syzbot

 sign-in | mailing list | source | docs
🐞 Open [960] 🐞 Fixed [3811] 🐞 Invalid [8185] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

INFO: rcu detected stall in sys_sendfile64 (2)
Status: closed as invalid on 2022/02/08 10:47
Reported-by: syzbot+1505c80c74256c6118a5@syzkaller.appspotmail.com
First crash: 1244d, last: 142d

Cause bisection: introduced by (bisect log) :
commit 34e07e42c55aeaa78e93b057a6664e2ecde3fadb
Author: Chris Wilson <chris@chris-wilson.co.uk>
Date: Thu Feb 8 10:54:48 2018 +0000

  drm/i915: Add missing kerneldoc for 'ent' in i915_driver_init_early

Crash: INFO: rcu detected stall in do_iter_write (log)
Repro: C syz .config

Fix bisection: failed (bisect log)
similar bugs (3):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in sys_sendfile64 C 4 1256d 1256d 0/22 closed as invalid on 2018/12/19 10:12
linux-4.19 INFO: rcu detected stall in sys_sendfile64 (2) 3 801d 852d 0/1 auto-closed as invalid on 2020/07/16 06:45
linux-4.19 INFO: rcu detected stall in sys_sendfile64 1 1135d 1135d 0/1 auto-closed as invalid on 2019/10/16 04:09

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
	(detected by 0, t=10502 jiffies, g=11717, q=28)
rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4295033515-4295023013), jiffies_till_next_fqs=1, root ->qsmask 0x0
rcu: rcu_preempt kthread starved for 10502 jiffies! g11717 f0x0 RCU_GP_ONOFF(3) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28944 pid:   14 ppid:     2 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4972 [inline]
 __schedule+0xa9a/0x4940 kernel/sched/core.c:6253
 preempt_schedule_irq+0x4e/0x90 kernel/sched/core.c:6668
 irqentry_exit+0x31/0x80 kernel/entry/common.c:425
 asm_sysvec_reschedule_ipi+0x12/0x20 arch/x86/include/asm/idtentry.h:643
RIP: 0010:rcu_gp_init+0x1df/0x12a0 kernel/rcu/tree.c:1777
Code: 01 0f 87 ea 0f 00 00 48 8d 3c dd 00 a3 b8 8b 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 db 0f 00 00 <48> 63 2d b2 c0 2d 0c 48 8b 1c dd 00 a3 b8 8b 48 83 fd 01 49 89 ee
RSP: 0000:ffffc90000f4fdf0 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 1ffffffff1771460 RSI: 0000000000000001 RDI: ffffffff8bb8a300
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
R10: 0000000000000003 R11: 0000000000000001 R12: ffffed1002391410
R13: ffffffff8b80f180 R14: ffffc90000f4fe88 R15: ffff888011c8a080
 rcu_gp_kthread+0xab/0x320 kernel/rcu/tree.c:2118
 kthread+0x405/0x4f0 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
NMI backtrace for cpu 0
CPU: 0 PID: 6559 Comm: syz-executor748 Not tainted 5.16.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 nmi_cpu_backtrace.cold+0x47/0x144 lib/nmi_backtrace.c:111
 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
 rcu_check_gp_kthread_starvation.cold+0x1fb/0x200 kernel/rcu/tree_stall.h:481
 print_other_cpu_stall kernel/rcu/tree_stall.h:586 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:729 [inline]
 rcu_pending kernel/rcu/tree.c:3878 [inline]
 rcu_sched_clock_irq+0x2125/0x2200 kernel/rcu/tree.c:2597
 update_process_times+0x16d/0x200 kernel/time/timer.c:1785
 tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:226
 tick_sched_timer+0x1b0/0x2d0 kernel/time/tick-sched.c:1428
