syzbot

 sign-in | mailing list | source | docs
🐞 Open [985] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12501] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task hung in i2c_smbus_xfer

Status: auto-obsoleted due to no activity on 2022/11/20 21:07
Subsystems: i2c
[Documentation on labels]
First crash: 621d, last: 611d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in i2c_smbus_xfer (2) i2c 1 423d 423d 0/26 auto-obsoleted due to no activity on 2023/05/28 06:23

Sample crash report:
INFO: task syz-executor.0:27585 blocked for more than 430 seconds.
      Not tainted 5.19.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0  state:D stack:    0 pid:27585 ppid:  2227 flags:0x00000001
Backtrace: 
[<8171bca8>] (__schedule) from [<8171c794>] (schedule+0x5c/0xac kernel/sched/core.c:6566)
 r10:83c819e0 r9:00000000 r8:00000002 r7:00000000 r6:ebf85dd8 r5:835dc680
 r4:835dc680
[<8171c738>] (schedule) from [<81721460>] (rt_mutex_slowlock_block.constprop.0+0x38/0x164 kernel/locking/rtmutex.c:1520)
 r5:835dc680 r4:82a5a054
[<81721428>] (rt_mutex_slowlock_block.constprop.0) from [<81722628>] (__rt_mutex_slowlock.constprop.0+0x78/0x23c kernel/locking/rtmutex.c:1588)
 r10:83c819e0 r9:00000000 r8:ebf85dd8 r7:00000002 r6:82a5a054 r5:00000000
 r4:835dc680 r3:ebf85dd8
[<817225b0>] (__rt_mutex_slowlock.constprop.0) from [<81722898>] (__rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1624 [inline])
[<817225b0>] (__rt_mutex_slowlock.constprop.0) from [<81722898>] (rt_mutex_slowlock kernel/locking/rtmutex.c:1653 [inline])
[<817225b0>] (__rt_mutex_slowlock.constprop.0) from [<81722898>] (__rt_mutex_lock kernel/locking/rtmutex.c:1665 [inline])
[<817225b0>] (__rt_mutex_slowlock.constprop.0) from [<81722898>] (__rt_mutex_lock_common kernel/locking/rtmutex_api.c:31 [inline])
[<817225b0>] (__rt_mutex_slowlock.constprop.0) from [<81722898>] (rt_mutex_lock+0xac/0xc4 kernel/locking/rtmutex_api.c:71)
 r9:00000000 r8:00000000 r7:00000000 r6:a0000013 r5:82a5a054 r4:00000000
[<817227ec>] (rt_mutex_lock) from [<80eaa480>] (i2c_adapter_lock_bus+0x14/0x18 drivers/i2c/i2c-core-base.c:826)
 r6:00000000 r5:00000000 r4:82a5a040
[<80eaa46c>] (i2c_adapter_lock_bus) from [<80eaf824>] (i2c_lock_bus include/linux/i2c.h:792 [inline])
[<80eaa46c>] (i2c_adapter_lock_bus) from [<80eaf824>] (__i2c_lock_bus_helper drivers/i2c/i2c-core.h:44 [inline])
[<80eaa46c>] (i2c_adapter_lock_bus) from [<80eaf824>] (i2c_smbus_xfer+0x58/0x114 drivers/i2c/i2c-core-smbus.c:541)
[<80eaf7cc>] (i2c_smbus_xfer) from [<80eb178c>] (i2cdev_ioctl_smbus+0x1b0/0x2d4 drivers/i2c/i2c-dev.c:348)
 r8:84507900 r7:00000000 r6:00000000 r5:87f2f400 r4:00000000
[<80eb15dc>] (i2cdev_ioctl_smbus) from [<80eb1b5c>] (i2cdev_ioctl+0x2ac/0x34c drivers/i2c/i2c-dev.c:467)
 r9:00000003 r8:84507900 r7:20000080 r6:87f2f400 r5:00000720 r4:20000080
