INFO: task hung in serio_unregister

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	INFO: task hung in serio_unregister_port input				1	335d	335d	0/28	auto-obsoleted due to no activity on 2024/09/09 01:57

INFO: task syz.3.420:7547 blocked for more than 167 seconds. Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.3.420 state:D stack:27712 pid:7547 tgid:7547 ppid:5823 flags:0x00000004 Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0xe7/0x350 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 __mutex_lock_common kernel/locking/mutex.c:665 [inline] __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735 class_mutex_constructor include/linux/mutex.h:201 [inline] serio_unregister_port+0x1b/0x40 drivers/input/serio/serio.c:676 userio_char_release+0x91/0xe0 drivers/input/serio/userio.c:105 __fput+0x3f8/0xb60 fs/file_table.c:450 task_work_run+0x14e/0x250 kernel/task_work.c:239 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline] exit_to_user_mode_loop kernel/entry/common.c:114 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x27b/0x2a0 kernel/entry/common.c:218 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fd919785d29 RSP: 002b:00007ffd23233e68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 RAX: 0000000000000000 RBX: 000000000002fc81 RCX: 00007fd919785d29 RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 RBP: 00007fd919977ba0 R08: 0000000000000001 R09: 00007ffd2323415f R10: 00007fd919600000 R11: 0000000000000246 R12: 000000000002fcef R13: 00007fd919975fa0 R14: 0000000000000032 R15: ffffffffffffffff </TASK> INFO: task syz.2.419:7550 blocked for more than 148 seconds. Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz.2.419 state:D stack:26944 pid:7550 tgid:7549 ppid:5828 flags:0x00004006 Call Trace: <TASK> context_switch kernel/sched/core.c:5369 [inline] __schedule+0xe58/0x5ad0 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0xe7/0x350 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 __mutex_lock_common kernel/locking/mutex.c:665 [inline] __mutex_lock+0x62b/0xa60 kernel/locking/mutex.c:735 class_mutex_constructor include/linux/mutex.h:201 [inline] serio_unregister_port+0x1b/0x40 drivers/input/serio/serio.c:676 userio_char_release+0x91/0xe0 drivers/input/serio/userio.c:105 __fput+0x3f8/0xb60 fs/file_table.c:450 task_work_run+0x14e/0x250 kernel/task_work.c:239 get_signal+0x1d3/0x26c0 kernel/signal.c:2790 arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337 exit_to_user_mode_loop kernel/entry/common.c:111 [inline] exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline] __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fbb45b85d29 RSP: 002b:00007fbb46967038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: fffffffffffffe00 RBX: 00007fbb45d75fa0 RCX: 00007fbb45b85d29 RDX: 000000000000005d RSI: 00000000200001c0 RDI: 0000000000000007 RBP: 00007fbb45c01b08 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fbb45d75fa0 R15: 00007ffe811450e8 </TASK> Showing all locks held in the system: 3 locks held by kworker/0:1/9: #0: ffff88802169cd48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211 #1: ffffc900000e7d80 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212 #2: ffff888144f6e190 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:1014 [inline] #2: ffff888144f6e190 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c1/0x4e10 drivers/usb/core/hub.c:5851 4 locks held by kdevtmpfs/27: 1 lock held by khungtaskd/30: #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #0: ffffffff8e1bb900 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x7f/0x390 kernel/locking/lockdep.c:6744 2 locks held by kswapd0/89: 9 locks held by kworker/1:2/969: 4 locks held by kworker/u9:1/5127: #0: ffff888061aed948 ((wq_completion)hci5){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211 #1: ffffc900105f7d80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212 #2: ffff888030e94d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x170/0x410 net/bluetooth/hci_sync.c:331 #3: ffff888030e94078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x14e/0xfe0 net/bluetooth/hci_sync.c:5585 1 lock held by acpid/5174: 1 lock held by dhcpcd/5482: 2 locks held by getty/5569: #0: ffff8880349d00a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243 #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0xfba/0x1480 drivers/tty/n_tty.c:2211 1 lock held by syz-executor/5811: 4 locks held by kworker/u9:3/5817: #0: ffff8880615a4948 ((wq_completion)hci6){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0 kernel/workqueue.c:3211 #1: ffffc9000417fd80 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 kernel/workqueue.c:3212 #2: ffff888031340d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x170/0x410 net/bluetooth/hci_sync.c:331 #3: ffff888031340078 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x14e/0xfe0 net/bluetooth/hci_sync.c:5585 1 lock held by syz.3.420/7547: #0: ffffffff8f720c68 (serio_mutex){+.