active_file:15 inactive_file:0 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:48687 slab_unreclaimable:962367 mapped:24976 shmem:16684 pagetables:46706 bounce:0 free:28498 free_pcp:314 free_cma:0 INFO: task syz-executor.5:22230 blocked for more than 140 seconds. Node 0 active_anon:1281264kB inactive_anon:51784kB active_file:160kB inactive_file:224kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88352kB dirty:0kB writeback:0kB shmem:55048kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1091584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Node 1 active_anon:628168kB inactive_anon:11608kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:11552kB dirty:0kB writeback:0kB shmem:11688kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10856kB min:204kB low:252kB high:300kB active_anon:2096kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:192kB pagetables:368kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:50696kB min:35996kB low:44992kB high:53988kB active_anon:1279168kB inactive_anon:51784kB active_file:0kB inactive_file:728kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:20544kB pagetables:40140kB bounce:0kB free_pcp:660kB local_pcp:168kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53828kB min:53876kB low:67344kB high:80812kB active_anon:628168kB inactive_anon:11608kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:86368kB pagetables:146316kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 2*4kB (UE) 2*8kB (UE) 3*16kB (UME) 1*32kB (E) 2*64kB (UM) 3*128kB (UME) 2*256kB (ME) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10856kB syz-executor.5 D26880 22230 22066 0x00100004 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 Node 0 DMA32: 159*4kB (M) 472*8kB (UME) 233*16kB (UME) 137*32kB (UME) 146*64kB (UME) 82*128kB (UME) 47*256kB (UME) 11*512kB (UME) 0*1024kB 0*2048kB 0*4096kB = 50028kB Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB Node 1 Normal: 1235*4kB (UME) 29*8kB (UME) 21*16kB (UME) 200*32kB (UME) 7*64kB (ME) 2*128kB (ME) 1*256kB (U) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (UE) 8*4096kB (M) = 53828kB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 16848 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 0 pages HighMem/MovableOnly ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 369649 pages reserved copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 0 pages cma reserved do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2a0a691e99 Unreclaimable slab info: Code: Bad RIP value. Name Used Total RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 pid_4 4KB 11KB pid_3 4KB 7KB pid_2 240KB 244KB RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 ubi_wl_entry_slab 1KB 7KB batadv_tl_cache 4KB 12KB R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:22405 blocked for more than 140 seconds. SMC 6KB 6KB Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26872 22405 22261 0x00000000 TIPC 2257KB 2265KB Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 rds_tcp_connection 9KB 11KB rds_connection 0KB 3KB SCTPv6 6168KB 6168KB sctp_chunk 2KB 7KB sctp_bind_bucket 0KB 3KB DCCPv6 7470KB 7470KB DCCP 7096KB 7096KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 RXRPC 2448KB 2457KB rxrpc_call_jar 16921KB 16931KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 bridge_fdb_cache 15KB 19KB xfrm6_tunnel_spi 0KB 4KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 fib6_nodes 162KB 172KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 ip6_dst_cache 117KB 405KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 RAWv6 30309KB 30314KB entry_SYSCALL_64_after_hwframe+0x49/0xbe UDPLITEv6 1KB 3KB RIP: 0033:0x7f2a0a691e99 UDPv6 2848KB 2850KB Code: Bad RIP value. TCPv6 4941KB 4944KB RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:22421 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. nf_conntrack 25KB 52KB syz-executor.5 D26888 22421 22302 0x00000000 fq_flow_cache 5KB 7KB Call Trace: AF_VSOCK 5KB 7KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 scsi_sense_cache 1056KB 1060KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 virtio_scsi_cmd 16KB 16KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 16KB 30KB copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 kioctx 7KB 7KB aio_kiocb 2KB 3KB dio 71KB 73KB bio-1 1KB 7KB pid_namespace 18KB 27KB kvm_vcpu 0KB 71KB kvm_mmu_page_header 29KB 31KB pte_list_desc 5KB 7KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 103KB 112KB UDP-Lite 13KB 27KB tcp_bind_bucket 189KB 192KB inet_peer_cache 66KB 72KB xfrm_state 13KB 16KB ip_fib_trie 23KB 27KB ip_fib_alias 112KB 118KB ip_dst_cache 10KB 72KB RAW 17962KB 17962KB UDP 5109KB 5109KB TCP 149KB 157KB hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 11KB eventpoll_pwq 14KB 39KB eventpoll_epi 27KB 43KB inotify_inode_mark 6KB 27KB request_queue 199KB 199KB blkdev_requests 1KB 3KB blkdev_ioc 38KB 42KB bio-0 16182KB 16211KB biovec-max 3852KB 3852KB biovec-128 165KB 165KB biovec-64 7473KB 7473KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 biovec-16 3840KB 3840KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 175KB 178KB user_namespace 3KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB audit_buffer 0KB 3KB skbuff_fclone_cache 172KB 225KB skbuff_head_cache 7695KB 7721KB configfs_dir_cache 3KB 7KB file_lock_cache 1KB 11KB file_lock_ctx 9KB 15KB fsnotify_mark_connector 2KB 15KB net_namespace 26180KB 26180KB shmem_inode_cache 7897KB 8100KB task_delay_info 1522KB 1905KB taskstats 19KB 65KB proc_dir_entry 135590KB 135592KB pde_opener 1KB 23KB seq_file 67KB 70KB sigqueue 232KB 