INFO: rcu detected stall in corrupted
13 views
Skip to first unread message
syzbot
Aug 22, 2019, 3:57:06 AM8/22/19
to syzkaller...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 45f092f9 Linux 4.14.139
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150b3b22600000
kernel config: https://syzkaller.appspot.com/x/.config?x=56ab4cf14cc8892d
dashboard link: https://syzkaller.appspot.com/bug?extid=d3a6c6c6579d03ba70d7
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14537da6600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d3a6c6...@syzkaller.appspotmail.com
INFO: rcu_preempt self-detected stall on CPU
INFO: rcu_preempt detected stalls on CPUs/tasks:
1-...: (1 ticks this GP) idle=8e2/140000000000001/0 softirq=77354/77354
fqs=0
1-...: (1 ticks this GP) idle=8e2/140000000000001/0 softirq=77354/77354
fqs=0
(t=11988 jiffies g=5731 c=5730 q=310)
rcu_preempt kthread starved for 11988 jiffies! g5731 c5730 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1
rcu_preempt I29824 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
(detected by 0, t=11988 jiffies, g=5731, c=5730, q=310)
Sending NMI from CPU 0 to CPUs 1:
schedule+0x92/0x1c0 kernel/sched/core.c:3427
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.139 #35
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
task: ffff8880a9d1c340 task.stack: ffff8880a9d28000
RIP: 0010:io_serial_in+0x6b/0x90 drivers/tty/serial/8250/8250_port.c:451
RSP: 0018:ffff8880aef07878 EFLAGS: 00000006
RAX: dffffc0000000005 RBX: 00000000000003f9 RCX: 0000000000000000
RDX: 00000000000003f9 RSI: 0000000000000001 RDI: ffffffff89b773b8
RBP: ffff8880aef07888 R08: 00000000000076b7 R09: ffffffff88cba9f8
R10: ffff8880a9d1cc10 R11: ffff8880a9d1c340 R12: ffffffff89b77380
R13: ffffffff89b77598 R14: ffffffff89b773c8 R15: ffff8880aef07950
FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000a0b6f000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
serial_port_in include/linux/serial_core.h:260 [inline]
serial8250_console_write+0x26f/0x930
drivers/tty/serial/8250/8250_port.c:3237
univ8250_console_write+0x5f/0x70 drivers/tty/serial/8250/8250_core.c:597
call_console_drivers kernel/printk/printk.c:1719 [inline]
console_unlock+0x9ba/0xed0 kernel/printk/printk.c:2391
vprintk_emit kernel/printk/printk.c:1917 [inline]
vprintk_emit+0x1f9/0x600 kernel/printk/printk.c:1882
vprintk_default+0x28/0x30 kernel/printk/printk.c:1957
vprintk_func+0x5d/0x159 kernel/printk/printk_safe.c:401
printk+0x9e/0xbc kernel/printk/printk.c:1990
printk_stack_address arch/x86/kernel/dumpstack.c:70 [inline]
show_trace_log_lvl+0x22d/0x26b arch/x86/kernel/dumpstack.c:202
show_stack+0x39/0x3b arch/x86/kernel/dumpstack.c:237
sched_show_task kernel/sched/core.c:5167 [inline]
sched_show_task.cold+0x2f0/0x351 kernel/sched/core.c:5142
rcu_check_gp_kthread_starvation+0x28e/0x2c7 kernel/rcu/tree.c:1374
print_cpu_stall kernel/rcu/tree.c:1540 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x435/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:sched_ttwu_pending+0x8d/0x1b0 kernel/sched/core.c:1764
RSP: 0018:ffff8880a9d2fe40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffffffff0ea63a9 RSI: ffffffff869d2b40 RDI: ffffffff87531d48
RBP: ffff8880a9d2fec0 R08: 0000018c38702773 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aef2c500
R13: ffff8880a9d1c340 R14: 1ffff110153a5fcb R15: ffff8880a9d2fe98
do_idle+0x12e/0x3d0 kernel/sched/idle.c:268
cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:351
start_secondary+0x346/0x4b0 arch/x86/kernel/smpboot.c:272
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240
Code: 24 d1 00 00 00 49 8d 7c 24 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa
48 c1 ea 03 d3 e3 80 3c 02 00 75 17 41 03 5c 24 38 89 da ec <5b> 0f b6 c0
41 5c 5d c3 e8 38 ff 6e fe eb c2 e8 91 ff 6e fe eb
rcu_preempt kthread starved for 11988 jiffies! g5731 c5730 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_preempt I
29824 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
schedule+0x92/0x1c0 kernel/sched/core.c:3427
