INFO: task hung in __rt_mutex_slowlock
29 views
Skip to first unread message
syzbot
Apr 10, 2019, 12:04:13 PM4/10/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 4e76528b Merge 4.14.81 into android-4.14
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=110ce26d400000
kernel config: https://syzkaller.appspot.com/x/.config?x=9e4a95e0186919ba
dashboard link: https://syzkaller.appspot.com/bug?extid=dd2f61e48f745a2cb8ad
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+dd2f61...@syzkaller.appspotmail.com
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
audit: type=1400 audit(2000000131.890:116): avc: denied { search } for
pid=1845 comm="syz-executor2" name="/" dev="sysfs" ino=1
scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
INFO: task udevd:302 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D27688 302 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task udevd:303 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D27464 303 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task udevd:4630 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D28280 4630 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task syz-executor2:14426 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28408 14426 1845 0x00000004
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fff5d143be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457569
RDX: 0000000000411021 RSI: fffffffffffffff7 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 000000000000014f R15: 0000000000000002
INFO: task syz-executor2:14430 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D25256 14430 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8bc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c
R13: 00007fff5d1439ef R14: 00007f41e8bc79c0 R15: 0000000000000000
INFO: task syz-executor2:14439 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28616 14439 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8ba5cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bfa8 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bfa8
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bfac
R13: 00007fff5d1439ef R14: 00007f41e8ba69c0 R15: 0000000000000001
INFO: task syz-executor2:14474 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28312 14474 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8b84cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072c048 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072c048
RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c
R13: 00007fff5d1439ef R14: 00007f41e8b859c0 R15: 0000000000000002
INFO: task syz-executor4:14438 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D28408 14438 1853 0x00000004
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007ffe3ea204c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457569
RDX: 0000000000411021 RSI: fffffffffffffff7 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000124 R15: 0000000000000004
INFO: task syz-executor4:14442 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D26464 14442 1853 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fd7473decf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c
R13: 00007ffe3ea202cf R14: 00007fd7473df9c0 R15: 0000000000000000
INFO: task syz-executor4:14451 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D28712 14451 1853 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fd7473bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bfa8 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bfa8
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bfac
R13: 00007ffe3ea202cf R14: 00007fd7473be9c0 R15: 0000000000000001
Showing all locks held in the system:
2 locks held by kworker/u4:0/5:
#0: ("events_unbound"){+.+.}, at: [<ffffffffb5f27d04>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((&sub_info->work)){+.+.}, at: [<ffffffffb5f27d3c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.?}, at: [<ffffffffb60023b7>]
debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541
2 locks held by udevd/302:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by udevd/303:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by getty/1762:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffb6b3cf30>]
tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffb6b384af>]
n_tty_read+0x1ff/0x15e0 drivers/tty/n_tty.c:2142
2 locks held by syz-executor2/1842:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/1843:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor3/1846:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/1848:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/1849:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by kworker/u4:4/2238:
#0: ("events_unbound"){+.+.}, at: [<ffffffffb5f27d04>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((&sub_info->work)){+.+.}, at: [<ffffffffb5f27d3c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
2 locks held by udevd/4630:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/6113:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14426:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14430:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14439:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14474:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14438:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14442:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14451:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14455:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14457:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14462:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14458:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14463:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14469:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14471:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14460:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14466:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14470:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14472:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14475:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14476:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14464:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by true/14468:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by modprobe/14473:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.81+ #6
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:138 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x574/0xa70 kernel/hung_task.c:252
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at pc 0xffffffffb7664982
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 4e76528b Merge 4.14.81 into android-4.14
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=110ce26d400000
kernel config: https://syzkaller.appspot.com/x/.config?x=9e4a95e0186919ba
dashboard link: https://syzkaller.appspot.com/bug?extid=dd2f61e48f745a2cb8ad
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+dd2f61...@syzkaller.appspotmail.com
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
audit: type=1400 audit(2000000131.890:116): avc: denied { search } for
pid=1845 comm="syz-executor2" name="/" dev="sysfs" ino=1
scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023
tcontext=system_u:object_r:netcontrol_device_t:s0 tclass=dir permissive=1
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
INFO: task udevd:302 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D27688 302 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task udevd:303 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D27464 303 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task udevd:4630 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
udevd D28280 4630 190 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f1a425de1e8
RSP: 002b:00007ffd01999d98 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1a425de1e8
RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000
