nf_conntrack 4KB 15KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB INFO: task kworker/u4:4:2995 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. sgpool-128 8KB 8KB sgpool-64 4KB 12KB kworker/u4:4 D25968 2995 2 0x80000000 Workqueue: netns cleanup_net sgpool-32 2KB 15KB Call Trace: sgpool-16 1KB 7KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 sgpool-8 0KB 7KB mqueue_inode_cache 9KB 30KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 Bluetooth: hci0: command 0x2019 tx timeout __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB netdev_run_todo+0x719/0xab0 net/core/dev.c:9005 default_device_exit_batch+0x304/0x3c0 net/core/dev.c:9796 ext4_system_zone 1KB 7KB dio 0KB 7KB bio-1 1KB 7KB pid_namespace 607KB 792KB posix_timers_cache 0KB 7KB kvm_vcpu 0KB 23KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 108KB 135KB ops_exit_list+0xf9/0x150 net/core/net_namespace.c:156 UDP-Lite 8KB 20KB tcp_bind_bucket 205KB 208KB inet_peer_cache 0KB 4KB ip_fib_trie 23KB 35KB cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554 ip_fib_alias 110KB 158KB ip_dst_cache 8KB 64KB process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 RAW 19416KB 19417KB UDP 5481KB 5487KB kthread+0x33f/0x460 kernel/kthread.c:259 TCP 315KB 360KB hugetlbfs_inode_cache 5KB 15KB ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 INFO: task syz-executor.4:2494 blocked for more than 140 seconds. fscache_cookie_jar 1KB 7KB eventpoll_pwq 10KB 39KB eventpoll_epi 19KB 55KB Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. inotify_inode_mark 6KB 27KB syz-executor.4 D26752 2494 15759 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 request_queue 196KB 196KB blkdev_requests 1KB 3KB blkdev_ioc 30KB 34KB bio-0 3172KB 3172KB biovec-max 2466KB 2466KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 biovec-64 2275KB 2275KB biovec-16 610KB 611KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 bio_integrity_payload 1KB 8KB khugepaged_mm_slot 224KB 229KB user_namespace 2KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 skbuff_fclone_cache 21KB 22KB skbuff_head_cache 16796KB 16822KB configfs_dir_cache 3KB 7KB file_lock_cache 0KB 3KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 file_lock_ctx 9KB 11KB fsnotify_mark_connector 2KB 15KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 net_namespace 28280KB 28280KB shmem_inode_cache 8034KB 8403KB copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 task_delay_info 2138KB 2533KB taskstats 192KB 290KB proc_dir_entry 146461KB 146463KB pde_opener 0KB 19KB seq_file 8KB 43KB sigqueue 195KB 338KB kernfs_node_cache 420536KB 420536KB mnt_cache 1133KB 1388KB filp 5596KB 7132KB names_cache 41577KB 41637KB iint_cache 30KB 63KB key_jar 6KB 18KB uts_namespace 849KB 1090KB nsproxy 435KB 438KB vm_area_struct 34753KB 34754KB mm_struct 6816KB 6818KB fs_cache 2678KB 3228KB files_cache 9825KB 11310KB signal_cache 16298KB 18500KB sighand_cache 11333KB 11363KB task_struct 70914KB 70971KB cred_jar 5992KB 7444KB anon_vma_chain 44099KB 44100KB anon_vma 12074KB 12074KB pid 768KB 976KB Acpi-Operand 156KB 198KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB debug_objects_cache 33190KB 33194KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 3366KB 3368KB page->ptl 6969KB 6973KB kmalloc-2097152 2050KB 2050KB kmalloc-1048576 2052KB 2052KB kmalloc-524288 2056KB 2056KB kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB kmalloc-65536 2640KB 2640KB kmalloc-32768 179586KB 179586KB kmalloc-16384 54417KB 54417KB kmalloc-8192 124888KB 124888KB kmalloc-4096 574663KB 574685KB kmalloc-2048 453872KB 453874KB kmalloc-1024 179626KB 179644KB kmalloc-512 161872KB 163061KB kmalloc-256 94653KB 95167KB kmalloc-128 47203KB 47206KB kmalloc-96 14014KB 14212KB kmalloc-64 33368KB 33824KB kmalloc-32 29856KB 30232KB kmalloc-192 63643KB 64144KB kmem_cache 179KB 183KB Out of memory (oom_kill_allocating_task): Kill process 31972 (syz-executor.4) score 0 or sacrifice child Killed process 22981 (syz-executor.4) total-vm:57200kB, anon-rss:436kB, file-rss:14132kB, shmem-rss:0kB oom_reaper: reaped process 22981 (syz-executor.4), now anon-rss:0kB, file-rss:14132kB, shmem-rss:0kB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:2686 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26792 2686 2494 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Bluetooth: hci0: command 0x2019 tx timeout copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:2801 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26792 2801 2686 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:3010 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26792 3010 2794 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:3203 blocked for more than 140 seconds. kworker/u4:3 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26928 3203 2859 0x00000000 kworker/u4:3 cpuset=/ mems_allowed=0-1 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 CPU: 1 PID: 2885 Comm: kworker/u4:3 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_unbound call_usermodehelper_exec_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1132 [inline] out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 kernel_thread+0x2f/0x40 kernel/fork.c:2278 call_usermodehelper_exec_work kernel/umh.c:199 [inline] call_usermodehelper_exec_work+0x16d/0x260 kernel/umh.c:185 process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 Bluetooth: hci0: command 0x2019 tx timeout do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:3477 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26792 3477 