syzbot


INFO: task hung in path_openat (2)

Status: closed as invalid on 2019/05/08 13:05
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 1207d, last: 1207d
similar bugs (11):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 INFO: task hung in path_openat 2 1065d 1098d 0/1 auto-closed as invalid on 2020/01/11 07:40
upstream INFO: task hung in path_openat (4) 1 836d 836d 0/23 auto-closed as invalid on 2020/07/28 10:23
upstream INFO: task hung in path_openat (3) 4 996d 1112d 0/23 auto-closed as invalid on 2020/02/19 20:16
linux-4.19 INFO: task hung in path_openat (2) 1 265d 265d 0/1 auto-closed as invalid on 2022/03/21 04:47
linux-4.14 INFO: task hung in path_openat 1 506d 506d 0/1 auto-closed as invalid on 2021/07/23 23:26
android-49 INFO: task hung in path_openat 64 1236d 1217d 0/3 auto-closed as invalid on 2019/09/22 08:41
upstream INFO: task hung in path_openat (5) 23 477d 638d 0/23 auto-closed as invalid on 2021/07/22 20:44
linux-4.19 INFO: task hung in path_openat (3) 1 2d14h 2d14h 0/1 upstream: reported on 2022/08/11 13:14
upstream INFO: task hung in path_openat (6) 13 212d 362d 0/23 closed as invalid on 2022/02/07 19:19
android-414 INFO: task hung in path_openat 42 1140d 1219d 0/1 auto-closed as invalid on 2019/10/28 21:04
upstream INFO: task hung in path_openat 246 1304d 1594d 0/23 closed as dup on 2018/09/08 15:37

Sample crash report:
INFO: task syz-executor.3:22257 blocked for more than 143 seconds.
      Not tainted 5.1.0-rc6+ #82
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.3  D28648 22257   8250 0x00000004
Call Trace:
 context_switch kernel/sched/core.c:2877 [inline]
 __schedule+0x813/0x1cc0 kernel/sched/core.c:3518
 schedule+0x92/0x180 kernel/sched/core.c:3562
 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:582 [inline]
 rwsem_down_write_failed+0x774/0xc30 kernel/locking/rwsem-xadd.c:611
 call_rwsem_down_write_failed+0x17/0x30 arch/x86/lib/rwsem.S:117
 __down_write arch/x86/include/asm/rwsem.h:142 [inline]
 down_write+0x53/0x90 kernel/locking/rwsem.c:72
 inode_lock include/linux/fs.h:772 [inline]
 do_last fs/namei.c:3319 [inline]
 path_openat+0x1489/0x46e0 fs/namei.c:3533
 do_filp_open+0x1a1/0x280 fs/namei.c:3563
 do_sys_open+0x3fe/0x5d0 fs/open.c:1069
 ksys_open include/linux/syscalls.h:1373 [inline]
 __do_sys_creat fs/open.c:1127 [inline]
 __se_sys_creat fs/open.c:1125 [inline]
 __x64_sys_creat+0x61/0x80 fs/open.c:1125
 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x458d99
Code: Bad RIP value.
RSP: 002b:00007f5bc629ac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000458d99
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
RBP: 000000000073bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f5bc629b6d4
R13: 00000000004bf2e4 R14: 00000000004d0468 R15: 00000000ffffffff

Showing all locks held in the system:
1 lock held by khungtaskd/1042:
 #0: 0000000075bbe2d8 (rcu_read_lock){....}, at: debug_show_all_locks+0x5f/0x27e kernel/locking/lockdep.c:5057
1 lock held by rsyslogd/8081:
 #0: 00000000faac1932 (&f->f_pos_lock){+.+.}, at: __fdget_pos+0xee/0x110 fs/file.c:801
2 locks held by getty/8203:
 #0: 000000008962955a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 0000000036a3d4a5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8204:
 #0: 00000000271cd981 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000007f1ce73c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8205:
 #0: 0000000028e1cc59 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000003f902072 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8206:
 #0: 00000000f72748ef (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000005429edc9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8207:
 #0: 000000002d4cbc9e (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000002214151d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8208:
 #0: 000000008f1fb936 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000009d321bf8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by getty/8209:
 #0: 0000000041e7743a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:341
 #1: 000000007a2f6233 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x232/0x1b70 drivers/tty/n_tty.c:2156
2 locks held by syz-executor.3/22252:
2 locks held by syz-executor.3/22257:
 #0: 00000000337ee252 (sb_writers#4){.+.+}, at: sb_start_write include/linux/fs.h:1621 [inline]
 #0: 00000000337ee252 (sb_writers#4){.+.+}, at: mnt_want_write+0x3f/0xc0 fs/namespace.c:358
 #1: 00000000dfea0f14 (&type->i_mutex_dir_key#3){++++}, at: inode_lock include/linux/fs.h:772 [inline]
 #1: 00000000dfea0f14 (&type->i_mutex_dir_key#3){++++}, at: do_last fs/namei.c:3319 [inline]
 #1: 00000000dfea0f14 (&type->i_mutex_dir_key#3){++++}, at: path_openat+0x1489/0x46e0 fs/namei.c:3533

=============================================

NMI backtrace for cpu 0
CPU: 0 PID: 1042 Comm: khungtaskd Not tainted 5.1.0-rc6+ #82
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x172/0x1f0 lib/dump_stack.c:113
 nmi_cpu_backtrace.cold+0x63/0xa4 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x1be/0x236 lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:204 [inline]
 watchdog+0x9b7/0xec0 kernel/hung_task.c:288
 kthread+0x357/0x430 kernel/kthread.c:253
 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
Sending NMI from CPU 0 to CPUs 1:

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2019/04/24 17:19 upstream ba25b50d582f 8e3c52b1 .config log report