| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Dec 2017 01:30:01 -0800
From: syzbot
<bot+9e0ef025083c1f074bfc47b0c2f3bd112bf5b801@...kaller.appspotmail.com>
To: davem@...emloft.net, dsa@...ulusnetworks.com,
gregkh@...uxfoundation.org, jiri@...lanox.com,
johannes.berg@...el.com, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, sgruszka@...hat.com,
syzkaller-bugs@...glegroups.com, tglx@...utronix.de
Subject: possible deadlock in genl_rcv
Hello,
syzkaller hit the following crash on
968edbd93c0cbb40ab48aca972392d377713a0c3
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/master
compiler: gcc (GCC) 7.1.1 20170620
.config is attached
Raw console output is attached.
Unfortunately, I don't have any reproducer for this bug yet.
Own node address <128.1656.2950>, network identity 4711
======================================================
WARNING: possible circular locking dependency detected
4.15.0-rc2+ #122 Not tainted
------------------------------------------------------
syz-executor5/14751 is trying to acquire lock:
(cb_lock){++++}, at: [<00000000faf7628c>] genl_rcv+0x19/0x40
net/netlink/genetlink.c:634
but task is already holding lock:
(&pipe->mutex/1){+.+.}, at: [<00000000609357e3>] pipe_lock_nested
fs/pipe.c:67 [inline]
(&pipe->mutex/1){+.+.}, at: [<00000000609357e3>] pipe_lock+0x56/0x70
fs/pipe.c:75
which lock already depends on the new lock.
the existing dependency chain (in reverse order) is:
-> #8 (&pipe->mutex/1){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
pipe_lock_nested fs/pipe.c:67 [inline]
pipe_lock+0x56/0x70 fs/pipe.c:75
iter_file_splice_write+0x264/0xf30 fs/splice.c:699
do_splice_from fs/splice.c:851 [inline]
do_splice fs/splice.c:1147 [inline]
SYSC_splice fs/splice.c:1402 [inline]
SyS_splice+0x7d5/0x1630 fs/splice.c:1382
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
-> #7 (sb_writers){.+.+}:
fs_reclaim_acquire+0x14/0x20 mm/page_alloc.c:3592
slab_pre_alloc_hook mm/slab.h:416 [inline]
slab_alloc mm/slab.c:3371 [inline]
kmem_cache_alloc+0x29/0x760 mm/slab.c:3545
getname_kernel+0x54/0x340 fs/namei.c:218
kern_path_locked+0x83/0x350 fs/namei.c:2404
handle_remove+0xbe/0xb60 drivers/base/devtmpfs.c:306
-> #6 ((completion)&req.done){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
complete_acquire include/linux/completion.h:40 [inline]
__wait_for_common kernel/sched/completion.c:109 [inline]
wait_for_common kernel/sched/completion.c:123 [inline]
wait_for_completion+0xcb/0x7b0 kernel/sched/completion.c:144
devtmpfs_create_node+0x32b/0x4a0 drivers/base/devtmpfs.c:115
device_add+0x120f/0x1640 drivers/base/core.c:1824
device_create_groups_vargs+0x1f3/0x250 drivers/base/core.c:2430
device_create_vargs drivers/base/core.c:2470 [inline]
device_create+0xda/0x110 drivers/base/core.c:2506
msr_device_create+0x26/0x40 arch/x86/kernel/msr.c:188
cpuhp_invoke_callback+0x2ea/0x1d20 kernel/cpu.c:182
cpuhp_thread_fun+0x48e/0x7e0 kernel/cpu.c:571
smpboot_thread_fn+0x450/0x7c0 kernel/smpboot.c:164
kthread+0x37a/0x440 kernel/kthread.c:238
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:441
-> #5 (cpuhp_state-up){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
cpuhp_lock_acquire kernel/cpu.c:85 [inline]
