syzbot

 sign-in | mailing list | source | docs
🐞 Open [717] 🐞 Fixed [181] 🐞 Invalid [640] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: rcu detected stall in execve

Status: auto-closed as invalid on 2020/01/11 15:29
Reported-by: syzbot+262382590a6170ec8d0a@syzkaller.appspotmail.com
First crash: 1691d, last: 1686d

Sample crash report:
ISOFS: Logical zone size(0) < hardware blocksize(1024)
INFO: rcu_sched detected stalls on CPUs/tasks:
	1-...: (1 GPs behind) idle=b4a/140000000000001/0 softirq=11159/11178 fqs=5230 
	(detected by 0, t=10503 jiffies, g=1016, c=1015, q=40)
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 7196 Comm: udevd Not tainted 4.14.143 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880663f4200 task.stack: ffff8880663f8000
RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:60
RSP: 0018:ffff8880aef070a8 EFLAGS: 00000202
RAX: 0000000000000001 RBX: ffff8880982318b8 RCX: 0000000000000000
RDX: ffff8880982318b8 RSI: ffff888098231950 RDI: ffff888098231958
RBP: ffff8880aef07100 R08: 0000000000000000 R09: ffff8880663f4be0
R10: ffff8880663f4bc0 R11: ffff8880663f4200 R12: dffffc0000000000
R13: ffff8880982316c0 R14: 0000000000000000 R15: ffff888098231940
FS:  00007f4a2a6e57a0(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000625208 CR3: 000000009625b000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 dequeue_skb net/sched/sch_generic.c:148 [inline]
 qdisc_restart net/sched/sch_generic.c:241 [inline]
 __qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
 __dev_xmit_skb net/core/dev.c:3235 [inline]
 __dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 br_forward_finish+0xbc/0x320 net/bridge/br_forward.c:67
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 __br_forward+0x560/0x9c0 net/bridge/br_forward.c:111
 deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
 maybe_deliver net/bridge/br_forward.c:168 [inline]
 maybe_deliver net/bridge/br_forward.c:156 [inline]
 br_flood+0x3c8/0x530 net/bridge/br_forward.c:210
 br_dev_xmit+0x9a4/0xd40 net/bridge/br_device.c:83
 __netdev_start_xmit include/linux/netdevice.h:4033 [inline]
 netdev_start_xmit include/linux/netdevice.h:4042 [inline]
 xmit_one net/core/dev.c:3009 [inline]
 dev_hard_start_xmit+0x18c/0x8b0 net/core/dev.c:3025
 __dev_queue_xmit+0x1d95/0x25e0 net/core/dev.c:3525
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 neigh_resolve_output net/core/neighbour.c:1364 [inline]
 neigh_resolve_output+0x4d8/0x870 net/core/neighbour.c:1344
 neigh_output include/net/neighbour.h:500 [inline]
 ip6_finish_output2+0x9ab/0x21b0 net/ipv6/ip6_output.c:120
 ip6_finish_output+0x4f4/0xb50 net/ipv6/ip6_output.c:154
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip6_output+0x20f/0x6d0 net/ipv6/ip6_output.c:171
 dst_output include/net/dst.h:462 [inline]
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ndisc_send_skb+0xb56/0x11e0 net/ipv6/ndisc.c:483
 ndisc_send_rs+0x129/0x680 net/ipv6/ndisc.c:677
 addrconf_rs_timer+0x289/0x5a0 net/ipv6/addrconf.c:3757
 call_timer_fn+0x161/0x670 kernel/time/timer.c:1279
 expire_timers kernel/time/timer.c:1318 [inline]
 __run_timers kernel/time/timer.c:1634 [inline]
 __run_timers kernel/time/timer.c:1602 [inline]
 run_timer_softirq+0x5b4/0x1570 kernel/time/timer.c:1647
 __do_softirq+0x244/0x9a0 kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x160/0x1b0 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:648 [inline]
 smp_apic_timer_interrupt+0x146/0x5e0 arch/x86/kernel/apic/apic.c:1102
 apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
 </IRQ>
RIP: 0010:check_preemption_disabled+0x48/0x250 lib/smp_processor_id.c:53
RSP: 0018:ffff8880663ffba8 EFLAGS: 00000296 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: ffffffff87ab2b80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff869d2e40 RDI: ffffffff869d2e80
RBP: ffff8880663ffbb8 R08: ffffea000259de00 R09: ffffed1012cef000
R10: 0000000000000000 R11: ffff8880663ffc78 R12: 0000000000000001
R13: ffff8880663ffcc8 R14: ffffffff869d2e80 R15: ffffea000259de00
 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:57
 rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1186 [inline]
 rcu_lockdep_current_cpu_online+0x3a/0x140 kernel/rcu/tree.c:1177
 rcu_read_lock_sched_held+0x97/0x130 kernel/rcu/update.c:113
 trace_mm_page_alloc include/trace/events/kmem.h:195 [inline]
 __alloc_pages_nodemask+0x639/0x7a0 mm/page_alloc.c:4207
 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113
 alloc_pages include/linux/gfp.h:497 [inline]
 __get_free_pages+0xf/0x40 mm/page_alloc.c:4226
 _pgd_alloc arch/x86/mm/pgtable.c:362 [inline]
 pgd_alloc+0x25/0x2b0 arch/x86/mm/pgtable.c:376
 mm_alloc_pgd kernel/fork.c:744 [inline]
 mm_init+0x578/0x970 kernel/fork.c:854
 mm_alloc+0xa6/0xd0 kernel/fork.c:906
 bprm_mm_init fs/exec.c:409 [inline]
 do_execveat_common.isra.0+0x954/0x1dd0 fs/exec.c:1771
 do_execve fs/exec.c:1847 [inline]
 SYSC_execve fs/exec.c:1928 [inline]
 SyS_execve+0x39/0x50 fs/exec.c:1923
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f4a29dc9207
RSP: 002b:00007ffc948f1328 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f4a29dc9207
RDX: 00000000021aa9c0 RSI: 00007ffc948f1420 RDI: 00007ffc948f2430
RBP: 0000000000625500 R08: 0000000000001ac7 R09: 0000000000001ac7
R10: 0000000000000000 R11: 0000000000000206 R12: 00000000021aa9c0
R13: 0000000000000007 R14: 0000000002019030 R15: 0000000000000005
Code: 00 00 48 c7 c7 80 99 6e 86 4c 89 35 eb 4f be 07 41 be f4 ff ff ff e8 13 3c ee ff 48 c7 05 d5 4f be 07 00 00 00 00 e9 2f ec ff ff <65> 48 8b 04 25 40 ee 01 00 48 85 c0 74 1a 65 8b 15 4b 0b a5 7e 
INFO: rcu_preempt self-detected stall on CPU
	1-...: (1 GPs behind) idle=b4a/140000000000002/0 softirq=11159/11178 fqs=5227 
INFO: rcu_preempt detected stalls on CPUs/tasks:
	
 (t=10560 jiffies g=1549 c=1548 q=992)
	1-...: (1 GPs behind) idle=b4a/140000000000002/0 softirq=11159/11178 fqs=5227 
	
NMI backtrace for cpu 1
CPU: 1 PID: 7196 Comm: udevd Not tainted 4.14.143 #0
(detected by 0, t=10560 jiffies, g=1549, c=1548, q=992)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x197 lib/dump_stack.c:53
 nmi_cpu_backtrace.cold+0x57/0x94 lib/nmi_backtrace.c:101
 nmi_trigger_cpumask_backtrace+0x141/0x189 lib/nmi_backtrace.c:62
 arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
 trigger_single_cpu_backtrace include/linux/nmi.h:158 [inline]
 rcu_dump_cpu_stacks+0x186/0x1d2 kernel/rcu/tree.c:1396
 print_cpu_stall kernel/rcu/tree.c:1542 [inline]
 check_cpu_stall kernel/rcu/tree.c:1610 [inline]
 __rcu_pending kernel/rcu/tree.c:3390 [inline]
 rcu_pending kernel/rcu/tree.c:3452 [inline]
 rcu_check_callbacks.cold+0x43d/0xd0a kernel/rcu/tree.c:2792
 update_process_times+0x31/0x70 kernel/time/timer.c:1588
 tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
 tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
 __run_hrtimer kernel/time/hrtimer.c:1220 [inline]
 __hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
 hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
 smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1100
 apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:60
RSP: 0018:ffff8880aef070a8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: ffff8880982318b8 RCX: 0000000000000000
RDX: ffff8880982318b8 RSI: ffff888098231950 RDI: ffff888098231958
RBP: ffff8880aef07100 R08: 0000000000000000 R09: ffff8880663f4be0
R10: ffff8880663f4bc0 R11: ffff8880663f4200 R12: dffffc0000000000
R13: ffff8880982316c0 R14: 0000000000000000 R15: ffff888098231940
 dequeue_skb net/sched/sch_generic.c:148 [inline]
 qdisc_restart net/sched/sch_generic.c:241 [inline]
 __qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
 __dev_xmit_skb net/core/dev.c:3235 [inline]
 __dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 br_forward_finish+0xbc/0x320 net/bridge/br_forward.c:67
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 __br_forward+0x560/0x9c0 net/bridge/br_forward.c:111
 deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
 maybe_deliver net/bridge/br_forward.c:168 [inline]
 maybe_deliver net/bridge/br_forward.c:156 [inline]
 br_flood+0x3c8/0x530 net/bridge/br_forward.c:210
 br_dev_xmit+0x9a4/0xd40 net/bridge/br_device.c:83
 __netdev_start_xmit include/linux/netdevice.h:4033 [inline]
 netdev_start_xmit include/linux/netdevice.h:4042 [inline]
 xmit_one net/core/dev.c:3009 [inline]
 dev_hard_start_xmit+0x18c/0x8b0 net/core/dev.c:3025
 __dev_queue_xmit+0x1d95/0x25e0 net/core/dev.c:3525
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 neigh_resolve_output net/core/neighbour.c:1364 [inline]
 neigh_resolve_output+0x4d8/0x870 net/core/neighbour.c:1344
 neigh_output include/net/neighbour.h:500 [inline]
 ip6_finish_output2+0x9ab/0x21b0 net/ipv6/ip6_output.c:120
 ip6_finish_output+0x4f4/0xb50 net/ipv6/ip6_output.c:154
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip6_output+0x20f/0x6d0 net/ipv6/ip6_output.c:171
 dst_output include/net/dst.h:462 [inline]
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ndisc_send_skb+0xb56/0x11e0 net/ipv6/ndisc.c:483
 ndisc_send_rs+0x129/0x680 net/ipv6/ndisc.c:677
 addrconf_rs_timer+0x289/0x5a0 net/ipv6/addrconf.c:3757
 call_timer_fn+0x161/0x670 kernel/time/timer.c:1279
 expire_timers kernel/time/timer.c:1318 [inline]
 __run_timers kernel/time/timer.c:1634 [inline]
 __run_timers kernel/time/timer.c:1602 [inline]
 run_timer_softirq+0x5b4/0x1570 kernel/time/timer.c:1647
 __do_softirq+0x244/0x9a0 kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x160/0x1b0 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:648 [inline]
 smp_apic_timer_interrupt+0x146/0x5e0 arch/x86/kernel/apic/apic.c:1102
 apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
 </IRQ>
RIP: 0010:check_preemption_disabled+0x48/0x250 lib/smp_processor_id.c:53
RSP: 0018:ffff8880663ffba8 EFLAGS: 00000296 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: ffffffff87ab2b80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff869d2e40 RDI: ffffffff869d2e80
RBP: ffff8880663ffbb8 R08: ffffea000259de00 R09: ffffed1012cef000
R10: 0000000000000000 R11: ffff8880663ffc78 R12: 0000000000000001
R13: ffff8880663ffcc8 R14: ffffffff869d2e80 R15: ffffea000259de00
 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:57
 rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1186 [inline]
 rcu_lockdep_current_cpu_online+0x3a/0x140 kernel/rcu/tree.c:1177
 rcu_read_lock_sched_held+0x97/0x130 kernel/rcu/update.c:113
 trace_mm_page_alloc include/trace/events/kmem.h:195 [inline]
 __alloc_pages_nodemask+0x639/0x7a0 mm/page_alloc.c:4207
 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113
 alloc_pages include/linux/gfp.h:497 [inline]
 __get_free_pages+0xf/0x40 mm/page_alloc.c:4226
 _pgd_alloc arch/x86/mm/pgtable.c:362 [inline]
 pgd_alloc+0x25/0x2b0 arch/x86/mm/pgtable.c:376
 mm_alloc_pgd kernel/fork.c:744 [inline]
 mm_init+0x578/0x970 kernel/fork.c:854
 mm_alloc+0xa6/0xd0 kernel/fork.c:906
 bprm_mm_init fs/exec.c:409 [inline]
 do_execveat_common.isra.0+0x954/0x1dd0 fs/exec.c:1771
 do_execve fs/exec.c:1847 [inline]
 SYSC_execve fs/exec.c:1928 [inline]
 SyS_execve+0x39/0x50 fs/exec.c:1923
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f4a29dc9207
RSP: 002b:00007ffc948f1328 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f4a29dc9207
RDX: 00000000021aa9c0 RSI: 00007ffc948f1420 RDI: 00007ffc948f2430
RBP: 0000000000625500 R08: 0000000000001ac7 R09: 0000000000001ac7
R10: 0000000000000000 R11: 0000000000000206 R12: 00000000021aa9c0
R13: 0000000000000007 R14: 0000000002019030 R15: 0000000000000005
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 7196 Comm: udevd Not tainted 4.14.143 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
task: ffff8880663f4200 task.stack: ffff8880663f8000
RIP: 0010:cpu_relax arch/x86/include/asm/processor.h:661 [inline]
RIP: 0010:virt_spin_lock arch/x86/include/asm/qspinlock.h:87 [inline]
RIP: 0010:native_queued_spin_lock_slowpath+0x302/0x750 kernel/locking/qspinlock.c:313
RSP: 0018:ffff8880aef06c68 EFLAGS: 00000002
RAX: 0000000000000001 RBX: ffffffff87791a80 RCX: dffffc0000000000
RDX: 1ffffffff0ee2a98 RSI: 0000000000000001 RDI: ffffffff87791a80
RBP: ffff8880aef06c98 R08: 0000000000004f83 R09: ffffffff88ca7098
R10: ffff8880663f4be8 R11: ffff8880663f4200 R12: 0000000000000001
R13: 0000000000000003 R14: fffffbfff0ef2350 R15: ffffffff87791a80
FS:  00007f4a2a6e57a0(0000) GS:ffff8880aef00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000625208 CR3: 000000009625b000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:669 [inline]
 queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:52 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:90 [inline]
 do_raw_spin_lock+0x190/0x230 kernel/locking/spinlock_debug.c:113
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:117 [inline]
 _raw_spin_lock_irqsave+0x9d/0xcd kernel/locking/spinlock.c:160
 print_cpu_stall kernel/rcu/tree.c:1544 [inline]
 check_cpu_stall kernel/rcu/tree.c:1610 [inline]
 __rcu_pending kernel/rcu/tree.c:3390 [inline]
 rcu_pending kernel/rcu/tree.c:3452 [inline]
 rcu_check_callbacks.cold+0x445/0xd0a kernel/rcu/tree.c:2792
 update_process_times+0x31/0x70 kernel/time/timer.c:1588
 tick_sched_handle+0x85/0x160 kernel/time/tick-sched.c:161
 tick_sched_timer+0x43/0x130 kernel/time/tick-sched.c:1219
 __run_hrtimer kernel/time/hrtimer.c:1220 [inline]
 __hrtimer_run_queues+0x270/0xbc0 kernel/time/hrtimer.c:1284
 hrtimer_interrupt+0x1d8/0x5d0 kernel/time/hrtimer.c:1318
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1075 [inline]
 smp_apic_timer_interrupt+0x11c/0x5e0 arch/x86/kernel/apic/apic.c:1100
 apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 kernel/kcov.c:60
RSP: 0018:ffff8880aef070a8 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: ffff8880982318b8 RCX: 0000000000000000
RDX: ffff8880982318b8 RSI: ffff888098231950 RDI: ffff888098231958
RBP: ffff8880aef07100 R08: 0000000000000000 R09: ffff8880663f4be0
R10: ffff8880663f4bc0 R11: ffff8880663f4200 R12: dffffc0000000000
R13: ffff8880982316c0 R14: 0000000000000000 R15: ffff888098231940
 dequeue_skb net/sched/sch_generic.c:148 [inline]
 qdisc_restart net/sched/sch_generic.c:241 [inline]
 __qdisc_run+0x2b8/0xe00 net/sched/sch_generic.c:257
 __dev_xmit_skb net/core/dev.c:3235 [inline]
 __dev_queue_xmit+0x1571/0x25e0 net/core/dev.c:3493
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 br_dev_queue_push_xmit+0x367/0x530 net/bridge/br_forward.c:55
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 br_forward_finish+0xbc/0x320 net/bridge/br_forward.c:67
 NF_HOOK include/linux/netfilter.h:250 [inline]
 NF_HOOK include/linux/netfilter.h:244 [inline]
 __br_forward+0x560/0x9c0 net/bridge/br_forward.c:111
 deliver_clone+0x61/0xc0 net/bridge/br_forward.c:127
 maybe_deliver net/bridge/br_forward.c:168 [inline]
 maybe_deliver net/bridge/br_forward.c:156 [inline]
 br_flood+0x3c8/0x530 net/bridge/br_forward.c:210
 br_dev_xmit+0x9a4/0xd40 net/bridge/br_device.c:83
 __netdev_start_xmit include/linux/netdevice.h:4033 [inline]
 netdev_start_xmit include/linux/netdevice.h:4042 [inline]
 xmit_one net/core/dev.c:3009 [inline]
 dev_hard_start_xmit+0x18c/0x8b0 net/core/dev.c:3025
 __dev_queue_xmit+0x1d95/0x25e0 net/core/dev.c:3525
 dev_queue_xmit+0x18/0x20 net/core/dev.c:3558
 neigh_resolve_output net/core/neighbour.c:1364 [inline]
 neigh_resolve_output+0x4d8/0x870 net/core/neighbour.c:1344
 neigh_output include/net/neighbour.h:500 [inline]
 ip6_finish_output2+0x9ab/0x21b0 net/ipv6/ip6_output.c:120
 ip6_finish_output+0x4f4/0xb50 net/ipv6/ip6_output.c:154
 NF_HOOK_COND include/linux/netfilter.h:239 [inline]
 ip6_output+0x20f/0x6d0 net/ipv6/ip6_output.c:171
 dst_output include/net/dst.h:462 [inline]
 NF_HOOK include/linux/netfilter.h:250 [inline]
 ndisc_send_skb+0xb56/0x11e0 net/ipv6/ndisc.c:483
 ndisc_send_rs+0x129/0x680 net/ipv6/ndisc.c:677
 addrconf_rs_timer+0x289/0x5a0 net/ipv6/addrconf.c:3757
 call_timer_fn+0x161/0x670 kernel/time/timer.c:1279
 expire_timers kernel/time/timer.c:1318 [inline]
 __run_timers kernel/time/timer.c:1634 [inline]
 __run_timers kernel/time/timer.c:1602 [inline]
 run_timer_softirq+0x5b4/0x1570 kernel/time/timer.c:1647
 __do_softirq+0x244/0x9a0 kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x160/0x1b0 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:648 [inline]
 smp_apic_timer_interrupt+0x146/0x5e0 arch/x86/kernel/apic/apic.c:1102
 apic_timer_interrupt+0x96/0xa0 arch/x86/entry/entry_64.S:792
 </IRQ>
RIP: 0010:check_preemption_disabled+0x48/0x250 lib/smp_processor_id.c:53
RSP: 0018:ffff8880663ffba8 EFLAGS: 00000296 ORIG_RAX: ffffffffffffff10
RAX: 0000000000000001 RBX: ffffffff87ab2b80 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff869d2e40 RDI: ffffffff869d2e80
RBP: ffff8880663ffbb8 R08: ffffea000259de00 R09: ffffed1012cef000
R10: 0000000000000000 R11: ffff8880663ffc78 R12: 0000000000000001
R13: ffff8880663ffcc8 R14: ffffffff869d2e80 R15: ffffea000259de00
 debug_smp_processor_id+0x1c/0x20 lib/smp_processor_id.c:57
 rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1186 [inline]
 rcu_lockdep_current_cpu_online+0x3a/0x140 kernel/rcu/tree.c:1177
 rcu_read_lock_sched_held+0x97/0x130 kernel/rcu/update.c:113
 trace_mm_page_alloc include/trace/events/kmem.h:195 [inline]
 __alloc_pages_nodemask+0x639/0x7a0 mm/page_alloc.c:4207
 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113
 alloc_pages include/linux/gfp.h:497 [inline]
 __get_free_pages+0xf/0x40 mm/page_alloc.c:4226
 _pgd_alloc arch/x86/mm/pgtable.c:362 [inline]
 pgd_alloc+0x25/0x2b0 arch/x86/mm/pgtable.c:376
 mm_alloc_pgd kernel/fork.c:744 [inline]
 mm_init+0x578/0x970 kernel/fork.c:854
 mm_alloc+0xa6/0xd0 kernel/fork.c:906
 bprm_mm_init fs/exec.c:409 [inline]
 do_execveat_common.isra.0+0x954/0x1dd0 fs/exec.c:1771
 do_execve fs/exec.c:1847 [inline]
 SYSC_execve fs/exec.c:1928 [inline]
 SyS_execve+0x39/0x50 fs/exec.c:1923
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f4a29dc9207
RSP: 002b:00007ffc948f1328 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f4a29dc9207
RDX: 00000000021aa9c0 RSI: 00007ffc948f1420 RDI: 00007ffc948f2430
RBP: 0000000000625500 R08: 0000000000001ac7 R09: 0000000000001ac7
R10: 0000000000000000 R11: 0000000000000206 R12: 00000000021aa9c0
R13: 0000000000000007 R14: 0000000002019030 R15: 0000000000000005
Code: 4c 89 e2 48 c1 ea 03 80 3c 02 00 0f 85 6b 03 00 00 49 8b 04 24 48 85 c0 0f 84 54 01 00 00 48 89 c1 0f 18 08 e9 4b 01 00 00 f3 90 <e9> 37 fd ff ff 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 
INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 1-... } 10705 jiffies s: 2753 root: 0x2/.
blocking rcu_node structures:
Task dump for CPU 1:
udevd           R  running task    29520  7196   6855 0x8000000c
Call Trace:
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x7f4a29dc9207
RSP: 002b:00007ffc948f1328 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00007f4a29dc9207
RDX: 00000000021aa9c0 RSI: 00007ffc948f1420 RDI: 00007ffc948f2430
RBP: 0000000000625500 R08: 0000000000001ac7 R09: 0000000000001ac7
R10: 0000000000000000 R11: 0000000000000206 R12: 00000000021aa9c0
R13: 0000000000000007 R14: 0000000002019030 R15: 0000000000000005

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/09/13 15:28 linux-4.14.y e2cd24b62938 32d59357 .config console log report ci2-linux-4-14
2019/09/09 07:54 linux-4.14.y 414510bc00a5 a60cb4cd .config console log report ci2-linux-4-14
* Struck through repros no longer work on HEAD.