INFO: task hung in ip_fib_net_exit
6 views
Skip to first unread message
syzbot
Jan 13, 2022, 8:18:21 AM1/13/22
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=14b252f3b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=948b2baca91b52262cbe
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+948b2b...@syzkaller.appspotmail.com
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
12051 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
INFO: task kworker/u4:3:188 blocked for more than 140 seconds.
Total swap = 0kB
Not tainted 4.19.211-syzkaller #0
2097051 pages RAM
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
0 pages HighMem/MovableOnly
kworker/u4:3 D23944 188 2 0x80000000
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
pid_3 1KB 7KB
pid_2 328KB 640KB
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
batadv_tl_cache 4KB 12KB
TIPC 2941KB 2947KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
SCTPv6 8186KB 8186KB
DCCPv6 9777KB 9787KB
tw_sock_DCCP 2KB 3KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
request_sock_DCCP 0KB 3KB
DCCP 9281KB 9283KB
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 157KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 27KB 41KB
t10_alua_lu_gp_cache 0KB 3KB
ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153
jfs_mp 7KB 7KB
cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
process_one_work+0x864/0x1570 kernel/workqueue.c:2153
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
kthread+0x33f/0x460 kernel/kthread.c:259
UDP 6613KB 6615KB
TCP 135KB 140KB
hugetlbfs_inode_cache 3KB 15KB
fscache_cookie_jar 1KB 7KB
eventpoll_pwq 15KB 31KB
eventpoll_epi 29KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
blkdev_requests 1KB 3KB
blkdev_ioc 49KB 50KB
bio-0 11144KB 11145KB
biovec-max 2829KB 2829KB
biovec-64 8276KB 8276KB
biovec-16 2161KB 2163KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 48KB 52KB
skbuff_head_cache 15909KB 15930KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
shmem_inode_cache 7943KB 8119KB
task_delay_info 1495KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 5KB 23KB
seq_file 138KB 141KB
sigqueue 116KB 122KB
kernfs_node_cache 507034KB 507035KB
mnt_cache 290KB 340KB
filp 4440KB 6007KB
names_cache 44829KB 44850KB
iint_cache 46KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34884KB 34885KB
mm_struct 6670KB 6675KB
fs_cache 1989KB 2960KB
files_cache 6926KB 9720KB
signal_cache 10720KB 15115KB
sighand_cache 9911KB 9941KB
task_struct 45854KB 45917KB
cred_jar 4079KB 6516KB
anon_vma_chain 51331KB 51337KB
anon_vma 11772KB 11820KB
pid 516KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
numa_policy 0KB 3KB
debug_objects_cache 40221KB 40222KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6675KB 6676KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218097KB 218097KB
kmalloc-16384 65521KB 65521KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 662277KB 662277KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214310KB 214310KB
kmalloc-512 185868KB 197385KB
kmalloc-256 111418KB 113542KB
kmalloc-128 56742KB 56877KB
kmalloc-96 16027KB 17108KB
kmalloc-64 38849KB 40360KB
kmalloc-32 34324KB 35476KB
kmalloc-192 75811KB 77564KB
kmem_cache 178KB 180KB
Out of memory: Kill process 4603 (syz-executor.2) score 1002 or sacrifice child
Killed process 4603 (syz-executor.2) total-vm:57200kB, anon-rss:2452kB, file-rss:14160kB, shmem-rss:0kB
oom_reaper: reaped process 308 (syz-executor.1), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
systemd-journal invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=3, oom_score_adj=0
systemd-journal cpuset=/ mems_allowed=0-1
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
CPU: 1 PID: 17568 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0
INFO: task syz-executor.1:23667 blocked for more than 140 seconds.
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Not tainted 4.19.211-syzkaller #0
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
syz-executor.1 D26584 23667 23623 0x00000004
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623
kmalloc include/linux/slab.h:515 [inline]
devkmsg_open+0xc7/0x370 kernel/printk/printk.c:981
Call Trace:
memory_open+0x172/0x1d0 drivers/char/mem.c:920
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
chrdev_open+0x266/0x770 fs/char_dev.c:423
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f71e63e7840
Code: Bad RIP value.
RSP: 002b:00007ffe8e4890e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f71e63e7840
RDX: fffffffffffffe00 RSI: 0000000000080101 RDI: 00007f71e6b601f0
RBP: 0000000000000002 R08: 00007ffe8e4890b0 R09: 0000000000000000
R10: 0000000000020d50 R11: 0000000000000246 R12: 000055c374850520
R13: 00007ffe8e489600 R14: 0000000000000000 R15: 0000000000000000
Mem-Info:
active_anon:183910 inactive_anon:8856 isolated_anon:0
active_file:51 inactive_file:68 isolated_file:2
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52677 slab_unreclaimable:1227319
mapped:18524 shmem:11812 pagetables:59529 bounce:0
free:30123 free_pcp:352 free_cma:0
Node 0 active_anon:729056kB inactive_anon:35404kB active_file:236kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59760kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
Node 0 DMA32 free:55116kB min:35996kB low:44992kB high:53988kB active_anon:727000kB inactive_anon:35404kB active_file:4kB inactive_file:472kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33344kB pagetables:62940kB bounce:0kB free_pcp:1312kB local_pcp:1296kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53808kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101536kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
Node 0 DMA32: 318*4kB (ME) 316*8kB (UME) 941*16kB (UME) 531*32kB (UME) 5*64kB (ME) 2*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56392kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 152*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53808kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
11950 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
pid_3 1KB 7KB
pid_2 328KB 640KB
batadv_tl_cache 4KB 12KB
TIPC 2941KB 2947KB
SCTPv6 8186KB 8186KB
DCCPv6 9777KB 9787KB
tw_sock_DCCP 2KB 3KB
DCCP 9281KB 9283KB
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 157KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 27KB 37KB
t10_alua_lu_gp_cache 0KB 3KB
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
jfs_mp 7KB 7KB
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
UDP 6613KB 6615KB
TCP 135KB 140KB
hugetlbfs_inode_cache 3KB 15KB
fscache_cookie_jar 1KB 7KB
eventpoll_pwq 13KB 31KB
eventpoll_epi 24KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
blkdev_requests 1KB 3KB
blkdev_ioc 49KB 50KB
bio-0 11253KB 11253KB
biovec-max 2838KB 2838KB
biovec-64 8331KB 8331KB
biovec-16 2180KB 2182KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 46KB 52KB
skbuff_head_cache 16006KB 16027KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
shmem_inode_cache 7943KB 8119KB
task_delay_info 1473KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 5KB 23KB
seq_file 138KB 141KB
sigqueue 116KB 122KB
kernfs_node_cache 507069KB 507071KB
mnt_cache 290KB 340KB
filp 4412KB 6003KB
names_cache 44846KB 44850KB
iint_cache 43KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34884KB 34885KB
mm_struct 6670KB 6675KB
fs_cache 1959KB 2956KB
files_cache 6874KB 9716KB
signal_cache 10713KB 15115KB
sighand_cache 9899KB 9941KB
task_struct 45904KB 45917KB
cred_jar 4055KB 6516KB
anon_vma_chain 51330KB 51337KB
anon_vma 11764KB 11820KB
pid 501KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
numa_policy 0KB 3KB
debug_objects_cache 40233KB 40233KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6675KB 6676KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218130KB 218130KB
kmalloc-16384 65521KB 65521KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 662324KB 662324KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214364KB 214365KB
kmalloc-512 186026KB 197542KB
kmalloc-256 111422KB 113546KB
kmalloc-128 56742KB 56877KB
kmalloc-96 16034KB 17116KB
kmalloc-64 38849KB 40360KB
kmalloc-32 34328KB 35476KB
kmalloc-192 75811KB 77564KB
kmem_cache 178KB 180KB
Out of memory (oom_kill_allocating_task): Kill process 17568 (systemd-journal) score 0 or sacrifice child
Killed process 17568 (systemd-journal) total-vm:37896kB, anon-rss:404kB, file-rss:0kB, shmem-rss:0kB
systemd invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
systemd cpuset=/ mems_allowed=0-1
CPU: 1 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1132 [inline]
out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc+0x1e4/0x370 mm/slab.c:3557
getname_flags+0xce/0x590 fs/namei.c:140
do_sys_open+0x26c/0x520 fs/open.c:1079
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc55b53470d
Code: Bad RIP value.
RSP: 002b:00007ffe78186c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000055dacba81350 RCX: 00007fc55b53470d
RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007ffe78186d70
RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001
R10: 0000000000080000 R11: 0000000000000293 R12: 00007fc55cc6e7b4
R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000002
Mem-Info:
active_anon:183823 inactive_anon:8856 isolated_anon:0
active_file:47 inactive_file:93 isolated_file:0
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52709 slab_unreclaimable:1227353
mapped:18532 shmem:11812 pagetables:59515 bounce:0
free:30347 free_pcp:186 free_cma:0
Node 0 active_anon:728708kB inactive_anon:35404kB active_file:184kB inactive_file:372kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59792kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
ops_init+0xb3/0x410 net/core/net_namespace.c:129
Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
Node 0 DMA32 free:55872kB min:35996kB low:44992kB high:53988kB active_anon:726652kB inactive_anon:35404kB active_file:472kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33376kB pagetables:62884kB bounce:0kB free_pcp:1604kB local_pcp:312kB free_cma:0kB
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
Node 0 DMA32: 78*4kB (ME) 458*8kB (UME) 948*16kB (UME) 531*32kB (UME) 8*64kB (ME) 2*128kB (UE) 1*256kB (E) 0*512kB 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56616kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24082 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26744 24082 23906 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
11913 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
pid_3 1KB 7KB
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
pid_2 328KB 640KB
Code: Bad RIP value.
batadv_tl_cache 4KB 12KB
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
TIPC 2941KB 2947KB
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
SCTPv6 8186KB 8186KB
DCCPv6 9775KB 9787KB
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
tw_sock_DCCP 1KB 3KB
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
DCCP 9279KB 9283KB
INFO: task syz-executor.1:24180 blocked for more than 140 seconds.
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 162KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 26KB 37KB
t10_alua_lu_gp_cache 0KB 3KB
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
jfs_mp 7KB 7KB
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
Not tainted 4.19.211-syzkaller #0
UDP 6613KB 6615KB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
TCP 135KB 140KB
syz-executor.1 D26888 24180 23940 0x00000004
hugetlbfs_inode_cache 3KB 15KB
Call Trace:
fscache_cookie_jar 1KB 7KB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
eventpoll_pwq 13KB 31KB
eventpoll_epi 24KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blkdev_requests 1KB 3KB
blkdev_ioc 50KB 50KB
bio-0 11512KB 11512KB
biovec-max 2895KB 2895KB
biovec-64 8426KB 8426KB
biovec-16 2217KB 2220KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 46KB 52KB
skbuff_head_cache 16119KB 16140KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
shmem_inode_cache 7943KB 8119KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
task_delay_info 1473KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 4KB 23KB
seq_file 135KB 141KB
sigqueue 115KB 122KB
kernfs_node_cache 507121KB 507122KB
mnt_cache 290KB 340KB
filp 4378KB 6000KB
names_cache 44603KB 44603KB
iint_cache 43KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34903KB 34905KB
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24245 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 24245 23667 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24483 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 24483 23623 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24484 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26768 24484 24126 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24584 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26928 24584 24190 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:25277 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 25277 23945 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:25304 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26912 25304 24458 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
mm_struct 6672KB 6675KB
fs_cache 1959KB 2956KB
files_cache 6874KB 9716KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
signal_cache 10644KB 15115KB
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
sighand_cache 9899KB 9941KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
Showing all locks held in the system:
task_struct 45551KB 45614KB
5 locks held by systemd/1:
cred_jar 4040KB 6512KB
3 locks held by kworker/1:1/48:
anon_vma_chain 51333KB 51337KB
anon_vma 11758KB 11820KB
pid 501KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
#0: 00000000d0d97fe1 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
numa_policy 0KB 3KB
debug_objects_cache 40256KB 40257KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6678KB 6680KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
#1: 00000000b8b4c6df (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218130KB 218130KB
kmalloc-16384 65538KB 65538KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 661984KB 661984KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214483KB 214483KB
#2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150
kmalloc-512 186285KB 197801KB
4 locks held by kworker/u4:3/188:
kmalloc-256 111426KB 113550KB
#0: 00000000fb40551d ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
kmalloc-128 56742KB 56877KB
#1: 000000006567f860 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
kmalloc-96 16069KB 17152KB
#2: 000000002749050c (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521
kmalloc-64 38849KB 40360KB
#3: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349
kmalloc-32 34328KB 35476KB
1 lock held by khungtaskd/1570:
kmalloc-192 75811KB 77564KB
#0: 000000004f3c94a0 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441
kmem_cache 178KB 180KB
3 locks held by kswapd0/1968:
2 locks held by agetty/7931:
#0: 00000000a55bd97a (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
#1: 00000000d207ec1c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154
3 locks held by kworker/1:3/9357:
#0: 000000003d84b1c8 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
Out of memory: Kill process 6974 (syz-executor.2) score 1002 or sacrifice child
#1: 00000000d0cc4662 ((addr_chk_work).work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
Killed process 6974 (syz-executor.2) total-vm:56804kB, anon-rss:2448kB, file-rss:14160kB, shmem-rss:0kB
#2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4476
in:imklog invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0
3 locks held by kworker/u4:9/10157:
in:imklog cpuset=/ mems_allowed=0-1
#0: 000000007d706aa4 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
CPU: 1 PID: 17343 Comm: in:imklog Not tainted 4.19.211-syzkaller #0
#1: 000000004f3c94a0 (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline]
#1: 000000004f3c94a0 (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
#2: 000000002544ddb1 (&p->pi_lock){-.-.}, at: wake_up_new_task+0x75/0xb10 kernel/sched/core.c:2401
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
1 lock held by syz-executor.3/21284:
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
#0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_detach drivers/net/tun.c:759 [inline]
#0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_chr_close+0x3a/0x180 drivers/net/tun.c:3323
2 locks held by syz-executor.1/23623:
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623
kmalloc include/linux/slab.h:515 [inline]
syslog_print kernel/printk/printk.c:1337 [inline]
do_syslog.part.0+0x24f/0x1510 kernel/printk/printk.c:1505
do_syslog+0x49/0x60 kernel/printk/printk.c:1486
kmsg_read+0x8a/0xb0 fs/proc/kmsg.c:40
proc_reg_read+0x1bd/0x2d0 fs/proc/inode.c:231
__vfs_read+0xf7/0x750 fs/read_write.c:416
vfs_read+0x194/0x3c0 fs/read_write.c:452
ksys_read+0x12b/0x2a0 fs/read_write.c:579
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f934e3c022d
Code: Bad RIP value.
