files_cache 7789KB 9738KB signal_cache 11944KB 14561KB sighand_cache 9929KB 9962KB task_struct 51276KB 51352KB cred_jar 4643KB 6256KB INFO: task syz-executor.5:16057 blocked for more than 140 seconds. anon_vma_chain 42784KB 42784KB anon_vma 10786KB 10815KB Not tainted 4.19.211-syzkaller #0 pid 578KB 928KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Acpi-Operand 156KB 198KB syz-executor.5 D26784 16057 15940 0x00000000 Acpi-ParseExt 8KB 11KB Call Trace: Acpi-Parse 41KB 47KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 numa_policy 0KB 3KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 debug_objects_cache 38699KB 38715KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4005KB 4008KB page->ptl 6575KB 6578KB kmalloc-2097152 2050KB 2050KB kmalloc-524288 2056KB 2056KB kmalloc-262144 1290KB 1290KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 kmalloc-131072 1690KB 1690KB kmalloc-65536 1848KB 2178KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 kmalloc-32768 214731KB 214731KB kmalloc-16384 65059KB 65059KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 kmalloc-8192 147807KB 147807KB kmalloc-4096 663216KB 663255KB create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 kmalloc-2048 534118KB 534123KB kmalloc-1024 213420KB 213420KB kmalloc-512 183407KB 193725KB kmalloc-256 110934KB 111656KB kmalloc-128 56316KB 56318KB kmalloc-96 15748KB 16372KB kmalloc-64 38556KB 39308KB kmalloc-32 34135KB 34776KB kmalloc-192 75433KB 76872KB kmem_cache 178KB 183KB Out of memory (oom_kill_allocating_task): Kill process 8637 (systemd-cgroups) score 0 or sacrifice child Killed process 8637 (systemd-cgroups) total-vm:22204kB, anon-rss:108kB, file-rss:0kB, shmem-rss:0kB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 IPVS: ftp: loaded support on port[0] = 21 IPVS: ftp: loaded support on port[0] = 21 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:16070 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26752 16070 15941 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:16333 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26776 16333 15984 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:16575 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26792 16575 15853 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:16830 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26928 16830 16333 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:17154 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26784 17154 16575 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:17610 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26888 17610 15941 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 syz-executor.5 cpuset=/ mems_allowed=0-1 CPU: 0 PID: 29410 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 Mem-Info: copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 active_anon:197316 inactive_anon:15011 isolated_anon:0 active_file:29 inactive_file:22 isolated_file:33 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:54678 slab_unreclaimable:1212703 mapped:18251 shmem:15502 pagetables:59225 bounce:0 free:25316 free_pcp:0 free_cma:0 Node 0 active_anon:782608kB inactive_anon:60012kB active_file:84kB inactive_file:56kB unevictable:0kB isolated(anon):0kB isolated(file):132kB mapped:58668kB dirty:0kB writeback:0kB shmem:61968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 178176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:6656kB inactive_anon:32kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:40kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:32kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:36384kB min:35996kB low:44992kB high:53988kB active_anon:782608kB inactive_anon:60012kB active_file:84kB inactive_file:52kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:27168kB pagetables:56932kB bounce:0kB free_pcp:236kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB entry_SYSCALL_64_after_hwframe+0x49/0xbe lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53828kB min:53876kB low:67344kB high:80812kB active_anon:6656kB inactive_anon:32kB active_file:32kB inactive_file:32kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104640kB pagetables:179908kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 1*4kB (E) 6*8kB (UE) 2*16kB (ME) 1*32kB (E) 2*64kB (ME) 1*128kB (M) 1*256kB (E) 2*512kB (ME) 1*1024kB (E) 2*2048kB (ME) 1*4096kB (M) = 10868kB RIP: 0033:0x7f91285ddeb9 Node 0 DMA32: 874*4kB (UME) 642*8kB (ME) 766*16kB (UME) 271*32kB (UME) 8*64kB (UME) 6*128kB (ME) 7*256kB (ME) 5*512kB (UM) 1*1024kB (U) 0*2048kB 0*4096kB = 36216kB Code: Bad RIP value. Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 Node 1 Normal: 288*4kB (UM) 80*8kB (UM) 32*16kB (UM) 180*32kB (UME) 5*64kB (ME) 1*128kB (M) 2*256kB (ME) 2*512kB (ME) 1*1024kB (E) 1*2048kB (M) 10*4096kB (M) = 54080kB RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15594 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 1KB 7KB pid_2 262KB 268KB batadv_tl_cache 4KB 12KB TIPC 2922KB 2925KB SCTPv6 8037KB 8037KB DCCPv6 9687KB 9690KB DCCP 9203KB 9205KB RXRPC 3165KB 3165KB rxrpc_call_jar 21915KB 21916KB bridge_fdb_cache 9KB 15KB fib6_nodes 166KB 208KB ip6_dst_cache 94KB 382KB RAWv6 39300KB 39305KB UDPv6 3671KB 3671KB TCPv6 5889KB 5892KB nf_conntrack 2KB 15KB fq_flow_cache 2KB 3KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 10KB 22KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB fuse_request 1KB 4KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB pid_namespace 4KB 11KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 127KB 127KB tcp_bind_bucket 244KB 252KB inet_peer_cache 0KB 4KB ip_fib_trie 23KB 35KB RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 ip_fib_alias 110KB 146KB R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 ip_dst_cache 8KB 64KB R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:17773 blocked for more than 140 seconds. RAW 23292KB 23295KB Not tainted 4.19.211-syzkaller #0 UDP 6572KB 6574KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. TCP 11KB 16KB syz-executor.5 D26776 17773 16774 0x00000000 hugetlbfs_inode_cache 3KB 15KB Call Trace: fscache_cookie_jar 1KB 7KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 eventpoll_pwq 12KB 27KB eventpoll_epi 23KB 39KB inotify_inode_mark 6KB 15KB request_queue 199KB 199KB blkdev_requests 1KB 3KB blkdev_ioc 38KB 38KB bio-0 8905KB 8906KB biovec-max 3745KB 3745KB biovec-64 7749KB 7749KB biovec-16 1771KB 1773KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 218KB 221KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 28KB 30KB skbuff_head_cache 14732KB 14748KB configfs_dir_cache 3KB 7KB file_lock_cache 15KB 23KB file_lock_ctx 10KB 15KB fsnotify_mark_connector 2KB 15KB net_namespace 33967KB 33967KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 shmem_inode_cache 7877KB 7975KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 task_delay_info 1561KB 2154KB taskstats 9KB 45KB proc_dir_entry 175721KB 175725KB pde_opener 1KB 11KB seq_file 119KB 122KB sigqueue 82KB 82KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 kernfs_node_cache 501412KB 501413KB mnt_cache 177KB 188KB filp 4361KB 6333KB names_cache 42096KB 42147KB iint_cache 96KB 103KB key_jar 4KB 7KB uts_namespace 5KB 7KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 nsproxy 342KB 347KB vm_area_struct 34280KB 34282KB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 mm_struct 6495KB 6500KB fs_cache 2116KB 2908KB files_cache 7748KB 9735KB signal_cache 11878KB 14554KB sighand_cache 9927KB 9962KB task_struct 51068KB 51156KB cred_jar 4619KB 6256KB anon_vma_chain 42819KB 42820KB anon_vma 10798KB 10815KB pid 560KB 928KB Acpi-Operand 156KB 198KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 Acpi-ParseExt 8KB 11KB create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB debug_objects_cache 38699KB 38715KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4005KB 4008KB page->ptl 6583KB 6585KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 kmalloc-2097152 2050KB 2050KB kmalloc-524288 2056KB 2056KB kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB kmalloc-65536 1848KB 2178KB kmalloc-32768 214764KB 214764KB kmalloc-16384 65059KB 65059KB kmalloc-8192 147848KB 147848KB kmalloc-4096 663017KB 663042KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe kmalloc-2048 534186KB 534199KB RIP: 0033:0x7f91285ddeb9 kmalloc-1024 213640KB 213648KB kmalloc-512 183850KB 194167KB Code: Bad RIP value. kmalloc-256 110965KB 111686KB RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 kmalloc-128 56333KB 56333KB kmalloc-96 15792KB 16416KB kmalloc-64 38564KB 39316KB kmalloc-32 34150KB 34791KB kmalloc-192 75441KB 76880KB kmem_cache 178KB 183KB Out of memory (oom_kill_allocating_task): Kill process 29410 (syz-executor.5) score 0 or sacrifice child Killed process 11459 (syz-executor.5) total-vm:57200kB, anon-rss:2464kB, file-rss:14080kB, shmem-rss:0kB syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 oom_reaper: reaped process 11459 (syz-executor.5), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 syz-executor.5 cpuset=/ mems_allowed=0-1 CPU: 1 PID: 29410 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:17827 blocked for more than 140 seconds. __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 syz-executor.5 D26792 17827 15757 0x00000000 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 Call Trace: RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 Mem-Info: active_anon:197316 inactive_anon:15011 isolated_anon:0 active_file:13 inactive_file:23 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:54670 slab_unreclaimable:1212885 mapped:18227 shmem:15502 pagetables:59239 bounce:0 free:24870 free_pcp:341 free_cma:0 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 Node 0 active_anon:782608kB inactive_anon:60012kB active_file:4kB inactive_file:48kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:58572kB dirty:0kB writeback:0kB shmem:61968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 178176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Node 1 active_anon:6656kB inactive_anon:32kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:40kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:32kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:34972kB min:35996kB low:44992kB high:53988kB active_anon:782608kB inactive_anon:60012kB active_file:4kB inactive_file:48kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:27168kB pagetables:56932kB bounce:0kB free_pcp:1060kB local_pcp:60kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53640kB min:53876kB low:67344kB high:80812kB active_anon:6656kB inactive_anon:32kB active_file:132kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104672kB pagetables:179964kB bounce:0kB free_pcp:256kB local_pcp:4kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 1*4kB (E) 6*8kB (UE) 2*16kB (ME) 1*32kB (E) 2*64kB (ME) 1*128kB (M) 1*256kB (E) 2*512kB (ME) 1*1024kB (E) 2*2048kB (ME) 1*4096kB (M) = 10868kB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 Node 0 DMA32: 743*4kB (UME) 642*8kB (ME) 766*16kB (UME) 270*32kB (UME) 7*64kB (UME) 7*128kB (UME) 8*256kB (UME) 5*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 34956kB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 262*4kB (ME) 62*8kB (UME) 24*16kB (UME) 178*32kB (UME) 5*64kB (ME) 1*128kB (M) 2*256kB (ME) 2*512kB (ME) 1*1024kB (E) 1*2048kB (M) 10*4096kB (M) = 53640kB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15536 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 1KB 7KB pid_2 262KB 268KB batadv_tl_cache 4KB 12KB TIPC 2922KB 2925KB SCTPv6 8037KB 8037KB DCCPv6 9687KB 9690KB DCCP 9203KB 9205KB RXRPC 3165KB 3165KB rxrpc_call_jar 21915KB 21916KB bridge_fdb_cache 9KB 15KB fib6_nodes 166KB 208KB ip6_dst_cache 94KB 382KB RAWv6 39300KB 39305KB UDPv6 3671KB 3671KB TCPv6 5889KB 5892KB nf_conntrack 2KB 15KB fq_flow_cache 2KB 3KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 10KB 22KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB fuse_request 1KB 4KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB pid_namespace 4KB 11KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 127KB 127KB tcp_bind_bucket 244KB 252KB inet_peer_cache 0KB 4KB ip_fib_trie 23KB 35KB ip_fib_alias 110KB 146KB ip_dst_cache 8KB 64KB RAW 23292KB 23295KB UDP 6572KB 6574KB TCP 11KB 16KB hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 12KB 27KB eventpoll_epi 23KB 39KB inotify_inode_mark 6KB 15KB request_queue 199KB 199KB blkdev_requests 1KB 3KB blkdev_ioc 38KB 38KB bio-0 8905KB 8906KB biovec-max 3745KB 3745KB biovec-64 7749KB 7749KB biovec-16 1771KB 1773KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 218KB 221KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 28KB 30KB skbuff_head_cache 14878KB 14895KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 INFO: task syz-executor.5:18161 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26776 18161 16057 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 Showing all locks held in the system: 2 locks held by systemd/1: #0: 0000000052a3f8b5 (&mm->mmap_sem){++++}, at: __do_page_fault+0x398/0xd60 arch/x86/mm/fault.c:1341 #1: 000000007d1a83f2 (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6378 4 locks held by kworker/u4:2/68: #0: 000000000b6acf51 ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 000000007da8954b (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521 #3: 000000004a1bea50 (rtnl_mutex){+.+.}, at: netdev_run_todo+0x719/0xab0 net/core/dev.c:9005 1 lock held by khungtaskd/1570: #0: 00000000b0ce3b0d (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 3 locks held by kworker/1:2/3687: #0: 00000000a5d8b50e ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 00000000b40cf9ad ((addr_chk_work).work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 000000004a1bea50 (rtnl_mutex){+.+.}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4476 2 locks held by syz-fuzzer/8101: #0: 00000000aa783203 (&mm->mmap_sem){++++}, at: __do_page_fault+0x398/0xd60 arch/x86/mm/fault.c:1341 #1: 00000000403c9130 (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6378 2 locks held by syz-fuzzer/8102: #0: 00000000aa783203 (&mm->mmap_sem){++++}, at: __do_page_fault+0x398/0xd60 arch/x86/mm/fault.c:1341 #1: 00000000403c9130 (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6378 2 locks held by syz-fuzzer/8108: #0: 00000000aa783203 (&mm->mmap_sem){++++}, at: __do_page_fault+0x398/0xd60 arch/x86/mm/fault.c:1341 #1: 00000000403c9130 (&ei->i_mmap_sem){++++}, at: ext4_filemap_fault+0x7c/0xb0 fs/ext4/inode.c:6378 3 locks held by kworker/0:3/8394: #0: 00000000804f235e ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 00000000fc04b883 (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 000000004a1bea50 (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150 1 lock held by syz-executor.2/10462: #0: 000000004a1bea50 (rtnl_mutex){+.+.}, at: tun_detach drivers/net/tun.c:759 [inline] #0: 000000004a1bea50 (rtnl_mutex){+.+.}, at: tun_chr_close+0x3a/0x180 drivers/net/tun.c:3323 2 locks held by syz-executor.5/15757: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/15853: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/15940: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/15941: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/15984: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16057: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16065: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 configfs_dir_cache 3KB 7KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 file_lock_cache 15KB 23KB 2 locks held by syz-executor.5/16070: file_lock_ctx 10KB 15KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 fsnotify_mark_connector 2KB 15KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 net_namespace 33967KB 33967KB 2 locks held by syz-executor.5/16088: shmem_inode_cache 7877KB 7975KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 task_delay_info 1561KB 2154KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 taskstats 9KB 45KB 2 locks held by syz-executor.5/16100: proc_dir_entry 175721KB 175725KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 pde_opener 1KB 11KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 seq_file 119KB 122KB 2 locks held by syz-executor.5/16239: sigqueue 82KB 82KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kernfs_node_cache 501412KB 501413KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 mnt_cache 177KB 188KB 2 locks held by syz-executor.5/16263: filp 4361KB 6333KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16265: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 names_cache 42096KB 42147KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 iint_cache 96KB 103KB 2 locks held by syz-executor.5/16285: key_jar 4KB 7KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16298: uts_namespace 5KB 7KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 nsproxy 342KB 347KB 2 locks held by syz-executor.5/16299: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 vm_area_struct 34280KB 34282KB 2 locks held by syz-executor.5/16300: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 mm_struct 6495KB 6500KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 fs_cache 2116KB 2908KB 2 locks held by syz-executor.5/16313: files_cache 7748KB 9735KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 signal_cache 11878KB 14554KB sighand_cache 9927KB 9962KB task_struct 51068KB 51156KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 cred_jar 4619KB 6256KB anon_vma_chain 42819KB 42820KB anon_vma 10798KB 10815KB 2 locks held by syz-executor.5/16332: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 pid 560KB 928KB 2 locks held by syz-executor.5/16333: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Acpi-Operand 156KB 198KB 2 locks held by syz-executor.5/16500: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 Acpi-ParseExt 8KB 11KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: br_net_exit+0x7b/0x190 net/bridge/br.c:183 2 locks held by syz-executor.5/16556: Acpi-Parse 41KB 47KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 Acpi-State 52KB 63KB 2 locks held by syz-executor.5/16575: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB 2 locks held by syz-executor.5/16613: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 debug_objects_cache 38699KB 38715KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 4005KB 4008KB page->ptl 6583KB 6585KB 2 locks held by syz-executor.5/16615: kmalloc-2097152 2050KB 2050KB kmalloc-524288 2056KB 2056KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kmalloc-262144 1290KB 1290KB kmalloc-131072 1690KB 1690KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 kmalloc-65536 1848KB 2178KB kmalloc-32768 214764KB 214764KB kmalloc-16384 65059KB 65059KB kmalloc-8192 147848KB 147848KB kmalloc-4096 663017KB 663042KB kmalloc-2048 534186KB 534199KB kmalloc-1024 213759KB 213766KB kmalloc-512 184213KB 194531KB 2 locks held by syz-executor.5/16616: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 kmalloc-256 110984KB 111705KB 2 locks held by syz-executor.5/16622: kmalloc-128 56333KB 56333KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kmalloc-96 15820KB 16444KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 kmalloc-64 38564KB 39316KB 2 locks held by syz-executor.5/16643: kmalloc-32 34158KB 34799KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kmalloc-192 75441KB 76880KB kmem_cache 178KB 183KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Out of memory (oom_kill_allocating_task): Kill process 29410 (syz-executor.5) score 0 or sacrifice child 2 locks held by syz-executor.5/16656: Killed process 8726 (syz-executor.5) total-vm:57200kB, anon-rss:2464kB, file-rss:14032kB, shmem-rss:0kB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 oom_reaper: reaped process 8726 (syz-executor.5), now anon-rss:0kB, file-rss:14032kB, shmem-rss:0kB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16657: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 IPVS: ftp: loaded support on port[0] = 21 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16658: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16753: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16756: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16773: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16774: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16777: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16792: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16803: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16830: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/16866: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/16925: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17081: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17116: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17147: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17154: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17189: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17262: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17308: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17350: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17373: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17400: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17437: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17446: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17471: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17500: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17535: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17572: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17586: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17592: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17607: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17608: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17609: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17610: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17710: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 syz-executor.5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=1000 2 locks held by syz-executor.5/17714: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 syz-executor.5 cpuset=/ mems_allowed=0-1 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17729: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/17760: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/17773: #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 CPU: 0 PID: 29410 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 2 locks held by syz-executor.5/17826: oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f91285ddeb9 Code: Bad RIP value. RSP: 002b:00007f9126f32168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f91286f1030 RCX: 00007f91285ddeb9 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f912863808d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc4472f36f R14: 00007f9126f32300 R15: 0000000000022000 Mem-Info: #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 active_anon:197316 inactive_anon:15011 isolated_anon:0 active_file:18 inactive_file:18 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:54381 slab_unreclaimable:1213002 mapped:18227 shmem:15502 pagetables:59238 bounce:0 free:24965 free_pcp:414 free_cma:0 Node 0 active_anon:782608kB inactive_anon:60012kB active_file:40kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:58572kB dirty:0kB writeback:0kB shmem:61968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 178176kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:6656kB inactive_anon:32kB active_file:32kB inactive_file:32kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14336kB dirty:0kB writeback:0kB shmem:40kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10868kB min:204kB low:252kB high:300kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:32kB pagetables:60kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:35356kB min:35996kB low:44992kB high:53988kB active_anon:782608kB inactive_anon:60012kB active_file:40kB inactive_file:40kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:27168kB pagetables:56932kB bounce:0kB free_pcp:1404kB local_pcp:1352kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:0kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53636kB min:53876kB low:67344kB high:80812kB active_anon:6656kB inactive_anon:32kB active_file:32kB inactive_file:32kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104672kB pagetables:179960kB bounce:0kB free_pcp:252kB local_pcp:248kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 1*4kB (E) 6*8kB (UE) 2*16kB (ME) 1*32kB (E) 2*64kB (ME) 1*128kB (M) 1*256kB (E) 2*512kB (ME) 1*1024kB (E) 2*2048kB (ME) 1*4096kB (M) = 10868kB Node 0 DMA32: 945*4kB (UME) 672*8kB (UMEH) 769*16kB (UME) 272*32kB (UMEH) 7*64kB (UME) 7*128kB (UME) 7*256kB (ME) 4*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 35348kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 263*4kB (ME) 61*8kB (ME) 24*16kB (UME) 178*32kB (UME) 5*64kB (ME) 1*128kB (M) 2*256kB (ME) 2*512kB (ME) 1*1024kB (E) 1*2048kB (M) 10*4096kB (M) = 53636kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15536 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 1KB 7KB pid_2 262KB 268KB batadv_tl_cache 4KB 12KB TIPC 2922KB 2925KB SCTPv6 8043KB 8043KB DCCPv6 9695KB 9697KB DCCP 9210KB 9212KB RXRPC 3165KB 3165KB rxrpc_call_jar 21915KB 21916KB bridge_fdb_cache 9KB 15KB fib6_nodes 166KB 208KB ip6_dst_cache 111KB 382KB RAWv6 39313KB 39318KB UDPv6 3671KB 3671KB TCPv6 5889KB 5892KB nf_conntrack 2KB 15KB fq_flow_cache 2KB 3KB t10_alua_lu_gp_cache 0KB 3KB 2 locks held by syz-executor.5/17827: sd_ext_cdb 0KB 7KB #0: 00000000d1b246a2 (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 scsi_sense_cache 1056KB 1060KB #1: 000000004a1bea50 (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034