cpuhp_invoke_ap_callback kernel/cpu.c:605 [inline]
cpuhp_issue_call+0x1e5/0x520 kernel/cpu.c:1495
__cpuhp_setup_state_cpuslocked+0x282/0x600 kernel/cpu.c:1642
__cpuhp_setup_state+0xb0/0x140 kernel/cpu.c:1671
cpuhp_setup_state include/linux/cpuhotplug.h:201 [inline]
page_writeback_init+0x4d/0x71 mm/page-writeback.c:2081
pagecache_init+0x48/0x4f mm/filemap.c:977
start_kernel+0x6bc/0x74f init/main.c:690
x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378
x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:237
-> #4 (cpuhp_state_mutex){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
__cpuhp_setup_state_cpuslocked+0x5b/0x600 kernel/cpu.c:1617
__cpuhp_setup_state+0xb0/0x140 kernel/cpu.c:1671
cpuhp_setup_state_nocalls include/linux/cpuhotplug.h:229 [inline]
kvm_guest_init+0x1f3/0x20f arch/x86/kernel/kvm.c:528
setup_arch+0x17e8/0x1a02 arch/x86/kernel/setup.c:1266
start_kernel+0xa5/0x74f init/main.c:530
x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378
x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359
secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:237
-> #3 (cpu_hotplug_lock.rw_sem){++++}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
percpu_down_read_preempt_disable include/linux/percpu-rwsem.h:36
[inline]
percpu_down_read include/linux/percpu-rwsem.h:59 [inline]
cpus_read_lock+0x42/0x90 kernel/cpu.c:293
get_online_cpus include/linux/cpu.h:117 [inline]
flush_all_backlogs net/core/dev.c:4664 [inline]
rollback_registered_many+0x58b/0xdf0 net/core/dev.c:7229
rollback_registered+0x1be/0x3c0 net/core/dev.c:7285
unregister_netdevice_queue+0x2e3/0x5d0 net/core/dev.c:8273
unregister_netdevice include/linux/netdevice.h:2462 [inline]
__tun_detach+0x1177/0x1550 drivers/net/tun.c:658
tun_detach drivers/net/tun.c:669 [inline]
tun_chr_close+0x44/0x60 drivers/net/tun.c:2861
__fput+0x333/0x7f0 fs/file_table.c:210
____fput+0x15/0x20 fs/file_table.c:244
task_work_run+0x199/0x270 kernel/task_work.c:113
exit_task_work include/linux/task_work.h:22 [inline]
do_exit+0x9bb/0x1ae0 kernel/exit.c:865
do_group_exit+0x149/0x400 kernel/exit.c:968
SYSC_exit_group kernel/exit.c:979 [inline]
SyS_exit_group+0x1d/0x20 kernel/exit.c:977
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
-> #2 (rtnl_mutex){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
rtnl_lock+0x17/0x20 net/core/rtnetlink.c:72
tipc_nl_node_dump_monitor+0x222/0x410 net/tipc/node.c:2156
genl_lock_dumpit+0x68/0x90 net/netlink/genetlink.c:480
netlink_dump+0x48c/0xce0 net/netlink/af_netlink.c:2186
__netlink_dump_start+0x4f0/0x6d0 net/netlink/af_netlink.c:2283
genl_family_rcv_msg+0xd27/0xfc0 net/netlink/genetlink.c:548
genl_rcv_msg+0xb2/0x140 net/netlink/genetlink.c:624
netlink_rcv_skb+0x216/0x440 net/netlink/af_netlink.c:2405
genl_rcv+0x28/0x40 net/netlink/genetlink.c:635
netlink_unicast_kernel net/netlink/af_netlink.c:1272 [inline]
netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1298
netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1861
sock_sendmsg_nosec net/socket.c:632 [inline]
sock_sendmsg+0xca/0x110 net/socket.c:642
___sys_sendmsg+0x75b/0x8a0 net/socket.c:2048
__sys_sendmsg+0xe5/0x210 net/socket.c:2082
C_SYSC_sendmsg net/compat.c:739 [inline]
