x86/kernel/process.c:716
----------------
Code disassembly (best guess):
0: 00 41 57 add %al,0x57(%rcx)
3: 41 56 push %r14
5: 49 89 f6 mov %rsi,%r14
8: 41 55 push %r13
a: 41 54 push %r12
c: 55 push %rbp
d: 53 push %rbx
e: 48 83 ec 60 sub $0x60,%rsp
12: 65 48 8b 04 25 28 00 mov %gs:0x28,%rax
19: 00 00
1b: 48 89 44 24 58 mov %rax,0x58(%rsp)
20: 31 c0 xor %eax,%eax
22: 89 7c 24 08 mov %edi,0x8(%rsp)
26: 89 54 24 0c mov %edx,0xc(%rsp)
* 2a: e8 62 b3 ff ff callq 0xffffb391 <-- trapping instruction
2f: 4d 85 f6 test %r14,%r14
32: 0f 84 ed 03 00 00 je 0x425
38: e8 54 b3 ff ff callq 0xffffb391
3d: 65 gs
3e: 48 rex.W
3f: 8b .byte 0x8b
On 2021/9/14 上午10:44, Hao Sun wrote:
> Hello,
>
> When using Healer to fuzz the latest Linux kernel, the following crash
> was triggered.
>
> HEAD commit: 6880fa6c5660 Linux 5.15-rc1
> git tree: upstream
> console output:
> https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing
> kernel config: https://drive.google.com/file/d/1rUzyMbe5vcs6khA3tL9EHTLJvsUdWcgB/view?usp=sharing
Any recorded info for the injected errors during the test?
It's hanging on a tree lock, without knowing the error injected, it's
really hard to find out what's the cause.
Thanks,
Qu
>
> Sorry, I don't have a reproducer for this crash, hope the symbolized
> report can help.
> If you fix this issue, please add the following tag to the commit:
> Reported-by: Hao Sun <[email protected]>
>
> INFO: task syz-executor:6566 blocked for more than 143 seconds.
> Not tainted 5.15.0-rc1 #16
> "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
> task:syz-executor state:D stack:10632 pid: 6566 ppid: 1 flags:0x00004004
> Call Trace:
> context_switch kernel/sched/core.c:4940 [inline]
> __schedule+0x323/0xae0 kernel/sched/core.c:6287
> schedule+0x36/0xe0 kernel/sched/core.c:6366
> rwsem_down_write_slowpath kernel/locking/rwsem.c:1107 [inline]
> __down_write_common.part.13+0x356/0x7a0 kernel/locking/rwsem.c:1262
> __btrfs_tree_lock+0x2e/0x1a0 fs/btrfs/locking.c:112
> btrfs_init_new_buffer fs/btrfs/extent-tree.c:4740 [inline]
> btrfs_alloc_tree_block+0x19c/0x670 fs/btrfs/extent-tree.c:4818
> __btrfs_cow_block+0x16f/0x7d0 fs/btrfs/ctree.c:415
> btrfs_cow_block+0x12a/0x300 fs/btrfs/ctree.c:570
> btrfs_search_slot+0x6b0/0xee0 fs/btrfs/ctree.c:1768
> btrfs_update_root+0x6b/0x430 fs/btrfs/root-tree.c:134
> commit_fs_roots+0x151/0x220 fs/btrfs/transaction.c:1373
> btrfs_commit_transaction+0x443/0x1430 fs/btrfs/transaction.c:2265
> btrfs_sync_fs+0x9a/0x430 fs/btrfs/super.c:1426
> __sync_filesystem fs/sync.c:39 [inline]
> sync_filesystem+0x9b/0xd0 fs/sync.c:67
> generic_shutdown_super+0x30/0x170 fs/super.c:448
> kill_anon_super+0x15/0x30 fs/super.c:1057
> btrfs_kill_super+0x19/0x30 fs/btrfs/super.c:2348
> deactivate_locked_super+0x43/0x80 fs/super.c:335
> deactivate_super+0x53/0x80 fs/super.c:366
> cleanup_mnt+0x138/0x1b0 fs/namespace.c:1137
> task_work_run+0x86/0xd0 kernel/task_work.c:164
> tracehook_notify_resume include/linux/tracehook.h:189 [inline]
> exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
> exit_to_user_mode_prepare+0x271/0x280 kernel/entry/common.c:209
> __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
> syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:302
> do_syscall_64+0x40/0xb0 arch/x86/entry/common.c:86
> entry_SYSCALL_64_after_hwframe+0x44/0xae
> RIP: 0033:0x46c777
> RSP: 002b:00007ffc3accc0b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
> RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000046c777
> RDX: 0000000000404e22 RSI: 0000000000000002 RDI: 00007ffc3accc180
> RBP: 00007ffc3accc180 R08: 00000000025c8033 R09: 0000000000000009
> R10: 00000000fffffffb R11: 0000000000000246 R12: 00000000004e38c6
> R13: 00007ffc3accd230 R14: 00007ffc3accd22c R15: 0000000000000006
> INFO: lockdep is turned off.
> NMI backtrace for cpu 1
> CPU: 1 PID: 39 Comm: khungtaskd Not tainted 5.15.0-rc1 #16
> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
> Call Trace:
> __dump_stack lib/dump_stack.c:88 [inline]
> dump_stack_lvl+0x8d/0xcf lib/dump_stack.c:106
> nmi_cpu_backtrace+0x1e9/0x210 lib/nmi_backtrace.c:105
> nmi_trigger_cpumask_backtrace+0x120/0x180 lib/nmi_backtrace.c:62
> trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
> check_hung_uninterruptible_tasks kernel/hung_task.c:210 [inline]
> watchdog+0x4e1/0x980 kernel/hung_task.c:295
> kthread+0x178/0x1b0 kernel/kthread.c:319
> ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
> Sending NMI from CPU 1 to CPUs 0,2-3:
> NMI backtrace for cpu 2 skipped: idling at native_safe_halt
> arch/x86/include/asm/irqflags.h:51 [inline]
> NMI backtrace for cpu 2 skipped: idling at arch_safe_halt
> arch/x86/include/asm/irqflags.h:89 [inline]
> NMI backtrace for cpu 2 skipped: idling at default_idle+0xb/0x10
> arch/x86/kernel/process.c:716
> NMI backtrace for cpu 0
> CPU: 0 PID: 3014 Comm: systemd-journal Not tainted 5.15.0-rc1 #16
> Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> rel-1.12.0-59-gc9ba5276e321-prebuilt.qemu.org 04/01/2014
> RIP: 0010:__seccomp_filter+0x29/0x890 kernel/seccomp.c:1173
> Code: 00 41 57 41 56 49 89 f6 41 55 41 54 55 53 48 83 ec 60 65 48 8b
> 04 25 28 00 00 00 48 89 44 24 58 31 c0 89 7c 24 08 89 54 24 0c <e8> 62
> b3 ff ff 4d 85 f6 0f 84 ed 03 00 00 e8 54 b3 ff ff 65 48 8b
> RSP: 0018:ffffc900008a3e50 EFLAGS: 00000246
> RAX: 0000000000000000 RBX: ffff888104294480 RCX: 0000000000000000
> RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000027
> RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
> R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000027
> R13: 0000000000000002 R14: 0000000000000000 R15: 0000000000000000
> FS: 00007f0e1f6808c0(0000) GS:ffff88807dc00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00007f0e1cac7000 CR3: 000000000e6b1000 CR4: 0000000000750ef0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
> PKRU: 55555554
> Call Trace:
> __secure_computing+0x66/0x150 kernel/seccomp.c:1311
> syscall_trace_enter.isra.17+0x9c/0x270 kernel/entry/common.c:68
> do_syscall_64+0x15/0xb0 arch/x86/entry/common.c:76
> entry_SYSCALL_64_after_hwframe+0x44/0xae
> RIP: 0033:0x7f0e1e919f17
> Code: ff ff ff 48 8b 4d a0 0f b7 51 fe 48 8b 4d a8 66 89 54 08 fe e9
> 1a ff ff ff 66 2e 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 <c3> 0f
> 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00
> RSP: 002b:00007ffd23799818 EFLAGS: 00000206 ORIG_RAX: 0000000000000027
> RAX: ffffffffffffffda RBX: 00005565147301e0 RCX: 00007f0e1e919f17
> RDX: 00007ffd237998d8 RSI: 0000000000000001 RDI: 00005565147301e0
> RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
> R10: 0000000000000069 R11: 0000000000000206 R12: 00007ffd237998d8
> R13: 0000000000000bc6 R14: 00007ffd2379c6c0 R15: 00007ffd23799cd0
> NMI backtrace for cpu 3 skipped: idling at native_safe_halt
> arch/x86/include/asm/irqflags.h:51 [inline]
> NMI backtrace for cpu 3 skipped: idling at arch_safe_halt
> arch/x86/include/asm/irqflags.h:89 [inline]
> NMI backtrace for cpu 3 skipped: idling at default_idle+0xb/0x10
> arch/x86/kernel/process.c:716
> ----------------
> Code disassembly (best guess):
> 0: 00 41 57 add %al,0x57(%rcx)
> 3: 41 56 push %r14
> 5: 49 89 f6 mov %rsi,%r14
> 8: 41 55 push %r13
> a: 41 54 push %r12
> c: 55 push %rbp
> d: 53 push %rbx
> e: 48 83 ec 60 sub $0x60,%rsp
> 12: 65 48 8b 04 25 28 00 mov %gs:0x28,%rax
> 19: 00 00
> 1b: 48 89 44 24 58 mov %rax,0x58(%rsp)
> 20: 31 c0 xor %eax,%eax
> 22: 89 7c 24 08 mov %edi,0x8(%rsp)
> 26: 89 54 24 0c mov %edx,0xc(%rsp)
> * 2a: e8 62 b3 ff ff callq 0xffffb391 <-- trapping instruction
> 2f: 4d 85 f6 test %r14,%r14
> 32: 0f 84 ed 03 00 00 je 0x425
> 38: e8 54 b3 ff ff callq 0xffffb391
> 3d: 65 gs
> 3e: 48 rex.W
> 3f: 8b .byte 0x8b
>
Qu Wenruo <[email protected]> 于2021年9月14日周二 上午11:13写道:
>
>
>
> On 2021/9/14 上午10:44, Hao Sun wrote:
> > Hello,
> >
> > When using Healer to fuzz the latest Linux kernel, the following crash
> > was triggered.
