INFO: rcu detected stall in mrp_join

INFO: rcu detected stall in mrp_join_timer (2)
Status: upstream: reported on 2020/02/16 10:49
Reported-by: syzbot+67edf33871a80247d3c0@syzkaller.appspotmail.com
First crash: 461d, last: 52d

similar bugs (4):
Kernel	Title	Count	Last	Reported	Patched	Status
linux-4.14	INFO: rcu detected stall in mrp_join_timer	7	300d	465d	0/1	auto-closed as invalid on 2020/10/17 01:22
upstream	INFO: rcu detected stall in mrp_join_timer	1	463d	462d	0/22	closed as invalid on 2020/01/09 08:13
linux-4.19	INFO: rcu detected stall in mrp_join_timer	28	150d	462d	0/1	auto-closed as invalid on 2021/03/15 12:15
linux-4.14	BUG: soft lockup in mrp_join_timer	1	23d	23d	0/1	upstream: reported on 2021/03/22 15:25

Sample crash report:

rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	0-...!: (10500 ticks this GP) idle=efe/1/0x4000000000000000 softirq=58034/58034 fqs=0 
	(t=10500 jiffies g=86733 q=726)
rcu: rcu_preempt kthread starved for 10500 jiffies! g86733 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28888 pid:   13 ppid:     2 flags:0x00004000
Call Trace:
 context_switch kernel/sched/core.c:4327 [inline]
 __schedule+0x90c/0x21a0 kernel/sched/core.c:5078
 schedule+0xcf/0x270 kernel/sched/core.c:5157
 schedule_timeout+0x148/0x250 kernel/time/timer.c:1878
 rcu_gp_fqs_loop kernel/rcu/tree.c:1940 [inline]
 rcu_gp_kthread+0xbbe/0x1d70 kernel/rcu/tree.c:2113
 kthread+0x3b1/0x4a0 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296
NMI backtrace for cpu 0
CPU: 0 PID: 29938 Comm: syz-executor.4 Not tainted 5.11.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x107/0x163 lib/dump_stack.c:120
 nmi_cpu_backtrace.cold+0x44/0xd7 lib/nmi_backtrace.c:105
 nmi_trigger_cpumask_backtrace+0x1b3/0x230 lib/nmi_backtrace.c:62
 trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
 rcu_dump_cpu_stacks+0x1f4/0x230 kernel/rcu/tree_stall.h:337
 print_cpu_stall kernel/rcu/tree_stall.h:569 [inline]
 check_cpu_stall kernel/rcu/tree_stall.h:643 [inline]
 rcu_pending kernel/rcu/tree.c:3751 [inline]
 rcu_sched_clock_irq.cold+0x48e/0xedf kernel/rcu/tree.c:2580
 update_process_times+0x16d/0x200 kernel/time/timer.c:1782
 tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:226
 tick_sched_timer+0x1b0/0x2d0 kernel/time/tick-sched.c:1369
 __run_hrtimer kernel/time/hrtimer.c:1519 [inline]
 __hrtimer_run_queues+0x1c0/0xe40 kernel/time/hrtimer.c:1583
 hrtimer_interrupt+0x334/0x940 kernel/time/hrtimer.c:1645
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1089 [inline]
 __sysvec_apic_timer_interrupt+0x146/0x540 arch/x86/kernel/apic/apic.c:1106
 run_sysvec_on_irqstack_cond arch/x86/include/asm/irq_stack.h:91 [inline]
 sysvec_apic_timer_interrupt+0x48/0x100 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629
RIP: 0010:orc_find arch/x86/kernel/unwind_orc.c:164 [inline]
RIP: 0010:unwind_next_frame+0x280/0x1f90 arch/x86/kernel/unwind_orc.c:443
Code: 89 54 24 20 48 89 4c 24 18 e8 bc 1d 84 00 4c 8b 44 24 30 48 8b 74 24 28 44 8b 54 24 20 48 8b 4c 24 18 46 8b 1c 85 1c d8 d3 8e <44> 8d 46 01 48 ba 00 00 00 00 00 fc ff df 4a 8d 3c 85 1c d8 d3 8e
RSP: 0018:ffffc90000007620 EFLAGS: 00000246
RAX: 0000000000000000 RBX: 1ffff92000000ecc RCX: ffffffff81b5909a
RDX: 0000000000000007 RSI: 000000000000b590 RDI: ffffffff8ed6ae5c
RBP: 0000000000000002 R08: 000000000000b590 R09: 0000000000000000
R10: 0000000000084083 R11: 000000000002a254 R12: ffffc90000007740
R13: ffffc9000000772d R14: ffffc90000007748 R15: ffffc900000076f8
 arch_stack_walk+0x7d/0xe0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8c/0xc0 kernel/stacktrace.c:121
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track+0x1c/0x30 mm/kasan/common.c:46
 kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:356
 ____kasan_slab_free+0xe1/0x110 mm/kasan/common.c:362
 kasan_slab_free include/linux/kasan.h:192 [inline]
 slab_free_hook mm/slub.c:1547 [inline]
 slab_free_freelist_hook+0x5d/0x150 mm/slub.c:1580
 slab_free mm/slub.c:3143 [inline]
 kfree+0xdb/0x3b0 mm/slub.c:4139
 skb_free_head net/core/skbuff.c:650 [inline]
 skb_release_data+0x622/0x750 net/core/skbuff.c:671
 skb_release_all net/core/skbuff.c:725 [inline]
 __kfree_skb net/core/skbuff.c:739 [inline]
 kfree_skb net/core/skbuff.c:757 [inline]
 kfree_skb+0x133/0x3f0 net/core/skbuff.c:751
 kfree_skb_list+0x3f/0x60 net/core/skbuff.c:766
 __dev_xmit_skb net/core/dev.c:3849 [inline]
 __dev_queue_xmit+0x1560/0x2e00 net/core/dev.c:4150
 mrp_queue_xmit net/802/mrp.c:351 [inline]
 mrp_join_timer+0x8a/0xc0 net/802/mrp.c:595
 call_timer_fn+0x1a5/0x6b0 kernel/time/timer.c:1417
 expire_timers kernel/time/timer.c:1462 [inline]
 __run_timers.part.0+0x67c/0xa50 kernel/time/timer.c:1731
 __run_timers kernel/time/timer.c:1712 [inline]
 run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1744
 __do_softirq+0x29b/0x9f6 kernel/softirq.c:343
 asm_call_irq_on_stack+0xf/0x20
 </IRQ>
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline]
 do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77
 invoke_softirq kernel/softirq.c:226 [inline]
 __irq_exit_rcu kernel/softirq.c:420 [inline]
 irq_exit_rcu+0x134/0x200 kernel/softirq.c:432
 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629
RIP: 0010:qlink_to_object mm/kasan/quarantine.c:129 [inline]
RIP: 0010:qlink_free mm/kasan/quarantine.c:134 [inline]
RIP: 0010:qlist_free_all+0x46/0xc0 mm/kasan/quarantine.c:165
Code: 49 be 00 00 00 00 00 ea ff ff 49 89 fd 49 bc 00 00 00 00 00 fc ff df eb 2d 48 63 87 c0 00 00 00 48 c7 c2 65 22 b6 81 4c 8b 3e <48> 29 c6 48 89 f0 48 c1 e8 03 42 c6 04 20 fb e8 f6 c6 ff ff 4d 85
RSP: 0018:ffffc90017bbf9f8 EFLAGS: 00000246
RAX: 0000000000000000 RBX: ffff888017840ea0 RCX: ffffea0000ad19ff
RDX: ffffffff81b62265 RSI: ffff88801e476280 RDI: ffff8880118c7c80
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000030
R10: ffffffff8132f03a R11: 000000000000003f R12: dffffc0000000000
R13: ffffc90017bbfa30 R14: ffffea0000000000 R15: ffff888023171000
 quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:272
 ____kasan_kmalloc.constprop.0+0x98/0xa0 mm/kasan/common.c:412
 kasan_slab_alloc include/linux/kasan.h:209 [inline]
 slab_post_alloc_hook mm/slab.h:512 [inline]
 slab_alloc_node mm/slub.c:2892 [inline]
 slab_alloc mm/slub.c:2900 [inline]
 kmem_cache_alloc+0x1c6/0x440 mm/slub.c:2905
 kmem_cache_zalloc include/linux/slab.h:672 [inline]
 taskstats_tgid_alloc kernel/taskstats.c:561 [inline]
 taskstats_exit+0x649/0xbf0 kernel/taskstats.c:600
 do_exit+0x69d/0x2ae0 kernel/exit.c:810
 do_group_exit+0x125/0x310 kernel/exit.c:922
 get_signal+0x427/0x20f0 kernel/signal.c:2773
 arch_do_signal_or_restart+0x2a8/0x1eb0 arch/x86/kernel/signal.c:811
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x148/0x250 kernel/entry/common.c:201
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x19/0x50 kernel/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x466019
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f75ed164218 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 000000000056bf68 RCX: 0000000000466019
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 000000000056bf68
RBP: 000000000056bf60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf6c
R13: 00007fff22f934cf R14: 00007f75ed164300 R15: 0000000000022000

Crashes (41):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci-upstream-kasan-gce-root	2021/02/21 12:41	upstream	e767b353	3e5ed8b4	.config	log	report	info	INFO: rcu detected stall in mrp_join_timer
ci-upstream-kasan-gce-selinux-root	2021/01/23 17:49	upstream	fe75a218	52e37319	.config	log	report	info	INFO: rcu detected stall in mrp_join_timer
ci-upstream-kasan-gce	2021/01/10 20:46	upstream	2ff90100	2c1f2513	.config	log	report	info
ci-upstream-kasan-gce	2020/12/20 10:19	upstream	467f8165	04201c06	.config	log	report	info
ci-upstream-kasan-gce-root	2020/11/07 03:05	upstream	bf3e7628	64069d48	.config	log	report	info
ci-upstream-kasan-gce	2020/11/04 18:28	upstream	4ef8451b	cba33199	.config	log	report	info
ci-upstream-kasan-gce	2020/10/12 23:38	upstream	bbf5c979	d32b0bbf	.config	log	report	info
ci-upstream-kasan-gce	2020/09/12 04:39	upstream	e8878ab8	79fb24e2	.config	log	report
ci-upstream-kasan-gce	2020/09/04 21:21	upstream	59126901	abf9ba4f	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/29 18:17	upstream	4d41ead6	d5a3ae1f	.config	log	report
ci-upstream-kasan-gce	2020/08/26 00:43	upstream	abb3438d	344da168	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/08/23 08:32	upstream	c3d8f220	1da71ab0	.config	log	report
ci-upstream-kasan-gce-root	2020/08/23 06:37	upstream	c3d8f220	1da71ab0	.config	log	report
ci-upstream-kasan-gce-root	2020/08/21 01:44	upstream	da2968ff	1d75fe45	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/08/20 17:35	upstream	7eac66d0	ed282a3a	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/08/16 12:06	upstream	d84835b1	424dd8e7	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/08/16 09:07	upstream	d84835b1	424dd8e7	.config	log	report
ci-upstream-kasan-gce	2020/08/16 01:51	upstream	c9c9735c	424dd8e7	.config	log	report
ci-upstream-kasan-gce	2020/08/13 03:13	upstream	fb893de3	bc15f7db	.config	log	report
ci-upstream-kasan-gce-root	2020/08/07 06:28	upstream	47ec5303	1f122f88	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/08/03 07:21	upstream	5a30a789	196277c4	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/07/21 14:45	upstream	4fa640dc	d88894e6	.config	log	report
ci-upstream-kasan-gce	2020/07/13 03:01	upstream	4437dd6e	9ebcc5b1	.config	log	report
ci-upstream-kasan-gce-root	2020/07/03 16:20	upstream	cd77006e	bed10395	.config	log	report
ci-upstream-kasan-gce	2020/05/24 20:44	upstream	caffb99b	bd28eb9d	.config	log	report
ci-upstream-kasan-gce-root	2020/03/13 12:10	upstream	3cc6e2c5	d850e9d0	.config	log	report
ci-upstream-kasan-gce-root	2020/02/23 19:23	upstream	0a115e5f	2c36e7a7	.config	log	report
ci-upstream-kasan-gce	2020/02/12 02:06	upstream	0a679e13	4d1ab643	.config	log	report
ci-upstream-kasan-gce-root	2020/02/08 05:37	upstream	41dcd67e	06150bf1	.config	log	report
ci-upstream-kasan-gce	2020/02/02 01:47	upstream	94f2630b	2274ad39	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/01/31 21:13	upstream	ccaaaf6f	c30117b2	.config	log	report
ci-upstream-kasan-gce-selinux-root	2020/01/30 01:33	upstream	b3a60822	5ed23f9a	.config	log	report
ci-upstream-kasan-gce-root	2020/01/24 05:13	upstream	4703d911	2e95ab33	.config	log	report
ci-upstream-kasan-gce-smack-root	2020/01/19 19:03	upstream	8f8972a3	0342f8c7	.config	log	report
ci-upstream-kasan-gce	2020/01/14 09:13	upstream	b3a987b0	32881205	.config	log	report
ci-upstream-kasan-gce	2020/01/10 06:53	upstream	e69ec487	4de4e9f0	.config	log	report
ci-upstream-kasan-gce-386	2020/07/30 18:19	upstream	d3590ebf	233283a1	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2020/11/07 20:27	linux-next	c34f1574	64069d48	.config	log	report	info
ci-upstream-linux-next-kasan-gce-root	2020/08/23 20:50	linux-next	494d311a	cef5ae68	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2020/07/22 12:40	linux-next	de2e69cf	128cd85f	.config	log	report
ci-upstream-linux-next-kasan-gce-root	2020/07/13 07:44	linux-next	d31958b3	9ebcc5b1	.config	log	report