syzbot |
sign-in | mailing list | source | docs |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | INFO: rcu detected stall in ext4_release_file kernel | 2 | 1218d | 1230d | 0/28 | auto-closed as invalid on 2021/09/15 05:15 | |||
| upstream | INFO: rcu detected stall in ext4_release_file (2) ext4 mm | C | error | done | 3 | 47d | 140d | 0/28 | upstream: reported C repro on 2024/05/30 03:27 |
| android-5-15 | BUG: soft lockup in ext4_release_file | 1 | 179d | 179d | 0/2 | auto-obsoleted due to no activity on 2024/07/20 19:54 |
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P9818/1:b..l P9789/1:b..l (detected by 0, t=10502 jiffies, g=42253, q=72) task:syz.0.2005 state:R running task stack:19776 pid: 9789 ppid: 7075 flags:0x00004002 Call Trace: <TASK> context_switch kernel/sched/core.c:5030 [inline] __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376 preempt_schedule_irq+0xf7/0x1c0 kernel/sched/core.c:6780 irqentry_exit+0x53/0x80 kernel/entry/common.c:432 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:lock_is_held_type+0x137/0x180 Code: 75 40 48 c7 04 24 00 00 00 00 9c 8f 04 24 f7 04 24 00 02 00 00 75 46 41 f7 c4 00 02 00 00 74 01 fb 65 48 8b 04 25 28 00 00 00 <48> 3b 44 24 08 75 3c 89 e8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f RSP: 0018:ffffc9000ace6d68 EFLAGS: 00000206 RAX: ad269a544f821400 RBX: 0000000000000003 RCX: ffff88807f6f8000 RDX: ffff88807f6f8000 RSI: ffffffff8a8b3ca0 RDI: ffffffff8ad8f740 RBP: 0000000000000000 R08: ffffffff843021ed R09: fffff940002e3faf R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000246 R13: ffff88807f6f8000 R14: 00000000ffffffff R15: ffff8880742c18d8 lock_is_held include/linux/lockdep.h:287 [inline] xa_entry include/linux/xarray.h:1182 [inline] xas_find_marked+0x782/0x10e0 lib/xarray.c:1365 find_get_entry+0x6f/0x280 mm/filemap.c:1980 find_get_pages_range_tag+0x241/0x500 mm/filemap.c:2272 pagevec_lookup_range_tag+0x37/0x80 mm/swap.c:1114 mpage_prepare_extent_to_map+0x399/0x1150 fs/ext4/inode.c:2578 ext4_writepages+0x1273/0x3d10 fs/ext4/inode.c:2815 do_writepages+0x481/0x730 mm/page-writeback.c:2364 filemap_fdatawrite_wbc+0x1d6/0x230 mm/filemap.c:400 __filemap_fdatawrite_range mm/filemap.c:433 [inline] __filemap_fdatawrite mm/filemap.c:439 [inline] filemap_flush+0x10c/0x150 mm/filemap.c:466 ext4_release_file+0x7d/0x300 fs/ext4/file.c:141 __fput+0x3bf/0x890 fs/file_table.c:280 task_work_run+0x129/0x1a0 kernel/task_work.c:164 exit_task_work include/linux/task_work.h:32 [inline] do_exit+0x6a3/0x2480 kernel/exit.c:872 do_group_exit+0x144/0x310 kernel/exit.c:994 get_signal+0xc66/0x14e0 kernel/signal.c:2889 arch_do_signal_or_restart+0xc3/0x1890 arch/x86/kernel/signal.c:867 handle_signal_work kernel/entry/common.c:154 [inline] exit_to_user_mode_loop+0x97/0x130 kernel/entry/common.c:178 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:214 irqentry_exit_to_user_mode+0x5/0x30 kernel/entry/common.c:320 exc_page_fault+0x342/0x700 arch/x86/mm/fault.c:1504 asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:568 RIP: 0033:0xf8 RSP: 002b:00000000200000c8 EFLAGS: 00010217 RAX: 0000000000000000 RBX: 00007fcab79adfa0 RCX: 00007fcab781fae9 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000080206000 RBP: 00007fcab78a0746 R08: 0000000020000200 R09: 0000000020000200 R10: 00000000200001c0 R11: 0000000000000206 R12: 0000000000000000 R13: 000000000000000b R14: 00007fcab79adfa0 R15: 00007ffc7a78f208 </TASK> task:syz.2.2014 state:R running task stack:21344 pid: 9818 ppid: 7017 flags:0x00004002 Call Trace: <TASK> context_switch kernel/sched/core.c:5030 [inline] __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376 preempt_schedule_irq+0xf7/0x1c0 kernel/sched/core.c:6780 irqentry_exit+0x53/0x80 kernel/entry/common.c:432 