syzbot

 sign-in | mailing list | source | docs
🐞 Open [1027] Subsystems 🐞 Fixed [5251] 🐞 Invalid [12571] Missing Backports [86] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task hung in i2c_smbus_xfer (2)

Status: auto-obsoleted due to no activity on 2023/05/28 06:23
Subsystems: i2c
[Documentation on labels]
First crash: 432d, last: 432d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in i2c_smbus_xfer i2c 2 621d 630d 0/26 auto-obsoleted due to no activity on 2022/11/20 21:07

Sample crash report:
INFO: task syz-executor.0:18462 blocked for more than 430 seconds.
      Not tainted 6.2.0-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor.0  state:D stack:0     pid:18462 ppid:2963   flags:0x00000001
Backtrace: 
[<817d9ef4>] (__schedule) from [<817dab6c>] (schedule+0x5c/0xac kernel/sched/core.c:6698)
 r10:83eff300 r9:00000000 r8:00000002 r7:00000000 r6:ee5addd8 r5:83efae00
 r4:83efae00
[<817dab10>] (schedule) from [<817dfe28>] (rt_mutex_slowlock_block.constprop.0+0x38/0x164 kernel/locking/rtmutex.c:1558)
 r5:83efae00 r4:82b29054
[<817dfdf0>] (rt_mutex_slowlock_block.constprop.0) from [<817e0ff0>] (__rt_mutex_slowlock.constprop.0+0x78/0x270 kernel/locking/rtmutex.c:1626)
 r10:83bf4650 r9:00000000 r8:ee5addd8 r7:00000002 r6:82b29054 r5:00000000
 r4:83efae00 r3:ee5addd8
[<817e0f78>] (__rt_mutex_slowlock.constprop.0) from [<817e1294>] (__rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1662 [inline])
[<817e0f78>] (__rt_mutex_slowlock.constprop.0) from [<817e1294>] (rt_mutex_slowlock kernel/locking/rtmutex.c:1691 [inline])
[<817e0f78>] (__rt_mutex_slowlock.constprop.0) from [<817e1294>] (__rt_mutex_lock kernel/locking/rtmutex.c:1703 [inline])
[<817e0f78>] (__rt_mutex_slowlock.constprop.0) from [<817e1294>] (__rt_mutex_lock_common kernel/locking/rtmutex_api.c:31 [inline])
[<817e0f78>] (__rt_mutex_slowlock.constprop.0) from [<817e1294>] (rt_mutex_lock+0xac/0xc4 kernel/locking/rtmutex_api.c:71)
 r9:00000000 r8:00000000 r7:00000000 r6:a0000013 r5:82b29054 r4:00000000
[<817e11e8>] (rt_mutex_lock) from [<80f11520>] (i2c_adapter_lock_bus+0x14/0x18 drivers/i2c/i2c-core-base.c:830)
 r6:00000000 r5:00000000 r4:82b29040
[<80f1150c>] (i2c_adapter_lock_bus) from [<80f16b8c>] (i2c_lock_bus include/linux/i2c.h:793 [inline])
[<80f1150c>] (i2c_adapter_lock_bus) from [<80f16b8c>] (__i2c_lock_bus_helper drivers/i2c/i2c-core.h:44 [inline])
[<80f1150c>] (i2c_adapter_lock_bus) from [<80f16b8c>] (i2c_smbus_xfer+0x58/0x114 drivers/i2c/i2c-core-smbus.c:541)
[<80f16b34>] (i2c_smbus_xfer) from [<80f1896c>] (i2cdev_ioctl_smbus+0x1b0/0x2d4 drivers/i2c/i2c-dev.c:348)
 r8:849513c0 r7:00000000 r6:00000000 r5:8542b400 r4:00000000
[<80f187bc>] (i2cdev_ioctl_smbus) from [<80f18d3c>] (i2cdev_ioctl+0x2ac/0x34c drivers/i2c/i2c-dev.c:467)
 r9:00000003 r8:849513c0 r7:20000080 r6:8542b400 r5:00000720 r4:20000080
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (vfs_ioctl fs/ioctl.c:51 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (do_vfs_ioctl fs/ioctl.c:830 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (__do_sys_ioctl fs/ioctl.c:868 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (sys_ioctl+0x110/0xa70 fs/ioctl.c:856)
