syzbot


INFO: task hung in lock_sock_nested (2)

Status: fixed on 2020/04/15 17:19
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+731710996d79d0d58fbc@syzkaller.appspotmail.com
Fix commit: 3f74957fcbea vsock: fix potential deadlock in transport->release()
First crash: 1585d, last: 1568d
Cause bisection: introduced by (bisect log) :
commit 408624af4c89989117bb2c6517bd50b7708a2fcd
Author: Stefano Garzarella <sgarzare@redhat.com>
Date: Tue Dec 10 10:43:06 2019 +0000

  vsock: use local transport when it is loaded

Crash: INFO: task hung in lock_sock_nested (log)
Repro: C syz .config
  
Discussions (4)
Title Replies (including bot) Last reply
[PATCH net] vsock: fix potential deadlock in transport->release() 3 (3) 2020/02/27 20:04
Re: INFO: task hung in lock_sock_nested (2) 1 (1) 2020/02/25 09:07
Re: INFO: task hung in lock_sock_nested (2) 3 (3) 2020/02/25 08:30
INFO: task hung in lock_sock_nested (2) 0 (1) 2020/02/22 18:58
Similar bugs (14)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in lock_sock_nested net C 2593 1585d 2385d 0/27 closed as dup on 2017/12/23 20:15
android-44 INFO: task hung in lock_sock_nested (2) 4 1667d 1763d 0/2 auto-closed as invalid on 2020/03/27 01:37
linux-4.19 INFO: task hung in lock_sock_nested (3) 6 514d 728d 0/1 upstream: reported on 2022/06/23 22:52
upstream INFO: task hung in lock_sock_nested (3) net C done 5 1357d 1358d 15/27 fixed on 2020/11/16 12:12
android-49 INFO: task hung in lock_sock_nested (2) 2 1746d 1865d 0/3 auto-closed as invalid on 2020/01/08 15:18
linux-4.14 INFO: task hung in lock_sock_nested 1 1688d 1688d 0/1 auto-closed as invalid on 2020/03/06 15:38
linux-4.14 INFO: task hung in lock_sock_nested (2) 1 1425d 1425d 0/1 auto-closed as invalid on 2020/11/24 03:07
android-44 INFO: task hung in lock_sock_nested C 82 2305d 2307d 0/2 closed as invalid on 2019/03/08 00:11
upstream INFO: task can't die in __lock_sock bluetooth C done error 1067 227d 1041d 0/27 auto-obsoleted due to no activity on 2024/01/16 13:36
upstream INFO: task hung in lock_sock_nested (4) mptcp C done 6 1251d 1297d 19/27 fixed on 2021/03/10 01:48
android-49 INFO: task hung in lock_sock_nested C 101 1945d 2307d 0/3 closed as invalid on 2019/03/08 00:11
android-414 INFO: task hung in lock_sock_nested 65 1711d 1896d 0/1 auto-closed as invalid on 2020/02/12 04:11
linux-4.19 INFO: task hung in lock_sock_nested (2) 1 925d 925d 0/1 auto-closed as invalid on 2022/04/08 17:15
linux-4.19 INFO: task hung in lock_sock_nested 1 1505d 1505d 0/1 auto-closed as invalid on 2020/09/05 19:53
Last patch testing requests (2)
Created Duration User Patch Repo Result
2020/02/26 10:39 18m sgarzare@redhat.com https://github.com/stefano-garzarella/linux.git vsock-fix-deadlock OK
2020/02/25 11:16 19m sgarzare@redhat.com https://github.com/stefano-garzarella/linux.git vsock-fix-deadlock OK

Sample crash report:
INFO: task syz-executor236:11039 blocked for more than 143 seconds.
      Not tainted 5.6.0-rc3-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor236 D27248 11039  11037 0x00000000
Call Trace:
 context_switch kernel/sched/core.c:3380 [inline]
 __schedule+0x934/0x1f90 kernel/sched/core.c:4080
 schedule+0xdc/0x2b0 kernel/sched/core.c:4154
 __lock_sock+0x165/0x290 net/core/sock.c:2413
 lock_sock_nested+0xfe/0x120 net/core/sock.c:2938
 virtio_transport_release+0xc4/0xd60 net/vmw_vsock/virtio_transport_common.c:832
 vsock_assign_transport+0xf3/0x3b0 net/vmw_vsock/af_vsock.c:454
 vsock_stream_connect+0x2b3/0xc70 net/vmw_vsock/af_vsock.c:1288
 __sys_connect_file+0x161/0x1c0 net/socket.c:1857
 __sys_connect+0x174/0x1b0 net/socket.c:1874
 __do_sys_connect net/socket.c:1885 [inline]
 __se_sys_connect net/socket.c:1882 [inline]
 __x64_sys_connect+0x73/0xb0 net/socket.c:1882
 do_syscall_64+0xfa/0x790 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4401b9
Code: Bad RIP value.
RSP: 002b:00007ffeb6a237c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401b9
RDX: 0000000000000010 RSI: 0000000020000440 RDI: 0000000000000003
RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401a40
R13: 0000000000401ad0 R14: 0000000000000000 R15: 0000000000000000

Showing all locks held in the system:
1 lock held by khungtaskd/1114:
 #0: ffffffff89bac280 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x279 kernel/locking/lockdep.c:5333
1 lock held by rsyslogd/10887:
 #0: ffff8880a8e275e0 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:821
2 locks held by getty/11009:
 #0: ffff88809711d090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000184b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11010:
 #0: ffff8880a9a72090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000186b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11011:
 #0: ffff88809826b090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000187b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11012:
 #0: ffff8880972e2090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000185b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11013:
 #0: ffff8880a7644090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000180b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11014:
 #0: ffff8880982b1090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc9000188b2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
2 locks held by getty/11015:
 #0: ffff888093d9d090 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:340
 #1: ffffc900017cf2e0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x220/0x1bf0 drivers/tty/n_tty.c:2156
1 lock held by syz-executor236/11039:
 #0: ffff8880a1de98d0 (sk_lock-AF_VSOCK){+.+.}, at: lock_sock include/net/sock.h:1541 [inline]
 #0: ffff8880a1de98d0 (sk_lock-AF_VSOCK){+.+.}, at: vsock_stream_connect+0xfb/0xc70 net/vmw_vsock/af_vsock.c:1258

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1114 Comm: khungtaskd Not tainted 5.6.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x197/0x210 lib/dump_stack.c:118
 nmi_cpu_backtrace.cold+0x70/0xb2 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x23b/0x28b lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0xb11/0x10c0 kernel/hung_task.c:289
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:60

Crashes (418):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/25 02:45 upstream f8788d86ab28 59b57593 .config console log report syz C ci-upstream-kasan-gce-selinux-root
2020/02/23 22:20 upstream 0a115e5f23b9 2c36e7a7 .config console log report syz C ci-upstream-kasan-gce-root
2020/02/20 17:20 upstream ca7e1fd1026c 81230308 .config console log report syz C ci-upstream-kasan-gce
2020/02/20 17:14 net-old 41f57cfde186 81230308 .config console log report syz C ci-upstream-net-this-kasan-gce
2020/02/20 15:49 net-next-old 2bb07f4e1d86 81230308 .config console log report syz C ci-upstream-net-kasan-gce
2020/03/06 13:15 linux-next c99b17ac0399 c88c7b75 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2020/03/06 12:40 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/06 03:53 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/06 01:17 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/05 16:46 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/05 09:41 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce
2020/03/05 05:15 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/05 05:12 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/04 20:59 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/04 19:46 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/04 12:36 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/04 10:08 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/04 06:26 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-smack-root
2020/03/04 04:30 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce
2020/03/04 02:00 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/03 12:41 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/03 01:44 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/02 19:54 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce
2020/03/02 18:43 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/02 16:19 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-selinux-root
2020/03/02 00:45 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-root
2020/03/06 04:11 upstream 63623fd44972 c88c7b75 .config console log report ci-upstream-kasan-gce-386
2020/03/06 10:43 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/05 20:04 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/05 15:25 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/05 01:26 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/04 23:07 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/04 19:42 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/04 01:50 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/04 00:04 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/03 19:39 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/03 14:30 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/03 13:25 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/03 10:26 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/02 22:21 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/02 18:38 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/02 14:58 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/02 05:26 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/03/02 03:52 net-old 3614d05b5e6b c88c7b75 .config console log report ci-upstream-net-this-kasan-gce
2020/02/18 17:35 net-old 9b64208f74fb 012fbc32 .config console log report ci-upstream-net-this-kasan-gce
2020/03/06 18:03 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/03 16:57 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/03 06:42 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/03 03:41 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/02 13:58 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/02 09:23 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/02 05:40 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/02 02:25 net-next-old 3b3e808cd883 c88c7b75 .config console log report ci-upstream-net-kasan-gce
2020/03/05 04:01 linux-next c99b17ac0399 c88c7b75 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/03/04 03:23 linux-next c99b17ac0399 c88c7b75 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/03/03 21:33 linux-next c99b17ac0399 c88c7b75 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/03/03 20:04 linux-next c99b17ac0399 c88c7b75 .config console log report ci-upstream-linux-next-kasan-gce-root
2020/03/03 00:03 linux-next c99b17ac0399 c88c7b75 .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.