[Devel] invalid victim pointer in oom context

Denis Kirjanov dkirjanov at cloudlinux.com
Thu May 24 16:22:42 MSK 2018 

Hi guys,

We're seeing kernel crashes  while dumping kernel stack durring OOM timeout.
Here we see that the victim pointer is not valid.

Is it known issue?

[2725959.095523] RIP: 0010:[<ffffffff8102e52f>]  [<ffffffff8102e52f>]
dump_trace+0x1df/0x2d0
[2725959.096079] RSP: 0000:ffff8803020abcb0  EFLAGS: 00010283
[2725959.096741] RAX: 0000000000000000 RBX: ffffffff816ba7a0 RCX:
0000000000000002
[2725959.097340] RDX: 0000000000000002 RSI: 0000000000000000 RDI:
ffff88022c838000
[2725959.097909] RBP: ffff8803020abd20 R08: ffff88086fc80000 R09:
ffffffff81917c27
[2725959.098465] R10: 0000000000000000 R11: ffff8803020aba1e R12:
ffff88022c838000
[2725959.099026] R13: ffff8803020abd20 R14: 0000000000000000 R15:
0000000000000000
[2725959.099596] FS:  00007f16a6c46840(0000) GS:ffff88086fc80000(0000)
knlGS:0000000000000000
[2725959.100214] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[2725959.100813] CR2: 0000000000000000 CR3: 00000004e3c52000 CR4:
00000000003607e0
[2725959.101427] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[2725959.102044] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[2725959.102609] Call Trace:
[2725959.103165]  [<ffffffff8108bcd6>] ? vprintk_default+0x36/0x50
[2725959.103719]  [<ffffffff8102f6cd>] show_trace_log_lvl+0x4d/0x60
[2725959.104285]  [<ffffffff8102f734>] show_stack+0x34/0x70
[2725959.104843]  [<ffffffff81198221>] oom_trylock+0x1d1/0x1e0
[2725959.105380]  [<ffffffff8120bed1>] mem_cgroup_oom_synchronize+0xe1/0x4e0
[2725959.105954]  [<ffffffff811a348f>] ? put_page+0x4f/0x60
[2725959.106502]  [<ffffffff811c7fc7>] ? handle_mm_fault+0x4d7/0x14c0
[2725959.107088]  [<ffffffff810d5ff0>] ? __account_cfs_rq_runtime+0x100/0x160
[2725959.107654]  [<ffffffff81198fe3>] pagefault_out_of_memory+0x13/0x50
[2725959.108252]  [<ffffffff816965e5>] mm_fault_error+0x68/0x12b
[2725959.108856]  [<ffffffff816a8df5>] __do_page_fault+0x395/0x450
[2725959.109438]  [<ffffffff816a8ee5>] do_page_fault+0x35/0x90
[2725959.110051]  [<ffffffff816a4cf8>] page_fault+0x28/0x30
[2725959.110634] Code: 8b b7 e0 06 00 00 4d 85 ed 0f 85 bf fe ff ff 65
48 8b 04 25 00 0e 01 00 49 89 ed 48 39 c7 0f 84 aa fe ff ff 48 8b 87
e0 06 00 00 <4c> 8b 28 e9 9b fe ff ff 66 0f 1f 84 00 00 00 00 00 8b 45
9c 0f
[2725959.111960] RIP  [<ffffffff8102e52f>] dump_trace+0x1df/0x2d0
[2725959.112555]  RSP <ffff8803020abcb0>
[2725959.113172] CR2: 0000000000000000

struct mem_cgroup -h 0xffff880765f09800 | less

oom_ctx = {
owner = 0x0,
victim = 0xffff88022c838000,
marked = 0x1,
oom_start = 0x19a3c0875,
oom_end = 0x19a3c0876,
overdraft = 0xfa00000,
rage = 0x14,
waitq = {
lock = {
{
rlock = {
raw_lock = {
{
head_tail = 0x99c099c,
tickets =

{ head = 0x99c, tail = 0x99c }
}


Thanks!

More information about the Devel mailing list