syz-executor.4: vmalloc: allocation failure: 12884901888 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor.4 cpuset=syz4 mems_allowed=0-1 INFO: trying to register non-static key. CPU: 0 PID: 22443 Comm: syz-executor.4 Not tainted 4.14.131 #25 the code is fine but needs lockdep annotation. Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 turning off the locking correctness validator. Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x138/0x19c lib/dump_stack.c:53 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __vmalloc_node_range mm/vmalloc.c:1780 [inline] __vmalloc_node_range+0x3be/0x6a0 mm/vmalloc.c:1746 __vmalloc_node mm/vmalloc.c:1809 [inline] __vmalloc_node_flags_caller+0x4f/0x60 mm/vmalloc.c:1831 kvmalloc_node+0xb2/0xe0 mm/util.c:406 kvmalloc include/linux/mm.h:531 [inline] kvzalloc include/linux/mm.h:539 [inline] kvm_arch_create_memslot+0xa5/0x450 arch/x86/kvm/x86.c:8504 __kvm_set_memory_region+0xbf4/0x1a50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:997 kvm_set_memory_region+0x2f/0x50 arch/x86/kvm/../../../virt/kvm/kvm_main.c:1069 kvm_vm_ioctl_set_memory_region arch/x86/kvm/../../../virt/kvm/kvm_main.c:1081 [inline] kvm_vm_ioctl+0x408/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:2994 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x459519 RSP: 002b:00007fa37dad0c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519 RDX: 00000000200002c0 RSI: 000000004020ae46 RDI: 0000000000000005 RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa37dad16d4 R13: 00000000004c2994 R14: 00000000004d5c60 R15: 00000000ffffffff CPU: 1 PID: 22446 Comm: syz-executor.3 Not tainted 4.14.131 #25 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x138/0x19c lib/dump_stack.c:53 register_lock_class+0x2fd/0x1730 kernel/locking/lockdep.c:768 __lock_acquire+0x147/0x45e0 kernel/locking/lockdep.c:3374 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991 flush_work+0xae/0x730 kernel/workqueue.c:2881 __cancel_work_timer+0x2f0/0x480 kernel/workqueue.c:2956 Mem-Info: cancel_work_sync+0x18/0x20 kernel/workqueue.c:2992 smc_close_active+0x68e/0xba0 net/smc/smc_close.c:206 smc_release+0x45a/0x630 net/smc/af_smc.c:131 active_anon:223628 inactive_anon:7543 isolated_anon:0 active_file:26758 inactive_file:16954 isolated_file:0 unevictable:1024 dirty:331 writeback:0 unstable:0 slab_reclaimable:14005 slab_unreclaimable:113820 mapped:61844 shmem:3137 pagetables:5594 bounce:0 free:988138 free_pcp:207 free_cma:0 __sock_release+0xce/0x2b0 net/socket.c:602 Node 0 active_anon:894512kB inactive_anon:30172kB active_file:106892kB inactive_file:67816kB unevictable:4096kB isolated(anon):0kB isolated(file):0kB mapped:247376kB dirty:1324kB writeback:0kB shmem:12548kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 813056kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no sock_close+0x1b/0x30 net/socket.c:1139 __fput+0x275/0x7a0 fs/file_table.c:210 ____fput+0x16/0x20 fs/file_table.c:244 task_work_run+0x114/0x190 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:191 [inline] exit_to_usermode_loop+0x1da/0x220 arch/x86/entry/common.c:164 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline] syscall_return_slowpath arch/x86/entry/common.c:270 [inline] do_syscall_64+0x4bc/0x640 arch/x86/entry/common.c:297 Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x413201 RSP: 002b:00007ffdc0e436e0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 Node 0 RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000413201 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 RBP: 0000000000000001 R08: 000000006e783fbb R09: 000000006e783fbf R10: 00007ffdc0e437c0 R11: 0000000000000293 R12: 0000000000760338 R13: 0000000000072391 R14: 00000000000723be R15: ffffffffffffffff kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' lowmem_reserve[]: kobject: 'batman_adv' (ffff8880a92b6f00): kobject_uevent_env 0 kobject: 'batman_adv' (ffff8880a92b6f00): kobject_uevent_env: filter function caused the event to drop! 2580 kobject: 'batman_adv' (ffff8880a92b6f00): kobject_cleanup, parent (null) 2580 kobject: 'batman_adv' (ffff8880a92b6f00): calling ktype release 2580 Node 0 DMA32 free:157900kB min:36468kB low:45584kB high:54700kB active_anon:892348kB inactive_anon:30172kB active_file:106896kB inactive_file:67824kB unevictable:4096kB writepending:1364kB present:3129332kB managed:2644912kB mlocked:4096kB kernel_stack:13408kB pagetables:22140kB bounce:0kB free_pcp:964kB local_pcp:552kB free_cma:0kB kobject: (ffff8880a92b6f00): dynamic_kobj_release lowmem_reserve[]: kobject: 'kvm' (ffff888219fd3550): kobject_uevent_env kobject: 'batman_adv': free name kobject: 'rx-0' (ffff888090da4910): kobject_cleanup, parent ffff888085575048 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB kobject: 'kvm' (ffff888219fd3550): fill_kobj_path: path = '/devices/virtual/misc/kvm' lowmem_reserve[]: kobject: 'rx-0' (ffff888090da4910): auto cleanup 'remove' event 0 0 0 0 kobject: 'rx-0' (ffff888090da4910): kobject_uevent_env Node 1 Normal free:3781376kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env lowmem_reserve[]: 0 0 0 0 kobject: 'rx-0' (ffff888090da4910): fill_kobj_path: path = '/devices/virtual/net/þ€/queues/rx-0' Node 0 kobject: 'rx-0' (ffff888090da4910): auto cleanup kobject_del DMA: kobject: 'rx-0' (ffff888090da4910): calling ktype release 1*4kB kobject: 'rx-0': free name kobject: 'tx-0' (ffff88808f7fc318): kobject_cleanup, parent ffff888085575048 (U) kobject: 'tx-0' (ffff88808f7fc318): auto cleanup 'remove' event 0*8kB kobject: 'tx-0' (ffff88808f7fc318): kobject_uevent_env kobject: 'tx-0' (ffff88808f7fc318): fill_kobj_path: path = '/devices/virtual/net/þ€/queues/tx-0' kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'tx-0' (ffff88808f7fc318): auto cleanup kobject_del 0*16kB kobject: 'tx-0' (ffff88808f7fc318): calling ktype release 1*32kB kobject: 'tx-0': free name (U) kobject: 'queues' (ffff888085575048): kobject_cleanup, parent (null) 2*64kB kobject: 'queues' (ffff888085575048): calling ktype release (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) kobject: 'queues' (ffff888085575048): kset_release 3*4096kB kobject: 'queues': free name (UM) kobject: 'þ€' (ffff88805a7e5b70): kobject_uevent_env = 15908kB Node 0 DMA32: 1092*4kB (UME) 284*8kB (UME) 568*16kB (UME) 597*32kB kobject: 'þ€' (ffff88805a7e5b70): fill_kobj_path: path = '/devices/virtual/net/þ€' (UME) 731*64kB (UME) 94*128kB (UME) 27*256kB (UME) 57*512kB (UME) 23*1024kB (UME) 2*2048kB (M) 0*4096kB = 157392kB kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'þ€' (ffff88805a7e5b70): kobject_cleanup, parent (null) Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 82*4kB (UE) 357*8kB (UME) 287*16kB (UM) 63*32kB (UM) 27*64kB (UME) 16*128kB (UE) 14*256kB (UME) 6*512kB (U) 9*1024kB (UME) 10*2048kB (UME) 911*4096kB (UM) = 3781376kB kobject: 'þ€' (ffff88805a7e5b70): calling ktype release Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB kobject: 'þ€': free name kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB kobject: 'þ€' (ffff88808eb28a70): kobject_add_internal: parent: 'net', set: 'devices' kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2' Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB kobject: 'þ€' (ffff88808eb28a70): kobject_uevent_env 46507 total pagecache pages kobject: 'þ€' (ffff88808eb28a70): fill_kobj_path: path = '/devices/virtual/net/þ€' 0 pages in swap cache kobject: 'queues' (ffff888094800f48): kobject_add_internal: parent: 'þ€', set: '' Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB kobject: 'queues' (ffff888094800f48): kobject_uevent_env Total swap = 0kB kobject: 'queues' (ffff888094800f48): kobject_uevent_env: filter function caused the event to drop! 1965979 pages RAM kobject: 'rx-0' (ffff8880a9aa0d90): kobject_add_internal: parent: 'queues', set: 'queues' 0 pages HighMem/MovableOnly kobject: 'rx-0' (ffff8880a9aa0d90): kobject_uevent_env 333222 pages reserved kobject: 'rx-0' (ffff8880a9aa0d90): fill_kobj_path: path = '/devices/virtual/net/þ€/queues/rx-0' 0 pages cma reserved kobject: 'tx-0' (ffff88808af23558): kobject_add_internal: parent: 'queues', set: 'queues' kobject: 'kvm' (ffff888219fd3550): kobject_uevent_env kobject: 'tx-0' (ffff88808af23558): kobject_uevent_env kobject: 'kvm' (ffff888219fd3550): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'tx-0' (ffff88808af23558): fill_kobj_path: path = '/devices/virtual/net/þ€/queues/tx-0' kobject: 'kvm' (ffff888219fd3550): kobject_uevent_env kobject: 'brif' (ffff88809035fa80): kobject_add_internal: parent: 'þ€', set: '' kobject: 'kvm' (ffff888219fd3550): fill_kobj_path: path = '/devices/virtual/misc/kvm' kobject: 'batman_adv' (ffff88809035f980): kobject_add_internal: parent: 'þ€', set: '' kobject: 'loop4' (ffff8880a4a34120): kobject_uevent_env kobject: 'loop4' (ffff8880a4a34120): fill_kobj_path: path = '/devices/virtual/block/loop4' caif:caif_disconnect_client(): nothing to disconnect caif:caif_disconnect_client(): nothing to disconnect kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (ffff8880a4a34120): kobject_uevent_env kobject: 'loop4' (ffff8880a4a34120): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop0' (ffff888089df2de0): kobject_uevent_env kobject: 'loop0' (ffff888089df2de0): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (ffff8880a4a34120): kobject_uevent_env kobject: 'loop4' (ffff8880a4a34120): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop4' (ffff8880a4a34120): kobject_uevent_env kobject: 'loop4' (ffff8880a4a34120): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (ffff8880a49a4d20): kobject_uevent_env kobject: 'loop2' (ffff8880a49a4d20): fill_kobj_path: path = '/devices/virtual/block/loop2'