__dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 warn_alloc+0x19a/0x2b0 mm/page_alloc.c:3306 kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) __vmalloc_node_range+0x4f0/0x650 mm/vmalloc.c:1775 Modules linked in: CPU: 0 PID: 30477 Comm: syz-executor4 Not tainted 4.15.0+ #221 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:ip6t_do_table+0x132d/0x1a30 net/ipv6/netfilter/ip6_tables.c:355 RSP: 0018:ffff8801db406c20 EFLAGS: 00010246 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1826 RAX: 0000000000000000 RBX: ffff8801b0c29b80 RCX: ffffffff84db22a1 RDX: 0000000000000100 RSI: 0000000000000000 RDI: ffff8801b0c29cde kvmalloc_node+0x82/0xd0 mm/util.c:428 RBP: ffff8801db406e68 R08: ffff8801db406f60 R09: 0000000000000002 kvmalloc include/linux/mm.h:541 [inline] kvmalloc_array include/linux/mm.h:557 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:779 R10: 00000000000000d0 R11: 0000000000000020 R12: 0000000000000001 R13: 0000000000000000 R14: dffffc0000000000 R15: ffff8801b0c29c50 translate_table+0x2e0/0x1dd0 net/ipv4/netfilter/arp_tables.c:533 FS: 00007ff199438700(0000) GS:ffff8801db400000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000001b9bc22000 CR3: 00000001b1d23002 CR4: 00000000001606f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: do_replace net/ipv4/netfilter/arp_tables.c:981 [inline] do_arpt_set_ctl+0x394/0x8d0 net/ipv4/netfilter/arp_tables.c:1458 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ip_setsockopt+0x97/0xa0 net/ipv4/ip_sockglue.c:1259 ip6table_security_hook+0x65/0x80 net/ipv6/netfilter/ip6table_security.c:45 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2905 nf_hook_entry_hookfn include/linux/netfilter.h:120 [inline] nf_hook_slow+0xba/0x1a0 net/netfilter/core.c:483 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2975 nf_hook include/linux/netfilter.h:243 [inline] NF_HOOK include/linux/netfilter.h:286 [inline] ip6_input+0x35c/0x560 net/ipv6/ip6_input.c:327 SYSC_setsockopt net/socket.c:1849 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1828 dst_input include/net/dst.h:449 [inline] ip6_rcv_finish+0x297/0x8c0 net/ipv6/ip6_input.c:71 entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 RSP: 002b:00007f921c989c58 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 NF_HOOK include/linux/netfilter.h:288 [inline] ipv6_rcv+0xf37/0x1fa0 net/ipv6/ip6_input.c:208 RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 RDX: 0000000000000060 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 00000000000000cd R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000000 R11: 0000000000000212 R12: 00000000006f03d8 R13: 00000000ffffffff R14: 00007f921c98a6d4 R15: 0000000000000000 Mem-Info: active_anon:60328 inactive_anon:64 isolated_anon:0 active_file:3523 inactive_file:8485 isolated_file:0 unevictable:0 dirty:74 writeback:0 unstable:0 slab_reclaimable:8928 slab_unreclaimable:84120 mapped:24203 shmem:70 pagetables:703 bounce:0 free:1436134 free_pcp:424 free_cma:0 __netif_receive_skb_core+0x1a41/0x3460 net/core/dev.c:4547 Node 0 active_anon:241312kB inactive_anon:256kB active_file:14092kB inactive_file:33940kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:96812kB dirty:296kB writeback:0kB shmem:280kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 165888kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2868 6378 6378 Node 0 DMA32 free:2939248kB min:30316kB low:37892kB high:45468kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2939956kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:708kB