+.}-{4:4}, at: class_mutex_constructor include/linux/mutex.h:201 [inline] #0: ffffffff8f720c68 (serio_mutex){+.+.}-{4:4}, at: serio_unregister_port+0x1b/0x40 drivers/input/serio/serio.c:676 1 lock held by syz.2.419/7550: #0: ffffffff8f720c68 (serio_mutex){+.+.}-{4:4}, at: class_mutex_constructor include/linux/mutex.h:201 [inline] #0: ffffffff8f720c68 (serio_mutex){+.+.}-{4:4}, at: serio_unregister_port+0x1b/0x40 drivers/input/serio/serio.c:676 2 locks held by syz.0.432/7600: #0: ffff88802a9b4d80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_dev_do_close+0x26/0x90 net/bluetooth/hci_core.c:480 #1: ffff88802a9b4078 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x3ab/0x11a0 net/bluetooth/hci_sync.c:5201 1 lock held by syz-executor/7659: #0: ffffffff8e1c7238 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x1a4/0x3b0 kernel/rcu/tree_exp.h:329 2 locks held by syz-executor/7678: 2 locks held by syz-executor/7846: ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline] watchdog+0xf14/0x1240 kernel/hung_task.c:397 kthread+0x2c1/0x3a0 kernel/kthread.c:389 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 101 PID: 5482 Comm: dhcpcd Not tainted 6.13.0-rc7-syzkaller-00191-gfda5e3f28400 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 RIP: 0010:filter_irq_stacks+0x24/0x90 kernel/stacktrace.c:397 Code: 90 90 90 90 90 90 f3 0f 1e fa 85 f6 74 61 53 31 c0 48 bb 00 00 00 00 00 fc ff df 48 83 ec 10 48 89 fa 48 c1 ea 03 80 3c 1a 00 <75> 4a 48 8b 17 48 81 fa 30 02 40 8b 72 16 48 81 fa 70 16 40 8b 73 RSP: 0018:ffffc900046ef440 EFLAGS: 00000246 RAX: 000000000000000d RBX: dffffc0000000000 RCX: 0000000000000001 RDX: 1ffff920008ddea9 RSI: 0000000000000010 RDI: ffffc900046ef548 RBP: 0000000000000001 R08: ffffc900046ef3c4 R09: ffffffff91a41ce0 R10: ffffc900046ef390 R11: 00000000000a29c4 R12: 0000000000002800 R13: ffffc900046ef4e0 R14: dffffc0000000000 R15: 0000000000000000 FS: 00007f77e14ab740(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f2ea01f6d00 CR3: 00000000348ee000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <NMI> </NMI> <TASK> stack_depot_save_flags+0x28/0x9c0 lib/stackdepot.c:609 save_stack+0x16f/0x1f0 mm/page_owner.c:157 __reset_page_owner+0x8d/0x400 mm/page_owner.c:297 reset_page_owner include/linux/page_owner.h:25 [inline] free_pages_prepare mm/page_alloc.c:1127 [inline] free_unref_page+0x661/0x1080 mm/page_alloc.c:2659 __put_partials+0x14c/0x170 mm/slub.c:3157 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x4e/0x120 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x195/0x1e0 mm/kasan/quarantine.c:286 __kasan_slab_alloc+0x69/0x90 mm/kasan/common.c:329 kasan_slab_alloc include/linux/kasan.h:250 [inline] slab_post_alloc_hook mm/slub.c:4119 [inline] slab_alloc_node mm/slub.c:4168 [inline] __do_kmalloc_node mm/slub.c:4297 [inline] __kmalloc_node_track_caller_noprof+0x1d3/0x510 mm/slub.c:4317 kmalloc_reserve+0xef/0x2c0 net/core/skbuff.c:609 __alloc_skb+0x164/0x380 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1323 [inline] alloc_skb_with_frags+0xe4/0x850 net/core/skbuff.c:6612 sock_alloc_send_pskb+0x7f1/0x980 net/core/sock.c:2884 unix_dgram_sendmsg+0x4b8/0x19e0 net/unix/af_unix.c:2027 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg net/socket.c:726 [inline] sock_write_iter+0x4fe/0x5b0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0x5ae/0x1150 fs/read_write.c:679 ksys_write+0x207/0x250 fs/read_write.c:731 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f77e1575bf2 Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83 RSP: 002b:00007ffc9e88f6d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f77e14ab6c0 RCX: 00007f77e1575bf2 RDX: 000000000000003b RSI: 00007ffc9e88f6f0 RDI: 0000000000000005 RBP: 00007ffc9e88f6f0 R08: 0000000000000000 R09: 0000000000000000 R10: 000055ccd148b110 R11: 0000000000000246 R12: 000055ccd14856ea R13: 00007ffc9e88fb20 R14: 00007ffc9e890050 R15: 00007ffc9e88fc08 </TASK>

Crashes (1):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2025/01/19 16:31	upstream	fda5e3f28400	f2cb035c	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-selinux-root	INFO: task hung in serio_unregister_port

Crashes (1):

Assets (help?)