INFO: task hung in copy_mnt_ns
6 views
Skip to first unread message
syzbot
Dec 23, 2021, 2:34:24 AM12/23/21
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17642171b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=b32e01d0eacc4f73b49f
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+b32e01...@syzkaller.appspotmail.com
active_file:18 inactive_file:28 isolated_file:17
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18492 slab_unreclaimable:221093
mapped:18177 shmem:5186 pagetables:131087 bounce:0
free:24624 free_pcp:543 free_cma:0
INFO: task syz-executor.2:10595 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10595 8109 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 0 active_anon:1846704kB inactive_anon:19152kB active_file:68kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:72708kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
Node 1 active_anon:2617096kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
Node 0 DMA32 free:33628kB min:35996kB low:44992kB high:53988kB active_anon:1842192kB inactive_anon:19152kB active_file:72kB inactive_file:112kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1876kB local_pcp:480kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617096kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448956kB bounce:0kB free_pcp:436kB local_pcp:348kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
Node 0 DMA32: 111*4kB (ME) 342*8kB (UME) 103*16kB (UME) 190*32kB (UMEH) 97*64kB (UME) 37*128kB (UME) 20*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 33628kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
INFO: task syz-executor.2:10605 blocked for more than 140 seconds.
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28224 10605 8109 0x00000000
Call Trace:
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
5229 total pagecache pages
0 pages in swap cache
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 15293 (syz-executor.2) score 0 or sacrifice child
Killed process 15293 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14080kB, shmem-rss:0kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
oom_reaper: reaped process 15293 (syz-executor.2), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15425 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
slab_alloc_node mm/slab.c:3332 [inline]
kmem_cache_alloc_node+0xe3/0x3b0 mm/slab.c:3647
alloc_task_struct_node kernel/fork.c:157 [inline]
dup_task_struct kernel/fork.c:807 [inline]
copy_process.part.0+0x1ceb/0x8260 kernel/fork.c:1753
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10607 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10607 10595 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
Mem-Info:
active_anon:1115947 inactive_anon:4793 isolated_anon:0
active_file:0 inactive_file:29 isolated_file:12
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18469 slab_unreclaimable:220700
mapped:18153 shmem:5186 pagetables:131057 bounce:0
free:25060 free_pcp:593 free_cma:0
Node 0 active_anon:1846696kB inactive_anon:19152kB active_file:0kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:72612kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Node 1 active_anon:2617092kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Code: Bad RIP value.
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
lowmem_reserve[]: 0 2693 2695 2695 2695
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10608 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Node 0 DMA32 free:35212kB min:35996kB low:44992kB high:53988kB active_anon:1842188kB inactive_anon:19152kB active_file:0kB inactive_file:112kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1952kB local_pcp:1400kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
syz-executor.2 D28576 10608 10599 0x00000000
lowmem_reserve[]: 0 0 0 0 0
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617092kB inactive_anon:20kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448896kB bounce:0kB free_pcp:532kB local_pcp:88kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
Node 0 DMA32: 117*4kB (ME) 475*8kB (UME) 122*16kB (UME) 196*32kB (UMEH) 97*64kB (UME) 36*128kB (UME) 21*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 35340kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5219 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
0 pages cma reserved
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
Out of memory (oom_kill_allocating_task): Kill process 15425 (syz-executor.2) score 0 or sacrifice child
Killed process 15425 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14092kB, shmem-rss:0kB
oom_reaper: reaped process 15425 (syz-executor.2), now anon-rss:0kB, file-rss:14092kB, shmem-rss:0kB
syz-executor.2 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=1000
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15481 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
alloc_pages_vma+0xf2/0x780 mm/mempolicy.c:2161
