syzbot

 sign-in | mailing list | source | docs
🐞 Open [1164] 🐞 Fixed [4299] 🐞 Invalid [9645] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

INFO: rcu detected stall in ieee80211_tasklet_handler

Status: fixed on 2022/03/08 16:11
Reported-by: syzbot+7bb955045fc0840decd3@syzkaller.appspotmail.com
Fix commit: 313bbd1990b6 mac80211-hwsim: fix late beacon hrtimer handling
First crash: 781d, last: 489d

Cause bisection: failed (bisect log)

Fix bisection: fixed by (bisect log) :
commit 313bbd1990b6ddfdaa7da098d0c56b098a833572
Author: Johannes Berg <johannes.berg@intel.com>
Date: Wed Sep 15 09:29:37 2021 +0000

  mac80211-hwsim: fix late beacon hrtimer handling

similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream BUG: soft lockup in ieee80211_tasklet_handler C inconclusive error 9 612d 703d 0/24 auto-obsoleted due to no activity on 2023/01/07 08:49
linux-4.19 BUG: soft lockup in ieee80211_tasklet_handler 28 26d 680d 0/1 upstream: reported on 2021/03/19 03:24

Sample crash report:
rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-....: (10443 ticks this GP) idle=ee1/1/0x4000000000000000 softirq=9729/9740 fqs=2218 
	(t=10502 jiffies g=8717 q=8272)
NMI backtrace for cpu 1
CPU: 1 PID: 9200 Comm: syz-executor025 Not tainted 5.14.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:105
 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
 rcu_dump_cpu_stacks+0x25e/0x3f0 kernel/rcu/tree_stall.h:343
 print_cpu_stall kernel/rcu/tree_stall.h:627 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:711 [inline]
 rcu_pending kernel/rcu/tree.c:3880 [inline]
 rcu_sched_clock_irq.cold+0x9d/0x746 kernel/rcu/tree.c:2599
 update_process_times+0x16d/0x200 kernel/time/timer.c:1785
 tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:226
 tick_sched_timer+0x1b0/0x2d0 kernel/time/tick-sched.c:1421
 __run_hrtimer kernel/time/hrtimer.c:1685 [inline]
 __hrtimer_run_queues+0x1c0/0xe50 kernel/time/hrtimer.c:1749
 hrtimer_interrupt+0x31c/0x790 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline]
 __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103
 sysvec_apic_timer_interrupt+0x40/0xc0 arch/x86/kernel/apic/apic.c:1097
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0x38/0x70 kernel/locking/spinlock.c:194
Code: 74 24 10 e8 3a 17 26 f8 48 89 ef e8 82 8d 26 f8 81 e3 00 02 00 00 75 25 9c 58 f6 c4 02 75 2d 48 85 db 74 01 fb bf 01 00 00 00 <e8> 83 4e 1a f8 65 8b 05 2c a1 cc 76 85 c0 74 0a 5b 5d c3 e8 30 fa
RSP: 0018:ffffc90000dc0ea0 EFLAGS: 00000206
RAX: 0000000000000046 RBX: 0000000000000200 RCX: 1ffffffff1adbb3d
RDX: 0000000000000000 RSI: ffffffff817c4961 RDI: 0000000000000001
RBP: ffff888018db9630 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffff817c4948 R11: 0000000000000000 R12: ffff88803b2ea780
R13: ffff888018db9630 R14: ffff88803b2ebc80 R15: 0000000000000001
 spin_unlock_irqrestore include/linux/spinlock.h:418 [inline]
 skb_dequeue+0x125/0x180 net/core/skbuff.c:3206
 ieee80211_tasklet_handler+0x34/0x130 net/mac80211/main.c:228
 tasklet_action_common.constprop.0+0x201/0x2e0 kernel/softirq.c:783
 __do_softirq+0x29b/0x9c2 kernel/softirq.c:558
 invoke_softirq kernel/softirq.c:432 [inline]
 __irq_exit_rcu+0x123/0x180 kernel/softirq.c:636
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:648
 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1097
 </IRQ>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:check_kcov_mode+0x2c/0x40 kernel/kcov.c:174
