Re: [syzbot] INFO: task can't die in reclaim_throttle

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+dcea9eda277e1090b35f@syzkaller.appspotmail.com>
To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org,
	 linux-mm@kvack.org, mgorman@techsingularity.net,
	 syzkaller-bugs@googlegroups.com, vbabka@suse.cz,
	willy@infradead.org
Subject: Re: [syzbot] INFO: task can't die in reclaim_throttle
Date: Sun, 12 Dec 2021 00:40:19 -0800	[thread overview]
Message-ID: <000000000000f5973605d2eee776@google.com> (raw)
In-Reply-To: <00000000000050185105d2ac05d2@google.com>

syzbot has found a reproducer for the following issue on:

HEAD commit:    ea922272cbe5 Add linux-next specific files for 20211210
git tree:       linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=130f5f75b00000
kernel config:  https://syzkaller.appspot.com/x/.config?x=c1359a19d2230002
dashboard link: https://syzkaller.appspot.com/bug?extid=dcea9eda277e1090b35f
compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=14f4a551b00000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1613df3ab00000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+dcea9eda277e1090b35f@syzkaller.appspotmail.com

INFO: task syz-executor786:3696 can't die for more than 143 seconds.
task:syz-executor786 state:D stack:28344 pid: 3696 ppid:  3669 flags:0x00004004
Call Trace:
 <TASK>
 context_switch kernel/sched/core.c:4986 [inline]
 __schedule+0xab2/0x4d90 kernel/sched/core.c:6296
 schedule+0xd2/0x260 kernel/sched/core.c:6369
 schedule_timeout+0x14a/0x2a0 kernel/time/timer.c:1881
 reclaim_throttle+0x1ce/0x5e0 mm/vmscan.c:1072
 consider_reclaim_throttle mm/vmscan.c:3399 [inline]
 shrink_zones mm/vmscan.c:3486 [inline]
 do_try_to_free_pages+0x7cd/0x1620 mm/vmscan.c:3541
 try_to_free_mem_cgroup_pages+0x2cd/0x840 mm/vmscan.c:3855
 reclaim_high.constprop.0+0x190/0x250 mm/memcontrol.c:2299
 mem_cgroup_handle_over_high+0x18c/0x540 mm/memcontrol.c:2483
 tracehook_notify_resume include/linux/tracehook.h:198 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x1ab/0x290 kernel/entry/common.c:207
 irqentry_exit_to_user_mode+0x5/0x40 kernel/entry/common.c:313
 exc_page_fault+0xc6/0x180 arch/x86/mm/fault.c:1543
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:568
RIP: 0033:0x7fd40489c3ee
RSP: 002b:00007ffe50e3a520 EFLAGS: 00010202
RAX: 00007fd4049253d0 RBX: 00007fd40491e508 RCX: 00007fd40489c3cb
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
RBP: 0000000000000001 R08: 0000000000000000 R09: 00005555571d1300
R10: 00005555571d15d0 R11: 0000000000000246 R12: 0000000000000001
R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe50e3a5a0
 </TASK>

Showing all locks held in the system:
1 lock held by khungtaskd/27:
 #0: ffffffff8bb818a0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x53/0x260 kernel/locking/lockdep.c:6460
6 locks held by kworker/u4:2/50:
 #0: ffff8880b9d39c98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2b/0x120 kernel/sched/core.c:489
 #1: ffff8880b9d27988 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x176/0x4e0 kernel/sched/psi.c:882
 #2: ffff8880b9d284d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5a/0x1f0 kernel/time/timer.c:946
 #3: ffffffff90799400 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x12e/0x3e0 lib/debugobjects.c:661
 #4: ffffffff8ba4a548 (text_mutex){+.+.}-{3:3}, at: arch_jump_label_transform_apply+0xe/0x20 arch/x86/kernel/jump_label.c:145
 #5: ffff888010dbb138 (ptlock_ptr(page)#2){+.+.}-{2:2}, at: spin_lock include/linux/spinlock.h:354 [inline]
 #5: ffff888010dbb138 (ptlock_ptr(page)#2){+.+.}-{2:2}, at: __get_locked_pte+0x2b6/0x4d0 mm/memory.c:1722
1 lock held by syslogd/2955:
 #0: ffff8880b9d39c98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2b/0x120 kernel/sched/core.c:489
2 locks held by getty/3289:
 #0: ffff88814a873098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:244
 #1: ffffc90002b962e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xcf0/0x1230 drivers/tty/n_tty.c:2077
3 locks held by syz-executor786/3925:
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 #1: ffff88801dc3c888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 fs/kernfs/file.c:287
 #2: ffff888070e3c3a8 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 fs/kernfs/file.c:288
3 locks held by syz-executor786/3928:
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 #1: ffff88801dc3cc88 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 fs/kernfs/file.c:287
 #2: ffff888070e3c3a8 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 fs/kernfs/file.c:288
3 locks held by syz-executor786/3931:
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 #1: ffff888077934488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 fs/kernfs/file.c:287
 #2: ffff888070e3c3a8 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 fs/kernfs/file.c:288
3 locks held by syz-executor786/3933:
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 #1: ffff88801dc3d488 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 fs/kernfs/file.c:287
 #2: ffff888070e3c3a8 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 fs/kernfs/file.c:288
3 locks held by syz-executor786/3935:
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __do_sys_sendfile64 fs/read_write.c:1310 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __se_sys_sendfile64 fs/read_write.c:1296 [inline]
 #0: ffff88807fb82460 (sb_writers#10){.+.+}-{0:0}, at: __x64_sys_sendfile64+0x1cc/0x210 fs/read_write.c:1296
 #1: ffff88801dc3d888 (&of->mutex){+.+.}-{3:3}, at: kernfs_fop_write_iter+0x287/0x500 fs/kernfs/file.c:287
 #2: ffff888070e3c3a8 (kn->active#167){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ab/0x500 fs/kernfs/file.c:288

=============================================

     prev parent reply	other threads:[~2021-12-12  8:40 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-09  0:52 [syzbot] INFO: task can't die in reclaim_throttle syzbot
2021-12-09 14:51 ` Vlastimil Babka
2021-12-09 16:25   ` Mel Gorman
2021-12-09 22:00   ` Matthew Wilcox
2021-12-11 21:11 ` syzbot
2021-12-12  8:40 ` syzbot [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=000000000000f5973605d2eee776@google.com \
    --to=syzbot+dcea9eda277e1090b35f@syzkaller.appspotmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-mm@kvack.org \
    --cc=mgorman@techsingularity.net \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=vbabka@suse.cz \
    --cc=willy@infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.