> >
> > HEAD commit: 6880fa6c5660 Linux 5.15-rc1
> > git tree: upstream
> > console output:
> > https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing
> > kernel config: https://drive.google.com/file/d/1rUzyMbe5vcs6khA3tL9EHTLJvsUdWcgB/view?usp=sharing
>
> Any recorded info for the injected errors during the test?
>
> It's hanging on a tree lock, without knowing the error injected, it's
> really hard to find out what's the cause.
>
The `task hang` happened without any fault injection.
Based on the recorded logs
(https://drive.google.com/file/d/1x7u4JfyeL8WhetacBsPDVXm48SvVJUo7/view?usp=sharing
and https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing),
no fault-injection log was printed before the task hang.
Regards
Hao
On 2021/9/14 上午11:22, Hao Sun wrote:
> Qu Wenruo <[email protected]> 于2021年9月14日周二 上午11:13写道:
>>
>>
>>
>> On 2021/9/14 上午10:44, Hao Sun wrote:
>>> Hello,
>>>
>>> When using Healer to fuzz the latest Linux kernel, the following crash
>>> was triggered.
>>>
>>> HEAD commit: 6880fa6c5660 Linux 5.15-rc1
>>> git tree: upstream
>>> console output:
>>> https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing
>>> kernel config: https://drive.google.com/file/d/1rUzyMbe5vcs6khA3tL9EHTLJvsUdWcgB/view?usp=sharing
>>
>> Any recorded info for the injected errors during the test?
>>
>> It's hanging on a tree lock, without knowing the error injected, it's
>> really hard to find out what's the cause.
>>
>
> The `task hang` happened without any fault injection.
> Based on the recorded logs
> (https://drive.google.com/file/d/1x7u4JfyeL8WhetacBsPDVXm48SvVJUo7/view?usp=sharing
> and https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing),
> no fault-injection log was printed before the task hang.
OK, then it seems like a big problem.
Any workload log from the fuzzer so we can try to reproduce?
Or just using the tool?
Thanks,
Qu
>
> Regards
> Hao
>
Qu Wenruo <[email protected]> 于2021年9月14日周二 下午12:45写道:
>
>
>
> On 2021/9/14 上午11:22, Hao Sun wrote:
> > Qu Wenruo <[email protected]> 于2021年9月14日周二 上午11:13写道:
> >>
> >>
> >>
> >> On 2021/9/14 上午10:44, Hao Sun wrote:
> >>> Hello,
> >>>
> >>> When using Healer to fuzz the latest Linux kernel, the following crash
> >>> was triggered.
> >>>
> >>> HEAD commit: 6880fa6c5660 Linux 5.15-rc1
> >>> git tree: upstream
> >>> console output:
> >>> https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing
> >>> kernel config: https://drive.google.com/file/d/1rUzyMbe5vcs6khA3tL9EHTLJvsUdWcgB/view?usp=sharing
> >>
> >> Any recorded info for the injected errors during the test?
> >>
> >> It's hanging on a tree lock, without knowing the error injected, it's
> >> really hard to find out what's the cause.
> >>
> >
> > The `task hang` happened without any fault injection.
> > Based on the recorded logs
> > (https://drive.google.com/file/d/1x7u4JfyeL8WhetacBsPDVXm48SvVJUo7/view?usp=sharing
> > and https://drive.google.com/file/d/1U3ei_jCODG9N5UHOspSRmykrEDSey3Qn/view?usp=sharing),
> > no fault-injection log was printed before the task hang.
>
> OK, then it seems like a big problem.
>
> Any workload log from the fuzzer so we can try to reproduce?
>
> Or just using the tool?
>
Execution history:
https://drive.google.com/file/d/1yq_hKNHBbOh8NU_ZRNFYjP9NmnRv0RPL/view?usp=sharing
The above is the execution history with the latest 1024 progs saved
before the task hang happened.
However, it is always hard to get useful information from that and
also hard for fuzzer to reproduce the `task hang`.
I'll keep track of this bug and send you the reproducer program once
Healer found it.
Regards
Hao