Code: 05 39 d8 8b 7e 89 c2 81 e2 00 01 00 00 a9 00 01 ff 00 74 10 31 c0 85 d2 74 15 8b 96 3c 15 00 00 85 d2 74 0b 8b 86 18 15 00 00 <39> f8 0f 94 c0 c3 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 31 c0
RSP: 0018:ffffc900036b7758 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffffea0000cd76c0 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff888017678000 RDI: 0000000000000003
RBP: ffffea0000cd76c0 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff819eef70 R11: 0000000000000000 R12: ffffea0000cd76c8
R13: 0000000000000000 R14: ffffea0000cd7688 R15: ffffea0000cd76c0
 write_comp_data kernel/kcov.c:218 [inline]
 __sanitizer_cov_trace_const_cmp8+0x1d/0x70 kernel/kcov.c:291
 _compound_head include/linux/page-flags.h:187 [inline]
 PageUnevictable include/linux/page-flags.h:413 [inline]
 mark_page_accessed+0x330/0x1b00 mm/swap.c:430
 zap_pte_range mm/memory.c:1359 [inline]
 zap_pmd_range mm/memory.c:1481 [inline]
 zap_pud_range mm/memory.c:1510 [inline]
 zap_p4d_range mm/memory.c:1531 [inline]
 unmap_page_range+0xd45/0x2a10 mm/memory.c:1552
 unmap_single_vma+0x198/0x310 mm/memory.c:1597
 unmap_vmas+0x16d/0x2f0 mm/memory.c:1629
 exit_mmap+0x1d0/0x620 mm/mmap.c:3195
 __mmput+0x122/0x470 kernel/fork.c:1103
 mmput+0x58/0x60 kernel/fork.c:1124
 exit_mm kernel/exit.c:501 [inline]
 do_exit+0xabc/0x2a30 kernel/exit.c:812
 do_group_exit+0x125/0x310 kernel/exit.c:922
 get_signal+0x47f/0x2160 kernel/signal.c:2823
 arch_do_signal_or_restart+0x2a9/0x1c40 arch/x86/kernel/signal.c:865
 handle_signal_work kernel/entry/common.c:148 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:172 [inline]
 exit_to_user_mode_prepare+0x17d/0x290 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x19/0x60 kernel/entry/common.c:302
 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x447559
Code: Unable to access opcode bytes at RIP 0x44752f.
RSP: 002b:00007fe14263b318 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: 0000000000000001 RBX: 00000000004d21c8 RCX: 0000000000447559
RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00000000004d21cc
RBP: 00000000004d21c0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000003 R11: 0000000000000246 R12: 00000000004d21cc
R13: 00007ffc6d25f0ff R14: 00007fe14263b400 R15: 0000000000022000
----------------
Code disassembly (best guess):
   0:	74 24                	je     0x26
   2:	10 e8                	adc    %ch,%al
   4:	3a 17                	cmp    (%rdi),%dl
   6:	26 f8                	es clc
   8:	48 89 ef             	mov    %rbp,%rdi
   b:	e8 82 8d 26 f8       	callq  0xf8268d92
  10:	81 e3 00 02 00 00    	and    $0x200,%ebx
  16:	75 25                	jne    0x3d
  18:	9c                   	pushfq
  19:	58                   	pop    %rax
  1a:	f6 c4 02             	test   $0x2,%ah
  1d:	75 2d                	jne    0x4c
  1f:	48 85 db             	test   %rbx,%rbx
  22:	74 01                	je     0x25
  24:	fb                   	sti
  25:	bf 01 00 00 00       	mov    $0x1,%edi
* 2a:	e8 83 4e 1a f8       	callq  0xf81a4eb2 <-- trapping instruction
  2f:	65 8b 05 2c a1 cc 76 	mov    %gs:0x76cca12c(%rip),%eax        # 0x76cca162
  36:	85 c0                	test   %eax,%eax
  38:	74 0a                	je     0x44
  3a:	5b                   	pop    %rbx
  3b:	5d                   	pop    %rbp
  3c:	c3                   	retq
  3d:	e8                   	.byte 0xe8
  3e:	30 fa                	xor    %bh,%dl

