syzbot

 sign-in | mailing list | source | docs
🐞 Open [1592]
Subsystems
🐞 Fixed [6318]
🐞 Invalid [16081]
Missing Backports [191]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

INFO: rcu detected stall in __sock_create (3)

Status: auto-obsoleted due to no activity on 2025/06/20 21:57
Subsystems: mm
[Documentation on labels]
First crash: 326d, last: 91d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: rcu detected stall in __sock_create kernel 1 2027d 2027d 0/29 closed as invalid on 2019/12/04 14:04
upstream INFO: rcu detected stall in __sock_create (2) kernel 2 1992d 1992d 0/29 closed as invalid on 2020/01/08 05:33
linux-5.15 INFO: rcu detected stall in __sock_create 1 396d 396d 0/3 auto-obsoleted due to no activity on 2024/08/30 14:48
linux-6.1 INFO: rcu detected stall in __sock_create 3 263d 365d 0/3 auto-obsoleted due to no activity on 2025/01/09 18:19
linux-6.1 INFO: rcu detected stall in __sock_create (2) 2 100d 133d 0/3 auto-obsoleted due to no activity on 2025/06/22 07:20
android-5-15 BUG: soft lockup in __sock_create 18 294d 429d 0/2 auto-obsoleted due to no activity on 2024/11/30 09:28

Sample crash report:
rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	0-...!: (1 GPs behind) idle=a274/1/0x4000000000000000 softirq=52956/52957 fqs=2
rcu: 	(detected by 1, t=10502 jiffies, g=52157, q=276 ncpus=2)
Sending NMI from CPU 1 to CPUs 0:
NMI backtrace for cpu 0
CPU: 0 UID: 0 PID: 13462 Comm: syz.2.2095 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:arch_atomic_read arch/x86/include/asm/atomic.h:23 [inline]
RIP: 0010:raw_atomic_read include/linux/atomic/atomic-arch-fallback.h:457 [inline]
RIP: 0010:rcu_is_watching_curr_cpu include/linux/context_tracking.h:128 [inline]
RIP: 0010:rcu_is_watching+0x6d/0xc0 kernel/rcu/tree.c:716
Code: 48 03 1c ed e0 5c ab 8d 48 b8 00 00 00 00 00 fc ff df 48 89 da 48 c1 ea 03 0f b6 14 02 48 89 d8 83 e0 07 83 c0 03 38 d0 7c 04 <84> d2 75 24 8b 03 c1 e8 02 83 e0 01 65 ff 0d a8 43 64 7e 74 07 5b
RSP: 0018:ffffc90000007c08 EFLAGS: 00000006
RAX: 0000000000000003 RBX: ffff8880b8637c28 RCX: ffffffff8196b149
RDX: 0000000000000000 RSI: ffffffff8bd369a0 RDI: ffffffff8dab5ce0
RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff20c4d82
R10: ffffffff90626c17 R11: 0000000000000001 R12: ffffffff9ab03840
R13: ffff888077477340 R14: 1ffff92000000fa4 R15: ffffffff9ab03820
FS:  00007fb738c416c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c260b94 CR3: 000000005a372000 CR4: 00000000003526f0
DR0: fffffffffffffffc DR1: 0000000000000006 DR2: 0200000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <NMI>
 </NMI>
 <IRQ>
 trace_lock_release include/trace/events/lock.h:69 [inline]
 lock_release+0x4e2/0x6f0 kernel/locking/lockdep.c:5862
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:149 [inline]
 _raw_spin_unlock_irqrestore+0x1a/0x80 kernel/locking/spinlock.c:194
 debug_object_activate+0x2e6/0x4a0 lib/debugobjects.c:836
 debug_hrtimer_activate kernel/time/hrtimer.c:455 [inline]
 debug_activate kernel/time/hrtimer.c:496 [inline]
 enqueue_hrtimer+0x25/0x3c0 kernel/time/hrtimer.c:1100
 __run_hrtimer kernel/time/hrtimer.c:1818 [inline]
 __hrtimer_run_queues+0x903/0xae0 kernel/time/hrtimer.c:1865
 hrtimer_interrupt+0x392/0x8e0 kernel/time/hrtimer.c:1927
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline]
 __sysvec_apic_timer_interrupt+0x10f/0x400 arch/x86/kernel/apic/apic.c:1055
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x9f/0xc0 arch/x86/kernel/apic/apic.c:1049
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:unwind_next_frame+0xb1a/0x20c0 arch/x86/kernel/unwind_orc.c:590
Code: 03 4c 8b 4c 24 20 80 3c 16 00 0f 85 85 12 00 00 48 8b 14 24 49 89 45 48 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 <0f> 85 ac 12 00 00 4c 89 e2 4d 89 75 38 48 b8 00 00 00 00 00 fc ff
RSP: 0018:ffffc9000f907918 EFLAGS: 00000246
RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff9184d9e2
RDX: 1ffff92001f20f38 RSI: 1ffff92001f20f3a RDI: ffffc9000f907dc8
RBP: ffffc9000f9079d0 R08: ffffc9000f9079bc R09: ffffffff9184d9e6
R10: ffffc9000f907988 R11: 000000000008283d R12: ffffc9000f9079d8
R13: ffffc9000f907988 R14: ffffc9000f907dd0 R15: ffffc9000f907dc8
 arch_stack_walk+0x95/0x100 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x95/0xd0 kernel/stacktrace.c:122
 kasan_save_stack+0x33/0x60 mm/kasan/common.c:47
 kasan_save_track+0x14/0x30 mm/kasan/common.c:68
 unpoison_slab_object mm/kasan/common.c:319 [inline]
 __kasan_slab_alloc+0x89/0x90 mm/kasan/common.c:345
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4115 [inline]
 slab_alloc_node mm/slub.c:4164 [inline]
 kmem_cache_alloc_lru_noprof+0x226/0x3d0 mm/slub.c:4183
 sock_alloc_inode+0x25/0x1c0 net/socket.c:309
 alloc_inode+0x5d/0x230 fs/inode.c:336
 sock_alloc+0x40/0x280 net/socket.c:622
 __sock_create+0xc1/0x8d0 net/socket.c:1512
 sock_create net/socket.c:1606 [inline]
 __sys_socketpair+0x25d/0x5a0 net/socket.c:1757
 __do_sys_socketpair net/socket.c:1806 [inline]
 __se_sys_socketpair net/socket.c:1803 [inline]
 __x64_sys_socketpair+0x96/0x100 net/socket.c:1803
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fb737d8d169
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fb738c41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 00007fb737fa5fa0 RCX: 00007fb737d8d169
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
RBP: 00007fb737e0e2a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000200000000200 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007fb737fa5fa0 R15: 00007ffc9b87d1d8
 </TASK>
rcu: rcu_preempt kthread starved for 10498 jiffies! g52157 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:27552 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00004000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5378 [inline]
 __schedule+0xf43/0x5890 kernel/sched/core.c:6765
 __schedule_loop kernel/sched/core.c:6842 [inline]
 schedule+0xe7/0x350 kernel/sched/core.c:6857
 schedule_timeout+0x124/0x280 kernel/time/sleep_timeout.c:99
 rcu_gp_fqs_loop+0x1eb/0xb00 kernel/rcu/tree.c:2024
 rcu_gp_kthread+0x271/0x380 kernel/rcu/tree.c:2226
 kthread+0x3af/0x750 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 1 UID: 0 PID: 13437 Comm: syz.0.2086 Not tainted 6.14.0-rc7-syzkaller-00196-g88d324e69ea9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:csd_lock_wait kernel/smp.c:340 [inline]
RIP: 0010:smp_call_function_many_cond+0x4c6/0x12c0 kernel/smp.c:885
Code: 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 fc 4c 89 fd 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 e8 ac 0e 0c 00 f3 90 <41> 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31
RSP: 0018:ffffc9000faf7820 EFLAGS: 00000293
RAX: 0000000000000000 RBX: ffff8880b8646a00 RCX: ffffffff81ade1ea
RDX: ffff88805e020000 RSI: ffffffff81ade1c4 RDI: 0000000000000005
RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000001 R12: ffffed10170c8d41
R13: 0000000000000001 R14: ffff8880b873fe80 R15: ffff8880b8646a08
FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffffffffffe8 CR3: 000000000df80000 CR4: 00000000003526f0
DR0: fffffffffffffffc DR1: 0000000000000006 DR2: 0200000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <IRQ>
 </IRQ>
 <TASK>
 on_each_cpu_cond_mask+0x40/0x90 kernel/smp.c:1052
 __flush_tlb_multi arch/x86/include/asm/paravirt.h:91 [inline]
 flush_tlb_multi arch/x86/mm/tlb.c:966 [inline]
 flush_tlb_mm_range+0x271/0x4a0 arch/x86/mm/tlb.c:1054
 tlb_flush arch/x86/include/asm/tlb.h:20 [inline]
 tlb_flush_mmu_tlbonly include/asm-generic/tlb.h:481 [inline]
 tlb_flush_mmu_tlbonly include/asm-generic/tlb.h:471 [inline]
 tlb_flush_mmu mm/mmu_gather.c:395 [inline]
 tlb_finish_mmu+0x3c9/0x7b0 mm/mmu_gather.c:488
 exit_mmap+0x40e/0xba0 mm/mmap.c:1297
 __mmput+0x12a/0x410 kernel/fork.c:1356
 mmput+0x62/0x70 kernel/fork.c:1378
 exit_mm kernel/exit.c:570 [inline]
 do_exit+0x9ba/0x2db0 kernel/exit.c:925
 do_group_exit+0xd3/0x2a0 kernel/exit.c:1087
 get_signal+0x24ed/0x26c0 kernel/signal.c:3036
 arch_do_signal_or_restart+0x90/0x7e0 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:329 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x150/0x2a0 kernel/entry/common.c:218
 do_syscall_64+0xda/0x250 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f07cdd8d169
Code: Unable to access opcode bytes at 0x7f07cdd8d13f.
RSP: 002b:00007f07cebbe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
RAX: fffffffffffffe00 RBX: 00007f07cdfa6088 RCX: 00007f07cdd8d169
RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f07cdfa6088
RBP: 00007f07cdfa6080 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007f07cdfa608c
R13: 0000000000000000 R14: 00007fffecfa6ea0 R15: 00007fffecfa6f88
 </TASK>

Crashes (21):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/22 21:55 upstream 88d324e69ea9 c6512ef7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: rcu detected stall in __sock_create
2024/12/23 05:07 upstream bcde95ce32b6 b4fbdbd4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: rcu detected stall in __sock_create
2024/11/27 03:58 upstream 7eef7e306d3c 52b38cc1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce INFO: rcu detected stall in __sock_create
2024/11/19 05:32 upstream c6d64479d609 571351cb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: rcu detected stall in __sock_create
2024/10/28 22:44 upstream 819837584309 9efb3cc7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root INFO: rcu detected stall in __sock_create
2024/10/12 01:09 upstream 9e4c6c1ad9a1 084d8178 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root INFO: rcu detected stall in __sock_create
2024/09/26 08:29 upstream aa486552a110 0d19f247 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce INFO: rcu detected stall in __sock_create
2024/09/22 01:59 upstream 88264981f208 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root INFO: rcu detected stall in __sock_create
2024/08/29 16:05 upstream 928f79a188aa ef3de9e8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root INFO: rcu detected stall in __sock_create
2024/07/31 01:02 upstream 22f546873149 a4e01e1e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root INFO: rcu detected stall in __sock_create
2024/09/29 18:50 upstream e7ed34365879 ba29ff75 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 INFO: rcu detected stall in __sock_create
2024/12/31 05:31 net ad5c318086e2 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce INFO: rcu detected stall in __sock_create
2024/12/28 11:14 net a024e377efed d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce INFO: rcu detected stall in __sock_create
2024/12/23 16:03 net 30b981796b94 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce INFO: rcu detected stall in __sock_create
2024/12/07 08:24 net 0f6ede9fbc74 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce INFO: rcu detected stall in __sock_create
2024/10/18 06:00 net cb560795c8c2 666f77ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce INFO: rcu detected stall in __sock_create
2025/01/07 20:39 net-next 912d6f669725 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce INFO: rcu detected stall in __sock_create
2024/12/26 13:19 net-next 9268abe611b0 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce INFO: rcu detected stall in __sock_create
2024/11/27 23:58 net-next fcc79e1714e8 5df23865 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce INFO: rcu detected stall in __sock_create
2024/11/15 16:13 net-next 3d12862b216d f6ede3a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce INFO: rcu detected stall in __sock_create
2024/10/05 06:32 net-next d521db38f339 d7906eff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce INFO: rcu detected stall in __sock_create
* Struck through repros no longer work on HEAD.