INFO: rcu detected stall in tasklet_hi_action
5 views
Skip to first unread message
syzbot
Aug 3, 2020, 5:18:23 PM8/3/20
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7f2c5eb4 Linux 4.14.191
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15d3290c900000
kernel config: https://syzkaller.appspot.com/x/.config?x=881f1aee9620bf9f
dashboard link: https://syzkaller.appspot.com/bug?extid=e586cfcb5e6fb66481e9
compiler: gcc (GCC) 10.1.0-syz 20200507
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e586cf...@syzkaller.appspotmail.com
XFS (loop1): Invalid superblock magic number
INFO: rcu_preempt detected stalls on CPUs/tasks:
(detected by 1, t=10502 jiffies, g=5724, c=5723, q=189)
All QSes seen, last rcu_preempt kthread activity 10496 (4294969127-4294958631), jiffies_till_next_fqs=1, root ->qsmask 0x0
syz-executor.1 R running task 27992 15782 6388 0x00000008
Call Trace:
<IRQ>
sched_show_task.cold+0x333/0x39a kernel/sched/core.c:5169
print_other_cpu_stall kernel/rcu/tree.c:1501 [inline]
check_cpu_stall kernel/rcu/tree.c:1616 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0xd29/0xd99 kernel/rcu/tree.c:2792
update_process_times+0x29/0x60 kernel/time/timer.c:1590
tick_sched_handle+0x7d/0x150 kernel/time/tick-sched.c:165
tick_sched_timer+0x92/0x200 kernel/time/tick-sched.c:1223
__run_hrtimer kernel/time/hrtimer.c:1223 [inline]
__hrtimer_run_queues+0x30b/0xc80 kernel/time/hrtimer.c:1287
hrtimer_interrupt+0x1e6/0x5e0 kernel/time/hrtimer.c:1321
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
smp_apic_timer_interrupt+0x117/0x5e0 arch/x86/kernel/apic/apic.c:1100
apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
RIP: 0010:__save_stack_trace+0xa3/0x160 arch/x86/kernel/stacktrace.c:45
RSP: 0018:ffff8880aeb07a10 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
RAX: ffffffff850df69c RBX: ffffffff81850a93 RCX: 0000000000000000
RDX: 1ffff11015d60f4d RSI: ffff8880aeb07910 RDI: ffffffff850df69c
RBP: ffff8880aeb07a90 R08: 0000000000000001 R09: 0000000000000001
R10: ffff8880aeb07d40 R11: 0000000000000001 R12: ffff8880aeb07aa8
R13: 0000000000000000 R14: ffff8880a99bda80 R15: 00000000000000e8
save_stack mm/kasan/kasan.c:447 [inline]
set_track mm/kasan/kasan.c:459 [inline]
kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:551
slab_post_alloc_hook mm/slab.h:442 [inline]
slab_alloc_node mm/slab.c:3333 [inline]
kmem_cache_alloc_node+0x133/0x410 mm/slab.c:3640
__alloc_skb+0x5c/0x510 net/core/skbuff.c:193
alloc_skb include/linux/skbuff.h:980 [inline]
nlmsg_new include/net/netlink.h:511 [inline]
xfrm_exp_state_notify net/xfrm/xfrm_user.c:2664 [inline]
xfrm_send_state_notify+0xad1/0x1650 net/xfrm/xfrm_user.c:2820
km_state_notify+0xa9/0x1a0 net/xfrm/xfrm_state.c:1920
km_state_expired net/xfrm/xfrm_state.c:1934 [inline]
xfrm_timer_handler+0x6a1/0x9f0 net/xfrm/xfrm_state.c:553
__tasklet_hrtimer_trampoline+0x29/0xa0 kernel/softirq.c:618
tasklet_hi_action+0x195/0x330 kernel/softirq.c:549
__do_softirq+0x254/0xa1d kernel/softirq.c:288
invoke_softirq kernel/softirq.c:368 [inline]
irq_exit+0x193/0x240 kernel/softirq.c:409
exiting_irq arch/x86/include/asm/apic.h:648 [inline]
smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1102
apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
</IRQ>
RIP: 0010:preempt_schedule_irq+0xa6/0x140 kernel/sched/core.c:3611
RSP: 0018:ffff88803fdbfcb0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
RAX: 1ffffffff0fa2d23 RBX: dffffc0000000000 RCX: 1ffff1100b4e2945
RDX: 0000000000000000 RSI: ffff88805a714a08 RDI: ffff88805a714a04
RBP: ffffed100b4e2830 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff88805a714180
R13: ffffffff87d16918 R14: 0000000000000000 R15: 0000000000000000
retint_kernel+0x1b/0x2d
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline]
RIP: 0010:lock_acquire+0x1ec/0x3f0 kernel/locking/lockdep.c:4001
RSP: 0018:ffff88803fdbfd80 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
RAX: 1ffffffff0fa2d21 RBX: ffff88805a714180 RCX: 0000000000001a48
RDX: dffffc0000000000 RSI: 0000000000000001 RDI: 0000000000000282
RBP: ffff888059b1ba10 R08: ffffffff8a085bc0 R09: 00000000000503e5
R10: ffff88805a714a08 R11: ffff88805a714180 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
__might_fault mm/memory.c:4584 [inline]
__might_fault+0x137/0x1b0 mm/memory.c:4569
_copy_to_user+0x27/0xd0 lib/usercopy.c:25
copy_to_user include/linux/uaccess.h:155 [inline]
put_timespec64+0x9e/0xf0 kernel/time/time.c:920
SYSC_clock_gettime kernel/time/posix-timers.c:1075 [inline]
SyS_clock_gettime+0x128/0x180 kernel/time/posix-timers.c:1063
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x45faba
RSP: 002b:00007fc68cdb9c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
RAX: ffffffffffffffda RBX: 00000000004c34bd RCX: 000000000045faba
RDX: 0000000000000000 RSI: 00007fc68cdb9c60 RDI: 0000000000000001
RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
R13: 00007ffdabba42bf R14: 00007fc68cdba9c0 R15: 000000000078bf0c
rcu_preempt kthread starved for 10496 jiffies! g5724 c5723 f0x2 RCU_GP_WAIT_FQS(3) ->state=0x0 ->cpu=0
rcu_preempt R running task 30008 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_timeout+0x4af/0xe90 kernel/time/timer.c:1746
rcu_gp_kthread+0xc0a/0x1e60 kernel/rcu/tree.c:2255
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 7f2c5eb4 Linux 4.14.191
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=15d3290c900000
kernel config: https://syzkaller.appspot.com/x/.config?x=881f1aee9620bf9f
dashboard link: https://syzkaller.appspot.com/bug?extid=e586cfcb5e6fb66481e9
compiler: gcc (GCC) 10.1.0-syz 20200507
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e586cf...@syzkaller.appspotmail.com
XFS (loop1): Invalid superblock magic number
INFO: rcu_preempt detected stalls on CPUs/tasks:
(detected by 1, t=10502 jiffies, g=5724, c=5723, q=189)
All QSes seen, last rcu_preempt kthread activity 10496 (4294969127-4294958631), jiffies_till_next_fqs=1, root ->qsmask 0x0
syz-executor.1 R running task 27992 15782 6388 0x00000008
Call Trace:
<IRQ>
sched_show_task.cold+0x333/0x39a kernel/sched/core.c:5169
print_other_cpu_stall kernel/rcu/tree.c:1501 [inline]
check_cpu_stall kernel/rcu/tree.c:1616 [inline]
__rcu_pending kernel/rcu/tree.c:3390 [inline]
rcu_pending kernel/rcu/tree.c:3452 [inline]
rcu_check_callbacks.cold+0xd29/0xd99 kernel/rcu/tree.c:2792
update_process_times+0x29/0x60 kernel/time/timer.c:1590
tick_sched_handle+0x7d/0x150 kernel/time/tick-sched.c:165
tick_sched_timer+0x92/0x200 kernel/time/tick-sched.c:1223
__run_hrtimer kernel/time/hrtimer.c:1223 [inline]
__hrtimer_run_queues+0x30b/0xc80 kernel/time/hrtimer.c:1287
hrtimer_interrupt+0x1e6/0x5e0 kernel/time/hrtimer.c:1321
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
smp_apic_timer_interrupt+0x117/0x5e0 arch/x86/kernel/apic/apic.c:1100
apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
RIP: 0010:__save_stack_trace+0xa3/0x160 arch/x86/kernel/stacktrace.c:45
RSP: 0018:ffff8880aeb07a10 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10
RAX: ffffffff850df69c RBX: ffffffff81850a93 RCX: 0000000000000000
RDX: 1ffff11015d60f4d RSI: ffff8880aeb07910 RDI: ffffffff850df69c
RBP: ffff8880aeb07a90 R08: 0000000000000001 R09: 0000000000000001
R10: ffff8880aeb07d40 R11: 0000000000000001 R12: ffff8880aeb07aa8
R13: 0000000000000000 R14: ffff8880a99bda80 R15: 00000000000000e8
save_stack mm/kasan/kasan.c:447 [inline]
set_track mm/kasan/kasan.c:459 [inline]
kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:551
slab_post_alloc_hook mm/slab.h:442 [inline]
slab_alloc_node mm/slab.c:3333 [inline]
kmem_cache_alloc_node+0x133/0x410 mm/slab.c:3640
__alloc_skb+0x5c/0x510 net/core/skbuff.c:193
alloc_skb include/linux/skbuff.h:980 [inline]
nlmsg_new include/net/netlink.h:511 [inline]
xfrm_exp_state_notify net/xfrm/xfrm_user.c:2664 [inline]
xfrm_send_state_notify+0xad1/0x1650 net/xfrm/xfrm_user.c:2820
km_state_notify+0xa9/0x1a0 net/xfrm/xfrm_state.c:1920
km_state_expired net/xfrm/xfrm_state.c:1934 [inline]
xfrm_timer_handler+0x6a1/0x9f0 net/xfrm/xfrm_state.c:553
__tasklet_hrtimer_trampoline+0x29/0xa0 kernel/softirq.c:618
tasklet_hi_action+0x195/0x330 kernel/softirq.c:549
__do_softirq+0x254/0xa1d kernel/softirq.c:288
invoke_softirq kernel/softirq.c:368 [inline]
irq_exit+0x193/0x240 kernel/softirq.c:409
exiting_irq arch/x86/include/asm/apic.h:648 [inline]
smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1102
apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793
</IRQ>
RIP: 0010:preempt_schedule_irq+0xa6/0x140 kernel/sched/core.c:3611
RSP: 0018:ffff88803fdbfcb0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
RAX: 1ffffffff0fa2d23 RBX: dffffc0000000000 RCX: 1ffff1100b4e2945
RDX: 0000000000000000 RSI: ffff88805a714a08 RDI: ffff88805a714a04
RBP: ffffed100b4e2830 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff88805a714180
R13: ffffffff87d16918 R14: 0000000000000000 R15: 0000000000000000
retint_kernel+0x1b/0x2d
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline]
RIP: 0010:lock_acquire+0x1ec/0x3f0 kernel/locking/lockdep.c:4001
RSP: 0018:ffff88803fdbfd80 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff10
RAX: 1ffffffff0fa2d21 RBX: ffff88805a714180 RCX: 0000000000001a48
RDX: dffffc0000000000 RSI: 0000000000000001 RDI: 0000000000000282
RBP: ffff888059b1ba10 R08: ffffffff8a085bc0 R09: 00000000000503e5
R10: ffff88805a714a08 R11: ffff88805a714180 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
__might_fault mm/memory.c:4584 [inline]
__might_fault+0x137/0x1b0 mm/memory.c:4569
_copy_to_user+0x27/0xd0 lib/usercopy.c:25
copy_to_user include/linux/uaccess.h:155 [inline]
put_timespec64+0x9e/0xf0 kernel/time/time.c:920
SYSC_clock_gettime kernel/time/posix-timers.c:1075 [inline]
SyS_clock_gettime+0x128/0x180 kernel/time/posix-timers.c:1063
do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292
entry_SYSCALL_64_after_hwframe+0x46/0xbb
RIP: 0033:0x45faba
RSP: 002b:00007fc68cdb9c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
RAX: ffffffffffffffda RBX: 00000000004c34bd RCX: 000000000045faba
RDX: 0000000000000000 RSI: 00007fc68cdb9c60 RDI: 0000000000000001
RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000078bf0c
R13: 00007ffdabba42bf R14: 00007fc68cdba9c0 R15: 000000000078bf0c
rcu_preempt kthread starved for 10496 jiffies! g5724 c5723 f0x2 RCU_GP_WAIT_FQS(3) ->state=0x0 ->cpu=0
rcu_preempt R running task 30008 8 2 0x80000000
Call Trace:
context_switch kernel/sched/core.c:2808 [inline]
__schedule+0x88b/0x1de0 kernel/sched/core.c:3384
schedule+0x8d/0x1b0 kernel/sched/core.c:3428
schedule_timeout+0x4af/0xe90 kernel/time/timer.c:1746
rcu_gp_kthread+0xc0a/0x1e60 kernel/rcu/tree.c:2255
kthread+0x30d/0x420 kernel/kthread.c:232
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Feb 12, 2021, 3:20:16 PM2/12/21
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages