executing program syzkaller login: [ 17.185409] syzkaller407767 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 17.186560] syzkaller407767 cpuset=/ mems_allowed=0-1 [ 17.186983] CPU: 1 PID: 2976 Comm: syzkaller407767 Not tainted 4.14.0-rc5-next-20171018+ #8 [ 17.187737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 17.188492] Call Trace: [ 17.188738] dump_stack+0x194/0x257 [ 17.189069] ? arch_local_irq_restore+0x53/0x53 [ 17.189515] ? dump_header+0x1d9/0xe0e [ 17.190053] dump_header+0x28e/0xe0e [ 17.190420] ? pagefault_out_of_memory+0x152/0x152 [ 17.190815] ? check_noncircular+0x20/0x20 [ 17.191084] ? mark_lock+0x59f/0x13d0 [ 17.191369] ? print_irqtrace_events+0x270/0x270 [ 17.191765] ? __lock_acquire+0x6aa/0x3d50 [ 17.192067] ? find_held_lock+0x35/0x1d0 [ 17.192388] ? check_noncircular+0x20/0x20 [ 17.192754] ? task_will_free_mem+0x252/0xaa0 [ 17.193058] ? find_held_lock+0x35/0x1d0 [ 17.193440] ? ___ratelimit+0x30d/0x630 [ 17.193791] ? lock_downgrade+0x990/0x990 [ 17.194093] ? do_raw_spin_trylock+0x190/0x190 [ 17.194431] ? mark_held_locks+0xaf/0x100 [ 17.194790] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 17.195298] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.195754] ? trace_hardirqs_on+0xd/0x10 [ 17.196011] ? ___ratelimit+0x95/0x630 [ 17.196319] ? idr_get_free_cmn+0xfd0/0xfd0 [ 17.196608] ? check_noncircular+0x20/0x20 [ 17.197003] ? find_held_lock+0x138/0x1d0 [ 17.197399] oom_kill_process+0x86d/0x13c0 [ 17.197801] ? has_ns_capability_noaudit+0x163/0x2a0 [ 17.198366] ? lock_downgrade+0x990/0x990 [ 17.198763] ? oom_evaluate_task+0x480/0x480 [ 17.199197] ? security_capable_noaudit+0x8b/0xc0 [ 17.199673] ? has_ns_capability_noaudit+0x18c/0x2a0 [ 17.200137] ? has_capability+0x30/0x30 [ 17.200497] ? check_noncircular+0x20/0x20 [ 17.200909] ? has_capability_noaudit+0x24/0x30 [ 17.201347] ? oom_badness+0xd1/0x980 [ 17.201706] ? lock_release+0xa40/0xa40 [ 17.204509] ? do_try_to_free_pages+0xc53/0x1020 [ 17.204954] ? find_lock_task_mm+0x460/0x460 [ 17.205497] ? find_held_lock+0x35/0x1d0 [ 17.205885] ? out_of_memory+0xaa9/0x11d0 [ 17.206257] ? lock_downgrade+0x990/0x990 [ 17.206646] ? lock_release+0xa40/0xa40 [ 17.206998] ? lock_acquire+0x1d5/0x580 [ 17.208453] ? __alloc_pages_slowpath+0x1001/0x2db0 [ 17.208918] ? oom_evaluate_task+0x284/0x480 [ 17.209469] out_of_memory+0x7dc/0x11d0 [ 17.209716] ? trace_hardirqs_on+0xd/0x10 [ 17.210013] ? oom_killer_disable+0x310/0x310 [ 17.210363] ? mutex_trylock+0x23a/0x2d0 [ 17.210694] ? __ww_mutex_wakeup_for_backoff+0x240/0x240 [ 17.211118] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.211676] __alloc_pages_slowpath+0x1d9d/0x2db0 [ 17.212170] ? warn_alloc+0x2f0/0x2f0 [ 17.212534] ? load_balance+0x33b0/0x33b0 [ 17.212932] ? mark_held_locks+0xaf/0x100 [ 17.213334] ? _raw_spin_unlock_irq+0x27/0x70 [ 17.213770] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.214246] ? trace_hardirqs_on+0xd/0x10 [ 17.214626] ? mmdrop+0x18/0x30 [ 17.214952] ? check_noncircular+0x20/0x20 [ 17.216002] ? retint_kernel+0x10/0x10 [ 17.216379] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.216854] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.217364] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.217934] ? __might_sleep+0x95/0x190 [ 17.218516] __alloc_pages_nodemask+0x9fb/0xd80 [ 17.218962] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 17.219509] ? mark_held_locks+0xaf/0x100 [ 17.219900] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.220380] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.220828] ? retint_kernel+0x10/0x10 [ 17.221136] ? alloc_pages_current+0x2f/0x1e0 [ 17.221548] alloc_pages_current+0xb6/0x1e0 [ 17.221892] relay_open_buf.part.10+0x22e/0x9b0 [ 17.222283] relay_open+0x57a/0xa40 [ 17.222594] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 17.222974] ? __debugfs_create_file+0x2cc/0x3e0 [ 17.223426] ? debugfs_create_file+0x57/0x70 [ 17.223762] do_blk_trace_setup+0x4a4/0xcf0 [ 17.224093] ? blk_tracer_print_line+0x40/0x40 [ 17.224455] ? __might_sleep+0x95/0x190 [ 17.224763] ? kasan_check_write+0x14/0x20 [ 17.225381] ? _copy_from_user+0x99/0x110 [ 17.225697] blk_trace_setup+0xbd/0x180 [ 17.226000] ? do_blk_trace_setup+0xcf0/0xcf0 [ 17.226358] ? avc_has_extended_perms+0x6e5/0x12c0 [ 17.226743] sg_ioctl+0xc71/0x2d90 [ 17.227016] ? lock_release+0xa40/0xa40 [ 17.227393] ? sg_new_write.isra.20+0x830/0x830 [ 17.227916] ? avc_has_extended_perms+0x7fa/0x12c0 [ 17.228347] ? avc_ss_reset+0x110/0x110 [ 17.228679] ? __do_page_fault+0x64c/0xd60 [ 17.229015] ? lock_downgrade+0x990/0x990 [ 17.229362] ? handle_mm_fault+0x410/0x8d0 [ 17.229702] ? down_read_trylock+0xdb/0x170 [ 17.230089] ? __do_page_fault+0x31e/0xd60 [ 17.230505] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.231048] ? __do_page_fault+0x3d6/0xd60 [ 17.231529] ? rcu_note_context_switch+0x710/0x710 [ 17.232018] ? sg_new_write.isra.20+0x830/0x830 [ 17.232454] do_vfs_ioctl+0x1b1/0x1520 [ 17.232826] ? _cond_resched+0x14/0x30 [ 17.233201] ? ioctl_preallocate+0x2b0/0x2b0 [ 17.233616] ? selinux_capable+0x40/0x40 [ 17.234003] ? putname+0xf3/0x130 [ 17.234335] ? do_sys_open+0x320/0x6d0 [ 17.234718] ? security_file_ioctl+0x89/0xb0 [ 17.235134] SyS_ioctl+0x8f/0xc0 [ 17.235544] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 17.235988] RIP: 0033:0x439149 [ 17.236284] RSP: 002b:00007ffea4ba2668 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 [ 17.236991] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000439149 [ 17.237661] RDX: 000000002084cf90 RSI: 00000000c0481273 RDI: 0000000000000003 [ 17.238333] RBP: 0000000000000082 R08: 00000000000000fe R09: 0000000000000000 [ 17.238956] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 17.239720] R13: 0000000000401da0 R14: 0000000000401e30 R15: 0000000000000000 [ 17.240634] Mem-Info: [ 17.243831] active_anon:2186 inactive_anon:44 isolated_anon:0 [ 17.243831] active_file:74 inactive_file:0 isolated_file:0 [ 17.243831] unevictable:0 dirty:0 writeback:0 unstable:0 [ 17.243831] slab_reclaimable:4914 slab_unreclaimable:24832 [ 17.243831] mapped:43 shmem:50 pagetables:278 bounce:0 [ 17.243831] free:17691 free_pcp:181 free_cma:0 [ 17.247861] Node 0 active_anon:5036kB inactive_anon:120kB active_file:160kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 17.250516] Node 1 active_anon:3708kB inactive_anon:56kB active_file:136kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:164kB dirty:0kB writeback:0kB shmem:72kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 2048kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 17.261416] Node 0 DMA free:4168kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.264042] lowmem_reserve[]: 0 886 886 886 [ 17.264464] Node 0 DMA32 free:36280kB min:36540kB low:45672kB high:54804kB active_anon:5036kB inactive_anon:120kB active_file:160kB inactive_file:108kB unevictable:0kB writepending:0kB present:1032192kB managed:910076kB mlocked:0kB kernel_stack:1888kB pagetables:680kB bounce:0kB free_pcp:188kB local_pcp:68kB free_cma:0kB [ 17.266766] lowmem_reserve[]: 0 0 0 0 [ 17.267100] Node 1 DMA32 free:30316kB min:30400kB low:38000kB high:45600kB active_anon:3708kB inactive_anon:56kB active_file:240kB inactive_file:264kB unevictable:0kB writepending:0kB present:1048560kB managed:755260kB mlocked:0kB kernel_stack:1760kB pagetables:432kB bounce:0kB free_pcp:536kB local_pcp:0kB free_cma:0kB [ 17.279105] lowmem_reserve[]: 0 0 0 0 [ 17.279490] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 0*32kB 1*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 2*2048kB (UM) 0*4096kB = 4168kB [ 17.280480] Node 0 DMA32: 345*4kB (UME) 213*8kB (UME) 165*16kB (UME) 75*32kB (UME) 41*64kB (UME) 25*128kB (UM) 8*256kB (UME) 0*512kB 2*1024kB (UM) 1*2048kB (E) 4*4096kB (M) = 36476kB [ 17.281674] Node 1 DMA32: 146*4kB (UME) 166*8kB (UM) 97*16kB (UME) 64*32kB (ME) 27*64kB (ME) 13*128kB (UME) 6*256kB (UME) 5*512kB (UM) 5*1024kB (UME) 2*2048kB (M) 2*4096kB (M) = 30408kB [ 17.283051] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.284745] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.285405] 123 total pagecache pages [ 17.285712] 0 pages in swap cache [ 17.285961] Swap cache stats: add 0, delete 0, find 0/0 [ 17.287467] Free swap = 0kB [ 17.287730] Total swap = 0kB [ 17.287965] 524186 pages RAM [ 17.288256] 0 pages HighMem/MovableOnly [ 17.288625] 103875 pages reserved [ 17.289426] Unreclaimable slab info: [ 17.289802] Name Used Total [ 17.290415] TIPC 1KB 7KB [ 17.291186] SCTPv6 2KB 4KB [ 17.291756] DCCPv6 2KB 7KB [ 17.292371] DCCP 2KB 6KB [ 17.292980] fib6_nodes 0KB 4KB [ 17.293564] ip6_dst_cache 7KB 11KB [ 17.294174] RAWv6 13KB 19KB [ 17.294722] UDPv6 21KB 21KB [ 17.295212] TCPv6 2KB 5KB [ 17.295579] uhci_urb_priv 0KB 7KB [ 17.295984] scsi_sense_cache 52KB 68KB [ 17.296439] sd_ext_cdb 0KB 7KB [ 17.296935] virtio_scsi_cmd 16KB 16KB [ 17.297503] sgpool-128 38KB 38KB [ 17.297939] sgpool-64 21KB 25KB [ 17.298396] sgpool-32 22KB 39KB [ 17.298795] sgpool-16 16KB 22KB [ 17.299201] sgpool-8 107KB 127KB [ 17.299746] cfq_io_cq 13KB 19KB [ 17.300368] cfq_queue 16KB 23KB [ 17.300893] mqueue_inode_cache 1KB 7KB [ 17.301496] nfs_commit_data 3KB 14KB [ 17.301901] nfs_write_data 34KB 44KB [ 17.302346] jbd2_inode 2KB 7KB [ 17.302800] ext4_system_zone 0KB 7KB [ 17.303262] bio-1 1KB 7KB [ 17.303699] rpc_buffers 17KB 25KB [ 17.304127] rpc_tasks 2KB 7KB [ 17.304536] UNIX 402KB 402KB [ 17.304946] tcp_bind_bucket 0KB 4KB [ 17.305387] ip_fib_trie 0KB 3KB [ 17.305788] ip_fib_alias 1KB 3KB [ 17.306311] ip_dst_cache 11KB 11KB [ 17.306712] RAW 11KB 14KB [ 17.307163] UDP 21KB 26KB [ 17.307678] request_sock_TCP 3KB 3KB [ 17.308198] TCP 15KB 15KB [ 17.308647] hugetlbfs_inode_cache 1KB 7KB [ 17.309237] eventpoll_pwq 10KB 23KB [ 17.309666] eventpoll_epi 18KB 27KB [ 17.310160] inotify_inode_mark 2KB 11KB [ 17.310522] request_queue 33KB 39KB [ 17.310893] blkdev_ioc 15KB 19KB [ 17.311305] bio-0 158KB 172KB [ 17.311650] biovec-(1<<(21-12)) 387KB 387KB [ 17.312054] biovec-128 38KB 38KB [ 17.312426] biovec-64 23KB 47KB [ 17.312751] biovec-16 10KB 15KB [ 17.313116] khugepaged_mm_slot 0KB 3KB [ 17.313638] uid_cache 3KB 3KB [ 17.313970] dmaengine-unmap-2 0KB 3KB [ 17.314349] skbuff_fclone_cache 135KB 135KB [ 17.314733] skbuff_head_cache 5595KB 5595KB [ 17.315091] configfs_dir_cache 0KB 8KB [ 17.315783] file_lock_cache 146KB 146KB [ 17.316148] file_lock_ctx 1KB 7KB [ 17.316484] fsnotify_mark_connector 1KB 7KB [ 17.316865] shmem_inode_cache 858KB 866KB [ 17.317246] task_delay_info 233KB 280KB [ 17.317576] sigqueue 136KB 145KB [ 17.317915] kernfs_node_cache 2040KB 2047KB [ 17.318272] mnt_cache 14KB 24KB [ 17.318598] filp 2143KB 2452KB [ 17.318935] names_cache 25036KB 25079KB [ 17.319382] avc_node 3KB 7KB [ 17.319816] selinux_file_security 122KB 127KB [ 17.320195] selinux_inode_security 1285KB 1388KB [ 17.320551] key_jar 2KB 7KB [ 17.320894] nsproxy 0KB 3KB [ 17.321256] vm_area_struct 3837KB 4799KB [ 17.321584] mm_struct 990KB 1409KB [ 17.321926] fs_cache 271KB 324KB [ 17.322293] files_cache 643KB 791KB [ 17.322634] signal_cache 843KB 1106KB [ 17.322993] sighand_cache 411KB 450KB [ 17.323490] task_struct 2047KB 2149KB [ 17.323979] cred_jar 808KB 820KB [ 17.324490] anon_vma_chain 1277KB 2264KB [ 17.324982] anon_vma 221KB 273KB [ 17.325490] pid 147KB 196KB [ 17.325981] Acpi-Operand 160KB 209KB [ 17.326492] Acpi-ParseExt 1KB 19KB [ 17.326988] Acpi-Parse 49KB 67KB [ 17.327592] Acpi-State 63KB 90KB [ 17.328110] Acpi-Namespace 17KB 23KB [ 17.328610] numa_policy 0KB 3KB [ 17.329137] trace_event_file 139KB 139KB [ 17.329629] ftrace_event_field 245KB 252KB [ 17.330145] pool_workqueue 13KB 20KB [ 17.330653] page->ptl 629KB 1047KB [ 17.331179] kmalloc-262144 258KB 258KB [ 17.331973] kmalloc-131072 130KB 130KB [ 17.332478] kmalloc-65536 264KB 264KB [ 17.332804] kmalloc-32768 264KB 330KB [ 17.333154] kmalloc-16384 297KB 297KB [ 17.333495] kmalloc-8192 231KB 231KB [ 17.333834] kmalloc-4096 1861KB 1899KB [ 17.334168] kmalloc-2048 2530KB 2588KB [ 17.334499] kmalloc-1024 3287KB 3291KB [ 17.334822] kmalloc-512 966KB 1391KB [ 17.335157] kmalloc-256 615KB 780KB [ 17.335701] kmalloc-128 309KB 354KB [ 17.336202] kmalloc-96 230KB 308KB [ 17.336649] kmalloc-64 286KB 292KB [ 17.336971] kmalloc-32 501KB 921KB [ 17.337353] kmalloc-192 367KB 436KB [ 17.337685] kmem_cache 90KB 101KB [ 17.338027] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 17.338596] [ 1488] 0 1488 5316 113 90112 0 -1000 udevd [ 17.339165] [ 2735] 0 2735 2493 573 57344 0 0 dhclient [ 17.339792] [ 2862] 0 2862 14244 110 118784 0 0 rsyslogd [ 17.340307] [ 2901] 0 2901 4725 49 81920 0 0 cron [ 17.340792] [ 2927] 0 2927 12490 152 131072 0 -1000 sshd [ 17.341290] [ 2951] 0 2951 3694 41 73728 0 0 getty [ 17.341784] [ 2952] 0 2952 3694 41 77824 0 0 getty [ 17.342277] [ 2953] 0 2953 3694 42 73728 0 0 getty [ 17.342765] [ 2954] 0 2954 3694 41 73728 0 0 getty [ 17.343306] [ 2955] 0 2955 3694 42 73728 0 0 getty [ 17.343851] [ 2956] 0 2956 3694 39 77824 0 0 getty [ 17.344396] [ 2957] 0 2957 3649 39 69632 0 0 getty [ 17.344889] [ 2959] 0 2959 5315 114 86016 0 -1000 udevd [ 17.345385] [ 2960] 0 2960 5315 114 86016 0 -1000 udevd [ 17.345880] [ 2974] 0 2974 17820 197 184320 0 0 sshd [ 17.346377] [ 2976] 0 2976 4374 513 40960 0 0 syzkaller407767 [ 17.346926] Out of memory: Kill process 2735 (dhclient) score 1 or sacrifice child [ 17.347691] Killed process 2735 (dhclient) total-vm:9972kB, anon-rss:2292kB, file-rss:0kB, shmem-rss:0kB [ 17.512772] init invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 17.515427] init cpuset=/ mems_allowed=0-1 [ 17.515908] CPU: 0 PID: 1 Comm: init Not tainted 4.14.0-rc5-next-20171018+ #8 [ 17.516542] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 17.517394] Call Trace: [ 17.517628] dump_stack+0x194/0x257 [ 17.517956] ? arch_local_irq_restore+0x53/0x53 [ 17.518371] ? dump_header+0x1d9/0xe0e [ 17.518719] dump_header+0x28e/0xe0e [ 17.519061] ? pagefault_out_of_memory+0x152/0x152 [ 17.519573] ? print_irqtrace_events+0x270/0x270 [ 17.520002] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.520480] ? print_irqtrace_events+0x270/0x270 [ 17.520894] ? __lock_acquire+0x6aa/0x3d50 [ 17.521270] ? find_held_lock+0x35/0x1d0 [ 17.521642] ? check_noncircular+0x20/0x20 [ 17.522014] ? task_will_free_mem+0x252/0xaa0 [ 17.522414] ? find_held_lock+0x35/0x1d0 [ 17.522888] ? ___ratelimit+0x30d/0x630 [ 17.523295] ? lock_downgrade+0x990/0x990 [ 17.523689] ? do_raw_spin_trylock+0x190/0x190 [ 17.524101] ? mark_held_locks+0xaf/0x100 [ 17.524482] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 17.524957] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.525449] ? trace_hardirqs_on+0xd/0x10 [ 17.525842] ? ___ratelimit+0x95/0x630 [ 17.526242] ? idr_get_free_cmn+0xfd0/0xfd0 [ 17.526650] ? check_noncircular+0x20/0x20 [ 17.527019] ? find_held_lock+0x138/0x1d0 [ 17.528306] oom_kill_process+0x86d/0x13c0 [ 17.528695] ? has_ns_capability_noaudit+0x163/0x2a0 [ 17.529162] ? lock_downgrade+0x990/0x990 [ 17.529541] ? oom_evaluate_task+0x480/0x480 [ 17.529974] ? security_capable_noaudit+0x8b/0xc0 [ 17.530455] ? has_ns_capability_noaudit+0x18c/0x2a0 [ 17.530910] ? has_capability+0x30/0x30 [ 17.531892] ? check_noncircular+0x20/0x20 [ 17.532312] ? has_capability_noaudit+0x24/0x30 [ 17.532797] ? oom_badness+0xd1/0x980 [ 17.533146] ? lock_release+0xa40/0xa40 [ 17.533496] ? do_try_to_free_pages+0xc53/0x1020 [ 17.533965] ? find_lock_task_mm+0x460/0x460 [ 17.534372] ? find_held_lock+0x35/0x1d0 [ 17.534771] ? out_of_memory+0xaa9/0x11d0 [ 17.535169] ? lock_downgrade+0x990/0x990 [ 17.535708] ? lock_release+0xa40/0xa40 [ 17.536080] ? __alloc_pages_slowpath+0x1001/0x2db0 [ 17.536550] ? oom_evaluate_task+0x284/0x480 [ 17.536953] out_of_memory+0x7dc/0x11d0 [ 17.537307] ? trace_hardirqs_on+0xd/0x10 [ 17.537697] ? oom_killer_disable+0x310/0x310 [ 17.538154] ? mutex_trylock+0x23a/0x2d0 [ 17.538563] ? __ww_mutex_wakeup_for_backoff+0x240/0x240 [ 17.539085] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.539757] __alloc_pages_slowpath+0x1d9d/0x2db0 [ 17.540204] ? __radix_tree_insert+0x7b0/0x7b0 [ 17.540641] ? warn_alloc+0x2f0/0x2f0 [ 17.540995] ? find_get_entry+0x513/0x9e0 [ 17.541372] ? lock_downgrade+0x990/0x990 [ 17.541748] ? __lock_is_held+0xb6/0x140 [ 17.542122] ? find_get_entry+0x53c/0x9e0 [ 17.542491] ? check_noncircular+0x20/0x20 [ 17.542871] ? __lock_acquire+0x6aa/0x3d50 [ 17.543355] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.543856] ? __radix_tree_lookup+0x435/0x5e0 [ 17.544304] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.545433] ? __page_cache_alloc+0x12d/0x500 [ 17.545876] ? __might_sleep+0x95/0x190 [ 17.546234] __alloc_pages_nodemask+0x9fb/0xd80 [ 17.546654] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 17.547105] ? add_to_page_cache_lru+0x510/0x510 [ 17.547550] ? check_noncircular+0x20/0x20 [ 17.547930] ? check_noncircular+0x20/0x20 [ 17.548317] ? __lock_acquire+0x6aa/0x3d50 [ 17.548700] ? radix_tree_next_chunk+0x5e8/0xdf0 [ 17.549151] alloc_pages_current+0xb6/0x1e0 [ 17.549555] __page_cache_alloc+0x334/0x500 [ 17.549946] ? rcu_read_lock_held+0xa9/0xc0 [ 17.550337] ? trace_event_raw_event_file_check_and_advance_wb_err+0x490/0x490 [ 17.551001] filemap_fault+0xf32/0x1d30 [ 17.551497] ? __lock_page_or_retry+0x4f0/0x4f0 [ 17.551928] ? filemap_map_pages+0x942/0x15d0 [ 17.552349] ? find_get_entries_tag+0xeb0/0xeb0 [ 17.552785] ? check_noncircular+0x20/0x20 [ 17.553162] ? __lock_acquire+0x6aa/0x3d50 [ 17.555633] ? __lock_acquire+0x6aa/0x3d50 [ 17.556029] ? check_noncircular+0x20/0x20 [ 17.556432] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.556916] ? lock_acquire+0x1d5/0x580 [ 17.557277] ? lock_acquire+0x1d5/0x580 [ 17.557640] ? ext4_filemap_fault+0x7a/0xad [ 17.558038] ? lock_release+0xa40/0xa40 [ 17.558402] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.559091] ? __sigqueue_free.part.16+0x51/0x60 [ 17.559534] ? rcu_note_context_switch+0x710/0x710 [ 17.559978] ? kmem_cache_free+0x249/0x280 [ 17.560367] ? __might_sleep+0x95/0x190 [ 17.560742] ? down_read+0x96/0x150 [ 17.561077] ? ext4_filemap_fault+0x7a/0xad [ 17.561473] ? __down_interruptible+0x6b0/0x6b0 [ 17.561910] ? rcu_pm_notify+0xc0/0xc0 [ 17.562274] ext4_filemap_fault+0x82/0xad [ 17.562657] __do_fault+0xeb/0x30f [ 17.562990] ? find_held_lock+0x35/0x1d0 [ 17.563480] ? pte_offset_kernel+0xc7/0xc7 [ 17.563883] ? check_noncircular+0x20/0x20 [ 17.564282] __handle_mm_fault+0x1b9b/0x39c0 [ 17.564692] ? __pmd_alloc+0x4e0/0x4e0 [ 17.565055] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.565516] ? find_held_lock+0x35/0x1d0 [ 17.565901] ? handle_mm_fault+0x248/0x8d0 [ 17.566299] ? lock_downgrade+0x990/0x990 [ 17.566971] handle_mm_fault+0x334/0x8d0 [ 17.567358] ? down_read_trylock+0xdb/0x170 [ 17.567750] ? __do_page_fault+0x31e/0xd60 [ 17.568138] ? __handle_mm_fault+0x39c0/0x39c0 [ 17.568558] ? vmacache_find+0x5f/0x280 [ 17.568926] ? find_vma+0x30/0x150 [ 17.569257] __do_page_fault+0x5bd/0xd60 [ 17.569644] ? mm_fault_error+0x2c0/0x2c0 [ 17.570026] ? exit_to_usermode_loop+0x8c/0x310 [ 17.570537] do_page_fault+0xee/0x720 [ 17.570890] ? __do_page_fault+0xd60/0xd60 [ 17.571281] ? kasan_check_write+0x14/0x20 [ 17.571682] ? syscall_return_slowpath+0x2b3/0x510 [ 17.572131] ? prepare_exit_to_usermode+0x2d0/0x2d0 [ 17.572589] ? return_from_SYSCALL_64+0x2d/0x7a [ 17.573024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 17.573470] do_async_page_fault+0x82/0x110 [ 17.573869] async_page_fault+0x22/0x30 [ 17.574351] RIP: 0033:0x402a80 [ 17.574639] RSP: 002b:00007fff8a91e938 EFLAGS: 00010246 [ 17.575124] RAX: 0000000000000000 RBX: 00007fff8a91ef40 RCX: 00007fc119f2add3 [ 17.575779] RDX: 00007fff8a91e940 RSI: 00007fff8a91ea70 RDI: 0000000000000011 [ 17.576428] RBP: 00007fff8a91f0f0 R08: 00007fff8a91f170 R09: 0000000000000001 [ 17.577076] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 17.577725] R13: 00007fff8a91f4d0 R14: 0000000000000000 R15: 0000000000000000 [ 17.578480] Mem-Info: [ 17.578710] active_anon:1613 inactive_anon:44 isolated_anon:0 [ 17.578710] active_file:60 inactive_file:118 isolated_file:29 [ 17.578710] unevictable:0 dirty:0 writeback:0 unstable:0 [ 17.578710] slab_reclaimable:4914 slab_unreclaimable:24860 [ 17.578710] mapped:2 shmem:50 pagetables:269 bounce:0 [ 17.578710] free:17634 free_pcp:0 free_cma:0 [ 17.581913] Node 0 active_anon:2744kB inactive_anon:120kB active_file:204kB inactive_file:124kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:12kB dirty:0kB writeback:0kB shmem:128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 17.584368] Node 1 active_anon:3708kB inactive_anon:56kB active_file:36kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:72kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 2048kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 17.586748] Node 0 DMA free:4168kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.589119] lowmem_reserve[]: 0 886 886 886 [ 17.589527] Node 0 DMA32 free:36328kB min:36540kB low:45672kB high:54804kB active_anon:2744kB inactive_anon:120kB active_file:0kB inactive_file:340kB unevictable:0kB writepending:0kB present:1032192kB managed:910076kB mlocked:0kB kernel_stack:1856kB pagetables:644kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.592475] lowmem_reserve[]: 0 0 0 0 [ 17.592839] Node 1 DMA32 free:30012kB min:30400kB low:38000kB high:45600kB active_anon:3708kB inactive_anon:56kB active_file:0kB inactive_file:112kB unevictable:0kB writepending:0kB present:1048560kB managed:755260kB mlocked:0kB kernel_stack:1760kB pagetables:432kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.595375] lowmem_reserve[]: 0 0 0 0 [ 17.595746] Node 0 DMA: 0*4kB 1*8kB (U) 0*16kB 0*32kB 1*64kB (U) 0*128kB 0*256kB 0*512kB 0*1024kB 2*2048kB (UM) 0*4096kB = 4168kB [ 17.596904] Node 0 DMA32: 320*4kB (ME) 193*8kB (UME) 148*16kB (UME) 98*32kB (UME) 57*64kB (ME) 27*128kB (M) 7*256kB (ME) 2*512kB (UM) 2*1024kB (UM) 2*2048kB (UE) 3*4096kB (M) = 36680kB [ 17.598731] Node 1 DMA32: 220*4kB (UME) 155*8kB (M) 93*16kB (UME) 62*32kB (ME) 26*64kB (ME) 13*128kB (ME) 7*256kB (UME) 4*512kB (M) 5*1024kB (UME) 2*2048kB (M) 2*4096kB (M) = 30168kB [ 17.600341] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.601139] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.601907] 130 total pagecache pages [ 17.602291] 0 pages in swap cache [ 17.602621] Swap cache stats: add 0, delete 0, find 0/0 [ 17.603142] Free swap = 0kB [ 17.603511] Total swap = 0kB [ 17.603789] 524186 pages RAM [ 17.604089] 0 pages HighMem/MovableOnly [ 17.604333] 103875 pages reserved [ 17.604569] Unreclaimable slab info: [ 17.604823] Name Used Total [ 17.605221] TIPC 1KB 7KB [ 17.605556] SCTPv6 2KB 4KB [ 17.605891] DCCPv6 2KB 7KB [ 17.606393] DCCP 2KB 6KB [ 17.606922] fib6_nodes 0KB 4KB [ 17.607558] ip6_dst_cache 7KB 11KB [ 17.608088] RAWv6 13KB 19KB [ 17.608595] UDPv6 21KB 21KB [ 17.609400] TCPv6 2KB 5KB [ 17.609909] uhci_urb_priv 0KB 7KB [ 17.610437] scsi_sense_cache 52KB 68KB [ 17.610933] sd_ext_cdb 0KB 7KB [ 17.611523] virtio_scsi_cmd 16KB 16KB [ 17.612057] sgpool-128 51KB 51KB [ 17.612553] sgpool-64 21KB 25KB [ 17.613079] sgpool-32 22KB 39KB [ 17.613562] sgpool-16 16KB 22KB [ 17.614076] sgpool-8 107KB 127KB [ 17.614565] cfq_io_cq 13KB 19KB [ 17.615075] cfq_queue 16KB 23KB [ 17.615636] mqueue_inode_cache 1KB 7KB [ 17.616153] nfs_commit_data 3KB 14KB [ 17.616640] nfs_write_data 34KB 44KB [ 17.617174] jbd2_inode 2KB 7KB [ 17.617671] ext4_system_zone 0KB 7KB [ 17.618206] bio-1 1KB 7KB [ 17.618710] rpc_buffers 17KB 25KB [ 17.619391] rpc_tasks 2KB 7KB [ 17.619915] UNIX 402KB 402KB [ 17.620451] tcp_bind_bucket 0KB 4KB [ 17.620966] ip_fib_trie 0KB 3KB [ 17.621496] ip_fib_alias 1KB 3KB [ 17.622031] ip_dst_cache 11KB 11KB [ 17.622608] RAW 11KB 14KB [ 17.623147] UDP 21KB 26KB [ 17.623652] request_sock_TCP 3KB 3KB [ 17.624180] TCP 15KB 15KB [ 17.624685] hugetlbfs_inode_cache 1KB 7KB [ 17.625243] eventpoll_pwq 10KB 23KB [ 17.625744] eventpoll_epi 18KB 27KB [ 17.626273] inotify_inode_mark 2KB 11KB [ 17.626786] request_queue 33KB 39KB [ 17.627456] blkdev_ioc 15KB 19KB [ 17.627798] bio-0 158KB 172KB [ 17.628147] biovec-(1<<(21-12)) 387KB 387KB [ 17.628481] biovec-128 44KB 44KB [ 17.628809] biovec-64 23KB 47KB [ 17.629215] biovec-16 10KB 15KB [ 17.629747] khugepaged_mm_slot 0KB 3KB [ 17.630279] uid_cache 3KB 3KB [ 17.631072] dmaengine-unmap-2 0KB 3KB [ 17.631708] skbuff_fclone_cache 135KB 135KB [ 17.632237] skbuff_head_cache 5595KB 5595KB [ 17.632722] configfs_dir_cache 0KB 8KB [ 17.633247] file_lock_cache 146KB 146KB [ 17.633735] file_lock_ctx 1KB 7KB [ 17.634252] fsnotify_mark_connector 1KB 7KB [ 17.634786] shmem_inode_cache 858KB 866KB [ 17.635447] task_delay_info 233KB 280KB [ 17.635938] sigqueue 136KB 145KB [ 17.636461] kernfs_node_cache 2040KB 2047KB [ 17.636956] mnt_cache 14KB 24KB [ 17.637481] filp 2143KB 2452KB [ 17.637969] names_cache 25036KB 25079KB [ 17.638486] avc_node 3KB 7KB [ 17.638975] selinux_file_security 122KB 127KB [ 17.639898] selinux_inode_security 1285KB 1388KB [ 17.640482] key_jar 2KB 7KB [ 17.640973] nsproxy 0KB 3KB [ 17.641485] vm_area_struct 3837KB 4799KB [ 17.641973] mm_struct 990KB 1409KB [ 17.642485] fs_cache 271KB 324KB [ 17.642978] files_cache 643KB 791KB [ 17.643667] signal_cache 843KB 1106KB [ 17.644186] sighand_cache 411KB 450KB [ 17.644687] task_struct 2047KB 2149KB [ 17.645208] cred_jar 808KB 820KB [ 17.645709] anon_vma_chain 1277KB 2264KB [ 17.646226] anon_vma 221KB 273KB [ 17.646727] pid 147KB 196KB [ 17.647508] Acpi-Operand 160KB 209KB [ 17.648047] Acpi-ParseExt 1KB 19KB [ 17.648655] Acpi-Parse 49KB 67KB [ 17.649184] Acpi-State 63KB 90KB [ 17.649682] Acpi-Namespace 17KB 23KB [ 17.650168] numa_policy 0KB 3KB [ 17.650494] trace_event_file 139KB 139KB [ 17.650826] ftrace_event_field 245KB 252KB [ 17.651271] pool_workqueue 13KB 20KB [ 17.659463] page->ptl 629KB 1047KB [ 17.659927] kmalloc-262144 258KB 258KB [ 17.660438] kmalloc-131072 130KB 130KB [ 17.660911] kmalloc-65536 264KB 264KB [ 17.661401] kmalloc-32768 264KB 330KB [ 17.661874] kmalloc-16384 297KB 297KB [ 17.662568] kmalloc-8192 231KB 231KB [ 17.663103] kmalloc-4096 1861KB 1899KB [ 17.663620] kmalloc-2048 2530KB 2588KB [ 17.666715] kmalloc-1024 3292KB 3299KB [ 17.668826] kmalloc-512 966KB 1391KB [ 17.670483] kmalloc-256 615KB 780KB [ 17.670986] kmalloc-128 309KB 354KB [ 17.672647] kmalloc-96 230KB 308KB [ 17.673178] kmalloc-64 286KB 292KB [ 17.673673] kmalloc-32 501KB 921KB [ 17.674241] kmalloc-192 367KB 436KB [ 17.674741] kmem_cache 90KB 101KB [ 17.677807] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 17.678611] [ 1488] 0 1488 5316 113 90112 0 -1000 udevd [ 17.679360] [ 2862] 0 2862 14244 109 118784 0 0 rsyslogd [ 17.680068] [ 2901] 0 2901 4725 49 81920 0 0 cron [ 17.680737] [ 2927] 0 2927 12490 152 131072 0 -1000 sshd [ 17.681427] [ 2951] 0 2951 3694 41 73728 0 0 getty [ 17.682119] [ 2952] 0 2952 3694 41 77824 0 0 getty [ 17.682814] [ 2953] 0 2953 3694 42 73728 0 0 getty [ 17.684052] [ 2954] 0 2954 3694 41 73728 0 0 getty [ 17.684802] [ 2955] 0 2955 3694 42 73728 0 0 getty [ 17.685569] [ 2956] 0 2956 3694 39 77824 0 0 getty [ 17.686278] [ 2957] 0 2957 3649 39 69632 0 0 getty [ 17.686957] [ 2959] 0 2959 5315 114 86016 0 -1000 udevd [ 17.688094] [ 2960] 0 2960 5315 114 86016 0 -1000 udevd [ 17.688873] [ 2974] 0 2974 17820 197 184320 0 0 sshd [ 17.689630] [ 2976] 0 2976 4374 513 40960 0 0 syzkaller407767 [ 17.690776] Out of memory: Kill process 2976 (syzkaller407767) score 1 or sacrifice child [ 17.691524] Killed process 2976 (syzkaller407767) total-vm:17496kB, anon-rss:2052kB, file-rss:0kB, shmem-rss:0kB [ 17.699730] oom_reaper: reaped process 2976 (syzkaller407767), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 17.705281] rsyslogd invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 17.706518] rsyslogd cpuset=/ mems_allowed=0-1 [ 17.706976] CPU: 1 PID: 2868 Comm: rsyslogd Not tainted 4.14.0-rc5-next-20171018+ #8 [ 17.707758] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 17.708530] Call Trace: [ 17.708789] dump_stack+0x194/0x257 [ 17.709148] ? arch_local_irq_restore+0x53/0x53 [ 17.709607] ? dump_header+0x1d9/0xe0e [ 17.709994] dump_header+0x28e/0xe0e [ 17.710366] ? pagefault_out_of_memory+0x152/0x152 [ 17.710839] ? check_noncircular+0x20/0x20 [ 17.711266] ? print_irqtrace_events+0x270/0x270 [ 17.711734] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.712245] ? print_irqtrace_events+0x270/0x270 [ 17.712708] ? __lock_acquire+0x6aa/0x3d50 [ 17.713136] ? find_held_lock+0x35/0x1d0 [ 17.713539] ? check_noncircular+0x20/0x20 [ 17.713957] ? task_will_free_mem+0x252/0xaa0 [ 17.714393] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.714911] ? find_held_lock+0x35/0x1d0 [ 17.715346] ? ___ratelimit+0x30d/0x630 [ 17.715721] ? lock_downgrade+0x990/0x990 [ 17.716423] ? do_raw_spin_trylock+0x190/0x190 [ 17.716851] ? mark_held_locks+0xaf/0x100 [ 17.717237] ? _raw_spin_unlock_irqrestore+0x31/0xba [ 17.717712] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.718178] ? trace_hardirqs_on+0xd/0x10 [ 17.718579] ? ___ratelimit+0x95/0x630 [ 17.718951] ? idr_get_free_cmn+0xfd0/0xfd0 [ 17.719396] ? check_noncircular+0x20/0x20 [ 17.719798] ? find_held_lock+0x138/0x1d0 [ 17.720202] oom_kill_process+0x86d/0x13c0 [ 17.720620] ? has_ns_capability_noaudit+0x163/0x2a0 [ 17.721118] ? check_noncircular+0x20/0x20 [ 17.721528] ? oom_evaluate_task+0x480/0x480 [ 17.721963] ? security_capable_noaudit+0x8b/0xc0 [ 17.722432] ? find_held_lock+0x35/0x1d0 [ 17.722830] ? check_noncircular+0x20/0x20 [ 17.723263] ? oom_unkillable_task+0x394/0x4c0 [ 17.723710] ? lock_downgrade+0x990/0x990 [ 17.724104] ? lock_release+0xa40/0xa40 [ 17.724479] ? do_try_to_free_pages+0xc53/0x1020 [ 17.724930] ? find_lock_task_mm+0x460/0x460 [ 17.725354] ? find_held_lock+0x35/0x1d0 [ 17.725742] ? out_of_memory+0xaa9/0x11d0 [ 17.726139] ? lock_downgrade+0x990/0x990 [ 17.726531] ? lock_release+0xa40/0xa40 [ 17.726907] ? __alloc_pages_slowpath+0x1001/0x2db0 [ 17.727424] ? oom_evaluate_task+0x284/0x480 [ 17.727842] out_of_memory+0x7dc/0x11d0 [ 17.728216] ? trace_hardirqs_on+0xd/0x10 [ 17.728615] ? oom_killer_disable+0x310/0x310 [ 17.729029] ? mutex_trylock+0x23a/0x2d0 [ 17.729417] ? __ww_mutex_wakeup_for_backoff+0x240/0x240 [ 17.729918] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.730478] __alloc_pages_slowpath+0x1d9d/0x2db0 [ 17.730938] ? __radix_tree_insert+0x7b0/0x7b0 [ 17.731418] ? warn_alloc+0x2f0/0x2f0 [ 17.731777] ? find_get_entry+0x513/0x9e0 [ 17.732169] ? lock_downgrade+0x990/0x990 [ 17.732571] ? __lock_is_held+0xb6/0x140 [ 17.732972] ? find_get_entry+0x53c/0x9e0 [ 17.733363] ? check_noncircular+0x20/0x20 [ 17.733777] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.734268] ? __radix_tree_lookup+0x435/0x5e0 [ 17.734748] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.735320] ? __page_cache_alloc+0x12d/0x500 [ 17.735738] ? __might_sleep+0x95/0x190 [ 17.736106] __alloc_pages_nodemask+0x9fb/0xd80 [ 17.736536] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 17.736995] ? add_to_page_cache_lru+0x510/0x510 [ 17.737700] ? check_noncircular+0x20/0x20 [ 17.738084] ? check_noncircular+0x20/0x20 [ 17.738475] ? __lock_acquire+0x6aa/0x3d50 [ 17.738857] ? radix_tree_next_chunk+0x5e8/0xdf0 [ 17.739335] alloc_pages_current+0xb6/0x1e0 [ 17.739761] __page_cache_alloc+0x334/0x500 [ 17.740153] ? rcu_read_lock_held+0xa9/0xc0 [ 17.740553] ? trace_event_raw_event_file_check_and_advance_wb_err+0x490/0x490 [ 17.741225] filemap_fault+0xf32/0x1d30 [ 17.741594] ? unlock_page+0x19f/0x270 [ 17.741965] ? __lock_page_or_retry+0x4f0/0x4f0 [ 17.742406] ? filemap_map_pages+0x942/0x15d0 [ 17.742842] ? find_get_entries_tag+0xeb0/0xeb0 [ 17.743311] ? __is_insn_slot_addr+0x1fc/0x330 [ 17.743765] ? check_noncircular+0x20/0x20 [ 17.744159] ? __lock_acquire+0x6aa/0x3d50 [ 17.744544] ? __lock_acquire+0x6aa/0x3d50 [ 17.744925] ? __lock_acquire+0x6aa/0x3d50 [ 17.745316] ? check_noncircular+0x20/0x20 [ 17.745743] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 17.746242] ? lock_acquire+0x1d5/0x580 [ 17.746616] ? lock_acquire+0x1d5/0x580 [ 17.746985] ? ext4_filemap_fault+0x7a/0xad [ 17.747436] ? lock_release+0xa40/0xa40 [ 17.747796] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.748139] syzkaller407767: page allocation failure: order:0, mode:0x14000c0(GFP_KERNEL), nodemask=(null) [ 17.748160] syzkaller407767 cpuset=/ mems_allowed=0-1 [ 17.749492] ? ext4_filemap_fault+0x8d/0xad [ 17.749869] ? rcu_note_context_switch+0x710/0x710 [ 17.750297] ? lock_downgrade+0x990/0x990 [ 17.750700] ? __might_sleep+0x95/0x190 [ 17.751054] ? down_read+0x96/0x150 [ 17.751390] ? ext4_filemap_fault+0x7a/0xad [ 17.751804] ? __down_interruptible+0x6b0/0x6b0 [ 17.752247] ext4_filemap_fault+0x82/0xad [ 17.752619] __do_fault+0xeb/0x30f [ 17.752928] ? do_raw_spin_trylock+0x190/0x190 [ 17.753323] ? pte_offset_kernel+0xc7/0xc7 [ 17.753682] ? entry_SYSCALL_64_fastpath+0x1f/0xbe [ 17.754117] ? check_noncircular+0x20/0x20 [ 17.754494] __handle_mm_fault+0x1b9b/0x39c0 [ 17.754888] ? __pmd_alloc+0x4e0/0x4e0 [ 17.755259] ? check_noncircular+0x20/0x20 [ 17.755632] ? find_held_lock+0x35/0x1d0 [ 17.756009] ? handle_mm_fault+0x248/0x8d0 [ 17.756382] ? lock_downgrade+0x990/0x990 [ 17.756771] handle_mm_fault+0x334/0x8d0 [ 17.757119] ? down_read_trylock+0xdb/0x170 [ 17.757502] ? __do_page_fault+0x31e/0xd60 [ 17.757874] ? __handle_mm_fault+0x39c0/0x39c0 [ 17.758280] ? vmacache_find+0x5f/0x280 [ 17.758666] ? find_vma+0x30/0x150 [ 17.759003] __do_page_fault+0x5bd/0xd60 [ 17.759397] ? __mutex_unlock_slowpath+0xe9/0xac0 [ 17.759850] ? mm_fault_error+0x2c0/0x2c0 [ 17.760517] ? _cond_resched+0x14/0x30 [ 17.760878] ? __inode_security_revalidate+0xd9/0x130 [ 17.761336] ? __fsnotify_parent+0xb4/0x3a0 [ 17.761713] ? avc_policy_seqno+0x9/0x20 [ 17.762087] do_page_fault+0xee/0x720 [ 17.762424] ? security_file_permission+0x89/0x1e0 [ 17.762862] ? __do_page_fault+0xd60/0xd60 [ 17.763257] ? rw_verify_area+0xe5/0x2b0 [ 17.763637] ? __fdget_raw+0x20/0x20 [ 17.763997] ? fput+0xd2/0x140 [ 17.764288] ? SyS_read+0x184/0x220 [ 17.764614] ? retint_user+0x18/0x23 [ 17.764959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 17.765402] do_async_page_fault+0x82/0x110 [ 17.765787] async_page_fault+0x22/0x30 [ 17.766144] RIP: 0033:0x7f2005963209 [ 17.766480] RSP: 002b:00007f2002f02e30 EFLAGS: 00010297 [ 17.766979] RAX: 0000000000000000 RBX: 0000000001b09650 RCX: 00007f20059631fd [ 17.767703] RDX: 0000000000000fe1 RSI: 00007f20047375a0 RDI: 0000000000000000 [ 17.768375] RBP: 0000000000000000 R08: 0000000001af4260 R09: 0000000000000000 [ 17.769044] R10: 646165722073656d R11: 0000000000000000 R12: 000000000065e420 [ 17.769715] R13: 00007f2002f039c0 R14: 00007f2005fa8040 R15: 0000000000000003 [ 17.770456] Mem-Info: [ 17.770735] active_anon:1082 inactive_anon:44 isolated_anon:0 [ 17.770735] active_file:28 inactive_file:25 isolated_file:0 [ 17.770735] unevictable:0 dirty:0 writeback:0 unstable:0 [ 17.770735] slab_reclaimable:4915 slab_unreclaimable:24778 [ 17.770735] mapped:2 shmem:50 pagetables:255 bounce:0 [ 17.770735] free:9349 free_pcp:101 free_cma:0 [ 17.773666] Node 0 active_anon:2720kB inactive_anon:120kB active_file:80kB inactive_file:80kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 17.776087] Node 1 active_anon:1608kB inactive_anon:56kB active_file:28kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:72kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 17.778441] Node 0 DMA free:3860kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.779396] CPU: 2 PID: 2976 Comm: syzkaller407767 Not tainted 4.14.0-rc5-next-20171018+ #8 [ 17.779400] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 17.779402] Call Trace: [ 17.779414] dump_stack+0x194/0x257 [ 17.779424] ? arch_local_irq_restore+0x53/0x53 [ 17.779431] ? del_timer_sync+0xeb/0x240 [ 17.779446] warn_alloc+0x1c2/0x2f0 [ 17.779455] ? zone_watermark_ok_safe+0x400/0x400 [ 17.779467] ? call_timer_fn+0x830/0x830 [ 17.779480] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.779499] __alloc_pages_slowpath+0x25b5/0x2db0 [ 17.779539] ? warn_alloc+0x2f0/0x2f0 [ 17.779553] ? load_balance+0x33b0/0x33b0 [ 17.779562] ? print_irqtrace_events+0x270/0x270 [ 17.779574] ? print_irqtrace_events+0x270/0x270 [ 17.779579] ? mark_held_locks+0xaf/0x100 [ 17.779587] ? _raw_spin_unlock_irq+0x27/0x70 [ 17.779596] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.779603] ? trace_hardirqs_on+0xd/0x10 [ 17.779621] ? check_noncircular+0x20/0x20 [ 17.779633] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.779640] ? retint_kernel+0x10/0x10 [ 17.779649] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.779657] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.779700] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.779718] ? __might_sleep+0x95/0x190 [ 17.779730] __alloc_pages_nodemask+0x9fb/0xd80 [ 17.779744] ? __alloc_pages_slowpath+0x2db0/0x2db0 [ 17.779752] ? mark_held_locks+0xaf/0x100 [ 17.779760] ? retint_kernel+0x10/0x10 [ 17.779768] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 17.779776] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 17.779791] ? retint_kernel+0x10/0x10 [ 17.779807] ? get_task_policy.part.37+0x1e/0x90 [ 17.779823] alloc_pages_current+0xb6/0x1e0 [ 17.779835] relay_open_buf.part.10+0x22e/0x9b0 [ 17.779855] relay_open+0x57a/0xa40 [ 17.779868] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 17.779878] ? __debugfs_create_file+0x2cc/0x3e0 [ 17.779892] ? debugfs_create_file+0x57/0x70 [ 17.779903] do_blk_trace_setup+0x4a4/0xcf0 [ 17.779916] ? blk_tracer_print_line+0x40/0x40 [ 17.779924] ? __might_sleep+0x95/0x190 [ 17.779939] ? kasan_check_write+0x14/0x20 [ 17.779945] ? _copy_from_user+0x99/0x110 [ 17.779955] blk_trace_setup+0xbd/0x180 [ 17.779964] ? do_blk_trace_setup+0xcf0/0xcf0 [ 17.779985] ? avc_has_extended_perms+0x6e5/0x12c0 [ 17.779996] sg_ioctl+0xc71/0x2d90 [ 17.780006] ? lock_release+0xa40/0xa40 [ 17.780019] ? sg_new_write.isra.20+0x830/0x830 [ 17.780039] ? avc_has_extended_perms+0x7fa/0x12c0 [ 17.780059] ? avc_ss_reset+0x110/0x110 [ 17.780073] ? __do_page_fault+0x64c/0xd60 [ 17.780081] ? lock_downgrade+0x990/0x990 [ 17.780098] ? handle_mm_fault+0x410/0x8d0 [ 17.780103] ? down_read_trylock+0xdb/0x170 [ 17.780108] ? __do_page_fault+0x31e/0xd60 [ 17.780132] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 17.780137] ? __do_page_fault+0x3d6/0xd60 [ 17.780147] ? rcu_note_context_switch+0x710/0x710 [ 17.780163] ? sg_new_write.isra.20+0x830/0x830 [ 17.780169] do_vfs_ioctl+0x1b1/0x1520 [ 17.780174] ? _cond_resched+0x14/0x30 [ 17.780186] ? ioctl_preallocate+0x2b0/0x2b0 [ 17.780196] ? selinux_capable+0x40/0x40 [ 17.780206] ? putname+0xf3/0x130 [ 17.780216] ? do_sys_open+0x320/0x6d0 [ 17.780235] ? security_file_ioctl+0x89/0xb0 [ 17.780246] SyS_ioctl+0x8f/0xc0 [ 17.780259] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 17.780263] RIP: 0033:0x439149 [ 17.780267] RSP: 002b:00007ffea4ba2668 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 [ 17.780272] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000439149 [ 17.780276] RDX: 000000002084cf90 RSI: 00000000c0481273 RDI: 0000000000000003 [ 17.780279] RBP: 0000000000000082 R08: 00000000000000fe R09: 0000000000000000 [ 17.780282] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 17.780285] R13: 0000000000401da0 R14: 0000000000401e30 R15: 0000000000000000 [ 17.780418] Mem-Info: [ 17.780431] active_anon:1082 inactive_anon:44 isolated_anon:0 [ 17.780431] active_file:27 inactive_file:26 isolated_file:0 [ 17.780431] unevictable:0 dirty:0 writeback:0 unstable:0 [ 17.780431] slab_reclaimable:4915 slab_unreclaimable:24778 [ 17.780431] mapped:2 shmem:50 pagetables:255 bounce:0 [ 17.780431] free:9349 free_pcp:101 free_cma:0 [ 17.780442] Node 0 active_anon:2720kB inactive_anon:120kB active_file:80kB inactive_file:80kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 17.780451] Node 1 active_anon:1608kB inactive_anon:56kB active_file:28kB inactive_file:24kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:72kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 17.780454] Node 0 DMA free:3860kB min:640kB low:800kB high:960kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 17.780466] lowmem_reserve[]: 0 886 886 886 [ 17.780477] Node 0 DMA32 free:18080kB min:36540kB low:45672kB high:54804kB active_anon:2720kB inactive_anon:120kB active_file:80kB inactive_file:80kB unevictable:0kB writepending:0kB present:1032192kB managed:910076kB mlocked:0kB kernel_stack:1856kB pagetables:644kB bounce:0kB free_pcp:216kB local_pcp:120kB free_cma:0kB [ 17.780490] lowmem_reserve[]: 0 0 0 0 [ 17.780500] Node 1 DMA32 free:15456kB min:30400kB low:38000kB high:45600kB active_anon:1608kB inactive_anon:56kB active_file:28kB inactive_file:24kB unevictable:0kB writepending:0kB present:1048560kB managed:755260kB mlocked:0kB kernel_stack:1760kB pagetables:376kB bounce:0kB free_pcp:188kB local_pcp:120kB free_cma:0kB [ 17.780513] lowmem_reserve[]: 0 0 0 0 [ 17.780523] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 0*32kB 0*64kB 0*128kB 1*256kB (U) 1*512kB (U) 1*1024kB (U) 1*2048kB (M) 0*4096kB = 3860kB [ 17.780563] Node 0 DMA32: 318*4kB (UME) 193*8kB (UME) 144*16kB (ME) 94*32kB (ME) 56*64kB (UME) 25*128kB (UM) 7*256kB (UME) 1*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 18240kB [ 17.780607] Node 1 DMA32: 216*4kB (UME) 171*8kB (UM) 92*16kB (ME) 62*32kB (ME) 23*64kB (ME) 13*128kB (UME) 6*256kB (UME) 4*512kB (M) 3*1024kB (M) 0*2048kB 0*4096kB = 15480kB [ 17.780655] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.780659] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.780662] 103 total pagecache pages [ 17.780668] 0 pages in swap cache [ 17.780671] Swap cache stats: add 0, delete 0, find 0/0 [ 17.780673] Free swap = 0kB [ 17.780675] Total swap = 0kB [ 17.780678] 524186 pages RAM [ 17.780680] 0 pages HighMem/MovableOnly [ 17.780682] 103875 pages reserved [ 17.846102] lowmem_reserve[]: 0 886 886 886 [ 17.846511] Node 0 DMA32 free:156580kB min:36540kB low:45672kB high:54804kB active_anon:2720kB inactive_anon:120kB active_file:80kB inactive_file:80kB unevictable:0kB writepending:0kB present:1032192kB managed:910076kB mlocked:0kB kernel_stack:1856kB pagetables:644kB bounce:0kB free_pcp:724kB local_pcp:0kB free_cma:0kB [ 17.856779] lowmem_reserve[]: 0 0 0 0 [ 17.857065] Node 1 DMA32 free:187192kB min:30400kB low:38000kB high:45600kB active_anon:1648kB inactive_anon:56kB active_file:24kB inactive_file:1896kB unevictable:0kB writepending:0kB present:1048560kB managed:755260kB mlocked:0kB kernel_stack:1792kB pagetables:476kB bounce:0kB free_pcp:856kB local_pcp:0kB free_cma:0kB [ 17.860287] lowmem_reserve[]: 0 0 0 0 [ 17.860640] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 0*32kB 0*64kB 0*128kB 1*256kB (U) 1*512kB (U) 1*1024kB (U) 1*2048kB (M) 0*4096kB = 3860kB [ 17.861820] Node 0 DMA32: 342*4kB (UME) 321*8kB (UME) 181*16kB (UME) 100*32kB (UME) 66*64kB (UME) 31*128kB (UM) 8*256kB (UME) 4*512kB (UM) 3*1024kB (U) 3*2048kB (U) 51*4096kB (U) = 240432kB [ 17.877634] Node 1 DMA32: 10*4kB (E) 1*8kB (U) 30*16kB (UME) 103*32kB (UME) 101*64kB (UME) 27*128kB (UME) 18*256kB (UME) 6*512kB (UM) 7*1024kB (UM) 1*2048kB (U) 38*4096kB (U) = 186288kB [ 17.879133] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.879785] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 17.880556] 998 total pagecache pages [ 17.881352] 0 pages in swap cache [ 17.881719] Swap cache stats: add 0, delete 0, find 0/0 [ 17.882273] Free swap = 0kB [ 17.882567] Total swap = 0kB [ 17.882864] 524186 pages RAM [ 17.883171] 0 pages HighMem/MovableOnly [ 17.883542] 103875 pages reserved [ 17.884037] Unreclaimable slab info: [ 17.884486] Name Used Total [ 17.885066] TIPC 1KB 7KB [ 17.885571] SCTPv6 2KB 4KB [ 17.886027] DCCPv6 2KB 7KB [ 17.886442] DCCP 2KB 6KB [ 17.887569] fib6_nodes 0KB 4KB [ 17.887998] ip6_dst_cache 7KB 11KB [ 17.888455] RAWv6 13KB 19KB [ 17.888885] UDPv6 19KB 21KB [ 17.889328] TCPv6 2KB 5KB [ 17.889766] uhci_urb_priv 0KB 7KB [ 17.890185] scsi_sense_cache 52KB 68KB [ 17.890589] sd_ext_cdb 0KB 7KB [ 17.890990] virtio_scsi_cmd 16KB 16KB [ 17.891588] sgpool-128 55KB 55KB [ 17.892122] sgpool-64 31KB 31KB [ 17.892793] sgpool-32 30KB 47KB [ 17.893293] sgpool-16 16KB 22KB [ 17.893697] sgpool-8 103KB 127KB [ 17.894118] cfq_io_cq 12KB 19KB [ 17.894529] cfq_queue 16KB 23KB [ 17.894932] mqueue_inode_cache 1KB 7KB [ 17.895424] nfs_commit_data 3KB 14KB [ 17.895843] nfs_write_data 34KB 44KB [ 17.896257] jbd2_inode 2KB 7KB [ 17.896652] ext4_system_zone 0KB 7KB [ 17.897036] bio-1 1KB 7KB [ 17.897438] rpc_buffers 17KB 25KB [ 17.897833] rpc_tasks 2KB 7KB [ 17.898237] UNIX 400KB 402KB [ 17.898641] tcp_bind_bucket 0KB 4KB [ 17.899044] ip_fib_trie 0KB 3KB [ 17.904052] ip_fib_alias 1KB 3KB [ 17.905817] ip_dst_cache 10KB 11KB [ 17.906354] RAW 11KB 14KB [ 17.906861] UDP 16KB 26KB [ 17.907404] request_sock_TCP 3KB 3KB [ 17.907842] TCP 15KB 15KB [ 17.909313] hugetlbfs_inode_cache 1KB 7KB [ 17.909856] eventpoll_pwq 8KB 19KB [ 17.910373] eventpoll_epi 18KB 27KB [ 17.910885] inotify_inode_mark 2KB 11KB [ 17.912052] request_queue 33KB 39KB [ 17.912614] blkdev_ioc 15KB 19KB [ 17.913206] bio-0 155KB 172KB [ 17.913784] biovec-(1<<(21-12)) 387KB 387KB [ 17.914695] biovec-128 63KB 63KB [ 17.915250] biovec-64 36KB 47KB [ 17.915810] biovec-16 6KB 15KB [ 17.916406] khugepaged_mm_slot 0KB 3KB [ 17.916974] uid_cache 3KB 3KB [ 17.917796] dmaengine-unmap-2 0KB 3KB [ 17.918373] skbuff_fclone_cache 133KB 135KB [ 17.918863] skbuff_head_cache 5595KB 5595KB [ 17.919290] configfs_dir_cache 0KB 8KB [ 17.919617] file_lock_cache 146KB 146KB [ 17.920047] file_lock_ctx 1KB 7KB [ 17.920463] fsnotify_mark_connector 1KB 7KB [ 17.920886] shmem_inode_cache 858KB 866KB [ 17.921293] task_delay_info 215KB 272KB [ 17.921684] sigqueue 115KB 145KB [ 17.922089] kernfs_node_cache 2039KB 2047KB [ 17.922474] mnt_cache 14KB 24KB [ 17.922858] filp 2139KB 2448KB [ 17.923396] names_cache 25002KB 25041KB [ 17.923961] avc_node 3KB 7KB [ 17.924531] selinux_file_security 121KB 127KB [ 17.925148] selinux_inode_security 1285KB 1388KB [ 17.925684] key_jar 2KB 7KB [ 17.926199] nsproxy 0KB 3KB [ 17.926692] vm_area_struct 3834KB 4799KB [ 17.927267] mm_struct 973KB 1409KB [ 17.927742] fs_cache 241KB 312KB [ 17.928187] files_cache 600KB 753KB [ 17.928590] signal_cache 839KB 1106KB [ 17.929341] sighand_cache 400KB 450KB [ 17.929828] task_struct 2024KB 2127KB [ 17.930338] cred_jar 802KB 820KB [ 17.933096] anon_vma_chain 1276KB 2264KB [ 17.933755] anon_vma 221KB 273KB [ 17.934301] pid 146KB 196KB [ 17.934702] Acpi-Operand 150KB 209KB [ 17.935798] Acpi-ParseExt 1KB 19KB [ 17.936328] Acpi-Parse 41KB 55KB [ 17.936733] Acpi-State 52KB 74KB [ 17.937150] Acpi-Namespace 17KB 23KB [ 17.937559] numa_policy 0KB 3KB [ 17.937978] trace_event_file 139KB 139KB [ 17.938403] ftrace_event_field 245KB 252KB [ 17.938818] pool_workqueue 13KB 20KB [ 17.939547] page->ptl 615KB 1047KB [ 17.940149] kmalloc-262144 258KB 258KB [ 17.940552] kmalloc-131072 130KB 130KB [ 17.940944] kmalloc-65536 264KB 264KB [ 17.941363] kmalloc-32768 264KB 264KB [ 17.941755] kmalloc-16384 297KB 297KB [ 17.942165] kmalloc-8192 231KB 231KB [ 17.942567] kmalloc-4096 1814KB 1891KB [ 17.942985] kmalloc-2048 2520KB 2575KB [ 17.943809] kmalloc-1024 3317KB 3323KB [ 17.944236] kmalloc-512 953KB 1376KB [ 17.944647] kmalloc-256 615KB 780KB [ 17.945066] kmalloc-128 309KB 354KB [ 17.945472] kmalloc-96 230KB 308KB [ 17.945872] kmalloc-64 274KB 292KB [ 17.946313] kmalloc-32 501KB 921KB [ 17.946802] kmalloc-192 361KB 436KB [ 17.947332] kmem_cache 90KB 101KB [ 17.947743] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 17.948422] [ 1488] 0 1488 5316 113 90112 0 -1000 udevd [ 17.949049] [ 2862] 0 2862 14244 109 118784 0 0 rsyslogd [ 17.949680] [ 2901] 0 2901 4725 49 81920 0 0 cron [ 17.951038] [ 2927] 0 2927 12490 311 131072 0 -1000 sshd [ 17.951830] [ 2951] 0 2951 3694 41 73728 0 0 getty [ 17.952486] [ 2952] 0 2952 3694 41 77824 0 0 getty [ 17.953281] [ 2953] 0 2953 3694 42 73728 0 0 getty [ 17.953975] [ 2954] 0 2954 3694 41 73728 0 0 getty [ 17.954609] [ 2955] 0 2955 3694 42 73728 0 0 getty [ 17.955362] [ 2956] 0 2956 3694 39 77824 0 0 getty [ 17.956056] [ 2957] 0 2957 3649 39 69632 0 0 getty [ 17.956672] [ 2959] 0 2959 5315 114 86016 0 -1000 udevd [ 17.957299] [ 2960] 0 2960 5315 114 86016 0 -1000 udevd [ 17.957950] [ 2974] 0 2974 17820 197 184320 0 0 sshd [ 17.958584] [ 2976] 0 2976 4374 0 36864 0 0 syzkaller407767 [ 17.959315] [ 2978] 0 2978 12490 438 126976 0 0 sshd [ 17.960005] Out of memory: Kill process 2974 (sshd) score 0 or sacrifice child [ 17.960882] Killed process 2974 (sshd) total-vm:71280kB, anon-rss:784kB, file-rss:0kB, shmem-rss:4kB Connection to localhost closed by remote host. [ 18.104390] ================================================================== [ 18.106764] BUG: KASAN: double-free or invalid-free in relay_open+0x6a1/0xa40 [ 18.107618] [ 18.107778] CPU: 3 PID: 2976 Comm: syzkaller407767 Not tainted 4.14.0-rc5-next-20171018+ #8 [ 18.108478] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 18.109346] Call Trace: [ 18.109589] dump_stack+0x194/0x257 [ 18.111634] ? arch_local_irq_restore+0x53/0x53 [ 18.112110] ? show_regs_print_info+0x65/0x65 [ 18.112490] ? relay_open+0x6a1/0xa40 [ 18.112832] print_address_description+0x73/0x250 [ 18.113484] ? relay_open+0x6a1/0xa40 [ 18.113809] ? relay_open+0x6a1/0xa40 [ 18.114270] kasan_report_double_free+0x55/0x80 [ 18.114717] kasan_slab_free+0xa3/0xc0 [ 18.115063] kfree+0xca/0x250 [ 18.115505] relay_open+0x6a1/0xa40 [ 18.115863] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 18.116292] ? __debugfs_create_file+0x2cc/0x3e0 [ 18.116711] ? debugfs_create_file+0x57/0x70 [ 18.117036] do_blk_trace_setup+0x4a4/0xcf0 [ 18.117357] ? blk_tracer_print_line+0x40/0x40 [ 18.117688] ? __might_sleep+0x95/0x190 [ 18.117982] ? kasan_check_write+0x14/0x20 [ 18.118291] ? _copy_from_user+0x99/0x110 [ 18.118596] blk_trace_setup+0xbd/0x180 [ 18.118884] ? do_blk_trace_setup+0xcf0/0xcf0 [ 18.119332] ? avc_has_extended_perms+0x6e5/0x12c0 [ 18.119837] sg_ioctl+0xc71/0x2d90 [ 18.120130] ? lock_release+0xa40/0xa40 [ 18.120485] ? sg_new_write.isra.20+0x830/0x830 [ 18.121154] ? avc_has_extended_perms+0x7fa/0x12c0 [ 18.121613] ? avc_ss_reset+0x110/0x110 [ 18.121979] ? __do_page_fault+0x64c/0xd60 [ 18.122362] ? lock_downgrade+0x990/0x990 [ 18.122750] ? handle_mm_fault+0x410/0x8d0 [ 18.123170] ? down_read_trylock+0xdb/0x170 [ 18.125861] ? __do_page_fault+0x31e/0xd60 [ 18.126197] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 18.126624] ? __do_page_fault+0x3d6/0xd60 [ 18.126936] ? rcu_note_context_switch+0x710/0x710 [ 18.127338] ? sg_new_write.isra.20+0x830/0x830 [ 18.127745] do_vfs_ioctl+0x1b1/0x1520 [ 18.128085] ? _cond_resched+0x14/0x30 [ 18.128380] ? ioctl_preallocate+0x2b0/0x2b0 [ 18.128713] ? selinux_capable+0x40/0x40 [ 18.129023] ? putname+0xf3/0x130 [ 18.129293] ? do_sys_open+0x320/0x6d0 [ 18.129588] ? security_file_ioctl+0x89/0xb0 [ 18.129921] SyS_ioctl+0x8f/0xc0 [ 18.130181] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 18.130531] RIP: 0033:0x439149 [ 18.130771] RSP: 002b:00007ffea4ba2668 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 [ 18.131545] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000439149 [ 18.134333] RDX: 000000002084cf90 RSI: 00000000c0481273 RDI: 0000000000000003 [ 18.134969] RBP: 0000000000000082 R08: 00000000000000fe R09: 0000000000000000 [ 18.141387] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 18.146116] R13: 0000000000401da0 R14: 0000000000401e30 R15: 0000000000000000 [ 18.147564] [ 18.147728] Allocated by task 2976: [ 18.148006] save_stack+0x43/0xd0 [ 18.148263] kasan_kmalloc+0xad/0xe0 [ 18.148531] kmem_cache_alloc_trace+0x136/0x750 [ 18.148898] relay_open+0xf2/0xa40 [ 18.149257] do_blk_trace_setup+0x4a4/0xcf0 [ 18.149802] blk_trace_setup+0xbd/0x180 [ 18.150096] sg_ioctl+0xc71/0x2d90 [ 18.150361] do_vfs_ioctl+0x1b1/0x1520 [ 18.150642] SyS_ioctl+0x8f/0xc0 [ 18.150887] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 18.151240] [ 18.151361] Freed by task 2976: [ 18.151599] save_stack+0x43/0xd0 [ 18.151851] kasan_slab_free+0x71/0xc0 [ 18.152133] kfree+0xca/0x250 [ 18.152365] relay_open+0x84a/0xa40 [ 18.152627] do_blk_trace_setup+0x4a4/0xcf0 [ 18.152937] blk_trace_setup+0xbd/0x180 [ 18.153229] sg_ioctl+0xc71/0x2d90 [ 18.153548] do_vfs_ioctl+0x1b1/0x1520 [ 18.153830] SyS_ioctl+0x8f/0xc0 [ 18.154075] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 18.154419] [ 18.154541] The buggy address belongs to the object at ffff8800692f80c0 [ 18.154541] which belongs to the cache kmalloc-512 of size 512 [ 18.155492] The buggy address is located 0 bytes inside of [ 18.155492] 512-byte region [ffff8800692f80c0, ffff8800692f82c0) [ 18.156358] The buggy address belongs to the page: [ 18.156781] page:ffffea0001a4be00 count:1 mapcount:0 mapping:ffff8800692f80c0 index:0xffff8800692f8340 [ 18.157497] flags: 0x500000000000100(slab) [ 18.157817] raw: 0500000000000100 ffff8800692f80c0 ffff8800692f8340 0000000100000004 [ 18.158574] raw: ffffea0001a436a0 ffffea0001a28d60 ffff88003e800940 0000000000000000 [ 18.159399] page dumped because: kasan: bad access detected [ 18.159821] [ 18.159980] Memory state around the buggy address: [ 18.160356] ffff8800692f7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.160882] ffff8800692f8000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.161424] >ffff8800692f8080: fc fc fc fc fc fc fc fc fb fb fb fb fb fb fb fb [ 18.161958] ^ [ 18.162361] ffff8800692f8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.162895] ffff8800692f8180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.163611] ================================================================== [ 18.164787] Disabling lock debugging due to kernel taint [ 18.165179] Kernel panic - not syncing: panic_on_warn set ... [ 18.165179] [ 18.165723] CPU: 3 PID: 2976 Comm: syzkaller407767 Tainted: G B 4.14.0-rc5-next-20171018+ #8 [ 18.166424] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 [ 18.167022] Call Trace: [ 18.167251] dump_stack+0x194/0x257 [ 18.167575] ? arch_local_irq_restore+0x53/0x53 [ 18.167927] ? kasan_end_report+0x32/0x50 [ 18.168251] ? lock_downgrade+0x990/0x990 [ 18.168556] ? vsnprintf+0x1ed/0x1900 [ 18.168839] panic+0x1e4/0x41c [ 18.169094] ? refcount_error_report+0x214/0x214 [ 18.169480] ? add_taint+0x40/0x50 [ 18.169743] ? add_taint+0x1c/0x50 [ 18.170007] ? relay_open+0x6a1/0xa40 [ 18.170300] ? relay_open+0x6a1/0xa40 [ 18.170577] kasan_end_report+0x50/0x50 [ 18.170866] kasan_report_double_free+0x72/0x80 [ 18.171209] kasan_slab_free+0xa3/0xc0 [ 18.171738] kfree+0xca/0x250 [ 18.171967] relay_open+0x6a1/0xa40 [ 18.172242] ? relay_open_buf.part.10+0x9b0/0x9b0 [ 18.172594] ? __debugfs_create_file+0x2cc/0x3e0 [ 18.172939] ? debugfs_create_file+0x57/0x70 [ 18.173262] do_blk_trace_setup+0x4a4/0xcf0 [ 18.173627] ? blk_tracer_print_line+0x40/0x40 [ 18.173959] ? __might_sleep+0x95/0x190 [ 18.174261] ? kasan_check_write+0x14/0x20 [ 18.174566] ? _copy_from_user+0x99/0x110 [ 18.174867] blk_trace_setup+0xbd/0x180 [ 18.175252] ? do_blk_trace_setup+0xcf0/0xcf0 [ 18.175592] ? avc_has_extended_perms+0x6e5/0x12c0 [ 18.176209] sg_ioctl+0xc71/0x2d90 [ 18.176470] ? lock_release+0xa40/0xa40 [ 18.176763] ? sg_new_write.isra.20+0x830/0x830 [ 18.177106] ? avc_has_extended_perms+0x7fa/0x12c0 [ 18.177821] ? avc_ss_reset+0x110/0x110 [ 18.178116] ? __do_page_fault+0x64c/0xd60 [ 18.178427] ? lock_downgrade+0x990/0x990 [ 18.178729] ? handle_mm_fault+0x410/0x8d0 [ 18.179032] ? down_read_trylock+0xdb/0x170 [ 18.179381] ? __do_page_fault+0x31e/0xd60 [ 18.179698] ? trace_event_raw_event_sched_switch+0x8a0/0x8a0 [ 18.180193] ? __do_page_fault+0x3d6/0xd60 [ 18.181778] ? rcu_note_context_switch+0x710/0x710 [ 18.182189] ? sg_new_write.isra.20+0x830/0x830 [ 18.182538] do_vfs_ioctl+0x1b1/0x1520 [ 18.182819] ? _cond_resched+0x14/0x30 [ 18.183102] ? ioctl_preallocate+0x2b0/0x2b0 [ 18.183447] ? selinux_capable+0x40/0x40 [ 18.183742] ? putname+0xf3/0x130 [ 18.183994] ? do_sys_open+0x320/0x6d0 [ 18.184287] ? security_file_ioctl+0x89/0xb0 [ 18.184606] SyS_ioctl+0x8f/0xc0 [ 18.185179] entry_SYSCALL_64_fastpath+0x1f/0xbe [ 18.185524] RIP: 0033:0x439149 [ 18.185753] RSP: 002b:00007ffea4ba2668 EFLAGS: 00000206 ORIG_RAX: 0000000000000010 [ 18.186308] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000439149 [ 18.186826] RDX: 000000002084cf90 RSI: 00000000c0481273 RDI: 0000000000000003 [ 18.187358] RBP: 0000000000000082 R08: 00000000000000fe R09: 0000000000000000 [ 18.187791] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 18.188232] R13: 0000000000401da0 R14: 0000000000401e30 R15: 0000000000000000 [ 18.191332] Dumping ftrace buffer: [ 18.191666] (ftrace buffer empty) [ 18.192008] Kernel Offset: disabled [ 18.192347] Rebooting in 86400 seconds..