wp_page_copy+0x219/0x2c40 mm/memory.c:2605
do_wp_page+0x2d4/0x2210 mm/memory.c:2903
handle_pte_fault mm/memory.c:4191 [inline]
__handle_mm_fault+0x258b/0x41c0 mm/memory.c:4299
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
handle_mm_fault+0x436/0xb10 mm/memory.c:4336
__do_page_fault+0x68e/0xd60 arch/x86/mm/fault.c:1412
page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0010:__clear_user+0x40/0x70 arch/x86/lib/usercopy_64.c:23
Code: b7 71 89 e8 52 38 99 f9 0f 01 cb 48 89 d8 48 c1 eb 03 48 89 ef 83 e0 07 48 89 d9 48 85 c9 74 19 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 07 00 00 00 00 48 83 c7 08 ff c9 75 f1 48 89 c1 85 c9 74 0a
RSP: 0000:ffff8881a9fefb20 EFLAGS: 00050202
RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
RDX: 0000000000000000 RSI: ffffffff87f1b25e RDI: 0000000020000980
RBP: 0000000020000980 R08: ffffffff8cd38068 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881a9fe0140
R13: 1ffff110353fdf68 R14: 0000000000000001 R15: 00007ffffffff000
copy_xregs_to_user arch/x86/include/asm/fpu/internal.h:366 [inline]
copy_fpregs_to_sigframe arch/x86/kernel/fpu/signal.c:126 [inline]
copy_fpstate_to_sigframe+0x1a1/0x6b0 arch/x86/kernel/fpu/signal.c:177
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
get_sigframe.constprop.0.isra.0+0x4a6/0x6a0 arch/x86/kernel/signal.c:284
__setup_rt_frame arch/x86/kernel/signal.c:466 [inline]
setup_rt_frame arch/x86/kernel/signal.c:711 [inline]
handle_signal arch/x86/kernel/signal.c:755 [inline]
do_signal+0xa55/0x1670 arch/x86/kernel/signal.c:801
exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163
prepare_exit_to_usermode+0x277/0x2d0 arch/x86/entry/common.c:198
retint_user+0x8/0x18
RIP: 0033:0x7f6cc7c9fea1
Code: Bad RIP value.
RSP: 002b:0000000020000b80 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116457 inactive_anon:4793 isolated_anon:0
active_file:29 inactive_file:28 isolated_file:26
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18442 slab_unreclaimable:220439
mapped:18180 shmem:5186 pagetables:131042 bounce:0
free:25072 free_pcp:434 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:116kB inactive_file:108kB unevictable:0kB isolated(anon):0kB isolated(file):104kB mapped:72720kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:2617088kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
lowmem_reserve[]: 0 2693 2695 2695 2695
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
Node 0 DMA32 free:35512kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:116kB inactive_file:108kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1116kB local_pcp:424kB free_cma:0kB
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
lowmem_reserve[]: 0 0 0 0 0
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10609 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617088kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448836kB bounce:0kB free_pcp:628kB local_pcp:92kB free_cma:0kB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10609 8109 0x00000000
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
Node 0 DMA32: 83*4kB (ME) 498*8kB (UME) 144*16kB (UE) 199*32kB (UEH) 96*64kB (UE) 34*128kB (UE) 20*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 35260kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5298 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 15481 (syz-executor.2) score 0 or sacrifice child
Killed process 15481 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14276kB, shmem-rss:0kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
oom_reaper: reaped process 15481 (syz-executor.2), now anon-rss:0kB, file-rss:14276kB, shmem-rss:0kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 12611 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
slab_alloc_node mm/slab.c:3332 [inline]
kmem_cache_alloc_node+0xe3/0x3b0 mm/slab.c:3647
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
alloc_task_struct_node kernel/fork.c:157 [inline]
dup_task_struct kernel/fork.c:807 [inline]
copy_process.part.0+0x1ceb/0x8260 kernel/fork.c:1753
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116457 inactive_anon:4793 isolated_anon:0
active_file:17 inactive_file:69 isolated_file:17
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18442 slab_unreclaimable:220570
mapped:18194 shmem:5186 pagetables:131106 bounce:0
free:25050 free_pcp:308 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:48kB inactive_file:292kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:72776kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:2617088kB inactive_anon:20kB active_file:20kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
lowmem_reserve[]: 0 2693 2695 2695 2695
RIP: 0033:0x7f6cc7c9fe99
Node 0 DMA32 free:35840kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:48kB inactive_file:192kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75528kB bounce:0kB free_pcp:708kB local_pcp:424kB free_cma:0kB
Code: Bad RIP value.
