syzbot

 sign-in | mailing list | source | docs
🐞 Open [1651]
Subsystems
🐞 Fixed [6000]
🐞 Invalid [14793]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: rcu detected stall in sock_write_iter (2)

Status: auto-obsoleted due to no activity on 2024/01/03 00:51
Subsystems: netfilter
[Documentation on labels]
First crash: 451d, last: 451d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in sock_write_iter kernel 1 1882d 1882d 0/28 closed as invalid on 2019/12/04 14:04
linux-5.15 INFO: rcu detected stall in sock_write_iter (3) 1 97d 97d 0/3 upstream: reported on 2024/10/23 00:48
upstream INFO: rcu detected stall in sock_write_iter (3) net C done 136 15h17m 265d 0/28 upstream: reported C repro on 2024/05/07 12:14
linux-5.15 INFO: rcu detected stall in sock_write_iter 1 465d 465d 0/3 auto-obsoleted due to no activity on 2024/01/28 05:21
linux-5.15 INFO: rcu detected stall in sock_write_iter (2) 1 283d 283d 0/3 auto-obsoleted due to no activity on 2024/07/28 08:46
linux-6.1 INFO: rcu detected stall in sock_write_iter 1 298d 298d 0/3 auto-obsoleted due to no activity on 2024/07/13 13:13
android-5-15 BUG: soft lockup in sock_write_iter 24 167d 302d 0/2 auto-obsoleted due to no activity on 2024/11/03 03:04

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P5218/2:b..l P6375/1:b..l
rcu: 	(detected by 0, t=10502 jiffies, g=16513, q=314 ncpus=2)
task:syz-executor.1  state:R  running task     stack:26384 pid:6375  tgid:6375  ppid:5107   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xee5/0x59b0 kernel/sched/core.c:6688
 preempt_schedule_common+0x44/0xc0 kernel/sched/core.c:6865
 preempt_schedule_thunk+0x1a/0x30 arch/x86/entry/thunk_64.S:45
 __raw_spin_unlock include/linux/spinlock_api_smp.h:143 [inline]
 _raw_spin_unlock+0x3a/0x40 kernel/locking/spinlock.c:186
 spin_unlock include/linux/spinlock.h:391 [inline]
 zap_pte_range mm/memory.c:1534 [inline]
 zap_pmd_range mm/memory.c:1582 [inline]
 zap_pud_range mm/memory.c:1611 [inline]
 zap_p4d_range mm/memory.c:1632 [inline]
 unmap_page_range+0x1472/0x2c00 mm/memory.c:1653
 unmap_single_vma+0x194/0x2b0 mm/memory.c:1699
 unmap_vmas+0x229/0x470 mm/memory.c:1743
 exit_mmap+0x1ad/0xa70 mm/mmap.c:3308
 __mmput+0x12a/0x4d0 kernel/fork.c:1349
 mmput+0x62/0x70 kernel/fork.c:1371
 exit_mm kernel/exit.c:567 [inline]
 do_exit+0x9a1/0x2ac0 kernel/exit.c:858
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1021
 __do_sys_exit_group kernel/exit.c:1032 [inline]
 __se_sys_exit_group kernel/exit.c:1030 [inline]
 __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1030
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x62/0x6a
RIP: 0033:0x7f140707cae9
RSP: 002b:00007ffc6f20af38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 000000000000001e RCX: 00007f140707cae9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000165 R09: 0000000000000000
R10: 0000001b32a20000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000001
 </TASK>
task:syz-fuzzer      state:R  running task     stack:24272 pid:5218  tgid:5068  ppid:5066   flags:0x00004002
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xee5/0x59b0 kernel/sched/core.c:6688
 preempt_schedule_irq+0x51/0x90 kernel/sched/core.c:7008
 irqentry_exit+0x35/0x80 kernel/entry/common.c:432
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:645
RIP: 0010:arch_atomic_try_cmpxchg arch/x86/include/asm/atomic.h:115 [inline]
RIP: 0010:raw_atomic_try_cmpxchg_relaxed include/linux/atomic/atomic-arch-fallback.h:2225 [inline]
RIP: 0010:atomic_try_cmpxchg_relaxed include/linux/atomic/atomic-instrumented.h:1339 [inline]
RIP: 0010:__refcount_add_not_zero include/linux/refcount.h:157 [inline]
RIP: 0010:__refcount_inc_not_zero include/linux/refcount.h:227 [inline]
RIP: 0010:refcount_inc_not_zero include/linux/refcount.h:245 [inline]
RIP: 0010:__nf_conntrack_find_get+0x7d3/0xcd0 net/netfilter/nf_conntrack_core.c:786
Code: 03 00 00 e8 7f ab d2 f8 48 89 ef be 04 00 00 00 e8 d2 ce 29 f9 be 04 00 00 00 4c 89 f7 e8 c5 ce 29 f9 44 8d 63 01 8b 44 24 78 <f0> 44 0f b1 65 00 41 0f 94 c4 31 ff 89 c3 44 89 e6 e8 77 a6 d2 f8
RSP: 0018:ffffc900044df240 EFLAGS: 00000297
RAX: 0000000000000002 RBX: 0000000000000002 RCX: ffffffff88b6537b
RDX: fffff5200089be57 RSI: 0000000000000004 RDI: ffffc900044df2b8
RBP: ffff88801f46a180 R08: 0000000000000001 R09: fffff5200089be57
R10: 0000000000000003 R11: 00000000ffff0000 R12: 0000000000000003
R13: ffff88801f46a1d0 R14: ffffc900044df2b8 R15: 0000000000000000
 resolve_normal_ct net/netfilter/nf_conntrack_core.c:1832 [inline]
 nf_conntrack_in+0x5e4/0x1850 net/netfilter/nf_conntrack_core.c:1996
 ipv4_conntrack_local+0x160/0x260 net/netfilter/nf_conntrack_proto.c:229
 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline]
 nf_hook_slow+0xbb/0x1f0 net/netfilter/core.c:626
 nf_hook include/linux/netfilter.h:269 [inline]
 __ip_local_out+0x4b6/0x9a0 net/ipv4/ip_output.c:118
 ip_local_out net/ipv4/ip_output.c:127 [inline]
 __ip_queue_xmit+0x98a/0x1e00 net/ipv4/ip_output.c:535
 __tcp_transmit_skb+0x1aa5/0x3d10 net/ipv4/tcp_output.c:1454
 tcp_transmit_skb net/ipv4/tcp_output.c:1472 [inline]
 tcp_write_xmit+0xf39/0x79a0 net/ipv4/tcp_output.c:2784
 __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:2969
 tcp_push+0x22f/0x740 net/ipv4/tcp.c:736
 tcp_sendmsg_locked+0x2768/0x3460 net/ipv4/tcp.c:1308
 tcp_sendmsg+0x2e/0x40 net/ipv4/tcp.c:1340
 inet_sendmsg+0x9d/0xe0 net/ipv4/af_inet.c:847
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0xd5/0x180 net/socket.c:745
 sock_write_iter+0x29b/0x3d0 net/socket.c:1158
 call_write_iter include/linux/fs.h:2020 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x64d/0xdf0 fs/read_write.c:584
 ksys_write+0x1f0/0x250 fs/read_write.c:637
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x62/0x6a
RIP: 0033:0x403ace
RSP: 002b:000000c0005b9120 EFLAGS: 00000206 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000403ace
RDX: 00000000000000f0 RSI: 000000c000226200 RDI: 0000000000000003
RBP: 000000c0005b9160 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 000000c0005b92a0
R13: 0000000000000000 R14: 000000c0107ae000 R15: 000000c0000aa900
 </TASK>
rcu: rcu_preempt kthread starved for 10563 jiffies! g16513 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28128 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5376 [inline]
 __schedule+0xee5/0x59b0 kernel/sched/core.c:6688
 __schedule_loop kernel/sched/core.c:6763 [inline]
 schedule+0xe5/0x270 kernel/sched/core.c:6778
 schedule_timeout+0x156/0x2b0 kernel/time/timer.c:2167
 rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:1626
 rcu_gp_kthread+0x243/0x380 kernel/rcu/tree.c:1825
 kthread+0x337/0x440 kernel/kthread.c:388
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 PID: 6356 Comm: syz-executor.4 Not tainted 6.6.0-next-20231103-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
RIP: 0033:0x7f475e07a267
Code: 0b e9 68 fe ff ff 48 83 c4 18 48 8d 3d f2 05 c5 00 5b 5d 41 5c 41 5d 41 5e 41 5f e9 b3 68 fd ff 0f 1f 00 b8 27 00 00 00 0f 05 <c3> 0f 1f 84 00 00 00 00 00 b8 66 00 00 00 0f 05 c3 0f 1f 84 00 00
RSP: 002b:00007ffc1b422788 EFLAGS: 00000206
RAX: 00000000000000c4 RBX: 00007ffc1b4228f0 RCX: 00007f475e07a267
RDX: 00007ffc1b4227c0 RSI: 00007ffc1b4228f0 RDI: 0000000000000021
RBP: 0000000000000000 R08: 00007f475e19c05c R09: 00007f475e19c05c
R10: 00007ffc1b422e80 R11: 0000000000000206 R12: 00007f475e19c05c
R13: 0000000000053ef5 R14: 00007ffc1b422ea0 R15: 00007ffc1b422e80
FS:  0000555556111480 GS:  0000000000000000

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/04 00:41 linux-next e27090b1413f 500bfdc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root INFO: rcu detected stall in sock_write_iter
* Struck through repros no longer work on HEAD.