RSP: 002b:00007f934bd5c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f934e3c022d
RDX: 0000000000001fa0 RSI: 00007f934bd5cda0 RDI: 0000000000000004
RBP: 000055cc189839d0 R08: 0000000000000000 R09: 0000000000000000
R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f934bd5cda0
R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f934bd5d91d
Mem-Info:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
active_anon:183315 inactive_anon:8856 isolated_anon:0
active_file:32 inactive_file:21 isolated_file:21
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52775 slab_unreclaimable:1227553
mapped:18499 shmem:11812 pagetables:59510 bounce:0
free:30353 free_pcp:321 free_cma:0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/23667:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 active_anon:726676kB inactive_anon:35404kB active_file:124kB inactive_file:84kB unevictable:0kB isolated(anon):0kB isolated(file):84kB mapped:59660kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 182272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
2 locks held by syz-executor.1/23770:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23795:
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
lowmem_reserve[]: 0 2693 2695 2695 2695
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
Node 0 DMA32 free:58096kB min:35996kB low:44992kB high:53988kB active_anon:724620kB inactive_anon:35404kB active_file:64kB inactive_file:528kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33440kB pagetables:62864kB bounce:0kB free_pcp:480kB local_pcp:232kB free_cma:0kB
2 locks held by syz-executor.1/23889:
lowmem_reserve[]: 0 0 1 1 1
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23906:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
lowmem_reserve[]: 0 0 0 0 0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23913:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
2 locks held by syz-executor.1/23940:
lowmem_reserve[]: 0 0 0 0 0
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 DMA32: 391*4kB (UME) 409*8kB (UM) 848*16kB (UM) 537*32kB (UME) 9*64kB (UME) 3*128kB (UE) 1*256kB (U) 1*512kB (U) 2*1024kB (UE) 9*2048kB (UM) 0*4096kB = 57796kB
2 locks held by syz-executor.1/23945:
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24038:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/24071:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
2 locks held by syz-executor.1/24082:
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
11861 total pagecache pages
2 locks held by syz-executor.1/24089:
0 pages in swap cache
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Swap cache stats: add 0, delete 0, find 0/0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Free swap = 0kB
2 locks held by syz-executor.1/24126:
Total swap = 0kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
2097051 pages RAM
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
2 locks held by syz-executor.1/24180:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24186:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
0 pages HighMem/MovableOnly
2 locks held by syz-executor.1/24189:
369649 pages reserved
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24190:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24245:
0 pages cma reserved
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Unreclaimable slab info:
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Name Used Total
2 locks held by syz-executor.1/24310:
pid_3 1KB 7KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24335:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24360:
pid_2 328KB 640KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
batadv_tl_cache 4KB 12KB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
TIPC 2941KB 2947KB
2 locks held by syz-executor.1/24379:
SCTPv6 8186KB 8186KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24458:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24459:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/24465:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24483:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24484:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24527:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24557:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24579:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
2 locks held by syz-executor.1/24580:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24583:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24584:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24585:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24684:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24713:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24774:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24958:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24988:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/25014:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/25015:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25124:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/25176:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25177:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/25202:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/25242:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/25277:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25280:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/25304:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25306:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_t
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=14b252f3b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=948b2baca91b52262cbe
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+948b2b...@syzkaller.appspotmail.com
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
12051 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
INFO: task kworker/u4:3:188 blocked for more than 140 seconds.
Total swap = 0kB
Not tainted 4.19.211-syzkaller #0
2097051 pages RAM
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
0 pages HighMem/MovableOnly
kworker/u4:3 D23944 188 2 0x80000000
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
pid_3 1KB 7KB
pid_2 328KB 640KB
Workqueue: netns cleanup_net
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
batadv_tl_cache 4KB 12KB
TIPC 2941KB 2947KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
SCTPv6 8186KB 8186KB
DCCPv6 9777KB 9787KB
tw_sock_DCCP 2KB 3KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
request_sock_DCCP 0KB 3KB
DCCP 9281KB 9283KB
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 157KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 27KB 41KB
t10_alua_lu_gp_cache 0KB 3KB
ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153
jfs_mp 7KB 7KB
cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
process_one_work+0x864/0x1570 kernel/workqueue.c:2153
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
worker_thread+0x64c/0x1130 kernel/workqueue.c:2296
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
kthread+0x33f/0x460 kernel/kthread.c:259
UDP 6613KB 6615KB
TCP 135KB 140KB
hugetlbfs_inode_cache 3KB 15KB
fscache_cookie_jar 1KB 7KB
eventpoll_pwq 15KB 31KB
eventpoll_epi 29KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
blkdev_requests 1KB 3KB
blkdev_ioc 49KB 50KB
bio-0 11144KB 11145KB
biovec-max 2829KB 2829KB
biovec-64 8276KB 8276KB
biovec-16 2161KB 2163KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 48KB 52KB
skbuff_head_cache 15909KB 15930KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
shmem_inode_cache 7943KB 8119KB
task_delay_info 1495KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 5KB 23KB
seq_file 138KB 141KB
sigqueue 116KB 122KB
kernfs_node_cache 507034KB 507035KB
mnt_cache 290KB 340KB
filp 4440KB 6007KB
names_cache 44829KB 44850KB
iint_cache 46KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34884KB 34885KB
mm_struct 6670KB 6675KB
fs_cache 1989KB 2960KB
files_cache 6926KB 9720KB
signal_cache 10720KB 15115KB
sighand_cache 9911KB 9941KB
task_struct 45854KB 45917KB
cred_jar 4079KB 6516KB
anon_vma_chain 51331KB 51337KB
anon_vma 11772KB 11820KB
pid 516KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
numa_policy 0KB 3KB
debug_objects_cache 40221KB 40222KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6675KB 6676KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218097KB 218097KB
kmalloc-16384 65521KB 65521KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 662277KB 662277KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214310KB 214310KB
kmalloc-512 185868KB 197385KB
kmalloc-256 111418KB 113542KB
kmalloc-128 56742KB 56877KB
kmalloc-96 16027KB 17108KB
kmalloc-64 38849KB 40360KB
kmalloc-32 34324KB 35476KB
kmalloc-192 75811KB 77564KB
kmem_cache 178KB 180KB
Out of memory: Kill process 4603 (syz-executor.2) score 1002 or sacrifice child
Killed process 4603 (syz-executor.2) total-vm:57200kB, anon-rss:2452kB, file-rss:14160kB, shmem-rss:0kB
oom_reaper: reaped process 308 (syz-executor.1), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB
systemd-journal invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=3, oom_score_adj=0
systemd-journal cpuset=/ mems_allowed=0-1
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415
CPU: 1 PID: 17568 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0
INFO: task syz-executor.1:23667 blocked for more than 140 seconds.
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Not tainted 4.19.211-syzkaller #0
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
syz-executor.1 D26584 23667 23623 0x00000004
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623
kmalloc include/linux/slab.h:515 [inline]
devkmsg_open+0xc7/0x370 kernel/printk/printk.c:981
Call Trace:
memory_open+0x172/0x1d0 drivers/char/mem.c:920
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
chrdev_open+0x266/0x770 fs/char_dev.c:423
do_dentry_open+0x4aa/0x1160 fs/open.c:796
do_last fs/namei.c:3421 [inline]
path_openat+0x793/0x2df0 fs/namei.c:3537
do_filp_open+0x18c/0x3f0 fs/namei.c:3567
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
do_sys_open+0x3b3/0x520 fs/open.c:1085
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f71e63e7840
Code: Bad RIP value.
RSP: 002b:00007ffe8e4890e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f71e63e7840
RDX: fffffffffffffe00 RSI: 0000000000080101 RDI: 00007f71e6b601f0
RBP: 0000000000000002 R08: 00007ffe8e4890b0 R09: 0000000000000000
R10: 0000000000020d50 R11: 0000000000000246 R12: 000055c374850520
R13: 00007ffe8e489600 R14: 0000000000000000 R15: 0000000000000000
Mem-Info:
active_anon:183910 inactive_anon:8856 isolated_anon:0
active_file:51 inactive_file:68 isolated_file:2
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52677 slab_unreclaimable:1227319
mapped:18524 shmem:11812 pagetables:59529 bounce:0
free:30123 free_pcp:352 free_cma:0
Node 0 active_anon:729056kB inactive_anon:35404kB active_file:236kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59760kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
Node 0 DMA32 free:55116kB min:35996kB low:44992kB high:53988kB active_anon:727000kB inactive_anon:35404kB active_file:4kB inactive_file:472kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33344kB pagetables:62940kB bounce:0kB free_pcp:1312kB local_pcp:1296kB free_cma:0kB
lowmem_reserve[]: 0 0 1 1 1
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53808kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101536kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
Node 0 DMA32: 318*4kB (ME) 316*8kB (UME) 941*16kB (UME) 531*32kB (UME) 5*64kB (ME) 2*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56392kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 152*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53808kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
11950 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
pid_3 1KB 7KB
pid_2 328KB 640KB
batadv_tl_cache 4KB 12KB
TIPC 2941KB 2947KB
SCTPv6 8186KB 8186KB
DCCPv6 9777KB 9787KB
tw_sock_DCCP 2KB 3KB
DCCP 9281KB 9283KB
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 157KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 27KB 37KB
t10_alua_lu_gp_cache 0KB 3KB
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
jfs_mp 7KB 7KB
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
UDP 6613KB 6615KB
TCP 135KB 140KB
hugetlbfs_inode_cache 3KB 15KB
fscache_cookie_jar 1KB 7KB
eventpoll_pwq 13KB 31KB
eventpoll_epi 24KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
blkdev_requests 1KB 3KB
blkdev_ioc 49KB 50KB
bio-0 11253KB 11253KB
biovec-max 2838KB 2838KB
biovec-64 8331KB 8331KB
biovec-16 2180KB 2182KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 46KB 52KB
skbuff_head_cache 16006KB 16027KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
shmem_inode_cache 7943KB 8119KB
task_delay_info 1473KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 5KB 23KB
seq_file 138KB 141KB
sigqueue 116KB 122KB
kernfs_node_cache 507069KB 507071KB
mnt_cache 290KB 340KB
filp 4412KB 6003KB
names_cache 44846KB 44850KB
iint_cache 43KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34884KB 34885KB
mm_struct 6670KB 6675KB
fs_cache 1959KB 2956KB
files_cache 6874KB 9716KB
signal_cache 10713KB 15115KB
sighand_cache 9899KB 9941KB
task_struct 45904KB 45917KB
cred_jar 4055KB 6516KB
anon_vma_chain 51330KB 51337KB
anon_vma 11764KB 11820KB
pid 501KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
numa_policy 0KB 3KB
debug_objects_cache 40233KB 40233KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6675KB 6676KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218130KB 218130KB
kmalloc-16384 65521KB 65521KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 662324KB 662324KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214364KB 214365KB
kmalloc-512 186026KB 197542KB
kmalloc-256 111422KB 113546KB
kmalloc-128 56742KB 56877KB
kmalloc-96 16034KB 17116KB
kmalloc-64 38849KB 40360KB
kmalloc-32 34328KB 35476KB
kmalloc-192 75811KB 77564KB
kmem_cache 178KB 180KB
Out of memory (oom_kill_allocating_task): Kill process 17568 (systemd-journal) score 0 or sacrifice child
Killed process 17568 (systemd-journal) total-vm:37896kB, anon-rss:404kB, file-rss:0kB, shmem-rss:0kB
systemd invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
systemd cpuset=/ mems_allowed=0-1
CPU: 1 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
out_of_memory mm/oom_kill.c:1132 [inline]
out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc+0x1e4/0x370 mm/slab.c:3557
getname_flags+0xce/0x590 fs/namei.c:140
do_sys_open+0x26c/0x520 fs/open.c:1079
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc55b53470d
Code: Bad RIP value.
RSP: 002b:00007ffe78186c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000002
RAX: ffffffffffffffda RBX: 000055dacba81350 RCX: 00007fc55b53470d
RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007ffe78186d70
RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001
R10: 0000000000080000 R11: 0000000000000293 R12: 00007fc55cc6e7b4
R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000002
Mem-Info:
active_anon:183823 inactive_anon:8856 isolated_anon:0
active_file:47 inactive_file:93 isolated_file:0
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52709 slab_unreclaimable:1227353
mapped:18532 shmem:11812 pagetables:59515 bounce:0
free:30347 free_pcp:186 free_cma:0
Node 0 active_anon:728708kB inactive_anon:35404kB active_file:184kB inactive_file:372kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59792kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
ops_init+0xb3/0x410 net/core/net_namespace.c:129
Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2693 2695 2695 2695
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
Node 0 DMA32 free:55872kB min:35996kB low:44992kB high:53988kB active_anon:726652kB inactive_anon:35404kB active_file:472kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33376kB pagetables:62884kB bounce:0kB free_pcp:1604kB local_pcp:312kB free_cma:0kB
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
lowmem_reserve[]: 0 0 1 1 1
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
Node 0 DMA32: 78*4kB (ME) 458*8kB (UME) 948*16kB (UME) 531*32kB (UME) 8*64kB (ME) 2*128kB (UE) 1*256kB (E) 0*512kB 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56616kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
entry_SYSCALL_64_after_hwframe+0x49/0xbe
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24082 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26744 24082 23906 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
11913 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap = 0kB
Total swap = 0kB
2097051 pages RAM
0 pages HighMem/MovableOnly
369649 pages reserved
0 pages cma reserved
Unreclaimable slab info:
Name Used Total
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
pid_3 1KB 7KB
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
pid_2 328KB 640KB
Code: Bad RIP value.
batadv_tl_cache 4KB 12KB
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
TIPC 2941KB 2947KB
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
SCTPv6 8186KB 8186KB
DCCPv6 9775KB 9787KB
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
tw_sock_DCCP 1KB 3KB
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
DCCP 9279KB 9283KB
INFO: task syz-executor.1:24180 blocked for more than 140 seconds.
ccid3_hc_tx_sock 1KB 8KB
ccid3_hc_rx_sock 1KB 8KB
tfrc_rxh_cache 1KB 3KB
dccp_bind_bucket 0KB 4KB
RXRPC 3186KB 3191KB
rxrpc_call_jar 22061KB 22065KB
bridge_fdb_cache 9KB 23KB
fib6_nodes 155KB 304KB
ip6_dst_cache 162KB 427KB
RAWv6 39549KB 39555KB
UDPLITEv6 185KB 187KB
UDPv6 3695KB 3697KB
TCPv6 5985KB 5988KB
nf_conntrack 26KB 37KB
t10_alua_lu_gp_cache 0KB 3KB
sd_ext_cdb 0KB 7KB
scsi_sense_cache 1056KB 1060KB
virtio_scsi_cmd 16KB 16KB
sgpool-128 8KB 8KB
sgpool-64 4KB 12KB
sgpool-32 2KB 15KB
sgpool-16 1KB 7KB
sgpool-8 0KB 7KB
mqueue_inode_cache 13KB 37KB
bio_post_read_ctx 14KB 15KB
bio-2 14KB 15KB
jfs_mp 7KB 7KB
cifs_small_rq 15KB 16KB
cifs_request 67KB 67KB
cifs_mpx_ids 0KB 7KB
nfs_commit_data 3KB 14KB
nfs_write_data 34KB 44KB
ext4_system_zone 1KB 7KB
bio-1 1KB 7KB
fasync_cache 0KB 4KB
pid_namespace 5KB 15KB
rpc_buffers 17KB 25KB
rpc_tasks 2KB 7KB
UNIX 176KB 180KB
UDP-Lite 121KB 128KB
tcp_bind_bucket 245KB 248KB
inet_peer_cache 64KB 68KB
ip_fib_trie 23KB 51KB
ip_fib_alias 110KB 201KB
ip_dst_cache 9KB 72KB
RAW 23445KB 23445KB
Not tainted 4.19.211-syzkaller #0
UDP 6613KB 6615KB
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
TCP 135KB 140KB
syz-executor.1 D26888 24180 23940 0x00000004
hugetlbfs_inode_cache 3KB 15KB
Call Trace:
fscache_cookie_jar 1KB 7KB
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
eventpoll_pwq 13KB 31KB
eventpoll_epi 24KB 51KB
inotify_inode_mark 7KB 27KB
request_queue 215KB 215KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
blkdev_requests 1KB 3KB
blkdev_ioc 50KB 50KB
bio-0 11512KB 11512KB
biovec-max 2895KB 2895KB
biovec-64 8426KB 8426KB
biovec-16 2217KB 2220KB
bio_integrity_payload 1KB 8KB
khugepaged_mm_slot 242KB 462KB
user_namespace 2KB 7KB
uid_cache 0KB 4KB
dmaengine-unmap-2 0KB 3KB
skbuff_fclone_cache 46KB 52KB
skbuff_head_cache 16119KB 16140KB
configfs_dir_cache 3KB 7KB
file_lock_cache 10KB 15KB
file_lock_ctx 9KB 15KB
fsnotify_mark_connector 3KB 11KB
net_namespace 34168KB 34168KB
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
shmem_inode_cache 7943KB 8119KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
task_delay_info 1473KB 2229KB
taskstats 12KB 53KB
proc_dir_entry 176870KB 176872KB
pde_opener 4KB 23KB
seq_file 135KB 141KB
sigqueue 115KB 122KB
kernfs_node_cache 507121KB 507122KB
mnt_cache 290KB 340KB
filp 4378KB 6000KB
names_cache 44603KB 44603KB
iint_cache 43KB 55KB
key_jar 5KB 15KB
uts_namespace 37KB 43KB
nsproxy 345KB 351KB
vm_area_struct 34903KB 34905KB
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24245 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 24245 23667 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24483 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 24483 23623 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24484 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26768 24484 24126 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:24584 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26928 24584 24190 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:25277 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26888 25277 23945 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
INFO: task syz-executor.1:25304 blocked for more than 140 seconds.
Not tainted 4.19.211-syzkaller #0
"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
syz-executor.1 D26912 25304 24458 0x00000004
Call Trace:
context_switch kernel/sched/core.c:2828 [inline]
__schedule+0x887/0x2040 kernel/sched/core.c:3517
mm_struct 6672KB 6675KB
fs_cache 1959KB 2956KB
files_cache 6874KB 9716KB
schedule+0x8d/0x1b0 kernel/sched/core.c:3561
signal_cache 10644KB 15115KB
schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619
sighand_cache 9899KB 9941KB
__mutex_lock_common kernel/locking/mutex.c:1016 [inline]
__mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078
ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
ops_init+0xb3/0x410 net/core/net_namespace.c:129
setup_net+0x2c2/0x720 net/core/net_namespace.c:316
copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439
create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107
copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165
copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916
copy_process kernel/fork.c:1710 [inline]
_do_fork+0x22f/0xf30 kernel/fork.c:2219
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7fc73269deb9
Code: Bad RIP value.
RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007
RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000
Showing all locks held in the system:
task_struct 45551KB 45614KB
5 locks held by systemd/1:
cred_jar 4040KB 6512KB
3 locks held by kworker/1:1/48:
anon_vma_chain 51333KB 51337KB
anon_vma 11758KB 11820KB
pid 501KB 940KB
Acpi-Operand 156KB 198KB
Acpi-ParseExt 9KB 11KB
Acpi-Parse 41KB 47KB
Acpi-State 52KB 63KB
Acpi-Namespace 20KB 23KB
#0: 00000000d0d97fe1 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
numa_policy 0KB 3KB
debug_objects_cache 40256KB 40257KB
trace_event_file 297KB 298KB
ftrace_event_field 398KB 401KB
pool_workqueue 4032KB 4036KB
page->ptl 6678KB 6680KB
kmalloc-2097152 2050KB 6150KB
kmalloc-524288 2056KB 3084KB
kmalloc-262144 1290KB 1290KB
kmalloc-131072 1690KB 1690KB
#1: 00000000b8b4c6df (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
kmalloc-65536 1848KB 2178KB
kmalloc-32768 218130KB 218130KB
kmalloc-16384 65538KB 65538KB
kmalloc-8192 149061KB 149061KB
kmalloc-4096 661984KB 661984KB
kmalloc-2048 537852KB 537852KB
kmalloc-1024 214483KB 214483KB
#2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150
kmalloc-512 186285KB 197801KB
4 locks held by kworker/u4:3/188:
kmalloc-256 111426KB 113550KB
#0: 00000000fb40551d ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
kmalloc-128 56742KB 56877KB
#1: 000000006567f860 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
kmalloc-96 16069KB 17152KB
#2: 000000002749050c (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521
kmalloc-64 38849KB 40360KB
#3: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349
kmalloc-32 34328KB 35476KB
1 lock held by khungtaskd/1570:
kmalloc-192 75811KB 77564KB
#0: 000000004f3c94a0 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441
kmem_cache 178KB 180KB
3 locks held by kswapd0/1968:
2 locks held by agetty/7931:
#0: 00000000a55bd97a (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272
#1: 00000000d207ec1c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154
3 locks held by kworker/1:3/9357:
#0: 000000003d84b1c8 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
Out of memory: Kill process 6974 (syz-executor.2) score 1002 or sacrifice child
#1: 00000000d0cc4662 ((addr_chk_work).work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128
Killed process 6974 (syz-executor.2) total-vm:56804kB, anon-rss:2448kB, file-rss:14160kB, shmem-rss:0kB
#2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4476
in:imklog invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0
3 locks held by kworker/u4:9/10157:
in:imklog cpuset=/ mems_allowed=0-1
#0: 000000007d706aa4 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124
CPU: 1 PID: 17343 Comm: in:imklog Not tainted 4.19.211-syzkaller #0
#1: 000000004f3c94a0 (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline]
#1: 000000004f3c94a0 (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
#2: 000000002544ddb1 (&p->pi_lock){-.-.}, at: wake_up_new_task+0x75/0xb10 kernel/sched/core.c:2401
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x1fc/0x2ef lib/dump_stack.c:118
dump_header+0x15d/0xc3f mm/oom_kill.c:443
1 lock held by syz-executor.3/21284:
oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956
#0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_detach drivers/net/tun.c:759 [inline]
#0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_chr_close+0x3a/0x180 drivers/net/tun.c:3323
2 locks held by syz-executor.1/23623:
out_of_memory mm/oom_kill.c:1114 [inline]
out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064
__alloc_pages_may_oom mm/page_alloc.c:3553 [inline]
__alloc_pages_slowpath mm/page_alloc.c:4255 [inline]
__alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419
__alloc_pages include/linux/gfp.h:496 [inline]
__alloc_pages_node include/linux/gfp.h:509 [inline]
kmem_getpages mm/slab.c:1412 [inline]
cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682
fallback_alloc+0x213/0x2e0 mm/slab.c:3224
__do_cache_alloc mm/slab.c:3361 [inline]
slab_alloc mm/slab.c:3389 [inline]
kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623
kmalloc include/linux/slab.h:515 [inline]
syslog_print kernel/printk/printk.c:1337 [inline]
do_syslog.part.0+0x24f/0x1510 kernel/printk/printk.c:1505
do_syslog+0x49/0x60 kernel/printk/printk.c:1486
kmsg_read+0x8a/0xb0 fs/proc/kmsg.c:40
proc_reg_read+0x1bd/0x2d0 fs/proc/inode.c:231
__vfs_read+0xf7/0x750 fs/read_write.c:416
vfs_read+0x194/0x3c0 fs/read_write.c:452
ksys_read+0x12b/0x2a0 fs/read_write.c:579
do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x7f934e3c022d
Code: Bad RIP value.
RSP: 002b:00007f934bd5c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f934e3c022d
RDX: 0000000000001fa0 RSI: 00007f934bd5cda0 RDI: 0000000000000004
RBP: 000055cc189839d0 R08: 0000000000000000 R09: 0000000000000000
R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f934bd5cda0
R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f934bd5d91d
Mem-Info:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
active_anon:183315 inactive_anon:8856 isolated_anon:0
active_file:32 inactive_file:21 isolated_file:21
unevictable:0 dirty:0 writeback:0 unstable:0
slab_reclaimable:52775 slab_unreclaimable:1227553
mapped:18499 shmem:11812 pagetables:59510 bounce:0
free:30353 free_pcp:321 free_cma:0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/23667:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 active_anon:726676kB inactive_anon:35404kB active_file:124kB inactive_file:84kB unevictable:0kB isolated(anon):0kB isolated(file):84kB mapped:59660kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 182272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
2 locks held by syz-executor.1/23770:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23795:
Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
lowmem_reserve[]: 0 2693 2695 2695 2695
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
Node 0 DMA32 free:58096kB min:35996kB low:44992kB high:53988kB active_anon:724620kB inactive_anon:35404kB active_file:64kB inactive_file:528kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33440kB pagetables:62864kB bounce:0kB free_pcp:480kB local_pcp:232kB free_cma:0kB
2 locks held by syz-executor.1/23889:
lowmem_reserve[]: 0 0 1 1 1
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23906:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
lowmem_reserve[]: 0 0 0 0 0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/23913:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
2 locks held by syz-executor.1/23940:
lowmem_reserve[]: 0 0 0 0 0
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Node 0 DMA32: 391*4kB (UME) 409*8kB (UM) 848*16kB (UM) 537*32kB (UME) 9*64kB (UME) 3*128kB (UE) 1*256kB (U) 1*512kB (U) 2*1024kB (UE) 9*2048kB (UM) 0*4096kB = 57796kB
2 locks held by syz-executor.1/23945:
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24038:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/24071:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
2 locks held by syz-executor.1/24082:
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
11861 total pagecache pages
2 locks held by syz-executor.1/24089:
0 pages in swap cache
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Swap cache stats: add 0, delete 0, find 0/0
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Free swap = 0kB
2 locks held by syz-executor.1/24126:
Total swap = 0kB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
2097051 pages RAM
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
2 locks held by syz-executor.1/24180:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24186:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
0 pages HighMem/MovableOnly
2 locks held by syz-executor.1/24189:
369649 pages reserved
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24190:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24245:
0 pages cma reserved
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
Unreclaimable slab info:
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
Name Used Total
2 locks held by syz-executor.1/24310:
pid_3 1KB 7KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24335:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24360:
pid_2 328KB 640KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
batadv_tl_cache 4KB 12KB
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
TIPC 2941KB 2947KB
2 locks held by syz-executor.1/24379:
SCTPv6 8186KB 8186KB
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24458:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24459:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/24465:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24483:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24484:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24527:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24557:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24579:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360
2 locks held by syz-executor.1/24580:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24583:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/24584:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24585:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/24684:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24713:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24774:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/24958:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/24988:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/25014:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889
2 locks held by syz-executor.1/25015:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25124:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781
2 locks held by syz-executor.1/25176:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25177:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/25202:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/25242:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284
2 locks held by syz-executor.1/25277:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25280:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173
2 locks held by syz-executor.1/25304:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034
2 locks held by syz-executor.1/25306:
#0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435
#1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_t
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
May 13, 2022, 9:18:18 AM5/13/22
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages