====================================================== WARNING: possible circular locking dependency detected 4.16.0-rc7+ #292 Not tainted ------------------------------------------------------ swapper/0/0 is trying to acquire lock: (_xmit_ETHER#2){+.-.}, at: [<0000000066249927>] spin_lock include/linux/spinlock.h:310 [inline] (_xmit_ETHER#2){+.-.}, at: [<0000000066249927>] __netif_tx_lock include/linux/netdevice.h:3582 [inline] (_xmit_ETHER#2){+.-.}, at: [<0000000066249927>] sch_direct_xmit+0x361/0x1140 net/sched/sch_generic.c:325 but task is already holding lock: (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] spin_lock include/linux/spinlock.h:310 [inline] (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] __netif_tx_lock include/linux/netdevice.h:3582 [inline] (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] __dev_queue_xmit+0x2781/0x2fc0 net/core/dev.c:3580 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (_xmit_TUNNEL6#2){+.-.}: __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] __netif_tx_lock include/linux/netdevice.h:3582 [inline] __dev_queue_xmit+0x2781/0x2fc0 net/core/dev.c:3580 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 neigh_direct_output+0x15/0x20 net/core/neighbour.c:1390 neigh_output include/net/neighbour.h:482 [inline] ip_finish_output2+0x91a/0x1550 net/ipv4/ip_output.c:229 ip_do_fragment+0xc66/0x26d0 net/ipv4/ip_output.c:810 ip_fragment.constprop.47+0x145/0x200 net/ipv4/ip_output.c:546 ip_finish_output+0x698/0xd60 net/ipv4/ip_output.c:315 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_mc_output+0x271/0x1350 net/ipv4/ip_output.c:390 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 iptunnel_xmit+0x556/0x810 net/ipv4/ip_tunnel_core.c:91 ip_tunnel_xmit+0x177b/0x3550 net/ipv4/ip_tunnel.c:777 __gre_xmit+0x546/0x8b0 net/ipv4/ip_gre.c:449 erspan_xmit+0x779/0x22a0 net/ipv4/ip_gre.c:731 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 sch_direct_xmit+0x40d/0x1140 net/sched/sch_generic.c:327 qdisc_restart net/sched/sch_generic.c:399 [inline] __qdisc_run+0x676/0x19b0 net/sched/sch_generic.c:410 __dev_xmit_skb net/core/dev.c:3244 [inline] __dev_queue_xmit+0xb8b/0x2fc0 net/core/dev.c:3552 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 br_dev_queue_push_xmit+0x196/0x5a0 net/bridge/br_forward.c:55 NF_HOOK include/linux/netfilter.h:288 [inline] br_forward_finish+0xc8/0x530 net/bridge/br_forward.c:67 NF_HOOK include/linux/netfilter.h:288 [inline] __br_forward+0x533/0xc80 net/bridge/br_forward.c:112 br_flood+0x665/0x770 net/bridge/br_forward.c:225 br_dev_xmit+0xfbe/0x1550 net/bridge/br_device.c:103 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 __dev_queue_xmit+0x26bf/0x2fc0 net/core/dev.c:3584 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 neigh_hh_output include/net/neighbour.h:472 [inline] neigh_output include/net/neighbour.h:480 [inline] ip_finish_output2+0xf4d/0x1550 net/ipv4/ip_output.c:229 ip_do_fragment+0x1f4e/0x26d0 net/ipv4/ip_output.c:675 ip_fragment.constprop.47+0x145/0x200 net/ipv4/ip_output.c:546 ip_finish_output+0x698/0xd60 net/ipv4/ip_output.c:315 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_mc_output+0x271/0x1350 net/ipv4/ip_output.c:390 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_send_skb+0x3c/0xc0 net/ipv4/ip_output.c:1421 udp_send_skb+0x666/0xc30 net/ipv4/udp.c:803 udp_sendmsg+0xba0/0x2f70 net/ipv4/udp.c:1038 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #0 (_xmit_ETHER#2){+.-.