syzbot


INFO: task hung in i2c_transfer (2)

Status: auto-closed as invalid on 2022/07/11 10:46
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 231d, last: 231d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in i2c_transfer 1 528d 528d 0/24 auto-closed as invalid on 2021/09/16 19:15

Sample crash report:
INFO: task syz-executor.1:15460 blocked for more than 430 seconds.
      Not tainted 5.18.0-rc2-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.1  state:D stack:    0 pid:15460 ppid:  2234 flags:0x00000001
Backtrace: 
[<816f7718>] (__schedule) from [<816f8198>] (schedule+0x54/0xbc kernel/sched/core.c:6460)
 r10:82905080 r9:00000000 r8:00000002 r7:00000000 r6:ec381df8 r5:84174500
 r4:84174500
[<816f8144>] (schedule) from [<816fbd48>] (rt_mutex_slowlock_block.constprop.0+0x38/0x164 kernel/locking/rtmutex.c:1518)
 r5:84174500 r4:8293b854
[<816fbd10>] (rt_mutex_slowlock_block.constprop.0) from [<816fcf0c>] (__rt_mutex_slowlock.constprop.0+0x74/0xf8 kernel/locking/rtmutex.c:1584)
 r10:80e987e8 r9:84174500 r8:20000380 r7:00000002 r6:ec381df8 r5:8293b854
 r4:84174500 r3:ec381df8
[<816fce98>] (__rt_mutex_slowlock.constprop.0) from [<816fd03c>] (__rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1617 [inline])
[<816fce98>] (__rt_mutex_slowlock.constprop.0) from [<816fd03c>] (rt_mutex_slowlock kernel/locking/rtmutex.c:1646 [inline])
[<816fce98>] (__rt_mutex_slowlock.constprop.0) from [<816fd03c>] (__rt_mutex_lock kernel/locking/rtmutex.c:1658 [inline])
[<816fce98>] (__rt_mutex_slowlock.constprop.0) from [<816fd03c>] (__rt_mutex_lock_common kernel/locking/rtmutex_api.c:31 [inline])
[<816fce98>] (__rt_mutex_slowlock.constprop.0) from [<816fd03c>] (rt_mutex_lock+0xac/0xc4 kernel/locking/rtmutex_api.c:71)
 r7:851f0000 r6:a0000013 r5:8293b854 r4:00000000
[<816fcf90>] (rt_mutex_lock) from [<80e91ffc>] (i2c_adapter_lock_bus+0x14/0x18 drivers/i2c/i2c-core-base.c:826)
 r6:ec381e90 r5:00000001 r4:8293b840
[<80e91fe8>] (i2c_adapter_lock_bus) from [<80e93c0c>] (i2c_lock_bus include/linux/i2c.h:791 [inline])
[<80e91fe8>] (i2c_adapter_lock_bus) from [<80e93c0c>] (__i2c_lock_bus_helper drivers/i2c/i2c-core.h:44 [inline])
[<80e91fe8>] (i2c_adapter_lock_bus) from [<80e93c0c>] (i2c_transfer+0x94/0x134 drivers/i2c/i2c-core-base.c:2172)
[<80e93b78>] (i2c_transfer) from [<80e93d04>] (i2c_transfer_buffer_flags+0x58/0x8c drivers/i2c/i2c-core-base.c:2204)
 r6:85515780 r5:851f0400 r4:00000278
[<80e93cac>] (i2c_transfer_buffer_flags) from [<80e98838>] (i2c_master_send include/linux/i2c.h:110 [inline])
[<80e93cac>] (i2c_transfer_buffer_flags) from [<80e98838>] (i2cdev_write+0x50/0x90 drivers/i2c/i2c-dev.c:175)
 r4:00000278
[<80e987e8>] (i2cdev_write) from [<80490ee8>] (vfs_write+0xb0/0x404 fs/read_write.c:589)
 r7:ec381f68 r6:00000278 r5:85515780 r4:00000000
[<80490e38>] (vfs_write) from [<804913a4>] (ksys_write+0x68/0xec fs/read_write.c:644)
 r10:00000004 r9:84174500 r8:802002a4 r7:00000000 r6:00000000 r5:85515780
 r4:85515781
[<8049133c>] (ksys_write) from [<80491438>] (__do_sys_write fs/read_write.c:656 [inline])
[<8049133c>] (ksys_write) from [<80491438>] (sys_write+0x10/0x14 fs/read_write.c:653)
 r7:00000004 r6:0012bfc8 r5:00000000 r4:00000000
[<80491428>] (sys_write) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:64)
Exception stack(0xec381fa8 to 0xec381ff0)
1fa0:                   00000000 00000000 00000003 20000380 00000278 00000000
1fc0: 00000000 00000000 0012bfc8 00000004 7e98a312 76fa56d0 7e98a4a4 76fa520c
1fe0: 76fa5020 76fa5010 000163a0 0004bf80
NMI backtrace for cpu 0
CPU: 0 PID: 25 Comm: khungtaskd Not tainted 5.18.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<816da0a8>] (dump_backtrace) from [<816da3d8>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:253)
 r7:00000000 r6:00000000 r5:60000093 r4:81d73b94
[<816da3c0>] (show_stack) from [<816e2cd8>] (__dump_stack lib/dump_stack.c:88 [inline])
[<816da3c0>] (show_stack) from [<816e2cd8>] (dump_stack_lvl+0x48/0x54 lib/dump_stack.c:106)
[<816e2c90>] (dump_stack_lvl) from [<816e2cfc>] (dump_stack+0x18/0x1c lib/dump_stack.c:113)
 r5:00000013 r4:00000000
[<816e2ce4>] (dump_stack) from [<80810134>] (nmi_cpu_backtrace+0x114/0x180 lib/nmi_backtrace.c:111)
[<80810020>] (nmi_cpu_backtrace) from [<808102d0>] (nmi_trigger_cpumask_backtrace+0x130/0x1d0 lib/nmi_backtrace.c:62)
 r7:00000000 r6:8220c494 r5:8220ccd0 r4:00000000
[<808101a0>] (nmi_trigger_cpumask_backtrace) from [<8021110c>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:863)
 r9:0001ef40 r8:82204d00 r7:00007f65 r6:8248992c r5:8220c5e4 r4:855aa640
[<802110f4>] (arch_trigger_cpumask_backtrace) from [<8032b4f4>] (trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline])
[<802110f4>] (arch_trigger_cpumask_backtrace) from [<8032b4f4>] (check_hung_uninterruptible_tasks kernel/hung_task.c:212 [inline])
[<802110f4>] (arch_trigger_cpumask_backtrace) from [<8032b4f4>] (watchdog+0x4a0/0x58c kernel/hung_task.c:369)
[<8032b054>] (watchdog) from [<8026abfc>] (kthread+0xf0/0x120 kernel/kthread.c:376)
 r10:00000000 r9:df81de4c r8:82a61fc0 r7:00000000 r6:8032b054 r5:828f2280
 r4:82a64f40
[<8026ab0c>] (kthread) from [<80200100>] (ret_from_fork+0x14/0x34 arch/arm/kernel/entry-common.S:148)
Exception stack(0xdf8e5fb0 to 0xdf8e5ff8)
5fa0:                                     00000000 00000000 00000000 00000000
5fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
5fe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026ab0c r4:82a64f40
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 2016 Comm: syslogd Not tainted 5.18.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at 0x76e0a3b0
LR is at 0x76de0780
pc : [<76e0a3b0>]    lr : [<76de0780>]    psr: 200e0010
sp : 7e8db618  ip : 00000025  fp : 7e8dbb04
r10: 76ed7780  r9 : 76ed7d14  r8 : 0000006c
r7 : 000bcb7d  r6 : 000bcb6f  r5 : 00000090  r4 : 7e8dbb10