kthread+0x319/0x430 kernel/kthread.c:232
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.139 #35
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
kthread+0x319/0x430 kernel/kthread.c:232
<IRQ>
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_single_cpu_backtrace include/linux/nmi.h:158 [inline]
rcu_dump_cpu_stacks+0x186/0x1d2 kernel/rcu/tree.c:1396
print_cpu_stall kernel/rcu/tree.c:1542 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x43d/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:sched_ttwu_pending+0x8d/0x1b0 kernel/sched/core.c:1764
RSP: 0018:ffff8880a9d2fe40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffffffff0ea63a9 RSI: ffffffff869d2b40 RDI: ffffffff87531d48
RBP: ffff8880a9d2fec0 R08: 0000018c38702773 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aef2c500
R13: ffff8880a9d1c340 R14: 1ffff110153a5fcb R15: ffff8880a9d2fe98
do_idle+0x12e/0x3d0 kernel/sched/idle.c:268
cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:351
start_secondary+0x346/0x4b0 arch/x86/kernel/smpboot.c:272
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240
INFO: rcu_sched detected stalls on CPUs/tasks:
1-...: (2 ticks this GP) idle=8e2/140000000000001/0 softirq=77342/77354
fqs=0
(detected by 0, t=12065 jiffies, g=4989, c=4988, q=1)
rcu_sched kthread starved for 12066 jiffies! g4989 c4988 f0x2
RCU_GP_WAIT_FQS(3) ->state=0x0 ->cpu=0
rcu_sched R running task 29824 9 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
device bridge_slave_1 left promiscuous mode
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_0 left promiscuous mode
bridge0: port 1(bridge_slave_0) entered disabled state
device hsr_slave_1 left promiscuous mode
device hsr_slave_0 left promiscuous mode
team0 (unregistering): Port device team_slave_1 removed
team0 (unregistering): Port device team_slave_0 removed
bond0 (unregistering): Releasing backup interface bond_slave_1
bond0 (unregistering): Releasing backup interface bond_slave_0
bond0 (unregistering): Released all slaves
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
chnl_net:caif_netlink_parms(): no params data found
IPVS: ftp: loaded support on port[0] = 21
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
chnl_net:caif_netlink_parms(): no params data found
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
chnl_net:caif_netlink_parms(): no params data found
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
chnl_net:caif_netlink_parms(): no params data found
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
bridge0: port 1(bridge_slave_0) entered disabled state
bridge0: port 2(bridge_slave_1) entered disabled state
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
chnl_net:caif_netlink_parms(): no params data found
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
chnl_net:caif_netlink_parms(): no params data found
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully
working HSR network
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully
working HSR network
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: 45f092f9 Linux 4.14.139
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=150b3b22600000
kernel config: https://syzkaller.appspot.com/x/.config?x=56ab4cf14cc8892d
dashboard link: https://syzkaller.appspot.com/bug?extid=d3a6c6c6579d03ba70d7
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14537da6600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d3a6c6...@syzkaller.appspotmail.com
INFO: rcu_preempt self-detected stall on CPU
INFO: rcu_preempt detected stalls on CPUs/tasks:
1-...: (1 ticks this GP) idle=8e2/140000000000001/0 softirq=77354/77354
fqs=0
1-...: (1 ticks this GP) idle=8e2/140000000000001/0 softirq=77354/77354
fqs=0
(t=11988 jiffies g=5731 c=5730 q=310)
rcu_preempt kthread starved for 11988 jiffies! g5731 c5730 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1
rcu_preempt I29824 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
(detected by 0, t=11988 jiffies, g=5731, c=5730, q=310)
Sending NMI from CPU 0 to CPUs 1:
