syzbot

 sign-in | mailing list | source | docs
🐞 Open [559] 🐞 Fixed [32] 🐞 Invalid [299] Missing Backports [45] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: rcu detected stall in sys_bpf

Status: auto-obsoleted due to no activity on 2024/03/16 17:33
Reported-by: syzbot+fbd30621f95f7c034ccd@syzkaller.appspotmail.com
First crash: 188d, last: 145d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in sys_bpf (5) bpf C unreliable 56 829d 922d 0/26 closed as invalid on 2022/02/08 10:34
linux-5.15 INFO: rcu detected stall in sys_bpf (2) 1 21d 21d 0/3 upstream: reported on 2024/04/09 19:57
upstream INFO: rcu detected stall in sys_bpf (3) bpf 4 1575d 1574d 0/26 closed as invalid on 2020/01/09 08:13
upstream INFO: rcu detected stall in sys_bpf bpf net 3 1741d 1861d 0/26 auto-closed as invalid on 2019/11/23 00:18
upstream INFO: rcu detected stall in sys_bpf (2) bpf 12 1610d 1611d 0/26 closed as invalid on 2019/12/04 14:14
upstream INFO: rcu detected stall in sys_bpf (8) bpf 1 164d 164d 0/26 auto-obsoleted due to no activity on 2024/02/17 03:10
linux-6.1 INFO: rcu detected stall in sys_bpf 1 11d 11d 0/3 upstream: reported on 2024/04/20 10:27
linux-4.19 INFO: rcu detected stall in sys_bpf 3 1558d 1688d 0/1 auto-closed as invalid on 2020/05/23 14:47
upstream INFO: rcu detected stall in sys_bpf (6) net 7 641d 791d 0/26 auto-obsoleted due to no activity on 2022/10/28 06:32
upstream INFO: rcu detected stall in sys_bpf (4) bpf net 3 1527d 1567d 0/26 auto-closed as invalid on 2020/05/24 13:03
android-5-15 BUG: soft lockup in sys_bpf origin:lts C 41 1d08h 33d 0/2 upstream: reported C repro on 2024/03/29 12:25

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P21784/1:b..l
	(detected by 0, t=10502 jiffies, g=88665, q=921)
task:syz-executor.1  state:R  running task     stack:25536 pid:21784 ppid: 10595 flags:0x00004006
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5030 [inline]
 __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376
 preempt_schedule_irq+0xf7/0x1c0 kernel/sched/core.c:6780
 irqentry_exit+0x53/0x80 kernel/entry/common.c:426
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:stack_trace_consume_entry+0x0/0x270 kernel/stacktrace.c:83
Code: ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 7b ff ff ff 48 89 df e8 f0 16 5c 00 e9 6e ff ff ff e8 06 10 ae 08 66 0f 1f 44 00 00 <55> 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 fb 48 ba 00 00 00
RSP: 0018:ffffc900035c7178 EFLAGS: 00000286
RAX: ffffffff81c9b9d8 RBX: ffffc900035c7180 RCX: 0000000080000000
RDX: dffffc0000000000 RSI: ffffffff81c9b9d8 RDI: ffffc900035c7260
RBP: ffffc900035c7210 R08: ffffc900035c7548 R09: ffffc900035c71d0
R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88801f3c0000
R13: ffffffff816dc890 R14: ffffc900035c7260 R15: 0000000000000000
 arch_stack_walk+0x101/0x140 arch/x86/kernel/stacktrace.c:27
 stack_trace_save+0x113/0x1c0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track+0x4b/0x80 mm/kasan/common.c:46
 kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
 ____kasan_slab_free+0xd8/0x120 mm/kasan/common.c:366
 kasan_slab_free include/linux/kasan.h:230 [inline]
 slab_free_hook mm/slub.c:1705 [inline]
 slab_free_freelist_hook+0xdd/0x160 mm/slub.c:1731
 slab_free mm/slub.c:3499 [inline]
 kfree+0xf1/0x270 mm/slub.c:4559
 skb_free_head net/core/skbuff.c:655 [inline]
 skb_release_data+0x73a/0x8a0 net/core/skbuff.c:677
 skb_release_all net/core/skbuff.c:742 [inline]
 __kfree_skb net/core/skbuff.c:756 [inline]
 kfree_skb_reason+0xb3/0x170 net/core/skbuff.c:776
 kfree_skb include/linux/skbuff.h:1123 [inline]
 ____dev_forward_skb include/linux/netdevice.h:4159 [inline]
 __bpf_rx_skb_no_mac net/core/filter.c:2091 [inline]
 __bpf_redirect_no_mac net/core/filter.c:2149 [inline]
 __bpf_redirect+0xa65/0xe90 net/core/filter.c:2172
 ____bpf_clone_redirect net/core/filter.c:2439 [inline]
 bpf_clone_redirect+0x249/0x360 net/core/filter.c:2411
 bpf_prog_2c7672f86c8ac9b6+0x5c/0xb88
 bpf_dispatcher_nop_func include/linux/bpf.h:776 [inline]
 __bpf_prog_run include/linux/filter.h:625 [inline]
 bpf_prog_run include/linux/filter.h:632 [inline]
 bpf_test_run+0x3f4/0x8a0 net/bpf/test_run.c:119
 bpf_prog_test_run_skb+0xb41/0x1420 net/bpf/test_run.c:663
 bpf_prog_test_run+0x32f/0x3a0 kernel/bpf/syscall.c:3331
 __sys_bpf+0x3ac/0x670 kernel/bpf/syscall.c:4632
 __do_sys_bpf kernel/bpf/syscall.c:4718 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4716 [inline]
 __x64_sys_bpf+0x78/0x90 kernel/bpf/syscall.c:4716
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x61/0xcb
RIP: 0033:0x7fa20daaeae9
RSP: 002b:00007fa20c0300c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
RAX: ffffffffffffffda RBX: 00007fa20dbcdf80 RCX: 00007fa20daaeae9
RDX: 0000000000000023 RSI: 0000000020000240 RDI: 000000000000000a
RBP: 00007fa20dafa47a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007fa20dbcdf80 R15: 00007fff0909f1f8
 </TASK>
rcu: rcu_preempt kthread starved for 4640 jiffies! g88665 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:26368 pid:   15 ppid:     2 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5030 [inline]
 __schedule+0x12c4/0x45b0 kernel/sched/core.c:6376
 schedule+0x11b/0x1f0 kernel/sched/core.c:6459
 schedule_timeout+0x1b9/0x300 kernel/time/timer.c:1884
 rcu_gp_fqs_loop+0x2bf/0x1080 kernel/rcu/tree.c:1972
 rcu_gp_kthread+0xa4/0x360 kernel/rcu/tree.c:2145
 kthread+0x3f6/0x4f0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:298
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1 skipped: idling at native_safe_halt arch/x86/include/asm/irqflags.h:51 [inline]
NMI backtrace for cpu 1 skipped: idling at arch_safe_halt arch/x86/include/asm/irqflags.h:89 [inline]
NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt drivers/acpi/processor_idle.c:109 [inline]
NMI backtrace for cpu 1 skipped: idling at acpi_idle_do_entry+0x10f/0x340 drivers/acpi/processor_idle.c:570

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/12/07 17:32 linux-5.15.y 9b91d36ba301 0a02ce36 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan INFO: rcu detected stall in sys_bpf
2023/10/25 23:32 linux-5.15.y 12952a23a5da 72e794c4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan INFO: rcu detected stall in sys_bpf
* Struck through repros no longer work on HEAD.