RBP: 00007f1a428b3840 R08: 00000000000000e7 R09: ffffffffffffff00
R10: 00007f1a428ba748 R11: 0000000000000246 R12: 00007f1a428b3840
R13: 0000000000000001 R14: 000000000097c030 R15: 000000000000000b
INFO: task syz-executor2:14426 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28408 14426 1845 0x00000004
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fff5d143be8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457569
RDX: 0000000000411021 RSI: fffffffffffffff7 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 000000000000014f R15: 0000000000000002
INFO: task syz-executor2:14430 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D25256 14430 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8bc6cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c
R13: 00007fff5d1439ef R14: 00007f41e8bc79c0 R15: 0000000000000000
INFO: task syz-executor2:14439 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28616 14439 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8ba5cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bfa8 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bfa8
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bfac
R13: 00007fff5d1439ef R14: 00007f41e8ba69c0 R15: 0000000000000001
INFO: task syz-executor2:14474 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor2 D28312 14474 1845 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007f41e8b84cf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072c048 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072c048
RBP: 000000000072c040 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072c04c
R13: 00007fff5d1439ef R14: 00007f41e8b859c0 R15: 0000000000000002
INFO: task syz-executor4:14438 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D28408 14438 1853 0x00000004
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x19/0x20 kernel/exit.c:977
do_syscall_64+0x19b/0x4b0 arch/x86/entry/common.c:289
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007ffe3ea204c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 0000000000457569
RDX: 0000000000411021 RSI: fffffffffffffff7 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000001 R14: 0000000000000124 R15: 0000000000000004
INFO: task syz-executor4:14442 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D26464 14442 1853 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fd7473decf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bf08 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bf08
RBP: 000000000072bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bf0c
R13: 00007ffe3ea202cf R14: 00007fd7473df9c0 R15: 0000000000000000
INFO: task syz-executor4:14451 blocked for more than 140 seconds.
Not tainted 4.14.81+ #6
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor4 D28712 14451 1853 0x00000000
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
__rt_mutex_slowlock+0x1b8/0x280 kernel/locking/rtmutex.c:1197
rt_mutex_slowlock.constprop.8+0x16b/0x410 kernel/locking/rtmutex.c:1267
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
notifier_call_chain+0x114/0x1b0 kernel/notifier.c:93
__blocking_notifier_call_chain kernel/notifier.c:317 [inline]
blocking_notifier_call_chain+0x77/0x8e kernel/notifier.c:328
do_exit+0x97/0x28c0 kernel/exit.c:768
do_group_exit+0x100/0x2e0 kernel/exit.c:968
get_signal+0x4e5/0x1470 kernel/signal.c:2348
do_signal+0x8f/0x1660 arch/x86/kernel/signal.c:809
exit_to_usermode_loop+0x116/0x150 arch/x86/entry/common.c:159
prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
syscall_return_slowpath arch/x86/entry/common.c:267 [inline]
do_syscall_64+0x35d/0x4b0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x457569
RSP: 002b:00007fd7473bdcf8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000072bfa8 RCX: 0000000000457569
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000072bfa8
RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000072bfac
R13: 00007ffe3ea202cf R14: 00007fd7473be9c0 R15: 0000000000000001
Showing all locks held in the system:
2 locks held by kworker/u4:0/5:
#0: ("events_unbound"){+.+.}, at: [<ffffffffb5f27d04>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((&sub_info->work)){+.+.}, at: [<ffffffffb5f27d3c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.?}, at: [<ffffffffb60023b7>]
debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541
2 locks held by udevd/302:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by udevd/303:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by getty/1762:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffb6b3cf30>]
tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffb6b384af>]
n_tty_read+0x1ff/0x15e0 drivers/tty/n_tty.c:2142
2 locks held by syz-executor2/1842:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/1843:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor3/1846:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/1848:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/1849:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by kworker/u4:4/2238:
#0: ("events_unbound"){+.+.}, at: [<ffffffffb5f27d04>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((&sub_info->work)){+.+.}, at: [<ffffffffb5f27d3c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
2 locks held by udevd/4630:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/6113:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14426:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14430:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14439:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor2/14474:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14438:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14442:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14451:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor4/14455:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14457:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14462:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14458:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14463:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14469:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor0/14471:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14460:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14466:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14470:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14472:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14475:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor5/14476:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by syz-executor1/14464:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by true/14468:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
2 locks held by modprobe/14473:
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){++++}, at: [<ffffffffb5f40f41>]
blocking_notifier_call_chain+0x61/0x8e kernel/notifier.c:328
#1: (uid_lock){+.+.}, at: [<ffffffffb6bf56e2>]
process_notifier+0xa2/0x6a4 drivers/misc/uid_sys_stats.c:633
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.81+ #6
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:138 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x574/0xa70 kernel/hung_task.c:252
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at pc 0xffffffffb7664982
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 11, 2019, 4:44:38 AM4/11/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: d7e64f80 ANDROID: x86_64_cuttlefish_defconfig: Enable F2FS
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=12827c6f800000
kernel config: https://syzkaller.appspot.com/x/.config?x=f99aced9dd6a7628
dashboard link: https://syzkaller.appspot.com/bug?extid=73c40bda07639e636363
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10fc159f800000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=15241edf800000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
INFO: task syz-executor865:13301 blocked for more than 120 seconds.
Not tainted 4.9.105-gd7e64f8 #40
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor865 D29720 13301 3852 0x00000004
ffff8801d4e0c800 ffff8801bccd0a80 ffff8801d03e7480 ffff8801b8234800
ffff8801db321c18 ffff8801cd58f8e8 ffffffff839e8c1d ffffffff8124324b
0000000200000001 ffff8801d4e0c800 00ff8801cd58faa0 ffff8801db3224e8
Call Trace:
[<ffffffff839ea21f>] schedule+0x7f/0x1b0 kernel/sched/core.c:3557
[<ffffffff839f3be0>] __rt_mutex_slowlock+0xb0/0x2d0
kernel/locking/rtmutex.c:1221
[<ffffffff839f3f97>] rt_mutex_slowlock+0x197/0x530
kernel/locking/rtmutex.c:1293
[<ffffffff839f435c>] rt_mutex_fastlock kernel/locking/rtmutex.c:1439
[inline]
[<ffffffff839f435c>] rt_mutex_lock+0x2c/0x30 kernel/locking/rtmutex.c:1499
[<ffffffff826a88dd>] process_notifier+0x9d/0x670
drivers/misc/uid_sys_stats.c:636
[<ffffffff811a1864>] notifier_call_chain+0xb4/0x1d0 kernel/notifier.c:93
[<ffffffff811a2dce>] __blocking_notifier_call_chain kernel/notifier.c:317
[inline]
[<ffffffff811a2dce>] blocking_notifier_call_chain+0x7e/0xa0
kernel/notifier.c:328
[<ffffffff8129186e>] profile_task_exit+0x1e/0x30 kernel/profile.c:140
[<ffffffff811404fe>] do_exit+0x9e/0x27c0 kernel/exit.c:740
[<ffffffff81146f41>] do_group_exit+0x111/0x340 kernel/exit.c:941
[<ffffffff8114718d>] SYSC_exit_group kernel/exit.c:952 [inline]
[<ffffffff8114718d>] SyS_exit_group+0x1d/0x20 kernel/exit.c:950
[<ffffffff81006316>] do_syscall_64+0x1a6/0x490 arch/x86/entry/common.c:282
[<ffffffff839f9b13>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb
Showing all locks held in the system:
#0: (rcu_read_lock){......}, at: [<ffffffff81366b9c>]
check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
#0: (rcu_read_lock){......}, at: [<ffffffff81366b9c>]
watchdog+0x11c/0xa20 kernel/hung_task.c:239
#1: (tasklist_lock){.+.+..}, at: [<ffffffff81426180>]
debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
2 locks held by getty/3774:
#0: (&tty->ldisc_sem){++++++}, at: [<ffffffff839f7cc2>]
ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
#1: (&ldata->atomic_read_lock){+.+...}, at: [<ffffffff82120062>]
n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2133
1 lock held by syz-executor865/13301:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13317:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13307:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13316:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13313:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13309:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13314:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13310:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13318:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13311:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13315:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13319:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
1 lock held by syz-executor865/13320:
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
__blocking_notifier_call_chain kernel/notifier.c:316 [inline]
#0: ((task_exit_notifier).rwsem){.+.+..}, at: [<ffffffff811a2db8>]
blocking_notifier_call_chain+0x68/0xa0 kernel/notifier.c:328
=============================================
NMI backtrace for cpu 0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
