INFO: task hung in misc_open (4)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+358c9ab4c93da7b7238c@syzkaller.appspotmail.com>
To: arnd@arndb.de, gregkh@linuxfoundation.org,
	linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: INFO: task hung in misc_open (4)
Date: Sat, 13 Feb 2021 04:38:16 -0800	[thread overview]
Message-ID: <000000000000d9ff3a05bb37069e@google.com> (raw)

Hello,

syzbot found the following issue on:

HEAD commit:    e0756cfc Merge tag 'trace-v5.11-rc7' of git://git.kernel.o..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=147e449cd00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=1106b4b91e8dfab8
dashboard link: https://syzkaller.appspot.com/bug?extid=358c9ab4c93da7b7238c
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=163e1dacd00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=13af25e4d00000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+358c9ab4c93da7b7238c@syzkaller.appspotmail.com

INFO: task syz-executor487:8574 blocked for more than 143 seconds.
      Not tainted 5.11.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor487 state:D stack:28112 pid: 8574 ppid:  8479 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
 __mutex_lock_common kernel/locking/mutex.c:1033 [inline]
 __mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
 misc_open+0x55/0x4a0 drivers/char/misc.c:107
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b9a/0x2730 fs/namei.c:3371
 do_filp_open+0x17e/0x3c0 fs/namei.c:3398
 do_sys_openat2+0x16d/0x420 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_openat fs/open.c:1204 [inline]
 __se_sys_openat fs/open.c:1199 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1199
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4031a7
RSP: 002b:00007ffd77c5adc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 00000000004031a7
RDX: 0000000000000002 RSI: 000000000048803b RDI: 00000000ffffff9c
RBP: 000000000048803b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd77c5ceec R14: 0000000000000076 R15: 00007ffd77c5cef0
INFO: task syz-executor487:8631 blocked for more than 143 seconds.
      Not tainted 5.11.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor487 state:D stack:27912 pid: 8631 ppid:  8480 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
 __mutex_lock_common kernel/locking/mutex.c:1033 [inline]
 __mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
 misc_open+0x55/0x4a0 drivers/char/misc.c:107
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b9a/0x2730 fs/namei.c:3371
 do_filp_open+0x17e/0x3c0 fs/namei.c:3398
 do_sys_openat2+0x16d/0x420 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_openat fs/open.c:1204 [inline]
 __se_sys_openat fs/open.c:1199 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1199
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4031a7
RSP: 002b:00007ffd77c5adc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 00000000004031a7
RDX: 0000000000000002 RSI: 000000000048803b RDI: 00000000ffffff9c
RBP: 000000000048803b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd77c5ceec R14: 0000000000000076 R15: 00007ffd77c5cef0
INFO: task syz-executor487:8634 blocked for more than 143 seconds.
      Not tainted 5.11.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor487 state:D stack:28160 pid: 8634 ppid:  8475 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
 __mutex_lock_common kernel/locking/mutex.c:1033 [inline]
 __mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
 misc_open+0x55/0x4a0 drivers/char/misc.c:107
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b9a/0x2730 fs/namei.c:3371
 do_filp_open+0x17e/0x3c0 fs/namei.c:3398
 do_sys_openat2+0x16d/0x420 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_openat fs/open.c:1204 [inline]
 __se_sys_openat fs/open.c:1199 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1199
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4031a7
RSP: 002b:00007ffd77c5adc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 00000000004031a7
RDX: 0000000000000002 RSI: 000000000048803b RDI: 00000000ffffff9c
RBP: 000000000048803b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd77c5ceec R14: 0000000000000076 R15: 00007ffd77c5cef0
INFO: task syz-executor487:8668 blocked for more than 144 seconds.
      Not tainted 5.11.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor487 state:D stack:28160 pid: 8668 ppid:  8477 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
 __mutex_lock_common kernel/locking/mutex.c:1033 [inline]
 __mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
 misc_open+0x55/0x4a0 drivers/char/misc.c:107
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b9a/0x2730 fs/namei.c:3371
 do_filp_open+0x17e/0x3c0 fs/namei.c:3398
 do_sys_openat2+0x16d/0x420 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_openat fs/open.c:1204 [inline]
 __se_sys_openat fs/open.c:1199 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1199
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4031a7
RSP: 002b:00007ffd77c5adc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 00000000004031a7
RDX: 0000000000000002 RSI: 000000000048803b RDI: 00000000ffffff9c
RBP: 000000000048803b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd77c5ceec R14: 0000000000000076 R15: 00007ffd77c5cef0
INFO: task syz-executor487:8679 blocked for more than 144 seconds.
      Not tainted 5.11.0-rc7-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz-executor487 state:D stack:28160 pid: 8679 ppid:  8478 flags:0x00000004
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:5216
 __mutex_lock_common kernel/locking/mutex.c:1033 [inline]
 __mutex_lock+0x81a/0x1110 kernel/locking/mutex.c:1103
 misc_open+0x55/0x4a0 drivers/char/misc.c:107
 chrdev_open+0x266/0x770 fs/char_dev.c:414
 do_dentry_open+0x4b9/0x11b0 fs/open.c:817
 do_open fs/namei.c:3254 [inline]
 path_openat+0x1b9a/0x2730 fs/namei.c:3371
 do_filp_open+0x17e/0x3c0 fs/namei.c:3398
 do_sys_openat2+0x16d/0x420 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_openat fs/open.c:1204 [inline]
 __se_sys_openat fs/open.c:1199 [inline]
 __x64_sys_openat+0x13f/0x1f0 fs/open.c:1199
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4031a7
RSP: 002b:00007ffd77c5adc0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
RAX: ffffffffffffffda RBX: 0000000020000440 RCX: 00000000004031a7
RDX: 0000000000000002 RSI: 000000000048803b RDI: 00000000ffffff9c
RBP: 000000000048803b R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
R13: 00007ffd77c5ceec R14: 0000000000000076 R15: 00007ffd77c5cef0

Showing all locks held in the system:
5 locks held by kworker/1:0/19:
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
 #1: ffffc90000d97da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
 #2: ffff88801ccb9218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #2: ffff88801ccb9218 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4320 drivers/usb/core/hub.c:5537
 #3: ffff8881441ce218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #3: ffff8881441ce218 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
 #4: ffff8881418921a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #4: ffff8881418921a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
1 lock held by khungtaskd/1657:
 #0: ffffffff8bd73da0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6259
5 locks held by kworker/0:2/3000:
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
 #1: ffffc90001887da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
 #2: ffff88801cc79218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #2: ffff88801cc79218 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4320 drivers/usb/core/hub.c:5537
 #3: ffff888147549218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #3: ffff888147549218 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
 #4: ffff88814402f1a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #4: ffff88814402f1a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
5 locks held by kworker/0:4/4909:
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
 #1: ffffc900016d7da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
 #2: ffff88801cd51218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #2: ffff88801cd51218 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4320 drivers/usb/core/hub.c:5537
 #3: ffff88814745c218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #3: ffff88814745c218 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
 #4: ffff888140e6d1a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #4: ffff888140e6d1a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
1 lock held by in:imklog/8184:
 #0: ffff888018fa34f0 (&f->f_pos_lock){+.+.}-{3:3}, at: __fdget_pos+0xe9/0x100 fs/file.c:947
5 locks held by kworker/1:1/8486:
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
 #1: ffffc9000175fda8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
 #2: ffff888144669218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #2: ffff888144669218 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4320 drivers/usb/core/hub.c:5537
 #3: ffff888019edc218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #3: ffff888019edc218 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
 #4: ffff88814748c1a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #4: ffff88814748c1a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
5 locks held by kworker/1:2/8499:
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic64_set include/asm-generic/atomic-instrumented.h:856 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: atomic_long_set include/asm-generic/atomic-long.h:41 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_data kernel/workqueue.c:616 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: set_work_pool_and_clear_pending kernel/workqueue.c:643 [inline]
 #0: ffff888015a52538 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x871/0x15f0 kernel/workqueue.c:2246
 #1: ffffc90001a27da8 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x8a5/0x15f0 kernel/workqueue.c:2250
 #2: ffff888144611218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #2: ffff888144611218 (&dev->mutex){....}-{3:3}, at: hub_event+0x1c1/0x4320 drivers/usb/core/hub.c:5537
 #3: ffff88814404a218 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #3: ffff88814404a218 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
 #4: ffff8881438b01a8 (&dev->mutex){....}-{3:3}, at: device_lock include/linux/device.h:737 [inline]
 #4: ffff8881438b01a8 (&dev->mutex){....}-{3:3}, at: __device_attach+0x7a/0x4a0 drivers/base/dd.c:889
1 lock held by syz-executor487/8574:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
1 lock held by syz-executor487/8631:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
1 lock held by syz-executor487/8634:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
1 lock held by syz-executor487/8668:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
1 lock held by syz-executor487/8679:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
2 locks held by syz-executor487/8683:
 #0: ffffffff8c752b48 (misc_mtx){+.+.}-{3:3}, at: misc_open+0x55/0x4a0 drivers/char/misc.c:107
 #1: ffffffff8bc45148 (system_transition_mutex){+.+.}-{3:3}, at: snapshot_open+0x3b/0x2a0 kernel/power/user.c:54

=============================================

NMI backtrace for cpu 1
CPU: 1 PID: 1657 Comm: khungtaskd Not tainted 5.11.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x107/0x163 lib/dump_stack.c:120
 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:146 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:209 [inline]
 watchdog+0xd43/0xfa0 kernel/hung_task.c:294
 kthread+0x3b1/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:60 [inline]
NMI backtrace for cpu 0 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:103 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt drivers/acpi/processor_idle.c:110 [inline]
NMI backtrace for cpu 0 skipped: idling at acpi_idle_do_entry+0x1c9/0x250 drivers/acpi/processor_idle.c:516


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches

next             reply	other threads:[~2021-02-13 12:39 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-13 12:38 syzbot [this message]
2022-07-04  6:44 ` [PATCH] char: misc: make misc_open() and misc_register() killable Tetsuo Handa
2022-07-04  7:29   ` Greg KH
2022-07-04 10:25     ` Tetsuo Handa
2022-07-04 11:01       ` Greg KH
2022-07-04 12:34         ` Tetsuo Handa
2022-07-04 12:59           ` Wedson Almeida Filho
2022-07-04 13:48             ` Tetsuo Handa
2022-07-04 13:57               ` Wedson Almeida Filho
2022-07-04 14:07                 ` Tetsuo Handa
2022-07-04 14:46                   ` Wedson Almeida Filho
2022-07-04 14:31           ` Greg KH
2022-07-05  5:21             ` Tetsuo Handa
2022-07-05  5:37               ` Greg KH
     [not found]                 ` <a1fcc07e-51ef-eaad-f14b-33f1263e45ac@I-love.SAKURA.ne.jp>
2022-07-05  7:20                   ` Dmitry Vyukov
2022-07-05 10:10                     ` Greg Kroah-Hartman
2022-07-08  6:06                       ` Dmitry Vyukov
2022-07-05 14:01               ` Tetsuo Handa
2022-07-05 14:16                 ` Greg KH
2022-07-05 14:35                   ` Tetsuo Handa
2022-07-06  6:21                     ` Tetsuo Handa
2022-07-06  6:34                       ` Greg KH
2022-07-06 10:26                         ` Tetsuo Handa
2022-07-06 11:04                           ` Oliver Neukum
2022-07-07  5:06                             ` Tetsuo Handa
2022-07-07  8:04                               ` Greg KH
2022-07-08 13:37                               ` Greg KH
2022-07-10  2:27                                 ` Tetsuo Handa
2022-07-06 12:17                           ` Oliver Neukum

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=000000000000d9ff3a05bb37069e@google.com \
    --to=syzbot+358c9ab4c93da7b7238c@syzkaller.appspotmail.com \
    --cc=arnd@arndb.de \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.