syzbot


INFO: task hung in hub_event (2)

Status: auto-obsoleted due to no activity on 2023/12/29 05:51
Reported-by: syzbot+c774162812d893565ead@syzkaller.appspotmail.com
First crash: 388d, last: 388d
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in hub_event usb 19 1834d 2010d 0/28 auto-closed as invalid on 2020/01/02 20:34
linux-4.14 INFO: task hung in hub_event 5 1006d 1028d 0/1 auto-closed as invalid on 2022/05/10 10:19
upstream INFO: task hung in hub_event (2) usb 27 1005d 1050d 0/28 closed as invalid on 2022/02/08 09:40
linux-5.15 INFO: task hung in hub_event (2) 1 293d 293d 0/3 auto-obsoleted due to no activity on 2024/04/01 17:35
upstream INFO: task hung in hub_event (3) usb 316 3h31m 636d 0/28 upstream: reported on 2023/01/14 20:19
linux-5.15 INFO: task hung in hub_event (3) 1 82d 82d 0/3 upstream: reported on 2024/07/21 18:51
linux-5.15 INFO: task hung in hub_event 3 405d 569d 0/3 auto-obsoleted due to no activity on 2023/12/12 00:26
linux-6.1 INFO: task hung in hub_event 2 551d 579d 0/3 auto-obsoleted due to no activity on 2023/08/08 09:24

Sample crash report:
INFO: task kworker/0:1:14 blocked for more than 143 seconds.
      Not tainted 6.1.54-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:1     state:D stack:0     pid:14    ppid:2      flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x320/0x754 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xee4/0x1c98 kernel/sched/core.c:6554
 schedule+0xc4/0x170 kernel/sched/core.c:6630
 schedule_preempt_disabled+0x18/0x2c kernel/sched/core.c:6689
 __mutex_lock_common+0xbd8/0x21a0 kernel/locking/mutex.c:679
 __mutex_lock kernel/locking/mutex.c:747 [inline]
 mutex_lock_nested+0x38/0x44 kernel/locking/mutex.c:799
 hub_port_connect drivers/usb/core/hub.c:5312 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 port_event drivers/usb/core/hub.c:5711 [inline]
 hub_event+0x1bb0/0x4354 drivers/usb/core/hub.c:5793
 process_one_work+0x7ac/0x1404 kernel/workqueue.c:2292
 worker_thread+0x8e4/0xfec kernel/workqueue.c:2439
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
INFO: task kworker/0:8:4372 blocked for more than 143 seconds.
      Not tainted 6.1.54-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:8     state:D stack:0     pid:4372  ppid:2      flags:0x00000008
Workqueue: usb_hub_wq hub_event
Call trace:
 __switch_to+0x320/0x754 arch/arm64/kernel/process.c:553
 context_switch kernel/sched/core.c:5241 [inline]
 __schedule+0xee4/0x1c98 kernel/sched/core.c:6554
 schedule+0xc4/0x170 kernel/sched/core.c:6630
 usb_kill_urb+0x1b4/0x32c drivers/usb/core/urb.c:728
 usb_start_wait_urb+0x16c/0x414 drivers/usb/core/message.c:64
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0x228/0x3f8 drivers/usb/core/message.c:153
 get_bMaxPacketSize0 drivers/usb/core/hub.c:4697 [inline]
 hub_port_init+0xe74/0x21b4 drivers/usb/core/hub.c:4965
 hub_port_connect drivers/usb/core/hub.c:5344 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 port_event drivers/usb/core/hub.c:5711 [inline]
 hub_event+0x20c0/0x4354 drivers/usb/core/hub.c:5793
 process_one_work+0x7ac/0x1404 kernel/workqueue.c:2292
 worker_thread+0x8e4/0xfec kernel/workqueue.c:2439
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860

Showing all locks held in the system:
1 lock held by rcu_tasks_kthre/12:
 #0: ffff800015a84ef0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:516
1 lock held by rcu_tasks_trace/13:
 #0: ffff800015a856f0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x44/0xcf4 kernel/rcu/tasks.h:516
5 locks held by kworker/0:1/14:
 #0: ffff0000c4652938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x664/0x1404 kernel/workqueue.c:2265
 #1: ffff800019ed7c20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x6a8/0x1404 kernel/workqueue.c:2267
 #2: ffff0000d2069190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:836 [inline]
 #2: ffff0000d2069190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1ac/0x4354 drivers/usb/core/hub.c:5739
 #3: ffff0000d206d510 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3110 [inline]
 #3: ffff0000d206d510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5311 [inline]
 #3: ffff0000d206d510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 #3: ffff0000d206d510 (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5711 [inline]
 #3: ffff0000d206d510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x1b88/0x4354 drivers/usb/core/hub.c:5793
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5312 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5711 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x1bb0/0x4354 drivers/usb/core/hub.c:5793
1 lock held by khungtaskd/28:
 #0: ffff800015a84d20 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0xc/0x44 include/linux/rcupdate.h:305
2 locks held by getty/3980:
 #0: ffff0000d7a78098 (&tty->ldisc_sem){++++}-{0:0}, at: ldsem_down_read+0x3c/0x4c drivers/tty/tty_ldsem.c:340
 #1: ffff80001bd802f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x414/0x1214 drivers/tty/n_tty.c:2188
2 locks held by kworker/u4:6/4332:
5 locks held by kworker/0:8/4372:
 #0: ffff0000c4652938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x664/0x1404 kernel/workqueue.c:2265
 #1: ffff80001f627c20 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x6a8/0x1404 kernel/workqueue.c:2267
 #2: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:836 [inline]
 #2: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1ac/0x4354 drivers/usb/core/hub.c:5739
 #3: ffff0000d20ba510 (&port_dev->status_lock){+.+.}-{3:3}, at: usb_lock_port drivers/usb/core/hub.c:3110 [inline]
 #3: ffff0000d20ba510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5311 [inline]
 #3: ffff0000d20ba510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 #3: ffff0000d20ba510 (&port_dev->status_lock){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5711 [inline]
 #3: ffff0000d20ba510 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x1b88/0x4354 drivers/usb/core/hub.c:5793
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect drivers/usb/core/hub.c:5312 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_port_connect_change drivers/usb/core/hub.c:5555 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: port_event drivers/usb/core/hub.c:5711 [inline]
 #4: ffff0000d1b52668 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x1bb0/0x4354 drivers/usb/core/hub.c:5793
1 lock held by syz-executor.4/10255:
 #0: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:836 [inline]
 #0: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: usbdev_open+0x13c/0x6c0 drivers/usb/core/devio.c:1052
1 lock held by syz-executor.4/10417:
 #0: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:836 [inline]
 #0: ffff0000d20af190 (&dev->mutex){....}-{3:3}, at: usbdev_open+0x13c/0x6c0 drivers/usb/core/devio.c:1052

=============================================


Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/09/20 05:50 linux-6.1.y a356197db198 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 INFO: task hung in hub_event
* Struck through repros no longer work on HEAD.