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53672kB min:53876kB low:67344kB high:80812kB active_anon:2617084kB inactive_anon:20kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247456kB pagetables:448788kB bounce:0kB free_pcp:580kB local_pcp:332kB free_cma:0kB
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10610 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28128 10610 10599 0x00000000
Call Trace:
Node 0 DMA32: 99*4kB (ME) 562*8kB (UME) 174*16kB (UME) 201*32kB (UEH) 97*64kB (UME) 34*128kB (UE) 19*256kB (U) 4*512kB (UM) 2*1024kB (EH) 1*2048kB (M) 0*4096kB = 35676kB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Node 1 Normal: 82*4kB (UME) 88*8kB (UME) 44*16kB (UME) 9*32kB (UME) 7*64kB (ME) 2*128kB (ME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53672kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5278 total pagecache pages
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 12611 (syz-executor.2) score 0 or sacrifice child
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Killed process 15339 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14096kB, shmem-rss:0kB
oom_reaper: reaped process 15339 (syz-executor.2), now anon-rss:0kB, file-rss:14096kB, shmem-rss:0kB
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
syz-executor.2 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 11119 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
alloc_pages_node include/linux/gfp.h:523 [inline]
alloc_thread_stack_node kernel/fork.c:240 [inline]
dup_task_struct kernel/fork.c:811 [inline]
copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116456 inactive_anon:4793 isolated_anon:0
active_file:0 inactive_file:25 isolated_file:70
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18412 slab_unreclaimable:220259
mapped:18200 shmem:5186 pagetables:131091 bounce:0
free:25183 free_pcp:277 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:0kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):280kB mapped:72800kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
Node 1 active_anon:2617084kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
lowmem_reserve[]: 0 2693 2695 2695 2695
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
Node 0 DMA32 free:35420kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:124kB inactive_file:96kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75528kB bounce:0kB free_pcp:228kB local_pcp:0kB free_cma:0kB
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10615 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10615 10599 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
lowmem_reserve[]: 0 0 1 1 1
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53736kB min:53876kB low:67344kB high:80812kB active_anon:2617080kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247584kB pagetables:448840kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
lowmem_reserve[]: 0 0 0 0 0
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10617 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28192 10617 10613 0x00100004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Node 0 DMA32: 109*4kB (UME) 490*8kB (UME) 181*16kB (UME) 203*32kB (UEH) 96*64kB (UE) 35*128kB (UME) 20*256kB (UM) 3*512kB (U) 2*1024kB (EH) 1*2048kB (M) 0*4096kB = 35124kB
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Node 1 Normal: 122*4kB (UME) 90*8kB (UME) 45*16kB (UME) 9*32kB (UME) 7*64kB (ME) 3*128kB (UME) 4*256kB (ME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53736kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
5260 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
2097051 pages RAM
0 pages HighMem/MovableOnly
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246
369649 pages reserved
ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 11119 (syz-executor.2) score 0 or sacrifice child
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
Killed process 12467 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14080kB, shmem-rss:0kB
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
oom_reaper: reaped process 12467 (syz-executor.2), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
INFO: task syz-executor.2:10620 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=0, oom_score_adj=1000
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28128 10620 8109 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15464 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc+0x1e4/0x370 mm/slab.c:3557
anon_vma_chain_alloc mm/rmap.c:129 [inline]
anon_vma_clone+0x32d/0x5e0 mm/rmap.c:273
anon_vma_fork+0x82/0x630 mm/rmap.c:332
dup_mmap kernel/fork.c:504 [inline]
dup_mm kernel/fork.c:1285 [inline]
copy_mm kernel/fork.c:1341 [inline]
copy_process.part.0+0x360f/0x8260 kernel/fork.c:1913
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116456 inactive_anon:4793 isolated_anon:0
active_file:23 inactive_file:30 isolated_file:19
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18406 slab_unreclaimable:220402
mapped:18186 shmem:5186 pagetables:131104 bounce:0
free:24947 free_pcp:93 free_cma:0
Node 0 active_anon:1848744kB inactive_anon:19152kB active_file:92kB inactive_file:116kB unevictable:0kB isolated(anon):0kB isolated(file):76kB mapped:72744kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
----------------
Code disassembly (best guess):
0: b7 71 mov $0x71,%bh
