Hello,
syzbot found the following issue on:
HEAD commit: 6a37ebbe07bf Add linux-next specific files for 20211106
git tree: linux-next
console output:
https://syzkaller.appspot.com/x/log.txt?x=112d449eb00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=ba9c83199208e103
dashboard link:
https://syzkaller.appspot.com/bug?extid=eec9e21759acf26f9a5f
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
CC: [
ak...@linux-foundation.org linux-...@vger.kernel.org linu...@kvack.org]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+eec9e2...@syzkaller.appspotmail.com
INFO: task syz-executor.2:4559 can't die for more than 143 seconds.
task:syz-executor.2 state:D stack:22152 pid: 4559 ppid: 15550 flags:0x00004006
Call Trace:
<TASK>
context_switch kernel/sched/core.c:4984 [inline]
__schedule+0xa9a/0x4940 kernel/sched/core.c:6265
schedule+0xd2/0x260 kernel/sched/core.c:6338
schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881
reclaim_throttle+0x1ce/0x5e0 mm/vmscan.c:1072
consider_reclaim_throttle mm/vmscan.c:3399 [inline]
shrink_zones mm/vmscan.c:3486 [inline]
do_try_to_free_pages+0x878/0x1640 mm/vmscan.c:3541
try_to_free_pages+0x29f/0x750 mm/vmscan.c:3776
__perform_reclaim mm/page_alloc.c:4588 [inline]
__alloc_pages_direct_reclaim mm/page_alloc.c:4609 [inline]
__alloc_pages_slowpath.constprop.0+0xac7/0x20d0 mm/page_alloc.c:5007
__alloc_pages+0x412/0x500 mm/page_alloc.c:5382
alloc_pages+0x1a7/0x300 mm/mempolicy.c:2191
alloc_slab_page mm/slub.c:1793 [inline]
allocate_slab mm/slub.c:1938 [inline]
new_slab+0x349/0x4a0 mm/slub.c:1993
___slab_alloc+0x918/0xfe0 mm/slub.c:3022
__slab_alloc.constprop.0+0x4d/0xa0 mm/slub.c:3109
slab_alloc_node mm/slub.c:3200 [inline]
slab_alloc mm/slub.c:3242 [inline]
kmem_cache_alloc+0x35c/0x3a0 mm/slub.c:3247
mempool_alloc+0x146/0x350 mm/mempool.c:392
bio_alloc_bioset+0x2ff/0x4a0 block/bio.c:468
bio_clone_fast+0x21/0x160 block/bio.c:750
bio_split+0xc9/0x320 block/bio.c:1519
blk_bio_segment_split block/blk-merge.c:322 [inline]
__blk_queue_split+0x835/0x1340 block/blk-merge.c:357
blk_mq_submit_bio+0x18a/0x1b40 block/blk-mq.c:2500
__submit_bio+0x794/0x8e0 block/blk-core.c:873
__submit_bio_noacct_mq block/blk-core.c:951 [inline]
submit_bio_noacct block/blk-core.c:977 [inline]
submit_bio_noacct+0x6c9/0x8a0 block/blk-core.c:966
submit_bio block/blk-core.c:1038 [inline]
submit_bio+0x1ea/0x430 block/blk-core.c:996
mpage_bio_submit fs/mpage.c:66 [inline]
do_mpage_readpage+0xfee/0x1f80 fs/mpage.c:314
mpage_readahead+0x304/0x750 fs/mpage.c:389
read_pages+0x1e4/0xfa0 mm/readahead.c:129
page_cache_ra_unbounded+0x64b/0x940 mm/readahead.c:238
do_page_cache_ra+0xf9/0x140 mm/readahead.c:268
do_sync_mmap_readahead mm/filemap.c:2996 [inline]
filemap_fault+0x1562/0x26d0 mm/filemap.c:3089
__do_fault+0x10d/0x4d0 mm/memory.c:3853
do_read_fault mm/memory.c:4168 [inline]
do_fault mm/memory.c:4297 [inline]
handle_pte_fault mm/memory.c:4555 [inline]
__handle_mm_fault+0x28e8/0x5120 mm/memory.c:4690
handle_mm_fault+0x1c8/0x790 mm/memory.c:4788
faultin_page mm/gup.c:939 [inline]
__get_user_pages+0x522/0xfb0 mm/gup.c:1160
populate_vma_page_range+0x24d/0x330 mm/gup.c:1492
__mm_populate+0x1ea/0x3e0 mm/gup.c:1601
mm_populate include/linux/mm.h:2734 [inline]
vm_mmap_pgoff+0x20e/0x290 mm/util.c:524
ksys_mmap_pgoff+0x49f/0x620 mm/mmap.c:1624
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f3d31723ae9
RSP: 002b:00007f3d2ec78188 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
RAX: ffffffffffffffda RBX: 00007f3d31837020 RCX: 00007f3d31723ae9
RDX: 0000000001000002 RSI: 0000000000b36000 RDI: 0000000020000000
RBP: 00007f3d3177df25 R08: 0000000000000004 R09: 0000000000000000
R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffff6d43bef R14: 00007f3d2ec78300 R15: 0000000000022000
</TASK>
Showing all locks held in the system:
1 lock held by khungtaskd/27:
#0: ffffffff8bb83a60 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6458
1 lock held by khugepaged/33:
1 lock held by kswapd0/98:
1 lock held by kswapd1/99:
1 lock held by systemd-journal/2961:
1 lock held by cron/6214:
2 locks held by in:imklog/6233:
4 locks held by rs:main Q:Reg/6234:
2 locks held by syz-fuzzer/6522:
#0: ffff88807db7e940 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:838 [inline]
#0: ffff88807db7e940 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0x15ad/0x26d0 mm/filemap.c:3096
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __perform_reclaim mm/page_alloc.c:4585 [inline]
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:4609 [inline]
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_slowpath.constprop.0+0xa1e/0x20d0 mm/page_alloc.c:5007
2 locks held by syz-fuzzer/6523:
#0: ffff888071640120 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1645 [inline]
#0: ffff888071640120 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x1d/0x40 net/ipv4/tcp.c:1439
#1: ffffffff8bca8b48 (pcpu_drain_mutex){+.+.}-{3:3}, at: __drain_all_pages+0x4f/0x6c0 mm/page_alloc.c:3181
2 locks held by syz-fuzzer/6543:
#0: ffff88807db7e940 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_invalidate_lock_shared include/linux/fs.h:838 [inline]
#0: ffff88807db7e940 (mapping.invalidate_lock){++++}-{3:3}, at: filemap_fault+0x15ad/0x26d0 mm/filemap.c:3096
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __perform_reclaim mm/page_alloc.c:4585 [inline]
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:4609 [inline]
#1: ffffffff8bca7f40 (fs_reclaim){+.+.}-{0:0}, at: __alloc_pages_slowpath.constprop.0+0xa1e/0x20d0 mm/page_alloc.c:5007
3 locks held by kworker/0:1/5451:
3 locks held by kworker/1:3/8267:
2 locks held by syz-executor.2/4559:
=============================================
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.