syzbot

 sign-in | mailing list | source | docs
🐞 Open [904]
🐞 Fixed [143]
🐞 Invalid [1079]
Missing Backports [73]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

INFO: rcu detected stall in sys_unlinkat

Status: upstream: reported syz repro on 2026/04/27 03:08
Reported-by: syzbot+0f1b146d0ffd354871a8@syzkaller.appspotmail.com
First crash: 18h24m, last: 18h24m
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in sys_unlinkat net ext4 1 4 1109d 1311d 0/29 auto-obsoleted due to no activity on 2023/07/13 16:11
upstream INFO: rcu detected stall in sys_unlinkat (3) tomoyo mm 1 31 300d 325d 0/29 auto-obsoleted due to no activity on 2025/10/09 16:45
upstream INFO: rcu detected stall in sys_unlinkat (2) tomoyo 1 1 974d 974d 0/29 auto-obsoleted due to no activity on 2023/11/25 04:08
linux-5.15 INFO: rcu detected stall in sys_unlinkat 1 1 680d 680d 0/3 auto-obsoleted due to no activity on 2024/09/24 13:32
linux-6.6 INFO: rcu detected stall in sys_unlinkat 1 2 109d 191d 0/2 auto-obsoleted due to no activity on 2026/04/18 09:38
upstream INFO: rcu detected stall in sys_unlinkat (4) tomoyo fs 1 2 115d 130d 0/29 auto-obsoleted due to no activity on 2026/04/02 11:46

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P3935/1:b..l
	(detected by 1, t=10502 jiffies, g=3457, q=405 ncpus=2)
task:udevd           state:R  running task     stack:0     pid:3935  ppid:1      flags:0x00000004
Call trace:
 __switch_to+0x2f4/0x550 arch/arm64/kernel/process.c:555
 context_switch kernel/sched/core.c:5245 [inline]
 __schedule+0xdd0/0x1b0c kernel/sched/core.c:6562
 preempt_schedule_irq+0x8c/0x1ac kernel/sched/core.c:6874
 arm64_preempt_schedule_irq+0x44/0x54 arch/arm64/kernel/entry-common.c:265
 __el1_irq arch/arm64/kernel/entry-common.c:474 [inline]
 el1_interrupt+0x3c/0x54 arch/arm64/kernel/entry-common.c:486
 el1h_64_irq_handler+0x18/0x24 arch/arm64/kernel/entry-common.c:491
 el1h_64_irq+0x64/0x68 arch/arm64/kernel/entry.S:581
 arch_local_irq_restore arch/arm64/include/asm/irqflags.h:122 [inline]
 lock_acquire+0x24c/0x63c kernel/locking/lockdep.c:5665
 rcu_lock_acquire+0x44/0x54 include/linux/rcupdate.h:350
 rcu_read_lock include/linux/rcupdate.h:791 [inline]
 page_ext_get+0x2c/0x2c4 mm/page_ext.c:157
 __page_table_check_zero+0xf4/0x2b0 mm/page_table_check.c:146
 page_table_check_free include/linux/page_table_check.h:46 [inline]
 free_pages_prepare mm/page_alloc.c:1487 [inline]
 free_pcp_prepare mm/page_alloc.c:1536 [inline]
 free_unref_page_prepare+0x9e4/0xaf0 mm/page_alloc.c:3413
 free_unref_page+0x7c/0x3a0 mm/page_alloc.c:3508
 free_the_page mm/page_alloc.c:781 [inline]
 __free_pages+0x1a0/0x1cc mm/page_alloc.c:5746
 __free_slab+0x104/0x294 mm/slub.c:2021
 free_slab mm/slub.c:2036 [inline]
 discard_slab+0x58/0xd4 mm/slub.c:2042
 __unfreeze_partials+0x150/0x190 mm/slub.c:2591
 put_cpu_partial+0x18c/0x1f8 mm/slub.c:2667
 __slab_free+0x1a4/0x268 mm/slub.c:3564
 do_slab_free mm/slub.c:3641 [inline]
 ___cache_free+0x168/0x198 mm/slub.c:3694
 qlink_free+0x5c/0xa0 mm/kasan/quarantine.c:168
 qlist_free_all+0x3c/0xcc mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x124/0x130 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0x2c/0x88 mm/kasan/common.c:306
 kasan_slab_alloc include/linux/kasan.h:201 [inline]
 slab_post_alloc_hook+0x74/0x430 mm/slab.h:737
 slab_alloc_node mm/slub.c:3359 [inline]
 slab_alloc mm/slub.c:3367 [inline]
 __kmem_cache_alloc_lru mm/slub.c:3374 [inline]
 kmem_cache_alloc+0x22c/0x308 mm/slub.c:3383
 getname_flags+0xb8/0x45c fs/namei.c:139
 getname fs/namei.c:218 [inline]
 __do_sys_unlinkat fs/namei.c:-1 [inline]
 __se_sys_unlinkat fs/namei.c:4434 [inline]
 __arm64_sys_unlinkat+0xb4/0xfc fs/namei.c:4434
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2b4 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:140
 do_el0_svc+0x58/0x130 arch/arm64/kernel/syscall.c:204
 el0_svc+0x58/0x128 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:585
rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g3457 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
rcu: 	Possible timer handling issue on cpu=0 timer-softirq=1166
rcu: rcu_preempt kthread starved for 10502 jiffies! g3457 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:I stack:0     pid:16    ppid:2      flags:0x00000008
Call trace:
 __switch_to+0x2f4/0x550 arch/arm64/kernel/process.c:555
 context_switch kernel/sched/core.c:5245 [inline]
 __schedule+0xdd0/0x1b0c kernel/sched/core.c:6562
 schedule+0xc4/0x170 kernel/sched/core.c:6638
 schedule_timeout+0x194/0x2f4 kernel/time/timer.c:2168
 rcu_gp_fqs_loop+0x2b4/0x1378 kernel/rcu/tree.c:1706
 rcu_gp_kthread+0xb4/0x2fc kernel/rcu/tree.c:1905
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:850
rcu: Stack dump where RCU GP kthread last ran:
Task dump for CPU 0:
task:syz.1.23        state:R  running task     stack:0     pid:4504  ppid:4439   flags:0x00000000
Call trace:
 __switch_to+0x2f4/0x550 arch/arm64/kernel/process.c:555
 0xffff800008000000

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/27 03:07 linux-6.1.y 7c87defbd336 9c2d0995 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 INFO: rcu detected stall in sys_unlinkat
* Struck through repros no longer work on HEAD.