[<80eb18b0>] (i2cdev_ioctl) from [<804b45d8>] (vfs_ioctl fs/ioctl.c:51 [inline])
[<80eb18b0>] (i2cdev_ioctl) from [<804b45d8>] (do_vfs_ioctl fs/ioctl.c:830 [inline])
[<80eb18b0>] (i2cdev_ioctl) from [<804b45d8>] (__do_sys_ioctl fs/ioctl.c:868 [inline])
[<80eb18b0>] (i2cdev_ioctl) from [<804b45d8>] (sys_ioctl+0x110/0xa74 fs/ioctl.c:856)
 r6:84507901 r5:00000000 r4:00000720
[<804b44c8>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:64)
Exception stack(0xebf85fa8 to 0xebf85ff0)
5fa0:                   00000000 00000000 00000003 00000720 20000080 00000000
5fc0: 00000000 00000000 0012bfd0 00000036 7ef073b2 76fa46d0 7ef07544 76fa420c
5fe0: 76fa4020 76fa4010 00016420 0004c150
 r10:00000036 r9:835dc680 r8:80200288 r7:00000036 r6:0012bfd0 r5:00000000
 r4:00000000
NMI backtrace for cpu 1
CPU: 1 PID: 26 Comm: khungtaskd Not tainted 5.19.0-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<816fd818>] (dump_backtrace) from [<816fdb48>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:253)
 r7:00000001 r6:00000000 r5:600f0093 r4:81d83918
[<816fdb30>] (show_stack) from [<81706ab0>] (__dump_stack lib/dump_stack.c:88 [inline])
[<816fdb30>] (show_stack) from [<81706ab0>] (dump_stack_lvl+0x48/0x54 lib/dump_stack.c:106)
[<81706a68>] (dump_stack_lvl) from [<81706ad4>] (dump_stack+0x18/0x1c lib/dump_stack.c:113)
 r5:000f0013 r4:00000001
[<81706abc>] (dump_stack) from [<80821dc0>] (nmi_cpu_backtrace+0x164/0x180 lib/nmi_backtrace.c:111)
[<80821c5c>] (nmi_cpu_backtrace) from [<80821f0c>] (nmi_trigger_cpumask_backtrace+0x130/0x1d0 lib/nmi_backtrace.c:62)
 r7:00000001 r6:8240c498 r5:8240ccd4 r4:00000000
[<80821ddc>] (nmi_trigger_cpumask_backtrace) from [<80210f7c>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:863)
 r9:000fb9c0 r8:82404d40 r7:00007f3d r6:8268895c r5:8240c5fc r4:83f3a038
[<80210f64>] (arch_trigger_cpumask_backtrace) from [<8032d870>] (trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline])
[<80210f64>] (arch_trigger_cpumask_backtrace) from [<8032d870>] (check_hung_uninterruptible_tasks kernel/hung_task.c:212 [inline])
[<80210f64>] (arch_trigger_cpumask_backtrace) from [<8032d870>] (watchdog+0x4a8/0x598 kernel/hung_task.c:369)
[<8032d3c8>] (watchdog) from [<8026a520>] (kthread+0xf0/0x120 kernel/kthread.c:376)
 r10:00000000 r9:df819e4c r8:82a19a80 r7:00000000 r6:8032d3c8 r5:828f4680
 r4:82ada300
[<8026a430>] (kthread) from [<80200100>] (ret_from_fork+0x14/0x34 arch/arm/kernel/entry-common.S:148)
Exception stack(0xdf8c9fb0 to 0xdf8c9ff8)
9fa0:                                     00000000 00000000 00000000 00000000
9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
9fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026a430 r4:82ada300
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 27554 Comm: syz-executor.1 Not tainted 5.19.0-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sclhi+0x5c/0x9c drivers/i2c/algos/i2c-algo-bit.c:86
LR is at sclhi+0x5c/0x9c drivers/i2c/algos/i2c-algo-bit.c:86
pc : [<80eb2684>]    lr : [<80eb2684>]    psr: 20000113
sp : ebf6dd38  ip : ebf6dd38  fp : ebf6dd54
r10: 0000007b  r9 : 81f4c2ac  r8 : 00000001
r7 : 00000001  r6 : 000fb96d  r5 : 82404d40  r4 : 82a5a2e0
r3 : df8be000  r2 : 00000064  r1 : 00000001  r0 : 00000000
Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 853a74c0  DAC: fffffffd
CPU: 0 PID: 27554 Comm: syz-executor.1 Not tainted 5.19.0-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: frame pointer underflow
[<816fd818>] (dump_backtrace) from [<816fdb48>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:253)
 r7:00000017 r6:ebf6dce8 r5:60000193 r4:81d83918
[<816fdb30>] (show_stack) from [<81706ab0>] (__dump_stack lib/dump_stack.c:88 [inline])
[<816fdb30>] (show_stack) from [<81706ab0>] (dump_stack_lvl+0x48/0x54 lib/dump_stack.c:106)
[<81706a68>] (dump_stack_lvl) from [<81706ad4>] (dump_stack+0x18/0x1c lib/dump_stack.c:113)
 r5:00000193 r4:00000000
[<81706abc>] (dump_stack) from [<8020911c>] (show_regs+0x14/0x18 arch/arm/kernel/process.c:204)
[<80209108>] (show_regs) from [<80821d04>] (nmi_cpu_backtrace+0xa8/0x180 lib/nmi_backtrace.c:109)
[<80821c5c>] (nmi_cpu_backtrace) from [<802101e8>] (do_handle_IPI+0x4c/0x3b4 arch/arm/kernel/smp.c:678)
 r7:00000017 r6:00000000 r5:8280cc40 r4:00000007
[<8021019c>] (do_handle_IPI) from [<80210570>] (ipi_handler+0x20/0x28 arch/arm/kernel/smp.c:706)
 r9:835e4680 r8:df801f78 r7:00000017 r6:8190da44 r5:8280cc40 r4:82887d00
[<80210550>] (ipi_handler) from [<802b957c>] (handle_percpu_devid_irq+0x9c/0x2d4 kernel/irq/chip.c:930)
[<802b94e0>] (handle_percpu_devid_irq) from [<802b2e88>] (generic_handle_irq_desc include/linux/irqdesc.h:158 [inline])
[<802b94e0>] (handle_percpu_devid_irq) from [<802b2e88>] (handle_irq_desc kernel/irq/irqdesc.c:648 [inline])
[<802b94e0>] (handle_percpu_devid_irq) from [<802b2e88>] (generic_handle_domain_irq+0x30/0x40 kernel/irq/irqdesc.c:704)
 r10:0000007b r9:835e4680 r8:00000000 r7:df80a00c r6:822a81f0 r5:df80a000
 r4:8240ccec r3:00010000
[<802b2e58>] (generic_handle_domain_irq) from [<8083393c>] (gic_handle_irq+0x68/0x7c drivers/irqchip/irq-gic.c:372)
[<808338d4>] (gic_handle_irq) from [<81719b0c>] (generic_handle_arch_irq+0x60/0x80 kernel/irq/handle.c:238)
 r7:ebf6dce8 r6:81f3376c r5:81f33784 r4:822a81e4
[<81719aac>] (generic_handle_arch_irq) from [<80815070>] (call_with_stack+0x1c/0x20 arch/arm/lib/call_with_stack.S:40)
 r9:835e4680 r8:00000001 r7:ebf6dd1c r6:ffffffff r5:20000113 r4:80eb2684
[<80815054>] (call_with_stack) from [<80200b44>] (__irq_svc+0x84/0xac arch/arm/kernel/entry-armv.S:221)
Exception stack(0xebf6dce8 to 0xebf6dd30)
dce0:                   00000000 00000001 00000064 df8be000 82a5a2e0 82404d40
dd00: 000fb96d 00000001 00000001 81f4c2ac 0000007b ebf6dd54 ebf6dd38 ebf6dd38
dd20: 80eb2684 80eb2684 20000113 ffffffff
[<80eb2628>] (sclhi) from [<80eb2da8>] (i2c_outb+0x58/0x110 drivers/i2c/algos/i2c-algo-bit.c:164)
 r7:00000001 r6:81f4c2ac r5:00000006 r4:82a5a2e0
[<80eb2d50>] (i2c_outb) from [<80eb2ec0>] (try_address+0x60/0x88 drivers/i2c/algos/i2c-algo-bit.c:341)
 r7:82a5a040 r6:000000ab r5:82a5a2e0 r4:ffffff92
[<80eb2e60>] (try_address) from [<80eb3010>] (bit_doAddress drivers/i2c/algos/i2c-algo-bit.c:523 [inline])
[<80eb2e60>] (try_address) from [<80eb3010>] (bit_xfer+0x128/0x564 drivers/i2c/algos/i2c-algo-bit.c:563)
 r10:82a5a040 r9:82404d40 r8:000000ab r7:82a5a2e0 r6:81f4c2ac r5:00000000
 r4:00000000 r3:00000000
[<80eb2ee8>] (bit_xfer) from [<80eaba08>] (__i2c_transfer drivers/i2c/i2c-core-base.c:2109 [inline])
[<80eb2ee8>] (bit_xfer) from [<80eaba08>] (__i2c_transfer+0x17c/0x84c drivers/i2c/i2c-core-base.c:2074)
 r10:8240c440 r9:82404d40 r8:00000000 r7:ebf6de80 r6:00000001 r5:000f585c
 r4:82a5a040
[<80eab88c>] (__i2c_transfer) from [<80eac17c>] (i2c_transfer+0xa4/0x134 drivers/i2c/i2c-core-base.c:2170)
 r10:80eb11a4 r9:835e4680 r8:87f2e400 r7:00000000 r6:ebf6de80 r5:00000001
 r4:82a5a040
[<80eac0d8>] (i2c_transfer) from [<80eac264>] (i2c_transfer_buffer_flags+0x58/0x8c drivers/i2c/i2c-core-base.c:2198)
 r6:87f7fd80 r5:00000010 r4:00000000
[<80eac20c>] (i2c_transfer_buffer_flags) from [<80eb11f4>] (i2c_master_recv include/linux/i2c.h:80 [inline])
[<80eac20c>] (i2c_transfer_buffer_flags) from [<80eb11f4>] (i2cdev_read+0x50/0xec drivers/i2c/i2c-dev.c:151)
 r4:00000000
[<80eb11a4>] (i2cdev_read) from [<8049d068>] (vfs_read+0xa4/0x298 fs/read_write.c:469)
 r9:835e4680 r8:00000000 r7:ebf6df68 r6:00000000 r5:87f7fd80 r4:00000000
[<8049cfc4>] (vfs_read) from [<8049d678>] (ksys_read+0x68/0xec fs/read_write.c:609)
 r10:00000003 r9:835e4680 r8:80200288 r7:00000000 r6:00000000 r5:87f7fd80
 r4:87f7fd81
[<8049d610>] (ksys_read) from [<8049d70c>] (__do_sys_read fs/read_write.c:619 [inline])
[<8049d610>] (ksys_read) from [<8049d70c>] (sys_read+0x10/0x14 fs/read_write.c:617)
 r7:00000003 r6:0012c060 r5:00000000 r4:00000000
[<8049d6fc>] (sys_read) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:64)
Exception stack(0xebf6dfa8 to 0xebf6dff0)
dfa0:                   00000000 00000000 00000003 00000000 00000000 00000000
dfc0: 00000000 00000000 0012c060 00000003 7ef363b2 76f006d0 7ef36544 76f0020c
dfe0: 76f00020 76f00010 00016420 0004c150

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/22 21:06 upstream c1c76700a0d6 26a13b38 .config console log report info ci-qemu2-arm32 INFO: task hung in i2c_smbus_xfer
2022/08/13 07:25 upstream c1c76700a0d6 8dfcaa3d .config console log report info ci-qemu2-arm32 INFO: task hung in i2c_smbus_xfer
* Struck through repros no longer work on HEAD.