compat_SyS_sendmsg+0x2a/0x40 net/compat.c:737
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
-> #1 (genl_mutex){+.+.}:
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
__mutex_lock_common kernel/locking/mutex.c:756 [inline]
__mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893
mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908
genl_lock net/netlink/genetlink.c:33 [inline]
genl_lock_all net/netlink/genetlink.c:54 [inline]
genl_register_family+0x267/0x13b0 net/netlink/genetlink.c:331
genl_init+0x16/0x57 net/netlink/genetlink.c:1044
do_one_initcall+0x9e/0x330 init/main.c:826
do_initcall_level init/main.c:892 [inline]
do_initcalls init/main.c:900 [inline]
do_basic_setup init/main.c:918 [inline]
kernel_init_freeable+0x469/0x521 init/main.c:1066
kernel_init+0x13/0x172 init/main.c:993
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:441
-> #0 (cb_lock){++++}:
check_prevs_add kernel/locking/lockdep.c:2031 [inline]
validate_chain kernel/locking/lockdep.c:2473 [inline]
__lock_acquire+0x3498/0x47f0 kernel/locking/lockdep.c:3500
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
down_read+0x96/0x150 kernel/locking/rwsem.c:24
genl_rcv+0x19/0x40 net/netlink/genetlink.c:634
netlink_unicast_kernel net/netlink/af_netlink.c:1272 [inline]
netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1298
netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1861
sock_sendmsg_nosec net/socket.c:632 [inline]
sock_sendmsg+0xca/0x110 net/socket.c:642
kernel_sendmsg+0x47/0x60 net/socket.c:650
sock_no_sendpage+0x1cc/0x280 net/core/sock.c:2571
kernel_sendpage+0x8d/0xe0 net/socket.c:3386
sock_sendpage+0x92/0xc0 net/socket.c:857
pipe_to_sendpage+0x290/0x3b0 fs/splice.c:451
splice_from_pipe_feed fs/splice.c:502 [inline]
__splice_from_pipe+0x328/0x730 fs/splice.c:626
splice_from_pipe+0x1e9/0x330 fs/splice.c:661
generic_splice_sendpage+0x40/0x50 fs/splice.c:832
do_splice_from fs/splice.c:851 [inline]
do_splice fs/splice.c:1147 [inline]
SYSC_splice fs/splice.c:1402 [inline]
SyS_splice+0x7d5/0x1630 fs/splice.c:1382
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
other info that might help us debug this:
Chain exists of:
cb_lock --> sb_writers --> &pipe->mutex/1
Possible unsafe locking scenario:
CPU0 CPU1
---- ----
lock(&pipe->mutex/1);
lock(sb_writers);
lock(&pipe->mutex/1);
lock(cb_lock);
*** DEADLOCK ***
1 lock held by syz-executor5/14751:
#0: (&pipe->mutex/1){+.+.}, at: [<00000000609357e3>] pipe_lock_nested
fs/pipe.c:67 [inline]
#0: (&pipe->mutex/1){+.+.}, at: [<00000000609357e3>] pipe_lock+0x56/0x70
fs/pipe.c:75
stack backtrace:
CPU: 0 PID: 14751 Comm: syz-executor5 Not tainted 4.15.0-rc2+ #122
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:53
print_circular_bug+0x42d/0x610 kernel/locking/lockdep.c:1271
check_prev_add+0x666/0x15f0 kernel/locking/lockdep.c:1914
check_prevs_add kernel/locking/lockdep.c:2031 [inline]
validate_chain kernel/locking/lockdep.c:2473 [inline]
__lock_acquire+0x3498/0x47f0 kernel/locking/lockdep.c:3500
lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004
down_read+0x96/0x150 kernel/locking/rwsem.c:24
genl_rcv+0x19/0x40 net/netlink/genetlink.c:634
netlink_unicast_kernel net/netlink/af_netlink.c:1272 [inline]
netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1298
netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1861
sock_sendmsg_nosec net/socket.c:632 [inline]
sock_sendmsg+0xca/0x110 net/socket.c:642
kernel_sendmsg+0x47/0x60 net/socket.c:650
sock_no_sendpage+0x1cc/0x280 net/core/sock.c:2571
kernel_sendpage+0x8d/0xe0 net/socket.c:3386
sock_sendpage+0x92/0xc0 net/socket.c:857
pipe_to_sendpage+0x290/0x3b0 fs/splice.c:451
splice_from_pipe_feed fs/splice.c:502 [inline]
__splice_from_pipe+0x328/0x730 fs/splice.c:626
splice_from_pipe+0x1e9/0x330 fs/splice.c:661
generic_splice_sendpage+0x40/0x50 fs/splice.c:832
do_splice_from fs/splice.c:851 [inline]
do_splice fs/splice.c:1147 [inline]
SYSC_splice fs/splice.c:1402 [inline]
SyS_splice+0x7d5/0x1630 fs/splice.c:1382
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
RIP: 0023:0xf7fb6c79
RSP: 002b:00000000f77b208c EFLAGS: 00000296 ORIG_RAX: 0000000000000139
RAX: ffffffffffffffda RBX: 0000000000000016 RCX: 0000000000000000
RDX: 0000000000000014 RSI: 0000000000000000 RDI: 0000000000005516
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
QAT: Invalid ioctl
QAT: Invalid ioctl
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 1 PID: 15128 Comm: syz-executor7 Not tainted 4.15.0-rc2+ #122
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:53
fail_dump lib/fault-inject.c:51 [inline]
should_fail+0x8c0/0xa40 lib/fault-inject.c:149
should_failslab+0xec/0x120 mm/failslab.c:32
slab_pre_alloc_hook mm/slab.h:421 [inline]
slab_alloc mm/slab.c:3371 [inline]
kmem_cache_alloc+0x47/0x760 mm/slab.c:3545
kmem_cache_zalloc include/linux/slab.h:678 [inline]
alloc_mm_slot mm/ksm.c:397 [inline]
__ksm_enter+0xb6/0x6b0 mm/ksm.c:2411
ksm_madvise+0x1c2/0x250 mm/ksm.c:2381
madvise_behavior mm/madvise.c:107 [inline]
madvise_vma mm/madvise.c:690 [inline]
SYSC_madvise mm/madvise.c:863 [inline]
SyS_madvise+0xcba/0x13d0 mm/madvise.c:791
do_syscall_32_irqs_on arch/x86/entry/common.c:327 [inline]
do_fast_syscall_32+0x3ee/0xf9d arch/x86/entry/common.c:389
entry_SYSENTER_compat+0x51/0x60 arch/x86/entry/entry_64_compat.S:125
RIP: 0023:0xf7fadc79
RSP: 002b:00000000f77a908c EFLAGS: 00000296 ORIG_RAX: 00000000000000db
RAX: ffffffffffffffda RBX: 0000000020220000 RCX: 0000000000004000
RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
unregister_netdevice: waiting for lo to become free. Usage count = 1
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 1 PID: 15540 Comm: syz-executor5 Not tainted 4.15.0-rc2+ #122
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:53
fail_dump lib/fault-inject.c:51 [inline]
should_fail+0x8c0/0xa40 lib/fault-inject.c:149
should_failslab+0xec/0x120 mm/failslab.c:32
slab_pre_alloc_hook mm/slab.h:421 [inline]
slab_alloc mm/slab.c:3371 [inline]
kmem_cache_alloc+0x47/0x760 mm/slab.c:3545
kmem_cache_zalloc include/linux/slab.h:678 [inline]
alloc_mm_slot mm/khugepaged.c:369 [inline]
__khugepaged_enter+0xbd/0x540 mm/khugepaged.c:405
khugepaged_enter include/linux/khugepaged.h:54 [inline]
do_huge_pmd_anonymous_page+0x10d9/0x1b00 mm/huge_memory.c:680
create_huge_pmd mm/memory.c:3828 [inline]
__handle_mm_fault+0x1b9f/0x3e20 mm/memory.c:4031
handle_mm_fault+0x334/0x8d0 mm/memory.c:4097