ffff8801d89b7d08 ffffffff81eb41a9 0000000000000000 0000000000000000
0000000000000000 0000000000000001 ffffffff810b96a0 ffff8801d89b7d40
ffffffff81ebf4a7 0000000000000000 0000000000000000 0000000000000003
Call Trace:
[<ffffffff81eb41a9>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81eb41a9>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81ebf4a7>] nmi_cpu_backtrace.cold.2+0x48/0x87
lib/nmi_backtrace.c:99
[<ffffffff81ebf43a>] nmi_trigger_cpumask_backtrace+0x12a/0x14f
lib/nmi_backtrace.c:60
[<ffffffff810b97a4>] arch_trigger_cpumask_backtrace+0x14/0x20
arch/x86/kernel/apic/hw_nmi.c:37
[<ffffffff81367134>] trigger_all_cpu_backtrace include/linux/nmi.h:58
[inline]
[<ffffffff81367134>] check_hung_task kernel/hung_task.c:125 [inline]
[<ffffffff81367134>] check_hung_uninterruptible_tasks
kernel/hung_task.c:182 [inline]
[<ffffffff81367134>] watchdog+0x6b4/0xa20 kernel/hung_task.c:239
[<ffffffff8119d04d>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff839f9cdc>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at pc 0xffffffff839f8726
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
https://goo.gl/tpsmEJ#testing-patches
syzbot
May 17, 2019, 8:53:03 PM5/17/19
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
yangh...@gmail.com
Nov 28, 2019, 10:23:06 AM11/28/19
to syzkaller-android-bugs
Hello :
I also found this crash :
<6>[23827.643719] I[7: android.ui: 1444] AsyncTask #340 D 0 14308 635 0x00400801
<4>[23827.643729] I[7: android.ui: 1444] Call trace:
<4>[23827.643741] I[7: android.ui: 1444] [<0000000081a6e228>] __switch_to+0x90/0xe8
<4>[23827.643753] I[7: android.ui: 1444] [<0000000035906583>] __schedule+0x310/0x8e0
<4>[23827.643764] I[7: android.ui: 1444] [<000000009fdaa190>] schedule+0x38/0x9c
<4>[23827.643776] I[7: android.ui: 1444] [<00000000b044aea9>] __rt_mutex_slowlock+0x50/0xf0
<4>[23827.643788] I[7: android.ui: 1444] [<000000004eeea50d>] rt_mutex_slowlock+0xb0/0x1a4
<4>[23827.643799] I[7: android.ui: 1444] [<00000000157d1130>] rt_mutex_lock+0x48/0x50
<4>[23827.643812] I[7: android.ui: 1444] [<0000000005e417e4>] process_notifier+0x38/0x154
<4>[23827.643824] I[7: android.ui: 1444] [<000000007a21d680>] blocking_notifier_call_chain+0x60/0xb0
<4>[23827.643835] I[7: android.ui: 1444] [<00000000fc12facf>] profile_task_exit+0x20/0x28
<4>[23827.643847] I[7: android.ui: 1444] [<0000000062a98aa7>] do_exit+0x38/0xa58
<4>[23827.643859] I[7: android.ui: 1444] [<00000000bbd22956>] do_group_exit+0x0/0x98
<4>[23827.643871] I[7: android.ui: 1444] [<00000000dbc52508>] __sys_trace_return+0x0/0x4
<6>[23827.643881] I[7: android.ui: 1444] AsyncTask #343 D 0 20034 635 0x00400801
<4>[23827.643892] I[7: android.ui: 1444] Call trace:
<4>[23827.643903] I[7: android.ui: 1444] [<0000000081a6e228>] __switch_to+0x90/0xe8
<4>[23827.643915] I[7: android.ui: 1444] [<0000000035906583>] __schedule+0x310/0x8e0
<4>[23827.643926] I[7: android.ui: 1444] [<000000009fdaa190>] schedule+0x38/0x9c
<4>[23827.643938] I[7: android.ui: 1444] [<00000000b044aea9>] __rt_mutex_slowlock+0x50/0xf0
<4>[23827.643950] I[7: android.ui: 1444] [<000000004eeea50d>] rt_mutex_slowlock+0xb0/0x1a4
<4>[23827.643962] I[7: android.ui: 1444] [<00000000157d1130>] rt_mutex_lock+0x48/0x50
<4>[23827.643975] I[7: android.ui: 1444] [<0000000005e417e4>] process_notifier+0x38/0x154
<4>[23827.643987] I[7: android.ui: 1444] [<000000007a21d680>] blocking_notifier_call_chain+0x60/0xb0
<4>[23827.643999] I[7: android.ui: 1444] [<00000000fc12facf>] profile_task_exit+0x20/0x28
<4>[23827.644011] I[7: android.ui: 1444] [<0000000062a98aa7>] do_exit+0x38/0xa58
<4>[23827.644023] I[7: android.ui: 1444] [<00000000bbd22956>] do_group_exit+0x0/0x98
<4>[23827.644035] I[7: android.ui: 1444] [<00000000dbc52508>] __sys_trace_return+0x0/0x4
<4>[23827.643729] I[7: android.ui: 1444] Call trace:
<4>[23827.643741] I[7: android.ui: 1444] [<0000000081a6e228>] __switch_to+0x90/0xe8
<4>[23827.643753] I[7: android.ui: 1444] [<0000000035906583>] __schedule+0x310/0x8e0
<4>[23827.643764] I[7: android.ui: 1444] [<000000009fdaa190>] schedule+0x38/0x9c
<4>[23827.643776] I[7: android.ui: 1444] [<00000000b044aea9>] __rt_mutex_slowlock+0x50/0xf0
<4>[23827.643788] I[7: android.ui: 1444] [<000000004eeea50d>] rt_mutex_slowlock+0xb0/0x1a4
<4>[23827.643799] I[7: android.ui: 1444] [<00000000157d1130>] rt_mutex_lock+0x48/0x50
<4>[23827.643812] I[7: android.ui: 1444] [<0000000005e417e4>] process_notifier+0x38/0x154
<4>[23827.643824] I[7: android.ui: 1444] [<000000007a21d680>] blocking_notifier_call_chain+0x60/0xb0
<4>[23827.643835] I[7: android.ui: 1444] [<00000000fc12facf>] profile_task_exit+0x20/0x28
<4>[23827.643847] I[7: android.ui: 1444] [<0000000062a98aa7>] do_exit+0x38/0xa58
<4>[23827.643859] I[7: android.ui: 1444] [<00000000bbd22956>] do_group_exit+0x0/0x98
<4>[23827.643871] I[7: android.ui: 1444] [<00000000dbc52508>] __sys_trace_return+0x0/0x4
<6>[23827.643881] I[7: android.ui: 1444] AsyncTask #343 D 0 20034 635 0x00400801
<4>[23827.643892] I[7: android.ui: 1444] Call trace:
<4>[23827.643903] I[7: android.ui: 1444] [<0000000081a6e228>] __switch_to+0x90/0xe8
<4>[23827.643915] I[7: android.ui: 1444] [<0000000035906583>] __schedule+0x310/0x8e0
<4>[23827.643926] I[7: android.ui: 1444] [<000000009fdaa190>] schedule+0x38/0x9c
<4>[23827.643938] I[7: android.ui: 1444] [<00000000b044aea9>] __rt_mutex_slowlock+0x50/0xf0
<4>[23827.643950] I[7: android.ui: 1444] [<000000004eeea50d>] rt_mutex_slowlock+0xb0/0x1a4
<4>[23827.643962] I[7: android.ui: 1444] [<00000000157d1130>] rt_mutex_lock+0x48/0x50
<4>[23827.643975] I[7: android.ui: 1444] [<0000000005e417e4>] process_notifier+0x38/0x154
<4>[23827.643987] I[7: android.ui: 1444] [<000000007a21d680>] blocking_notifier_call_chain+0x60/0xb0
<4>[23827.643999] I[7: android.ui: 1444] [<00000000fc12facf>] profile_task_exit+0x20/0x28
<4>[23827.644011] I[7: android.ui: 1444] [<0000000062a98aa7>] do_exit+0x38/0xa58
<4>[23827.644023] I[7: android.ui: 1444] [<00000000bbd22956>] do_group_exit+0x0/0x98
<4>[23827.644035] I[7: android.ui: 1444] [<00000000dbc52508>] __sys_trace_return+0x0/0x4
the system always printf this log .
last, the system happened watchdog timeout .
Please help to check.
thanks
在 2019年4月11日星期四 UTC+8上午12:04:13,syzbot写道:
Hello,
syzbot found the following crash on:
HEAD commit: 4e76528b Merge 4.14.81 into android-4.14
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=110ce26d400000
kernel config: https://syzkaller.appspot.com/x/.config?x=9e4a95e0186919ba
dashboard link: https://syzkaller.appspot.com/bug?extid=dd2f61e48f745a2cb8ad
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syz...@syzkaller.appspotmail.com
Reply all
Reply to author
Forward
0 new messages