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] __netif_tx_lock include/linux/netdevice.h:3582 [inline] sch_direct_xmit+0x361/0x1140 net/sched/sch_generic.c:325 qdisc_restart net/sched/sch_generic.c:399 [inline] __qdisc_run+0x676/0x19b0 net/sched/sch_generic.c:410 __dev_xmit_skb net/core/dev.c:3244 [inline] __dev_queue_xmit+0xb8b/0x2fc0 net/core/dev.c:3552 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 br_dev_queue_push_xmit+0x196/0x5a0 net/bridge/br_forward.c:55 NF_HOOK include/linux/netfilter.h:288 [inline] br_forward_finish+0xc8/0x530 net/bridge/br_forward.c:67 NF_HOOK include/linux/netfilter.h:288 [inline] __br_forward+0x533/0xc80 net/bridge/br_forward.c:112 br_flood+0x665/0x770 net/bridge/br_forward.c:225 br_dev_xmit+0xa68/0x1550 net/bridge/br_device.c:87 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 __dev_queue_xmit+0x26bf/0x2fc0 net/core/dev.c:3584 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 arp_xmit_finish net/ipv4/arp.c:634 [inline] NF_HOOK include/linux/netfilter.h:288 [inline] arp_xmit+0xd6/0x550 net/ipv4/arp.c:643 arp_send_dst.part.18+0x19b/0x280 net/ipv4/arp.c:321 arp_send_dst net/ipv4/arp.c:394 [inline] arp_solicit+0x86a/0x1320 net/ipv4/arp.c:393 neigh_probe+0xc3/0x100 net/core/neighbour.c:899 __neigh_event_send+0x927/0x1040 net/core/neighbour.c:1055 neigh_event_send include/net/neighbour.h:435 [inline] neigh_resolve_output+0x62b/0xa00 net/core/neighbour.c:1334 neigh_output include/net/neighbour.h:482 [inline] ip_finish_output2+0x91a/0x1550 net/ipv4/ip_output.c:229 ip_finish_output+0x864/0xd60 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_send_skb+0x3c/0xc0 net/ipv4/ip_output.c:1421 ip_push_pending_frames+0x64/0x80 net/ipv4/ip_output.c:1441 icmp_push_reply+0x395/0x4f0 net/ipv4/icmp.c:394 icmp_send+0x1136/0x19b0 net/ipv4/icmp.c:741 ipv4_link_failure+0x2a/0x1b0 net/ipv4/route.c:1200 dst_link_failure include/net/dst.h:427 [inline] vti6_xmit net/ipv6/ip6_vti.c:517 [inline] vti6_tnl_xmit+0x6ee/0x1820 net/ipv6/ip6_vti.c:556 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 __dev_queue_xmit+0x26bf/0x2fc0 net/core/dev.c:3584 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 neigh_direct_output+0x15/0x20 net/core/neighbour.c:1390 neigh_output include/net/neighbour.h:482 [inline] ip_finish_output2+0x91a/0x1550 net/ipv4/ip_output.c:229 ip_finish_output+0x864/0xd60 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_queue_xmit+0x8c0/0x1920 net/ipv4/ip_output.c:504 tcp_transmit_skb+0x1b12/0x3960 net/ipv4/tcp_output.c:1176 __tcp_retransmit_skb+0x6a0/0x2af0 net/ipv4/tcp_output.c:2904 tcp_retransmit_skb+0x2e/0x230 net/ipv4/tcp_output.c:2923 tcp_retransmit_timer+0xefc/0x2dd0 net/ipv4/tcp_timer.c:488 tcp_write_timer_handler+0x335/0x820 net/ipv4/tcp_timer.c:573 tcp_write_timer+0x153/0x170 net/ipv4/tcp_timer.c:593 call_timer_fn+0x228/0x820 kernel/time/timer.c:1326 expire_timers kernel/time/timer.c:1363 [inline] __run_timers+0x7ee/0xb70 kernel/time/timer.c:1666 run_timer_softirq+0x4c/0x70 kernel/time/timer.c:1692 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:541 [inline] smp_apic_timer_interrupt+0x16b/0x700 arch/x86/kernel/apic/apic.c:1052 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:857 native_safe_halt+0x6/0x10 arch/x86/include/asm/irqflags.h:54 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline] default_idle+0xbf/0x430 arch/x86/kernel/process.c:354 arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:345 default_idle_call+0x36/0x90 kernel/sched/idle.c:98 cpuidle_idle_call kernel/sched/idle.c:156 [inline] do_idle+0x24a/0x3b0 kernel/sched/idle.c:246 cpu_startup_entry+0x104/0x120 kernel/sched/idle.c:351 rest_init+0xed/0xf0 init/main.c:437 start_kernel+0x7f1/0x819 init/main.c:717 x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378 x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:239 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(_xmit_TUNNEL6#2); lock(_xmit_ETHER#2); lock(_xmit_TUNNEL6#2); lock(_xmit_ETHER#2); *** DEADLOCK *** 11 locks held by swapper/0/0: #0: ((&icsk->icsk_retransmit_timer)){+.-.}, at: [<000000006cf9f3a3>] lockdep_copy_map include/linux/lockdep.h:178 [inline] #0: ((&icsk->icsk_retransmit_timer)){+.-.}, at: [<000000006cf9f3a3>] call_timer_fn+0x1c6/0x820 kernel/time/timer.c:1316 #1: (slock-AF_INET){+.-.}, at: [<00000000a41c0f9b>] spin_lock include/linux/spinlock.h:310 [inline] #1: (slock-AF_INET){+.-.}, at: [<00000000a41c0f9b>] tcp_write_timer+0x29/0x170 net/ipv4/tcp_timer.c:591 #2: (rcu_read_lock){....}, at: [<00000000c37710dd>] read_pnet include/net/net_namespace.h:288 [inline] #2: (rcu_read_lock){....}, at: [<00000000c37710dd>] sock_net include/net/sock.h:2306 [inline] #2: (rcu_read_lock){....}, at: [<00000000c37710dd>] ip_queue_xmit+0x9e/0x1920 net/ipv4/ip_output.c:429 #3: (rcu_read_lock_bh){....}, at: [<000000007f49002c>] lwtunnel_xmit_redirect include/net/lwtunnel.h:92 [inline] #3: (rcu_read_lock_bh){....}, at: [<000000007f49002c>] ip_finish_output2+0x2aa/0x1550 net/ipv4/ip_output.c:213 #4: (rcu_read_lock_bh){....}, at: [<0000000066176182>] __dev_queue_xmit+0x2fe/0x2fc0 net/core/dev.c:3518 #5: (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] spin_lock include/linux/spinlock.h:310 [inline] #5: (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] __netif_tx_lock include/linux/netdevice.h:3582 [inline] #5: (_xmit_TUNNEL6#2){+.-.}, at: [<0000000056b6ff1c>] __dev_queue_xmit+0x2781/0x2fc0 net/core/dev.c:3580 #6: (k-slock-AF_INET){+.-.}, at: [<00000000197dc1a8>] spin_trylock include/linux/spinlock.h:320 [inline] #6: (k-slock-AF_INET){+.-.}, at: [<00000000197dc1a8>] icmp_xmit_lock net/ipv4/icmp.c:219 [inline] #6: (k-slock-AF_INET){+.-.}, at: [<00000000197dc1a8>] icmp_send+0x758/0x19b0 net/ipv4/icmp.c:668 #7: (rcu_read_lock_bh){....}, at: [<000000007f49002c>] lwtunnel_xmit_redirect include/net/lwtunnel.h:92 [inline] #7: (rcu_read_lock_bh){....}, at: [<000000007f49002c>] ip_finish_output2+0x2aa/0x1550 net/ipv4/ip_output.c:213 #8: (rcu_read_lock_bh){....}, at: [<0000000066176182>] __dev_queue_xmit+0x2fe/0x2fc0 net/core/dev.c:3518 #9: (rcu_read_lock){....}, at: [<000000002bf48ef7>] br_dev_xmit+0x11d/0x1550 net/bridge/br_device.c:43 #10: (rcu_read_lock_bh){....}, at: [<0000000066176182>] __dev_queue_xmit+0x2fe/0x2fc0 net/core/dev.c:3518 stack backtrace: CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 print_circular_bug.isra.38+0x2cd/0x2dc kernel/locking/lockdep.c:1223 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2417 [inline] __lock_acquire+0x30a8/0x3e00 kernel/locking/lockdep.c:3431 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:144 spin_lock include/linux/spinlock.h:310 [inline] __netif_tx_lock include/linux/netdevice.h:3582 [inline] sch_direct_xmit+0x361/0x1140 net/sched/sch_generic.c:325 qdisc_restart net/sched/sch_generic.c:399 [inline] __qdisc_run+0x676/0x19b0 net/sched/sch_generic.c:410 __dev_xmit_skb net/core/dev.c:3244 [inline] __dev_queue_xmit+0xb8b/0x2fc0 net/core/dev.c:3552 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 br_dev_queue_push_xmit+0x196/0x5a0 net/bridge/br_forward.c:55 NF_HOOK include/linux/netfilter.h:288 [inline] br_forward_finish+0xc8/0x530 net/bridge/br_forward.c:67 NF_HOOK include/linux/netfilter.h:288 [inline] __br_forward+0x533/0xc80 net/bridge/br_forward.c:112 br_flood+0x665/0x770 net/bridge/br_forward.c:225 br_dev_xmit+0xa68/0x1550 net/bridge/br_device.c:87 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 __dev_queue_xmit+0x26bf/0x2fc0 net/core/dev.c:3584 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 arp_xmit_finish net/ipv4/arp.c:634 [inline] NF_HOOK include/linux/netfilter.h:288 [inline] arp_xmit+0xd6/0x550 net/ipv4/arp.c:643 arp_send_dst.part.18+0x19b/0x280 net/ipv4/arp.c:321 arp_send_dst net/ipv4/arp.c:394 [inline] arp_solicit+0x86a/0x1320 net/ipv4/arp.c:393 neigh_probe+0xc3/0x100 net/core/neighbour.c:899 __neigh_event_send+0x927/0x1040 net/core/neighbour.c:1055 neigh_event_send include/net/neighbour.h:435 [inline] neigh_resolve_output+0x62b/0xa00 net/core/neighbour.c:1334 neigh_output include/net/neighbour.h:482 [inline] ip_finish_output2+0x91a/0x1550 net/ipv4/ip_output.c:229 ip_finish_output+0x864/0xd60 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_send_skb+0x3c/0xc0 net/ipv4/ip_output.c:1421 ip_push_pending_frames+0x64/0x80 net/ipv4/ip_output.c:1441 icmp_push_reply+0x395/0x4f0 net/ipv4/icmp.c:394 icmp_send+0x1136/0x19b0 net/ipv4/icmp.c:741 ipv4_link_failure+0x2a/0x1b0 net/ipv4/route.c:1200 dst_link_failure include/net/dst.h:427 [inline] vti6_xmit net/ipv6/ip6_vti.c:517 [inline] vti6_tnl_xmit+0x6ee/0x1820 net/ipv6/ip6_vti.c:556 __netdev_start_xmit include/linux/netdevice.h:4087 [inline] netdev_start_xmit include/linux/netdevice.h:4096 [inline] xmit_one net/core/dev.c:3053 [inline] dev_hard_start_xmit+0x24e/0xac0 net/core/dev.c:3069 __dev_queue_xmit+0x26bf/0x2fc0 net/core/dev.c:3584 dev_queue_xmit+0x17/0x20 net/core/dev.c:3617 neigh_direct_output+0x15/0x20 net/core/neighbour.c:1390 neigh_output include/net/neighbour.h:482 [inline] ip_finish_output2+0x91a/0x1550 net/ipv4/ip_output.c:229 ip_finish_output+0x864/0xd60 net/ipv4/ip_output.c:317 NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip_output+0x1d2/0x860 net/ipv4/ip_output.c:405 dst_output include/net/dst.h:444 [inline] ip_local_out+0x95/0x160 net/ipv4/ip_output.c:124 ip_queue_xmit+0x8c0/0x1920 net/ipv4/ip_output.c:504 tcp_transmit_skb+0x1b12/0x3960 net/ipv4/tcp_output.c:1176 __tcp_retransmit_skb+0x6a0/0x2af0 net/ipv4/tcp_output.c:2904 tcp_retransmit_skb+0x2e/0x230 net/ipv4/tcp_output.c:2923 tcp_retransmit_timer+0xefc/0x2dd0 net/ipv4/tcp_timer.c:488 tcp_write_timer_handler+0x335/0x820 net/ipv4/tcp_timer.c:573 tcp_write_timer+0x153/0x170 net/ipv4/tcp_timer.c:593 call_timer_fn+0x228/0x820 kernel/time/timer.c:1326 expire_timers kernel/time/timer.c:1363 [inline] __run_timers+0x7ee/0xb70 kernel/time/timer.c:1666 run_timer_softirq+0x4c/0x70 kernel/time/timer.c:1692 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:365 [inline] irq_exit+0x1cc/0x200 kernel/softirq.c:405 exiting_irq arch/x86/include/asm/apic.h:541 [inline] smp_apic_timer_interrupt+0x16b/0x700 arch/x86/kernel/apic/apic.c:1052 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:857 RIP: 0010:native_safe_halt+0x6/0x10 arch/x86/include/asm/irqflags.h:54 RSP: 0018:ffffffff88407c38 EFLAGS: 00000282 ORIG_RAX: ffffffffffffff12 RAX: dffffc0000000000 RBX: 1ffffffff1080f8a RCX: 0000000000000000 RDX: 1ffffffff10a24f0 RSI: 0000000000000001 RDI: ffffffff88512780 RBP: ffffffff88407c38 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffffffff88407cf0 R14: ffffffff88ee3fa0 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline] default_idle+0xbf/0x430 arch/x86/kernel/process.c:354 arch_cpu_idle+0xa/0x10 arch/x86/kernel/process.c:345 default_idle_call+0x36/0x90 kernel/sched/idle.c:98 cpuidle_idle_call kernel/sched/idle.c:156 [inline] do_idle+0x24a/0x3b0 kernel/sched/idle.c:246 cpu_startup_entry+0x104/0x120 kernel/sched/idle.c:351 rest_init+0xed/0xf0 init/main.c:437 start_kernel+0x7f1/0x819 init/main.c:717 x86_64_start_reservations+0x2a/0x2c arch/x86/kernel/head64.c:378 x86_64_start_kernel+0x77/0x7a arch/x86/kernel/head64.c:359 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:239 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 CPU: 1 PID: 27876 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3366 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3540 dst_alloc+0x11f/0x1a0 net/core/dst.c:104 rt_dst_alloc+0xe9/0x4e0 net/ipv4/route.c:1520 __mkroute_output net/ipv4/route.c:2258 [inline] ip_route_output_key_hash_rcu+0xa59/0x2fe0 net/ipv4/route.c:2484 ip_route_output_key_hash+0x20b/0x370 net/ipv4/route.c:2313 __ip_route_output_key include/net/route.h:124 [inline] ip_route_output_flow+0x26/0xa0 net/ipv4/route.c:2568 udp_sendmsg+0x19bd/0x2f70 net/ipv4/udp.c:1006 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4552d9 RSP: 002b:00007fc0048a9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc0048aa6d4 RCX: 00000000004552d9 RDX: 00000000000005fa RSI: 00000000209fc000 RDI: 0000000000000013 RBP: 000000000072bea0 R08: 0000000020357000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000004f2 R14: 00000000006fa750 R15: 0000000000000000 CPU: 0 PID: 27882 Comm: syz-executor6 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3366 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3540 anon_vma_chain_alloc mm/rmap.c:128 [inline] __anon_vma_prepare+0xbc/0x6b0 mm/rmap.c:182 anon_vma_prepare include/linux/rmap.h:153 [inline] do_huge_pmd_anonymous_page+0x103c/0x19e0 mm/huge_memory.c:679 create_huge_pmd mm/memory.c:3870 [inline] __handle_mm_fault+0x178a/0x38c0 mm/memory.c:4074 handle_mm_fault+0x44a/0xb10 mm/memory.c:4140 __do_page_fault+0x560/0xbe0 arch/x86/mm/fault.c:1422 do_page_fault+0xee/0x730 arch/x86/mm/fault.c:1497 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1151 RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:68 RSP: 0018:ffff880199e47d08 EFLAGS: 00010297 RAX: 0000000000000014 RBX: 00007fffffffeffd RCX: 0000000020000000 RDX: 0000000000000044 RSI: ffffc900082e2000 RDI: 0000000000000282 RBP: ffff880199e47e00 R08: 0000000000000000 R09: 1ffff100333c8f7e R10: ffff880199e47bb8 R11: ffff8801cea37748 R12: 1ffff100333c8fa7 R13: 0000000000000014 R14: 0000000000000003 R15: 0000000000000015 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4552d9 RSP: 002b:00007f3b6daccc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 RAX: ffffffffffffffda RBX: 00007f3b6dacd6d4 RCX: 00000000004552d9 RDX: 0000000000000300 RSI: 0000000000000003 RDI: 0000000000000011 RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000013 R13: 0000000000000643 R14: 00000000006fc6e8 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 27909 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3287 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3630 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:987 [inline] alloc_skb_with_frags+0x10d/0x750 net/core/skbuff.c:5248 sock_alloc_send_pskb+0x787/0x9b0 net/core/sock.c:2088 sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2105 __ip_append_data.isra.45+0x1423/0x2680 net/ipv4/ip_output.c:970 ip_make_skb+0x2a0/0x330 net/ipv4/ip_output.c:1488 udp_sendmsg+0xb67/0x2f70 net/ipv4/udp.c:1033 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4552d9 RSP: 002b:00007fc0048a9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc0048aa6d4 RCX: 00000000004552d9 RDX: 00000000000005fa RSI: 00000000209fc000 RDI: 0000000000000013 RBP: 000000000072bea0 R08: 0000000020357000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000004f2 R14: 00000000006fa750 R15: 0000000000000001 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 27987 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3287 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3649 __do_kmalloc_node mm/slab.c:3669 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3684 __kmalloc_reserve.isra.39+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:987 [inline] alloc_skb_with_frags+0x10d/0x750 net/core/skbuff.c:5248 sock_alloc_send_pskb+0x787/0x9b0 net/core/sock.c:2088 sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2105 __ip_append_data.isra.45+0x1423/0x2680 net/ipv4/ip_output.c:970 ip_make_skb+0x2a0/0x330 net/ipv4/ip_output.c:1488 udp_sendmsg+0xb67/0x2f70 net/ipv4/udp.c:1033 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4552d9 RSP: 002b:00007fc0048a9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc0048aa6d4 RCX: 00000000004552d9 RDX: 00000000000005fa RSI: 00000000209fc000 RDI: 0000000000000013 RBP: 000000000072bea0 R08: 0000000020357000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000004f2 R14: 00000000006fa750 R15: 0000000000000002 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 28033 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc mm/slab.c:3366 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3540 ptlock_alloc+0x24/0x70 mm/memory.c:4728 ptlock_init include/linux/mm.h:1796 [inline] pgtable_page_ctor include/linux/mm.h:1830 [inline] pte_alloc_one+0x59/0x100 arch/x86/mm/pgtable.c:32 do_huge_pmd_anonymous_page+0xb5e/0x19e0 mm/huge_memory.c:690 create_huge_pmd mm/memory.c:3870 [inline] __handle_mm_fault+0x178a/0x38c0 mm/memory.c:4074 handle_mm_fault+0x44a/0xb10 mm/memory.c:4140 __do_page_fault+0x560/0xbe0 arch/x86/mm/fault.c:1422 do_page_fault+0xee/0x730 arch/x86/mm/fault.c:1497 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1151 RIP: 0010:csum_partial_copy_generic+0xc0/0x170 arch/x86/lib/csum-copy_64.S:146 RSP: 0018:ffff88019a6570b0 EFLAGS: 00010206 RAX: 0000000000000000 RBX: ffff88019a6571d0 RCX: 0000000000000005 RDX: 0000000000000028 RSI: ffff8801b13bcd2c RDI: 00000000209fc000 RBP: ffff88019a657130 R08: ffff88019a6571d0 R09: 0000000000000000 R10: 0000000000000028 R11: ffffed00362779bb R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000028 R15: ffff8801b13bcd2c csum_and_copy_from_iter_full+0x276/0xf30 lib/iov_iter.c:1234 ip_generic_getfrag+0x169/0x260 net/ipv4/ip_output.c:837 __ip_append_data.isra.45+0x17ba/0x2680 net/ipv4/ip_output.c:1018 ip_make_skb+0x2a0/0x330 net/ipv4/ip_output.c:1488 udp_sendmsg+0xb67/0x2f70 net/ipv4/udp.c:1033 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748 SyS_sendto+0x40/0x50 net/socket.c:1716 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x4552d9 RSP: 002b:00007fc0048a9c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc0048aa6d4 RCX: 00000000004552d9 RDX: 00000000000005fa RSI: 00000000209fc000 RDI: 0000000000000013 RBP: 000000000072bea0 R08: 0000000020357000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000004f2 R14: 00000000006fa750 R15: 0000000000000003 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 28082 Comm: syz-executor2 Not tainted 4.16.0-rc7+ #292 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3287 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3630 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:987 [inline] __ip_append_data.isra.45+0x1b51/0x2680 net/ipv4/ip_output.c:977 ip_make_skb+0x2a0/0x330 net/ipv4/ip_output.c:1488 udp_sendmsg+0xb67/0x2f70 net/ipv4/udp.c:1033 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:798 sock_sendmsg_nosec net/socket.c:629 [inline] sock_sendmsg+0xca/0x110 net/socket.c:639 SYSC_sendto+0x361/0x5c0 net/socket.c:1748