rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 1-...!: (1 GPs behind) idle=ace/1/0x4000000000000004 softirq=155631/155637 fqs=1
rcu: (t=10500 jiffies g=155593 q=1562)
rcu: rcu_preempt kthread starved for 10498 jiffies! g155593 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: RCU grace-period kthread stack dump:
rcu_preempt R running task 29136 10 2 0x80000000
Call Trace:
schedule+0x8d/0x1b0 kernel/sched/core.c:3559
schedule_timeout+0x4d1/0xf20 kernel/time/timer.c:1806
rcu_gp_kthread+0xcee/0x2060 kernel/rcu/tree.c:2202
kthread+0x34a/0x420 kernel/kthread.c:246
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
NMI backtrace for cpu 1
CPU: 1 PID: 3595 Comm: syz-executor.4 Not tainted 4.19.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x188/0x20d lib/dump_stack.c:118
nmi_cpu_backtrace.cold+0x63/0xa2 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1a6/0x1eb lib/nmi_backtrace.c:62
trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
rcu_dump_cpu_stacks+0x170/0x1bb kernel/rcu/tree.c:1340
print_cpu_stall kernel/rcu/tree.c:1478 [inline]
check_cpu_stall kernel/rcu/tree.c:1550 [inline]
__rcu_pending kernel/rcu/tree.c:3293 [inline]
rcu_pending kernel/rcu/tree.c:3336 [inline]
rcu_check_callbacks.cold+0x634/0xddc kernel/rcu/tree.c:2682
update_process_times+0x2a/0x70 kernel/time/timer.c:1638
tick_sched_handle+0x9b/0x180 kernel/time/tick-sched.c:168
tick_sched_timer+0x42/0x130 kernel/time/tick-sched.c:1278
__run_hrtimer kernel/time/hrtimer.c:1401 [inline]
__hrtimer_run_queues+0x2fc/0xd50 kernel/time/hrtimer.c:1463
hrtimer_interrupt+0x312/0x770 kernel/time/hrtimer.c:1521
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1067 [inline]
smp_apic_timer_interrupt+0x10c/0x550 arch/x86/kernel/apic/apic.c:1092
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893
RIP: 0010:rb_next+0xf/0x130 lib/rbtree.c:532
Code: 89 04 24 e8 93 4a 83 fa 4c 8b 44 24 08 48 8b 04 24 e9 f6 f8 ff ff 0f 1f 44 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 41 55 <48> c1 ea 03 41 54 55 48 89 fd 53 48 83 ec 08 80 3c 02 00 0f 85 ec
RSP: 0018:ffff8880ae707cf0 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13
RAX: dffffc0000000000 RBX: ffff88808e05de00 RCX: ffffffff81506fbb
RDX: ffff88808e05de00 RSI: ffffffff85b050ab RDI: ffff88808e05de00
RBP: ffff88808e05de00 R08: 0000000000007983 R09: ffffed1013f69d6d
R10: ffffed1013f69d6c R11: ffff88809fb4eb63 R12: ffff88809fb4eac0
R13: 000000000000000c R14: 0000000000000000 R15: ffff8880a84d12d8
mrp_mad_event+0x36/0x60 net/802/mrp.c:574
mrp_periodic_timer+0x28/0x50 net/802/mrp.c:613
call_timer_fn+0x177/0x700 kernel/time/timer.c:1326
expire_timers kernel/time/timer.c:1363 [inline]
__run_timers kernel/time/timer.c:1684 [inline]
__run_timers kernel/time/timer.c:1652 [inline]
run_timer_softirq+0x5d0/0x1540 kernel/time/timer.c:1697
__do_softirq+0x26c/0x93c kernel/softirq.c:292
invoke_softirq kernel/softirq.c:372 [inline]
irq_exit+0x17b/0x1c0 kernel/softirq.c:412
exiting_irq arch/x86/include/asm/apic.h:544 [inline]
smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1094
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893
RIP: 0010:kasan_mem_to_shadow include/linux/kasan.h:29 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/kasan.c:210 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/kasan.c:241 [inline]
RIP: 0010:check_memory_region_inline mm/kasan/kasan.c:257 [inline]
RIP: 0010:check_memory_region+0x47/0x180 mm/kasan/kasan.c:267
Code: 00 00 4c 8d 5c 37 ff 41 54 48 b8 00 00 00 00 00 fc ff df 4d 89 da 55 49 c1 ea 03 53 48 89 fb 49 01 c2 48 c1 eb 03 49 8d 6a 01 <48> 01 c3 49 89 e9 48 89 d8 49 29 d9 49 83 f9 10 0f 8e 95 00 00 00
RSP: 0018:ffff888027de7db8 EFLAGS: 00000a06 ORIG_RAX: ffffffffffffff13
RAX: dffffc0000000000 RBX: 1ffff11004fbcfc6 RCX: ffffffff83553ec5
RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffff888027de7e30
RBP: ffffed1004fbcfc8 R08: ffff888022504000 R09: 0000000000000000
R10: ffffed1004fbcfc7 R11: ffff888027de7e3f R12: 00007fbb2d329c60
R13: 00007fbb2d329c70 R14: 00007ffffffff000 R15: 0000000000000000
_copy_to_user+0xd5/0x100 lib/usercopy.c:27
copy_to_user include/linux/uaccess.h:155 [inline]
put_timespec64+0xb2/0x120 kernel/time/time.c:886
__do_sys_clock_gettime kernel/time/posix-timers.c:1065 [inline]
__se_sys_clock_gettime kernel/time/posix-timers.c:1053 [inline]
__x64_sys_clock_gettime+0x1ac/0x240 kernel/time/posix-timers.c:1053
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45f68a
Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df 92 82 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7
RSP: 002b:00007fbb2d329c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045f68a
RDX: 0000000000000703 RSI: 00007fbb2d329c60 RDI: 0000000000000001
RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000816 R14: 00000000004cace1 R15: 000000000076bf0c
watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz-executor.1:3576]
Modules linked in:
irq event stamp: 18523899
hardirqs last enabled at (18523898): [] trace_hardirqs_on_thunk+0x1a/0x1c
hardirqs last disabled at (18523899): [] trace_hardirqs_off_thunk+0x1a/0x1c
softirqs last enabled at (173750): [] __do_softirq+0x650/0x93c kernel/softirq.c:318
softirqs last disabled at (173977): [] invoke_softirq kernel/softirq.c:372 [inline]
softirqs last disabled at (173977): [] irq_exit+0x17b/0x1c0 kernel/softirq.c:412
CPU: 0 PID: 3576 Comm: syz-executor.1 Not tainted 4.19.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:noop_enqueue+0x0/0x70 net/sched/sch_generic.c:547
Code: 88 e8 5d 5b a2 fb 0f 0b e9 73 df ff ff e8 38 3c b7 fb 48 c7 c7 a0 6a 0c 88 e8 45 5b a2 fb 0f 0b e9 85 df ff ff 90 90 90 90 90 <41> 54 55 48 89 fd 53 48 89 d3 e8 11 3c b7 fb 48 89 da 48 b8 00 00
RSP: 0018:ffff8880ae607b68 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
RAX: dffffc0000000000 RBX: ffffffff8962fac0 RCX: ffffffff859da87e
RDX: ffff8880ae607c30 RSI: ffffffff8962fac0 RDI: ffff88801031d8c0
RBP: ffff8880ae607d00 R08: ffff88809e664280 R09: fffffbfff12c5f76
R10: fffffbfff12c5f75 R11: ffffffff8962fbab R12: ffff88801031d8c0
R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff8962fbf0
FS: 00007f5618402700(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3e61914518 CR3: 00000000259f1000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
__dev_xmit_skb net/core/dev.c:3496 [inline]
__dev_queue_xmit+0x156b/0x3040 net/core/dev.c:3812
mrp_queue_xmit net/802/mrp.c:354 [inline]
mrp_join_timer+0x52/0x80 net/802/mrp.c:598
call_timer_fn+0x177/0x700 kernel/time/timer.c:1326
expire_timers kernel/time/timer.c:1363 [inline]
__run_timers kernel/time/timer.c:1684 [inline]
__run_timers kernel/time/timer.c:1652 [inline]
run_timer_softirq+0x5d0/0x1540 kernel/time/timer.c:1697
__do_softirq+0x26c/0x93c kernel/softirq.c:292
invoke_softirq kernel/softirq.c:372 [inline]
irq_exit+0x17b/0x1c0 kernel/softirq.c:412
exiting_irq arch/x86/include/asm/apic.h:544 [inline]
smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1094
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893
RIP: 0010:slow_down_io arch/x86/include/asm/paravirt.h:268 [inline]
RIP: 0010:outb_p arch/x86/include/asm/io.h:333 [inline]
RIP: 0010:vga_io_w include/video/vga.h:209 [inline]
RIP: 0010:setcolor drivers/video/fbdev/vga16fb.c:171 [inline]
RIP: 0010:vga_imageblit_expand drivers/video/fbdev/vga16fb.c:1164 [inline]
RIP: 0010:vga16fb_imageblit+0x973/0x2210 drivers/video/fbdev/vga16fb.c:1260
Code: 10 56 b2 88 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 14 14 00 00 ff 15 05 1b 38 05 ba cf 03 00 00 89 d8 ee <48> c7 c2 10 56 b2 88 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80
RSP: 0018:ffff888082907080 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc900080b7000
RDX: 00000000000003cf RSI: ffffffff837a390e RDI: ffff8880a5882710
RBP: ffff8880a5882704 R08: ffff88809e664280 R09: ffffed1014b104ec
R10: ffffed1014b104eb R11: ffff8880a588275f R12: 0000000000000000
R13: ffff8882196ac520 R14: 0000000000000001 R15: ffff8880a5882700
soft_cursor+0x511/0xa20 drivers/video/fbdev/core/softcursor.c:74
bit_cursor+0x1230/0x1900 drivers/video/fbdev/core/bitblit.c:386
fbcon_cursor+0x572/0x760 drivers/video/fbdev/core/fbcon.c:1369
hide_cursor+0x99/0x2f0 drivers/tty/vt/vt.c:895
do_con_write.part.0+0x1416/0x1db0 drivers/tty/vt/vt.c:2578
do_con_write drivers/tty/vt/vt.c:2552 [inline]
con_write+0x41/0xe0 drivers/tty/vt/vt.c:3119
process_output_block drivers/tty/n_tty.c:593 [inline]
n_tty_write+0x3ee/0x1080 drivers/tty/n_tty.c:2331
do_tty_write drivers/tty/tty_io.c:960 [inline]
tty_write+0x452/0x790 drivers/tty/tty_io.c:1044
__vfs_write+0xf7/0x760 fs/read_write.c:485
__kernel_write+0x109/0x370 fs/read_write.c:506
write_pipe_buf+0x153/0x1e0 fs/splice.c:798
splice_from_pipe_feed fs/splice.c:503 [inline]
__splice_from_pipe+0x38f/0x7a0 fs/splice.c:627
splice_from_pipe+0xd9/0x140 fs/splice.c:662
default_file_splice_write+0x37/0x90 fs/splice.c:810
do_splice_from fs/splice.c:852 [inline]
direct_splice_actor+0x115/0x160 fs/splice.c:1025
splice_direct_to_actor+0x33f/0x8d0 fs/splice.c:980
do_splice_direct+0x1a8/0x270 fs/splice.c:1068
do_sendfile+0x549/0xc10 fs/read_write.c:1447
__do_sys_sendfile64 fs/read_write.c:1508 [inline]
__se_sys_sendfile64 fs/read_write.c:1494 [inline]
__x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1494
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45c849
Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f5618401c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
RAX: ffffffffffffffda RBX: 00007f56184026d4 RCX: 000000000045c849
RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000009
RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000081 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00000000000008d4 R14: 00000000004cb786 R15: 000000000076bf0c
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 3595 Comm: syz-executor.4 Not tainted 4.19.113-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:restore_regs_and_return_to_kernel+0x12/0x2e
Code: 07 e8 50 a4 fe ff eb ee 0f ba a4 24 90 00 00 00 09 73 05 e8 5a 57 e0 f9 41 5f 41 5e 41 5d 41 5c 5d 5b 41 5b 41 5a 41 59 41 58 <58> 59 5a 5e 5f 48 83 c4 08 e9 0e 00 00 00 90 0f 1f 00 66 2e 0f 1f
RSP: 0018:ffff8880ae707a08 EFLAGS: 00000046
RAX: ffff8880ae7079b8 RBX: 0000000000000000 RCX: 1ffff11015ce4731
RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffff88802250484c
RBP: ffffffff8962fba8 R08: ffff888022504000 R09: fffffbfff12c5f76
R10: fffffbfff12c5f75 R11: ffffffff8962fbab R12: 0000000000007a59
R13: fffffbfff12c5f75 R14: 0000000000000001 R15: ffff8880ae72cfc0
FS: 00007fbb2d32a700(0000) GS:ffff8880ae700000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2f02e000 CR3: 0000000081404000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
RIP: 0010:pv_wait_head_or_lock kernel/locking/qspinlock_paravirt.h:435 [inline]
RIP: 0010:__pv_queued_spin_lock_slowpath+0x3a2/0xb20 kernel/locking/qspinlock.c:474
Code: eb c6 45 01 01 41 bc 00 80 00 00 48 c1 e9 03 83 e3 07 41 be 01 00 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8d 2c 01 eb 0c f3 90 <41> 83 ec 01 0f 84 a8 04 00 00 41 0f b6 45 00 38 d8 7f 08 84 c0 0f
RSP: 0018:ffff8880ae707a68 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13
RAX: 0000000000000001 RBX: 0000000000000000 RCX: 1ffffffff12c5f75
RDX: 0000000000000001 RSI: ffffffff8962fba9 RDI: dffffc0000000000
RBP: ffffffff8962fba8 R08: ffff888022504000 R09: fffffbfff12c5f76
R10: fffffbfff12c5f75 R11: ffffffff8962fbab R12: 0000000000007a59
R13: fffffbfff12c5f75 R14: 0000000000000001 R15: ffff8880ae72cfc0
pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:679 [inline]
queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:53 [inline]
queued_spin_lock include/asm-generic/qspinlock.h:88 [inline]
do_raw_spin_lock+0x19a/0x240 kernel/locking/spinlock_debug.c:113
spin_lock include/linux/spinlock.h:329 [inline]
__dev_xmit_skb net/core/dev.c:3471 [inline]
__dev_queue_xmit+0x14aa/0x3040 net/core/dev.c:3812
mrp_queue_xmit net/802/mrp.c:354 [inline]
mrp_join_timer+0x52/0x80 net/802/mrp.c:598
call_timer_fn+0x177/0x700 kernel/time/timer.c:1326
expire_timers kernel/time/timer.c:1363 [inline]
__run_timers kernel/time/timer.c:1684 [inline]
__run_timers kernel/time/timer.c:1652 [inline]
run_timer_softirq+0x5d0/0x1540 kernel/time/timer.c:1697
__do_softirq+0x26c/0x93c kernel/softirq.c:292
invoke_softirq kernel/softirq.c:372 [inline]
irq_exit+0x17b/0x1c0 kernel/softirq.c:412
exiting_irq arch/x86/include/asm/apic.h:544 [inline]
smp_apic_timer_interrupt+0x136/0x550 arch/x86/kernel/apic/apic.c:1094
apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:893
RIP: 0010:kasan_mem_to_shadow include/linux/kasan.h:29 [inline]
RIP: 0010:memory_is_poisoned_n mm/kasan/kasan.c:210 [inline]
RIP: 0010:memory_is_poisoned mm/kasan/kasan.c:241 [inline]
RIP: 0010:check_memory_region_inline mm/kasan/kasan.c:257 [inline]
RIP: 0010:check_memory_region+0x47/0x180 mm/kasan/kasan.c:267
Code: 00 00 4c 8d 5c 37 ff 41 54 48 b8 00 00 00 00 00 fc ff df 4d 89 da 55 49 c1 ea 03 53 48 89 fb 49 01 c2 48 c1 eb 03 49 8d 6a 01 <48> 01 c3 49 89 e9 48 89 d8 49 29 d9 49 83 f9 10 0f 8e 95 00 00 00
RSP: 0018:ffff888027de7db8 EFLAGS: 00000a06 ORIG_RAX: ffffffffffffff13
RAX: dffffc0000000000 RBX: 1ffff11004fbcfc6 RCX: ffffffff83553ec5
RDX: 0000000000000000 RSI: 0000000000000010 RDI: ffff888027de7e30
RBP: ffffed1004fbcfc8 R08: ffff888022504000 R09: 0000000000000000
R10: ffffed1004fbcfc7 R11: ffff888027de7e3f R12: 00007fbb2d329c60
R13: 00007fbb2d329c70 R14: 00007ffffffff000 R15: 0000000000000000
_copy_to_user+0xd5/0x100 lib/usercopy.c:27
copy_to_user include/linux/uaccess.h:155 [inline]
put_timespec64+0xb2/0x120 kernel/time/time.c:886
__do_sys_clock_gettime kernel/time/posix-timers.c:1065 [inline]
__se_sys_clock_gettime kernel/time/posix-timers.c:1053 [inline]
__x64_sys_clock_gettime+0x1ac/0x240 kernel/time/posix-timers.c:1053
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45f68a
Code: 25 18 00 00 00 00 74 01 f0 48 0f b1 3d df 92 82 00 48 39 c2 75 da f3 c3 0f 1f 84 00 00 00 00 00 48 63 ff b8 e4 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 06 f3 c3 0f 1f 40 00 48 c7 c2 d4 ff ff ff f7
RSP: 002b:00007fbb2d329c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000e4
RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045f68a
RDX: 0000000000000703 RSI: 00007fbb2d329c60 RDI: 0000000000000001
RBP: 000000000076bf00 R08: 0000000000000000 R09: 0000000000000000
R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000816 R14: 00000000004cace1 R15: 000000000076bf0c