Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 12051 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB INFO: task kworker/u4:3:188 blocked for more than 140 seconds. Total swap = 0kB Not tainted 4.19.211-syzkaller #0 2097051 pages RAM "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. 0 pages HighMem/MovableOnly kworker/u4:3 D23944 188 2 0x80000000 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 1KB 7KB pid_2 328KB 640KB Workqueue: netns cleanup_net Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 batadv_tl_cache 4KB 12KB TIPC 2941KB 2947KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 SCTPv6 8186KB 8186KB DCCPv6 9777KB 9787KB tw_sock_DCCP 2KB 3KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 request_sock_DCCP 0KB 3KB DCCP 9281KB 9283KB ccid3_hc_tx_sock 1KB 8KB ccid3_hc_rx_sock 1KB 8KB tfrc_rxh_cache 1KB 3KB dccp_bind_bucket 0KB 4KB RXRPC 3186KB 3191KB rxrpc_call_jar 22061KB 22065KB bridge_fdb_cache 9KB 23KB fib6_nodes 155KB 304KB ip6_dst_cache 157KB 427KB RAWv6 39549KB 39555KB UDPLITEv6 185KB 187KB UDPv6 3695KB 3697KB TCPv6 5985KB 5988KB nf_conntrack 27KB 41KB t10_alua_lu_gp_cache 0KB 3KB ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349 sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 13KB 37KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB ops_exit_list+0xa5/0x150 net/core/net_namespace.c:153 jfs_mp 7KB 7KB cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554 cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB process_one_work+0x864/0x1570 kernel/workqueue.c:2153 nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB fasync_cache 0KB 4KB pid_namespace 5KB 15KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 176KB 180KB worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 UDP-Lite 121KB 128KB tcp_bind_bucket 245KB 248KB inet_peer_cache 64KB 68KB ip_fib_trie 23KB 51KB ip_fib_alias 110KB 201KB ip_dst_cache 9KB 72KB RAW 23445KB 23445KB kthread+0x33f/0x460 kernel/kthread.c:259 UDP 6613KB 6615KB TCP 135KB 140KB hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 15KB 31KB eventpoll_epi 29KB 51KB inotify_inode_mark 7KB 27KB request_queue 215KB 215KB blkdev_requests 1KB 3KB blkdev_ioc 49KB 50KB bio-0 11144KB 11145KB biovec-max 2829KB 2829KB biovec-64 8276KB 8276KB biovec-16 2161KB 2163KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 242KB 462KB user_namespace 2KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 48KB 52KB skbuff_head_cache 15909KB 15930KB configfs_dir_cache 3KB 7KB file_lock_cache 10KB 15KB file_lock_ctx 9KB 15KB fsnotify_mark_connector 3KB 11KB net_namespace 34168KB 34168KB shmem_inode_cache 7943KB 8119KB task_delay_info 1495KB 2229KB taskstats 12KB 53KB proc_dir_entry 176870KB 176872KB pde_opener 5KB 23KB seq_file 138KB 141KB sigqueue 116KB 122KB kernfs_node_cache 507034KB 507035KB mnt_cache 290KB 340KB filp 4440KB 6007KB names_cache 44829KB 44850KB iint_cache 46KB 55KB key_jar 5KB 15KB uts_namespace 37KB 43KB nsproxy 345KB 351KB vm_area_struct 34884KB 34885KB mm_struct 6670KB 6675KB fs_cache 1989KB 2960KB files_cache 6926KB 9720KB signal_cache 10720KB 15115KB sighand_cache 9911KB 9941KB task_struct 45854KB 45917KB cred_jar 4079KB 6516KB anon_vma_chain 51331KB 51337KB anon_vma 11772KB 11820KB pid 516KB 940KB Acpi-Operand 156KB 198KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 20KB 23KB numa_policy 0KB 3KB debug_objects_cache 40221KB 40222KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4032KB 4036KB page->ptl 6675KB 6676KB kmalloc-2097152 2050KB 6150KB kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB kmalloc-65536 1848KB 2178KB kmalloc-32768 218097KB 218097KB kmalloc-16384 65521KB 65521KB kmalloc-8192 149061KB 149061KB kmalloc-4096 662277KB 662277KB kmalloc-2048 537852KB 537852KB kmalloc-1024 214310KB 214310KB kmalloc-512 185868KB 197385KB kmalloc-256 111418KB 113542KB kmalloc-128 56742KB 56877KB kmalloc-96 16027KB 17108KB kmalloc-64 38849KB 40360KB kmalloc-32 34324KB 35476KB kmalloc-192 75811KB 77564KB kmem_cache 178KB 180KB Out of memory: Kill process 4603 (syz-executor.2) score 1002 or sacrifice child Killed process 4603 (syz-executor.2) total-vm:57200kB, anon-rss:2452kB, file-rss:14160kB, shmem-rss:0kB oom_reaper: reaped process 308 (syz-executor.1), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB systemd-journal invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=3, oom_score_adj=0 systemd-journal cpuset=/ mems_allowed=0-1 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 CPU: 1 PID: 17568 Comm: systemd-journal Not tainted 4.19.211-syzkaller #0 INFO: task syz-executor.1:23667 blocked for more than 140 seconds. Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Not tainted 4.19.211-syzkaller #0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 syz-executor.1 D26584 23667 23623 0x00000004 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 __do_cache_alloc mm/slab.c:3361 [inline] slab_alloc mm/slab.c:3389 [inline] kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623 kmalloc include/linux/slab.h:515 [inline] devkmsg_open+0xc7/0x370 kernel/printk/printk.c:981 Call Trace: memory_open+0x172/0x1d0 drivers/char/mem.c:920 context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 chrdev_open+0x266/0x770 fs/char_dev.c:423 do_dentry_open+0x4aa/0x1160 fs/open.c:796 do_last fs/namei.c:3421 [inline] path_openat+0x793/0x2df0 fs/namei.c:3537 do_filp_open+0x18c/0x3f0 fs/namei.c:3567 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 do_sys_open+0x3b3/0x520 fs/open.c:1085 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f71e63e7840 Code: Bad RIP value. RSP: 002b:00007ffe8e4890e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007f71e63e7840 RDX: fffffffffffffe00 RSI: 0000000000080101 RDI: 00007f71e6b601f0 RBP: 0000000000000002 R08: 00007ffe8e4890b0 R09: 0000000000000000 R10: 0000000000020d50 R11: 0000000000000246 R12: 000055c374850520 R13: 00007ffe8e489600 R14: 0000000000000000 R15: 0000000000000000 Mem-Info: active_anon:183910 inactive_anon:8856 isolated_anon:0 active_file:51 inactive_file:68 isolated_file:2 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:52677 slab_unreclaimable:1227319 mapped:18524 shmem:11812 pagetables:59529 bounce:0 free:30123 free_pcp:352 free_cma:0 Node 0 active_anon:729056kB inactive_anon:35404kB active_file:236kB inactive_file:152kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59760kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 1 active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:55116kB min:35996kB low:44992kB high:53988kB active_anon:727000kB inactive_anon:35404kB active_file:4kB inactive_file:472kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33344kB pagetables:62940kB bounce:0kB free_pcp:1312kB local_pcp:1296kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53808kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101536kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB Node 0 DMA32: 318*4kB (ME) 316*8kB (UME) 941*16kB (UME) 531*32kB (UME) 5*64kB (ME) 2*128kB (UE) 0*256kB 1*512kB (E) 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56392kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 152*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53808kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 11950 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 1KB 7KB pid_2 328KB 640KB batadv_tl_cache 4KB 12KB TIPC 2941KB 2947KB SCTPv6 8186KB 8186KB DCCPv6 9777KB 9787KB tw_sock_DCCP 2KB 3KB DCCP 9281KB 9283KB ccid3_hc_tx_sock 1KB 8KB ccid3_hc_rx_sock 1KB 8KB tfrc_rxh_cache 1KB 3KB dccp_bind_bucket 0KB 4KB RXRPC 3186KB 3191KB rxrpc_call_jar 22061KB 22065KB bridge_fdb_cache 9KB 23KB fib6_nodes 155KB 304KB ip6_dst_cache 157KB 427KB RAWv6 39549KB 39555KB UDPLITEv6 185KB 187KB UDPv6 3695KB 3697KB TCPv6 5985KB 5988KB nf_conntrack 27KB 37KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 13KB 37KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB fasync_cache 0KB 4KB pid_namespace 5KB 15KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 176KB 180KB UDP-Lite 121KB 128KB tcp_bind_bucket 245KB 248KB inet_peer_cache 64KB 68KB ip_fib_trie 23KB 51KB ip_fib_alias 110KB 201KB ip_dst_cache 9KB 72KB RAW 23445KB 23445KB UDP 6613KB 6615KB TCP 135KB 140KB hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 13KB 31KB eventpoll_epi 24KB 51KB inotify_inode_mark 7KB 27KB request_queue 215KB 215KB blkdev_requests 1KB 3KB blkdev_ioc 49KB 50KB bio-0 11253KB 11253KB biovec-max 