2794 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Mem-Info: active_anon:348216 inactive_anon:21507 isolated_anon:0 active_file:130 inactive_file:275 isolated_file:32 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:48356 slab_unreclaimable:1053317 mapped:18774 shmem:11013 pagetables:63241 bounce:0 free:22516 free_pcp:710 free_cma:0 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 0 active_anon:1336372kB inactive_anon:19912kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:59204kB dirty:0kB writeback:0kB shmem:36068kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 696320kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 Node 1 active_anon:56532kB inactive_anon:66116kB active_file:224kB inactive_file:172kB unevictable:0kB isolated(anon):0kB isolated(file):112kB mapped:14664kB dirty:0kB writeback:0kB shmem:7984kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:4132kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:12kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 lowmem_reserve[]: 0 2693 2695 2695 2695 entry_SYSCALL_64_after_hwframe+0x49/0xbe Node 0 DMA32 free:26536kB min:35996kB low:44992kB high:53988kB active_anon:1332240kB inactive_anon:19912kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:24544kB pagetables:62372kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 lowmem_reserve[]: 0 0 0 0 0 INFO: task syz-executor.4:3517 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 Node 1 Normal free:53432kB min:53876kB low:67344kB high:80812kB active_anon:56532kB inactive_anon:66116kB active_file:728kB inactive_file:552kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:151232kB pagetables:190580kB bounce:0kB free_pcp:2400kB local_pcp:1236kB free_cma:0kB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26928 3517 2686 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 6*4kB (UM) 4*8kB (ME) 2*16kB (ME) 3*32kB (UME) 1*64kB (E) 3*128kB (UME) 2*256kB (ME) 3*512kB (UME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (M) = 10872kB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Node 0 DMA32: 1932*4kB (M) 840*8kB (ME) 221*16kB (M) 86*32kB (UME) 39*64kB (UME) 10*128kB (UM) 5*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 25792kB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:3571 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26792 3571 3048 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 INFO: task syz-executor.4:3575 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.4 D26888 3575 3079 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 IPVS: ftp: loaded support on port[0] = 21 Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB ops_init+0xb3/0x410 net/core/net_namespace.c:129 Bluetooth: hci0: command 0x2019 tx timeout setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f956783eeb9 Code: Bad RIP value. RSP: 002b:00007f9566151168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f95679521d0 RCX: 00007f956783eeb9 RDX: 0000000020001640 RSI: 0000000020001600 RDI: 0000000040000000 RBP: 00007f956789908d R08: 00000000200016c0 R09: 0000000000000000 R10: 0000000020001680 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffe3d9626df R14: 00007f9566151300 R15: 0000000000022000 Showing all locks held in the system: 1 lock held by systemd/1: 5 locks held by kworker/u4:0/7: 1 lock held by khungtaskd/1569: #0: 000000009b40f1a8 (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 3 locks held by kswapd1/1968: 3 locks held by kworker/u4:3/2885: 4 locks held by kworker/u4:4/2995: #0: 00000000449e2ca4 ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 0000000089d328e0 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521 #3: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: netdev_run_todo+0x719/0xab0 net/core/dev.c:9005 5 locks held by syz-fuzzer/8078: 5 locks held by kworker/u4:5/9360: 5 locks held by kworker/u4:8/9437: 2 locks held by agetty/13247: #0: 000000002686bbe8 (&tty->ldisc_sem){++++}, at: tty_ldisc_ref_wait+0x22/0x80 drivers/tty/tty_ldisc.c:272 #1: 000000007ffdbbc0 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x217/0x1950 drivers/tty/n_tty.c:2154 systemd[1]: rsyslog.service: Main process exited, code=killed, status=9/KILL 3 locks held by kworker/0:6/24617: #0: 00000000ff3fa05b ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 Bluetooth: hci0: command 0x2019 tx timeout #1: 0000000057bf07f4 (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150 2 locks held by syz-executor.4/2494: #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.4/2572: #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 1 Normal: 473*4kB (M) 137*8kB (UMEH) 263*16kB (UME) 130*32kB (UME) 5*64kB (ME) 58*128kB (MEH) 34*256kB (ME) 9*512kB (UM) 5*1024kB (ME) 3*2048kB (M) 3*4096kB (M) = 55964kB #1: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.4/2686: #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB #1: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2 locks held by syz-executor.4/2699: #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB #1: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 2 locks held by syz-executor.4/2794: #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 11086 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB #1: 00000000fc34efc2 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Total swap = 0kB 2097051 pages RAM IPVS: ftp: loaded support on port[0] = 21 2 locks held by syz-executor.4/2801: 0 pages HighMem/MovableOnly #0: 00000000fcaebd8b (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 369649 pages reserved