syzbot

 sign-in | mailing list | source | docs
🐞 Open [712] 🐞 Fixed [297] 🐞 Invalid [838] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

INFO: task hung in copy_mnt_ns

Status: auto-closed as invalid on 2022/05/20 11:54
Reported-by: syzbot+b32e01d0eacc4f73b49f@syzkaller.appspotmail.com
First crash: 863d, last: 835d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream INFO: task hung in copy_mnt_ns fs 3 845d 856d 0/26 closed as invalid on 2022/02/08 09:50

Sample crash report:
 active_file:93 inactive_file:198 isolated_file:80
 unevictable:0 dirty:10 writeback:0 unstable:0
 slab_reclaimable:11143 slab_unreclaimable:190462
 mapped:22770 shmem:9811 pagetables:92885 bounce:0
 free:25250 free_pcp:1330 free_cma:0
INFO: task syz-executor.2:5083 blocked for more than 140 seconds.
      Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2  D28576  5083   5077 0x00000000
Call Trace:
 context_switch kernel/sched/core.c:2828 [inline]
 __schedule+0x887/0x2040 kernel/sched/core.c:3517
 schedule+0x8d/0x1b0 kernel/sched/core.c:3561
 __rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
 rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 active_anon:1792428kB inactive_anon:36056kB active_file:336kB inactive_file:1056kB unevictable:0kB isolated(anon):0kB isolated(file):320kB mapped:91200kB dirty:0kB writeback:0kB shmem:39224kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1169408kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
 call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 1 active_anon:3114600kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:20kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10968kB min:204kB low:252kB high:300kB active_anon:4776kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:32kB pagetables:28kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
Node 0 DMA32 free:35632kB min:35996kB low:44992kB high:53988kB active_anon:1787652kB inactive_anon:36056kB active_file:336kB inactive_file:1056kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:56416kB pagetables:122048kB bounce:0kB free_pcp:1260kB local_pcp:600kB free_cma:0kB
 __down_write arch/x86/include/asm/rwsem.h:142 [inline]
 down_write+0x4f/0x90 kernel/locking/rwsem.c:72
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53936kB min:53876kB low:67344kB high:80812kB active_anon:3114604kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:152992kB pagetables:248380kB bounce:0kB free_pcp:892kB local_pcp:304kB free_cma:0kB
 namespace_lock fs/namespace.c:1370 [inline]
 copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 0*4kB 1*8kB (M) 1*16kB (M) 0*32kB 1*64kB (M) 1*128kB (U) 2*256kB (UM) 0*512kB 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10968kB
Node 0 DMA32: 20*4kB (MH) 308*8kB (UH) 1581*16kB (UEH) 209*32kB (UEH) 8*64kB (H) 2*128kB (H) 0*256kB 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 35808kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Node 1 Normal: 2454*4kB (UME) 207*8kB (UE) 136*16kB (UE) 80*32kB (UE) 6*64kB (UME) 1*128kB (U) 1*256kB (M) 2*512kB (UE) 1*1024kB (M) 1*2048kB (M) 8*4096kB (UM) = 53840kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
 create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
10161 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 7754 (syz-executor.2) score 0 or sacrifice child
Killed process 7754 (syz-executor.2) total-vm:57200kB, anon-rss:2464kB, file-rss:14280kB, shmem-rss:0kB
 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
oom_reaper: reaped process 7754 (syz-executor.2), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
 copy_process kernel/fork.c:1710 [inline]
 _do_fork+0x22f/0xf30 kernel/fork.c:2219
syz-executor.2 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 0 PID: 7933 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
 dump_header+0x15d/0xc3f mm/oom_kill.c:443
 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
 out_of_memory mm/oom_kill.c:1114 [inline]
 out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
 __alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
 __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 __alloc_pages include/linux/gfp.h:496 [inline]
 __alloc_pages_node include/linux/gfp.h:509 [inline]
 alloc_pages_node include/linux/gfp.h:523 [inline]
 alloc_thread_stack_node kernel/fork.c:240 [inline]
 dup_task_struct kernel/fork.c:811 [inline]
 copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753
 copy_process kernel/fork.c:1710 [inline]
 _do_fork+0x22f/0xf30 kernel/fork.c:2219
 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc4f8894fe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fc4f720a118 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc4f89a7f60 RCX: 00007fc4f8894fe9
RDX: 00000000200002c0 RSI: 0000000020001440 RDI: 0000000000020000
RBP: 00007fc4f88ef08d R08: 0000000020001440 R09: 0000000020001440
R10: 0000000020000300 R11: 0000000000000206 R12: 0000000000000000
R13: 00007ffe668173af R14: 00007fc4f720a300 R15: 0000000000022000

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/01/20 11:54 linux-4.19.y 3f8a27f9e27b 5da9499f .config console log report info ci2-linux-4-19 INFO: task hung in copy_mnt_ns
2022/01/20 09:34 linux-4.19.y 3f8a27f9e27b 5da9499f .config console log report info ci2-linux-4-19 INFO: task hung in copy_mnt_ns
2022/01/14 20:40 linux-4.19.y 3f8a27f9e27b 53e00b45 .config console log report info ci2-linux-4-19 INFO: task hung in copy_mnt_ns
2021/12/23 07:33 linux-4.19.y 3f8a27f9e27b 6caa12e4 .config console log report info ci2-linux-4-19 INFO: task hung in copy_mnt_ns
* Struck through repros no longer work on HEAD.