syzbot

 sign-in | mailing list | source | docs
🐞 Open [1566]
Subsystems
🐞 Fixed [6421]
🐞 Invalid [16299]
Missing Backports [199]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: task hung in pipe_write (6)

Status: upstream: reported C repro on 2025/02/18 09:37
Subsystems: netfs kernfs
[Documentation on labels]
Reported-by: syzbot+5984e31a805252b3b40a@syzkaller.appspotmail.com
First crash: 153d, last: 33d
Cause bisection: introduced by (bisect log) :
commit 7ba167c4c73ed96eb002c98a9d7d49317dfb0191
Author: David Howells <dhowells@redhat.com>
Date: Mon Mar 18 16:57:31 2024 +0000

  netfs: Switch to using unsigned long long rather than loff_t

Crash: INFO: task hung in pipe_write (log)
Repro: C syz .config
  
Discussions (3)
Title Replies (including bot) Last reply
[syzbot] Monthly netfs report (Jun 2025) 0 (1) 2025/06/23 07:30
[syzbot] Monthly netfs report (Feb 2025) 0 (1) 2025/02/23 22:20
[syzbot] [netfs?] INFO: task hung in pipe_write (6) 0 (1) 2025/02/18 09:37
Similar bugs (14)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in pipe_write (3) fs 1 1 2001d 2001d 0/29 auto-closed as invalid on 2020/04/25 05:37
android-44 INFO: task hung in pipe_write 1 1 2416d 2288d 0/2 auto-closed as invalid on 2019/06/05 06:19
upstream INFO: task hung in pipe_write (5) fs 1 4 244d 285d 0/29 auto-obsoleted due to no activity on 2025/02/15 05:49
upstream INFO: task hung in rtnetlink_rcv_msg net 1 C inconclusive inconclusive 1970 375d 2339d 26/29 fixed on 2024/07/09 19:14
upstream INFO: task hung in pipe_write (2) ext4 1 C done 6 2130d 2130d 0/29 closed as invalid on 2019/09/28 02:25
upstream INFO: task hung in pipe_write fs 1 8 2360d 2475d 0/29 auto-closed as invalid on 2019/07/30 21:09
linux-4.14 INFO: task hung in pipe_write 1 C 1 882d 999d 0/1 upstream: reported C repro on 2022/10/24 05:45
android-44 INFO: task hung in pipe_write (2) 1 1 2056d 2056d 0/2 auto-closed as invalid on 2020/03/31 01:26
android-49 INFO: task hung in pipe_write 1 C 3 2082d 2288d 0/3 public: reported C repro on 2019/04/14 08:51
linux-4.19 INFO: task hung in pipe_write 1 C error 13 969d 1868d 0/1 upstream: reported C repro on 2020/06/07 01:40
upstream INFO: task hung in pipe_write (4) fs 1 syz error 7 1268d 1815d 0/29 auto-obsoleted due to no activity on 2022/10/22 17:00
android-414 INFO: task hung in pipe_write 1 1 2104d 2104d 0/1 auto-closed as invalid on 2020/02/11 22:17
upstream INFO: task can't die in pipe_write (2) fs 1 1 1368d 1364d 0/29 auto-closed as invalid on 2021/12/19 10:46
upstream INFO: task can't die in pipe_write fs 1 1 1442d 1415d 0/29 auto-closed as invalid on 2021/10/06 11:40
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/03/25 02:18 24m retest repro upstream report log
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2025/06/16 13:31 1h58m bisect fix upstream OK (0) job log log
2025/05/17 03:41 1h55m bisect fix upstream OK (0) job log log
2025/04/11 11:30 2h20m bisect fix upstream OK (0) job log log

Sample crash report:
INFO: task kworker/1:2:837 blocked for more than 143 seconds.
      Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/1:2     state:D stack:25360 pid:837   tgid:837   ppid:2      task_flags:0x4208060 flags:0x00004000
Workqueue: events p9_write_work
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5377 [inline]
 __schedule+0x18bc/0x4c40 kernel/sched/core.c:6764
 __schedule_loop kernel/sched/core.c:6841 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6856
 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6913
 __mutex_lock_common kernel/locking/mutex.c:662 [inline]
 __mutex_lock+0x817/0x1010 kernel/locking/mutex.c:730
 pipe_write+0x1c6/0x1a30 fs/pipe.c:456
 __kernel_write_iter+0x433/0x950 fs/read_write.c:612
 __kernel_write fs/read_write.c:632 [inline]
 kernel_write+0x214/0x330 fs/read_write.c:653
 p9_fd_write net/9p/trans_fd.c:432 [inline]
 p9_write_work+0x57d/0xd70 net/9p/trans_fd.c:483
 process_one_work kernel/workqueue.c:3236 [inline]
 process_scheduled_works+0xabe/0x18e0 kernel/workqueue.c:3317
 worker_thread+0x870/0xd30 kernel/workqueue.c:3398
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline]
 #0: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline]
 #0: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6746
3 locks held by kworker/1:2/837:
 #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3211 [inline]
 #0: ffff88801b080d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0 kernel/workqueue.c:3317
 #1: ffffc90003547c60 ((work_completion)(&m->wq)){+.+.}-{0:0}, at: process_one_work kernel/workqueue.c:3212 [inline]
 #1: ffffc90003547c60 ((work_completion)(&m->wq)){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0 kernel/workqueue.c:3317
 #2: ffff8880233c5468 (&pipe->mutex){+.+.}-{4:4}, at: pipe_write+0x1c6/0x1a30 fs/pipe.c:456
2 locks held by getty/5577:
 #0: ffff8880354a20a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
 #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770 drivers/tty/n_tty.c:2211
2 locks held by syz-executor138/5815:
 #0: ffff8880233c5468 (&pipe->mutex){+.+.}-{4:4}, at: pipe_write+0x1c6/0x1a30 fs/pipe.c:456
 #1: ffff888077e802e8 (mapping.invalidate_lock#3){.+.+}-{4:4}, at: filemap_invalidate_lock_shared include/linux/fs.h:932 [inline]
 #1: ffff888077e802e8 (mapping.invalidate_lock#3){.+.+}-{4:4}, at: page_cache_ra_unbounded+0x156/0x820 mm/readahead.c:229

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:236 [inline]
 watchdog+0x1058/0x10a0 kernel/hung_task.c:399
 kthread+0x7a9/0x920 kernel/kthread.c:464
 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:48 [inline]
NMI backtrace for cpu 0 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:106 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30 drivers/acpi/processor_idle.c:111

Crashes (10):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/17 01:15 upstream ad1b832bf1cf 40a34ec9 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root INFO: task hung in pipe_write
2025/03/03 18:30 upstream 7eb172143d55 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: task hung in pipe_write
2025/03/03 04:46 upstream 7eb172143d55 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: task hung in pipe_write
2025/02/16 12:22 upstream 496659003dac 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root INFO: task hung in pipe_write
2025/03/11 02:08 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 0a6021b3fc20 16256247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
2025/03/10 23:47 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 0a6021b3fc20 16256247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
2025/03/10 16:22 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 77c95b8c7a16 16256247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
2025/03/06 13:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 14d05f12084d 831e3629 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
2025/02/21 19:04 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a1c24ab82279 0808a665 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
2025/02/17 18:41 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci a64dcfb451e2 9be4ace3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 INFO: task hung in pipe_write
* Struck through repros no longer work on HEAD.