schedule+0x92/0x1c0 kernel/sched/core.c:3427
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.139 #35
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
task: ffff8880a9d1c340 task.stack: ffff8880a9d28000
RIP: 0010:io_serial_in+0x6b/0x90 drivers/tty/serial/8250/8250_port.c:451
RSP: 0018:ffff8880aef07878 EFLAGS: 00000006
RAX: dffffc0000000005 RBX: 00000000000003f9 RCX: 0000000000000000
RDX: 00000000000003f9 RSI: 0000000000000001 RDI: ffffffff89b773b8
RBP: ffff8880aef07888 R08: 00000000000076b7 R09: ffffffff88cba9f8
R10: ffff8880a9d1cc10 R11: ffff8880a9d1c340 R12: ffffffff89b77380
R13: ffffffff89b77598 R14: ffffffff89b773c8 R15: ffff8880aef07950
FS: 0000000000000000(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 00000000a0b6f000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
<IRQ>
serial_port_in include/linux/serial_core.h:260 [inline]
serial8250_console_write+0x26f/0x930
drivers/tty/serial/8250/8250_port.c:3237
univ8250_console_write+0x5f/0x70 drivers/tty/serial/8250/8250_core.c:597
call_console_drivers kernel/printk/printk.c:1719 [inline]
console_unlock+0x9ba/0xed0 kernel/printk/printk.c:2391
vprintk_emit kernel/printk/printk.c:1917 [inline]
vprintk_emit+0x1f9/0x600 kernel/printk/printk.c:1882
vprintk_default+0x28/0x30 kernel/printk/printk.c:1957
vprintk_func+0x5d/0x159 kernel/printk/printk_safe.c:401
printk+0x9e/0xbc kernel/printk/printk.c:1990
printk_stack_address arch/x86/kernel/dumpstack.c:70 [inline]
show_trace_log_lvl+0x22d/0x26b arch/x86/kernel/dumpstack.c:202
show_stack+0x39/0x3b arch/x86/kernel/dumpstack.c:237
sched_show_task kernel/sched/core.c:5167 [inline]
sched_show_task.cold+0x2f0/0x351 kernel/sched/core.c:5142
rcu_check_gp_kthread_starvation+0x28e/0x2c7 kernel/rcu/tree.c:1374
print_cpu_stall kernel/rcu/tree.c:1540 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x435/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:sched_ttwu_pending+0x8d/0x1b0 kernel/sched/core.c:1764
RSP: 0018:ffff8880a9d2fe40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffffffff0ea63a9 RSI: ffffffff869d2b40 RDI: ffffffff87531d48
RBP: ffff8880a9d2fec0 R08: 0000018c38702773 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aef2c500
R13: ffff8880a9d1c340 R14: 1ffff110153a5fcb R15: ffff8880a9d2fe98
do_idle+0x12e/0x3d0 kernel/sched/idle.c:268
cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:351
start_secondary+0x346/0x4b0 arch/x86/kernel/smpboot.c:272
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240
Code: 24 d1 00 00 00 49 8d 7c 24 38 48 b8 00 00 00 00 00 fc ff df 48 89 fa
48 c1 ea 03 d3 e3 80 3c 02 00 75 17 41 03 5c 24 38 89 da ec <5b> 0f b6 c0
41 5c 5d c3 e8 38 ff 6e fe eb c2 e8 91 ff 6e fe eb
rcu_preempt kthread starved for 11988 jiffies! g5731 c5730 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_preempt I
29824 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
schedule+0x92/0x1c0 kernel/sched/core.c:3427
kthread+0x319/0x430 kernel/kthread.c:232
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
NMI backtrace for cpu 1
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.139 #35
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
kthread+0x319/0x430 kernel/kthread.c:232
<IRQ>
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x19c lib/dump_stack.c:53
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_single_cpu_backtrace include/linux/nmi.h:158 [inline]
rcu_dump_cpu_stacks+0x186/0x1d2 kernel/rcu/tree.c:1396
print_cpu_stall kernel/rcu/tree.c:1542 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x43d/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline]
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1062
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:sched_ttwu_pending+0x8d/0x1b0 kernel/sched/core.c:1764
RSP: 0018:ffff8880a9d2fe40 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffffffff0ea63a9 RSI: ffffffff869d2b40 RDI: ffffffff87531d48
RBP: ffff8880a9d2fec0 R08: 0000018c38702773 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880aef2c500
R13: ffff8880a9d1c340 R14: 1ffff110153a5fcb R15: ffff8880a9d2fe98
do_idle+0x12e/0x3d0 kernel/sched/idle.c:268
cpu_startup_entry+0x1b/0x20 kernel/sched/idle.c:351
start_secondary+0x346/0x4b0 arch/x86/kernel/smpboot.c:272
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240
INFO: rcu_sched detected stalls on CPUs/tasks:
1-...: (2 ticks this GP) idle=8e2/140000000000001/0 softirq=77342/77354
fqs=0
(detected by 0, t=12065 jiffies, g=4989, c=4988, q=1)
rcu_sched kthread starved for 12066 jiffies! g4989 c4988 f0x2
RCU_GP_WAIT_FQS(3) ->state=0x0 ->cpu=0
rcu_sched R running task 29824 9 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
device bridge_slave_1 left promiscuous mode
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_0 left promiscuous mode
bridge0: port 1(bridge_slave_0) entered disabled state
device hsr_slave_1 left promiscuous mode
device hsr_slave_0 left promiscuous mode
team0 (unregistering): Port device team_slave_1 removed
team0 (unregistering): Port device team_slave_0 removed
bond0 (unregistering): Releasing backup interface bond_slave_1
bond0 (unregistering): Releasing backup interface bond_slave_0
bond0 (unregistering): Released all slaves
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
chnl_net:caif_netlink_parms(): no params data found
IPVS: ftp: loaded support on port[0] = 21
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
chnl_net:caif_netlink_parms(): no params data found
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
chnl_net:caif_netlink_parms(): no params data found
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
chnl_net:caif_netlink_parms(): no params data found
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
bridge0: port 1(bridge_slave_0) entered disabled state
bridge0: port 2(bridge_slave_1) entered disabled state
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
chnl_net:caif_netlink_parms(): no params data found
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
chnl_net:caif_netlink_parms(): no params data found
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
bond0: Enslaving bond_slave_0 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully
working HSR network
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully
working HSR network
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
8021q: adding VLAN 0 to HW filter on device bond0
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready
8021q: adding VLAN 0 to HW filter on device team0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered forwarding state
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered forwarding state
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
8021q: adding VLAN 0 to HW filter on device batadv0
IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Sep 8, 2019, 5:41:07 AM9/8/19
to syzkaller...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: 414510bc Linux 4.14.142
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1013fc5e600000
kernel config: https://syzkaller.appspot.com/x/.config?x=9aa0b2ccd827f416
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=143f3ab9600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d3a6c6...@syzkaller.appspotmail.com
INFO: rcu_preempt self-detected stall on CPU
1-...: (10499 ticks this GP) idle=8ba/140000000000001/0
softirq=11140/11142 fqs=0
0-...: (10499 ticks this GP) idle=99e/140000000000001/0 softirq=9763/9763
fqs=0
(t=10500 jiffies g=751 c=750 q=10)
(t=10500 jiffies g=1114 c=1113 q=229)
rcu_sched kthread starved for 10500 jiffies! g751 c750 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
rcu_preempt kthread starved for 10500 jiffies! g1114 c1113 f0x0
29824 8 2 0x80000000
NMI backtrace for cpu 0
CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.142 #0
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1100
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:__list_add_valid+0x10/0xa0 lib/list_debug.c:22
RSP: 0018:ffff8880a9ceebf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: dffffc0000000000 RBX: ffff88809fe07878 RCX: 0000000000000000