 __run_hrtimer kernel/time/hrtimer.c:1685 [inline]
 __hrtimer_run_queues+0x1c0/0xe50 kernel/time/hrtimer.c:1749
 hrtimer_interrupt+0x31c/0x790 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline]
 __sysvec_apic_timer_interrupt+0x146/0x530 arch/x86/kernel/apic/apic.c:1103
 sysvec_apic_timer_interrupt+0x8e/0xc0 arch/x86/kernel/apic/apic.c:1097
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:__kasan_check_write+0x0/0x10 mm/kasan/shadow.c:37
Code: 83 c4 60 5b 5d 41 5c 41 5d c3 c3 e9 f0 70 45 07 cc cc cc cc cc cc cc cc cc cc 48 8b 0c 24 89 f6 31 d2 e9 f3 f9 ff ff 0f 1f 00 <48> 8b 0c 24 89 f6 ba 01 00 00 00 e9 e0 f9 ff ff 55 53 48 8b 07 48
RSP: 0018:ffffc90001f37718 EFLAGS: 00000293
RAX: 0000000000000000 RBX: 0000000000001000 RCX: 0000000000000000
RDX: ffff888072868040 RSI: 0000000000000004 RDI: ffffea0001866f34
RBP: ffffea0001866f34 R08: 000000000000007f R09: ffffea0001866f37
R10: ffffffff83d92a65 R11: 0000000000000000 R12: ffff88806f6801e0
R13: dffffc0000000000 R14: ffff88801c599800 R15: ffffc90001f37a60
 instrument_atomic_read_write include/linux/instrumented.h:101 [inline]
 atomic_inc include/linux/atomic/atomic-instrumented.h:181 [inline]
 page_ref_inc include/linux/page_ref.h:158 [inline]
 folio_ref_inc include/linux/page_ref.h:165 [inline]
 folio_get include/linux/mm.h:1199 [inline]
 get_page include/linux/mm.h:1204 [inline]
 copy_page_to_iter_pipe lib/iov_iter.c:419 [inline]
 __copy_page_to_iter lib/iov_iter.c:860 [inline]
 copy_page_to_iter+0xa34/0xe20 lib/iov_iter.c:880
 filemap_read+0x654/0xeb0 mm/filemap.c:2697
 generic_file_read_iter+0x3b6/0x5a0 mm/filemap.c:2792
 ext4_file_read_iter+0x1d4/0x5d0 fs/ext4/file.c:130
 call_read_iter include/linux/fs.h:2156 [inline]
 generic_file_splice_read+0x453/0x6d0 fs/splice.c:311
 do_splice_to+0x1bf/0x250 fs/splice.c:796
 splice_direct_to_actor+0x2c2/0x8c0 fs/splice.c:870
 do_splice_direct+0x1b3/0x280 fs/splice.c:979
 do_sendfile+0xaf2/0x1250 fs/read_write.c:1245
 __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7fb66fb19169
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ffd990510a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 00000000000f4240 RCX: 00007fb66fb19169
RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001
R10: 00008400fffffffb R11: 0000000000000246 R12: 00000000000c626a
R13: 00007ffd990510bc R14: 00007ffd990510d0 R15: 00007ffd990510c0
 </TASK>
----------------
Code disassembly (best guess):
   0:	01 0f                	add    %ecx,(%rdi)
   2:	87 ea                	xchg   %ebp,%edx
   4:	0f 00 00             	sldt   (%rax)
   7:	48 8d 3c dd 00 a3 b8 	lea    -0x74475d00(,%rbx,8),%rdi
   e:	8b
   f:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  16:	fc ff df
  19:	48 89 fa             	mov    %rdi,%rdx
  1c:	48 c1 ea 03          	shr    $0x3,%rdx
  20:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
  24:	0f 85 db 0f 00 00    	jne    0x1005
* 2a:	48 63 2d b2 c0 2d 0c 	movslq 0xc2dc0b2(%rip),%rbp        # 0xc2dc0e3 <-- trapping instruction
  31:	48 8b 1c dd 00 a3 b8 	mov    -0x74475d00(,%rbx,8),%rbx
  38:	8b
  39:	48 83 fd 01          	cmp    $0x1,%rbp
  3d:	49 89 ee             	mov    %rbp,%r14

Crashes (100):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2021/12/08 01:16 upstream cd8c917a56f2 0230ba3e .config log report syz C INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-root 2020/01/24 19:12 upstream 4703d9119972 2e95ab33 .config log report syz C
ci-upstream-kasan-gce-root 2019/06/06 12:31 upstream 156c05917e09 a547defc .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/05/03 14:43 upstream ea9866793d1e 1bfa09b9 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/04/23 07:48 upstream 085b7755808a 53199d6e .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/04/23 07:46 upstream 085b7755808a 53199d6e .config log report syz C
ci-upstream-kasan-gce-root 2019/02/19 13:36 upstream b5372fe5dc84 59f36113 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2019/01/19 11:06 upstream 2339e91d0e66 2103a236 .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2019/04/23 07:50 linux-next 3f018f4a019a 53199d6e .config log report syz C
ci-upstream-kasan-gce-smack-root 2022/01/06 05:37 upstream 49ef78e59b07 6acc789a .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-selinux-root 2021/12/25 01:30 upstream b927dfc67d05 6caa12e4 .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-selinux-root 2021/12/23 22:51 upstream 76657eaef4a7 6caa12e4 .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-selinux-root 2021/12/21 18:11 upstream 6e0567b73052 a938f0b8 .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-smack-root 2021/11/07 13:12 upstream b5013d084e03 4c1be0be .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-linux-next-kasan-gce-root 2021/12/29 14:42 linux-next ea586a076e8a 6cc879d4 .config log report info INFO: rcu detected stall in sys_sendfile64
ci-upstream-kasan-gce-selinux-root 2020/05/24 17:22 upstream caffb99b6929 bd28eb9d .config log report
ci-upstream-kasan-gce-root 2020/05/08 15:49 upstream 79dede78c057 2b98fdbc .config log report
ci-upstream-kasan-gce-selinux-root 2020/05/02 18:35 upstream 690e2aba7beb 58da4c35 .config log report
ci-upstream-kasan-gce-selinux-root 2020/04/12 10:08 upstream b032227c6293 a8c6a3f8 .config log report
ci-upstream-kasan-gce-selinux-root 2020/04/07 07:01 upstream 7e63420847ae 99a96044 .config log report
ci-upstream-kasan-gce-root 2020/03/13 14:48 upstream 3cc6e2c599cd d850e9d0 .config log report
ci-upstream-kasan-gce-root 2020/03/12 15:54 upstream e6e6ec48dd0f d850e9d0 .config log report
ci-upstream-kasan-gce-root 2020/03/10 02:02 upstream 30bb5572ce7a 35f53e45 .config log report
ci-upstream-kasan-gce-root 2020/02/26 11:16 upstream f8788d86ab28 59b57593 .config log report
ci-upstream-kasan-gce-selinux-root 2020/02/20 20:07 upstream ca7e1fd1026c bd2a74a3 .config log report
ci-upstream-kasan-gce-smack-root 2020/02/15 02:02 upstream 2019fc96af22 5d7b90f1 .config log report
ci-upstream-kasan-gce-selinux-root 2020/02/12 03:14 upstream 359c92c02bfa a75b198c .config log report
ci-upstream-kasan-gce-selinux-root 2020/02/10 20:19 upstream bb6d3fb354c5 18847f55 .config log report
ci-upstream-kasan-gce-selinux-root 2020/02/07 05:17 upstream 90568ecf5615 06150bf1 .config log report
ci-upstream-kasan-gce-root 2020/01/12 10:20 upstream ac61145a725a 4c04afaa .config log report
ci-upstream-kasan-gce-selinux-root 2019/12/24 14:01 upstream 46cf053efec6 be5c2c81 .config log report
ci-upstream-kasan-gce-selinux-root 2019/11/16 04:32 upstream eb70e26cd79d cdac920b .config log report
ci-upstream-kasan-gce-selinux-root 2019/08/23 05:44 upstream 59c36bc8d377 ca6f3cfa .config log report
ci-upstream-kasan-gce-root 2019/07/22 14:40 upstream c6dd78fcb8ee b3c615f5 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/20 07:04 upstream abf02e2964b3 34bf9440 .config log report
ci-upstream-kasan-gce-smack-root 2019/06/17 15:30 upstream 9e0babf2c06c 442206d7 .config log report
ci-upstream-kasan-gce-selinux-root 2019/06/13 12:00 upstream b076173a309e 3f4e812b .config log report
ci-upstream-kasan-gce-smack-root 2019/06/13 09:59 upstream b076173a309e 3f4e812b .config log report
ci-upstream-kasan-gce-root 2019/06/12 12:28 upstream aa7235483a83 794a1ad7 .config log report
ci-upstream-kasan-gce-root 2019/06/07 07:45 upstream 01047631df81 698773cb .config log report
ci-upstream-kasan-gce-smack-root 2019/06/06 19:18 upstream 156c05917e09 698773cb .config log report
ci-upstream-kasan-gce-root 2019/06/05 22:41 upstream 156c05917e09 bfb4a51e .config log report
ci-upstream-kasan-gce-smack-root 2019/06/04 22:25 upstream 788a024921c4 e41a20c5 .config log report
ci-upstream-kasan-gce-root 2019/06/04 22:22 upstream 788a024921c4 e41a20c5 .config log report
ci-upstream-kasan-gce-selinux-root 2018/12/31 02:16 upstream 195303136f19 2b42fdc8 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/06/13 06:22 linux-next e7b08814b16b f4724dd3 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/06/12 07:56 linux-next e7b08814b16b 58802067 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/04/27 12:27 linux-next ac935d227366 0ce7569e .config log report
ci-upstream-linux-next-kasan-gce-root 2020/04/18 22:41 linux-next ac935d227366 365fba24 .config log report
ci-upstream-linux-next-kasan-gce-root 2020/03/28 13:20 linux-next 770fbb32d34e f1ebdfba .config log report
ci-upstream-linux-next-kasan-gce-root 2020/02/18 07:05 linux-next c25a951c50dc 1ce142dc .config log report
ci-upstream-linux-next-kasan-gce-root 2020/02/03 22:53 linux-next 2747d5fdab78 93e5e335 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/12/26 08:34 linux-next 7ddd09fc4b74 be5c2c81 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/07/02 08:45 linux-next 48a8a5f9a326 cccc4302 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/07/01 20:25 linux-next 48a8a5f9a326 907bf746 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/23 14:17 linux-next e2d28c40292b 3efccdd2 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/23 05:59 linux-next dc636f5d78de 34bf9440 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/18 13:24 linux-next 1c6b40509daf e3f76baa .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/17 14:25 linux-next a125097c8410 442206d7 .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/08 20:42 linux-next 3f310e51ceb1 0159583c .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/05 14:53 linux-next b2924447b98a bfb4a51e .config log report
ci-upstream-linux-next-kasan-gce-root 2019/06/05 14:50 linux-next b2924447b98a bfb4a51e .config log report