Re: [BUG] rcu detected stall in shmem_file_write_iter

Next message: Maud Spierings via B4 Relay: "[PATCH v6 1/5] dt-bindings: arm: fsl: Add GOcontroll Moduline IV/Mini"
Previous message: Kiryl Shutsemau: "Re: [PATCHv6 05/17] riscv/mm: Align vmemmap to maximal folio size"
In reply to: Zw Tang: "[BUG] rcu detected stall in shmem_file_write_iter"
Next in thread: Kunwu Chan: "Re: [BUG] rcu detected stall in shmem_file_write_iter"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Hildenbrand (Arm)

Date: Thu Feb 05 2026 - 08:50:42 EST

On 2/5/26 13:57, Zw Tang wrote:

Hi,

I am reporting a reproducible RCU stall observed on Linux 6.19.0-rc7,
triggered by a syzkaller C reproducer.

The stall is reported while a userspace task is executing the tmpfs
(shmem) write path. The blocked task is a syz-executor process, and the
RCU report consistently shows it running in the shmem write / folio
allocation path for an extended period of time.

The relevant call trace of the stalled task is:

shmem_file_write_iter
shmem_write_begin
shmem_get_folio_gfp
__folio_batch_add_and_move
folio_batch_move_lru
lru_add
__mod_zone_page_state

lru_add()->lruvec_add_folio() calls update_lru_size()->__update_lru_size()->__mod_zone_page_state().

On SMP systems we end up in mm/vmstat.c:__mod_zone_page_state().

I don't see anything that could block in there.

Livelocking? Or we're actually stuck somewhere else and the __mod_zone_page_state is misleading.

Can you try running with lockdep to see if anything pops up?

--
Cheers,

David