syzbot

 sign-in | mailing list | source | docs
🐞 Open [738]
🐞 Fixed [119]
🐞 Invalid [762]
Missing Backports [75]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

INFO: task hung in do_unlinkat

Status: upstream: reported C repro on 2024/12/30 08:52
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+a526eb1cd43f444c16f0@syzkaller.appspotmail.com
First crash: 154d, last: 28d
Fix bisection: failed (error log, bisect log)
  
Bug presence (3)
Date Name Commit Repro Result
2025/05/05 linux-6.1.y (ToT) ac7079a42ea5 C [report] INFO: task hung in do_unlinkat
2025/01/03 upstream (ToT) 0bc21e701a6f C [report] BUG: workqueue lockup
2025/05/05 upstream (ToT) 01f95500a162 C Didn't crash
Similar bugs (9)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 INFO: task hung in do_unlinkat (2) 1 918d 918d 0/1 auto-obsoleted due to no activity on 2023/03/27 07:50
android-49 INFO: task hung in do_unlinkat 5 2470d 2582d 0/3 auto-closed as invalid on 2019/02/24 11:49
upstream INFO: task hung in do_unlinkat (5) bcachefs jfs C error 104 8d22h 365d 0/28 upstream: reported C repro on 2024/06/02 14:09
upstream INFO: task hung in do_unlinkat (2) fs 4 1576d 1576d 0/28 auto-closed as invalid on 2021/05/17 08:41
upstream INFO: task hung in do_unlinkat exfat 34 2331d 2567d 0/28 closed as dup on 2018/10/27 13:26
upstream INFO: task hung in do_unlinkat (3) fs 2 1295d 1338d 0/28 closed as invalid on 2022/02/07 19:19
linux-4.19 INFO: task hung in do_unlinkat 1 1048d 1048d 0/1 auto-obsoleted due to no activity on 2022/11/17 10:56
upstream INFO: task hung in do_unlinkat (4) exfat 4 887d 993d 0/28 auto-obsoleted due to no activity on 2023/04/08 02:53
linux-5.15 INFO: task hung in do_unlinkat 3 239d 386d 0/3 auto-obsoleted due to no activity on 2025/01/15 03:04
Fix bisection attempts (3)
Created Duration User Patch Repo Result
2025/05/10 17:20 18m fix candidate upstream error job log
2025/03/08 07:32 17m bisect fix linux-6.1.y error job log
2025/02/05 15:30 2h24m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
INFO: task syz-executor234:4325 blocked for more than 143 seconds.
      Tainted: G        W          6.1.122-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor234 state:D stack:0     pid:4325  ppid:4313   flags:0x00000005
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6558
 schedule+0xc4/0x170 kernel/sched/core.c:6634
 rwsem_down_write_slowpath+0xc80/0x156c kernel/locking/rwsem.c:1189
 __down_write_common kernel/locking/rwsem.c:1314 [inline]
 __down_write kernel/locking/rwsem.c:1323 [inline]
 down_write_nested+0x90/0x94 kernel/locking/rwsem.c:1690
 inode_lock_nested include/linux/fs.h:793 [inline]
 do_unlinkat+0x2d0/0x70c fs/namei.c:4373
 __do_sys_unlinkat fs/namei.c:4433 [inline]
 __se_sys_unlinkat fs/namei.c:4426 [inline]
 __arm64_sys_unlinkat+0xcc/0xfc fs/namei.c:4426
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
INFO: task syz-executor234:4327 blocked for more than 143 seconds.
      Tainted: G        W          6.1.122-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor234 state:D stack:0     pid:4327  ppid:4316   flags:0x00000005
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6558
 schedule+0xc4/0x170 kernel/sched/core.c:6634
 rwsem_down_write_slowpath+0xc80/0x156c kernel/locking/rwsem.c:1189
 __down_write_common kernel/locking/rwsem.c:1314 [inline]
 __down_write kernel/locking/rwsem.c:1323 [inline]
 down_write_nested+0x90/0x94 kernel/locking/rwsem.c:1690
 inode_lock_nested include/linux/fs.h:793 [inline]
 do_unlinkat+0x2d0/0x70c fs/namei.c:4373
 __do_sys_unlinkat fs/namei.c:4433 [inline]
 __se_sys_unlinkat fs/namei.c:4426 [inline]
 __arm64_sys_unlinkat+0xcc/0xfc fs/namei.c:4426
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
INFO: task syz-executor234:4334 blocked for more than 143 seconds.
      Tainted: G        W          6.1.122-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor234 state:D stack:0     pid:4334  ppid:4317   flags:0x00000005
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6558
 schedule+0xc4/0x170 kernel/sched/core.c:6634
 rwsem_down_write_slowpath+0xc80/0x156c kernel/locking/rwsem.c:1189
 __down_write_common kernel/locking/rwsem.c:1314 [inline]
 __down_write kernel/locking/rwsem.c:1323 [inline]
 down_write_nested+0x90/0x94 kernel/locking/rwsem.c:1690
 inode_lock_nested include/linux/fs.h:793 [inline]
 do_unlinkat+0x2d0/0x70c fs/namei.c:4373
 __do_sys_unlinkat fs/namei.c:4433 [inline]
 __se_sys_unlinkat fs/namei.c:4426 [inline]
 __arm64_sys_unlinkat+0xcc/0xfc fs/namei.c:4426
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
INFO: task syz-executor234:4335 blocked for more than 143 seconds.
      Tainted: G        W          6.1.122-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor234 state:D stack:0     pid:4335  ppid:4314   flags:0x00000005
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6558
 schedule+0xc4/0x170 kernel/sched/core.c:6634