 r6:849513c1 r5:00000000 r4:00000720
[<804d703c>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xee5adfa8 to 0xee5adff0)
dfa0:                   00000000 00000000 00000003 00000720 20000080 00000000
dfc0: 00000000 00000000 0014c2b8 00000036 7e9403c2 76b9d6d0 7e940534 76b9d20c
dfe0: 76b9d020 76b9d010 00016fec 0004dfa0
 r10:00000036 r9:83efae00 r8:80200288 r7:00000036 r6:0014c2b8 r5:00000000
 r4:00000000
NMI backtrace for cpu 1
CPU: 1 PID: 27 Comm: khungtaskd Not tainted 6.2.0-syzkaller #0
Hardware name: ARM-Versatile Express
Backtrace: 
[<817ba29c>] (dump_backtrace) from [<817ba390>] (show_stack+0x18/0x1c arch/arm/kernel/traps.c:256)
 r7:00000000 r6:8240c5e8 r5:600c0093 r4:81d90010
[<817ba378>] (show_stack) from [<817d6a10>] (__dump_stack lib/dump_stack.c:88 [inline])
[<817ba378>] (show_stack) from [<817d6a10>] (dump_stack_lvl+0x48/0x54 lib/dump_stack.c:106)
[<817d69c8>] (dump_stack_lvl) from [<817d6a34>] (dump_stack+0x18/0x1c lib/dump_stack.c:113)
 r5:00000001 r4:00000001
[<817d6a1c>] (dump_stack) from [<817a7c94>] (nmi_cpu_backtrace+0x170/0x18c lib/nmi_backtrace.c:113)
[<817a7b24>] (nmi_cpu_backtrace) from [<817a7e30>] (nmi_trigger_cpumask_backtrace+0x180/0x228 lib/nmi_backtrace.c:62)
 r9:00000002 r8:8020fd74 r7:00000001 r6:8240c5e8 r5:8240c49c r4:00000000
[<817a7cb0>] (nmi_trigger_cpumask_backtrace) from [<80210ebc>] (arch_trigger_cpumask_backtrace+0x18/0x1c arch/arm/kernel/smp.c:854)
 r10:00000064 r9:00052400 r8:82404d40 r7:00007f3a r6:82693168 r5:8240c604
 r4:85324864 r3:00000001
[<80210ea4>] (arch_trigger_cpumask_backtrace) from [<803354a0>] (trigger_all_cpu_backtrace include/linux/nmi.h:148 [inline])
[<80210ea4>] (arch_trigger_cpumask_backtrace) from [<803354a0>] (check_hung_uninterruptible_tasks kernel/hung_task.c:222 [inline])
[<80210ea4>] (arch_trigger_cpumask_backtrace) from [<803354a0>] (watchdog+0x4a4/0x5a8 kernel/hung_task.c:379)
[<80334ffc>] (watchdog) from [<8026b490>] (kthread+0xec/0x11c kernel/kthread.c:376)
 r10:00000000 r9:df819e4c r8:82aa1f00 r7:00000000 r6:80334ffc r5:828fb980
 r4:82a39d00
[<8026b3a4>] (kthread) from [<80200100>] (ret_from_fork+0x14/0x34 arch/arm/kernel/entry-common.S:133)
Exception stack(0xdf8cdfb0 to 0xdf8cdff8)
dfa0:                                     00000000 00000000 00000000 00000000
dfc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
dfe0: 00000000 00000000 00000000 00000000 00000013 00000000
 r9:00000000 r8:00000000 r7:00000000 r6:00000000 r5:8026b3a4 r4:82a39d00
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 18441 Comm: syz-executor.1 Not tainted 6.2.0-syzkaller #0
Hardware name: ARM-Versatile Express
PC is at sclhi+0x5c/0x9c drivers/i2c/algos/i2c-algo-bit.c:86
LR is at sclhi+0x5c/0x9c drivers/i2c/algos/i2c-algo-bit.c:86
pc : [<80f19860>]    lr : [<80f19860>]    psr: 20030113
sp : ee4d1c68  ip : ee4d1c68  fp : ee4d1c84
r10: 00000126  r9 : 81f63350  r8 : 00000000
r7 : 82b29040  r6 : 000523ef  r5 : 82404d40  r4 : 82b292e0
r3 : df8c2000  r2 : 00000064  r1 : 00000001  r0 : 00000000
Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
Control: 30c5387d  Table: 848c2980  DAC: fffffffd
Backtrace: 
[<80f19804>] (sclhi) from [<80f198e4>] (i2c_stop+0x44/0x60 drivers/i2c/algos/i2c-algo-bit.c:138)
 r7:82b29040 r6:00008000 r5:81f63350 r4:82b292e0
[<80f198a0>] (i2c_stop) from [<80f1a06c>] (try_address+0x34/0x88 drivers/i2c/algos/i2c-algo-bit.c:330)
 r5:82b292e0 r4:ffffff92
[<80f1a038>] (try_address) from [<80f1a1ec>] (bit_doAddress drivers/i2c/algos/i2c-algo-bit.c:512 [inline])
[<80f1a038>] (try_address) from [<80f1a1ec>] (bit_xfer+0x12c/0x58c drivers/i2c/algos/i2c-algo-bit.c:552)
 r10:8240c440 r9:82404d40 r8:00008000 r7:82b292e0 r6:81f63350 r5:00000000
 r4:00000000 r3:00000000
[<80f1a0c0>] (bit_xfer) from [<80f12b88>] (__i2c_transfer drivers/i2c/i2c-core-base.c:2210 [inline])
[<80f1a0c0>] (bit_xfer) from [<80f12b88>] (__i2c_transfer+0x178/0x86c drivers/i2c/i2c-core-base.c:2175)
 r10:8240c440 r9:82404d40 r8:00000000 r7:ee4d1db4 r6:00000001 r5:00043ae0
 r4:82b29040
[<80f12a10>] (__i2c_transfer) from [<80f163bc>] (i2c_smbus_xfer_emulated drivers/i2c/i2c-core-smbus.c:469 [inline])
[<80f12a10>] (__i2c_transfer) from [<80f163bc>] (__i2c_smbus_xfer drivers/i2c/i2c-core-smbus.c:607 [inline])
[<80f12a10>] (__i2c_transfer) from [<80f163bc>] (__i2c_smbus_xfer+0x6e0/0xe58 drivers/i2c/i2c-core-smbus.c:553)
 r10:00000000 r9:00000000 r8:ee4d1db4 r7:00000000 r6:00000000 r5:00000000
 r4:82b29040
[<80f15cdc>] (__i2c_smbus_xfer) from [<80f16bb0>] (i2c_smbus_xfer drivers/i2c/i2c-core-smbus.c:545 [inline])
[<80f15cdc>] (__i2c_smbus_xfer) from [<80f16bb0>] (i2c_smbus_xfer+0x7c/0x114 drivers/i2c/i2c-core-smbus.c:535)
 r10:83bf4650 r9:00000018 r8:00000000 r7:00000018 r6:00000000 r5:00000000
 r4:82b29040
[<80f16b34>] (i2c_smbus_xfer) from [<80f188f0>] (i2cdev_ioctl_smbus+0x134/0x2d4 drivers/i2c/i2c-dev.c:381)
 r8:00000002 r7:20000040 r6:00000000 r5:84011c00 r4:00000003
[<80f187bc>] (i2cdev_ioctl_smbus) from [<80f18d3c>] (i2cdev_ioctl+0x2ac/0x34c drivers/i2c/i2c-dev.c:467)
 r9:00000003 r8:84a92b40 r7:20000080 r6:84011c00 r5:00000720 r4:20000080
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (vfs_ioctl fs/ioctl.c:51 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (do_vfs_ioctl fs/ioctl.c:830 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (__do_sys_ioctl fs/ioctl.c:868 [inline])
[<80f18a90>] (i2cdev_ioctl) from [<804d714c>] (sys_ioctl+0x110/0xa70 fs/ioctl.c:856)
 r6:84a92b41 r5:00000000 r4:00000720
[<804d703c>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:66)
Exception stack(0xee4d1fa8 to 0xee4d1ff0)
1fa0:                   00000000 00000000 00000003 00000720 20000080 00000000
1fc0: 00000000 00000000 0014c2b8 00000036 7ef113c2 76bd56d0 7ef11534 76bd520c
1fe0: 76bd5020 76bd5010 00016fec 0004dfa0
 r10:00000036 r9:83eff300 r8:80200288 r7:00000036 r6:0014c2b8 r5:00000000
 r4:00000000

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/02/27 06:14 upstream 2fcd07b7ccd5 e792ae78 .config console log report info ci-qemu2-arm32 INFO: task hung in i2c_smbus_xfer
* Struck through repros no longer work on HEAD.