INFO: rcu detected stall in garp_join

INFO: rcu detected stall in garp_join_timer (2)
Status: auto-closed as invalid on 2020/10/18 11:34
Reported-by: syzbot+cf20d61e724a805f89e0@syzkaller.appspotmail.com
First crash: 698d, last: 698d

similar bugs (6):
Kernel	Title	Count	Last	Reported	Patched	Status
linux-4.19	INFO: rcu detected stall in garp_join_timer	7	830d	862d	0/1	auto-closed as invalid on 2020/06/07 13:30
linux-4.19	BUG: soft lockup in garp_join_timer	13	15d	342d	0/1	upstream: reported on 2021/06/11 07:01
upstream	INFO: rcu detected stall in garp_join_timer	1	902d	902d	0/22	closed as invalid on 2019/11/29 14:24
upstream	INFO: rcu detected stall in garp_join_timer (2)	25	123d	823d	0/22	auto-closed as invalid on 2022/05/15 13:33
linux-4.14	INFO: rcu detected stall in garp_join_timer	4	826d	841d	0/1	auto-closed as invalid on 2020/06/12 11:13
linux-4.19	INFO: rcu detected stall in garp_join_timer (3)	1	490d	490d	0/1	auto-closed as invalid on 2021/05/13 13:34

Sample crash report:

rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	(detected by 1, t=10502 jiffies, g=293481, q=208)
rcu: All QSes seen, last rcu_preempt kthread activity 10497 (4295215423-4295204926), jiffies_till_next_fqs=1, root ->qsmask 0x0
syz-executor.4  R  running task    24528 32027   6223 0x8000000c
Call Trace:
 <IRQ>
 sched_show_task.cold+0x334/0x395 kernel/sched/core.c:5338
 print_other_cpu_stall kernel/rcu/tree.c:1430 [inline]
 check_cpu_stall kernel/rcu/tree.c:1557 [inline]
 __rcu_pending kernel/rcu/tree.c:3293 [inline]
 rcu_pending kernel/rcu/tree.c:3336 [inline]
 rcu_check_callbacks.cold+0xaf0/0xddc kernel/rcu/tree.c:2682
 update_process_times+0x2a/0x70 kernel/time/timer.c:1638
 tick_sched_handle.isra.0+0x91/0x180 kernel/time/tick-sched.c:168
 tick_sched_timer+0x44/0x130 kernel/time/tick-sched.c:1278
 __run_hrtimer kernel/time/hrtimer.c:1401 [inline]
 __hrtimer_run_queues+0x2ec/0xd20 kernel/time/hrtimer.c:1463
 hrtimer_interrupt+0x312/0x770 kernel/time/hrtimer.c:1521
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1067 [inline]
 smp_apic_timer_interrupt+0x10c/0x550 arch/x86/kernel/apic/apic.c:1092
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:__raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irqrestore+0xa3/0xe0 kernel/locking/spinlock.c:184
Code: 48 c7 c0 c8 57 b2 88 48 ba 00 00 00 00 00 fc ff df 48 c1 e8 03 80 3c 10 00 75 2f 48 83 3d dc 46 94 01 00 74 15 48 89 df 57 9d <0f> 1f 44 00 00 eb b2 e8 dd 4b e2 f9 eb c0 0f 0b 0f 0b 48 c7 c7 c8
RSP: 0018:ffff8880ae707cb0 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1164af9 RBX: 0000000000000282 RCX: 1ffff11009f029a7
RDX: dffffc0000000000 RSI: ffff88804f814d18 RDI: 0000000000000282
RBP: ffff88808fadc368 R08: ffff88804f814440 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff88808fadc368 R14: 0000000000000000 R15: 1ffff11015ce0fce
 spin_unlock_irqrestore include/linux/spinlock.h:384 [inline]
 skb_dequeue+0x120/0x170 net/core/skbuff.c:2821
 garp_queue_xmit net/802/garp.c:261 [inline]
 garp_join_timer+0x59/0x72 net/802/garp.c:413
 call_timer_fn+0x177/0x700 kernel/time/timer.c:1326
 expire_timers+0x24f/0x4f0 kernel/time/timer.c:1363
 __run_timers kernel/time/timer.c:1684 [inline]
 run_timer_softirq+0x218/0x660 kernel/time/timer.c:1697
 __do_softirq+0x26c/0x93d kernel/softirq.c:292
 invoke_softirq kernel/softirq.c:372 [inline]
 irq_exit+0x17b/0x1c0 kernel/softirq.c:412
 exiting_irq arch/x86/include/asm/apic.h:544 [inline]
 smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1094
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:894
 </IRQ>
RIP: 0010:arch_local_irq_restore arch/x86/include/asm/paravirt.h:789 [inline]
RIP: 0010:lock_acquire+0x1ec/0x3c0 kernel/locking/lockdep.c:3910
Code: 08 00 00 00 00 00 00 48 c1 e8 03 80 3c 10 00 0f 85 b7 01 00 00 48 83 3d 29 3d 62 07 00 0f 84 2a 01 00 00 48 8b 7c 24 08 57 9d <0f> 1f 44 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 65 8b
RSP: 0018:ffff888024adf668 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff13
RAX: 1ffffffff1164af9 RBX: ffff88804f814440 RCX: 1ffff11009f029a2
RDX: dffffc0000000000 RSI: 0000000000000000 RDI: 0000000000000282
RBP: ffffffff88b933a0 R08: 0000000000000000 R09: 0000000000000001
R10: ffff88804f814cf0 R11: 3f5c77fea456d911 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000002 R15: 0000000000000000
 rcu_lock_acquire include/linux/rcupdate.h:242 [inline]
 rcu_read_lock include/linux/rcupdate.h:627 [inline]
 lock_page_memcg+0x36/0x230 mm/memcontrol.c:1908
 page_remove_file_rmap mm/rmap.c:1215 [inline]
 page_remove_rmap+0x53e/0x12e0 mm/rmap.c:1300
 zap_pte_range mm/memory.c:1338 [inline]
 zap_pmd_range mm/memory.c:1440 [inline]
 zap_pud_range mm/memory.c:1469 [inline]
 zap_p4d_range mm/memory.c:1490 [inline]
 unmap_page_range+0x1230/0x2bb0 mm/memory.c:1511
 unmap_single_vma+0x196/0x300 mm/memory.c:1556
 unmap_vmas+0xa9/0x180 mm/memory.c:1586
 exit_mmap+0x2b9/0x510 mm/mmap.c:3091
 __mmput kernel/fork.c:1015 [inline]
 mmput+0x14e/0x420 kernel/fork.c:1036
 exit_mm kernel/exit.c:546 [inline]
 do_exit+0xac4/0x2f00 kernel/exit.c:867
 do_group_exit+0x125/0x310 kernel/exit.c:983
 get_signal+0x3f5/0x1f30 kernel/signal.c:2588
 do_signal+0x8f/0x1620 arch/x86/kernel/signal.c:821
 exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163
 prepare_exit_to_usermode arch/x86/entry/common.c:198 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:271 [inline]
 do_syscall_64+0x538/0x620 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45ca59
Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f78dc8d1c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: 000000000000ff9c RBX: 0000000000501ee0 RCX: 000000000045ca59
RDX: 000000000000ff9c RSI: 00000000203cef9f RDI: 0000000000000007
RBP: 000000000078bf00 R08: 0000000020618000 R09: 0000000000000010
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000a31 R14: 00000000004cd132 R15: 00007f78dc8d26d4
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=32090 comm=syz-executor.2
Left network mode
IPVS: ftp: loaded support on port[0] = 21
Left network mode
Left network mode
Left network mode
chnl_net:caif_netlink_parms(): no params data found
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
IPVS: ftp: loaded support on port[0] = 21
batman_adv: batadv0: Adding interface: batadv_slave_0
batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
batman_adv: batadv0: Adding interface: batadv_slave_1
batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready
IPVS: ftp: loaded support on port[0] = 21
IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready
device hsr_slave_0 entered promiscuous mode
device hsr_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready
IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready
chnl_net:caif_netlink_parms(): no params data found
chnl_net:caif_netlink_parms(): no params data found
IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready
chnl_net:caif_netlink_parms(): no params data found
chnl_net:caif_netlink_parms(): no params data found
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
bond0: Enslaving bond_slave_0 as an active interface with an up link
bridge0: port 1(bridge_slave_0) entered blocking state
bridge0: port 1(bridge_slave_0) entered disabled state
device bridge_slave_0 entered promiscuous mode
bond0: Enslaving bond_slave_1 as an active interface with an up link
IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready
team0: Port device team_slave_0 added
bridge0: port 2(bridge_slave_1) entered blocking state
bridge0: port 2(bridge_slave_1) entered disabled state
device bridge_slave_1 entered promiscuous mode
IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready
team0: Port device team_slave_1 added
bond0: Enslaving bond_slave_0 as an active interface with an up link
batman_adv: batadv0: Interface deactivated: batadv_slave_0
batman_adv: batadv0: Removing interface: batadv_slave_0
batman_adv: batadv0: Interface deactivated: batadv_slave_1
batman_adv: batadv0: Removing interface: batadv_slave_1
batman_adv: batadv0: Removing interface: vlan2
device bridge_slave_1 left promiscuous mode

Crashes (1):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci2-linux-4-19	2020/06/20 11:33	linux-4.19.y	3fc898571b97	c655ec77	.config	log	report