INFO: rcu detected stall in x25_connect

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+564c57b4bf1df3ce1c94@syzkaller.appspotmail.com>
To: andrew.hendry@gmail.com, davem@davemloft.net,
	dvlasenk@redhat.com, gregkh@linuxfoundation.org,
	linux-kernel@vger.kernel.org, linux-x25@vger.kernel.org,
	ms@dev.tdt.de, netdev@vger.kernel.org,
	syzkaller-bugs@googlegroups.com
Subject: INFO: rcu detected stall in x25_connect
Date: Mon, 31 Dec 2018 00:03:03 -0800	[thread overview]
Message-ID: <0000000000009b5ae5057e4cd7d1@google.com> (raw)

Hello,

syzbot found the following crash on:

HEAD commit:    38355a5f9a22 bnx2x: Fix NULL pointer dereference in bnx2x_..
git tree:       net
console output: https://syzkaller.appspot.com/x/log.txt?x=15fe1677400000
kernel config:  https://syzkaller.appspot.com/x/.config?x=a91d685acb971514
dashboard link: https://syzkaller.appspot.com/bug?extid=564c57b4bf1df3ce1c94
compiler:       gcc (GCC) 8.0.1 20180413 (experimental)

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+564c57b4bf1df3ce1c94@syzkaller.appspotmail.com

rcu: INFO: rcu_preempt self-detected stall on CPU
rcu: 	1-...!: (1 GPs behind) idle=b82/1/0x4000000000000002  
softirq=245727/245728 fqs=2
rcu: 	 (t=10500 jiffies g=375665 q=22)
rcu: rcu_preempt kthread starved for 10496 jiffies! g375665 f0x0  
RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
rcu: RCU grace-period kthread stack dump:
rcu_preempt     I22568    10      2 0x80000000
Call Trace:
  context_switch kernel/sched/core.c:2831 [inline]
  __schedule+0x86c/0x1ed0 kernel/sched/core.c:3472
  schedule+0xfe/0x460 kernel/sched/core.c:3516
  schedule_timeout+0x140/0x260 kernel/time/timer.c:1804
  rcu_gp_fqs_loop+0x762/0xa80 kernel/rcu/tree.c:1934
  rcu_gp_kthread+0x341/0xc70 kernel/rcu/tree.c:2090
  kthread+0x35a/0x440 kernel/kthread.c:246
  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352
NMI backtrace for cpu 1
CPU: 1 PID: 23613 Comm: syz-executor0 Not tainted 4.20.0-rc7+ #249
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
Call Trace:
  <IRQ>
  __dump_stack lib/dump_stack.c:77 [inline]
  dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113
  nmi_cpu_backtrace.cold.4+0x63/0xa2 lib/nmi_backtrace.c:101
  nmi_trigger_cpumask_backtrace+0x1c2/0x22c lib/nmi_backtrace.c:62
  arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
  trigger_single_cpu_backtrace include/linux/nmi.h:164 [inline]
  rcu_dump_cpu_stacks+0x16f/0x1bc kernel/rcu/tree.c:1195
  print_cpu_stall.cold.65+0x1f3/0x3c6 kernel/rcu/tree.c:1334
  check_cpu_stall kernel/rcu/tree.c:1408 [inline]
  rcu_pending kernel/rcu/tree.c:2961 [inline]
  rcu_check_callbacks+0xac1/0x1410 kernel/rcu/tree.c:2506
  update_process_times+0x2d/0x70 kernel/time/timer.c:1636
  tick_sched_handle+0x9f/0x180 kernel/time/tick-sched.c:164
  tick_sched_timer+0x45/0x130 kernel/time/tick-sched.c:1274
  __run_hrtimer kernel/time/hrtimer.c:1398 [inline]
  __hrtimer_run_queues+0x41c/0x10d0 kernel/time/hrtimer.c:1460
  hrtimer_interrupt+0x313/0x780 kernel/time/hrtimer.c:1518
  local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1034 [inline]
  smp_apic_timer_interrupt+0x1a1/0x760 arch/x86/kernel/apic/apic.c:1059
  apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:807
  </IRQ>
RIP: 0010:__x25_find_socket+0x6c/0x110 net/x25/af_x25.c:327
Code: 2f e8 d8 a9 87 fa 48 8d 7b 68 48 89 f8 48 c1 e8 03 42 80 3c 20 00 0f  
85 a1 00 00 00 48 8b 5b 68 48 85 db 74 7c e8 b4 a9 87 fa <48> 83 eb 68 74  
71 e8 a9 a9 87 fa 48 8d bb 88 04 00 00 48 89 f8 48
RSP: 0018:ffff88806485faa8 EFLAGS: 00000246 ORIG_RAX: ffffffffffffff13
RAX: 0000000000040000 RBX: ffff88809f242a68 RCX: ffffc90005df9000
RDX: 0000000000040000 RSI: ffffffff86f6b08c RDI: ffff88809f242a68
RBP: ffff88806485fad0 R08: ffff88808e4e8700 R09: fffffbfff13fc688
R10: fffffbfff13fc688 R11: ffffffff89fe3443 R12: dffffc0000000000
R13: 0000000000000001 R14: ffff88809b212940 R15: 0000000000000000
  x25_new_lci net/x25/af_x25.c:357 [inline]
  x25_connect+0x380/0x1050 net/x25/af_x25.c:786
  __sys_connect+0x37d/0x4c0 net/socket.c:1664
  __do_sys_connect net/socket.c:1675 [inline]
  __se_sys_connect net/socket.c:1672 [inline]
  __x64_sys_connect+0x73/0xb0 net/socket.c:1672
  do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
  entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4579b9
Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7  
48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff  
ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb14afb2c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000004579b9
RDX: 0000000000000012 RSI: 0000000020000040 RDI: 0000000000000004
RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb14afb36d4
R13: 00000000004be22e R14: 00000000004ce488 R15: 00000000ffffffff


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with  
syzbot.

                 reply	other threads:[~2018-12-31  8:03 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0000000000009b5ae5057e4cd7d1@google.com \
    --to=syzbot+564c57b4bf1df3ce1c94@syzkaller.appspotmail.com \
    --cc=andrew.hendry@gmail.com \
    --cc=davem@davemloft.net \
    --cc=dvlasenk@redhat.com \
    --cc=gregkh@linuxfoundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-x25@vger.kernel.org \
    --cc=ms@dev.tdt.de \
    --cc=netdev@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.