INFO: task hung in addrconf_verify_work
40 views
Skip to first unread message
syzbot
Apr 11, 2019, 8:01:02 PM4/11/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 3c9f3e0b FROMGIT: dm verity: log the hash algorithm implem..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=151bb943400000
kernel config: https://syzkaller.appspot.com/x/.config?x=4ec81457ad986b8e
dashboard link: https://syzkaller.appspot.com/bug?extid=8bf69a24ed00d750d3e3
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16bc9fa3400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1060c063400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8bf69a...@syzkaller.appspotmail.com
INFO: task kworker/1:1:68 blocked for more than 140 seconds.
Not tainted 4.14.89+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/1:1 D26560 68 2 0x80000000
Workqueue: ipv6_addrconf addrconf_verify_work
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3548
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x521/0x1480 kernel/locking/mutex.c:893
addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4430
process_one_work+0x86e/0x1670 kernel/workqueue.c:2114
worker_thread+0xdc/0x1000 kernel/workqueue.c:2248
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.+}, at: [<ffffffffa7404837>]
debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541
3 locks held by kworker/1:1/68:
#0: ("%s"("ipv6_addrconf")){+.+.}, at: [<ffffffffa7329534>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((addr_chk_work).work){+.+.}, at: [<ffffffffa732956c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
#2: (rtnl_mutex){+.+.}, at: [<ffffffffa88e1c4a>]
addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4430
2 locks held by getty/1758:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa7f40ac0>]
tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa7f3bf1f>]
n_tty_read+0x1ff/0x1700 drivers/tty/n_tty.c:2156
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.89+ #26
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x574/0xa70 kernel/hung_task.c:252
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at pc 0xffffffffa8a6a5c2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: 3c9f3e0b FROMGIT: dm verity: log the hash algorithm implem..
git tree: android-4.14
console output: https://syzkaller.appspot.com/x/log.txt?x=151bb943400000
kernel config: https://syzkaller.appspot.com/x/.config?x=4ec81457ad986b8e
dashboard link: https://syzkaller.appspot.com/bug?extid=8bf69a24ed00d750d3e3
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16bc9fa3400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1060c063400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+8bf69a...@syzkaller.appspotmail.com
INFO: task kworker/1:1:68 blocked for more than 140 seconds.
Not tainted 4.14.89+ #26
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/1:1 D26560 68 2 0x80000000
Workqueue: ipv6_addrconf addrconf_verify_work
Call Trace:
schedule+0x7f/0x1b0 kernel/sched/core.c:3490
schedule_preempt_disabled+0x13/0x20 kernel/sched/core.c:3548
__mutex_lock_common kernel/locking/mutex.c:833 [inline]
__mutex_lock+0x521/0x1480 kernel/locking/mutex.c:893
addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4430
process_one_work+0x86e/0x1670 kernel/workqueue.c:2114
worker_thread+0xdc/0x1000 kernel/workqueue.c:2248
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Showing all locks held in the system:
1 lock held by khungtaskd/23:
#0: (tasklist_lock){.+.+}, at: [<ffffffffa7404837>]
