BUG: MAX_LOCKDEP_CHAINS too low! turning off the locking correctness validator. CPU: 0 PID: 9260 Comm: syz-executor.3 Not tainted 5.8.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x18f/0x20d lib/dump_stack.c:118 add_chain_cache kernel/locking/lockdep.c:3063 [inline] lookup_chain_cache_add kernel/locking/lockdep.c:3162 [inline] validate_chain kernel/locking/lockdep.c:3183 [inline] __lock_acquire.cold+0x11/0x3f8 kernel/locking/lockdep.c:4380 lock_acquire+0x1f1/0xad0 kernel/locking/lockdep.c:4959 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x8c/0xc0 kernel/locking/spinlock.c:159 __debug_check_no_obj_freed lib/debugobjects.c:955 [inline] debug_check_no_obj_freed+0xc7/0x41c lib/debugobjects.c:998 kmem_cache_free+0x21c/0x310 mm/slab.c:3693 kfree_skbmem+0xef/0x1b0 net/core/skbuff.c:622 __kfree_skb net/core/skbuff.c:679 [inline] consume_skb net/core/skbuff.c:837 [inline] consume_skb+0xcf/0x160 net/core/skbuff.c:831 packet_rcv+0xea/0x13b0 net/packet/af_packet.c:2154 dev_queue_xmit_nit+0x7f6/0xac0 net/core/dev.c:2355 xmit_one net/core/dev.c:3552 [inline] dev_hard_start_xmit+0xaa/0x950 net/core/dev.c:3572 sch_direct_xmit+0x2ea/0xc00 net/sched/sch_generic.c:313 qdisc_restart net/sched/sch_generic.c:376 [inline] __qdisc_run+0x4b9/0x1630 net/sched/sch_generic.c:384 __dev_xmit_skb net/core/dev.c:3795 [inline] __dev_queue_xmit+0x1995/0x2d60 net/core/dev.c:4100 neigh_hh_output include/net/neighbour.h:498 [inline] neigh_output include/net/neighbour.h:507 [inline] ip_finish_output2+0x1523/0x21f0 net/ipv4/ip_output.c:228 __ip_finish_output net/ipv4/ip_output.c:306 [inline] __ip_finish_output+0x6e6/0xbc0 net/ipv4/ip_output.c:288 ip_finish_output+0x34/0x1f0 net/ipv4/ip_output.c:316 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip_output+0x196/0x310 net/ipv4/ip_output.c:430 dst_output include/net/dst.h:443 [inline] ip_local_out+0xaf/0x1a0 net/ipv4/ip_output.c:125 iptunnel_xmit+0x5a0/0x9b0 net/ipv4/ip_tunnel_core.c:81 geneve_xmit_skb drivers/net/geneve.c:929 [inline] geneve_xmit+0xd9f/0x24f0 drivers/net/geneve.c:1005 __netdev_start_xmit include/linux/netdevice.h:4611 [inline] netdev_start_xmit include/linux/netdevice.h:4625 [inline] xmit_one net/core/dev.c:3556 [inline] dev_hard_start_xmit+0x193/0x950 net/core/dev.c:3572 __dev_queue_xmit+0x2091/0x2d60 net/core/dev.c:4131 neigh_resolve_output net/core/neighbour.c:1489 [inline] neigh_resolve_output+0x3fe/0x6a0 net/core/neighbour.c:1469 neigh_output include/net/neighbour.h:509 [inline] ip6_finish_output2+0x8b6/0x17b0 net/ipv6/ip6_output.c:117 __ip6_finish_output net/ipv6/ip6_output.c:143 [inline] __ip6_finish_output+0x447/0xab0 net/ipv6/ip6_output.c:128 ip6_finish_output+0x34/0x1f0 net/ipv6/ip6_output.c:153 NF_HOOK_COND include/linux/netfilter.h:296 [inline] ip6_output+0x1db/0x520 net/ipv6/ip6_output.c:176 dst_output include/net/dst.h:443 [inline] NF_HOOK include/linux/netfilter.h:307 [inline] ndisc_send_skb+0xa69/0x1720 net/ipv6/ndisc.c:506 ndisc_send_rs+0x12e/0x700 net/ipv6/ndisc.c:700 addrconf_rs_timer+0x2ec/0x7c0 net/ipv6/addrconf.c:3848 call_timer_fn+0x1ac/0x760 kernel/time/timer.c:1404 expire_timers kernel/time/timer.c:1449 [inline] __run_timers.part.0+0x54c/0xa20 kernel/time/timer.c:1773 __run_timers kernel/time/timer.c:1745 [inline] run_timer_softirq+0xae/0x1a0 kernel/time/timer.c:1786 __do_softirq+0x34c/0xa60 kernel/softirq.c:292 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:711 __run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline] do_softirq_own_stack+0x111/0x170 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:387 [inline] __irq_exit_rcu kernel/softirq.c:417 [inline] irq_exit_rcu+0x229/0x270 kernel/softirq.c:429 sysvec_apic_timer_interrupt+0x54/0x120 arch/x86/kernel/apic/apic.c:1091 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:587 RIP: 0010:lock_release+0x45/0x8d0 kernel/locking/lockdep.c:4967 Code: 81 ec 90 00 00 00 48 c7 44 24 10 b3 8a b5 41 48 8d 6c 24 10 48 c7 44 24 18 70 2b 68 89 48 c1 ed 03 48 c7 44 24 20 a0 04 5a 81 <48> 8d 44 15 00 c7 00 f1 f1 f1 f1 c7 40 04 f1 f1 04 f2 c7 40 08 04 RSP: 0018:ffffc90008f178f0 EFLAGS: 00000a02 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 1ffffffff1303928 RDX: dffffc0000000000 RSI: ffffffff81b86d2f RDI: ffffffff89bc11c0 RBP: 1ffff920011e2f20 R08: 0000000000000001 R09: ffffea0001b95473 R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff89bc11c0 R13: ffffffff81b86d2f R14: dffffc0000000000 R15: 00000000f696d000 zap_pte_range mm/memory.c:1089 [inline] zap_pmd_range mm/memory.c:1193 [inline] zap_pud_range mm/memory.c:1222 [inline] zap_p4d_range mm/memory.c:1243 [inline] unmap_page_range+0xf3b/0x2940 mm/memory.c:1264 unmap_single_vma+0x198/0x300 mm/memory.c:1309 unmap_vmas+0x16f/0x2f0 mm/memory.c:1341 exit_mmap+0x2b1/0x510 mm/mmap.c:3150 __mmput+0x122/0x470 kernel/fork.c:1093 mmput+0x53/0x60 kernel/fork.c:1114 exit_mm kernel/exit.c:482 [inline] do_exit+0xa8f/0x2a40 kernel/exit.c:792 do_group_exit+0x125/0x310 kernel/exit.c:903 __do_sys_exit_group kernel/exit.c:914 [inline] __se_sys_exit_group kernel/exit.c:912 [inline] __ia32_sys_exit_group+0x3a/0x50 kernel/exit.c:912 do_syscall_32_irqs_on+0x3f/0x60 arch/x86/entry/common.c:428 __do_fast_syscall_32 arch/x86/entry/common.c:475 [inline] do_fast_syscall_32+0x7f/0x120 arch/x86/entry/common.c:503 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c RIP: 0023:0xf7f17569 Code: Bad RIP value. RSP: 002b:00000000086afd7c EFLAGS: 00000202 ORIG_RAX: 00000000000000fc RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000003 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000805ab0b RBP: 00000000fffffff7 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000