2: 89 e8 mov %ebp,%eax
4: 52 push %rdx
5: 38 99 f9 0f 01 cb cmp %bl,-0x34fef007(%rcx)
b: 48 89 d8 mov %rbx,%rax
e: 48 c1 eb 03 shr $0x3,%rbx
12: 48 89 ef mov %rbp,%rdi
15: 83 e0 07 and $0x7,%eax
18: 48 89 d9 mov %rbx,%rcx
1b: 48 85 c9 test %rcx,%rcx
1e: 74 19 je 0x39
20: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
27: 00 00 00
* 2a: 48 c7 07 00 00 00 00 movq $0x0,(%rdi) <-- trapping instruction
31: 48 83 c7 08 add $0x8,%rdi
35: ff c9 dec %ecx
37: 75 f1 jne 0x2a
39: 48 89 c1 mov %rax,%rcx
3c: 85 c9 test %ecx,%ecx
3e: 74 0a je 0x4a
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=17642171b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=b32e01d0eacc4f73b49f
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+b32e01...@syzkaller.appspotmail.com
active_file:18 inactive_file:28 isolated_file:17
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18492 slab_unreclaimable:221093
mapped:18177 shmem:5186 pagetables:131087 bounce:0
free:24624 free_pcp:543 free_cma:0
INFO: task syz-executor.2:10595 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10595 8109 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 0 active_anon:1846704kB inactive_anon:19152kB active_file:68kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:72708kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
Node 1 active_anon:2617096kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
Node 0 DMA32 free:33628kB min:35996kB low:44992kB high:53988kB active_anon:1842192kB inactive_anon:19152kB active_file:72kB inactive_file:112kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1876kB local_pcp:480kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617096kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448956kB bounce:0kB free_pcp:436kB local_pcp:348kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
Node 0 DMA32: 111*4kB (ME) 342*8kB (UME) 103*16kB (UME) 190*32kB (UMEH) 97*64kB (UME) 37*128kB (UME) 20*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 33628kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
INFO: task syz-executor.2:10605 blocked for more than 140 seconds.
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28224 10605 8109 0x00000000
Call Trace:
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
5229 total pagecache pages
0 pages in swap cache
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 15293 (syz-executor.2) score 0 or sacrifice child
Killed process 15293 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14080kB, shmem-rss:0kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
oom_reaper: reaped process 15293 (syz-executor.2), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15425 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
slab_alloc_node mm/slab.c:3332 [inline]
kmem_cache_alloc_node+0xe3/0x3b0 mm/slab.c:3647
alloc_task_struct_node kernel/fork.c:157 [inline]
dup_task_struct kernel/fork.c:807 [inline]
copy_process.part.0+0x1ceb/0x8260 kernel/fork.c:1753
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10607 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10607 10595 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
Mem-Info:
active_anon:1115947 inactive_anon:4793 isolated_anon:0
active_file:0 inactive_file:29 isolated_file:12
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18469 slab_unreclaimable:220700
mapped:18153 shmem:5186 pagetables:131057 bounce:0
free:25060 free_pcp:593 free_cma:0
Node 0 active_anon:1846696kB inactive_anon:19152kB active_file:0kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:72612kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Node 1 active_anon:2617092kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Code: Bad RIP value.
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
lowmem_reserve[]: 0 2693 2695 2695 2695
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10608 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
Node 0 DMA32 free:35212kB min:35996kB low:44992kB high:53988kB active_anon:1842188kB inactive_anon:19152kB active_file:0kB inactive_file:112kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1952kB local_pcp:1400kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
syz-executor.2 D28576 10608 10599 0x00000000
lowmem_reserve[]: 0 0 0 0 0
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617092kB inactive_anon:20kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448896kB bounce:0kB free_pcp:532kB local_pcp:88kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
Node 0 DMA32: 117*4kB (ME) 475*8kB (UME) 122*16kB (UME) 196*32kB (UMEH) 97*64kB (UME) 36*128kB (UME) 21*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 35340kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5219 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
0 pages cma reserved
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
Out of memory (oom_kill_allocating_task): Kill process 15425 (syz-executor.2) score 0 or sacrifice child
Killed process 15425 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14092kB, shmem-rss:0kB
oom_reaper: reaped process 15425 (syz-executor.2), now anon-rss:0kB, file-rss:14092kB, shmem-rss:0kB
syz-executor.2 invoked oom-killer: gfp_mask=0x6200ca(GFP_HIGHUSER_MOVABLE), nodemask=(null), order=0, oom_score_adj=1000
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15481 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
