Re: [syzbot] [mm?] INFO: rcu detected stall in schedule_tail (8)

[syzbot <syzbot+42836f91edd58eb82c6a@syzkaller.appspotmail.com>]

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
INFO: rcu detected stall in schedule_timeout

rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
rcu: 	(detected by 0, t=10502 jiffies, g=14829, q=576 ncpus=2)
rcu: All QSes seen, last rcu_preempt kthread activity 10504 (4294959943-4294949439), jiffies_till_next_fqs=1, root ->qsmask 0x0
rcu: rcu_preempt kthread starved for 10505 jiffies! g14829 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
rcu: RCU grace-period kthread stack dump:
task:rcu_preempt     state:R  running task     stack:28408 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:5260 [inline]
 __schedule+0xfe4/0x5e10 kernel/sched/core.c:6867
 preempt_schedule_irq+0x50/0x90 kernel/sched/core.c:7194
 irqentry_exit+0x17b/0x670 kernel/entry/common.c:216
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:697
RIP: 0010:__free_object+0x2b5/0x400 lib/debugobjects.c:524
Code: 00 0f 85 f7 00 00 00 48 c7 43 08 e0 7b 0d 9b 4d 85 e4 0f 84 66 ff ff ff e8 38 50 1f fd 9c 58 f6 c4 02 0f 85 12 01 00 00 fb 5b <5d> 41 5c 41 5d c3 cc cc cc cc 48 c7 c7 60 d2 15 8f e8 25 fd 89 06
RSP: 0018:ffffc90000157a20 EFLAGS: 00000246
RAX: 0000000000000002 RBX: ffff88801f332968 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8dc4581b RDI: ffffffff8bfa35a0
RBP: ffff8880b853c680 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000200
R13: ffff8880532ca5e8 R14: ffffc90000157b58 R15: 1ffff9200002af4c
 free_object lib/debugobjects.c:532 [inline]
 debug_object_free+0x295/0x550 lib/debugobjects.c:976
 schedule_timeout+0x137/0x280 kernel/time/sleep_timeout.c:103
 rcu_gp_fqs_loop+0x1a9/0xb00 kernel/rcu/tree.c:2083
 rcu_gp_kthread+0x21e/0x320 kernel/rcu/tree.c:2285
 kthread+0x3b3/0x730 kernel/kthread.c:463
 ret_from_fork+0x754/0xaf0 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246
 </TASK>
rcu: Stack dump where RCU GP kthread last ran:
CPU: 0 UID: 0 PID: 6551 Comm: syz.0.34 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
RIP: 0010:__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:160 [inline]
RIP: 0010:_raw_spin_unlock_irq+0x29/0x50 kernel/locking/spinlock.c:202
Code: 90 f3 0f 1e fa 53 48 8b 74 24 08 48 89 fb 48 83 c7 18 e8 4a 8d 69 f6 48 89 df e8 32 db 69 f6 e8 9d 4e 95 f6 fb bf 01 00 00 00 <e8> e2 29 5a f6 65 8b 05 ab da 6a 08 85 c0 74 06 5b e9 91 4a 00 00
RSP: 0018:ffffc900040afe40 EFLAGS: 00000202
RAX: 0000000005276bf1 RBX: ffff88802e958000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff8dc4581b RDI: 0000000000000001
RBP: ffff88807cc28968 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807cc28000
R13: 0000000100000000 R14: 0000000000000007 R15: 0000000000000000
FS:  00007f02334076c0(0000) GS:ffff8881245d9000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000000058 CR3: 00000000533f5000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 spin_unlock_irq include/linux/spinlock.h:401 [inline]
 __set_current_blocked kernel/signal.c:3222 [inline]
 set_current_blocked+0xdd/0x120 kernel/signal.c:3206
 __do_sys_rt_sigreturn+0x1a2/0x2c0 arch/x86/kernel/signal_64.c:263
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f023253c0d9
Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
RSP: 002b:00007f0233406400 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
RAX: ffffffffffffffda RBX: 00007f0232815fa8 RCX: 00007f023253c0d9
RDX: 00007f0233406400 RSI: 00007f0233406530 RDI: 0000000000000021
RBP: 00007f0232815fa0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
R13: 00007f0232816038 R14: 00007ffc229935c0 R15: 00007ffc229936a8
 </TASK>


Tested on:

commit:         fcb70a56 Merge tag 'vfs-6.19-rc8.fixes' of git://git.k..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=128aa05a580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=f1fac0919970b671
dashboard link: https://syzkaller.appspot.com/bug?extid=42836f91edd58eb82c6a
compiler:       gcc (Debian 14.2.0-19) 14.2.0, GNU ld (GNU Binutils for Debian) 2.44
patch:          https://syzkaller.appspot.com/x/patch.diff?x=11be505a580000