INFO: task can't die in shrink_inactive_list

15 views

Skip to first unread message

syzbot

unread,

Aug 28, 2020, 1:28:22 AM8/28/20

to syzkaller-upst...@googlegroups.com

Hello,

syzbot found the following issue on:

HEAD commit: 494d311a Add linux-next specific files for 20200821
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=13050972900000
kernel config: https://syzkaller.appspot.com/x/.config?x=a61d44f28687f508
dashboard link: https://syzkaller.appspot.com/bug?extid=0eb66ce2f60773f7efcb
compiler: gcc (GCC) 10.1.0-syz 20200507
CC: [ak...@linux-foundation.org linux-...@vger.kernel.org linu...@kvack.org]

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0eb66c...@syzkaller.appspotmail.com

INFO: task syz-executor.0:18288 can't die for more than 143 seconds.
task:syz-executor.0 state:R running task stack:22472 pid:18288 ppid: 6855 flags:0x00004006
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:4683
preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:40
__raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
_raw_spin_unlock_irq+0x67/0x80 kernel/locking/spinlock.c:199
spin_unlock_irq include/linux/spinlock.h:404 [inline]
shrink_inactive_list+0x2b6/0xd20 mm/vmscan.c:1953
shrink_list mm/vmscan.c:2168 [inline]
shrink_lruvec+0x5fe/0x1160 mm/vmscan.c:2463
shrink_node_memcgs mm/vmscan.c:2643 [inline]
shrink_node+0x829/0x1d10 mm/vmscan.c:2760
shrink_zones mm/vmscan.c:2963 [inline]
do_try_to_free_pages+0x38b/0x1420 mm/vmscan.c:3018
try_to_free_pages+0x29e/0x7d0 mm/vmscan.c:3257
__perform_reclaim mm/page_alloc.c:4260 [inline]
__alloc_pages_direct_reclaim mm/page_alloc.c:4281 [inline]
__alloc_pages_slowpath.constprop.0+0x995/0x2860 mm/page_alloc.c:4685
__alloc_pages_nodemask+0x62c/0x790 mm/page_alloc.c:4901
__alloc_pages include/linux/gfp.h:509 [inline]
__alloc_pages_node include/linux/gfp.h:522 [inline]
kmem_getpages mm/slab.c:1376 [inline]
cache_grow_begin+0x71/0x430 mm/slab.c:2590
fallback_alloc+0x205/0x2d0 mm/slab.c:3137
__do_cache_alloc mm/slab.c:3275 [inline]
slab_alloc mm/slab.c:3304 [inline]
kmem_cache_alloc+0x236/0x3a0 mm/slab.c:3482
mempool_alloc+0x146/0x350 mm/mempool.c:393
bio_alloc_bioset+0x37b/0x5d0 block/bio.c:486
bio_clone_fast+0x21/0x1b0 block/bio.c:710
bio_split+0xc7/0x2c0 block/bio.c:1477
blk_bio_segment_split block/blk-merge.c:281 [inline]
__blk_queue_split+0x10e2/0x1650 block/blk-merge.c:331
blk_mq_submit_bio+0x1b0/0x1760 block/blk-mq.c:2145
__submit_bio_noacct_mq block/blk-core.c:1179 [inline]
submit_bio_noacct+0xc78/0x12b0 block/blk-core.c:1212
submit_bio+0x263/0x5b0 block/blk-core.c:1282
mpage_bio_submit fs/mpage.c:66 [inline]
do_mpage_readpage+0x1054/0x1ef0 fs/mpage.c:316
mpage_readahead+0x3a3/0x880 fs/mpage.c:391
read_pages+0x1df/0x8d0 mm/readahead.c:130
page_cache_readahead_unbounded+0x572/0x850 mm/readahead.c:244
__do_page_cache_readahead+0xc2/0xf0 mm/readahead.c:273
ra_submit mm/internal.h:64 [inline]
do_sync_mmap_readahead mm/filemap.c:2507 [inline]
filemap_fault+0x1a3d/0x2ab0 mm/filemap.c:2595
__do_fault+0x10d/0x4d0 mm/memory.c:3463
do_shared_fault mm/memory.c:3910 [inline]
do_fault mm/memory.c:3988 [inline]
handle_pte_fault mm/memory.c:4224 [inline]
__handle_mm_fault mm/memory.c:4359 [inline]
handle_mm_fault+0x35de/0x4580 mm/memory.c:4457
do_user_addr_fault+0x598/0xbf0 arch/x86/mm/fault.c:1294
handle_page_fault arch/x86/mm/fault.c:1351 [inline]
exc_page_fault+0xa8/0x160 arch/x86/mm/fault.c:1404
asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538
RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:70
Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 c0 fe 01 00 48 8b 9b 90 15 00 00 48 83 eb 03 48 39 d9 73 4a 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
RSP: 0018:ffffc90017407e48 EFLAGS: 00010297
RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000200
RDX: 0000000000040000 RSI: ffffffff8635765b RDI: 0000000000000286
RBP: 0000000000000002 R08: 0000000000000001 R09: ffff888095fcaba8
R10: fffffbfff1576bd1 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000005 R14: 0000000000000000 R15: dffffc0000000000
__sys_socketpair+0x107/0x570 net/socket.c:1565
__do_sys_socketpair net/socket.c:1631 [inline]
__se_sys_socketpair net/socket.c:1628 [inline]
__x64_sys_socketpair+0x93/0xf0 net/socket.c:1628
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d579
Code: Bad RIP value.
RSP: 002b:00007f493f903c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 0000000000033840 RCX: 000000000045d579
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
RBP: 000000000118cf88 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020000200 R11: 0000000000000246 R12: 000000000118cf4c
R13: 00007ffe4fda706f R14: 00007f493f9049c0 R15: 000000000118cf4c
INFO: task syz-executor.3:18305 can't die for more than 150 seconds.
task:syz-executor.3 state:D stack:28736 pid:18305 ppid: 6861 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602
io_schedule+0xb5/0x120 kernel/sched/core.c:6296
wait_on_page_bit_common+0x52c/0xca0 mm/filemap.c:1193
lock_page include/linux/pagemap.h:548 [inline]
truncate_inode_pages_range+0xb69/0x16a0 mm/truncate.c:446
blk_ioctl_zeroout block/ioctl.c:170 [inline]
blkdev_common_ioctl+0xae2/0x1760 block/ioctl.c:510
blkdev_ioctl+0x1da/0x700 block/ioctl.c:618
block_ioctl+0xf9/0x140 fs/block_dev.c:1871
vfs_ioctl fs/ioctl.c:48 [inline]
__do_sys_ioctl fs/ioctl.c:753 [inline]
__se_sys_ioctl fs/ioctl.c:739 [inline]
__x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d579
Code: Bad RIP value.
RSP: 002b:00007fc10eb55c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000009000 RCX: 000000000045d579
RDX: 0000000020000080 RSI: 000000000000127f RDI: 0000000000000006
RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c
R13: 00007ffe8f1292cf R14: 00007fc10eb569c0 R15: 000000000118cf4c
INFO: task syz-executor.3:18322 can't die for more than 152 seconds.
task:syz-executor.3 state:D stack:29600 pid:18322 ppid: 6861 flags:0x00004004
Call Trace:
context_switch kernel/sched/core.c:3778 [inline]
__schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
schedule+0xd0/0x2a0 kernel/sched/core.c:4602

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

syzbot

unread,

Oct 23, 2020, 1:26:13 AM10/23/20

to syzkaller-upst...@googlegroups.com

Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.

Reply all

Reply to author

Forward

0 new messages