syzbot

 sign-in | mailing list | source | docs
🐞 Open [983] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12500] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task can't die in shrink_inactive_list

Status: auto-closed as invalid on 2020/10/23 05:26
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+0eb66ce2f60773f7efcb@syzkaller.appspotmail.com
First crash: 1339d, last: 1339d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task can't die in shrink_inactive_list (2) mm C error 2 1254d 1251d 0/26 upstream: reported C repro on 2020/11/21 01:55

Sample crash report:
INFO: task syz-executor.0:18288 can't die for more than 143 seconds.
task:syz-executor.0  state:R  running task     stack:22472 pid:18288 ppid:  6855 flags:0x00004006
Call Trace:
 context_switch kernel/sched/core.c:3778 [inline]
 __schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
 preempt_schedule_common+0x45/0xc0 kernel/sched/core.c:4683
 preempt_schedule_thunk+0x16/0x18 arch/x86/entry/thunk_64.S:40
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:169 [inline]
 _raw_spin_unlock_irq+0x67/0x80 kernel/locking/spinlock.c:199
 spin_unlock_irq include/linux/spinlock.h:404 [inline]
 shrink_inactive_list+0x2b6/0xd20 mm/vmscan.c:1953
 shrink_list mm/vmscan.c:2168 [inline]
 shrink_lruvec+0x5fe/0x1160 mm/vmscan.c:2463
 shrink_node_memcgs mm/vmscan.c:2643 [inline]
 shrink_node+0x829/0x1d10 mm/vmscan.c:2760
 shrink_zones mm/vmscan.c:2963 [inline]
 do_try_to_free_pages+0x38b/0x1420 mm/vmscan.c:3018
 try_to_free_pages+0x29e/0x7d0 mm/vmscan.c:3257
 __perform_reclaim mm/page_alloc.c:4260 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:4281 [inline]
 __alloc_pages_slowpath.constprop.0+0x995/0x2860 mm/page_alloc.c:4685
 __alloc_pages_nodemask+0x62c/0x790 mm/page_alloc.c:4901
 __alloc_pages include/linux/gfp.h:509 [inline]
 __alloc_pages_node include/linux/gfp.h:522 [inline]
 kmem_getpages mm/slab.c:1376 [inline]
 cache_grow_begin+0x71/0x430 mm/slab.c:2590
 fallback_alloc+0x205/0x2d0 mm/slab.c:3137
 __do_cache_alloc mm/slab.c:3275 [inline]
 slab_alloc mm/slab.c:3304 [inline]
 kmem_cache_alloc+0x236/0x3a0 mm/slab.c:3482
 mempool_alloc+0x146/0x350 mm/mempool.c:393
 bio_alloc_bioset+0x37b/0x5d0 block/bio.c:486
 bio_clone_fast+0x21/0x1b0 block/bio.c:710
 bio_split+0xc7/0x2c0 block/bio.c:1477
 blk_bio_segment_split block/blk-merge.c:281 [inline]
 __blk_queue_split+0x10e2/0x1650 block/blk-merge.c:331
 blk_mq_submit_bio+0x1b0/0x1760 block/blk-mq.c:2145
 __submit_bio_noacct_mq block/blk-core.c:1179 [inline]
 submit_bio_noacct+0xc78/0x12b0 block/blk-core.c:1212
 submit_bio+0x263/0x5b0 block/blk-core.c:1282
 mpage_bio_submit fs/mpage.c:66 [inline]
 do_mpage_readpage+0x1054/0x1ef0 fs/mpage.c:316
 mpage_readahead+0x3a3/0x880 fs/mpage.c:391
 read_pages+0x1df/0x8d0 mm/readahead.c:130
 page_cache_readahead_unbounded+0x572/0x850 mm/readahead.c:244
 __do_page_cache_readahead+0xc2/0xf0 mm/readahead.c:273
 ra_submit mm/internal.h:64 [inline]
 do_sync_mmap_readahead mm/filemap.c:2507 [inline]
 filemap_fault+0x1a3d/0x2ab0 mm/filemap.c:2595
 __do_fault+0x10d/0x4d0 mm/memory.c:3463
 do_shared_fault mm/memory.c:3910 [inline]
 do_fault mm/memory.c:3988 [inline]
 handle_pte_fault mm/memory.c:4224 [inline]
 __handle_mm_fault mm/memory.c:4359 [inline]
 handle_mm_fault+0x35de/0x4580 mm/memory.c:4457
 do_user_addr_fault+0x598/0xbf0 arch/x86/mm/fault.c:1294
 handle_page_fault arch/x86/mm/fault.c:1351 [inline]
 exc_page_fault+0xa8/0x160 arch/x86/mm/fault.c:1404
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:538
RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:70
Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 c0 fe 01 00 48 8b 9b 90 15 00 00 48 83 eb 03 48 39 d9 73 4a 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
RSP: 0018:ffffc90017407e48 EFLAGS: 00010297
RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000200
RDX: 0000000000040000 RSI: ffffffff8635765b RDI: 0000000000000286
RBP: 0000000000000002 R08: 0000000000000001 R09: ffff888095fcaba8
R10: fffffbfff1576bd1 R11: 0000000000000000 R12: 0000000000000004
R13: 0000000000000005 R14: 0000000000000000 R15: dffffc0000000000
 __sys_socketpair+0x107/0x570 net/socket.c:1565
 __do_sys_socketpair net/socket.c:1631 [inline]
 __se_sys_socketpair net/socket.c:1628 [inline]
 __x64_sys_socketpair+0x93/0xf0 net/socket.c:1628
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d579
Code: Bad RIP value.
RSP: 002b:00007f493f903c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 0000000000033840 RCX: 000000000045d579
RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
RBP: 000000000118cf88 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020000200 R11: 0000000000000246 R12: 000000000118cf4c
R13: 00007ffe4fda706f R14: 00007f493f9049c0 R15: 000000000118cf4c
INFO: task syz-executor.3:18305 can't die for more than 150 seconds.
task:syz-executor.3  state:D stack:28736 pid:18305 ppid:  6861 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:3778 [inline]
 __schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
 schedule+0xd0/0x2a0 kernel/sched/core.c:4602
 io_schedule+0xb5/0x120 kernel/sched/core.c:6296
 wait_on_page_bit_common+0x52c/0xca0 mm/filemap.c:1193
 lock_page include/linux/pagemap.h:548 [inline]
 truncate_inode_pages_range+0xb69/0x16a0 mm/truncate.c:446
 blk_ioctl_zeroout block/ioctl.c:170 [inline]
 blkdev_common_ioctl+0xae2/0x1760 block/ioctl.c:510
 blkdev_ioctl+0x1da/0x700 block/ioctl.c:618
 block_ioctl+0xf9/0x140 fs/block_dev.c:1871
 vfs_ioctl fs/ioctl.c:48 [inline]
 __do_sys_ioctl fs/ioctl.c:753 [inline]
 __se_sys_ioctl fs/ioctl.c:739 [inline]
 __x64_sys_ioctl+0x193/0x200 fs/ioctl.c:739
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d579
Code: Bad RIP value.
RSP: 002b:00007fc10eb55c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000009000 RCX: 000000000045d579
RDX: 0000000020000080 RSI: 000000000000127f RDI: 0000000000000006
RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c
R13: 00007ffe8f1292cf R14: 00007fc10eb569c0 R15: 000000000118cf4c
INFO: task syz-executor.3:18322 can't die for more than 152 seconds.
task:syz-executor.3  state:D stack:29600 pid:18322 ppid:  6861 flags:0x00004004
Call Trace:
 context_switch kernel/sched/core.c:3778 [inline]
 __schedule+0x8e5/0x21e0 kernel/sched/core.c:4527
 schedule+0xd0/0x2a0 kernel/sched/core.c:4602

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/24 05:25 linux-next 494d311a82bb cef5ae68 .config console log report ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.