syzbot


INFO: rcu detected stall in trace_timer_expire_exit (2)

Status: auto-closed as invalid on 2020/10/09 21:20
Subsystems: kernel
[Documentation on labels]
First crash: 1355d, last: 1355d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in trace_timer_expire_exit trace 1 1532d 1532d 0/26 auto-closed as invalid on 2020/04/15 20:53

Sample crash report:
rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-...!: (10499 ticks this GP) idle=066/1/0x4000000000000000 softirq=228188/228188 fqs=0 
	(t=10500 jiffies g=361709 q=41)
NMI backtrace for cpu 1
CPU: 1 PID: 19217 Comm: syz-executor.5 Not tainted 5.8.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1f0/0x31e lib/dump_stack.c:118
 nmi_cpu_backtrace+0x9f/0x180 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x16a/0x280 lib/nmi_backtrace.c:62
 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
 rcu_dump_cpu_stacks+0x199/0x2a0 kernel/rcu/tree_stall.h:320
 print_cpu_stall kernel/rcu/tree_stall.h:553 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:627 [inline]
 rcu_pending kernel/rcu/tree.c:3489 [inline]
 rcu_sched_clock_irq+0x1928/0x1eb0 kernel/rcu/tree.c:2504
 update_process_times+0x12c/0x180 kernel/time/timer.c:1726
 tick_sched_handle kernel/time/tick-sched.c:176 [inline]
 tick_sched_timer+0x254/0x410 kernel/time/tick-sched.c:1320
 __run_hrtimer kernel/time/hrtimer.c:1520 [inline]
 __hrtimer_run_queues+0x42d/0x930 kernel/time/hrtimer.c:1584
 hrtimer_interrupt+0x373/0xd60 kernel/time/hrtimer.c:1646
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1080 [inline]
 __sysvec_apic_timer_interrupt+0xf0/0x260 arch/x86/kernel/apic/apic.c:1097
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:50 [inline]
 sysvec_apic_timer_interrupt+0x112/0x130 arch/x86/kernel/apic/apic.c:1091
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:587
RIP: 0010:__preempt_count_add arch/x86/include/asm/preempt.h:79 [inline]
RIP: 0010:rcu_lockdep_current_cpu_online+0x31/0xe0 kernel/rcu/tree.c:1144
Code: 0d c0 41 a0 7e b0 01 f7 c1 00 00 f0 00 0f 85 b2 00 00 00 83 3d 53 70 0b 08 00 0f 84 a5 00 00 00 49 bf 00 00 00 00 00 fc ff df <65> 83 05 93 41 a0 7e 01 e8 42 ea ba 06 89 c0 48 8d 1c c5 e0 18 0d
RSP: 0018:ffffc90000da8d68 EFLAGS: 00000202
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000101
RDX: ffff888024c0a1c0 RSI: 0000000000000102 RDI: 0000000000000000
RBP: ffffc90000da8f00 R08: ffffffff8164be04 R09: fffffbfff12da576
R10: fffffbfff12da576 R11: 0000000000000000 R12: 000000010004ccbc
R13: ffff8881f5ffdc10 R14: ffff8881f5ffdc10 R15: dffffc0000000000
 rcu_read_lock_held_common kernel/rcu/update.c:122 [inline]
 rcu_read_lock_sched_held+0x1a/0xa0 kernel/rcu/update.c:133
 trace_timer_expire_exit+0x1d4/0x270 include/trace/events/timer.h:125
 call_timer_fn+0x99/0x160 kernel/time/timer.c:1405
 expire_timers kernel/time/timer.c:1449 [inline]
 __run_timers+0x736/0x930 kernel/time/timer.c:1773
 run_timer_softirq+0x46/0x80 kernel/time/timer.c:1786
 __do_softirq+0x268/0x80c kernel/softirq.c:292
 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:711
 </IRQ>
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
 do_softirq_own_stack+0xe0/0x1a0 arch/x86/kernel/irq_64.c:77
 invoke_softirq kernel/softirq.c:387 [inline]
 __irq_exit_rcu+0x1e1/0x1f0 kernel/softirq.c:417
 irq_exit_rcu+0x6/0x50 kernel/softirq.c:429
 sysvec_apic_timer_interrupt+0x117/0x130 arch/x86/kernel/apic/apic.c:1091
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:587
RIP: 0010:__sanitizer_cov_trace_const_cmp1+0x0/0xa0 kernel/kcov.c:271
Code: 00 00 48 c7 04 d1 06 00 00 00 48 89 7c d1 08 48 c1 e0 03 48 83 c8 18 48 89 34 01 4c 89 44 d1 18 49 ff c2 4c 89 11 c3 0f 1f 00 <4c> 8b 04 24 65 48 8b 14 25 00 fe 01 00 65 8b 05 08 6f 8d 7e a9 00
RSP: 0018:ffffc900052d72e0 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
RDX: ffff888024c0a1c0 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffff863d5532 R09: fffffbfff12da576
R10: fffffbfff12da576 R11: 0000000000000000 R12: 1ffff1100411c629
R13: 1ffff1100411c62a R14: 0000000000000000 R15: 1ffff1100411c62a
 snd_interval_refine+0x42a/0xa80 sound/core/pcm_lib.c:614
 snd_pcm_hw_rule_muldivk+0xdc/0x150 sound/core/pcm_native.c:2299
 constrain_params_by_rules+0x7a8/0xdf0 sound/core/pcm_native.c:410
 snd_pcm_hw_refine+0x3aa/0x4d0 sound/core/pcm_native.c:517
 snd_pcm_hw_param_min sound/core/oss/pcm_oss.c:249 [inline]
 snd_pcm_hw_param_near+0x12b/0x660 sound/core/oss/pcm_oss.c:405
 snd_pcm_oss_change_params_locked+0x254f/0x4410 sound/core/oss/pcm_oss.c:930
 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1084 [inline]
 snd_pcm_oss_make_ready+0x115/0x2b0 sound/core/oss/pcm_oss.c:1143
 snd_pcm_oss_set_trigger+0x93/0x750 sound/core/oss/pcm_oss.c:2047
 snd_pcm_oss_poll+0x662/0x8d0 sound/core/oss/pcm_oss.c:2831
 vfs_poll include/linux/poll.h:90 [inline]
 do_select+0x107d/0x19e0 fs/select.c:534
 core_sys_select+0x732/0x9e0 fs/select.c:677
 do_pselect fs/select.c:759 [inline]
 __do_sys_pselect6 fs/select.c:800 [inline]
 __se_sys_pselect6+0x375/0x3f0 fs/select.c:791
 do_syscall_64+0x73/0xe0 arch/x86/entry/common.c:384
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45cba9
Code: Bad RIP value.
RSP: 002b:00007f65df0d0c78 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
RAX: ffffffffffffffda RBX: 00000000004fc500 RCX: 000000000045cba9
RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000040
RBP: 000000000078bf00 R08: 0000000020000200 R09: 0000000000000000
R10: 0000000020000140 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000000008a0 R14: 00000000004cb910 R15: 00007f65df0d16d4

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/07/11 21:19 upstream a581387e415b 18d18b59 .config console log report ci-upstream-kasan-gce-smack-root
* Struck through repros no longer work on HEAD.