r3 : 000bcb7e  r2 : 0000000a  r1 : 00000025  r0 : 000bcb7d
Flags: nzCv  IRQs on  FIQs on  Mode USER_32  ISA ARM  Segment none
Control: 30c5387d  Table: 8446b080  DAC: 00000000
CPU: 1 PID: 2016 Comm: syslogd Not tainted 5.18.0-rc2-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: frame pointer underflow
[<816da0a8>] (dump_backtrace) from [<816da3d8>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:253)
 r7:00000017 r6:ebacdfb0 r5:600e0193 r4:81d73b94
[<816da3c0>] (show_stack) from [<816e2cd8>] (__dump_stack lib/dump_stack.c:88 [inline])
[<816da3c0>] (show_stack) from [<816e2cd8>] (dump_stack_lvl+0x48/0x54 lib/dump_stack.c:106)
[<816e2c90>] (dump_stack_lvl) from [<816e2cfc>] (dump_stack+0x18/0x1c lib/dump_stack.c:113)
 r5:000e0193 r4:00000001
[<816e2ce4>] (dump_stack) from [<80209164>] (show_regs+0x14/0x18 arch/arm/kernel/process.c:204)
[<80209150>] (show_regs) from [<8081011c>] (nmi_cpu_backtrace+0xfc/0x180 lib/nmi_backtrace.c:109)
[<80810020>] (nmi_cpu_backtrace) from [<80210228>] (do_handle_IPI+0x4c/0x3b4 arch/arm/kernel/smp.c:678)
 r7:00000017 r6:00000001 r5:8280cc40 r4:00000007
[<802101dc>] (do_handle_IPI) from [<802105b0>] (ipi_handler+0x20/0x28 arch/arm/kernel/smp.c:706)
 r9:76ed7d14 r8:df805f68 r7:00000017 r6:8190943c r5:8280cc40 r4:82886d00
[<80210590>] (ipi_handler) from [<802b94bc>] (handle_percpu_devid_irq+0x9c/0x2d4 kernel/irq/chip.c:928)
[<802b9420>] (handle_percpu_devid_irq) from [<802b2bf8>] (generic_handle_irq_desc include/linux/irqdesc.h:158 [inline])
[<802b9420>] (handle_percpu_devid_irq) from [<802b2bf8>] (handle_irq_desc kernel/irq/irqdesc.c:646 [inline])
[<802b9420>] (handle_percpu_devid_irq) from [<802b2bf8>] (generic_handle_domain_irq+0x48/0x8c kernel/irq/irqdesc.c:703)
 r10:76ed7780 r9:76ed7d14 r8:00000000 r7:df80a00c r6:84205080 r5:00000007
 r4:82888000 r3:802b9420
[<802b2bb0>] (generic_handle_domain_irq) from [<80821ef4>] (gic_handle_irq+0x68/0x7c drivers/irqchip/irq-gic.c:372)
 r7:df80a00c r6:820a7144 r5:df80a000 r4:8220ccec
[<80821e8c>] (gic_handle_irq) from [<816f55ec>] (generic_handle_arch_irq+0x60/0x80 kernel/irq/handle.c:238)
 r7:ebacdfb0 r6:81f20f00 r5:81f20f18 r4:820a7138
[<816f558c>] (generic_handle_arch_irq) from [<80803504>] (call_with_stack+0x1c/0x20 arch/arm/lib/call_with_stack.S:40)
 r9:76ed7d14 r8:820a0044 r7:84205080 r6:ffffffff r5:200e0010 r4:76e0a3b0
[<808034e8>] (call_with_stack) from [<80200ed0>] (__irq_usr+0x70/0x80 arch/arm/kernel/entry-armv.S:450)
Exception stack(0xebacdfb0 to 0xebacdff8)
dfa0:                                     000bcb7d 00000025 0000000a 000bcb7e
dfc0: 7e8dbb10 00000090 000bcb6f 000bcb7d 0000006c 76ed7d14 76ed7780 7e8dbb04
dfe0: 00000025 7e8db618 76de0780 76e0a3b0 200e0010 ffffffff

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-qemu2-arm32 2022/04/12 10:43 upstream ce522ba9ef7e af01ee7d .config log report info INFO: task hung in i2c_transfer
* Struck through repros no longer work on HEAD.