syzbot

 sign-in | mailing list | source | docs
🐞 Open [196] 🐞 Fixed [42] 🐞 Invalid [470] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task hung in ep_free

Status: auto-closed as invalid on 2019/02/22 14:09
First crash: 2107d, last: 2107d

Sample crash report:
binder: 6272:6338 BC_DEAD_BINDER_DONE 0000000000000000 not found
binder: 6272:6337 ioctl c0306201 20000200 returned -22
INFO: task udevd:2372 blocked for more than 140 seconds.
      Not tainted 4.9.113-g47bbcd6 #62
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd           D28696  2372   2041 0x00000000
 ffff8801baba0000 0000000000000000 ffff8801ba96a4c0 ffff8801a316b000
 ffff8801db321c18 ffff8801babb7c68 ffffffff839e909d ffff8801baba08c8
 ffffed0037574118 ffff8801baba0000 00fffc0000000000 ffff8801db3224e8
Call Trace:
 [<ffffffff839ea69f>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
 [<ffffffff839eb023>] schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3586
 [<ffffffff839ef4a6>] __mutex_lock_common kernel/locking/mutex.c:582 [inline]
 [<ffffffff839ef4a6>] mutex_lock_nested+0x326/0x870 kernel/locking/mutex.c:621
 [<ffffffff8165d842>] ep_free+0x72/0x1b0 fs/eventpoll.c:762
 [<ffffffff8165d9c4>] ep_eventpoll_release+0x44/0x60 fs/eventpoll.c:802
 [<ffffffff815782e3>] __fput+0x263/0x700 fs/file_table.c:208
 [<ffffffff81578805>] ____fput+0x15/0x20 fs/file_table.c:244
 [<ffffffff8119838c>] task_work_run+0x10c/0x180 kernel/task_work.c:116
 [<ffffffff8100559c>] tracehook_notify_resume include/linux/tracehook.h:191 [inline]
 [<ffffffff8100559c>] exit_to_usermode_loop+0xfc/0x120 arch/x86/entry/common.c:161
 [<ffffffff810064d4>] prepare_exit_to_usermode arch/x86/entry/common.c:191 [inline]
 [<ffffffff810064d4>] syscall_return_slowpath arch/x86/entry/common.c:260 [inline]
 [<ffffffff810064d4>] do_syscall_64+0x364/0x490 arch/x86/entry/common.c:287
 [<ffffffff839f9f93>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb

Showing all locks held in the system:
2 locks held by khungtaskd/519:
 #0:  (rcu_read_lock){......}, at: [<ffffffff8136675c>] check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
 #0:  (rcu_read_lock){......}, at: [<ffffffff8136675c>] watchdog+0x11c/0xa20 kernel/hung_task.c:239
 #1:  (tasklist_lock){.+.+..}, at: [<ffffffff81425de7>] debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
1 lock held by udevd/2372:
 #0:  (epmutex){+.+.+.}, at: [<ffffffff8165d842>] ep_free+0x72/0x1b0 fs/eventpoll.c:762
1 lock held by udevd/2374:
 #0:  (epmutex){+.+.+.}, at: [<ffffffff8165d842>] ep_free+0x72/0x1b0 fs/eventpoll.c:762
1 lock held by rsyslogd/3675:
 #0:  (&f->f_pos_lock){+.+.+.}, at: [<ffffffff815d81ec>] __fdget_pos+0xac/0xd0 fs/file.c:781
2 locks held by getty/3772:
 #0:  (&tty->ldisc_sem){++++++}, at: [<ffffffff839f8142>] ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
 #1:  (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff8211ee22>] n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
1 lock held by udevd/6016:
 #0:  (epmutex){+.+.+.}, at: [<ffffffff8165d842>] ep_free+0x72/0x1b0 fs/eventpoll.c:762
1 lock held by syz-executor0/6335:
 #0:  (&ep->mtx){+.+.+.}, at: [<ffffffff8165c8ab>] ep_scan_ready_list+0x67b/0x8b0 fs/eventpoll.c:619
2 locks held by syz-executor0/6336:
 #0:  (epmutex){+.+.+.}, at: [<ffffffff8165e207>] eventpoll_release_file+0x27/0x140 fs/eventpoll.c:936
 #1:  (&ep->mtx){+.+.+.}, at: [<ffffffff8165e296>] eventpoll_release_file+0xb6/0x140 fs/eventpoll.c:939

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 519 Comm: khungtaskd Not tainted 4.9.113-g47bbcd6 #62
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
 ffff8801d84afd08 ffffffff81eb32a9 0000000000000000 0000000000000001
 0000000000000001 0000000000000001 ffffffff810b9bd0 ffff8801d84afd40
 ffffffff81ebe5a7 0000000000000001 0000000000000000 0000000000000003
Call Trace:
 [<ffffffff81eb32a9>] __dump_stack lib/dump_stack.c:15 [inline]
 [<ffffffff81eb32a9>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
 [<ffffffff81ebe5a7>] nmi_cpu_backtrace.cold.2+0x48/0x87 lib/nmi_backtrace.c:99
 [<ffffffff81ebe53a>] nmi_trigger_cpumask_backtrace+0x12a/0x14f lib/nmi_backtrace.c:60
 [<ffffffff810b9cd4>] arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:37
 [<ffffffff81366cf4>] trigger_all_cpu_backtrace include/linux/nmi.h:58 [inline]
 [<ffffffff81366cf4>] check_hung_task kernel/hung_task.c:125 [inline]
 [<ffffffff81366cf4>] check_hung_uninterruptible_tasks kernel/hung_task.c:182 [inline]
 [<ffffffff81366cf4>] watchdog+0x6b4/0xa20 kernel/hung_task.c:239
 [<ffffffff8119d0ad>] kthread+0x26d/0x300 kernel/kthread.c:211
 [<ffffffff839fa15c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff839f8ba6

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/07/19 18:46 https://android.googlesource.com/kernel/common android-4.9 47bbcd6bf8f9 49f35839 .config console log report ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.