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:latch_tree_find include/linux/rbtree_latch.h:208 [inline] RIP: 0010:bpf_ksym_find kernel/bpf/core.c:688 [inline] RIP: 0010:is_bpf_text_address+0xc2/0x260 kernel/bpf/core.c:722 Code: bc 00 00 00 00 00 fc ff df 44 8b 3d e8 f6 d3 0a 44 89 fd 83 e5 01 48 8d 1c ed b0 f3 60 8c 48 89 d8 48 c1 e8 03 42 80 3c 20 00 <74> 08 48 89 df e8 74 2c 3d 00 48 8b 1b 48 85 db 0f 84 ba 00 00 00 RSP: 0018:ffffc9000ae86e60 EFLAGS: 00000246 RAX: 1ffffffff18c1e76 RBX: ffffffff8c60f3b0 RCX: ffff88803980d940 RDX: 0000000000000000 RSI: ffffffff8ad8f720 RDI: ffffffff8ad8f6e0 RBP: 0000000000000000 R08: ffffffff818cfc1d R09: fffffbfff1f7f219 R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 R13: ffffffff816df420 R14: 0000000000000000 R15: 000000000000046c kernel_text_address kernel/extable.c:151 [inline] __kernel_text_address+0x94/0x100 kernel/extable.c:105 unwind_get_return_address+0x49/0x80 arch/x86/kernel/unwind_orc.c:323 arch_stack_walk+0xf3/0x140 arch/x86/kernel/stacktrace.c:26 stack_trace_save+0x113/0x1c0 kernel/stacktrace.c:122 kasan_save_stack mm/kasan/common.c:38 [inline] kasan_set_track+0x4b/0x80 mm/kasan/common.c:46 kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360 ____kasan_slab_free+0xd8/0x120 mm/kasan/common.c:366 kasan_slab_free include/linux/kasan.h:230 [inline] slab_free_hook mm/slub.c:1705 [inline] slab_free_freelist_hook+0xdd/0x160 mm/slub.c:1731 slab_free mm/slub.c:3499 [inline] kmem_cache_free+0x91/0x1f0 mm/slub.c:3515 free_buffer_head+0x45/0xb0 fs/buffer.c:3327 try_to_free_buffers+0x464/0x5a0 fs/buffer.c:3268 do_invalidatepage mm/truncate.c:157 [inline] truncate_cleanup_page+0x179/0x440 mm/truncate.c:176 truncate_inode_pages_range+0x2e7/0x1290 mm/truncate.c:325 ext4_evict_inode+0x2ae/0x1100 fs/ext4/inode.c:224 evict+0x2a4/0x620 fs/inode.c:587 __dentry_kill+0x436/0x650 fs/dcache.c:582 dentry_kill+0xbb/0x290 dput+0xd8/0x1a0 fs/dcache.c:889 __fput+0x5ec/0x890 fs/file_table.c:288 task_work_run+0x129/0x1a0 kernel/task_work.c:164 exit_task_work include/linux/task_work.h:32 [inline] do_exit+0x6a3/0x2480 kernel/exit.c:872 do_group_exit+0x144/0x310 kernel/exit.c:994 get_signal+0xc66/0x14e0 kernel/signal.c:2889 arch_do_signal_or_restart+0xc3/0x1890 arch/x86/kernel/signal.c:867 handle_signal_work kernel/entry/common.c:154 [inline] exit_to_user_mode_loop+0x97/0x130 kernel/entry/common.c:178 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:214 irqentry_exit_to_user_mode+0x5/0x30 kernel/entry/common.c:320 exc_page_fault+0x342/0x700 arch/x86/mm/fault.c:1504 asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:568 RIP: 0033:0x0 RSP: 002b:00000000200000c8 EFLAGS: 00010217 RAX: 0000000000000000 RBX: 00007fe31ac06fa0 RCX: 00007fe31aa78ae9 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000080206000 RBP: 00007fe31aaf9746 R08: 0000000020000200 R09: 0000000020000200 R10: 00000000200001c0 R11: 0000000000000206 R12: 0000000000000000 R13: 000000000000000b R14: 00007fe31ac06fa0 R15: 00007ffe54fd9c08 </TASK> rcu: rcu_preempt kthread starved for 10600 jiffies! g42253 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:R running task stack:27064 pid: 15 ppid: 2 flags:0x00004000 Call Trace: <TASK> context_switch kernel/sched/core.c:5030 [inline] __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376 schedule+0x11b/0x1f0 kernel/sched/core.c:6459 schedule_timeout+0x1b9/0x300 kernel/time/timer.c:1914 rcu_gp_fqs_loop+0x2bf/0x1080 kernel/rcu/tree.c:1972 rcu_gp_kthread+0xa4/0x360 kernel/rcu/tree.c:2145 kthread+0x3f6/0x4f0 kernel/kthread.c:334 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:300 </TASK> rcu: Stack dump where RCU GP kthread last ran: Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 PID: 10036 Comm: syz.2.2080 Not