syzbot

 sign-in | mailing list | source | docs
🐞 Open [995] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12514] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task hung in tty_read

Status: auto-closed as invalid on 2019/05/31 14:17
Subsystems: serial
[Documentation on labels]
First crash: 1972d, last: 1972d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 INFO: task hung in tty_read 3 1849d 1839d 0/3 auto-closed as invalid on 2019/10/01 12:09

Sample crash report:
INFO: task syz-executor0:27741 blocked for more than 140 seconds.
      Not tainted 4.20.0-rc4+ #359
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor0   D25376 27741  30372 0x00000000
Call Trace:
 context_switch kernel/sched/core.c:2831 [inline]
 __schedule+0x8cf/0x21d0 kernel/sched/core.c:3472
 schedule+0xfe/0x460 kernel/sched/core.c:3516
 schedule_timeout+0x1cc/0x260 kernel/time/timer.c:1780
 down_read_failed drivers/tty/tty_ldsem.c:224 [inline]
 __ldsem_down_read_nested+0x538/0xb80 drivers/tty/tty_ldsem.c:318
 ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 tty_ldisc_ref_wait+0x25/0x80 drivers/tty/tty_ldisc.c:263
 tty_read+0x11a/0x2a0 drivers/tty/tty_io.c:862
 __vfs_read+0x117/0x9b0 fs/read_write.c:416
 vfs_read+0x17f/0x3c0 fs/read_write.c:452
 ksys_read+0x101/0x260 fs/read_write.c:578
 __do_sys_read fs/read_write.c:588 [inline]
 __se_sys_read fs/read_write.c:586 [inline]
 __x64_sys_read+0x73/0xb0 fs/read_write.c:586
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457569
Code: 83 c4 18 c3 e8 d8 64 00 00 48 8b 04 24 48 8b 4c 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d aa 34 0c <01> 87 01 8b 05 a2 34 0c 01 83 f8 01 0f 85 8a 00 00 00 b8 01 00 00
RSP: 002b:00007fb3c6a0ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000457569
RDX: 0000000000000058 RSI: 0000000020001ac0 RDI: 0000000000000003
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb3c6a0b6d4
R13: 00000000004c292a R14: 00000000004d5db8 R15: 00000000ffffffff

Showing all locks held in the system:
1 lock held by khungtaskd/1014:
 #0: 00000000a8f828ca (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 kernel/locking/lockdep.c:4379
1 lock held by rsyslogd/5956:
 #0: 00000000ff66e9f1 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200 fs/file.c:766
2 locks held by getty/6046:
 #0: 0000000013d11b45 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 00000000708821c7 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6047:
 #0: 00000000fad7b5ad (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 00000000f36608ac (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6048:
 #0: 000000007e5404b5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 0000000090dcf01a (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6049:
 #0: 00000000fd4ea16b (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 000000005a9fde75 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6050:
 #0: 00000000d78ef6de (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 000000006627e29b (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6051:
 #0: 00000000b068c31f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 000000007cf67a6c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by getty/6052:
 #0: 00000000b283b8bd (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 00000000aa1db264 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
2 locks held by syz-executor0/27723:
 #0: 000000008a7922d7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
 #1: 000000008b7bf406 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1e80 drivers/tty/n_tty.c:2154
1 lock held by syz-executor0/27741:
 #0: 000000008a7922d7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1014 Comm: khungtaskd Not tainted 4.20.0-rc4+ #359
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x244/0x39d lib/dump_stack.c:113
 nmi_cpu_backtrace.cold.2+0x5c/0xa1 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1e8/0x22a lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:205 [inline]
 watchdog+0xb51/0x1060 kernel/hung_task.c:289
 kthread+0x35a/0x440 kernel/kthread.c:246
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 30372 Comm: syz-executor0 Not tainted 4.20.0-rc4+ #359
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:copy_user_enhanced_fast_string+0x0/0x20 arch/x86/lib/copy_user_64.S:151
Code: 8a 06 88 07 48 ff c6 48 ff c7 ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 <0f> 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 f3 a4 31 c0 0f 1f 00 c3
RSP: 0018:ffff88817dc97cb0 EFLAGS: 00000246
RAX: ffffed102fb92fa6 RBX: 0000000000000010 RCX: ffffffff83929899
RDX: 0000000000000010 RSI: ffff88817dc97d20 RDI: 0000000000a3fd70
RBP: ffff88817dc97ce8 R08: ffffed102fb92fa6 R09: ffffed102fb92fa4
R10: ffffed102fb92fa5 R11: ffff88817dc97d2f R12: 0000000000a3fd80
R13: 0000000000a3fd70 R14: ffff88817dc97d20 R15: 00007ffffffff000
FS:  0000000000e02940(0000) GS:ffff8881daf00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000a40021 CR3: 00000001d4c3f000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 copy_to_user include/linux/uaccess.h:155 [inline]
 put_timespec64+0xf7/0x1b0 kernel/time/time.c:862
 __do_sys_clock_gettime kernel/time/posix-timers.c:1068 [inline]
 __se_sys_clock_gettime kernel/time/posix-timers.c:1056 [inline]
 __x64_sys_clock_gettime+0x1b8/0x250 kernel/time/posix-timers.c:1056
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45a3ca
Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d bf c0 5e 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7
RSP: 002b:0000000000a3fd68 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
RAX: ffffffffffffffda RBX: 0000000000227856 RCX: 000000000045a3ca
RDX: 0000000000000000 RSI: 0000000000a3fd70 RDI: 0000000000000001
RBP: 0000000000000b44 R08: 0000000000000001 R09: 0000000000e02940
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000227856 R14: 00000000000003d6 R15: 0000000000000000
kobject: 'loop3' (00000000cb7445b9): kobject_uevent_env

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/12/02 12:48 upstream 4b78317679c4 e0d8c853 .config console log report ci-upstream-kasan-gce
* Struck through repros no longer work on HEAD.