debug_show_all_locks+0x74/0x20f kernel/locking/lockdep.c:4541
3 locks held by kworker/1:1/68:
#0: ("%s"("ipv6_addrconf")){+.+.}, at: [<ffffffffa7329534>]
process_one_work+0x784/0x1670 kernel/workqueue.c:2085
#1: ((addr_chk_work).work){+.+.}, at: [<ffffffffa732956c>]
process_one_work+0x7bc/0x1670 kernel/workqueue.c:2089
#2: (rtnl_mutex){+.+.}, at: [<ffffffffa88e1c4a>]
addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4430
2 locks held by getty/1758:
#0: (&tty->ldisc_sem){++++}, at: [<ffffffffa7f40ac0>]
tty_ldisc_ref_wait+0x20/0x80 drivers/tty/tty_ldisc.c:275
#1: (&ldata->atomic_read_lock){+.+.}, at: [<ffffffffa7f3bf1f>]
n_tty_read+0x1ff/0x1700 drivers/tty/n_tty.c:2156
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 23 Comm: khungtaskd Not tainted 4.14.89+ #26
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xb9/0x11b lib/dump_stack.c:53
nmi_cpu_backtrace.cold.0+0x47/0x85 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x121/0x146 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:140 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:196 [inline]
watchdog+0x574/0xa70 kernel/hung_task.c:252
kthread+0x348/0x420 kernel/kthread.c:232
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at pc 0xffffffffa8a6a5c2
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Apr 14, 2019, 5:30:12 AM4/14/19
to syzkaller-a...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 8fe42840 Merge 4.9.141 into android-4.9
syzbot found the following crash on:
git tree: android-4.9
console output: https://syzkaller.appspot.com/x/log.txt?x=164e750b200000
kernel config: https://syzkaller.appspot.com/x/.config?x=22a5ba9f73b6da1d
dashboard link: https://syzkaller.appspot.com/bug?extid=ea3f52dab52206dc815a
compiler: gcc (GCC) 8.0.1 20180413 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
ip6_tunnel: ip6tnl1 xmit: Local address not yet configured!
INFO: task kworker/1:0:18 blocked for more than 140 seconds.
Not tainted 4.9.141+ #1
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kworker/1:0 D27240 18 2 0x80000000
Workqueue: ipv6_addrconf addrconf_verify_work
ffff8801da6f4740 0000000000000000 ffff8801d19e5d80 ffff8801d9c20000
ffff8801db721018 ffff8801da717ae8 ffffffff828075c2 0000000000000002
ffff8801da6f4ff0 ffff8801d9c207f8 00ff8801da6f4740 ffff8801db7218f0
Call Trace:
[<ffffffff82808aef>] schedule+0x7f/0x1b0 kernel/sched/core.c:3553
[<ffffffff828094a3>] schedule_preempt_disabled+0x13/0x20
kernel/sched/core.c:3586
[<ffffffff8280b51d>] __mutex_lock_common kernel/locking/mutex.c:582
[inline]
[<ffffffff8280b51d>] mutex_lock_nested+0x38d/0x900
kernel/locking/mutex.c:621
[<ffffffff823412d7>] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:70
[<ffffffff826c31be>] addrconf_verify_work+0xe/0x20 net/ipv6/addrconf.c:4364
[<ffffffff81131001>] process_one_work+0x831/0x15f0 kernel/workqueue.c:2092
[<ffffffff81131e96>] worker_thread+0xd6/0x1140 kernel/workqueue.c:2226
[<ffffffff81142c3d>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff82817a5c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Showing all locks held in the system:
#0: ("%s"("ipv6_addrconf")){.+.+..}, at: [<ffffffff81130f0c>]
process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085
#1: ((addr_chk_work).work){+.+...}, at: [<ffffffff81130f44>]
process_one_work+0x774/0x15f0 kernel/workqueue.c:2089
#2: (rtnl_mutex){+.+.+.}, at: [<ffffffff823412d7>] rtnl_lock+0x17/0x20
net/core/rtnetlink.c:70
2 locks held by khungtaskd/24:
