Re: [syzbot] [kernel?] INFO: task hung in vfs_coredump (2)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+6ed94e81a1492fe1d512@syzkaller.appspotmail.com>
To: linux-kernel@vger.kernel.org, syoshida@redhat.com,
	 syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [kernel?] INFO: task hung in vfs_coredump (2)
Date: Sat, 21 Mar 2026 11:23:02 -0700	[thread overview]
Message-ID: <69bee206.050a0220.3bf4de.005b.GAE@google.com> (raw)
In-Reply-To: <871phdrrii.fsf@redhat.com>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
INFO: task hung in vfs_coredump

INFO: task syz.0.17:6434 blocked for more than 143 seconds.
      Not tainted syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:syz.0.17        state:D stack:28424 pid:6434  tgid:6432  ppid:6327   task_flags:0x400640 flags:0x00080002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5298 [inline]
 __schedule+0xfee/0x6120 kernel/sched/core.c:6911
 __schedule_loop kernel/sched/core.c:6993 [inline]
 schedule+0xdd/0x390 kernel/sched/core.c:7008
 schedule_timeout+0x1b2/0x280 kernel/time/sleep_timeout.c:75
 do_wait_for_common kernel/sched/completion.c:100 [inline]
 __wait_for_common+0x2e7/0x4c0 kernel/sched/completion.c:121
 wait_for_common kernel/sched/completion.c:132 [inline]
 wait_for_completion_state+0x1c/0x40 kernel/sched/completion.c:269
 coredump_wait fs/coredump.c:534 [inline]
 vfs_coredump+0x80d/0x5570 fs/coredump.c:1197
 get_signal+0x1f2a/0x21e0 kernel/signal.c:3019
 arch_do_signal_or_restart+0x91/0x770 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:64 [inline]
 exit_to_user_mode_loop+0x86/0x4a0 kernel/entry/common.c:98
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:325 [inline]
 do_syscall_64+0x668/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f994879af39
RSP: 002b:00007f99497010e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: ffffffffffffffda RBX: 00007f9948a06098 RCX: 00007f994879af39
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f9948a0609c
RBP: 00007f9948a06090 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f9948a06128 R14: 00007ffd4eff3890 R15: 00007ffd4eff3978
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/30:
 #0: ffffffff8e5ce2e0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:312 [inline]
 #0: ffffffff8e5ce2e0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:850 [inline]
 #0: ffffffff8e5ce2e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 kernel/locking/lockdep.c:6775
2 locks held by getty/5581:
 #0: ffff888037b420a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 drivers/tty/n_tty.c:2211
1 lock held by syz.0.17/6433:
1 lock held by syz.1.18/6456:
1 lock held by syz.2.19/6480:
5 locks held by syz.3.20/6510:
1 lock held by syz.4.21/6540:
1 lock held by syz.5.22/6569:
2 locks held by syz.6.23/6606:
1 lock held by syz.7.24/6637:

=============================================

NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x100/0x190 lib/dump_stack.c:120
 nmi_cpu_backtrace.cold+0x12d/0x151 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x1d7/0x230 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:161 [inline]
 __sys_info lib/sys_info.c:157 [inline]
 sys_info+0x141/0x190 lib/sys_info.c:165
 check_hung_uninterruptible_tasks kernel/hung_task.c:346 [inline]
 watchdog+0xd25/0x1050 kernel/hung_task.c:515
 kthread+0x370/0x450 kernel/kthread.c:436
 ret_from_fork+0x754/0xd80 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 6480 Comm: syz.2.19 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
RIP: 0010:memset_orig+0x3a/0xb0 arch/x86/lib/memset_64.S:71
Code: 01 48 0f af c1 41 89 f9 41 83 e1 07 75 74 48 89 d1 48 c1 e9 06 74 39 66 0f 1f 84 00 00 00 00 00 48 ff c9 48 89 07 48 89 47 08 <48> 89 47 10 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89
RSP: 0018:ffffc90002e77028 EFLAGS: 00000206
RAX: 0000000000000000 RBX: ffffc90002e77240 RCX: 0000000000000024
RDX: 0000000000001000 RSI: 0000000000000000 RDI: ffff88805e0546c0
RBP: 0000000000001000 R08: 0000000000000001 R09: 0000000000000000
R10: ffff88805e054000 R11: 0000000000000000 R12: dffffc0000000000
R13: ffffc90002e77248 R14: 0000000000001000 R15: 0000000000000000
FS:  00007fd2a88bb6c0(0000) GS:ffff88812472f000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00005555882e94e8 CR3: 000000007846e000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 zero_to_iter lib/iov_iter.c:461 [inline]
 iterate_kvec include/linux/iov_iter.h:86 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:308 [inline]
 iterate_and_advance include/linux/iov_iter.h:330 [inline]
 iov_iter_zero+0x9bd/0x15b0 lib/iov_iter.c:467
 hugetlbfs_read_iter+0x6e3/0x8c0 fs/hugetlbfs/inode.c:277
 __kernel_read+0x397/0xac0 fs/read_write.c:532
 integrity_kernel_read+0x7e/0xb0 security/integrity/iint.c:28
 ima_calc_file_hash_tfm+0x25e/0x350 security/integrity/ima/ima_crypto.c:480
 ima_calc_file_shash security/integrity/ima/ima_crypto.c:511 [inline]
 ima_calc_file_hash+0x18c/0x480 security/integrity/ima/ima_crypto.c:568
 ima_collect_measurement+0x887/0xa40 security/integrity/ima/ima_api.c:295
 process_measurement+0xdfe/0x2350 security/integrity/ima/ima_main.c:407
 ima_file_mmap+0x1c4/0x1f0 security/integrity/ima/ima_main.c:505
 security_mmap_file+0x278/0x9b0 security/security.c:2504
 vm_mmap_pgoff+0xec/0x470 mm/util.c:575
 ksys_mmap_pgoff+0x273/0x650 mm/mmap.c:605
 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:89 [inline]
 __se_sys_mmap arch/x86/kernel/sys_x86_64.c:82 [inline]
 __x64_sys_mmap+0x125/0x190 arch/x86/kernel/sys_x86_64.c:82
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x106/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fd2a799af39
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fd2a88bb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007fd2a7c05fa0 RCX: 00007fd2a799af39
RDX: 00004000000000df RSI: 0000004000000001 RDI: 0000000000000008
RBP: 00007fd2a7a2fee0 R08: ffffffffffffffff R09: 0000300000000000
R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fd2a7c06038 R14: 00007fd2a7c05fa0 R15: 00007fff04aad838
 </TASK>


Tested on:

commit:         113ae7b4 Merge tag 'hwmon-for-v7.0-rc5' of git://git.k..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=13e2ccba580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=c91defb609dfc805
dashboard link: https://syzkaller.appspot.com/bug?extid=6ed94e81a1492fe1d512
compiler:       gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44
patch:          https://syzkaller.appspot.com/x/patch.diff?x=1082ccba580000

next      parent reply	other threads:[~2026-03-21 18:23 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <871phdrrii.fsf@redhat.com>
2026-03-21 18:23 ` syzbot [this message]
     [not found] <87se9tqcnk.fsf@redhat.com>
2026-03-21 18:45 ` [syzbot] [kernel?] INFO: task hung in vfs_coredump (2) syzbot
     [not found] <87a4w1rs7h.fsf@redhat.com>
2026-03-21 18:05 ` syzbot
2025-08-03 18:20 syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=69bee206.050a0220.3bf4de.005b.GAE@google.com \
    --to=syzbot+6ed94e81a1492fe1d512@syzkaller.appspotmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syoshida@redhat.com \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.