tainted 5.15.161-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 RIP: 0010:native_save_fl arch/x86/include/asm/irqflags.h:35 [inline] RIP: 0010:arch_local_save_flags arch/x86/include/asm/irqflags.h:70 [inline] RIP: 0010:arch_irqs_disabled arch/x86/include/asm/irqflags.h:132 [inline] RIP: 0010:seqcount_lockdep_reader_access+0x181/0x220 include/linux/seqlock.h:105 Code: c1 eb 03 49 bc 00 00 00 00 00 fc ff df 42 80 3c 23 00 74 08 4c 89 f7 e8 6d 80 5a 00 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 <42> 80 3c 23 00 74 08 4c 89 f7 e8 d0 7f 5a 00 4c 8b 74 24 20 bb 00 RSP: 0018:ffffc90000dd0da0 EFLAGS: 00000046 RAX: e12f437b676cc600 RBX: 1ffff920001ba1b8 RCX: ffffc90000dd0c03 RDX: 0000000000000001 RSI: ffffffff8a8b3ca0 RDI: ffffffff8ad8f740 RBP: ffffc90000dd0e48 R08: dffffc0000000000 R09: fffffbfff1bc8d86 R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 R13: 0000000000000000 R14: ffffc90000dd0dc0 R15: 1ffff920001ba1b4 FS: 000055555697c500(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b3240dff8 CR3: 0000000029acd000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <NMI> </NMI> <IRQ> timekeeping_get_delta kernel/time/timekeeping.c:254 [inline] timekeeping_get_ns kernel/time/timekeeping.c:388 [inline] ktime_get_update_offsets_now+0x89/0x420 kernel/time/timekeeping.c:2303 hrtimer_update_base kernel/time/hrtimer.c:631 [inline] hrtimer_interrupt+0x12f/0x980 kernel/time/hrtimer.c:1794 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1085 [inline] __sysvec_apic_timer_interrupt+0x139/0x470 arch/x86/kernel/apic/apic.c:1102 sysvec_apic_timer_interrupt+0x8c/0xb0 arch/x86/kernel/apic/apic.c:1096 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:638 RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40 kernel/locking/spinlock.c:202 Code: 21 80 f6 ff 90 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 be 11 3b f7 48 89 df e8 96 65 3c f7 e8 b1 1d 5f f7 fb bf 01 00 00 00 <e8> d6 ab 2f f7 65 8b 05 57 b2 da 75 85 c0 74 02 5b c3 e8 24 cf d8 RSP: 0018:ffffc90002507bc0 EFLAGS: 00000282 RAX: e12f437b676cc600 RBX: ffff88806198d340 RCX: ffffffff913f0f03 RDX: dffffc0000000000 RSI: ffffffff8a8b2a00 RDI: 0000000000000001 RBP: 0000000000000000 R08: ffffffff8186db40 R09: ffffed100c331a69 R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000021 R13: dffffc0000000000 R14: ffff88806198d7d8 R15: ffff88806198d340 spin_unlock_irq include/linux/spinlock.h:413 [inline] get_signal+0x13ee/0x14e0 kernel/signal.c:2892 arch_do_signal_or_restart+0xc3/0x1890 arch/x86/kernel/signal.c:867 handle_signal_work kernel/entry/common.c:154 [inline] exit_to_user_mode_loop+0x97/0x130 kernel/entry/common.c:178 exit_to_user_mode_prepare+0xb1/0x140 kernel/entry/common.c:214 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline] syscall_exit_to_user_mode+0x5d/0x240 kernel/entry/common.c:307 do_syscall_64+0x47/0xb0 arch/x86/entry/common.c:86 entry_SYSCALL_64_after_hwframe+0x66/0xd0 RIP: 0033:0x7fe31a94fbc2 Code: 48 39 d1 72 f3 48 83 e8 08 48 39 f2 73 17 66 2e 0f 1f 84 00 00 00 00 00 48 8b 70 f8 48 83 e8 08 48 39 f2 72 f3 48 39 c3 73 3e <48> 89 33 48 83 c3 08 48 8b 70 f8 48 89 08 48 8b 0b 49 8b 14 24 eb RSP: 002b:00007ffe54fd9b10 EFLAGS: 00000287 RAX: 00007fe31a314f38 RBX: 00007fe31a310228 RCX: ffffffff842e05ee RDX: ffffffff842de887 RSI: ffffffff842dddbf RDI: 00007fe31a318058 RBP: 00007fe31a30f210 R08: 00007fe31a313930 R09: 0000000000000008 R10: 0000000081a72c77 R11: 0000000081a72c7b R12: 00007fe31a30f208 R13: 0000000000000015 R14: 00007fe31a302008 R15: 00007fe31ac06fa0 </TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/06/26 05:35 | linux-5.15.y | 4878aadf2d15 | dec8bc94 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-linux-5-15-kasan | INFO: rcu detected stall in ext4_release_file |