lowmemorykiller: Killing 'syz-executor.1' (6685) (tgid 6685), adj 1000, to free 36172kB on behalf of 'kworker/u4:2' (2101) because cache 62312kB is below limit 65536kB for oom_score_adj 12 Free memory is -13332kB above reserved ====================================================== [ INFO: possible circular locking dependency detected ] 4.9.194+ #0 Not tainted ------------------------------------------------------- kworker/u4:2/2101 is trying to acquire lock: (&mm->mmap_sem){++++++}, at: [<00000000fed8aa56>] get_cmdline+0xa3/0x2d0 mm/util.c:641 but task is already holding lock: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [<0000000045973c88>] do_writepages+0xfc/0x1e0 mm/page-writeback.c:2338 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&sbi->s_journal_flag_rwsem){.+.+.+}: lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:35 [inline] percpu_down_read include/linux/percpu-rwsem.h:58 [inline] ext4_writepages+0x1a1/0x2de0 fs/ext4/inode.c:2658 do_writepages+0xfc/0x1e0 mm/page-writeback.c:2338 __filemap_fdatawrite_range+0x1ad/0x260 mm/filemap.c:392 filemap_write_and_wait_range mm/filemap.c:580 [inline] filemap_write_and_wait_range+0x5c/0xb0 mm/filemap.c:573 ext4_insert_range+0x606/0x1260 fs/ext4/extents.c:5699 ext4_fallocate+0x660/0x2060 fs/ext4/extents.c:4974 vfs_fallocate+0x407/0x6a0 fs/open.c:329 SYSC_fallocate fs/open.c:352 [inline] SyS_fallocate+0x52/0x90 fs/open.c:346 do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 entry_SYSCALL_64_after_swapgs+0x5d/0xdb -> #1 (&ei->i_mmap_sem){++++.+}: lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 down_read+0x44/0xb0 kernel/locking/rwsem.c:22 ext4_filemap_fault+0x67/0xa0 fs/ext4/inode.c:5853 __do_fault+0x2a8/0x6c0 mm/memory.c:2855 do_cow_fault mm/memory.c:3236 [inline] do_fault mm/memory.c:3340 [inline] handle_pte_fault mm/memory.c:3547 [inline] __handle_mm_fault mm/memory.c:3634 [inline] handle_mm_fault+0x723/0x2420 mm/memory.c:3671 __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1401 do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1464 page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 clear_user+0x79/0xd0 arch/x86/lib/usercopy_64.c:52 padzero fs/binfmt_elf.c:119 [inline] load_elf_binary+0x2f63/0x4a90 fs/binfmt_elf.c:1042 search_binary_handler fs/exec.c:1621 [inline] search_binary_handler+0x14f/0x700 fs/exec.c:1599 exec_binprm fs/exec.c:1663 [inline] do_execveat_common.isra.0+0xf81/0x1db0 fs/exec.c:1785 do_execve+0x3a/0x50 fs/exec.c:1829 run_init_process+0x33/0x37 init/main.c:904 try_to_run_init_process+0x18/0x48 init/main.c:913 kernel_init+0xf2/0x163 init/main.c:984 ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 -> #0 (&mm->mmap_sem){++++++}: check_prev_add kernel/locking/lockdep.c:1828 [inline] check_prevs_add kernel/locking/lockdep.c:1938 [inline] validate_chain kernel/locking/lockdep.c:2265 [inline] __lock_acquire+0x2d22/0x4390 kernel/locking/lockdep.c:3345 lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 down_read+0x44/0xb0 kernel/locking/rwsem.c:22 get_cmdline+0xa3/0x2d0 mm/util.c:641 handle_lmk_event+0x169/0x920 drivers/staging/android/lowmemorykiller.c:116 lowmem_scan+0x6f3/0xb70 drivers/staging/android/lowmemorykiller.c:354 do_shrink_slab mm/vmscan.c:399 [inline] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 shrink_slab mm/vmscan.c:466 [inline] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 shrink_zones mm/vmscan.c:2751 [inline] do_try_to_free_pages mm/vmscan.c:2793 [inline] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 __perform_reclaim mm/page_alloc.c:3332 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 __alloc_pages include/linux/gfp.h:433 [inline] __alloc_pages_node include/linux/gfp.h:446 [inline] alloc_slab_page mm/slub.c:1408 [inline] allocate_slab mm/slub.c:1557 [inline] new_slab+0x33b/0x3e0 mm/slub.c:1635 new_slab_objects mm/slub.c:2419 [inline] ___slab_alloc.constprop.0+0x361/0x470 mm/slub.c:2576 __slab_alloc.isra.0.constprop.0+0x50/0xa0 mm/slub.c:2618 slab_alloc_node mm/slub.c:2681 [inline] slab_alloc mm/slub.c:2723 [inline] kmem_cache_alloc+0x212/0x2b0 mm/slub.c:2728 mempool_alloc_slab+0x47/0x60 mm/mempool.c:449 mempool_alloc+0x149/0x360 mm/mempool.c:329 bvec_alloc+0xce/0x2e0 block/bio.c:215 bio_alloc_bioset+0x4f5/0x7d0 block/bio.c:494 bio_alloc include/linux/bio.h:393 [inline] io_submit_init_bio fs/ext4/page-io.c:362 [inline] io_submit_add_bh fs/ext4/page-io.c:387 [inline] ext4_bio_write_page+0x5a6/0xb60 fs/ext4/page-io.c:492 mpage_submit_page+0x138/0x240 fs/ext4/inode.c:2144 mpage_process_page_bufs+0x3b7/0x4a0 fs/ext4/inode.c:2249 mpage_prepare_extent_to_map+0x449/0x9a0 fs/ext4/inode.c:2618 ext4_writepages+0xf2e/0x2de0 fs/ext4/inode.c:2780 do_writepages+0xfc/0x1e0 mm/page-writeback.c:2338 __writeback_single_inode+0xd9/0x1040 fs/fs-writeback.c:1364 writeback_sb_inodes+0x50f/0xea0 fs/fs-writeback.c:1628 __writeback_inodes_wb+0xc3/0x210 fs/fs-writeback.c:1697 wb_writeback+0x637/0xbd0 fs/fs-writeback.c:1806 wb_do_writeback fs/fs-writeback.c:1938 [inline] wb_workfn+0x1c4/0xe70 fs/fs-writeback.c:1974 process_one_work+0x88b/0x1600 kernel/workqueue.c:2114 worker_thread+0x5df/0x11d0 kernel/workqueue.c:2251 kthread+0x278/0x310 kernel/kthread.c:211 ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 other info that might help us debug this: Chain exists of: &mm->mmap_sem --> &ei->i_mmap_sem --> &sbi->s_journal_flag_rwsem Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&sbi->s_journal_flag_rwsem); lock(&ei->i_mmap_sem); lock(&sbi->s_journal_flag_rwsem); lock(&mm->mmap_sem); *** DEADLOCK *** 5 locks held by kworker/u4:2/2101: #0: ("writeback"){++++.+}, at: [<00000000709f7b23>] process_one_work+0x790/0x1600 kernel/workqueue.c:2107 #1: ((&(&wb->dwork)->work)){+.+.+.}, at: [<00000000a4dbfc4e>] process_one_work+0x7ce/0x1600 kernel/workqueue.c:2111 #2: (&type->s_umount_key#32){++++.+}, at: [<0000000057a4fbd3>] trylock_super+0x20/0xf0 fs/super.c:403 #3: (&sbi->s_journal_flag_rwsem){.+.+.+}, at: [<0000000045973c88>] do_writepages+0xfc/0x1e0 mm/page-writeback.c:2338 #4: (shrinker_rwsem){++++..}, at: [<0000000005369b8e>] shrink_slab.part.0+0xb2/0xa20 mm/vmscan.c:472 stack backtrace: CPU: 0 PID: 2101 Comm: kworker/u4:2 Not tainted 4.9.194+ #0 Workqueue: writeback wb_workfn (flush-8:0) ffff8801a2216308 ffffffff81b67001 ffffffff83cb0990 ffffffff83cb8ee0 ffffffff83cb18c0 ffffffff84252000 ffff8801d1dc4740 ffff8801a2216360 ffffffff81406d83 ffffffff81078ba6 ffffffff84001f00 ffff8801d1dc50b8 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000d65adf6d>] print_circular_bug.cold+0x2f6/0x454 kernel/locking/lockdep.c:1202 [<00000000e62bbca4>] check_prev_add kernel/locking/lockdep.c:1828 [inline] [<00000000e62bbca4>] check_prevs_add kernel/locking/lockdep.c:1938 [inline] [<00000000e62bbca4>] validate_chain kernel/locking/lockdep.c:2265 [inline] [<00000000e62bbca4>] __lock_acquire+0x2d22/0x4390 kernel/locking/lockdep.c:3345 [<0000000042ce69ed>] lock_acquire+0x133/0x3d0 kernel/locking/lockdep.c:3756 [<000000008d845738>] down_read+0x44/0xb0 kernel/locking/rwsem.c:22 [<00000000fed8aa56>] get_cmdline+0xa3/0x2d0 mm/util.c:641 [<00000000bee26a82>] handle_lmk_event+0x169/0x920 drivers/staging/android/lowmemorykiller.c:116 [<000000007b66d556>] lowmem_scan+0x6f3/0xb70 drivers/staging/android/lowmemorykiller.c:354 [<000000003fb2523e>] do_shrink_slab mm/vmscan.c:399 [inline] [<000000003fb2523e>] shrink_slab.part.0+0x3cf/0xa20 mm/vmscan.c:502 [<000000007131dec6>] shrink_slab mm/vmscan.c:466 [inline] [<000000007131dec6>] shrink_node+0x1ed/0x750 mm/vmscan.c:2604 [<000000006eb22ae5>] shrink_zones mm/vmscan.c:2751 [inline] [<000000006eb22ae5>] do_try_to_free_pages mm/vmscan.c:2793 [inline] [<000000006eb22ae5>] try_to_free_pages+0x397/0xbd0 mm/vmscan.c:3004 [<0000000097714ef6>] __perform_reclaim mm/page_alloc.c:3332 [inline] [<0000000097714ef6>] __alloc_pages_direct_reclaim mm/page_alloc.c:3354 [inline] [<0000000097714ef6>] __alloc_pages_slowpath mm/page_alloc.c:3704 [inline] [<0000000097714ef6>] __alloc_pages_nodemask+0x930/0x1a80 mm/page_alloc.c:3861 [<00000000b0327366>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000b0327366>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000b0327366>] alloc_slab_page mm/slub.c:1408 [inline] [<00000000b0327366>] allocate_slab mm/slub.c:1557 [inline] [<00000000b0327366>] new_slab+0x33b/0x3e0 mm/slub.c:1635 [<000000001a574560>] new_slab_objects mm/slub.c:2419 [inline] [<000000001a574560>] ___slab_alloc.constprop.0+0x361/0x470 mm/slub.c:2576 [<00000000b3229d03>] __slab_alloc.isra.0.constprop.0+0x50/0xa0 mm/slub.c:2618 [<000000001bc0009d>] slab_alloc_node mm/slub.c:2681 [inline] [<000000001bc0009d>] slab_alloc mm/slub.c:2723 [inline] [<000000001bc0009d>] kmem_cache_alloc+0x212/0x2b0 mm/slub.c:2728 [<00000000dd836115>] mempool_alloc_slab+0x47/0x60 mm/mempool.c:449 [<00000000159e37a2>] mempool_alloc+0x149/0x360 mm/mempool.c:329 [<00000000389d3bbd>] bvec_alloc+0xce/0x2e0 block/bio.c:215 [<00000000debe1952>] bio_alloc_bioset+0x4f5/0x7d0 block/bio.c:494 [<00000000c1c37102>] bio_alloc include/linux/bio.h:393 [inline] [<00000000c1c37102>] io_submit_init_bio fs/ext4/page-io.c:362 [inline] [<00000000c1c37102>] io_submit_add_bh fs/ext4/page-io.c:387 [inline] [<00000000c1c37102>] ext4_bio_write_page+0x5a6/0xb60 fs/ext4/page-io.c:492 [<00000000a15f0eb8>] mpage_submit_page+0x138/0x240 fs/ext4/inode.c:2144 [<0000000020c81f71>] mpage_process_page_bufs+0x3b7/0x4a0 fs/ext4/inode.c:2249 [<0000000003d86f25>] mpage_prepare_extent_to_map+0x449/0x9a0 fs/ext4/inode.c:2618 [<000000008c907538>] ext4_writepages+0xf2e/0x2de0 fs/ext4/inode.c:2780 [<0000000045973c88>] do_writepages+0xfc/0x1e0 mm/page-writeback.c:2338 [<00000000f9ee449d>] __writeback_single_inode+0xd9/0x1040 fs/fs-writeback.c:1364 [<00000000cb26bcc4>] writeback_sb_inodes+0x50f/0xea0 fs/fs-writeback.c:1628 [<00000000ba212de4>] __writeback_inodes_wb+0xc3/0x210 fs/fs-writeback.c:1697 [<000000002ab7c160>] wb_writeback+0x637/0xbd0 fs/fs-writeback.c:1806 [<0000000081e724e5>] wb_do_writeback fs/fs-writeback.c:1938 [inline] [<0000000081e724e5>] wb_workfn+0x1c4/0xe70 fs/fs-writeback.c:1974 [<0000000072534b55>] process_one_work+0x88b/0x1600 kernel/workqueue.c:2114 [<00000000afef45d5>] worker_thread+0x5df/0x11d0 kernel/workqueue.c:2251 [<00000000c62f4c36>] kthread+0x278/0x310 kernel/kthread.c:211 [<00000000fba02284>] ret_from_fork+0x5c/0x70 arch/x86/entry/entry_64.S:375 lowmemorykiller: Killing 'syz-executor.5' (7028) (tgid 7025), adj 1000, to free 36008kB on behalf of 'syz-executor.5' (7028) because cache 61812kB is below limit 65536kB for oom_score_adj 12 Free memory is -12992kB above reserved oom_reaper: reaped process 7028 (syz-executor.5), now anon-rss:0kB, file-rss:24kB, shmem-rss:0kB syz-fuzzer invoked oom-killer: gfp_mask=0x24200ca(GFP_HIGHUSER_MOVABLE), nodemask=0, order=0, oom_score_adj=0 CPU: 1 PID: 2036 Comm: syz-fuzzer Not tainted 4.9.194+ #0 ffff8801d05df6f0 ffffffff81b67001 ffff8801d05dfa48 ffffffff833f1c30 0000000000000000 ffff8801d05dfa60 0000000000000000 ffff8801d05df770 ffffffff81506e44 0000000000000000 0000000000000000 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<000000008c1c2cfc>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<000000008c1c2cfc>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<000000008c1c2cfc>] __alloc_pages_nodemask+0x1730/0x1a80 mm/page_alloc.c:3861 [<000000002b3c4104>] __alloc_pages include/linux/gfp.h:433 [inline] [<000000002b3c4104>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<000000002b3c4104>] alloc_pages_node include/linux/gfp.h:460 [inline] [<000000002b3c4104>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<000000002b3c4104>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<0000000056a2763d>] filemap_fault+0xb1f/0x1360 mm/filemap.c:2331 [<00000000b2e3a1e3>] ext4_filemap_fault+0x72/0xa0 fs/ext4/inode.c:5854 [<00000000febfce89>] __do_fault+0x2a8/0x6c0 mm/memory.c:2855 [<0000000065774e6a>] do_read_fault mm/memory.c:3202 [inline] [<0000000065774e6a>] do_fault mm/memory.c:3338 [inline] [<0000000065774e6a>] handle_pte_fault mm/memory.c:3547 [inline] [<0000000065774e6a>] __handle_mm_fault mm/memory.c:3634 [inline] [<0000000065774e6a>] handle_mm_fault+0x11bc/0x2420 mm/memory.c:3671 [<00000000052f9826>] __do_page_fault+0x3f0/0xa60 arch/x86/mm/fault.c:1401 [<000000005f8a54b7>] do_page_fault+0x28/0x30 arch/x86/mm/fault.c:1464 [<00000000dcfcd5ad>] page_fault+0x25/0x30 arch/x86/entry/entry_64.S:956 Mem-Info: active_anon:73290 inactive_anon:314 isolated_anon:0 active_file:14 inactive_file:40 isolated_file:0 unevictable:0 dirty:0 writeback:9 unstable:0 slab_reclaimable:5392 slab_unreclaimable:59154 mapped:43548 shmem:320 pagetables:1061 bounce:0 free:1500 free_pcp:82 free_cma:0 Node 0 active_anon:293160kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174192kB dirty:0kB writeback:36kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:16 all_unreclaimable? no DMA32 free:3372kB min:4696kB low:7712kB high:10728kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:64kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:192kB local_pcp:72kB free_cma:0kB Normal free:2628kB min:5580kB low:9168kB high:12756kB active_anon:293060kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB writepending:8kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21568kB slab_unreclaimable:236552kB kernel_stack:4320kB pagetables:4244kB bounce:0kB free_pcp:136kB local_pcp:136kB free_cma:0kB DMA32: 3*4kB (M) 0*8kB 2*16kB (UM) 2*32kB (UM) 1*64kB (U) 3*128kB (UM) 3*256kB (UM) 0*512kB 2*1024kB (UM) 0*2048kB 0*4096kB = 3372kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4563] 0 4563 18278 8760 26 4 0 1000 syz-executor.5 [ 4565] 0 4565 18146 8718 25 3 0 1000 syz-executor.5 [ 4572] 0 4572 18278 8760 26 4 0 1000 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 4984] 0 4984 18278 8761 28 4 0 1000 syz-executor.1 [ 5011] 0 5011 18278 8761 28 4 0 1000 syz-executor.1 [ 5063] 0 5063 18179 8753 26 4 0 1000 syz-executor.1 [ 5070] 0 5070 18179 8753 26 4 0 1000 syz-executor.1 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 [ 7066] 0 7066 18278 8757 27 4 0 1000 syz-executor.0 Out of memory: Kill process 4984 (syz-executor.1) score 1004 or sacrifice child Killed process 4984 (syz-executor.1) total-vm:73112kB, anon-rss:204kB, file-rss:34840kB, shmem-rss:0kB syz-executor.5: vmalloc: allocation failure, allocated 3324383232 of 5830086656 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) CPU: 1 PID: 7028 Comm: syz-executor.5 Not tainted 4.9.194+ #0 ffff88019e4a7858 ffffffff81b67001 1ffff10033c94f0d dffffc0000000000 ffffffff82aab480 0000000000000000 0000000000400000 ffff88019e4a7980 ffffffff815080fc 0000000041b58ab3 ffffffff82e3bc80 ffffffff81431d00 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<000000005f64d820>] warn_alloc.cold+0x76/0x93 mm/page_alloc.c:3069 [<000000007d949343>] __vmalloc_area_node mm/vmalloc.c:1665 [inline] [<000000007d949343>] __vmalloc_node_range+0x404/0x610 mm/vmalloc.c:1706 [<00000000b9d55154>] __vmalloc_node mm/vmalloc.c:1755 [inline] [<00000000b9d55154>] __vmalloc_node_flags mm/vmalloc.c:1769 [inline] [<00000000b9d55154>] vmalloc+0x5c/0x70 mm/vmalloc.c:1784 [<0000000049193004>] xt_alloc_entry_offsets+0x44/0x50 net/netfilter/x_tables.c:758 [<000000002a94a0e7>] translate_table+0x215/0x1650 net/ipv4/netfilter/ip_tables.c:705 [<00000000ad9a01d3>] do_replace net/ipv4/netfilter/ip_tables.c:1157 [inline] [<00000000ad9a01d3>] do_ipt_set_ctl+0x2d4/0x470 net/ipv4/netfilter/ip_tables.c:1693 [<000000009879f008>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<000000009879f008>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<00000000070b6ad6>] ip_setsockopt net/ipv4/ip_sockglue.c:1247 [inline] [<00000000070b6ad6>] ip_setsockopt+0x8a/0xa0 net/ipv4/ip_sockglue.c:1232 [<000000004b392667>] udp_setsockopt+0x4e/0x90 net/ipv4/udp.c:2114 [<00000000df9cd4ab>] ipv6_setsockopt+0xa4/0x140 net/ipv6/ipv6_sockglue.c:912 [<000000000865914e>] tcp_setsockopt net/ipv4/tcp.c:2759 [inline] [<000000000865914e>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2753 [<00000000803d6866>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2710 [<0000000053879209>] SYSC_setsockopt net/socket.c:1786 [inline] [<0000000053879209>] SyS_setsockopt+0x159/0x240 net/socket.c:1765 [<000000006b82c655>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73290 inactive_anon:314 isolated_anon:0 active_file:14 inactive_file:40 isolated_file:0 unevictable:0 dirty:0 writeback:9 unstable:0 slab_reclaimable:5392 slab_unreclaimable:59154 mapped:43548 shmem:320 pagetables:1061 bounce:0 free:663 free_pcp:64 free_cma:0 Node 0 active_anon:293160kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174192kB dirty:0kB writeback:36kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:16 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:64kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:0kB free_cma:0kB Normal free:2628kB min:5580kB low:9168kB high:12756kB active_anon:293060kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB writepending:8kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21568kB slab_unreclaimable:236552kB kernel_stack:4288kB pagetables:4244kB bounce:0kB free_pcp:136kB local_pcp:136kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved syz-executor.1 invoked oom-killer: gfp_mask=0x2400840(GFP_NOFS|__GFP_NOFAIL), nodemask=0, order=0, oom_score_adj=1000 CPU: 1 PID: 5011 Comm: syz-executor.1 Not tainted 4.9.194+ #0 ffff8801cadaee78 ffffffff81b67001 ffff8801cadaf1d0 ffffffff833f1c30 00000000000003e8 ffff8801cadaf1e8 0000000000000000 ffff8801cadaeef8 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<0000000022380cbd>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<0000000022380cbd>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<0000000022380cbd>] __alloc_pages_nodemask+0x151e/0x1a80 mm/page_alloc.c:3861 [<000000002b3c4104>] __alloc_pages include/linux/gfp.h:433 [inline] [<000000002b3c4104>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<000000002b3c4104>] alloc_pages_node include/linux/gfp.h:460 [inline] [<000000002b3c4104>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<000000002b3c4104>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<00000000e30821b9>] find_or_create_page include/linux/pagemap.h:310 [inline] [<00000000e30821b9>] ext4_mb_load_buddy_gfp+0x90a/0x1100 fs/ext4/mballoc.c:1172 [<00000000bee6d937>] ext4_free_blocks+0x827/0x23d0 fs/ext4/mballoc.c:4834 [<0000000025f6db25>] ext4_remove_blocks fs/ext4/extents.c:2585 [inline] [<0000000025f6db25>] ext4_ext_rm_leaf fs/ext4/extents.c:2741 [inline] [<0000000025f6db25>] ext4_ext_remove_space+0x21cd/0x3a90 fs/ext4/extents.c:2974 [<00000000134feb48>] ext4_ext_truncate+0x17e/0x280 fs/ext4/extents.c:4677 [<0000000089ca3a8d>] ext4_truncate+0x526/0x1300 fs/ext4/inode.c:4243 [<00000000abd47a9d>] ext4_evict_inode+0xc50/0x1270 fs/ext4/inode.c:265 [<0000000087118a46>] evict+0x2e9/0x630 fs/inode.c:553 [<00000000a1369b87>] iput_final fs/inode.c:1516 [inline] [<00000000a1369b87>] iput fs/inode.c:1543 [inline] [<00000000a1369b87>] iput+0x370/0x900 fs/inode.c:1528 [<000000008500c5d1>] dentry_unlink_inode+0x277/0x330 fs/dcache.c:369 [<000000006908249d>] __dentry_kill+0x333/0x580 fs/dcache.c:571 [<000000008ed554ce>] dentry_kill fs/dcache.c:612 [inline] [<000000008ed554ce>] dput.part.0+0x509/0x7c0 fs/dcache.c:829 [<00000000d68c0065>] dput+0x20/0x30 fs/dcache.c:791 [<0000000073715a1f>] path_put+0x31/0x70 fs/namei.c:519 [<000000003c37f73a>] free_fs_struct+0x25/0x70 fs/fs_struct.c:90 [<0000000022ec7f2a>] exit_fs+0xe7/0x120 fs/fs_struct.c:108 [<00000000a4fb18c2>] do_exit+0x769/0x2aa0 kernel/exit.c:838 [<00000000a7792710>] do_group_exit+0x111/0x300 kernel/exit.c:946 [<000000006aec2af1>] get_signal+0x377/0x1cb0 kernel/signal.c:2395 [<0000000027861a1e>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000019ff16a0>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<000000007542ed60>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<000000007542ed60>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<000000007542ed60>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73240 inactive_anon:314 isolated_anon:0 active_file:14 inactive_file:40 isolated_file:0 unevictable:0 dirty:0 writeback:9 unstable:0 slab_reclaimable:5392 slab_unreclaimable:59154 mapped:43548 shmem:320 pagetables:1024 bounce:0 free:663 free_pcp:136 free_cma:0 Node 0 active_anon:292960kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174192kB dirty:0kB writeback:36kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:16 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:64kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:0kB free_cma:0kB Normal free:2628kB min:5580kB low:9168kB high:12756kB active_anon:292860kB inactive_anon:1256kB active_file:56kB inactive_file:160kB unevictable:0kB writepending:8kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21568kB slab_unreclaimable:236552kB kernel_stack:4288kB pagetables:4096kB bounce:0kB free_pcp:424kB local_pcp:424kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4563] 0 4563 18278 8760 26 4 0 1000 syz-executor.5 [ 4565] 0 4565 18146 8718 25 3 0 1000 syz-executor.5 [ 4572] 0 4572 18278 8760 26 4 0 1000 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5063] 0 5063 18179 8753 26 4 0 1000 syz-executor.1 [ 5070] 0 5070 18179 8753 26 4 0 1000 syz-executor.1 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 [ 7066] 0 7066 18278 8757 27 4 0 1000 syz-executor.0 Out of memory: Kill process 4563 (syz-executor.5) score 1004 or sacrifice child Killed process 4565 (syz-executor.5) total-vm:72584kB, anon-rss:164kB, file-rss:34708kB, shmem-rss:0kB syz-executor.1 invoked oom-killer: gfp_mask=0x2400840(GFP_NOFS|__GFP_NOFAIL), nodemask=0, order=0, oom_score_adj=1000 CPU: 1 PID: 5011 Comm: syz-executor.1 Not tainted 4.9.194+ #0 ffff8801cadaee78 ffffffff81b67001 ffff8801cadaf1d0 ffffffff833f1c30 00000000000003e8 ffff8801cadaf1e8 0000000000000000 ffff8801cadaeef8 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<0000000022380cbd>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<0000000022380cbd>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<0000000022380cbd>] __alloc_pages_nodemask+0x151e/0x1a80 mm/page_alloc.c:3861 [<000000002b3c4104>] __alloc_pages include/linux/gfp.h:433 [inline] [<000000002b3c4104>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<000000002b3c4104>] alloc_pages_node include/linux/gfp.h:460 [inline] [<000000002b3c4104>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<000000002b3c4104>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<0000000010698ae9>] find_or_create_page include/linux/pagemap.h:310 [inline] [<0000000010698ae9>] ext4_mb_load_buddy_gfp+0x659/0x1100 fs/ext4/mballoc.c:1208 [<00000000bee6d937>] ext4_free_blocks+0x827/0x23d0 fs/ext4/mballoc.c:4834 [<0000000025f6db25>] ext4_remove_blocks fs/ext4/extents.c:2585 [inline] [<0000000025f6db25>] ext4_ext_rm_leaf fs/ext4/extents.c:2741 [inline] [<0000000025f6db25>] ext4_ext_remove_space+0x21cd/0x3a90 fs/ext4/extents.c:2974 [<00000000134feb48>] ext4_ext_truncate+0x17e/0x280 fs/ext4/extents.c:4677 [<0000000089ca3a8d>] ext4_truncate+0x526/0x1300 fs/ext4/inode.c:4243 [<00000000abd47a9d>] ext4_evict_inode+0xc50/0x1270 fs/ext4/inode.c:265 [<0000000087118a46>] evict+0x2e9/0x630 fs/inode.c:553 [<00000000a1369b87>] iput_final fs/inode.c:1516 [inline] [<00000000a1369b87>] iput fs/inode.c:1543 [inline] [<00000000a1369b87>] iput+0x370/0x900 fs/inode.c:1528 [<000000008500c5d1>] dentry_unlink_inode+0x277/0x330 fs/dcache.c:369 [<000000006908249d>] __dentry_kill+0x333/0x580 fs/dcache.c:571 [<000000008ed554ce>] dentry_kill fs/dcache.c:612 [inline] [<000000008ed554ce>] dput.part.0+0x509/0x7c0 fs/dcache.c:829 [<00000000d68c0065>] dput+0x20/0x30 fs/dcache.c:791 [<0000000073715a1f>] path_put+0x31/0x70 fs/namei.c:519 [<000000003c37f73a>] free_fs_struct+0x25/0x70 fs/fs_struct.c:90 [<0000000022ec7f2a>] exit_fs+0xe7/0x120 fs/fs_struct.c:108 [<00000000a4fb18c2>] do_exit+0x769/0x2aa0 kernel/exit.c:838 [<00000000a7792710>] do_group_exit+0x111/0x300 kernel/exit.c:946 [<000000006aec2af1>] get_signal+0x377/0x1cb0 kernel/signal.c:2395 [<0000000027861a1e>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000019ff16a0>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<000000007542ed60>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<000000007542ed60>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<000000007542ed60>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73200 inactive_anon:314 isolated_anon:0 active_file:19 inactive_file:30 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:5385 slab_unreclaimable:59147 mapped:43545 shmem:320 pagetables:1005 bounce:0 free:672 free_pcp:182 free_cma:0 Node 0 active_anon:292800kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174180kB dirty:0kB writeback:0kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:72kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:0kB free_cma:0kB Normal free:2664kB min:5580kB low:9168kB high:12756kB active_anon:292792kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB writepending:0kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21540kB slab_unreclaimable:236516kB kernel_stack:4256kB pagetables:4020kB bounce:0kB free_pcp:608kB local_pcp:420kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4563] 0 4563 18278 8760 26 4 0 1000 syz-executor.5 [ 4572] 0 4572 18278 8760 26 4 0 1000 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5063] 0 5063 18179 8753 26 4 0 1000 syz-executor.1 [ 5070] 0 5070 18179 8753 26 4 0 1000 syz-executor.1 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 [ 7066] 0 7066 18278 8757 27 4 0 1000 syz-executor.0 Out of memory: Kill process 4563 (syz-executor.5) score 1004 or sacrifice child Killed process 4563 (syz-executor.5) total-vm:73112kB, anon-rss:196kB, file-rss:34844kB, shmem-rss:0kB syz-executor.5 invoked oom-killer: gfp_mask=0x24002c2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), nodemask=0, order=0, oom_score_adj=1000 CPU: 0 PID: 7084 Comm: syz-executor.5 Not tainted 4.9.194+ #0 ffff880188bf7580 ffffffff81b67001 ffff880188bf78d8 ffffffff833f1c30 00000000000003e8 ffff880188bf78f0 0000000000000000 ffff880188bf7600 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<000000008c1c2cfc>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<000000008c1c2cfc>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<000000008c1c2cfc>] __alloc_pages_nodemask+0x1730/0x1a80 mm/page_alloc.c:3861 [<00000000209c9f49>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000209c9f49>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000209c9f49>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000209c9f49>] __vmalloc_area_node mm/vmalloc.c:1648 [inline] [<00000000209c9f49>] __vmalloc_node_range+0x25b/0x610 mm/vmalloc.c:1706 [<00000000b9d55154>] __vmalloc_node mm/vmalloc.c:1755 [inline] [<00000000b9d55154>] __vmalloc_node_flags mm/vmalloc.c:1769 [inline] [<00000000b9d55154>] vmalloc+0x5c/0x70 mm/vmalloc.c:1784 [<0000000049193004>] xt_alloc_entry_offsets+0x44/0x50 net/netfilter/x_tables.c:758 [<000000002a94a0e7>] translate_table+0x215/0x1650 net/ipv4/netfilter/ip_tables.c:705 [<00000000ad9a01d3>] do_replace net/ipv4/netfilter/ip_tables.c:1157 [inline] [<00000000ad9a01d3>] do_ipt_set_ctl+0x2d4/0x470 net/ipv4/netfilter/ip_tables.c:1693 [<000000009879f008>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<000000009879f008>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<00000000070b6ad6>] ip_setsockopt net/ipv4/ip_sockglue.c:1247 [inline] [<00000000070b6ad6>] ip_setsockopt+0x8a/0xa0 net/ipv4/ip_sockglue.c:1232 [<000000004b392667>] udp_setsockopt+0x4e/0x90 net/ipv4/udp.c:2114 [<00000000df9cd4ab>] ipv6_setsockopt+0xa4/0x140 net/ipv6/ipv6_sockglue.c:912 [<000000000865914e>] tcp_setsockopt net/ipv4/tcp.c:2759 [inline] [<000000000865914e>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2753 [<00000000803d6866>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2710 [<0000000053879209>] SYSC_setsockopt net/socket.c:1786 [inline] [<0000000053879209>] SyS_setsockopt+0x159/0x240 net/socket.c:1765 [<000000006b82c655>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73200 inactive_anon:314 isolated_anon:0 active_file:19 inactive_file:30 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:5385 slab_unreclaimable:59147 mapped:43545 shmem:320 pagetables:1005 bounce:0 free:672 free_pcp:235 free_cma:0 Node 0 active_anon:292800kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174180kB dirty:0kB writeback:0kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:72kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB Normal free:2664kB min:5580kB low:9168kB high:12756kB active_anon:292792kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB writepending:0kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21540kB slab_unreclaimable:236516kB kernel_stack:4192kB pagetables:4020kB bounce:0kB free_pcp:820kB local_pcp:188kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5063] 0 5063 18179 8753 26 4 0 1000 syz-executor.1 [ 5070] 0 5070 18179 8753 26 4 0 1000 syz-executor.1 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 [ 7066] 0 7066 18278 8757 27 4 0 1000 syz-executor.0 Out of memory: Kill process 7066 (syz-executor.0) score 1004 or sacrifice child Killed process 7066 (syz-executor.0) total-vm:73112kB, anon-rss:188kB, file-rss:34840kB, shmem-rss:0kB syz-executor.5 invoked oom-killer: gfp_mask=0x24002c2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN), nodemask=0, order=0, oom_score_adj=1000 CPU: 0 PID: 7084 Comm: syz-executor.5 Not tainted 4.9.194+ #0 ffff880188bf7580 ffffffff81b67001 ffff880188bf78d8 ffffffff833f1c30 00000000000003e8 ffff880188bf78f0 0000000000000000 ffff880188bf7600 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<000000008c1c2cfc>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<000000008c1c2cfc>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<000000008c1c2cfc>] __alloc_pages_nodemask+0x1730/0x1a80 mm/page_alloc.c:3861 [<00000000209c9f49>] __alloc_pages include/linux/gfp.h:433 [inline] [<00000000209c9f49>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<00000000209c9f49>] alloc_pages_node include/linux/gfp.h:460 [inline] [<00000000209c9f49>] __vmalloc_area_node mm/vmalloc.c:1648 [inline] [<00000000209c9f49>] __vmalloc_node_range+0x25b/0x610 mm/vmalloc.c:1706 [<00000000b9d55154>] __vmalloc_node mm/vmalloc.c:1755 [inline] [<00000000b9d55154>] __vmalloc_node_flags mm/vmalloc.c:1769 [inline] [<00000000b9d55154>] vmalloc+0x5c/0x70 mm/vmalloc.c:1784 [<0000000049193004>] xt_alloc_entry_offsets+0x44/0x50 net/netfilter/x_tables.c:758 [<000000002a94a0e7>] translate_table+0x215/0x1650 net/ipv4/netfilter/ip_tables.c:705 [<00000000ad9a01d3>] do_replace net/ipv4/netfilter/ip_tables.c:1157 [inline] [<00000000ad9a01d3>] do_ipt_set_ctl+0x2d4/0x470 net/ipv4/netfilter/ip_tables.c:1693 [<000000009879f008>] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [<000000009879f008>] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [<00000000070b6ad6>] ip_setsockopt net/ipv4/ip_sockglue.c:1247 [inline] [<00000000070b6ad6>] ip_setsockopt+0x8a/0xa0 net/ipv4/ip_sockglue.c:1232 [<000000004b392667>] udp_setsockopt+0x4e/0x90 net/ipv4/udp.c:2114 [<00000000df9cd4ab>] ipv6_setsockopt+0xa4/0x140 net/ipv6/ipv6_sockglue.c:912 [<000000000865914e>] tcp_setsockopt net/ipv4/tcp.c:2759 [inline] [<000000000865914e>] tcp_setsockopt+0x8a/0xe0 net/ipv4/tcp.c:2753 [<00000000803d6866>] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2710 [<0000000053879209>] SYSC_setsockopt net/socket.c:1786 [inline] [<0000000053879209>] SyS_setsockopt+0x159/0x240 net/socket.c:1765 [<000000006b82c655>] do_syscall_64+0x1ad/0x5c0 arch/x86/entry/common.c:288 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73175 inactive_anon:314 isolated_anon:0 active_file:19 inactive_file:30 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:5385 slab_unreclaimable:59147 mapped:43545 shmem:320 pagetables:968 bounce:0 free:672 free_pcp:308 free_cma:0 Node 0 active_anon:292700kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174180kB dirty:0kB writeback:0kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:72kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB Normal free:2664kB min:5580kB low:9168kB high:12756kB active_anon:292692kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB writepending:0kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21540kB slab_unreclaimable:236516kB kernel_stack:4192kB pagetables:3872kB bounce:0kB free_pcp:1112kB local_pcp:480kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5063] 0 5063 18179 8753 26 4 0 1000 syz-executor.1 [ 5070] 0 5070 18179 8753 26 4 0 1000 syz-executor.1 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 Out of memory: Kill process 5063 (syz-executor.1) score 1004 or sacrifice child Killed process 5063 (syz-executor.1) total-vm:72716kB, anon-rss:172kB, file-rss:34840kB, shmem-rss:0kB syz-executor.1 invoked oom-killer: gfp_mask=0x2420848(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), nodemask=0, order=0, oom_score_adj=1000 CPU: 0 PID: 5070 Comm: syz-executor.1 Not tainted 4.9.194+ #0 ffff8801a51ff150 ffffffff81b67001 ffff8801a51ff4a8 ffffffff833f1c30 00000000000003e8 ffff8801a51ff4c0 0000000000000000 ffff8801a51ff1d0 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<0000000022380cbd>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<0000000022380cbd>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<0000000022380cbd>] __alloc_pages_nodemask+0x151e/0x1a80 mm/page_alloc.c:3861 [<000000002b3c4104>] __alloc_pages include/linux/gfp.h:433 [inline] [<000000002b3c4104>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<000000002b3c4104>] alloc_pages_node include/linux/gfp.h:460 [inline] [<000000002b3c4104>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<000000002b3c4104>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000003f121f56>] find_or_create_page include/linux/pagemap.h:310 [inline] [<000000003f121f56>] grow_dev_page fs/buffer.c:1006 [inline] [<000000003f121f56>] grow_buffers fs/buffer.c:1079 [inline] [<000000003f121f56>] __getblk_slow fs/buffer.c:1106 [inline] [<000000003f121f56>] __getblk_gfp+0x239/0x700 fs/buffer.c:1387 [<00000000b038b26a>] sb_getblk include/linux/buffer_head.h:318 [inline] [<00000000b038b26a>] __ext4_get_inode_loc+0x332/0xf00 fs/ext4/inode.c:4304 [<000000000edae146>] ext4_get_inode_loc fs/ext4/inode.c:4417 [inline] [<000000000edae146>] ext4_reserve_inode_write+0x5c/0x180 fs/ext4/inode.c:5488 [<00000000e42bba79>] ext4_mark_inode_dirty+0x153/0xb30 fs/ext4/inode.c:5557 [<00000000bbe50129>] ext4_evict_inode+0x6ba/0x1270 fs/ext4/inode.c:258 [<0000000087118a46>] evict+0x2e9/0x630 fs/inode.c:553 [<00000000a1369b87>] iput_final fs/inode.c:1516 [inline] [<00000000a1369b87>] iput fs/inode.c:1543 [inline] [<00000000a1369b87>] iput+0x370/0x900 fs/inode.c:1528 [<000000008500c5d1>] dentry_unlink_inode+0x277/0x330 fs/dcache.c:369 [<000000006908249d>] __dentry_kill+0x333/0x580 fs/dcache.c:571 [<000000008ed554ce>] dentry_kill fs/dcache.c:612 [inline] [<000000008ed554ce>] dput.part.0+0x509/0x7c0 fs/dcache.c:829 [<00000000d68c0065>] dput+0x20/0x30 fs/dcache.c:791 [<0000000073715a1f>] path_put+0x31/0x70 fs/namei.c:519 [<000000003c37f73a>] free_fs_struct+0x25/0x70 fs/fs_struct.c:90 [<0000000022ec7f2a>] exit_fs+0xe7/0x120 fs/fs_struct.c:108 [<00000000a4fb18c2>] do_exit+0x769/0x2aa0 kernel/exit.c:838 [<00000000a7792710>] do_group_exit+0x111/0x300 kernel/exit.c:946 [<000000006aec2af1>] get_signal+0x377/0x1cb0 kernel/signal.c:2395 [<0000000027861a1e>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000019ff16a0>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<000000007542ed60>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<000000007542ed60>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<000000007542ed60>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73150 inactive_anon:314 isolated_anon:0 active_file:19 inactive_file:30 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:5385 slab_unreclaimable:59147 mapped:43545 shmem:320 pagetables:968 bounce:0 free:672 free_pcp:373 free_cma:0 Node 0 active_anon:292600kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174180kB dirty:0kB writeback:0kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:72kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB Normal free:2664kB min:5580kB low:9168kB high:12756kB active_anon:292592kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB writepending:0kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21540kB slab_unreclaimable:236516kB kernel_stack:4160kB pagetables:3872kB bounce:0kB free_pcp:1372kB local_pcp:740kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6092] 0 6092 18146 8751 26 4 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 Out of memory: Kill process 6092 (syz-executor.5) score 1004 or sacrifice child Killed process 6092 (syz-executor.5) total-vm:72584kB, anon-rss:160kB, file-rss:34844kB, shmem-rss:0kB syz-executor.1 invoked oom-killer: gfp_mask=0x2420848(GFP_NOFS|__GFP_NOFAIL|__GFP_HARDWALL|__GFP_MOVABLE), nodemask=0, order=0, oom_score_adj=1000 CPU: 0 PID: 5070 Comm: syz-executor.1 Not tainted 4.9.194+ #0 ffff8801a51ff0c0 ffffffff81b67001 ffff8801a51ff418 ffffffff833f1c30 00000000000003e8 ffff8801a51ff430 0000000000000000 ffff8801a51ff140 ffffffff81506e44 0000000000000000 00000000000003e8 ffffffff8282ac45 Call Trace: [<000000004373d34f>] __dump_stack lib/dump_stack.c:15 [inline] [<000000004373d34f>] dump_stack+0xc1/0x120 lib/dump_stack.c:51 [<00000000471f6c5c>] dump_header.isra.0+0x142/0x74c mm/oom_kill.c:417 [<00000000f00a1d17>] oom_kill_process.cold+0xd/0xa74 mm/oom_kill.c:852 [<00000000ec09bdc9>] out_of_memory mm/oom_kill.c:1069 [inline] [<00000000ec09bdc9>] out_of_memory+0x29b/0xea0 mm/oom_kill.c:1009 [<0000000022380cbd>] __alloc_pages_may_oom mm/page_alloc.c:3136 [inline] [<0000000022380cbd>] __alloc_pages_slowpath mm/page_alloc.c:3750 [inline] [<0000000022380cbd>] __alloc_pages_nodemask+0x151e/0x1a80 mm/page_alloc.c:3861 [<000000002b3c4104>] __alloc_pages include/linux/gfp.h:433 [inline] [<000000002b3c4104>] __alloc_pages_node include/linux/gfp.h:446 [inline] [<000000002b3c4104>] alloc_pages_node include/linux/gfp.h:460 [inline] [<000000002b3c4104>] __page_cache_alloc include/linux/pagemap.h:208 [inline] [<000000002b3c4104>] pagecache_get_page+0x248/0x740 mm/filemap.c:1367 [<000000003f121f56>] find_or_create_page include/linux/pagemap.h:310 [inline] [<000000003f121f56>] grow_dev_page fs/buffer.c:1006 [inline] [<000000003f121f56>] grow_buffers fs/buffer.c:1079 [inline] [<000000003f121f56>] __getblk_slow fs/buffer.c:1106 [inline] [<000000003f121f56>] __getblk_gfp+0x239/0x700 fs/buffer.c:1387 [<00000000bed467a5>] __getblk include/linux/buffer_head.h:373 [inline] [<00000000bed467a5>] __breadahead+0x79/0xf0 fs/buffer.c:1397 [<00000000dc0a2bed>] sb_breadahead include/linux/buffer_head.h:312 [inline] [<00000000dc0a2bed>] __ext4_get_inode_loc+0x94c/0xf00 fs/ext4/inode.c:4389 [<000000000edae146>] ext4_get_inode_loc fs/ext4/inode.c:4417 [inline] [<000000000edae146>] ext4_reserve_inode_write+0x5c/0x180 fs/ext4/inode.c:5488 [<00000000e42bba79>] ext4_mark_inode_dirty+0x153/0xb30 fs/ext4/inode.c:5557 [<00000000bbe50129>] ext4_evict_inode+0x6ba/0x1270 fs/ext4/inode.c:258 [<0000000087118a46>] evict+0x2e9/0x630 fs/inode.c:553 [<00000000a1369b87>] iput_final fs/inode.c:1516 [inline] [<00000000a1369b87>] iput fs/inode.c:1543 [inline] [<00000000a1369b87>] iput+0x370/0x900 fs/inode.c:1528 [<000000008500c5d1>] dentry_unlink_inode+0x277/0x330 fs/dcache.c:369 [<000000006908249d>] __dentry_kill+0x333/0x580 fs/dcache.c:571 [<000000008ed554ce>] dentry_kill fs/dcache.c:612 [inline] [<000000008ed554ce>] dput.part.0+0x509/0x7c0 fs/dcache.c:829 [<00000000d68c0065>] dput+0x20/0x30 fs/dcache.c:791 [<0000000073715a1f>] path_put+0x31/0x70 fs/namei.c:519 [<000000003c37f73a>] free_fs_struct+0x25/0x70 fs/fs_struct.c:90 [<0000000022ec7f2a>] exit_fs+0xe7/0x120 fs/fs_struct.c:108 [<00000000a4fb18c2>] do_exit+0x769/0x2aa0 kernel/exit.c:838 [<00000000a7792710>] do_group_exit+0x111/0x300 kernel/exit.c:946 [<000000006aec2af1>] get_signal+0x377/0x1cb0 kernel/signal.c:2395 [<0000000027861a1e>] do_signal+0x9c/0x1920 arch/x86/kernel/signal.c:812 [<0000000019ff16a0>] exit_to_usermode_loop+0x11c/0x160 arch/x86/entry/common.c:159 [<000000007542ed60>] prepare_exit_to_usermode arch/x86/entry/common.c:195 [inline] [<000000007542ed60>] syscall_return_slowpath arch/x86/entry/common.c:266 [inline] [<000000007542ed60>] do_syscall_64+0x3ab/0x5c0 arch/x86/entry/common.c:293 [<00000000c94a8942>] entry_SYSCALL_64_after_swapgs+0x5d/0xdb Mem-Info: active_anon:73100 inactive_anon:314 isolated_anon:0 active_file:19 inactive_file:30 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:5385 slab_unreclaimable:59147 mapped:43545 shmem:320 pagetables:931 bounce:0 free:722 free_pcp:373 free_cma:0 Node 0 active_anon:292400kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:174180kB dirty:0kB writeback:0kB shmem:1280kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA32 free:24kB min:4696kB low:7712kB high:10728kB active_anon:8kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:3020092kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:72kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB Normal free:2864kB min:5580kB low:9168kB high:12756kB active_anon:292392kB inactive_anon:1256kB active_file:76kB inactive_file:120kB unevictable:0kB writepending:0kB present:4718592kB managed:3589316kB mlocked:0kB slab_reclaimable:21540kB slab_unreclaimable:236516kB kernel_stack:4128kB pagetables:3724kB bounce:0kB free_pcp:1372kB local_pcp:736kB free_cma:0kB DMA32: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 313627 pages reserved [ pid ] uid tgid total_vm rss nr_ptes nr_pmds swapents oom_score_adj name [ 470] 0 470 5365 168 16 3 0 -1000 udevd [ 1759] 0 1759 2492 573 8 3 0 0 dhclient [ 1890] 0 1890 14231 109 24 3 0 0 rsyslogd [ 1944] 0 1944 4724 51 15 3 0 0 cron [ 1963] 0 1963 3735 45 11 3 0 0 mcstransd [ 1973] 0 1973 12926 1231 26 3 0 0 restorecond [ 1991] 0 1991 12489 152 28 3 0 -1000 sshd [ 2021] 0 2021 3648 41 13 3 0 0 getty [ 2031] 0 2031 17820 198 38 3 0 0 sshd [ 2033] 0 2033 132563 69538 222 5 0 0 syz-fuzzer [ 2970] 0 2970 5401 178 15 3 0 -1000 udevd [ 3661] 0 3661 18114 16 23 3 0 0 syz-executor.1 [ 3662] 0 3662 18113 8739 24 4 0 0 syz-executor.1 [ 3814] 0 3814 18147 8716 26 3 0 1000 syz-executor.1 [ 3822] 0 3822 18213 8725 30 3 0 1000 syz-executor.1 [ 4000] 0 4000 18114 16 23 3 0 0 syz-executor.5 [ 4001] 0 4001 18113 8739 24 4 0 0 syz-executor.5 [ 4575] 0 4575 18245 8724 25 3 0 1000 syz-executor.5 [ 4791] 0 4791 5364 169 15 3 0 -1000 udevd [ 4824] 0 4824 18146 8750 25 4 0 1000 syz-executor.1 [ 4864] 0 4864 18146 8719 25 3 0 1000 syz-executor.5 [ 5832] 0 5832 18146 8718 26 3 0 1000 syz-executor.5 [ 6179] 0 6179 18114 15 23 3 0 0 syz-executor.2 [ 6180] 0 6180 18113 8734 24 4 0 0 syz-executor.2 [ 6568] 0 6568 5364 168 15 3 0 -1000 udevd [ 6707] 0 6707 18114 16 23 3 0 0 syz-executor.3 [ 6708] 0 6708 18113 8735 24 4 0 0 syz-executor.3 [ 6716] 0 6716 18114 16 23 3 0 0 syz-executor.0 [ 6718] 0 6718 18113 8736 24 4 0 0 syz-executor.0 [ 7017] 0 7017 18147 8748 27 4 0 1000 syz-executor.0 [ 7028] 0 7025 18278 6 33 4 0 1000 syz-executor.5 Out of memory: Kill process 4824 (syz-executor.1) score 1004 or sacrifice child Killed process 4824 (syz-executor.1) total-vm:72584kB, anon-rss:160kB, file-rss:34840kB, shmem-rss:0kB lowmemorykiller: Killing 'syz-executor.0' (7017) (tgid 7017), adj 1000, to free 34992kB on behalf of 'syz-executor.5' (7084) because cache 200kB is below limit 6144kB for oom_score_adj 0 Free memory is -25940kB above reserved lowmemorykiller: Killing 'syz-executor.1' (3822) (tgid 3822), adj 1000, to free 34900kB on behalf of 'syz-executor.5' (7084) because cache 260kB is below limit 6144kB for oom_score_adj 0 Free memory is -13292kB above reserved BUG: Bad rss-counter state mm:00000000e19b64c9 idx:0 val:5