RDX: ffff88809fe07910 RSI: ffff88809fe07910 RDI: ffff88809fe07878
RBP: ffff8880a9ceec00 R08: 0000000000000000 R09: ffff8880a9ce2b50
R10: ffff8880a9ce2b30 R11: ffff8880a9ce21c0 R12: dffffc0000000000
R13: ffff88809fe07680 R14: ffff88809fe07910 R15: ffff88809fe07900
__list_add include/linux/list.h:60 [inline]
list_add_tail include/linux/list.h:93 [inline]
list_move_tail include/linux/list.h:183 [inline]
hhf_dequeue+0x61b/0xa60 net/sched/sch_hhf.c:438
dequeue_skb net/sched/sch_generic.c:148 [inline]
qdisc_restart net/sched/sch_generic.c:241 [inline]
__qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
__dev_xmit_skb net/core/dev.c:3235 [inline]
__dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
br_nf_dev_queue_xmit+0x307/0x1440 net/bridge/br_netfilter_hooks.c:776
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_post_routing+0xb80/0xf00 net/bridge/br_netfilter_hooks.c:822
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_forward_finish+0x1b7/0x320 net/bridge/br_forward.c:67
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_forward_finish+0x264/0x640 net/bridge/br_netfilter_hooks.c:550
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_forward_ip net/bridge/br_netfilter_hooks.c:617 [inline]
br_nf_forward_ip+0x5fc/0x11d0 net/bridge/br_netfilter_hooks.c:561
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
__br_forward+0x312/0x9c0 net/bridge/br_forward.c:111
deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
br_flood+0x43c/0x530 net/bridge/br_forward.c:222
br_handle_frame_finish+0xaf0/0x1830 net/bridge/br_input.c:210
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_pre_routing_finish_ipv6+0x621/0xc50
net/bridge/br_netfilter_ipv6.c:210
NF_HOOK include/linux/netfilter.h:250 [inline]
br_nf_pre_routing_ipv6+0x417/0x790 net/bridge/br_netfilter_ipv6.c:240
br_nf_pre_routing+0xdce/0x12c7 net/bridge/br_netfilter_hooks.c:491
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_handle_frame+0x80c/0x1110 net/bridge/br_input.c:348
__netif_receive_skb_core+0x789/0x2ca0 net/core/dev.c:4431
__netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4515
process_backlog+0x21f/0x730 net/core/dev.c:5197
napi_poll net/core/dev.c:5598 [inline]
net_rx_action+0x490/0xf80 net/core/dev.c:5664
__do_softirq+0x244/0x9a0 kernel/softirq.c:288
run_ksoftirqd kernel/softirq.c:670 [inline]
run_ksoftirqd+0x8c/0x1b0 kernel/softirq.c:662
smpboot_thread_fn+0x5f4/0x960 kernel/smpboot.c:164
fqs=0
(detected by 1, t=10521 jiffies, g=1114, c=1113, q=229)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.142 #0
RIP: 0010:hhf_dequeue+0x54f/0xa60 net/sched/sch_hhf.c:437
RSP: 0018:ffff8880a9ceec10 EFLAGS: 00000a07
RAX: 0000000000000000 RBX: ffff88809fe07878 RCX: 0000000000000000
RDX: 1ffff11013fc0f12 RSI: ffff88809fe07910 RDI: ffff88809fe07894
RBP: ffff8880a9ceec60 R08: 0000000000000000 R09: ffff8880a9ce2b50
R10: ffff8880a9ce2b30 R11: ffff8880a9ce21c0 R12: dffffc0000000000
R13: ffff88809fe07680 R14: 0000000000000002 R15: ffff88809fe07900
FS: 0000000000000000(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
qdisc_restart net/sched/sch_generic.c:241 [inline]
__qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
__dev_xmit_skb net/core/dev.c:3235 [inline]
__dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
br_nf_dev_queue_xmit+0x307/0x1440 net/bridge/br_netfilter_hooks.c:776
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_post_routing+0xb80/0xf00 net/bridge/br_netfilter_hooks.c:822
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_forward_finish+0x1b7/0x320 net/bridge/br_forward.c:67
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_forward_finish+0x264/0x640 net/bridge/br_netfilter_hooks.c:550
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_forward_ip net/bridge/br_netfilter_hooks.c:617 [inline]
br_nf_forward_ip+0x5fc/0x11d0 net/bridge/br_netfilter_hooks.c:561
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
__br_forward+0x312/0x9c0 net/bridge/br_forward.c:111
deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
br_flood+0x43c/0x530 net/bridge/br_forward.c:222
br_handle_frame_finish+0xaf0/0x1830 net/bridge/br_input.c:210
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_pre_routing_finish_ipv6+0x621/0xc50
net/bridge/br_netfilter_ipv6.c:210
NF_HOOK include/linux/netfilter.h:250 [inline]
br_nf_pre_routing_ipv6+0x417/0x790 net/bridge/br_netfilter_ipv6.c:240
br_nf_pre_routing+0xdce/0x12c7 net/bridge/br_netfilter_hooks.c:491
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_handle_frame+0x80c/0x1110 net/bridge/br_input.c:348
__netif_receive_skb_core+0x789/0x2ca0 net/core/dev.c:4431
__netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4515
process_backlog+0x21f/0x730 net/core/dev.c:5197
napi_poll net/core/dev.c:5598 [inline]
net_rx_action+0x490/0xf80 net/core/dev.c:5664
__do_softirq+0x244/0x9a0 kernel/softirq.c:288
run_ksoftirqd kernel/softirq.c:670 [inline]
run_ksoftirqd+0x8c/0x1b0 kernel/softirq.c:662
smpboot_thread_fn+0x5f4/0x960 kernel/smpboot.c:164
51 6d fc 49 8d bd 14 02 00 00 8b 45 b8 48 89 fa 48 c1 ea 03 <42> 0f b6 0c
22 48 89 fa 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f
rcu_preempt kthread starved for 10521 jiffies! g1114 c1113 f0x0
HEAD commit: 414510bc Linux 4.14.142
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1013fc5e600000
kernel config: https://syzkaller.appspot.com/x/.config?x=9aa0b2ccd827f416
dashboard link: https://syzkaller.appspot.com/bug?extid=d3a6c6c6579d03ba70d7
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15771e6e600000
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=143f3ab9600000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+d3a6c6...@syzkaller.appspotmail.com
IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready
8021q: adding VLAN 0 to HW filter on device batadv0
INFO: rcu_sched self-detected stall on CPU
INFO: rcu_preempt self-detected stall on CPU
1-...: (10499 ticks this GP) idle=8ba/140000000000001/0
softirq=11140/11142 fqs=0
0-...: (10499 ticks this GP) idle=99e/140000000000001/0 softirq=9763/9763
fqs=0
(t=10500 jiffies g=751 c=750 q=10)
(t=10500 jiffies g=1114 c=1113 q=229)
rcu_sched kthread starved for 10500 jiffies! g751 c750 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=0
rcu_preempt kthread starved for 10500 jiffies! g1114 c1113 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x402 ->cpu=1
rcu_preempt I
rcu_sched I
rcu_preempt I
29824 8 2 0x80000000
29824 9 2 0x80000000
Call Trace:
Call Trace:
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
kthread+0x319/0x430 kernel/kthread.c:232
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
schedule+0x92/0x1c0 kernel/sched/core.c:3427
schedule_timeout+0x43e/0xe10 kernel/time/timer.c:1744
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
rcu_gp_kthread+0xbf4/0x1ec0 kernel/rcu/tree.c:2255
kthread+0x319/0x430 kernel/kthread.c:232
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
NMI backtrace for cpu 0
CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.142 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
Google 01/01/2011
Call Trace:
<IRQ>
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x138/0x197 lib/dump_stack.c:53
__dump_stack lib/dump_stack.c:17 [inline]
nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_single_cpu_backtrace include/linux/nmi.h:158 [inline]
rcu_dump_cpu_stacks+0x186/0x1d2 kernel/rcu/tree.c:1396
print_cpu_stall kernel/rcu/tree.c:1542 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x43d/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_single_cpu_backtrace include/linux/nmi.h:158 [inline]
rcu_dump_cpu_stacks+0x186/0x1d2 kernel/rcu/tree.c:1396
print_cpu_stall kernel/rcu/tree.c:1542 [inline]
check_cpu_stall kernel/rcu/tree.c:1610 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0x43d/0xd0a kernel/rcu/tree.c:2792
update_process_times+0x31/0x70 kernel/time/timer.c:1588
tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
__run_hrtimer kernel/time/hrtimer.c:1220 [inline]
__hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1100
apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
</IRQ>
RIP: 0010:__list_add_valid+0x10/0xa0 lib/list_debug.c:22
RSP: 0018:ffff8880a9ceebf8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff10
RAX: dffffc0000000000 RBX: ffff88809fe07878 RCX: 0000000000000000
RDX: ffff88809fe07910 RSI: ffff88809fe07910 RDI: ffff88809fe07878
RBP: ffff8880a9ceec00 R08: 0000000000000000 R09: ffff8880a9ce2b50
R10: ffff8880a9ce2b30 R11: ffff8880a9ce21c0 R12: dffffc0000000000
R13: ffff88809fe07680 R14: ffff88809fe07910 R15: ffff88809fe07900
__list_add include/linux/list.h:60 [inline]
list_add_tail include/linux/list.h:93 [inline]
list_move_tail include/linux/list.h:183 [inline]
hhf_dequeue+0x61b/0xa60 net/sched/sch_hhf.c:438
dequeue_skb net/sched/sch_generic.c:148 [inline]
qdisc_restart net/sched/sch_generic.c:241 [inline]
__qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
__dev_xmit_skb net/core/dev.c:3235 [inline]
__dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
br_nf_dev_queue_xmit+0x307/0x1440 net/bridge/br_netfilter_hooks.c:776
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_post_routing+0xb80/0xf00 net/bridge/br_netfilter_hooks.c:822
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_forward_finish+0x1b7/0x320 net/bridge/br_forward.c:67
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_forward_finish+0x264/0x640 net/bridge/br_netfilter_hooks.c:550
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_forward_ip net/bridge/br_netfilter_hooks.c:617 [inline]
br_nf_forward_ip+0x5fc/0x11d0 net/bridge/br_netfilter_hooks.c:561
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
__br_forward+0x312/0x9c0 net/bridge/br_forward.c:111
deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
br_flood+0x43c/0x530 net/bridge/br_forward.c:222
br_handle_frame_finish+0xaf0/0x1830 net/bridge/br_input.c:210
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_pre_routing_finish_ipv6+0x621/0xc50
net/bridge/br_netfilter_ipv6.c:210
NF_HOOK include/linux/netfilter.h:250 [inline]
br_nf_pre_routing_ipv6+0x417/0x790 net/bridge/br_netfilter_ipv6.c:240
br_nf_pre_routing+0xdce/0x12c7 net/bridge/br_netfilter_hooks.c:491
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_handle_frame+0x80c/0x1110 net/bridge/br_input.c:348
__netif_receive_skb_core+0x789/0x2ca0 net/core/dev.c:4431
__netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4515
process_backlog+0x21f/0x730 net/core/dev.c:5197
napi_poll net/core/dev.c:5598 [inline]
net_rx_action+0x490/0xf80 net/core/dev.c:5664
__do_softirq+0x244/0x9a0 kernel/softirq.c:288
run_ksoftirqd kernel/softirq.c:670 [inline]
run_ksoftirqd+0x8c/0x1b0 kernel/softirq.c:662
smpboot_thread_fn+0x5f4/0x960 kernel/smpboot.c:164
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
INFO: rcu_preempt detected stalls on CPUs/tasks:
0-...: (10500 ticks this GP) idle=99e/140000000000000/0 softirq=9763/9763
fqs=0
(detected by 1, t=10521 jiffies, g=1114, c=1113, q=229)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 7 Comm: ksoftirqd/0 Not tainted 4.14.142 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
task: ffff8880a9ce21c0 task.stack: ffff8880a9ce8000
Google 01/01/2011
RIP: 0010:hhf_dequeue+0x54f/0xa60 net/sched/sch_hhf.c:437
RSP: 0018:ffff8880a9ceec10 EFLAGS: 00000a07
RAX: 0000000000000000 RBX: ffff88809fe07878 RCX: 0000000000000000
RDX: 1ffff11013fc0f12 RSI: ffff88809fe07910 RDI: ffff88809fe07894
RBP: ffff8880a9ceec60 R08: 0000000000000000 R09: ffff8880a9ce2b50
R10: ffff8880a9ce2b30 R11: ffff8880a9ce21c0 R12: dffffc0000000000
R13: ffff88809fe07680 R14: 0000000000000002 R15: ffff88809fe07900
FS: 0000000000000000(0000) GS:ffff8880aee00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000006dab10 CR3: 000000000766a000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
dequeue_skb net/sched/sch_generic.c:148 [inline]
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
qdisc_restart net/sched/sch_generic.c:241 [inline]
__qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
__dev_xmit_skb net/core/dev.c:3235 [inline]
__dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
br_nf_dev_queue_xmit+0x307/0x1440 net/bridge/br_netfilter_hooks.c:776
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_post_routing+0xb80/0xf00 net/bridge/br_netfilter_hooks.c:822
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_forward_finish+0x1b7/0x320 net/bridge/br_forward.c:67
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_forward_finish+0x264/0x640 net/bridge/br_netfilter_hooks.c:550
NF_HOOK include/linux/netfilter.h:250 [inline]
NF_HOOK include/linux/netfilter.h:244 [inline]
br_nf_forward_ip net/bridge/br_netfilter_hooks.c:617 [inline]
br_nf_forward_ip+0x5fc/0x11d0 net/bridge/br_netfilter_hooks.c:561
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
__br_forward+0x312/0x9c0 net/bridge/br_forward.c:111
deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
br_flood+0x43c/0x530 net/bridge/br_forward.c:222
br_handle_frame_finish+0xaf0/0x1830 net/bridge/br_input.c:210
br_nf_hook_thresh+0x25b/0x2e0 net/bridge/br_netfilter_hooks.c:1005
br_nf_pre_routing_finish_ipv6+0x621/0xc50
net/bridge/br_netfilter_ipv6.c:210
NF_HOOK include/linux/netfilter.h:250 [inline]
br_nf_pre_routing_ipv6+0x417/0x790 net/bridge/br_netfilter_ipv6.c:240
br_nf_pre_routing+0xdce/0x12c7 net/bridge/br_netfilter_hooks.c:491
nf_hook_entry_hookfn include/linux/netfilter.h:108 [inline]
nf_hook_slow+0xaf/0x1b0 net/netfilter/core.c:467
nf_hook include/linux/netfilter.h:205 [inline]
NF_HOOK include/linux/netfilter.h:248 [inline]
br_handle_frame+0x80c/0x1110 net/bridge/br_input.c:348
__netif_receive_skb_core+0x789/0x2ca0 net/core/dev.c:4431
__netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4515
process_backlog+0x21f/0x730 net/core/dev.c:5197
napi_poll net/core/dev.c:5598 [inline]
net_rx_action+0x490/0xf80 net/core/dev.c:5664
__do_softirq+0x244/0x9a0 kernel/softirq.c:288
run_ksoftirqd kernel/softirq.c:670 [inline]
run_ksoftirqd+0x8c/0x1b0 kernel/softirq.c:662
smpboot_thread_fn+0x5f4/0x960 kernel/smpboot.c:164
kthread+0x319/0x430 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Code: ca 7c 08 84 c9 0f 85 d1 03 00 00 45 8b b5 ac 02 00 00 89 45 b8 e8 02
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
51 6d fc 49 8d bd 14 02 00 00 8b 45 b8 48 89 fa 48 c1 ea 03 <42> 0f b6 0c
22 48 89 fa 83 e2 07 83 c2 03 38 ca 7c 08 84 c9 0f
rcu_preempt kthread starved for 10521 jiffies! g1114 c1113 f0x0
RCU_GP_WAIT_FQS(3) ->state=0x0 ->cpu=0
rcu_preempt R running task 29824 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
context_switch kernel/sched/core.c:2807 [inline]
__schedule+0x7b8/0x1cd0 kernel/sched/core.c:3383
syzbot
Dec 5, 2019, 6:56:01 PM12/5/19
to syzkaller...@googlegroups.com
syzbot suspects this bug was fixed by commit:
commit cc243e2427cef2a5dd7367cb0e0b846503350ffe
Author: Cong Wang <xiyou.w...@gmail.com>
Date: Sun Sep 8 20:40:51 2019 +0000
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=123f0f36e00000
start commit: 414510bc Linux 4.14.142
git tree: linux-4.14.y
#syz fix: sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
commit cc243e2427cef2a5dd7367cb0e0b846503350ffe
Author: Cong Wang <xiyou.w...@gmail.com>
Date: Sun Sep 8 20:40:51 2019 +0000
sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=123f0f36e00000
start commit: 414510bc Linux 4.14.142
git tree: linux-4.14.y
kernel config: https://syzkaller.appspot.com/x/.config?x=9aa0b2ccd827f416
dashboard link: https://syzkaller.appspot.com/bug?extid=d3a6c6c6579d03ba70d7
dashboard link: https://syzkaller.appspot.com/bug?extid=d3a6c6c6579d03ba70d7
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=15771e6e600000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=143f3ab9600000
If the result looks correct, please mark the bug fixed by replying with:
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=143f3ab9600000
#syz fix: sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
For information about bisection process see: https://goo.gl/tpsmEJ#bisection
Reply all
Reply to author
Forward
0 new messages