Re: [syzbot] INFO: rcu detected stall in __hrtimer_run_queues

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+de9526ade17c659d8336@syzkaller.appspotmail.com>
To: hdanton@sina.com, linux-kernel@vger.kernel.org,
	syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] INFO: rcu detected stall in __hrtimer_run_queues
Date: Sun, 31 Jul 2022 00:38:10 -0700	[thread overview]
Message-ID: <0000000000000644b805e514f73c@google.com> (raw)
In-Reply-To: <20220731072530.451-1-hdanton@sina.com>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING in __hrtimer_run_queues

------------[ cut here ]------------
On CPU1 hrtimer mac80211_hwsim_beacon took more than 4 ticks
WARNING: CPU: 1 PID: 6080 at kernel/time/hrtimer.c:1523 __run_hrtimer kernel/time/hrtimer.c:1523 [inline]
WARNING: CPU: 1 PID: 6080 at kernel/time/hrtimer.c:1523 __hrtimer_run_queues+0xe30/0xff0 kernel/time/hrtimer.c:1587
Modules linked in:
CPU: 1 PID: 6080 Comm: syz-executor.3 Not tainted 5.11.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
RIP: 0010:__run_hrtimer kernel/time/hrtimer.c:1523 [inline]
RIP: 0010:__hrtimer_run_queues+0xe30/0xff0 kernel/time/hrtimer.c:1587
Code: fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e b7 01 00 00 41 8b 77 40 48 c7 c7 c0 97 4d 89 48 8b 54 24 08 e8 ca d0 56 07 <0f> 0b e9 6e f4 ff ff e8 d4 c1 52 00 e9 68 f6 ff ff 48 8b 7c 24 18
RSP: 0018:ffffc90000db0e50 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: ffff88801dcb0000 RSI: ffffffff815b73e5 RDI: fffff520001b61bc
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff815b05be R11: 0000000000000000 R12: ffff8880263bd878
R13: 0000000000000004 R14: ffff8880b9f26c80 R15: ffff8880b9f26a00
FS:  00007f0886014700(0000) GS:ffff8880b9f00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000056c000 CR3: 0000000023e2c000 CR4: 0000000000350ee0
Call Trace:
 <IRQ>
 hrtimer_run_softirq+0x17b/0x360 kernel/time/hrtimer.c:1604
 __do_softirq+0x29b/0x9f6 kernel/softirq.c:343
 asm_call_irq_on_stack+0xf/0x20
 </IRQ>
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:26 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:77 [inline]
 do_softirq_own_stack+0xaa/0xd0 arch/x86/kernel/irq_64.c:77
 invoke_softirq kernel/softirq.c:226 [inline]
 __irq_exit_rcu kernel/softirq.c:420 [inline]
 irq_exit_rcu+0x134/0x200 kernel/softirq.c:432
 sysvec_apic_timer_interrupt+0x4d/0x100 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:629
RIP: 0010:lock_acquire+0x1d2/0x720 kernel/locking/lockdep.c:5410
Code: 48 c7 c7 a0 a9 4b 89 48 83 c4 20 e8 88 b9 a1 07 b8 ff ff ff ff 65 0f c1 05 ab 2a a9 7e 83 f8 01 0f 85 da 03 00 00 ff 34 24 9d <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
RSP: 0018:ffffc900020ffd28 EFLAGS: 00000246
RAX: 0000000000000001 RBX: 1ffff9200041ffa7 RCX: 0000000000000001
RDX: 1ffff11003b96130 RSI: 0000000000000001 RDI: 0000000000000000
RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffff8ee6683f
R10: fffffbfff1dccd07 R11: 0000000000000001 R12: 0000000000000000
R13: ffff8880185411c8 R14: 0000000000000000 R15: 0000000000000000
 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline]
 _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:151
 spin_lock include/linux/spinlock.h:354 [inline]
 setfl fs/fcntl.c:79 [inline]
 do_fcntl+0x696/0x1070 fs/fcntl.c:347
 __do_sys_fcntl fs/fcntl.c:463 [inline]
 __se_sys_fcntl fs/fcntl.c:448 [inline]
 __x64_sys_fcntl+0x165/0x1e0 fs/fcntl.c:448
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x465d99
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f0886014188 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 0000000000465d99
RDX: 0000000000042000 RSI: 0000000000000004 RDI: 0000000000000003
RBP: 00000000004bcf27 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60
R13: 00007ffefcbe216f R14: 00007f0886014300 R15: 0000000000022000
----------------
Code disassembly (best guess):
   0:	48 c7 c7 a0 a9 4b 89 	mov    $0xffffffff894ba9a0,%rdi
   7:	48 83 c4 20          	add    $0x20,%rsp
   b:	e8 88 b9 a1 07       	callq  0x7a1b998
  10:	b8 ff ff ff ff       	mov    $0xffffffff,%eax
  15:	65 0f c1 05 ab 2a a9 	xadd   %eax,%gs:0x7ea92aab(%rip)        # 0x7ea92ac8
  1c:	7e
  1d:	83 f8 01             	cmp    $0x1,%eax
  20:	0f 85 da 03 00 00    	jne    0x400
  26:	ff 34 24             	pushq  (%rsp)
  29:	9d                   	popfq
* 2a:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax <-- trapping instruction
  31:	fc ff df
  34:	48 01 c3             	add    %rax,%rbx
  37:	48 c7 03 00 00 00 00 	movq   $0x0,(%rbx)
  3e:	48                   	rex.W
  3f:	c7                   	.byte 0xc7


Tested on:

commit:         f40ddce8 Linux 5.11
git tree:       https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
console output: https://syzkaller.appspot.com/x/log.txt?x=1791dcfe080000
kernel config:  https://syzkaller.appspot.com/x/.config?x=3565439810a4d2e5
dashboard link: https://syzkaller.appspot.com/bug?extid=de9526ade17c659d8336
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch:          https://syzkaller.appspot.com/x/patch.diff?x=157e1b36080000

next      parent reply	other threads:[~2022-07-31  7:38 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20220731072530.451-1-hdanton@sina.com>
2022-07-31  7:38 ` syzbot [this message]
     [not found] <20220731110143.913-1-hdanton@sina.com>
2022-07-31 11:13 ` [syzbot] INFO: rcu detected stall in __hrtimer_run_queues syzbot
     [not found] <20220731093631.791-1-hdanton@sina.com>
2022-07-31  9:53 ` syzbot
     [not found] <20220731082711.724-1-hdanton@sina.com>
2022-07-31  8:47 ` syzbot
     [not found] <20220731080330.602-1-hdanton@sina.com>
2022-07-31  8:19 ` syzbot
     [not found] <20220327092631.4171-1-hdanton@sina.com>
2022-03-27 10:59 ` syzbot
2021-02-20 21:05 syzbot
2021-11-16 15:41 ` [syzbot] " syzbot
2021-11-16 15:42   ` Jens Axboe
2021-11-17 11:59     ` Paul E. McKenney

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0000000000000644b805e514f73c@google.com \
    --to=syzbot+de9526ade17c659d8336@syzkaller.appspotmail.com \
    --cc=hdanton@sina.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.