2838KB 2838KB biovec-64 8331KB 8331KB biovec-16 2180KB 2182KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 242KB 462KB user_namespace 2KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 46KB 52KB skbuff_head_cache 16006KB 16027KB configfs_dir_cache 3KB 7KB file_lock_cache 10KB 15KB file_lock_ctx 9KB 15KB fsnotify_mark_connector 3KB 11KB net_namespace 34168KB 34168KB shmem_inode_cache 7943KB 8119KB task_delay_info 1473KB 2229KB taskstats 12KB 53KB proc_dir_entry 176870KB 176872KB pde_opener 5KB 23KB seq_file 138KB 141KB sigqueue 116KB 122KB kernfs_node_cache 507069KB 507071KB mnt_cache 290KB 340KB filp 4412KB 6003KB names_cache 44846KB 44850KB iint_cache 43KB 55KB key_jar 5KB 15KB uts_namespace 37KB 43KB nsproxy 345KB 351KB vm_area_struct 34884KB 34885KB mm_struct 6670KB 6675KB fs_cache 1959KB 2956KB files_cache 6874KB 9716KB signal_cache 10713KB 15115KB sighand_cache 9899KB 9941KB task_struct 45904KB 45917KB cred_jar 4055KB 6516KB anon_vma_chain 51330KB 51337KB anon_vma 11764KB 11820KB pid 501KB 940KB Acpi-Operand 156KB 198KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 20KB 23KB numa_policy 0KB 3KB debug_objects_cache 40233KB 40233KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4032KB 4036KB page->ptl 6675KB 6676KB kmalloc-2097152 2050KB 6150KB kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB kmalloc-65536 1848KB 2178KB kmalloc-32768 218130KB 218130KB kmalloc-16384 65521KB 65521KB kmalloc-8192 149061KB 149061KB kmalloc-4096 662324KB 662324KB kmalloc-2048 537852KB 537852KB kmalloc-1024 214364KB 214365KB kmalloc-512 186026KB 197542KB kmalloc-256 111422KB 113546KB kmalloc-128 56742KB 56877KB kmalloc-96 16034KB 17116KB kmalloc-64 38849KB 40360KB kmalloc-32 34328KB 35476KB kmalloc-192 75811KB 77564KB kmem_cache 178KB 180KB Out of memory (oom_kill_allocating_task): Kill process 17568 (systemd-journal) score 0 or sacrifice child Killed process 17568 (systemd-journal) total-vm:37896kB, anon-rss:404kB, file-rss:0kB, shmem-rss:0kB systemd invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 systemd cpuset=/ mems_allowed=0-1 CPU: 1 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1132 [inline] out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 __do_cache_alloc mm/slab.c:3361 [inline] slab_alloc mm/slab.c:3389 [inline] kmem_cache_alloc+0x1e4/0x370 mm/slab.c:3557 getname_flags+0xce/0x590 fs/namei.c:140 do_sys_open+0x26c/0x520 fs/open.c:1079 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc55b53470d Code: Bad RIP value. RSP: 002b:00007ffe78186c90 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 RAX: ffffffffffffffda RBX: 000055dacba81350 RCX: 00007fc55b53470d RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007ffe78186d70 RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001 R10: 0000000000080000 R11: 0000000000000293 R12: 00007fc55cc6e7b4 R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000002 Mem-Info: active_anon:183823 inactive_anon:8856 isolated_anon:0 active_file:47 inactive_file:93 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:52709 slab_unreclaimable:1227353 mapped:18532 shmem:11812 pagetables:59515 bounce:0 free:30347 free_pcp:186 free_cma:0 Node 0 active_anon:728708kB inactive_anon:35404kB active_file:184kB inactive_file:372kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59792kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 184320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no ops_init+0xb3/0x410 net/core/net_namespace.c:129 Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes setup_net+0x2c2/0x720 net/core/net_namespace.c:316 Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 Node 0 DMA32 free:55872kB min:35996kB low:44992kB high:53988kB active_anon:726652kB inactive_anon:35404kB active_file:472kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33376kB pagetables:62884kB bounce:0kB free_pcp:1604kB local_pcp:312kB free_cma:0kB create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB Node 0 DMA32: 78*4kB (ME) 458*8kB (UME) 948*16kB (UME) 531*32kB (UME) 8*64kB (ME) 2*128kB (UE) 1*256kB (E) 0*512kB 1*1024kB (E) 7*2048kB (M) 1*4096kB (M) = 56616kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB entry_SYSCALL_64_after_hwframe+0x49/0xbe Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:24082 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26744 24082 23906 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 11913 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 pid_3 1KB 7KB entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 pid_2 328KB 640KB Code: Bad RIP value. batadv_tl_cache 4KB 12KB RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 TIPC 2941KB 2947KB RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 SCTPv6 8186KB 8186KB DCCPv6 9775KB 9787KB RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 tw_sock_DCCP 1KB 3KB R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 DCCP 9279KB 9283KB INFO: task syz-executor.1:24180 blocked for more than 140 seconds. ccid3_hc_tx_sock 1KB 8KB ccid3_hc_rx_sock 1KB 8KB tfrc_rxh_cache 1KB 3KB dccp_bind_bucket 0KB 4KB RXRPC 3186KB 3191KB rxrpc_call_jar 22061KB 22065KB bridge_fdb_cache 9KB 23KB fib6_nodes 155KB 304KB ip6_dst_cache 162KB 427KB RAWv6 39549KB 39555KB UDPLITEv6 185KB 187KB UDPv6 3695KB 3697KB TCPv6 5985KB 5988KB nf_conntrack 26KB 37KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 13KB 37KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB fasync_cache 0KB 4KB pid_namespace 5KB 15KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 176KB 180KB UDP-Lite 121KB 128KB tcp_bind_bucket 245KB 248KB inet_peer_cache 64KB 68KB ip_fib_trie 23KB 51KB ip_fib_alias 110KB 201KB ip_dst_cache 9KB 72KB RAW 23445KB 23445KB Not tainted 4.19.211-syzkaller #0 UDP 6613KB 6615KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. TCP 135KB 140KB syz-executor.1 D26888 24180 23940 0x00000004 hugetlbfs_inode_cache 3KB 15KB Call Trace: fscache_cookie_jar 1KB 7KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 eventpoll_pwq 13KB 31KB eventpoll_epi 24KB 51KB inotify_inode_mark 7KB 27KB request_queue 215KB 215KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 blkdev_requests 1KB 3KB blkdev_ioc 50KB 50KB bio-0 11512KB 11512KB biovec-max 2895KB 2895KB biovec-64 8426KB 8426KB biovec-16 2217KB 2220KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 242KB 462KB user_namespace 2KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 46KB 52KB skbuff_head_cache 16119KB 16140KB configfs_dir_cache 3KB 7KB file_lock_cache 10KB 15KB file_lock_ctx 9KB 15KB fsnotify_mark_connector 3KB 11KB net_namespace 34168KB 34168KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 shmem_inode_cache 7943KB 8119KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 task_delay_info 1473KB 2229KB taskstats 12KB 53KB proc_dir_entry 176870KB 176872KB pde_opener 4KB 23KB seq_file 135KB 141KB sigqueue 115KB 122KB kernfs_node_cache 507121KB 507122KB mnt_cache 290KB 340KB filp 4378KB 6000KB names_cache 44603KB 44603KB iint_cache 43KB 55KB key_jar 5KB 15KB uts_namespace 37KB 43KB nsproxy 345KB 351KB vm_area_struct 34903KB 34905KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:24245 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26888 24245 23667 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:24483 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26888 24483 23623 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:24484 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26768 24484 24126 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:24584 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26928 24584 24190 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:25277 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26888 25277 23945 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 INFO: task syz-executor.1:25304 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.1 D26912 25304 24458 0x00000004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 mm_struct 6672KB 6675KB fs_cache 1959KB 2956KB files_cache 6874KB 9716KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 signal_cache 10644KB 15115KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 sighand_cache 9899KB 9941KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7fc73269deb9 Code: Bad RIP value. RSP: 002b:00007fc730ff2168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007fc7327b1030 RCX: 00007fc73269deb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000007 RBP: 00007fc7326f808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc494b33ff R14: 00007fc730ff2300 R15: 0000000000022000 Showing all locks held in the system: task_struct 45551KB 45614KB 5 locks held by systemd/1: cred_jar 4040KB 6512KB 3 locks held by kworker/1:1/48: anon_vma_chain 51333KB 51337KB anon_vma 11758KB 11820KB pid 501KB 940KB Acpi-Operand 156KB 198KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 20KB 23KB #0: 00000000d0d97fe1 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 numa_policy 0KB 3KB debug_objects_cache 40256KB 40257KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4032KB 4036KB page->ptl 6678KB 6680KB kmalloc-2097152 2050KB 6150KB kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB #1: 00000000b8b4c6df (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 kmalloc-65536 1848KB 2178KB kmalloc-32768 218130KB 218130KB kmalloc-16384 65538KB 65538KB kmalloc-8192 149061KB 149061KB kmalloc-4096 661984KB 661984KB kmalloc-2048 537852KB 537852KB kmalloc-1024 214483KB 214483KB #2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150 kmalloc-512 186285KB 197801KB 4 locks held by kworker/u4:3/188: kmalloc-256 111426KB 113550KB #0: 00000000fb40551d ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 kmalloc-128 56742KB 56877KB #1: 000000006567f860 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 kmalloc-96 16069KB 17152KB #2: 000000002749050c (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521 kmalloc-64 38849KB 40360KB #3: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_fib_net_exit+0x1b/0x2b0 net/ipv4/fib_frontend.c:1349 kmalloc-32 34328KB 35476KB 1 lock held by khungtaskd/1570: kmalloc-192 75811KB 77564KB #0: 000000004f3c94a0 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 kmem_cache 178KB 180KB 3 locks held by kswapd0/1968: 2 locks held by agetty/7931: #0: 00000000a55bd97a (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272 #1: 00000000d207ec1c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154 3 locks held by kworker/1:3/9357: #0: 000000003d84b1c8 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 Out of memory: Kill process 6974 (syz-executor.2) score 1002 or sacrifice child #1: 00000000d0cc4662 ((addr_chk_work).work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 Killed process 6974 (syz-executor.2) total-vm:56804kB, anon-rss:2448kB, file-rss:14160kB, shmem-rss:0kB #2: 00000000041c0aaa (rtnl_mutex){+.+.}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4476 in:imklog invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 3 locks held by kworker/u4:9/10157: in:imklog cpuset=/ mems_allowed=0-1 #0: 000000007d706aa4 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 CPU: 1 PID: 17343 Comm: in:imklog Not tainted 4.19.211-syzkaller #0 #1: 000000004f3c94a0 (rcu_read_lock){....}, at: trace_sched_stat_runtime include/trace/events/sched.h:428 [inline] #1: 000000004f3c94a0 (rcu_read_lock){....}, at: update_curr+0x2c3/0x870 kernel/sched/fair.c:857 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 #2: 000000002544ddb1 (&p->pi_lock){-.-.}, at: wake_up_new_task+0x75/0xb10 kernel/sched/core.c:2401 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 1 lock held by syz-executor.3/21284: oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 #0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_detach drivers/net/tun.c:759 [inline] #0: 00000000041c0aaa (rtnl_mutex){+.+.}, at: tun_chr_close+0x3a/0x180 drivers/net/tun.c:3323 2 locks held by syz-executor.1/23623: out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 __do_cache_alloc mm/slab.c:3361 [inline] slab_alloc mm/slab.c:3389 [inline] kmem_cache_alloc_trace+0x1f1/0x380 mm/slab.c:3623 kmalloc include/linux/slab.h:515 [inline] syslog_print kernel/printk/printk.c:1337 [inline] do_syslog.part.0+0x24f/0x1510 kernel/printk/printk.c:1505 do_syslog+0x49/0x60 kernel/printk/printk.c:1486 kmsg_read+0x8a/0xb0 fs/proc/kmsg.c:40 proc_reg_read+0x1bd/0x2d0 fs/proc/inode.c:231 __vfs_read+0xf7/0x750 fs/read_write.c:416 vfs_read+0x194/0x3c0 fs/read_write.c:452 ksys_read+0x12b/0x2a0 fs/read_write.c:579 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f934e3c022d Code: Bad RIP value. RSP: 002b:00007f934bd5c580 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f934e3c022d RDX: 0000000000001fa0 RSI: 00007f934bd5cda0 RDI: 0000000000000004 RBP: 000055cc189839d0 R08: 0000000000000000 R09: 0000000000000000 R10: 2ce33e6c02ce33e7 R11: 0000000000000293 R12: 00007f934bd5cda0 R13: 0000000000001fa0 R14: 0000000000001f9f R15: 00007f934bd5d91d Mem-Info: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 active_anon:183315 inactive_anon:8856 isolated_anon:0 active_file:32 inactive_file:21 isolated_file:21 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:52775 slab_unreclaimable:1227553 mapped:18499 shmem:11812 pagetables:59510 bounce:0 free:30353 free_pcp:321 free_cma:0 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/23667: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 0 active_anon:726676kB inactive_anon:35404kB active_file:124kB inactive_file:84kB unevictable:0kB isolated(anon):0kB isolated(file):84kB mapped:59660kB dirty:0kB writeback:0kB shmem:47220kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 182272kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 2 locks held by syz-executor.1/23770: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 1 active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:28kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/23795: Node 0 DMA free:10988kB min:204kB low:252kB high:300kB active_anon:2056kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 lowmem_reserve[]: 0 2693 2695 2695 2695 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 Node 0 DMA32 free:58096kB min:35996kB low:44992kB high:53988kB active_anon:724620kB inactive_anon:35404kB active_file:64kB inactive_file:528kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:33440kB pagetables:62864kB bounce:0kB free_pcp:480kB local_pcp:232kB free_cma:0kB 2 locks held by syz-executor.1/23889: lowmem_reserve[]: 0 0 1 1 1 #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/23906: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 lowmem_reserve[]: 0 0 0 0 0 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/23913: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 Node 1 Normal free:53840kB min:53876kB low:67344kB high:80812kB active_anon:6584kB inactive_anon:20kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:101504kB pagetables:175116kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 2 locks held by syz-executor.1/23940: lowmem_reserve[]: 0 0 0 0 0 #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 0 DMA: 1*4kB (E) 1*8kB (M) 2*16kB (ME) 4*32kB (UME) 3*64kB (UME) 7*128kB (UME) 8*256kB (UME) 3*512kB (UME) 2*1024kB (ME) 2*2048kB (ME) 0*4096kB = 10988kB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 0 DMA32: 391*4kB (UME) 409*8kB (UM) 848*16kB (UM) 537*32kB (UME) 9*64kB (UME) 3*128kB (UE) 1*256kB (U) 1*512kB (U) 2*1024kB (UE) 9*2048kB (UM) 0*4096kB = 57796kB 2 locks held by syz-executor.1/23945: Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 312*4kB (UM) 44*8kB (UME) 159*16kB (UME) 153*32kB (UME) 12*64kB (ME) 12*128kB (ME) 8*256kB (UME) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (UM) 8*4096kB (M) = 53840kB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/24038: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 2 locks held by syz-executor.1/24071: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2 locks held by syz-executor.1/24082: Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 11861 total pagecache pages 2 locks held by syz-executor.1/24089: 0 pages in swap cache #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Swap cache stats: add 0, delete 0, find 0/0 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Free swap = 0kB 2 locks held by syz-executor.1/24126: Total swap = 0kB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 2097051 pages RAM #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 2 locks held by syz-executor.1/24180: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24186: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 0 pages HighMem/MovableOnly 2 locks held by syz-executor.1/24189: 369649 pages reserved #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/24190: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24245: 0 pages cma reserved #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Unreclaimable slab info: #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Name Used Total 2 locks held by syz-executor.1/24310: pid_3 1KB 7KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24335: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24360: pid_2 328KB 640KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 batadv_tl_cache 4KB 12KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 TIPC 2941KB 2947KB 2 locks held by syz-executor.1/24379: SCTPv6 8186KB 8186KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24458: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/24459: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 2 locks held by syz-executor.1/24465: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24483: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24484: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24527: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24557: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/24579: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 2 locks held by syz-executor.1/24580: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/24583: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/24584: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24585: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/24684: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24713: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24774: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/24958: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/24988: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/25014: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/25015: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25124: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 2 locks held by syz-executor.1/25176: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25177: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/25202: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/25242: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/25277: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25280: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/25304: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25306: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25328: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 DCCPv6 9772KB 9787KB 2 locks held by syz-executor.1/25329: tw_sock_DCCP 1KB 3KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 DCCP 9279KB 9283KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 ccid3_hc_tx_sock 1KB 8KB 2 locks held by syz-executor.1/25330: ccid3_hc_rx_sock 1KB 8KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25335: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25353: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 2 locks held by syz-executor.1/25389: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.1/25390: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 tfrc_rxh_cache 1KB 3KB dccp_bind_bucket 0KB 4KB RXRPC 3186KB 3191KB rxrpc_call_jar 22061KB 22065KB 2 locks held by syz-executor.1/25399: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 bridge_fdb_cache 9KB 23KB 2 locks held by syz-executor.1/25403: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 fib6_nodes 155KB 304KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25407: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.1/25508: ip6_dst_cache 167KB 427KB RAWv6 39549KB 39555KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 UDPLITEv6 185KB 187KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 2 locks held by syz-executor.1/25517: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 UDPv6 3695KB 3697KB 2 locks held by syz-executor.1/25530: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 TCPv6 5985KB 5988KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.1/25555: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 nf_conntrack 26KB 37KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 t10_alua_lu_gp_cache 0KB 3KB 2 locks held by syz-executor.1/25558: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 sd_ext_cdb 0KB 7KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 scsi_sense_cache 1056KB 1060KB 2 locks held by syz-executor.1/25571: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/25618: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 virtio_scsi_cmd 16KB 16KB 2 locks held by syz-executor.1/25619: sgpool-128 8KB 8KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 13KB 37KB bio_post_read_ctx 14KB 15KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB 2 locks held by syz-executor.1/25626: cifs_request 67KB 67KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: vti6_exit_batch_net+0x82/0x620 net/ipv6/ip6_vti.c:1173 2 locks held by syz-executor.1/25639: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 2 locks held by syz-executor.1/25644: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 cifs_mpx_ids 0KB 7KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 nfs_commit_data 3KB 14KB 2 locks held by syz-executor.1/25671: nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 fasync_cache 0KB 4KB pid_namespace 5KB 15KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 UNIX 176KB 180KB UDP-Lite 121KB 128KB tcp_bind_bucket 245KB 248KB 2 locks held by syz-executor.1/25762: inet_peer_cache 64KB 68KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 ip_fib_trie 23KB 51KB ip_fib_alias 110KB 201KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 ip_dst_cache 9KB 72KB RAW 23445KB 23445KB UDP 6611KB 6615KB 2 locks held by syz-executor.1/25777: #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 TCP 135KB 140KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 12KB 31KB eventpoll_epi 23KB 51KB inotify_inode_mark 7KB 27KB request_queue 215KB 215KB blkdev_requests 1KB 3KB blkdev_ioc 53KB 54KB bio-0 11793KB 11793KB biovec-max 2895KB 2895KB biovec-64 8442KB 8442KB biovec-16 2289KB 2291KB bio_integrity_payload 1KB 8KB 2 locks held by syz-executor.1/25858: khugepaged_mm_slot 242KB 462KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 user_namespace 2KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 51KB 52KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 skbuff_head_cache 16486KB 16507KB configfs_dir_cache 3KB 7KB file_lock_cache 10KB 15KB 2 locks held by syz-executor.1/25899: file_lock_ctx 9KB 15KB fsnotify_mark_connector 3KB 11KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 net_namespace 34168KB 34168KB shmem_inode_cache 7943KB 8119KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 task_delay_info 1456KB 2229KB 2 locks held by syz-executor.1/26193: taskstats 12KB 53KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 proc_dir_entry 176870KB 176872KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 pde_opener 2KB 23KB 2 locks held by syz-executor.1/26216: seq_file 139KB 141KB sigqueue 122KB 126KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kernfs_node_cache 507518KB 507520KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 mnt_cache 290KB 340KB 2 locks held by syz-executor.1/26241: filp 4334KB 5988KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 names_cache 44289KB 44327KB iint_cache 43KB 55KB key_jar 5KB 15KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 uts_namespace 37KB 43KB 2 locks held by syz-executor.1/26260: nsproxy 345KB 351KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 vm_area_struct 34903KB 34905KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: gtp_net_exit+0x1ba/0x380 drivers/net/gtp.c:1360 mm_struct 6672KB 6675KB 2 locks held by syz-executor.1/26309: fs_cache 1935KB 2956KB files_cache 6808KB 9701KB signal_cache 10564KB 15100KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 sighand_cache 9899KB 9941KB #1: 00000000041c0aaa (rtnl_mutex){+.+.}, at: xfrmi_exit_net+0x1b2/0x3f0 net/xfrm/xfrm_interface.c:781 task_struct 45140KB 45197KB cred_jar 3986KB 6512KB anon_vma_chain 51333KB 51337KB anon_vma 11755KB 11820KB pid 489KB 940KB Acpi-Operand 156KB 198KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB 2 locks held by syz-executor.1/26354: Acpi-State 52KB 63KB #0: 000000002749050c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Acpi-Namespace 20KB 23KB numa_policy 0KB 3KB debug_objects_cache 40294KB 40295KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB