INFO: task syz-executor5:20720 blocked for more than 140 seconds.
Not tainted 4.19.0-rc8+ #295
oom_kill_process.cold.27+0x10/0x903 mm/oom_kill.c:953
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor5 D
18936 20720 5471 0x00000004
Call Trace:
out_of_memory+0xa84/0x1430 mm/oom_kill.c:1120
context_switch kernel/sched/core.c:2825 [inline]
__schedule+0x86c/0x1ed0 kernel/sched/core.c:3473
__alloc_pages_may_oom mm/page_alloc.c:3522 [inline]
__alloc_pages_slowpath+0x230f/0x2d70 mm/page_alloc.c:4235
__alloc_pages_nodemask+0xa80/0xde0 mm/page_alloc.c:4390
__alloc_pages include/linux/gfp.h:473 [inline]
__alloc_pages_node include/linux/gfp.h:486 [inline]
kmem_getpages mm/slab.c:1409 [inline]
cache_grow_begin+0x91/0x8c0 mm/slab.c:2677
schedule+0xfe/0x460 kernel/sched/core.c:3517
fallback_alloc+0x203/0x2e0 mm/slab.c:3219
____cache_alloc_node+0x1c7/0x1e0 mm/slab.c:3287
__do_cache_alloc mm/slab.c:3356 [inline]
slab_alloc mm/slab.c:3384 [inline]
kmem_cache_alloc+0x1f8/0x730 mm/slab.c:3552
getname_flags+0xd0/0x5a0 fs/namei.c:140
user_path_at_empty+0x2d/0x50 fs/namei.c:2608
user_path_at include/linux/namei.h:57 [inline]
vfs_statx+0x129/0x210 fs/stat.c:185
vfs_stat include/linux/fs.h:3113 [inline]
__do_sys_newstat+0x8f/0x110 fs/stat.c:337
__se_sys_newstat fs/stat.c:333 [inline]
__x64_sys_newstat+0x54/0x80 fs/stat.c:333
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fe4f930dc65
Code: Bad RIP value.
__lock_sock+0x1fb/0x350 net/core/sock.c:2312
RSP: 002b:00007ffe15b5b0e8 EFLAGS: 00000246
ORIG_RAX: 0000000000000004
RAX: ffffffffffffffda RBX: 00007ffe15b5b320 RCX: 00007fe4f930dc65
RDX: 00007ffe15b5b320 RSI: 00007ffe15b5b320 RDI: 0000000000407545
RBP: 0000000000000000 R08: 0000000000844240 R09: 0000000000000001
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff
R13: 00007ffe15b5b820 R14: 0000000000000000 R15: 0000000000000000
Mem-Info:
active_anon:133293 inactive_anon:112 isolated_anon:0
active_file:31 inactive_file:37 isolated_file:17
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:12016 slab_unreclaimable:1376893
mapped:49171 shmem:120 pagetables:977 bounce:0
free:24418 free_pcp:42 free_cma:0
Node 0 active_anon:533172kB inactive_anon:448kB active_file:124kB inactive_file:148kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:196684kB dirty:0kB writeback:0kB shmem:480kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 512000kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0
2819
6323 6323
Node 0 DMA32 free:43780kB min:30060kB low:37572kB high:45084kB active_anon:8192kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2890736kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]:
lock_sock_nested+0xfe/0x120 net/core/sock.c:2834
0 0 3503 3503
Node 0 Normal free:36932kB min:37352kB low:46688kB high:56024kB active_anon:524980kB inactive_anon:448kB active_file:200kB inactive_file:276kB unevictable:0kB writepending:0kB present:4718592kB managed:3588044kB mlocked:0kB kernel_stack:5856kB pagetables:3908kB bounce:0kB free_pcp:988kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]:
lock_sock include/net/sock.h:1491 [inline]
sctp_wait_for_connect+0x3ae/0x640 net/sctp/socket.c:8669
0
0
0
0
Node 0 DMA:
sctp_sendmsg_to_asoc+0x1d0f/0x2230 net/sctp/socket.c:1985
1*4kB
(U) 0*8kB 0*16kB 1*32kB (U)
2*64kB
(U) 1*128kB (U) 1*256kB
(U) 0*512kB 1*1024kB (U) 1*2048kB (M)
3*4096kB (M) = 15908kB
Node 0 DMA32: 5*4kB (ME) 2*8kB (UE) 4*16kB (UME)
3*32kB
(ME) 5*64kB (ME) 4*128kB (ME) 5*256kB (UME) 5*512kB (UME) 4*1024kB (UME) 3*2048kB (UME) 7*4096kB (M)
= 43780kB
Node 0
Normal:
879*4kB
(UMEH) 734*8kB (MH) 439*16kB
(MEH)
252*32kB (UMEH) 96*64kB (UMEH)
23*128kB (UMH) 3*256kB (UH) 0*512kB 1*1024kB (E) 1*2048kB (U) 0*4096kB = 37404kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
206 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
sctp_sendmsg+0x13c2/0x1da0 net/sctp/socket.c:2131
Free swap = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
342307 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
pid_3 1KB 7KB
inet_sendmsg+0x1a1/0x690 net/ipv4/af_inet.c:798
pid_2 137KB 164KB
TIPC 10KB 14KB
rds_tcp_connection 4KB 7KB
rds_connection 1KB 3KB
SCTPv6 14KB 18KB
sctp_chunk 1193137KB 1193137KB
sctp_bind_bucket 1KB 7KB
DCCPv6 17KB 21KB
DCCP 16KB 20KB
ccid2_hc_tx_sock 5KB 6KB
ccid2_hc_rx_sock 0KB 3KB
dccp_ackvec_record 0KB 3KB
dccp_ackvec 2KB 7KB
dccp_bind_bucket 0KB 4KB
kcm_mux_cache 1KB 7KB
bridge_fdb_cache 8KB 15KB
xfrm6_tunnel_spi 0KB 4KB
fib6_nodes 76KB 92KB
ip6_dst_cache 229KB 285KB
RAWv6 68KB 71KB
UDPv6 3KB 3KB
sock_sendmsg_nosec net/socket.c:621 [inline]
sock_sendmsg+0xd5/0x120 net/socket.c:631
TCPv6 23KB 29KB
__sys_sendto+0x3d7/0x670 net/socket.c:1788
nf_conntrack 63KB 157KB
ashmem_area_cache 0KB 3KB
AF_VSOCK 3KB 7KB
sd_ext_cdb 0KB 3KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 6KB
sgpool-32 2KB 7KB
sgpool-16 1KB 3KB
sgpool-8 0KB 3KB
mqueue_inode_cache 11KB 14KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 19KB
jfs_mp 7KB 7KB
fuse_request 5KB 16KB
nfs_commit_data 3KB 7KB
nfs_write_data 34KB 37KB
ecryptfs_sb_cache 0KB 3KB
ext4_system_zone 0KB 3KB
kioctx 3KB 7KB
aio_kiocb 1KB 8KB
userfaultfd_ctx_cache 4KB 7KB
bio-1 1KB 3KB
__do_sys_sendto net/socket.c:1800 [inline]
__se_sys_sendto net/socket.c:1796 [inline]
__x64_sys_sendto+0xe1/0x1a0 net/socket.c:1796
fasync_cache 0KB 4KB
do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
pid_namespace 5KB 11KB
posix_timers_cache 3KB 11KB
kvm_async_pf 0KB 3KB
rpc_buffers 19KB 19KB
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457569
Code: Bad RIP value.
RSP: 002b:00007fb9c5846c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457569
RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000007
rpc_tasks 2KB 3KB
RBP: 000000000072bf00 R08: 000000002005ffe4 R09: 000000000000001c
UNIX 18KB 18KB
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb9c58476d4
tcp_bind_bucket 21KB 32KB
R13: 00000000004c3921 R14: 00000000004d57d8 R15: 00000000ffffffff
inet_peer_cache 31KB 32KB
Showing all locks held in the system:
xfrm_state 28KB 32KB
5 locks held by init/1:
ip_fib_trie 12KB 15KB
ip_fib_alias 53KB 67KB
ip_dst_cache 151KB 252KB
1 lock held by khungtaskd/982:
RAW 40KB 43KB
#0:
UDP 16KB 19KB
TCP 8KB 16KB
hugetlbfs_inode_cache 2KB 7KB
fscache_cookie_jar 1KB 7KB
eventpoll_pwq 24KB 47KB
eventpoll_epi 45KB 78KB
inotify_inode_mark 44KB 74KB
request_queue 160KB 160KB
blkdev_requests 2KB 3KB
blkdev_ioc 10KB 19KB
bio-0 2606KB 2606KB
biovec-max 2268KB 2268KB
biovec-64 315KB 315KB
biovec-16 401KB 401KB
bio_integrity_payload 1KB 4KB
000000006eef302b
khugepaged_mm_slot 18KB 23KB
user_namespace 4KB 7KB
dmaengine-unmap-256 2KB 6KB
dmaengine-unmap-128 1KB 3KB
dmaengine-unmap-16 0KB 4KB
dmaengine-unmap-2 0KB 3KB
(rcu_read_lock
skbuff_fclone_cache 1011KB 1522KB
skbuff_head_cache 1194963KB 1194963KB
configfs_dir_cache 0KB 4KB
file_lock_cache 2KB 3KB
file_lock_ctx 1KB 7KB
){....}, at: debug_show_all_locks+0xd0/0x424 kernel/locking/lockdep.c:4435
2 locks held by udevd/3193:
#0:
fsnotify_mark_connector 26KB 43KB
0000000016fd6b99 (&mm->mmap_sem){++++}, at: __do_page_fault+0x3e3/0xed0 arch/x86/mm/fault.c:1324
#1: 00000000ee2d1c9d (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7a/0xad fs/ext4/inode.c:6258
net_namespace 51KB 51KB
shmem_inode_cache 4711KB 4934KB
task_delay_info 80KB 233KB
taskstats 122KB 153KB
proc_dir_entry 585KB 637KB
pde_opener 2KB 7KB
2 locks held by rs:main Q:Reg/5205:
#0: 00000000c714b746 (&mm->mmap_sem){++++}, at: __do_page_fault+0x3e3/0xed0 arch/x86/mm/fault.c:1324
#1: 000000006f94a4b4 (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7a/0xad fs/ext4/inode.c:6258
seq_file 276KB 334KB
2 locks held by rsyslogd/5207:
2 locks held by getty/5298:
sigqueue 363KB 370KB
kernfs_node_cache 11313KB 11359KB
#0: 000000000126994f (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
mnt_cache 113KB 144KB
filp 3575KB 4455KB
names_cache 91345KB 91345KB
#1: 000000002d2ae2a5 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
iint_cache 74KB 79KB
2 locks held by getty/5299:
key_jar 18KB 22KB
uts_namespace 3KB 3KB
#0: 00000000870951f2 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
nsproxy 4KB 7KB
#1: 000000005070b342 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
vm_area_struct 5747KB 8836KB
mm_struct 809KB 1670KB
2 locks held by getty/5300:
#0: 00000000f6d4f820 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
fs_cache 71KB 248KB
#1: 00000000e2d3fc7d (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
files_cache 267KB 510KB
signal_cache 628KB 1128KB
sighand_cache 376KB 409KB
2 locks held by getty/5301:
task_struct 2772KB 2772KB
#0: 00000000b4a6834d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
cred_jar 495KB 1492KB
anon_vma_chain 3403KB 4421KB
anon_vma 124KB 346KB
#1: 00000000d007680f (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
pid 55KB 140KB
Acpi-Operand 106KB 158KB
2 locks held by getty/5302:
Acpi-Namespace 19KB 23KB
#0: 00000000dd5ff8d7 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
shared_policy_node 0KB 3KB
#1: 00000000b84795ab (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
numa_policy 0KB 3KB
2 locks held by getty/5303:
#0: 0000000075a1b7d9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
debug_objects_cache 1056KB 1172KB
trace_event_file 258KB 258KB
ftrace_event_field 372KB 374KB
#1: 00000000398a9856 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
pool_workqueue 93KB 96KB
task_group 7KB 7KB
2 locks held by getty/5304:
#0: 000000001169963a (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 drivers/tty/tty_ldsem.c:353
page->ptl 1577KB 2945KB
kmalloc-4194304 8192KB 8192KB
kmalloc-2097152 2050KB 2050KB
#1: 00000000aca74135 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 drivers/tty/n_tty.c:2140
2 locks held by syz-fuzzer/5322:
kmalloc-524288 2056KB 2056KB
kmalloc-262144 1548KB 1548KB
kmalloc-131072 2860KB 2860KB
#0:
kmalloc-65536 20196KB 20196KB
kmalloc-32768 924KB 924KB
kmalloc-16384 924KB 924KB
kmalloc-8192 2301KB 2301KB
000000002f2d996a
kmalloc-4096 20344KB 20344KB
kmalloc-2048 10159KB 11672KB
(&mm->mmap_sem){++++}, at: __do_page_fault+0x3e3/0xed0 arch/x86/mm/fault.c:1324
#1: 000000002d891b1b (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7a/0xad fs/ext4/inode.c:6258
kmalloc-1024 7524KB 9142KB
kmalloc-512 2390730KB 2390730KB
2 locks held by syz-fuzzer/5324:
2 locks held by syz-fuzzer/5327:
kmalloc-256 1882KB 2366KB
#0:
kmalloc-128 1119KB 1326KB
000000002f2d996a (&mm->mmap_sem){++++}, at: __do_page_fault+0x3e3/0xed0 arch/x86/mm/fault.c:1324
kmalloc-96 2330KB 3464KB
#1: 000000002d891b1b (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7a/0xad fs/ext4/inode.c:6258
kmalloc-64 1317KB 1688KB
1 lock held by udevd/11824:
2 locks held by udevd/13604:
kmalloc-32 1832KB 1972KB
kmalloc-192 865KB 1096KB
#0: 0000000092a3f355 (&mm->mmap_sem){++++}, at: __do_page_fault+0x3e3/0xed0 arch/x86/mm/fault.c:1324
kmem_cache 290KB 292KB
Out of memory: Kill process 20649 (syz-executor4) score 1004 or sacrifice child
#1: 00000000ee2d1c9d (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7a/0xad fs/ext4/inode.c:6258
1 lock held by syz-executor5/20728:
#0: 00000000da551b2b (sk_lock-AF_INET6){+.+.}, at: lock_sock include/net/sock.h:1491 [inline]
#0: 00000000da551b2b (sk_lock-AF_INET6){+.+.}, at: sctp_sendmsg+0x1425/0x1da0 net/sctp/socket.c:2070
Killed process 20649 (syz-executor4) total-vm:70472kB, anon-rss:2216kB, file-rss:32640kB, shmem-rss:0kB
=============================================
NMI backtrace for cpu 0
CPU: 0 PID: 982 Comm: khungtaskd Not tainted 4.19.0-rc8+ #295
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1c4/0x2b6 lib/dump_stack.c:113
nmi_cpu_backtrace.cold.3+0x63/0xa2 lib/nmi_backtrace.c:101
nmi_trigger_cpumask_backtrace+0x1b3/0x1ed lib/nmi_backtrace.c:62
arch_trigger_cpumask_backtrace+0x14/0x20 arch/x86/kernel/apic/hw_nmi.c:38
trigger_all_cpu_backtrace include/linux/nmi.h:144 [inline]
check_hung_uninterruptible_tasks kernel/hung_task.c:204 [inline]
watchdog+0xb3e/0x1050 kernel/hung_task.c:265
kthread+0x35a/0x420 kernel/kthread.c:246
ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:413
Sending NMI from CPU 0 to CPUs 1:
INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 2.159 msecs
NMI backtrace for cpu 1
CPU: 1 PID: 5207 Comm: rsyslogd Not tainted 4.19.0-rc8+ #295
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:mmu_shrink_count+0x1/0x20 arch/x86/kvm/mmu.c:5861
Code: 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 e8 e7 38 6e 00 c6 05 30 7f 1d 09 00 5d c3 0f 1f 40 00 66 2e 0f 1f 84 00 00 00 00 00 55 <48> 89 e5 e8 c7 38 6e 00 48 8b 05 48 7e 1d 09 ba 00 00 00 00 48 85
RSP: 0000:ffff8801bdc5df80 EFLAGS: 00000246
RAX: ffffffff81107300 RBX: 0000000000000000 RCX: ffffffff81a672a5
RDX: 1ffffffff12599c4 RSI: ffff8801bdc5e240 RDI: ffffffff892cce20
RBP: ffff8801bdc5e178 R08: ffff8801be1f4600 R09: ffffed003b5e4732
R10: ffffed003b5e4732 R11: ffff8801daf23993 R12: ffff8801bdc5e240
R13: ffffffff892cce20 R14: 0000000000000080 R15: ffffffff892cce20
FS: 00007f4f14278700(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000041cbc7 CR3: 00000001be482000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
shrink_slab+0x389/0x8c0 mm/vmscan.c:696
shrink_node+0x431/0x16b0 mm/vmscan.c:2745
shrink_zones mm/vmscan.c:2974 [inline]
do_try_to_free_pages+0x3e7/0x1290 mm/vmscan.c:3036
try_to_free_pages+0x4d0/0xb90 mm/vmscan.c:3251
__perform_reclaim mm/page_alloc.c:3769 [inline]
__alloc_pages_direct_reclaim mm/page_alloc.c:3790 [inline]
__alloc_pages_slowpath+0x9c4/0x2d70 mm/page_alloc.c:4191
__alloc_pages_nodemask+0xa80/0xde0 mm/page_alloc.c:4390
alloc_pages_current+0x10c/0x210 mm/mempolicy.c:2093
alloc_pages include/linux/gfp.h:509 [inline]
__page_cache_alloc+0x38f/0x5b0 mm/filemap.c:946
__do_page_cache_readahead+0x383/0x980 mm/readahead.c:195
ra_submit mm/internal.h:66 [inline]
do_sync_mmap_readahead mm/filemap.c:2444 [inline]
filemap_fault+0xf4d/0x25f0 mm/filemap.c:2520
ext4_filemap_fault+0x82/0xad fs/ext4/inode.c:6259
__do_fault+0x100/0x6b0 mm/memory.c:3240
do_read_fault mm/memory.c:3652 [inline]
do_fault mm/memory.c:3752 [inline]
handle_pte_fault mm/memory.c:3983 [inline]
__handle_mm_fault+0x3709/0x53e0 mm/memory.c:4107
handle_mm_fault+0x54f/0xc70 mm/memory.c:4144
__do_page_fault+0x67d/0xed0 arch/x86/mm/fault.c:1395
do_page_fault+0xf2/0x7e0 arch/x86/mm/fault.c:1470
page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1161
RIP: 0033:0x41cbc7
Code: Bad RIP value.
RSP: 002b:00007f4f14277d50 EFLAGS: 00010203
RAX: 00000000025d16c8 RBX: 00000000025d15a0 RCX: 3937202020202020
RDX: 00000000424b3937 RSI: 00007f4f15aad5dd RDI: 00000000025d1702
RBP: 00000000025d16c8 R08: 686361635f746e69 R09: 2020202020202065
R10: 2020202020202020 R11: 202020424b343720 R12: 0000000000000000
R13: 000000000000003a R14: 00007f4f15aad5a3 R15: 00007f4f15aad30c