Crashes (74):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kasan-gce-root 2021/09/02 01:07 upstream 835d31d319d9 7eb7e152 .config console log report syz C INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/03 08:56 upstream 3516bd729358 79264ae3 .config console log report syz C
ci-upstream-kasan-gce-root 2021/01/04 07:48 upstream e71ba9452f0b 79264ae3 .config console log report syz
ci-upstream-kasan-gce-root 2020/12/15 15:01 upstream 148842c98a24 97183ed7 .config console log report syz
ci-upstream-kasan-gce 2021/09/25 20:38 upstream 7d42e9818258 8cac236e .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/09/04 16:02 upstream f1583cb1be35 d236a457 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-smack-root 2021/05/28 03:40 upstream 97e5bf604b7a 858ea628 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-selinux-root 2021/05/17 21:48 upstream d07f6ca923ea a343ba6b .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/05/10 23:28 upstream 0aa099a312b6 ca873091 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/04/06 21:42 upstream 0a50438c8436 6a81331a .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/03/04 10:36 upstream f69d02e37a85 d7e4e604 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/03/04 09:03 upstream f69d02e37a85 d7e4e604 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/27 21:40 upstream 5695e5161974 4c37c133 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/27 19:47 upstream 5695e5161974 4c37c133 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/27 12:26 upstream 3fb6d0e00efc 4c37c133 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/27 06:50 upstream 3fb6d0e00efc 4c37c133 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/26 15:28 upstream 2c87f7a38f93 4c37c133 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/25 18:41 upstream 29c395c77a9a 76f7fc95 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/25 17:08 upstream 29c395c77a9a 76f7fc95 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/25 04:28 upstream 062c84fccc44 fcc6d71b .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/23 10:36 upstream a99163e9e708 c26fb06b .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/22 22:50 upstream a99163e9e708 c26fb06b .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/22 19:24 upstream a99163e9e708 c26fb06b .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/22 11:47 upstream 31caf8b2a847 a659b3f1 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/21 23:25 upstream 55f62bc87347 a659b3f1 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/21 19:01 upstream 55f62bc87347 a659b3f1 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/02/04 12:24 upstream 61556703b610 42b90a7c .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/29 08:52 upstream bec4c2968fce 6593fd32 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/27 07:59 upstream 2ab38c17aac1 55a7d4df .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/24 22:43 upstream e68061375f79 52e37319 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/21 01:07 upstream 75439bc439e0 d4f4eca5 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/17 21:57 upstream a1339d6355ac 813be542 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-kasan-gce 2021/08/05 22:55 bpf a02215ce72a3 d2d6e680 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-kasan-gce 2021/06/27 11:49 bpf 3db6735f2ef4 9d2ab5df .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-kasan-gce 2021/06/19 04:25 bpf 61e8aeda9398 aba2b2fb .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-kasan-gce 2021/05/15 02:56 bpf c9a7c013569d 8bdd5343 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-net-kasan-gce 2021/09/07 13:13 net-next 27151f177827 6ca60148 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-next-kasan-gce 2021/06/09 04:42 bpf-next 380afe720896 5c2fe346 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-next-kasan-gce 2021/04/26 11:13 bpf-next 0ea1041bfa3a 2a82f1b3 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-bpf-next-kasan-gce 2021/01/19 06:45 bpf-next a2c2998d5c6b 63631df1 .config console log report info INFO: rcu detected stall in ieee80211_tasklet_handler
ci-upstream-kasan-gce-root 2021/01/17 11:55 upstream 0da0a8a0a0e1 813be542 .config console log report info
ci-upstream-kasan-gce-root 2021/01/16 15:43 upstream 1d94330a437a 65a7a854 .config console log report info
ci-upstream-kasan-gce-root 2021/01/15 17:10 upstream 5ee88057889b 65a7a854 .config console log report info
ci-upstream-kasan-gce-root 2021/01/15 08:24 upstream 146620506274 65a7a854 .config console log report info
ci-upstream-kasan-gce-root 2021/01/09 11:44 upstream 996e435fd401 a6c52263 .config console log report info
ci-upstream-kasan-gce-root 2021/01/07 19:00 upstream 71c061d24438 c104d4a3 .config console log report info
ci-upstream-kasan-gce-root 2021/01/01 22:26 upstream eda809aef534 79264ae3 .config console log report info
ci-upstream-kasan-gce-root 2020/12/31 01:50 upstream f6e1ea196492 5cc121d6 .config console log report info
ci-upstream-kasan-gce-root 2020/12/28 05:06 upstream 5c8fe583cce5 2242f77f .config console log report info
ci-upstream-kasan-gce-root 2020/12/15 20:35 upstream 148842c98a24 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/15 14:55 upstream 148842c98a24 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/15 07:47 upstream 148842c98a24 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/15 07:17 upstream 148842c98a24 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/14 22:03 upstream 2c85ebc57b3e 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/14 18:21 upstream 2c85ebc57b3e 97183ed7 .config console log report info
ci-upstream-kasan-gce-root 2020/12/13 23:22 upstream 6bff9bb8a292 b22a7ec3 .config console log report info
ci-upstream-kasan-gce-root 2020/12/13 15:22 upstream 6bff9bb8a292 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/13 15:20 upstream 6bff9bb8a292 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/13 10:46 upstream 7b1b868e1d91 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/13 03:32 upstream 7b1b868e1d91 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/12 22:50 upstream 7b1b868e1d91 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/12 07:07 upstream 7f376f1917d7 bca53db9 .config console log report info
ci-upstream-kasan-gce-root 2020/12/12 06:16 upstream 33dc9614dc20 ba24ffcd .config console log report info
ci-upstream-kasan-gce-root 2020/12/11 09:54 upstream 33dc9614dc20 f900b48c .config console log report info
ci-upstream-kasan-gce-root 2020/12/11 08:03 upstream 33dc9614dc20 f900b48c .config console log report info
ci-upstream-kasan-gce-root 2020/12/10 15:33 upstream a2f5ea9e314b f900b48c .config console log report info
ci-upstream-kasan-gce-root 2020/12/10 04:13 upstream a68a0262abda c090b4da .config console log report info
ci-upstream-kasan-gce-root 2020/12/08 19:58 upstream cd796ed33450 a7f7f4a4 .config console log report info
ci-upstream-kasan-gce-root 2020/12/08 18:55 upstream cd796ed33450 a7f7f4a4 .config console log report info
ci-upstream-kasan-gce-root 2020/12/07 14:00 upstream 0477e9288185 1190297f .config console log report info
ci-upstream-kasan-gce-root 2020/12/07 12:52 upstream 0477e9288185 1190297f .config console log report info
* Struck through repros no longer work on HEAD.