syzbot

 sign-in | mailing list | source | docs
🐞 Open [1516]
Subsystems
🐞 Fixed [6639]
🐞 Invalid [17010]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: rcu detected stall in __netlink_dump_start

Status: auto-obsoleted due to no activity on 2023/02/23 15:28
Subsystems: net
[Documentation on labels]
First crash: 1050d, last: 1050d

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	0-...0: (1 GPs behind) idle=4ff4/1/0x4000000000000000 softirq=86824/86830 fqs=5245
	(detected by 1, t=10502 jiffies, g=121285, q=2155 ncpus=2)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 31892 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00176-g08ad43d554ba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:__kasan_check_write+0x6/0x10 mm/kasan/shadow.c:37
Code: e2 5a c3 08 eb d3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 89 f6 48 8b 0c 24 31 d2 e9 83 ec ff ff 0f 1f 00 89 f6 48 8b 0c 24 <ba> 01 00 00 00 e9 70 ec ff ff 55 41 56 53 48 89 d3 41 89 f6 48 89
RSP: 0018:ffffc90000007b18 EFLAGS: 00000097
RAX: 00000000ffffff04 RBX: dffffc0000000000 RCX: ffffffff816d5f1b
RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffffff9212e3d8
RBP: ffffc90000007bf0 R08: dffffc0000000000 R09: fffffbfff20e4c29
R10: fffffbfff20e4c29 R11: 1ffffffff20e4c28 R12: ffffffff9212e3d8
R13: 1ffff92000000f70 R14: ffffc90000007b80 R15: 1ffffffff2425c7c
FS:  00007f172ff03700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fcb6890e281 CR3: 0000000079923000 CR4: 00000000003506f0
Call Trace:
 <IRQ>
 instrument_atomic_read_write include/linux/instrumented.h:102 [inline]
 atomic_try_cmpxchg_acquire include/linux/atomic/atomic-instrumented.h:541 [inline]
 queued_spin_lock include/asm-generic/qspinlock.h:111 [inline]
 do_raw_spin_lock+0x13b/0x360 kernel/locking/spinlock_debug.c:115
 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:111 [inline]
 _raw_spin_lock_irqsave+0xdd/0x120 kernel/locking/spinlock.c:162
 debug_object_activate+0x97/0x6a0 lib/debugobjects.c:658
 debug_hrtimer_activate kernel/time/hrtimer.c:420 [inline]
 debug_activate kernel/time/hrtimer.c:475 [inline]
 enqueue_hrtimer kernel/time/hrtimer.c:1084 [inline]
 __run_hrtimer kernel/time/hrtimer.c:1702 [inline]
 __hrtimer_run_queues+0x595/0xa60 kernel/time/hrtimer.c:1749
 hrtimer_interrupt+0x3a6/0xfd0 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1096 [inline]
 __sysvec_apic_timer_interrupt+0xf9/0x280 arch/x86/kernel/apic/apic.c:1113
 sysvec_apic_timer_interrupt+0x8c/0xb0 arch/x86/kernel/apic/apic.c:1107
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:console_emit_next_record+0x8b6/0xa60 kernel/printk/printk.c:2740
Code: 20 80 1c 00 48 8b 44 24 48 42 80 3c 20 00 44 8a 6c 24 17 4c 8b 74 24 28 48 8b 5c 24 38 74 08 4c 89 f7 e8 bd 78 71 00 49 ff 06 <48> c7 84 24 80 00 00 00 0e 36 e0 45 49 c7 04 1c 00 00 00 00 49 c7
RSP: 0018:ffffc900034de9e0 EFLAGS: 00000287
RAX: ffffffff81701408 RBX: 1ffff9200069bd4c RCX: 0000000000040000
RDX: ffffc9000c971000 RSI: 00000000000028e0 RDI: 00000000000028e1
RBP: ffffc900034dec10 R08: ffffffff817013df R09: fffffbfff20e4c29
R10: fffffbfff20e4c29 R11: 1ffffffff20e4c28 R12: dffffc0000000000
R13: 0000000000000201 R14: 0000000000000046 R15: 0000000000000200
 console_unlock+0x27c/0x6f0 kernel/printk/printk.c:2860
 vprintk_emit+0xd1/0x1e0 kernel/printk/printk.c:2268
 _printk+0xcf/0x10f kernel/printk/printk.c:2289
 validate_nla lib/nlattr.c:389 [inline]
 __nla_validate_parse+0xc81/0x2aa0 lib/nlattr.c:600
 __nla_parse+0x3c/0x50 lib/nlattr.c:697
 __nlmsg_parse include/net/netlink.h:748 [inline]
 nlmsg_parse_deprecated_strict include/net/netlink.h:810 [inline]
 inet_valid_dump_ifaddr_req net/ipv4/devinet.c:1749 [inline]
 inet_dump_ifaddr+0xcda/0x1640 net/ipv4/devinet.c:1832
 rtnl_dump_all+0x32d/0x520 net/core/rtnetlink.c:3887
 netlink_dump+0x604/0xc40 net/netlink/af_netlink.c:2275
 __netlink_dump_start+0x542/0x710 net/netlink/af_netlink.c:2380
 netlink_dump_start include/linux/netlink.h:269 [inline]
 rtnetlink_rcv_msg+0xaa0/0xe90 net/core/rtnetlink.c:6047
 netlink_rcv_skb+0x1f0/0x460 net/netlink/af_netlink.c:2540
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x7e7/0x9c0 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x9b3/0xcd0 net/netlink/af_netlink.c:1921
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0x597/0x8e0 net/socket.c:2482
 ___sys_sendmsg net/socket.c:2536 [inline]
 __sys_sendmsg+0x28e/0x390 net/socket.c:2565
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f172f28c0d9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f172ff03168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f172f3abf80 RCX: 00007f172f28c0d9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
RBP: 00007f172f2e7ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcfb66852f R14: 00007f172ff03300 R15: 0000000000022000
 </TASK>
watchdog: BUG: soft lockup - CPU#1 stuck for 123s! [syz-fuzzer:3658]
Modules linked in:
irq event stamp: 335268
hardirqs last  enabled at (335267): [<ffffffff8ac00cc6>] asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649
hardirqs last disabled at (335268): [<ffffffff8aa6e25a>] sysvec_apic_timer_interrupt+0xa/0xb0 arch/x86/kernel/apic/apic.c:1107
softirqs last  enabled at (309386): [<ffffffff8155351c>] __irq_exit_rcu+0xec/0x170 kernel/softirq.c:650
softirqs last disabled at (309357): [<ffffffff8155351c>] __irq_exit_rcu+0xec/0x170 kernel/softirq.c:650
CPU: 1 PID: 3658 Comm: syz-fuzzer Not tainted 6.1.0-rc6-syzkaller-00176-g08ad43d554ba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:csd_lock_wait kernel/smp.c:413 [inline]
RIP: 0010:smp_call_function_many_cond+0xe92/0x1420 kernel/smp.c:987
Code: 84 c0 75 74 45 8b 26 44 89 e6 83 e6 01 31 ff e8 e4 3d 0b 00 41 83 e4 01 75 0e e8 b9 39 0b 00 eb 4c 0f 1f 80 00 00 00 00 f3 90 <48> b8 00 00 00 00 00 fc ff df 0f b6 04 03 84 c0 75 10 41 f7 06 01
RSP: 0000:ffffc90003efe560 EFLAGS: 00000293
RAX: ffffffff81815aa2 RBX: 1ffff11017308421 RCX: ffff888027ded7c0
RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffffc90003efe700 R08: ffffffff81815a6c R09: fffff520007dfc9d
R10: fffff520007dfc9d R11: 1ffff920007dfc9c R12: 0000000000000001
R13: 0000000000000000 R14: ffff8880b9842108 R15: ffff8880b993ae80
FS:  000000c018c7e090(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c036400000 CR3: 000000007f130000 CR4: 00000000003506e0
Call Trace:
 <TASK>
 on_each_cpu_cond_mask+0x3b/0x80 kernel/smp.c:1155
 __flush_tlb_multi arch/x86/include/asm/paravirt.h:87 [inline]
 flush_tlb_multi arch/x86/mm/tlb.c:924 [inline]
 flush_tlb_mm_range+0x36a/0x5a0 arch/x86/mm/tlb.c:1010
 flush_tlb_page arch/x86/include/asm/tlbflush.h:240 [inline]
 ptep_clear_flush+0x111/0x150 mm/pgtable-generic.c:98
 try_to_migrate_one+0xf57/0x28d0
 rmap_walk_anon+0x382/0x6a0 mm/rmap.c:2451
 try_to_migrate+0x3ea/0x4d0
 __unmap_and_move+0x595/0xdb0 mm/migrate.c:1107
 unmap_and_move+0x39a/0x1090 mm/migrate.c:1184
 migrate_pages+0x572/0x1470 mm/migrate.c:1461
 compact_zone+0x2893/0x37a0 mm/compaction.c:2421
 compact_zone_order mm/compaction.c:2539 [inline]
 try_to_compact_pages+0x7d8/0x11a0 mm/compaction.c:2605
 __alloc_pages_direct_compact+0x159/0x570 mm/page_alloc.c:4496
 __alloc_pages_slowpath+0x566/0x2120 mm/page_alloc.c:5106
 __alloc_pages+0x3d4/0x560 mm/page_alloc.c:5568
 __folio_alloc+0xf/0x30 mm/page_alloc.c:5587
 vma_alloc_folio+0x971/0xb60 mm/mempolicy.c:2227
 do_huge_pmd_anonymous_page+0x23a/0x600 mm/huge_memory.c:832
 create_huge_pmd mm/memory.c:4820 [inline]
 __handle_mm_fault mm/memory.c:5067 [inline]
 handle_mm_fault+0x15fd/0x3660 mm/memory.c:5218
 do_user_addr_fault+0x69b/0xcb0 arch/x86/mm/fault.c:1428
 handle_page_fault arch/x86/mm/fault.c:1519 [inline]
 exc_page_fault+0x7a/0x120 arch/x86/mm/fault.c:1575
 asm_exc_page_fault+0x22/0x30 arch/x86/include/asm/idtentry.h:570
RIP: 0033:0x466b53
Code: 00 00 c5 fe 6f 06 c5 fe 6f 4e 20 c5 fe 6f 56 40 c5 fe 6f 5e 60 48 81 c6 80 00 00 00 c5 fd e7 07 c5 fd e7 4f 20 c5 fd e7 57 40 <c5> fd e7 5f 60 48 81 c7 80 00 00 00 48 81 eb 80 00 00 00 77 b5 0f
RSP: 002b:000000c012d50e80 EFLAGS: 00010202
RAX: 000000c035ef0000 RBX: 000000000087dfe0 RCX: 000000c036c7e000
RDX: 000000c036c7e001 RSI: 000000c035672020 RDI: 000000c0363fffa0
RBP: 000000c012d50ee0 R08: 000000c035ef0000 R09: 0000000000000000
R10: 0000000000000020 R11: 0000000000000001 R12: 42f403ae873e998c
R13: 0000000000000000 R14: 000000c0000001a0 R15: 0000000000000000
 </TASK>
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 PID: 31892 Comm: syz-executor.3 Not tainted 6.1.0-rc6-syzkaller-00176-g08ad43d554ba #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
RIP: 0010:get_current arch/x86/include/asm/current.h:15 [inline]
RIP: 0010:__sanitizer_cov_trace_pc+0x4/0x60 kernel/kcov.c:206
Code: 00 00 00 00 66 90 53 48 89 fb e8 17 00 00 00 48 8b 3d 78 16 03 0d 48 89 de 5b e9 07 1f 54 00 cc cc cc cc cc cc cc 48 8b 04 24 <65> 48 8b 0c 25 40 6f 02 00 65 8b 15 04 db 75 7e f7 c2 00 01 ff 00
RSP: 0018:ffffc90000007c78 EFLAGS: 00000002
RAX: ffffffff88d343ee RBX: 0000000000000001 RCX: 0000000000010002
RDX: ffff888078d2ba80 RSI: 0000000000000001 RDI: 0000000000000000
RBP: ffff888029011300 R08: ffffffff88d343e1 R09: fffff52000000f80
R10: fffff52000000f81 R11: 1ffff92000000f80 R12: dffffc0000000000
R13: ffff888029011340 R14: ffff888029011000 R15: ffff88801ebcb800
FS:  00007f172ff03700(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fcb6890e281 CR3: 0000000079923000 CR4: 00000000003506f0
Call Trace:
 <IRQ>
 advance_sched+0x10e/0x8c0 net/sched/sch_taprio.c:705
 __run_hrtimer kernel/time/hrtimer.c:1685 [inline]
 __hrtimer_run_queues+0x50b/0xa60 kernel/time/hrtimer.c:1749
 hrtimer_interrupt+0x3a6/0xfd0 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1096 [inline]
 __sysvec_apic_timer_interrupt+0xf9/0x280 arch/x86/kernel/apic/apic.c:1113
 sysvec_apic_timer_interrupt+0x8c/0xb0 arch/x86/kernel/apic/apic.c:1107
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:649
RIP: 0010:console_emit_next_record+0x8b6/0xa60 kernel/printk/printk.c:2740
Code: 20 80 1c 00 48 8b 44 24 48 42 80 3c 20 00 44 8a 6c 24 17 4c 8b 74 24 28 48 8b 5c 24 38 74 08 4c 89 f7 e8 bd 78 71 00 49 ff 06 <48> c7 84 24 80 00 00 00 0e 36 e0 45 49 c7 04 1c 00 00 00 00 49 c7
RSP: 0018:ffffc900034de9e0 EFLAGS: 00000287
RAX: ffffffff81701408 RBX: 1ffff9200069bd4c RCX: 0000000000040000
RDX: ffffc9000c971000 RSI: 00000000000028e0 RDI: 00000000000028e1
RBP: ffffc900034dec10 R08: ffffffff817013df R09: fffffbfff20e4c29
R10: fffffbfff20e4c29 R11: 1ffffffff20e4c28 R12: dffffc0000000000
R13: 0000000000000201 R14: 0000000000000046 R15: 0000000000000200
 console_unlock+0x27c/0x6f0 kernel/printk/printk.c:2860
 vprintk_emit+0xd1/0x1e0 kernel/printk/printk.c:2268
 _printk+0xcf/0x10f kernel/printk/printk.c:2289
 validate_nla lib/nlattr.c:389 [inline]
 __nla_validate_parse+0xc81/0x2aa0 lib/nlattr.c:600
 __nla_parse+0x3c/0x50 lib/nlattr.c:697
 __nlmsg_parse include/net/netlink.h:748 [inline]
 nlmsg_parse_deprecated_strict include/net/netlink.h:810 [inline]
 inet_valid_dump_ifaddr_req net/ipv4/devinet.c:1749 [inline]
 inet_dump_ifaddr+0xcda/0x1640 net/ipv4/devinet.c:1832
 rtnl_dump_all+0x32d/0x520 net/core/rtnetlink.c:3887
 netlink_dump+0x604/0xc40 net/netlink/af_netlink.c:2275
 __netlink_dump_start+0x542/0x710 net/netlink/af_netlink.c:2380
 netlink_dump_start include/linux/netlink.h:269 [inline]
 rtnetlink_rcv_msg+0xaa0/0xe90 net/core/rtnetlink.c:6047
 netlink_rcv_skb+0x1f0/0x460 net/netlink/af_netlink.c:2540
 netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline]
 netlink_unicast+0x7e7/0x9c0 net/netlink/af_netlink.c:1345
 netlink_sendmsg+0x9b3/0xcd0 net/netlink/af_netlink.c:1921
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0x597/0x8e0 net/socket.c:2482
 ___sys_sendmsg net/socket.c:2536 [inline]
 __sys_sendmsg+0x28e/0x390 net/socket.c:2565
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f172f28c0d9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 f1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f172ff03168 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00007f172f3abf80 RCX: 00007f172f28c0d9
RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
RBP: 00007f172f2e7ae9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcfb66852f R14: 00007f172ff03300 R15: 0000000000022000
 </TASK>

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/25 11:02 upstream 08ad43d554ba 74a66371 .config console log report info ci-upstream-kasan-gce-smack-root INFO: rcu detected stall in __netlink_dump_start
* Struck through repros no longer work on HEAD.