lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <6768f973.050a0220.226966.0038.GAE@google.com>
Date: Sun, 22 Dec 2024 21:47:31 -0800
From: syzbot <syzbot+e7333f30a06603479916@...kaller.appspotmail.com>
To: linux-kernel@...r.kernel.org, luto@...nel.org, peterz@...radead.org, 
	syzkaller-bugs@...glegroups.com, tglx@...utronix.de
Subject: [syzbot] [kernel?] INFO: rcu detected stall in irqentry_exit

Hello,

syzbot found the following issue on:

HEAD commit:    c061cf420ded Merge tag 'trace-v6.13-rc3' of git://git.kern..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=14ffb7e8580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=6a2b862bf4a5409f
dashboard link: https://syzkaller.appspot.com/bug?extid=e7333f30a06603479916
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=124a4cf8580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/d015858e49d6/disk-c061cf42.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/8af783cbffc2/vmlinux-c061cf42.xz
kernel image: https://storage.googleapis.com/syzbot-assets/33b1bb739ed8/bzImage-c061cf42.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e7333f30a06603479916@...kaller.appspotmail.com

rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	(detected by 1, t=10502 jiffies, g=11857, q=865 ncpus=2)
rcu: All QSes seen, last rcu_preempt kthread activity 10503 (4294988328-4294977825), jiffies_till_next_fqs=1, root ->qsmask 0x0
rcu: rcu_preempt kthread starved for 10504 jiffies! g11857 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:25880 pid:17    tgid:17    ppid:2      flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5369 [inline]
 __schedule+0x1850/0x4c30 kernel/sched/core.c:6756
 __schedule_loop kernel/sched/core.c:6833 [inline]
 schedule+0x14b/0x320 kernel/sched/core.c:6848
 schedule_timeout+0x15a/0x290 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x2df/0x1330 kernel/rcu/tree.c:2045
 rcu_gp_kthread+0xa7/0x3b0 kernel/rcu/tree.c:2247
 kthread+0x2f2/0x390 kernel/kthread.c:389
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 16 Comm: ksoftirqd/0 Not tainted 6.13.0-rc3-syzkaller-00062-gc061cf420ded #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
RIP: 0010:preempt_count_add+0x4/0x190 kernel/sched/core.c:5838
Code: 7c 97 48 8b 3c 24 e8 db 52 98 00 eb 8c e9 ee fe ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <41> 57 41 56 53 89 fb 48 c7 c0 c0 a9 3a 9a 48 c1 e8 03 49 bf 00 00
RSP: 0018:ffffc90000007428 EFLAGS: 00000202
RAX: 0000000000000002 RBX: 1ffff92000000ea0 RCX: ffffc90000007ff0
RDX: dffffc0000000000 RSI: ffffffff8161d279 RDI: 0000000000000001
RBP: ffffc90000007538 R08: 000000000000000b R09: ffffc900000075f0
R10: dffffc0000000000 R11: ffffffff818b39e0 R12: dffffc0000000000
R13: ffffc90000007500 R14: ffffffff8161d279 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b3085ffff CR3: 0000000033f16000 CR4: 0000000000350ef0
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 unwind_next_frame+0xb0/0x22d0 arch/x86/kernel/unwind_orc.c:479
 arch_stack_walk+0x11c/0x150 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x118/0x1d0 kernel/stacktrace.c:122
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3f/0x80 mm/kasan/common.c:68
 unpoison_slab_object mm/kasan/common.c:319 [inline]
 __kasan_slab_alloc+0x66/0x80 mm/kasan/common.c:345
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4119 [inline]
 slab_alloc_node mm/slub.c:4168 [inline]
 kmem_cache_alloc_noprof+0x1d9/0x380 mm/slub.c:4175
 skb_clone+0x20c/0x390 net/core/skbuff.c:2084
 can_send+0x69b/0xe20 net/can/af_can.c:261
 bcm_can_tx+0x5dd/0x9a0 net/can/bcm.c:314
 bcm_tx_timeout_handler+0x182/0x520
 __run_hrtimer kernel/time/hrtimer.c:1739 [inline]
 __hrtimer_run_queues+0x59d/0xd30 kernel/time/hrtimer.c:1803
 hrtimer_run_softirq+0x19a/0x2c0 kernel/time/hrtimer.c:1820
 handle_softirqs+0x2d6/0x9b0 kernel/softirq.c:561
 __do_softirq kernel/softirq.c:595 [inline]
 invoke_softirq kernel/softirq.c:435 [inline]
 __irq_exit_rcu+0xf7/0x220 kernel/softirq.c:662
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:678
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:preempt_schedule_irq+0xf6/0x1c0 kernel/sched/core.c:7078
Code: 89 f5 49 c1 ed 03 eb 0d 48 f7 03 08 00 00 00 0f 84 8b 00 00 00 bf 01 00 00 00 e8 25 f4 a3 f5 e8 40 a0 dd f5 fb bf 01 00 00 00 <e8> 85 ab ff ff 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 e5 47 3c f6 48
RSP: 0018:ffffc90000157c20 EFLAGS: 00000282
RAX: e3874fe73d50d000 RBX: 1ffff9200002af8c RCX: ffffffff9a3aa903
RDX: dffffc0000000000 RSI: ffffffff8c0a9760 RDI: 0000000000000001
RBP: ffffc90000157ce0 R08: ffffffff90197ab7 R09: 1ffffffff2032f56
R10: dffffc0000000000 R11: fffffbfff2032f57 R12: 1ffff9200002af84
R13: 1ffff9200002af88 R14: ffffc90000157c40 R15: dffffc0000000000
 irqentry_exit+0x5e/0x90 kernel/entry/common.c:354
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:run_ksoftirqd+0xd7/0x130 kernel/softirq.c:952
Code: 8c e8 3d 90 66 0a 65 66 8b 05 5d dd a1 7e 66 85 c0 74 2a bf 01 00 00 00 e8 c6 ce ff ff e8 01 34 45 00 fb 48 c7 c7 80 91 09 8c <be> b8 03 00 00 31 d2 e8 bd 38 0d 00 2e 2e 2e 31 c0 eb 06 e8 e1 33
RSP: 0018:ffffc90000157da0 EFLAGS: 00000286
RAX: e3874fe73d50d000 RBX: 1ffff9200002afb8 RCX: ffffffff9a3aa903
RDX: dffffc0000000000 RSI: ffffffff8c0a9760 RDI: ffffffff8c099180
RBP: ffffc90000157e38 R08: ffffffff90197ab7 R09: 1ffffffff2032f56
R10: dffffc0000000000 R11: fffffbfff2032f57 R12: 1ffff9200002afb4
R13: ffff88801ce87168 R14: dffffc0000000000 R15: ffffc90000157dc0
 smpboot_thread_fn+0x546/0xa30 kernel/smpboot.c:164
 kthread+0x2f2/0x390 kernel/kthread.c:389
 ret_from_fork+0x4d/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