 rwsem_down_write_slowpath+0xc80/0x156c kernel/locking/rwsem.c:1189
 __down_write_common kernel/locking/rwsem.c:1314 [inline]
 __down_write kernel/locking/rwsem.c:1323 [inline]
 down_write_nested+0x90/0x94 kernel/locking/rwsem.c:1690
 inode_lock_nested include/linux/fs.h:793 [inline]
 do_unlinkat+0x2d0/0x70c fs/namei.c:4373
 __do_sys_unlinkat fs/namei.c:4433 [inline]
 __se_sys_unlinkat fs/namei.c:4426 [inline]
 __arm64_sys_unlinkat+0xcc/0xfc fs/namei.c:4426
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
INFO: task syz-executor234:4336 blocked for more than 143 seconds.
      Tainted: G        W          6.1.122-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor234 state:D stack:0     pid:4336  ppid:4315   flags:0x00000005
Call trace:
 __switch_to+0x308/0x598 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xef4/0x1d44 kernel/sched/core.c:6558
 schedule+0xc4/0x170 kernel/sched/core.c:6634
 rwsem_down_write_slowpath+0xc80/0x156c kernel/locking/rwsem.c:1189
 __down_write_common kernel/locking/rwsem.c:1314 [inline]
 __down_write kernel/locking/rwsem.c:1323 [inline]
 down_write_nested+0x90/0x94 kernel/locking/rwsem.c:1690
 inode_lock_nested include/linux/fs.h:793 [inline]
 do_unlinkat+0x2d0/0x70c fs/namei.c:4373
 __do_sys_unlinkat fs/namei.c:4433 [inline]
 __se_sys_unlinkat fs/namei.c:4426 [inline]
 __arm64_sys_unlinkat+0xcc/0xfc fs/namei.c:4426
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2bc arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x13c arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffff800015c65570 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xd10 kernel/rcu/tasks.h:543
1 lock held by rcu_tasks_trace/13:
 #0: ffff800015c65d90 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xd10 kernel/rcu/tasks.h:543
1 lock held by khungtaskd/28:
 #0: ffff800015c653a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:349
2 locks held by getty/4052:
 #0: ffff0000d6235098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80001d8302f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 drivers/tty/n_tty.c:2198
2 locks held by syz-executor234/4321:
2 locks held by syz-executor234/4325:
 #0: ffff0000daf24460 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e4674188 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:793 [inline]
 #1: ffff0000e4674188 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: do_unlinkat+0x2d0/0x70c fs/namei.c:4373
2 locks held by syz-executor234/4323:
2 locks held by syz-executor234/4327:
 #0: ffff0000dafb2460 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e4654188 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:793 [inline]
 #1: ffff0000e4654188 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: do_unlinkat+0x2d0/0x70c fs/namei.c:4373
3 locks held by syz-executor234/4333:
2 locks held by syz-executor234/4334:
 #0: ffff0000db54e460 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e46746d0 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:793 [inline]
 #1: ffff0000e46746d0 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: do_unlinkat+0x2d0/0x70c fs/namei.c:4373
2 locks held by syz-executor234/4330:
2 locks held by syz-executor234/4335:
 #0: ffff0000d517a460 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e46546d0 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:793 [inline]
 #1: ffff0000e46546d0 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: do_unlinkat+0x2d0/0x70c fs/namei.c:4373
3 locks held by syz-executor234/4332:
2 locks held by syz-executor234/4336:
 #0: ffff0000d9468460 (sb_writers#10){.+.+}-{0:0}, at: mnt_want_write+0x44/0x9c fs/namespace.c:393
 #1: ffff0000e4674c18 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: inode_lock_nested include/linux/fs.h:793 [inline]
 #1: ffff0000e4674c18 (&type->i_mutex_dir_key#8/1){+.+.}-{3:3}, at: do_unlinkat+0x2d0/0x70c fs/namei.c:4373

=============================================

Crashes (12):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/01/02 07:32 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2025/01/02 03:00 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2025/01/01 11:48 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2025/01/01 06:46 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2025/01/01 02:03 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/31 14:39 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/31 09:24 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/31 04:00 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/30 18:52 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/30 13:48 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/30 22:54 linux-6.1.y 563edd786f0a d3ccff63 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
2024/12/30 08:51 linux-6.1.y 563edd786f0a d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 INFO: task hung in do_unlinkat
* Struck through repros no longer work on HEAD.