#0: (rcu_read_lock){......}, at: [<ffffffff8131c0cc>]
check_hung_uninterruptible_tasks kernel/hung_task.c:168 [inline]
#0: (rcu_read_lock){......}, at: [<ffffffff8131c0cc>]
watchdog+0x11c/0xa20 kernel/hung_task.c:239
#1: (tasklist_lock){.+.+..}, at: [<ffffffff813fe63f>]
debug_show_all_locks+0x79/0x218 kernel/locking/lockdep.c:4336
1 lock held by rsyslogd/1907:
#0: (&f->f_pos_lock){+.+.+.}, at: [<ffffffff8156cc7c>]
__fdget_pos+0xac/0xd0 fs/file.c:781
2 locks held by getty/2035:
#0: (&tty->ldisc_sem){++++++}, at: [<ffffffff82815952>]
ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:367
#1: (&ldata->atomic_read_lock){+.+.+.}, at: [<ffffffff81d37362>]
n_tty_read+0x202/0x16e0 drivers/tty/n_tty.c:2142
4 locks held by kworker/u4:3/2129:
#0: ("%s""netns"){.+.+.+}, at: [<ffffffff81130f0c>]
process_one_work+0x73c/0x15f0 kernel/workqueue.c:2085
#1: (net_cleanup_work){+.+.+.}, at: [<ffffffff81130f44>]
process_one_work+0x774/0x15f0 kernel/workqueue.c:2089
#2: (net_mutex){+.+.+.}, at: [<ffffffff822e681f>] cleanup_net+0x13f/0x8b0
net/core/net_namespace.c:439
#3: (rtnl_mutex){+.+.+.}, at: [<ffffffff823412d7>] rtnl_lock+0x17/0x20
net/core/rtnetlink.c:70
1 lock held by syz-executor.1/13517:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff823412d7>] rtnl_lock+0x17/0x20
net/core/rtnetlink.c:70
1 lock held by syz-executor.5/13527:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff823412d7>] rtnl_lock+0x17/0x20
net/core/rtnetlink.c:70
1 lock held by syz-executor.4/13554:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff8234abeb>] rtnl_lock
net/core/rtnetlink.c:70 [inline]
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff8234abeb>]
rtnetlink_rcv+0x1b/0x40 net/core/rtnetlink.c:4083
1 lock held by syz-executor.4/13558:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff8234abeb>] rtnl_lock
net/core/rtnetlink.c:70 [inline]
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff8234abeb>]
rtnetlink_rcv+0x1b/0x40 net/core/rtnetlink.c:4083
1 lock held by syz-executor.0/13573:
#0: (rtnl_mutex){+.+.+.}, at: [<ffffffff823412d7>] rtnl_lock+0x17/0x20
net/core/rtnetlink.c:70
=============================================
NMI backtrace for cpu 1
CPU: 1 PID: 24 Comm: khungtaskd Not tainted 4.9.141+ #1
ffff8801d9907d08 ffffffff81b42e79 0000000000000000 0000000000000001
0000000000000001 0000000000000001 ffffffff810983b0 ffff8801d9907d40
ffffffff81b4df89 0000000000000001 0000000000000000 0000000000000002
Call Trace:
[<ffffffff81b42e79>] __dump_stack lib/dump_stack.c:15 [inline]
[<ffffffff81b42e79>] dump_stack+0xc1/0x128 lib/dump_stack.c:51
[<ffffffff81b4df89>] nmi_cpu_backtrace.cold.0+0x48/0x87
lib/nmi_backtrace.c:99
[<ffffffff81b4df1c>] nmi_trigger_cpumask_backtrace+0x12c/0x151
lib/nmi_backtrace.c:60
[<ffffffff810984b4>] arch_trigger_cpumask_backtrace+0x14/0x20
arch/x86/kernel/apic/hw_nmi.c:37
[<ffffffff8131c65d>] trigger_all_cpu_backtrace include/linux/nmi.h:58
[inline]
[<ffffffff8131c65d>] check_hung_task kernel/hung_task.c:125 [inline]
[<ffffffff8131c65d>] check_hung_uninterruptible_tasks
kernel/hung_task.c:182 [inline]
[<ffffffff8131c65d>] watchdog+0x6ad/0xa20 kernel/hung_task.c:239
[<ffffffff81142c3d>] kthread+0x26d/0x300 kernel/kthread.c:211
[<ffffffff82817a5c>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:373
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at pc 0xffffffff82816496
syzbot
Jan 31, 2020, 7:44:08 AM1/31/20
to syzkaller-a...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages