syzbot

 sign-in | mailing list | source | docs
🐞 Open [1513]
Subsystems
🐞 Fixed [6530]
🐞 Invalid [16662]
Missing Backports [203]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: task hung in nmi_cpu_backtrace (4)

Status: auto-obsoleted due to no activity on 2025/07/25 14:14
Subsystems: nfs
[Documentation on labels]
First crash: 230d, last: 125d
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in nmi_cpu_backtrace fs 1 7 2612d 2611d 0/29 auto-closed as invalid on 2019/02/22 10:26
upstream INFO: task hung in nmi_cpu_backtrace (3) block serial 1 3 375d 390d 0/29 auto-obsoleted due to no activity on 2024/11/17 17:25
android-49 INFO: task hung in nmi_cpu_backtrace 1 3 2581d 2757d 0/3 auto-closed as invalid on 2019/02/22 13:59
upstream INFO: task hung in nmi_cpu_backtrace (2) serial 1 1 690d 690d 0/29 auto-obsoleted due to no activity on 2024/01/08 02:36
linux-4.14 INFO: task hung in nmi_cpu_backtrace 1 1 2066d 2066d 0/1 auto-closed as invalid on 2020/05/02 01:19
android-6-12 INFO: task hung in nmi_cpu_backtrace 1 1 33d 33d 0/1 premoderation: reported on 2025/07/28 05:35

Sample crash report:
INFO: task kworker/0:7:5915 blocked for more than 143 seconds.
      Not tainted 6.15.0-rc3-syzkaller-00283-gf1a3944c860b #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
task:kworker/0:7     state:D stack:22976 pid:5915  tgid:5915  ppid:2      task_flags:0x4208060 flags:0x00004000
Showing all locks held in the system:
1 lock held by syslogd/5168:
2 locks held by getty/5573:
 #0: ffff88814d6be0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 drivers/tty/tty_ldisc.c:243
 #1: ffffc9000363c2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0 drivers/tty/n_tty.c:2222
5 locks held by kworker/0:7/5915:
 #0: ffff8880222c9548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
 #1: ffffc9000400fd18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
 #2: ffff888146b42198 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
 #2: ffff888146b42198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fa0 drivers/usb/core/hub.c:5859
 #3: ffff888146b45510 (&port_dev->status_lock){+.+.}-{4:4}, at: usb_lock_port drivers/usb/core/hub.c:3220 [inline]
 #3: ffff888146b45510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_port_connect drivers/usb/core/hub.c:5428 [inline]
 #3: ffff888146b45510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
 #3: ffff888146b45510 (&port_dev->status_lock){+.+.}-{4:4}, at: port_event drivers/usb/core/hub.c:5831 [inline]
 #3: ffff888146b45510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x2906/0x4fa0 drivers/usb/core/hub.c:5913
 #4: ffff8881463b3168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_port_connect drivers/usb/core/hub.c:5429 [inline]
 #4: ffff8881463b3168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
 #4: ffff8881463b3168 (hcd->address0_mutex){+.+.}-{4:4}, at: port_event drivers/usb/core/hub.c:5831 [inline]
 #4: ffff8881463b3168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x292b/0x4fa0 drivers/usb/core/hub.c:5913
5 locks held by kworker/1:6/5927:
 #0: ffff8880222c9548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70 kernel/workqueue.c:3213
 #1: ffffc9000404fd18 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70 kernel/workqueue.c:3214
 #2: ffff8881467c0198 (&dev->mutex){....}-{4:4}, at: device_lock include/linux/device.h:922 [inline]
 #2: ffff8881467c0198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fa0 drivers/usb/core/hub.c:5859
 #3: ffff8881467c3510 (&port_dev->status_lock){+.+.}-{4:4}, at: usb_lock_port drivers/usb/core/hub.c:3220 [inline]
 #3: ffff8881467c3510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_port_connect drivers/usb/core/hub.c:5428 [inline]
 #3: ffff8881467c3510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
 #3: ffff8881467c3510 (&port_dev->status_lock){+.+.}-{4:4}, at: port_event drivers/usb/core/hub.c:5831 [inline]
 #3: ffff8881467c3510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x2906/0x4fa0 drivers/usb/core/hub.c:5913
 #4: ffff88814638c168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_port_connect drivers/usb/core/hub.c:5429 [inline]
 #4: ffff88814638c168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_port_connect_change drivers/usb/core/hub.c:5671 [inline]
 #4: ffff88814638c168 (hcd->address0_mutex){+.+.}-{4:4}, at: port_event drivers/usb/core/hub.c:5831 [inline]
 #4: ffff88814638c168 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x292b/0x4fa0 drivers/usb/core/hub.c:5913

=============================================

NMI backtrace for cpu 1
CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.15.0-rc3-syzkaller-00283-gf1a3944c860b #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 nmi_cpu_backtrace+0x27b/0x390 lib/nmi_backtrace.c:113
 nmi_trigger_cpumask_backtrace+0x29c/0x300 lib/nmi_backtrace.c:62
 trigger_all_cpu_backtrace include/linux/nmi.h:158 [inline]
 check_hung_uninterruptible_tasks kernel/hung_task.c:274 [inline]
 watchdog+0xf70/0x12c0 kernel/hung_task.c:437
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 1163 Comm: kworker/u8:6 Not tainted 6.15.0-rc3-syzkaller-00283-gf1a3944c860b #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
Workqueue: events_unbound toggle_allocation_gate
RIP: 0010:memcpy_orig+0xe5/0x130 arch/x86/lib/memcpy_64.S:148
Code: 00 00 00 66 90 83 fa 08 72 1b 4c 8b 06 4c 8b 4c 16 f8 4c 89 07 4c 89 4c 17 f8 c3 cc cc cc cc 66 0f 1f 44 00 00 83 fa 04 72 1b <8b> 0e 44 8b 44 16 fc 89 0f 44 89 44 17 fc c3 cc cc cc cc 0f 1f 84
RSP: 0018:ffffc90003def920 EFLAGS: 00000046
RAX: 00002aaaaaaab483 RBX: ffff88801b46f558 RCX: ffffffff815e957f
RDX: 0000000000000004 RSI: ffffffff93a8a9bb RDI: 00002aaaaaaab483
RBP: ffffffff82161483 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000487
R13: ffffffff90851fb4 R14: ffffffff8e562500 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881249e4000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055e273595600 CR3: 000000001b46a000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000029
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __text_poke+0x460/0xd00 arch/x86/kernel/alternative.c:2293
 text_poke_bp_batch+0x3e6/0x760 arch/x86/kernel/alternative.c:2687
 text_poke_flush arch/x86/kernel/alternative.c:2856 [inline]
 text_poke_flush arch/x86/kernel/alternative.c:2853 [inline]
 text_poke_finish+0x30/0x40 arch/x86/kernel/alternative.c:2863
 arch_jump_label_transform_apply+0x1c/0x30 arch/x86/kernel/jump_label.c:146
 jump_label_update+0x376/0x550 kernel/jump_label.c:919
 static_key_enable_cpuslocked+0x1b7/0x270 kernel/jump_label.c:210
 static_key_enable+0x1a/0x20 kernel/jump_label.c:223
 toggle_allocation_gate mm/kfence/core.c:850 [inline]
 toggle_allocation_gate+0xfa/0x280 mm/kfence/core.c:842
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/26 14:06 upstream f1a3944c860b c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: task hung in nmi_cpu_backtrace
2025/04/06 03:54 upstream f4d2ef48250a 1c65791e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: task hung in nmi_cpu_backtrace
2025/03/02 00:24 upstream 03d38806a902 c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto INFO: task hung in nmi_cpu_backtrace
2025/02/14 12:06 upstream ab68d7eb7b1a d9a046cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: task hung in nmi_cpu_backtrace
2025/01/11 11:32 upstream 77a903cd8e5a 6dbc6a9b .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto INFO: task hung in nmi_cpu_backtrace
* Struck through repros no longer work on HEAD.