vmalloc: allocation failure: 8590196736 bytes syz-executor5: page allocation failure: order:0, mode:0x24000c2 CPU: 1 PID: 17832 Comm: syz-executor5 Not tainted 4.4.138-gcf21a9a #64 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 dec214605339ae87 ffff8801bc557918 ffffffff81e0ed0d 1ffff100378aaf26[ 332.772978] BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor4/17840 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 ffff8801d7301800 00000000024000c2 0000000000000000 ffffffff83aad3a0 ffff8801bc557a28 ffffffff815118eb ffff880100000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] warn_alloc_failed.cold.116+0x83/0x149 mm/page_alloc.c:2757 [] __vmalloc_node_range+0x359/0x630 mm/vmalloc.c:1692 [] __vmalloc_node mm/vmalloc.c:1715 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1729 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1744 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:757 [] translate_table+0x215/0x1750 net/ipv6/netfilter/ip6_tables.c:834 [] do_replace net/ipv6/netfilter/ip6_tables.c:1309 [inline] [] do_ip6t_set_ctl+0x2b3/0x450 net/ipv6/netfilter/ip6_tables.c:1862 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:909 [] tcp_setsockopt+0x88/0xe0 net/ipv4/tcp.c:2643 [] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2659 [] SYSC_setsockopt net/socket.c:1767 [inline] [] SyS_setsockopt+0x166/0x260 net/socket.c:1746 [] entry_SYSCALL_64_fastpath+0x22/0x9e CPU: 0 PID: 17840 Comm: syz-executor4 Not tainted 4.4.138-gcf21a9a #64 Mem-Info: active_anon:38565 inactive_anon:43 isolated_anon:0 active_file:5035 inactive_file:17311 isolated_file:0 unevictable:0 dirty:162 writeback:0 unstable:0 slab_reclaimable:5279 slab_unreclaimable:62964 mapped:74788 shmem:50 pagetables:956 bounce:0 free:1422887 free_pcp:475 free_cma:0 DMA free:15904kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15992kB managed:15904kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB unstable:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? yes lowmem_reserve[]: 0 2908 6409 6409 DMA32 free:2581016kB min:30596kB low:38244kB high:45892kB active_anon:74520kB inactive_anon:64kB active_file:9916kB inactive_file:37224kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:3129292kB managed:2980440kB mlocked:0kB dirty:180kB writeback:0kB mapped:135100kB shmem:76kB slab_reclaimable:10280kB slab_unreclaimable:107508kB kernel_stack:2304kB pagetables:1420kB unstable:0kB bounce:0kB free_pcp:1076kB local_pcp:452kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 3500 3500 Normal free:3094628kB min:36820kB low:46024kB high:55228kB active_anon:79740kB inactive_anon:108kB active_file:10224kB inactive_file:32020kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3584660kB mlocked:0kB dirty:468kB writeback:0kB mapped:164052kB shmem:124kB slab_reclaimable:10836kB slab_unreclaimable:144348kB kernel_stack:3360kB pagetables:2404kB unstable:0kB bounce:0kB free_pcp:824kB local_pcp:496kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15904kB DMA32: 1258*4kB (UME) 824*8kB (UME) 739*16kB (UME) 189*32kB (UME) 151*64kB (UME) 142*128kB (UME) 72*256kB (UM) 79*512kB (UM) 59*1024kB (UME) 4*2048kB (UE) 585*4096kB (M) = 2580984kB Normal: 877*4kB (UME) 1018*8kB (UME) 778*16kB (UME) 276*32kB (UME) 127*64kB (UME) 180*128kB (UME) 136*256kB (UM) 97*512kB (UM) 63*1024kB (UM) 3*2048kB (UME) 702*4096kB (M) = 3094628kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 22395 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965969 pages RAM 0 pages HighMem/MovableOnly 320718 pages reserved netlink: 12 bytes leftover after parsing attributes in process `syz-executor5'. vmalloc: allocation failure: 8590196736 bytes syz-executor5: page allocation failure: order:0, mode:0x24000c2 IPVS: Creating netns size=2552 id=35 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 9accc8f7ec7705c8 ffff8801da34f5f0 ffffffff81e0ed0d 0000000000000000 ffffffff83c136c0 ffffffff83f0abc0 ffff8801d41e6000[ 333.295920] pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads 0000000000000003 ffff8801da34f630 ffffffff81eb8613 ffff8800bb8551bc Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] check_preemption_disabled.cold.0+0x7f/0x8b lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x22a/0x4c0 net/ipv4/tcp_input.c:4279 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4486 [] tcp_send_rcvq+0x3a6/0x470 net/ipv4/tcp_input.c:4532 [] tcp_sendmsg+0x23e6/0x2b00 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x203/0x4d0 net/ipv4/af_inet.c:755 [] sock_sendmsg_nosec net/socket.c:625 [inline] [] sock_sendmsg+0xcc/0x110 net/socket.c:635 [] ___sys_sendmsg+0x441/0x880 net/socket.c:1962 [] __sys_sendmmsg+0x12e/0x2e0 net/socket.c:2047 [] SYSC_sendmmsg net/socket.c:2077 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2072 [] entry_SYSCALL_64_fastpath+0x22/0x9e CPU: 1 PID: 17843 Comm: syz-executor5 Not tainted 4.4.138-gcf21a9a #64 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 d2b085124eccae7b ffff8800a49e7918 ffffffff81e0ed0d 1ffff1001493cf26 ffff8801c9304800 00000000024000c2 0000000000000000 ffffffff83aad3a0 ffff8800a49e7a28 ffffffff815118eb ffff880000000001 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 BUG: using __this_cpu_add() in preemptible [00000000] code: syz-executor4/17867 caller is __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] warn_alloc_failed.cold.116+0x83/0x149 mm/page_alloc.c:2757 [] __vmalloc_node_range+0x359/0x630 mm/vmalloc.c:1692 [] __vmalloc_node mm/vmalloc.c:1715 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1729 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1744 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:757 [] translate_table+0x215/0x1750 net/ipv6/netfilter/ip6_tables.c:834 [] do_replace net/ipv6/netfilter/ip6_tables.c:1309 [inline] [] do_ip6t_set_ctl+0x2b3/0x450 net/ipv6/netfilter/ip6_tables.c:1862 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x6d/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0xc8/0x130 net/ipv6/ipv6_sockglue.c:909 [] tcp_setsockopt+0x88/0xe0 net/ipv4/tcp.c:2643 [] sock_common_setsockopt+0x9a/0xe0 net/core/sock.c:2659 [] SYSC_setsockopt net/socket.c:1767 [inline] [] SyS_setsockopt+0x166/0x260 net/socket.c:1746 [] entry_SYSCALL_64_fastpath+0x22/0x9e CPU: 0 PID: 17867 Comm: syz-executor4 Not tainted 4.4.138-gcf21a9a #64 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 0000000000000000 298fb0232c03bdac ffff8800a2d7f5f0 ffffffff81e0ed0d 0000000000000000 ffffffff83c136c0 ffffffff83f0abc0 ffff8801d721c800 0000000000000003 ffff8800a2d7f630 ffffffff81eb8613 ffff8800b69b107c Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x124 lib/dump_stack.c:51 [] check_preemption_disabled.cold.0+0x7f/0x8b lib/smp_processor_id.c:46 [] __this_cpu_preempt_check+0x1c/0x20 lib/smp_processor_id.c:62 [] tcp_try_coalesce+0x22a/0x4c0 net/ipv4/tcp_input.c:4279 [] tcp_queue_rcv+0x127/0x6f0 net/ipv4/tcp_input.c:4486 [] tcp_send_rcvq+0x3a6/0x470 net/ipv4/tcp_input.c:4532 [] tcp_sendmsg+0x23e6/0x2b00 net/ipv4/tcp.c:1134 [] inet_sendmsg+0x203/0x4d0 net/ipv4/af_inet.c:755 Mem-Info: active_anon:38606 inactive_anon:2891 isolated_anon:0 active_file:5035 inactive_file:17311 isolated_file:0 unevictable:0 dirty:163 writeback:0 unstable:0 slab_reclaimable:5287 slab_unreclaimable:63137 mapped:77637 shmem:2936 pagetables:986 bounce:0 free:1420500 free_pcp:468 free_cma:0 DMA free:15904kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15992kB managed:15904kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB unstable:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? yes lowmem_reserve[]: 0 2908 6409 6409 DMA32 free:2579192kB min:30596kB low:38244kB high:45892kB active_anon:72492kB inactive_anon:5444kB active_file:9916kB inactive_file:37224kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:3129292kB managed:2980440kB mlocked:0kB dirty:180kB writeback:0kB mapped:140484kB shmem:5540kB slab_reclaimable:10292kB slab_unreclaimable:107832kB kernel_stack:2432kB pagetables:1392kB unstable:0kB bounce:0kB free_pcp:1180kB local_pcp:544kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 3500 3500 Normal free:3086904kB min:36820kB low:46024kB high:55228kB active_anon:81932kB inactive_anon:6120kB active_file:10224kB inactive_file:32020kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:4718592kB managed:3584660kB mlocked:0kB dirty:472kB writeback:0kB mapped:170064kB shmem:6204kB slab_reclaimable:10856kB slab_unreclaimable:144716kB kernel_stack:4160kB pagetables:2552kB unstable:0kB bounce:0kB free_pcp:692kB local_pcp:236kB free_cma:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no lowmem_reserve[]: 0 0 0 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15904kB DMA32: 1008*4kB (UME) 667*8kB (UE) 592*16kB (UE) 146*32kB (UME) 151*64kB (UME) 142*128kB (UME) 72*256kB (UM) 79*512kB (UM) 59*1024kB (UME) 6*2048kB (UME) 585*4096kB (M) = 2579096kB Normal: 198*4kB (UME) 794*8kB (UE) 659*16kB (UME) 249*32kB (UME) 136*64kB (UME) 180*128kB (UME) 136*256kB (UM) 95*512kB (UM) 63*1024kB (UM) 3*2048kB (UME) 702*4096kB (M) = 3086904kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 25281 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965969 pages RAM 0 pages HighMem/MovableOnly 320718 pages reserved [] sock_sendmsg_nosec net/socket.c:625 [inline] [] sock_sendmsg+0xcc/0x110 net/socket.c:635 [] ___sys_sendmsg+0x441/0x880 net/socket.c:1962 [] __sys_sendmmsg+0x12e/0x2e0 net/socket.c:2047 [] SYSC_sendmmsg net/socket.c:2077 [inline] [] SyS_sendmmsg+0x35/0x60 net/socket.c:2072 [] entry_SYSCALL_64_fastpath+0x22/0x9e netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies. Check SNMP counters. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket audit: type=1326 audit(1530138308.422:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=18203 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x0 audit: type=1326 audit(1530138309.332:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=18203 comm="syz-executor3" exe="/root/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x455a99 code=0x0 IPVS: set_ctl: invalid protocol: 12 0.0.134.163:20002 ovf binder: 18365:18369 BC_CLEAR_DEATH_NOTIFICATION death notification not active binder: 18365:18369 got transaction to context manager from process owning it IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20004 nq IPVS: set_ctl: invalid protocol: 29 0.0.0.0:20004 nq binder: 18365:18369 transaction failed 29201/-22, size 0-0 line 3010 binder: undelivered TRANSACTION_ERROR: 29201 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket device ifb0 entered promiscuous mode device ifb0 left promiscuous mode device ifb0 entered promiscuous mode Dead loop on virtual device ip6tnl0, fix it urgently! Dead loop on virtual device ip6tnl0, fix it urgently! Dead loop on virtual device ip6tnl0, fix it urgently! Dead loop on virtual device ip6tnl0, fix it urgently! Dead loop on virtual device ip6tnl0, fix it urgently! Dead loop on virtual device ip6tnl0, fix it urgently! binder: 18575:18581 ERROR: BC_REGISTER_LOOPER called without request binder: 18575:18581 got reply transaction with bad transaction stack, transaction 75 has target 18575:18581 binder: 18575:18581 transaction failed 29201/-71, size 0-0 line 2942 binder: release 18575:18581 transaction 75 in, still active binder: send failed reply for transaction 75 to 18575:18581