alloc_pages_vma+0xf2/0x780 mm/mempolicy.c:2161
wp_page_copy+0x219/0x2c40 mm/memory.c:2605
do_wp_page+0x2d4/0x2210 mm/memory.c:2903
handle_pte_fault mm/memory.c:4191 [inline]
__handle_mm_fault+0x258b/0x41c0 mm/memory.c:4299
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
handle_mm_fault+0x436/0xb10 mm/memory.c:4336
__do_page_fault+0x68e/0xd60 arch/x86/mm/fault.c:1412
page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1205
RIP: 0010:__clear_user+0x40/0x70 arch/x86/lib/usercopy_64.c:23
Code: b7 71 89 e8 52 38 99 f9 0f 01 cb 48 89 d8 48 c1 eb 03 48 89 ef 83 e0 07 48 89 d9 48 85 c9 74 19 66 2e 0f 1f 84 00 00 00 00 00 <48> c7 07 00 00 00 00 48 83 c7 08 ff c9 75 f1 48 89 c1 85 c9 74 0a
RSP: 0000:ffff8881a9fefb20 EFLAGS: 00050202
RAX: 0000000000000000 RBX: 0000000000000008 RCX: 0000000000000008
RDX: 0000000000000000 RSI: ffffffff87f1b25e RDI: 0000000020000980
RBP: 0000000020000980 R08: ffffffff8cd38068 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8881a9fe0140
R13: 1ffff110353fdf68 R14: 0000000000000001 R15: 00007ffffffff000
copy_xregs_to_user arch/x86/include/asm/fpu/internal.h:366 [inline]
copy_fpregs_to_sigframe arch/x86/kernel/fpu/signal.c:126 [inline]
copy_fpstate_to_sigframe+0x1a1/0x6b0 arch/x86/kernel/fpu/signal.c:177
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
get_sigframe.constprop.0.isra.0+0x4a6/0x6a0 arch/x86/kernel/signal.c:284
__setup_rt_frame arch/x86/kernel/signal.c:466 [inline]
setup_rt_frame arch/x86/kernel/signal.c:711 [inline]
handle_signal arch/x86/kernel/signal.c:755 [inline]
do_signal+0xa55/0x1670 arch/x86/kernel/signal.c:801
exit_to_usermode_loop+0x204/0x2a0 arch/x86/entry/common.c:163
prepare_exit_to_usermode+0x277/0x2d0 arch/x86/entry/common.c:198
retint_user+0x8/0x18
RIP: 0033:0x7f6cc7c9fea1
Code: Bad RIP value.
RSP: 002b:0000000020000b80 EFLAGS: 00010217
RAX: 0000000000000000 RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116457 inactive_anon:4793 isolated_anon:0
active_file:29 inactive_file:28 isolated_file:26
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18442 slab_unreclaimable:220439
mapped:18180 shmem:5186 pagetables:131042 bounce:0
free:25072 free_pcp:434 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:116kB inactive_file:108kB unevictable:0kB isolated(anon):0kB isolated(file):104kB mapped:72720kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:2617088kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
lowmem_reserve[]: 0 2693 2695 2695 2695
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
Node 0 DMA32 free:35512kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:116kB inactive_file:108kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75284kB bounce:0kB free_pcp:1116kB local_pcp:424kB free_cma:0kB
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
lowmem_reserve[]: 0 0 0 0 0
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10609 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
Node 1 Normal free:53804kB min:53876kB low:67344kB high:80812kB active_anon:2617088kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247264kB pagetables:448836kB bounce:0kB free_pcp:628kB local_pcp:92kB free_cma:0kB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10609 8109 0x00000000
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
Node 0 DMA32: 83*4kB (ME) 498*8kB (UME) 144*16kB (UE) 199*32kB (UEH) 96*64kB (UE) 34*128kB (UE) 20*256kB (UM) 3*512kB (U) 3*1024kB (MEH) 1*2048kB (M) 0*4096kB = 35260kB
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 1 Normal: 121*4kB (UME) 75*8kB (UME) 37*16kB (UME) 9*32kB (UME) 8*64kB (UME) 3*128kB (UME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53804kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5298 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 15481 (syz-executor.2) score 0 or sacrifice child
Killed process 15481 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14276kB, shmem-rss:0kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
oom_reaper: reaped process 15481 (syz-executor.2), now anon-rss:0kB, file-rss:14276kB, shmem-rss:0kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 12611 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
slab_alloc_node mm/slab.c:3332 [inline]
kmem_cache_alloc_node+0xe3/0x3b0 mm/slab.c:3647
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
alloc_task_struct_node kernel/fork.c:157 [inline]
dup_task_struct kernel/fork.c:807 [inline]
copy_process.part.0+0x1ceb/0x8260 kernel/fork.c:1753
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116457 inactive_anon:4793 isolated_anon:0
active_file:17 inactive_file:69 isolated_file:17
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18442 slab_unreclaimable:220570
mapped:18194 shmem:5186 pagetables:131106 bounce:0
free:25050 free_pcp:308 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:48kB inactive_file:292kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:72776kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:2617088kB inactive_anon:20kB active_file:20kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
lowmem_reserve[]: 0 2693 2695 2695 2695
RIP: 0033:0x7f6cc7c9fe99
Node 0 DMA32 free:35840kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:48kB inactive_file:192kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75528kB bounce:0kB free_pcp:708kB local_pcp:424kB free_cma:0kB
Code: Bad RIP value.