local_pcp:664kB free_cma:0kB __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4612 lowmem_reserve[]: process_backlog+0x203/0x740 net/core/dev.c:5292 0 napi_poll net/core/dev.c:5690 [inline] net_rx_action+0x792/0x1910 net/core/dev.c:5756 0 3510 3510 Node 0 Normal free:2789380kB min:37100kB low:46372kB high:55644kB active_anon:241312kB inactive_anon:256kB active_file:14092kB inactive_file:33940kB unevictable:0kB writepending:296kB present:4718592kB managed:3594332kB mlocked:0kB kernel_stack:4704kB pagetables:2812kB bounce:0kB free_pcp:988kB local_pcp:568kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 __do_softirq+0x2d7/0xb85 kernel/softirq.c:285 Node 0 DMA: 1*4kB (U) 0*8kB do_softirq_own_stack+0x2a/0x40 arch/x86/entry/entry_64.S:1151 0*16kB do_softirq.part.19+0x14d/0x190 kernel/softirq.c:329 do_softirq kernel/softirq.c:177 [inline] __local_bh_enable_ip+0x1ee/0x230 kernel/softirq.c:182 1*32kB local_bh_enable include/linux/bottom_half.h:32 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:726 [inline] ip6_finish_output2+0xba0/0x23a0 net/ipv6/ip6_output.c:121 (U) 2*64kB (U) 1*128kB ip6_finish_output+0x698/0xaf0 net/ipv6/ip6_output.c:154 (U) NF_HOOK_COND include/linux/netfilter.h:277 [inline] ip6_output+0x1eb/0x840 net/ipv6/ip6_output.c:171 1*256kB (U) dst_output include/net/dst.h:443 [inline] NF_HOOK include/linux/netfilter.h:288 [inline] ip6_xmit+0xe1f/0x2260 net/ipv6/ip6_output.c:277 0*512kB 1*1024kB (U) 1*2048kB (M) sctp_v6_xmit+0x438/0x630 net/sctp/ipv6.c:225 3*4096kB (M) sctp_packet_transmit+0x225e/0x3750 net/sctp/output.c:638 = 15908kB Node 0 DMA32: 2*4kB (M) 1*8kB sctp_outq_flush+0xabb/0x4060 net/sctp/outqueue.c:911 (M) 0*16kB 1*32kB (M) 1*64kB (M) 2*128kB (M) 2*256kB (M) 3*512kB (M) 2*1024kB (M) 1*2048kB (M) 716*4096kB (M) = 2939248kB sctp_outq_uncork+0x5a/0x70 net/sctp/outqueue.c:776 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1807 [inline] sctp_side_effects net/sctp/sm_sideeffect.c:1210 [inline] sctp_do_sm+0x4e0/0x6ed0 net/sctp/sm_sideeffect.c:1181 Node 0 Normal: 837*4kB (UME) 898*8kB (UME) 680*16kB (UM) 416*32kB (UM) 260*64kB sctp_primitive_ASSOCIATE+0x9d/0xd0 net/sctp/primitive.c:88 sctp_sendmsg+0x13bd/0x35e0 net/sctp/socket.c:1985 (UM) 229*128kB (UM) 43*256kB (UM) 51*512kB (UM) inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:764 87*1024kB (UME) 3*2048kB sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 SYSC_sendto+0x361/0x5c0 net/socket.c:1747 (U) 629*4096kB (UM) = 2789412kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB SyS_sendto+0x40/0x50 net/socket.c:1715 12077 total pagecache pages entry_SYSCALL_64_fastpath+0x29/0xa0 RIP: 0033:0x453299 0 pages in swap cache RSP: 002b:00007ff199437c58 EFLAGS: 00000212 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 000000000071bea0 RCX: 0000000000453299 RDX: 0000000000000001 RSI: 0000000020925000 RDI: 0000000000000013 Swap cache stats: add 0, delete 0, find 0/0 RBP: 000000000000055a R08: 0000000020108fe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f7110 R13: 00000000ffffffff R14: 00007ff1994386d4 R15: 0000000000000000 Code: Free swap = 0kB 41 f6 87 83 Total swap = 0kB 00 00 00 04 75 37 e8 1965969 pages RAM 0f 83 95 fc 8b 85 0 pages HighMem/MovableOnly 14 fe ff ff 48 8b 328420 pages reserved b5 50 fe ff ff 4c 8d 2c c6 44 8d 60 01 4c 89 e8 48 c1 e8 03 <42> 80 3c 30 00 0f 85 26 03 00 00 4d 89 7d 00 44 89 a5 14 fe ff RIP: ip6t_do_table+0x132d/0x1a30 net/ipv6/netfilter/ip6_tables.c:355 RSP: ffff8801db406c20 ---[ end trace 801c529c9261f781 ]---