__do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1429
do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504
page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1094
RIP: 0023:0x8049169
RSP: 002b:00000000f77b2040 EFLAGS: 00010246
RAX: 0000000020000000 RBX: 0000000008168020 RCX: 00000000d6aff519
RDX: 00000000f77b2a88 RSI: 0000000000000557 RDI: 00000000f77b2b28
RBP: 0000000008110094 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
syz-executor5 invoked oom-killer: gfp_mask=0x0(), nodemask=(null), order=0,
oom_score_adj=0
syz-executor5 cpuset=/ mems_allowed=0
CPU: 1 PID: 15540 Comm: syz-executor5 Not tainted 4.15.0-rc2+ #122
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0x194/0x257 lib/dump_stack.c:53
dump_header+0x28c/0xe1e mm/oom_kill.c:437
oom_kill_process+0x8b5/0x14a0 mm/oom_kill.c:863
out_of_memory+0x86d/0x1220 mm/oom_kill.c:1077
pagefault_out_of_memory+0x135/0x152 mm/oom_kill.c:1108
mm_fault_error+0xd6/0x2c0 arch/x86/mm/fault.c:1053
__do_page_fault+0xb4d/0xc90 arch/x86/mm/fault.c:1457
do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504
page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1094
RIP: 0023:0x8049169
RSP: 002b:00000000f77b2040 EFLAGS: 00010246
RAX: 0000000020000000 RBX: 0000000008168020 RCX: 00000000d6aff519
RDX: 00000000f77b2a88 RSI: 0000000000000557 RDI: 00000000f77b2b28
RBP: 0000000008110094 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Mem-Info:
active_anon:109047 inactive_anon:58 isolated_anon:0
active_file:3762 inactive_file:7284 isolated_file:0
unevictable:0 dirty:192 writeback:0 unstable:0
slab_reclaimable:8931 slab_unreclaimable:94174
mapped:22932 shmem:206 pagetables:805 bounce:0
free:1384999 free_pcp:458 free_cma:0
Node 0 active_anon:446452kB inactive_anon:232kB active_file:15048kB
inactive_file:29136kB unevictable:0kB isolated(anon):0kB isolated(file):0kB
mapped:91728kB dirty:768kB writeback:0kB shmem:824kB shmem_thp: 0kB
shmem_pmdmapped: 0kB anon_thp: 43008kB writeback_tmp:0kB unstable:0kB
all_unreclaimable? no
Node 0 DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB
inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB
writepending:0kB present:15992kB managed:15908kB mlocked:0kB
kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB
free_cma:0kB
lowmem_reserve[]: 0 2882 6395 6395
Node 0 DMA32 free:2953180kB min:30384kB low:37980kB high:45576kB
active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB
unevictable:0kB writepending:0kB present:3129332kB managed:2953948kB
mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:760kB
local_pcp:136kB free_cma:0kB
lowmem_reserve[]: 0 0 3513 3513
Node 0 Normal free:2563176kB min:37032kB low:46288kB high:55544kB
active_anon:444368kB inactive_anon:232kB active_file:15048kB
inactive_file:29136kB unevictable:0kB writepending:768kB present:4718592kB
managed:3597640kB mlocked:0kB kernel_stack:4288kB pagetables:3220kB
bounce:0kB free_pcp:980kB local_pcp:340kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U)
1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 3*4kB (M) 2*8kB (UM) 2*16kB (M) 3*32kB (UM) 3*64kB (UM)
3*128kB (M) 5*256kB (UM) 4*512kB (UM) 2*1024kB (UM) 3*2048kB (UM)
718*4096kB (M) = 2953180kB
Node 0 Normal: 113*4kB (UME) 502*8kB (UME) 845*16kB (UME) 415*32kB (UME)
969*64kB (UM) 256*128kB (M) 54*256kB (M) 3*512kB (ME) 5*1024kB (UM)
3*2048kB (UM) 588*4096kB (UM) = 2561124kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0
hugepages_size=2048kB
11251 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
324105 pages reserved
[ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj
name
[ 1601] 0 1601 5366 635 90112 0 -1000 udevd
[ 2862] 0 2862 2493 796 49152 0 0
dhclient
[ 2993] 0 2993 14265 750 110592 0 0
rsyslogd
[ 3048] 0 3048 4725 497 81920 0 0 cron
[ 3066] 0 3066 3735 44 69632 0 0
mcstransd
[ 3076] 0 3076 12927 1542 139264 0 0
restorecond
[ 3094] 0 3094 12490 798 139264 0 -1000 sshd
[ 3118] 0 3118 3694 471 69632 0 0 getty
[ 3119] 0 3119 3694 476 73728 0 0 getty
[ 3120] 0 3120 3694 473 73728 0 0 getty
[ 3121] 0 3121 3694 463 73728 0 0 getty
[ 3122] 0 3122 3694 446 73728 0 0 getty
[ 3123] 0 3123 3694 446 73728 0 0 getty
[ 3124] 0 3124 3649 450 73728 0 0 getty
[ 3142] 0 3142 17821 1331 188416 0 0 sshd
[ 3144] 0 3144 183720 103940 1200128 0 0
syz-fuzzer
[ 3187] 0 3187 7286 184 53248 0 0
syz-executor7
[ 3188] 0 3188 7286 185 53248 0 0
syz-executor0
[ 3189] 0 3189 7286 186 53248 0 0
syz-executor5
[ 3191] 0 3191 7286 185 49152 0 0
syz-executor6
[ 3194] 0 3194 7286 186 53248 0 0
syz-executor4
[ 3201] 0 3201 7286 184 53248 0 0
syz-executor1
[ 3203] 0 3203 7286 185 53248 0 0
syz-executor3
[ 3230] 0 3230 5381 610 81920 0 -1000 udevd
[ 3242] 0 3242 5365 598 81920 0 -1000 udevd
[ 3353] 0 3353 7286 2244 61440 0 0
syz-executor7
[ 3374] 0 3374 7286 2244 61440 0 0
syz-executor5
[ 3377] 0 3377 7286 2243 61440 0 0
syz-executor0
[ 3378] 0 3378 7286 2241 57344 0 0
syz-executor6
[ 3389] 0 3389 7286 2242 61440 0 0
syz-executor1
[ 3390] 0 3390 7286 2246 61440 0 0
syz-executor4
[ 3393] 0 3393 7286 2241 61440 0 0
syz-executor3
[ 4328] 0 4328 7286 185 53248 0 0
syz-executor2
[ 4420] 0 4420 7286 2243 61440 0 0
syz-executor2
[15540] 0 15530 11414 2191 65536 0 0
syz-executor5
Out of memory: Kill process 3144 (syz-fuzzer) score 61 or sacrifice child
Killed process 3189 (syz-executor5) total-vm:29144kB, anon-rss:56kB,
file-rss:688kB, shmem-rss:0kB
oom_reaper: reaped process 3189 (syz-executor5), now anon-rss:0kB,
file-rss:0kB, shmem-rss:0kB
---
This bug is generated by a dumb bot. It may contain errors.
See https://goo.gl/tpsmEJ for details.
Direct all questions to syzkaller@...glegroups.com.
Please credit me with: Reported-by: syzbot <syzkaller@...glegroups.com>
syzbot will keep track of this bug report.
Once a fix for this bug is merged into any tree, reply to this email with:
#syz fix: exact-commit-title
To mark this as a duplicate of another syzbot report, please reply with:
#syz dup: exact-subject-of-another-report
If it's a one-off invalid bug report, please reply with:
#syz invalid
Note: if the crash happens again, it will cause creation of a new bug
report.
Note: all commands must start from beginning of the line in the email body.
View attachment "config.txt" of type "text/plain" (126475 bytes)
Download attachment "raw.log" of type "application/octet-stream" (1048576 bytes)
Powered by blists - more mailing lists