From: syzbot <syzbot+7ea2f5e9dfd468201817@syzkaller.appspotmail.com>
To: hdanton@sina.com, linux-kernel@vger.kernel.org,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [lsm] [kernel] INFO: task hung in restrict_one_thread_callback
Date: Wed, 25 Feb 2026 16:13:03 -0800 [thread overview]
Message-ID: <699f900f.a00a0220.301b66.0008.GAE@google.com> (raw)
In-Reply-To: <20260225223258.482-1-hdanton@sina.com>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
INFO: task hung in landlock_restrict_sibling_threads
INFO: task syz.0.301:7302 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.301 state:D stack:28800 pid:7302 tgid:7301 ppid:6339 task_flags:0x400140 flags:0x00080006
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
schedule_timeout+0xc3/0x2c0 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:100 [inline]
__wait_for_common kernel/sched/completion.c:121 [inline]
wait_for_common kernel/sched/completion.c:132 [inline]
wait_for_completion+0x2cc/0x5e0 kernel/sched/completion.c:153
landlock_restrict_sibling_threads+0xf34/0x11e0 security/landlock/tsync.c:545
__do_sys_landlock_restrict_self security/landlock/syscalls.c:574 [inline]
__se_sys_landlock_restrict_self+0x540/0x810 security/landlock/syscalls.c:482
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f349af9bf79
RSP: 002b:00007f349be5c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
RAX: ffffffffffffffda RBX: 00007f349b215fa0 RCX: 00007f349af9bf79
RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000003
RBP: 00007f349b0327e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f349b216038 R14: 00007f349b215fa0 R15: 00007fffd651db08
</TASK>
INFO: task syz.0.301:7303 blocked for more than 143 seconds.
Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.301 state:D stack:27968 pid:7303 tgid:7301 ppid:6339 task_flags:0x400140 flags:0x00080006
Call Trace:
<TASK>
context_switch kernel/sched/core.c:5295 [inline]
__schedule+0x1585/0x5340 kernel/sched/core.c:6907
__schedule_loop kernel/sched/core.c:6989 [inline]
schedule+0x164/0x360 kernel/sched/core.c:7004
schedule_timeout+0xc3/0x2c0 kernel/time/sleep_timeout.c:75
do_wait_for_common kernel/sched/completion.c:100 [inline]
__wait_for_common kernel/sched/completion.c:121 [inline]
wait_for_common kernel/sched/completion.c:132 [inline]
wait_for_completion+0x2cc/0x5e0 kernel/sched/completion.c:153
landlock_restrict_sibling_threads+0xf34/0x11e0 security/landlock/tsync.c:545
__do_sys_landlock_restrict_self security/landlock/syscalls.c:574 [inline]
__se_sys_landlock_restrict_self+0x540/0x810 security/landlock/syscalls.c:482
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f349af9bf79
RSP: 002b:00007f349be3b028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be
RAX: ffffffffffffffda RBX: 00007f349b216090 RCX: 00007f349af9bf79
RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000003
RBP: 00007f349b0327e0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f349b216128 R14: 00007f349b216090 R15: 00007fffd651db08
</TASK>
Showing all locks held in the system:
1 lock held by khungtaskd/30:
#0: ffffffff8e9602e0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
#0: ffffffff8e9602e0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
#0: ffffffff8e9602e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 kernel/locking/lockdep.c:6775
2 locks held by klogd/5181:
#0: ffff8880b873ade0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x31/0x150 kernel/sched/core.c:647
#1: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880 kernel/sched/psi.c:933
2 locks held by getty/5575:
#0: ffff888032b4e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243
#1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0 drivers/tty/n_tty.c:2211
=============================================
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
<TASK>
dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
nmi_cpu_backtrace+0x274/0x2d0 lib/nmi_backtrace.c:113
nmi_trigger_cpumask_backtrace+0x17a/0x300 lib/nmi_backtrace.c:62
trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
__sys_info lib/sys_info.c:157 [inline]
sys_info+0x135/0x170 lib/sys_info.c:165
check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
watchdog+0xfd9/0x1030 kernel/hung_task.c:515
kthread+0x388/0x470 kernel/kthread.c:467
ret_from_fork+0x51e/0xb90 arch/x86/kernel/process.c:158
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
</TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:pv_native_safe_halt+0xf/0x20 arch/x86/kernel/paravirt.c:63
Code: 4e 74 02 c3 cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 43 0d 11 00 fb f4 <e9> 7c ea 02 00 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
RSP: 0018:ffffc90000197e20 EFLAGS: 00000246
RAX: 00000000001af755 RBX: ffffffff819ad0dd RCX: 0000000080000001
RDX: 0000000000000001 RSI: ffffffff8e00f3b4 RDI: ffffffff8c29bc00
RBP: ffffc90000197f10 R08: ffff8880b873395b R09: 1ffff110170e672b
R10: dffffc0000000000 R11: ffffed10170e672c R12: ffffffff903388b0
R13: 1ffff11003bd3000 R14: 0000000000000001 R15: 0000000000000001
FS: 0000000000000000(0000) GS:ffff88812530f000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055559296f4e8 CR3: 00000000372e2000 CR4: 00000000003526f0
Call Trace:
<TASK>
arch_safe_halt arch/x86/kernel/process.c:766 [inline]
default_idle+0x9/0x20 arch/x86/kernel/process.c:767
default_idle_call+0x72/0xb0 kernel/sched/idle.c:122
cpuidle_idle_call kernel/sched/idle.c:191 [inline]
do_idle+0x1bd/0x500 kernel/sched/idle.c:332
cpu_startup_entry+0x43/0x60 kernel/sched/idle.c:430
start_secondary+0x101/0x110 arch/x86/kernel/smpboot.c:312
common_startup_64+0x13e/0x147
</TASK>
Tested on:
commit: d9d32e5b Merge tag 'ata-7.0-rc2' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=12a328d6580000
kernel config: https://syzkaller.appspot.com/x/.config?x=56c0294cb1688557
dashboard link: https://syzkaller.appspot.com/bug?extid=7ea2f5e9dfd468201817
compiler: Debian clang version 21.1.8 (++20251221033036+2078da43e25a-1~exp1~20251221153213.50), Debian LLD 21.1.8
patch: https://syzkaller.appspot.com/x/patch.diff?x=1155b55a580000
next prev parent reply other threads:[~2026-02-26 0:13 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-20 11:11 [syzbot] [kernel?] INFO: task hung in restrict_one_thread_callback syzbot
2026-02-21 6:27 ` Forwarded: " syzbot
2026-02-23 13:40 ` Frederic Weisbecker
2026-02-23 15:15 ` Günther Noack
2026-02-24 0:10 ` Hillf Danton
2026-02-24 3:05 ` syzbot
2026-02-24 10:00 ` Günther Noack
2026-02-24 3:17 ` Forwarded: " syzbot
2026-02-24 4:25 ` syzbot
2026-02-24 14:43 ` syzbot
2026-02-25 5:10 ` Hillf Danton
2026-02-25 5:48 ` [syzbot] [lsm] [kernel] " syzbot
2026-02-25 10:22 ` [syzbot] [kernel?] " Hillf Danton
2026-02-25 10:51 ` [syzbot] [lsm] [kernel] " syzbot
2026-02-25 12:21 ` [syzbot] [kernel?] " Hillf Danton
2026-02-25 14:15 ` [syzbot] [lsm] [kernel] " syzbot
2026-02-25 22:32 ` [syzbot] [kernel?] " Hillf Danton
2026-02-26 0:13 ` syzbot [this message]
2026-02-26 2:19 ` Hillf Danton
2026-02-26 2:44 ` [syzbot] [lsm] [kernel] " syzbot
2026-02-26 10:04 ` [syzbot] [kernel?] " Hillf Danton
2026-02-26 10:50 ` [syzbot] [lsm] [kernel] " syzbot
2026-02-27 0:03 ` [syzbot] [kernel?] " Hillf Danton
2026-02-27 1:49 ` [syzbot] [lsm] [kernel] " syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=699f900f.a00a0220.301b66.0008.GAE@google.com \
--to=syzbot+7ea2f5e9dfd468201817@syzkaller.appspotmail.com \
--cc=hdanton@sina.com \
--cc=linux-kernel@vger.kernel.org \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.