| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | INFO: rcu detected stall in tipc_recvstream mm | 1 | 543d | 543d | 0/28 | auto-obsoleted due to no activity on 2023/10/25 06:34 |
syzbot |
sign-in | mailing list | source | docs |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | INFO: rcu detected stall in tipc_recvstream mm | 1 | 543d | 543d | 0/28 | auto-obsoleted due to no activity on 2023/10/25 06:34 |
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: rcu: 1-...!: (0 ticks this GP) idle=4c84/1/0x4000000000000000 softirq=27428/27428 fqs=0 rcu: (detected by 0, t=10502 jiffies, g=23353, q=984 ncpus=2) Sending NMI from CPU 0 to CPUs 1: NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 8662 Comm: syz.4.1431 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:hlock_class kernel/locking/lockdep.c:228 [inline] RIP: 0010:__lock_acquire+0x12a9/0x2050 kernel/locking/lockdep.c:5199 Code: 10 8b 18 81 e3 ff 1f 00 00 48 89 d8 48 c1 e8 06 48 8d 3c c5 00 08 29 94 be 08 00 00 00 e8 af 0e 8b 00 48 0f a3 1d f7 aa b8 12 <73> 1d 48 69 c3 c8 00 00 00 48 8d 98 c0 86 c0 93 48 ba 00 00 00 00 RSP: 0018:ffffc90000a18a30 EFLAGS: 00000057 RAX: 0000000000000001 RBX: 0000000000000bfc RCX: ffffffff81705d01 RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff94290978 RBP: 400da861009f1159 R08: ffffffff9429097f R09: 1ffffffff285212f R10: dffffc0000000000 R11: fffffbfff2852130 R12: 0000000000000001 R13: ffff888027c5a8d8 R14: 1ffff11004f8b534 R15: ffff888027c5a9a0 FS: 00007fb7f3a596c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020af0000 CR3: 00000000297e8000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <NMI> </NMI> <IRQ> lock_acquire+0x1ed/0x550 kernel/locking/lockdep.c:5825 __raw_spin_lock include/linux/spinlock_api_smp.h:133 [inline] _raw_spin_lock+0x2e/0x40 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:351 [inline] advance_sched+0xab/0xca0 net/sched/sch_taprio.c:924 __run_hrtimer kernel/time/hrtimer.c:1691 [inline] __hrtimer_run_queues+0x59b/0xd50 kernel/time/hrtimer.c:1755 hrtimer_interrupt+0x396/0x990 kernel/time/hrtimer.c:1817 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1026 [inline] __sysvec_apic_timer_interrupt+0x110/0x3f0 arch/x86/kernel/apic/apic.c:1043 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1037 [inline] sysvec_apic_timer_interrupt+0xa1/0xc0 arch/x86/kernel/apic/apic.c:1037 </IRQ> <TASK> asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702 RIP: 0010:flush_tlb_mm_range+0x3e7/0x5c0 arch/x86/mm/tlb.c:1033 Code: 0f 53 b8 00 8b 44 24 60 fa a9 00 02 00 00 74 05 e8 ee 8a 59 00 4c 89 f7 e8 d6 f4 ff ff e8 21 89 59 00 fb 65 ff 0d b1 6f bf 7e <bf> 01 00 00 00 e8 1f 1d 20 00 65 8b 05 20 c1 c0 7e 85 c0 0f 84 a2 RSP: 0018:ffffc9000448ed60 EFLAGS: 00000246 RAX: 997b3939e3cf5900 RBX: 1ffff92000891db8 RCX: ffffffff8170bc1a RDX: dffffc0000000000 RSI: ffffffff8c0acac0 RDI: ffffffff8c602460 RBP: ffffc9000448ee30 R08: ffffffff94290807 R09: 1ffffffff2852100 R10: dffffc0000000000 R11: fffffbfff2852101 R12: 0000000000000001 R13: ffff88802f183840 R14: ffff8880b873d940 R15: ffffc9000448edc0 flush_tlb_page arch/x86/include/asm/tlbflush.h:254 [inline] ptep_clear_flush+0x11a/0x170 mm/pgtable-generic.c:101 wp_page_copy mm/memory.c:3419 [inline] do_wp_page+0x1beb/0x52d0 mm/memory.c:3745 handle_pte_fault+0x10e3/0x6800 mm/memory.c:5767 __handle_mm_fault mm/memory.c:5894 [inline] handle_mm_fault+0x1053/0x1ad0 mm/memory.c:6062 do_user_addr_fault arch/x86/mm/fault.c:1389 [inline] handle_page_fault arch/x86/mm/fault.c:1481 [inline] exc_page_fault+0x2b9/0x8c0 arch/x86/mm/fault.c:1539 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 RIP: 0010:rep_movs_alternative+0x4a/0x70 arch/x86/lib/copy_user_64.S:71 Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 RSP: 0018:ffffc9000448f738 EFLAGS: 00050206 RAX: ffffffff84b0c001 RBX: 0000000020ae3d90 RCX: 0000000000003f60 RDX: 0000000000000000 RSI: ffff888052dcc358 RDI: 0000000020af0000 RBP: ffffc9000448f8b8 R08: ffff888052dd02b7 R09: 1ffff1100a5ba056 R10: dffffc0000000000 R11: ffffed100a5ba057 R12: 00000000000101d0 R13: ffff888052dc00e8 R14: ffffc9000448fe18 R15: 1ffff92000891fc3 copy_user_generic arch/x86/include/asm/uaccess_64.h:121 [inline] raw_copy_to_user arch/x86/include/asm/uaccess_64.h:142 [inline] copy_to_user_iter lib/iov_iter.c:25 [inline] iterate_ubuf include/linux/iov_iter.h:30 [inline] iterate_and_advance2 include/linux/iov_iter.h:300 [inline] iterate_and_advance include/linux/iov_iter.h:328 [inline] _copy_to_iter+0x257/0x1d60 lib/iov_iter.c:185 copy_to_iter include/linux/uio.h:211 [inline] simple_copy_to_iter net/core/datagram.c:524 [inline] __skb_datagram_iter+0x107/0x900 net/core/datagram.c:401 skb_copy_datagram_iter+0xd1/0x250 net/core/datagram.c:538 skb_copy_datagram_msg include/linux/skbuff.h:4076 [inline] tipc_recvstream+0x7a8/0xf80 net/tipc/socket.c:2067 sock_recvmsg_nosec net/socket.c:1051 [inline] sock_recvmsg+0x22f/0x280 net/socket.c:1073 ____sys_recvmsg+0x1c6/0x480 net/socket.c:2821 ___sys_recvmsg net/socket.c:2863 [inline] __sys_recvmsg+0x2e6/0x3d0 net/socket.c:2893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fb7f2b7dff9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fb7f3a59038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f RAX: ffffffffffffffda RBX: 00007fb7f2d35f80 RCX: 00007fb7f2b7dff9 RDX: 0000000000001f00 RSI: 0000000020000500 RDI: 0000000000000003 RBP: 00007fb7f2bf0296 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fb7f2d35f80 R15: 00007ffc39ff7208 </TASK> rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g23353 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 rcu: Possible timer handling issue on cpu=1 timer-softirq=8777 rcu: rcu_preempt kthread starved for 10502 jiffies! g23353 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=1 rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. rcu: RCU grace-period kthread stack dump: task:rcu_preempt state:I stack:25912 pid:17 tgid:17 ppid:2 flags:0x00004000 Call Trace: <TASK> context_switch kernel/sched/core.c:5315 [inline] __schedule+0x1843/0x4ae0 kernel/sched/core.c:6675 __schedule_loop kernel/sched/core.c:6752 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6767 schedule_timeout+0x1be/0x310 kernel/time/timer.c:2615 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2045 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2247 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK>
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/10/01 15:44 | upstream | e32cde8d2bd7 | ea2b66a6 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | INFO: rcu detected stall in tipc_recvstream | ||
| 2024/10/02 11:17 | bpf | 3ed6be68913b | ea2b66a6 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-bpf-kasan-gce | BUG: soft lockup in tipc_recvstream | ||
| 2024/10/14 16:33 | bpf-next | 989a29cfed9b | 084d8178 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-bpf-next-kasan-gce | BUG: soft lockup in tipc_recvstream |