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53672kB min:53876kB low:67344kB high:80812kB active_anon:2617084kB inactive_anon:20kB active_file:0kB inactive_file:12kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247456kB pagetables:448788kB bounce:0kB free_pcp:580kB local_pcp:332kB free_cma:0kB
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10610 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28128 10610 10599 0x00000000
Call Trace:
Node 0 DMA32: 99*4kB (ME) 562*8kB (UME) 174*16kB (UME) 201*32kB (UEH) 97*64kB (UME) 34*128kB (UE) 19*256kB (U) 4*512kB (UM) 2*1024kB (EH) 1*2048kB (M) 0*4096kB = 35676kB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Node 1 Normal: 82*4kB (UME) 88*8kB (UME) 44*16kB (UME) 9*32kB (UME) 7*64kB (ME) 2*128kB (ME) 5*256kB (UME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53672kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
5278 total pagecache pages
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
369649 pages reserved
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 12611 (syz-executor.2) score 0 or sacrifice child
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Killed process 15339 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14096kB, shmem-rss:0kB
oom_reaper: reaped process 15339 (syz-executor.2), now anon-rss:0kB, file-rss:14096kB, shmem-rss:0kB
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
syz-executor.2 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 11119 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
alloc_pages_node include/linux/gfp.h:523 [inline]
alloc_thread_stack_node kernel/fork.c:240 [inline]
dup_task_struct kernel/fork.c:811 [inline]
copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116456 inactive_anon:4793 isolated_anon:0
active_file:0 inactive_file:25 isolated_file:70
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18412 slab_unreclaimable:220259
mapped:18200 shmem:5186 pagetables:131091 bounce:0
free:25183 free_pcp:277 free_cma:0
Node 0 active_anon:1848740kB inactive_anon:19152kB active_file:0kB inactive_file:96kB unevictable:0kB isolated(anon):0kB isolated(file):280kB mapped:72800kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
Node 1 active_anon:2617084kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:24kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
Node 0 DMA free:10964kB min:204kB low:252kB high:300kB active_anon:4508kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:128kB pagetables:48kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
lowmem_reserve[]: 0 2693 2695 2695 2695
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
Node 0 DMA32 free:35420kB min:35996kB low:44992kB high:53988kB active_anon:1844232kB inactive_anon:19152kB active_file:124kB inactive_file:96kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:39680kB pagetables:75528kB bounce:0kB free_pcp:228kB local_pcp:0kB free_cma:0kB
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10615 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28576 10615 10599 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
lowmem_reserve[]: 0 0 1 1 1
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53736kB min:53876kB low:67344kB high:80812kB active_anon:2617080kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:247584kB pagetables:448840kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
lowmem_reserve[]: 0 0 0 0 0
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
INFO: task syz-executor.2:10617 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28192 10617 10613 0x00100004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
Node 0 DMA: 1*4kB (M) 0*8kB 1*16kB (U) 2*32kB (UM) 2*64kB (UM) 0*128kB 0*256kB 1*512kB (M) 2*1024kB (UM) 0*2048kB 2*4096kB (M) = 10964kB
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
create_new_namespaces+0xd6/0x7b0 kernel/nsproxy.c:75
Node 0 DMA32: 109*4kB (UME) 490*8kB (UME) 181*16kB (UME) 203*32kB (UEH) 96*64kB (UE) 35*128kB (UME) 20*256kB (UM) 3*512kB (U) 2*1024kB (EH) 1*2048kB (M) 0*4096kB = 35124kB
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
Node 1 Normal: 122*4kB (UME) 90*8kB (UME) 45*16kB (UME) 9*32kB (UME) 7*64kB (ME) 3*128kB (UME) 4*256kB (ME) 3*512kB (UM) 1*1024kB (M) 1*2048kB (U) 11*4096kB (M) = 53736kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
5260 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
2097051 pages RAM
0 pages HighMem/MovableOnly
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246
369649 pages reserved
ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
0 pages cma reserved
Out of memory (oom_kill_allocating_task): Kill process 11119 (syz-executor.2) score 0 or sacrifice child
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
Killed process 12467 (syz-executor.2) total-vm:57328kB, anon-rss:2468kB, file-rss:14080kB, shmem-rss:0kB
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
oom_reaper: reaped process 12467 (syz-executor.2), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
INFO: task syz-executor.2:10620 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
syz-executor.2 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=0, oom_score_adj=1000
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.2 D28128 10620 8109 0x00000000
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
syz-executor.2 cpuset=/ mems_allowed=0-1
CPU: 1 PID: 15464 Comm: syz-executor.2 Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__rwsem_down_write_failed_common kernel/locking/rwsem-xadd.c:589 [inline]
rwsem_down_write_failed+0x3aa/0x760 kernel/locking/rwsem-xadd.c:618
call_rwsem_down_write_failed+0x13/0x20 arch/x86/lib/rwsem.S:117
__down_write arch/x86/include/asm/rwsem.h:142 [inline]
down_write+0x4f/0x90 kernel/locking/rwsem.c:72
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc+0x1e4/0x370 mm/slab.c:3557
anon_vma_chain_alloc mm/rmap.c:129 [inline]
anon_vma_clone+0x32d/0x5e0 mm/rmap.c:273
anon_vma_fork+0x82/0x630 mm/rmap.c:332
dup_mmap kernel/fork.c:504 [inline]
dup_mm kernel/fork.c:1285 [inline]
copy_mm kernel/fork.c:1341 [inline]
copy_process.part.0+0x360f/0x8260 kernel/fork.c:1913
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
namespace_lock fs/namespace.c:1370 [inline]
copy_mnt_ns+0x15d/0xad0 fs/namespace.c:2915
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f6cc7c9fe99
Code: Bad RIP value.
RSP: 002b:00007f6cc65b2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f6cc7db31d0 RCX: 00007f6cc7c9fe99
RDX: 0000000020000000 RSI: 0000000020000b80 RDI: 0000000004060000
RBP: 00007f6cc7cf9ff1 R08: 0000000020001b80 R09: 0000000000000000
R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffcd07518ff R14: 00007f6cc65b2300 R15: 0000000000022000
Mem-Info:
active_anon:1116456 inactive_anon:4793 isolated_anon:0
active_file:23 inactive_file:30 isolated_file:19
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:18406 slab_unreclaimable:220402
mapped:18186 shmem:5186 pagetables:131104 bounce:0
free:24947 free_pcp:93 free_cma:0
Node 0 active_anon:1848744kB inactive_anon:19152kB active_file:92kB inactive_file:116kB unevictable:0kB isolated(anon):0kB isolated(file):76kB mapped:72744kB dirty:0kB writeback:0kB shmem:20720kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1683456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
----------------
Code disassembly (best guess):
0: b7 71 mov $0x71,%bh
2: 89 e8 mov %ebp,%eax
4: 52 push %rdx
5: 38 99 f9 0f 01 cb cmp %bl,-0x34fef007(%rcx)
b: 48 89 d8 mov %rbx,%rax
e: 48 c1 eb 03 shr $0x3,%rbx
12: 48 89 ef mov %rbp,%rdi
15: 83 e0 07 and $0x7,%eax
18: 48 89 d9 mov %rbx,%rcx
1b: 48 85 c9 test %rcx,%rcx
1e: 74 19 je 0x39
20: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1)
27: 00 00 00
* 2a: 48 c7 07 00 00 00 00 movq $0x0,(%rdi) <-- trapping instruction
31: 48 83 c7 08 add $0x8,%rdi
35: ff c9 dec %ecx
37: 75 f1 jne 0x2a
39: 48 89 c1 mov %rax,%rcx
3c: 85 c9 test %ecx,%ecx
3e: 74 0a je 0x4a
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
May 20, 2022, 7:54:13 AM5/20/22
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages