syzbot

 sign-in | mailing list | source | docs
🐞 Open [1501]
Subsystems
🐞 Fixed [6525]
🐞 Invalid [16608]
Missing Backports [205]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: rcu detected stall in __se_sys_perf_event_open

Status: auto-closed as invalid on 2020/10/02 02:08
Subsystems: perf
[Documentation on labels]
First crash: 1875d, last: 1875d
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 INFO: rcu detected stall in sys_perf_event_open (2) origin:lts-only 1 C error 11 3d04h 590d 0/3 upstream: reported C repro on 2024/01/09 18:19
linux-6.1 INFO: rcu detected stall in sys_perf_event_open (2) origin:lts-only 1 syz done 8 5d17h 333d 0/3 upstream: reported syz repro on 2024/09/23 05:55
linux-6.6 INFO: rcu detected stall in perf_event_open 1 1 7d22h 7d22h 0/2 upstream: reported on 2025/08/14 11:08

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	0-....: (6296 ticks this GP) idle=992/1/0x4000000000000002 softirq=12505/12505 fqs=5248 
	(detected by 1, t=10502 jiffies, g=11597, q=1145)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 8837 Comm: syz-executor.4 Not tainted 5.8.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:check_memory_region+0x222/0x2f0 mm/kasan/generic.c:192
Code: 03 4d 89 cf 49 8d 5e 07 4d 85 f6 49 0f 49 de 48 83 e3 f8 49 29 de 74 11 45 0f b6 1f 45 84 db 75 64 49 ff c7 49 ff ce 75 ef 5b <41> 5c 41 5d 41 5e 41 5f c3 45 84 db 75 50 45 8a 59 01 45 84 db 0f
RSP: 0018:ffffc90000007350 EFLAGS: 00000056
RAX: 1ffff92000000e01 RBX: 0000000000000010 RCX: ffffffff813386e2
RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc90000007560
RBP: ffffc90000007560 R08: dffffc0000000000 R09: fffff52000000eae
R10: fffff52000000eae R11: 0000000000000000 R12: 1ffff92000000eac
R13: dffffc0000000001 R14: 0000000000000002 R15: ffffffff89e6ec50
FS:  00007fd3f330c700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000100000000 CR3: 0000000094af4000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 memset+0x1f/0x40 mm/kasan/common.c:84
 unwind_next_frame+0x1122/0x1e90 arch/x86/kernel/unwind_orc.c:542
 __unwind_start+0x5f7/0x700 arch/x86/kernel/unwind_orc.c:698
 perf_callchain_kernel+0x2e2/0x620 arch/x86/include/asm/unwind.h:60
 get_perf_callchain+0x72c/0x8c0 kernel/events/callchain.c:201
 perf_callchain kernel/events/core.c:6969 [inline]
 perf_prepare_sample+0x2ef/0x19f0 kernel/events/core.c:6996
 __perf_event_output kernel/events/core.c:7154 [inline]
 perf_event_output_forward+0xa7/0x1c0 kernel/events/core.c:7174
 __perf_event_overflow+0x1b9/0x340 kernel/events/core.c:8746
 perf_tp_event+0x2d4/0xa70 kernel/events/core.c:9278
 perf_trace_run_bpf_submit+0x106/0x1a0 kernel/events/core.c:9252
 perf_trace_preemptirq_template+0x253/0x310 include/trace/events/preemptirq.h:14
 trace_irq_enable_rcuidle+0x120/0x1c0 include/trace/events/preemptirq.h:40
 trace_hardirqs_on+0x57/0x80 kernel/trace/trace_preemptirq.c:44
 asm_sysvec_irq_work+0x12/0x20 arch/x86/include/asm/idtentry.h:626
RIP: 0010:arch_local_save_flags arch/x86/include/asm/paravirt.h:760 [inline]
RIP: 0010:arch_local_irq_save arch/x86/include/asm/paravirt.h:782 [inline]
RIP: 0010:rcu_read_unlock_special kernel/rcu/tree_plugin.h:599 [inline]
RIP: 0010:__rcu_read_unlock+0xf4/0x4a0 kernel/rcu/tree_plugin.h:395
Code: c7 2b 89 48 c1 e8 03 42 80 3c 30 00 74 0c 48 c7 c7 e8 c7 2b 89 e8 ac 3a 51 00 48 83 3d 8c 87 c9 07 00 0f 84 99 03 00 00 9c 58 <0f> 1f 44 00 00 48 89 44 24 08 48 c7 c0 f8 c7 2b 89 48 c1 e8 03 42
RSP: 0018:ffffc90000007be8 EFLAGS: 00000282
RAX: 0000000000000282 RBX: ffff8880476c6280 RCX: ffff8880476c6280
RDX: 0000000000000102 RSI: 0000000000000103 RDI: 0000000000000000
RBP: 0000000000000102 R08: ffffffff871f4940 R09: ffffed101403dbb4
R10: ffffed101403dbb4 R11: 0000000000000000 R12: 1ffff11008ed8cbf
R13: 0000000000000185 R14: dffffc0000000000 R15: ffff8880476c65f8
 rcu_read_unlock include/linux/rcupdate.h:687 [inline]
 ndisc_send_skb+0xad4/0xd20 net/ipv6/ndisc.c:514
 addrconf_rs_timer+0x226/0x680 net/ipv6/addrconf.c:3848
 call_timer_fn+0x91/0x160 kernel/time/timer.c:1404
 expire_timers kernel/time/timer.c:1449 [inline]
 __run_timers+0x736/0x930 kernel/time/timer.c:1773
 run_timer_softirq+0x46/0x80 kernel/time/timer.c:1786
 __do_softirq+0x268/0x80c kernel/softirq.c:292
 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:711
 </IRQ>
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
 do_softirq_own_stack+0xe0/0x1a0 arch/x86/kernel/irq_64.c:77
 invoke_softirq kernel/softirq.c:387 [inline]
 __irq_exit_rcu+0x1e1/0x1f0 kernel/softirq.c:417
 irq_exit_rcu+0x6/0x50 kernel/softirq.c:429
 sysvec_apic_timer_interrupt+0x117/0x130 arch/x86/kernel/apic/apic.c:1091
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:596
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x57/0x80 kernel/locking/spinlock.c:199
Code: 00 00 00 00 fc ff df 80 3c 08 00 74 0c 48 c7 c7 00 c8 2b 89 e8 6a 7c 94 f9 48 83 3d 62 c9 0c 01 00 74 25 fb 66 0f 1f 44 00 00 <bf> 01 00 00 00 e8 4f 8b 31 f9 65 8b 05 54 ff e2 77 85 c0 74 02 5b
RSP: 0018:ffffc90004d37c00 EFLAGS: 00000282
RAX: 1ffffffff1257900 RBX: ffff8880ae8358c0 RCX: dffffc0000000000
RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff881efe6f
RBP: ffffc90004d37c60 R08: dffffc0000000000 R09: fffffbfff16334b9
R10: fffffbfff16334b9 R11: 0000000000000000 R12: ffff8880ae8358c0
R13: ffff8880476c6280 R14: ffff8880ae836308 R15: dffffc0000000000
 finish_task_switch+0x24f/0x550 kernel/sched/core.c:3292
 context_switch kernel/sched/core.c:3456 [inline]
 __schedule+0x7db/0xc40 kernel/sched/core.c:4178
 preempt_schedule_common kernel/sched/core.c:4334 [inline]
 preempt_schedule+0xc8/0x110 kernel/sched/core.c:4359
 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:40
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:161 [inline]
 _raw_spin_unlock_irqrestore+0xc8/0xd0 kernel/locking/spinlock.c:191
 perf_unpin_context kernel/events/core.c:1505 [inline]
 __do_sys_perf_event_open kernel/events/core.c:11874 [inline]
 __se_sys_perf_event_open+0x2e12/0x3fa0 kernel/events/core.c:11479
 do_syscall_64+0x73/0xe0 arch/x86/entry/common.c:359
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45cb29
Code: Bad RIP value.
RSP: 002b:00007fd3f330bc78 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
RAX: ffffffffffffffda RBX: 00000000004fa720 RCX: 000000000045cb29
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000440
RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000842 R14: 00000000004cb34b R15: 00007fd3f330c6d4

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/07/04 01:59 upstream 7cc2a8ea1048 51095195 .config console log report ci-upstream-kasan-gce-smack-root
* Struck through repros no longer work on HEAD.