232KB kernfs_node_cache 390884KB 390891KB entry_SYSCALL_64_after_hwframe+0x49/0xbe mnt_cache 326KB 352KB RIP: 0033:0x7f2a0a691e99 Code: Bad RIP value. RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 filp 4247KB 6172KB names_cache 33825KB 33855KB RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 iint_cache 88KB 95KB key_jar 15KB 26KB uts_namespace 6KB 15KB nsproxy 265KB 276KB vm_area_struct 31659KB 31680KB mm_struct 5239KB 5245KB fs_cache 2042KB 2508KB files_cache 7363KB 8171KB signal_cache 11553KB 12894KB sighand_cache 8010KB 8054KB task_struct 49736KB 49811KB cred_jar 4628KB 6028KB anon_vma_chain 37465KB 37481KB anon_vma 10539KB 10576KB pid 600KB 936KB Acpi-Operand 156KB 194KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB debug_objects_cache 30339KB 30452KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 3128KB 3128KB page->ptl 5229KB 5241KB kmalloc-2097152 2050KB 2050KB kmalloc-1048576 3078KB 3078KB kmalloc-524288 2056KB 2056KB kmalloc-262144 1290KB 1290KB RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 kmalloc-131072 650KB 650KB RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 kmalloc-65536 2376KB 2706KB R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 kmalloc-32768 164934KB 164934KB R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 kmalloc-16384 50589KB 50589KB INFO: task syz-executor.5:22677 blocked for more than 140 seconds. kmalloc-8192 115145KB 115145KB Not tainted 4.19.211-syzkaller #0 kmalloc-4096 525091KB 525121KB kmalloc-2048 415807KB 415892KB kmalloc-1024 169452KB 169462KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kmalloc-512 132755KB 145653KB kmalloc-256 87228KB 89493KB kmalloc-128 43674KB 43859KB kmalloc-96 11372KB 12296KB kmalloc-64 30854KB 32544KB kmalloc-32 27096KB 28259KB kmalloc-192 58930KB 60864KB kmem_cache 178KB 183KB Out of memory: Kill process 20131 (syz-executor.2) score 1002 or sacrifice child Killed process 20131 (syz-executor.2) total-vm:57592kB, anon-rss:2472kB, file-rss:14340kB, shmem-rss:68kB systemd invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 syz-executor.5 D26760 22677 22261 0x00000000 systemd cpuset=/ mems_allowed=0-1 Call Trace: CPU: 1 PID: 1 Comm: systemd Not tainted 4.19.211-syzkaller #0 context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1132 [inline] out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 slab_alloc_node mm/slab.c:3332 [inline] kmem_cache_alloc_node_trace+0xec/0x3b0 mm/slab.c:3666 __do_kmalloc_node mm/slab.c:3688 [inline] __kmalloc_node+0x38/0x70 mm/slab.c:3696 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 kmalloc_node include/linux/slab.h:557 [inline] kvmalloc_node+0x61/0xf0 mm/util.c:423 kvmalloc include/linux/mm.h:577 [inline] seq_buf_alloc fs/seq_file.c:35 [inline] seq_read+0x85c/0x11c0 fs/seq_file.c:207 kernfs_fop_read+0xe9/0x550 fs/kernfs/file.c:252 __vfs_read+0xf7/0x750 fs/read_write.c:416 vfs_read+0x194/0x3c0 fs/read_write.c:452 ksys_read+0x12b/0x2a0 fs/read_write.c:579 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f7bfb8c592d Code: Bad RIP value. RSP: 002b:00007ffce3b25980 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 00005604416ecb80 RCX: 00007f7bfb8c592d RDX: 0000000000001000 RSI: 00005604416f89f0 RDI: 0000000000000018 RBP: 0000000000000d68 R08: 00007f7bfbb84198 R09: 0000000000001010 R10: 0000000000000040 R11: 0000000000000293 R12: 00007f7bfbb80440 R13: 00007f7bfbb7f900 R14: 00000000ffffffff R15: 0000000000000000 Mem-Info: schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 active_anon:476739 inactive_anon:15848 isolated_anon:0 active_file:25 inactive_file:17 isolated_file:8 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:48693 slab_unreclaimable:962381 mapped:24971 shmem:16684 pagetables:46705 bounce:0 free:29379 free_pcp:2 free_cma:0 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Node 0 active_anon:1278788kB inactive_anon:51784kB active_file:96kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):32kB mapped:88332kB dirty:0kB writeback:0kB shmem:55048kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1091584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:628168kB inactive_anon:11608kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:11552kB dirty:0kB writeback:0kB shmem:11688kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10856kB min:204kB low:252kB high:300kB active_anon:2096kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:192kB pagetables:368kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:52824kB min:35996kB low:44992kB high:53988kB active_anon:1276792kB inactive_anon:51784kB active_file:68kB inactive_file:280kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:20544kB pagetables:40136kB bounce:0kB free_pcp:256kB local_pcp:8kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 Node 1 Normal free:53828kB min:53876kB low:67344kB high:80812kB active_anon:628168kB inactive_anon:11608kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:86368kB pagetables:146316kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 2*4kB (UE) 2*8kB (UE) 3*16kB (UME) 1*32kB (E) 2*64kB (UM) 3*128kB (UME) 2*256kB (ME) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10856kB Node 0 DMA32: 456*4kB (UMEH) 461*8kB (UME) 231*16kB (UME) 138*32kB (UME) 148*64kB (UME) 82*128kB (UME) 47*256kB (UME) 11*512kB (UME) 0*1024kB 1*2048kB (M) 0*4096kB = 53304kB ops_init+0xb3/0x410 net/core/net_namespace.c:129 Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 Node 1 Normal: 1235*4kB (UME) 29*8kB (UME) 21*16kB (UME) 200*32kB (UME) 7*64kB (ME) 2*128kB (ME) 1*256kB (U) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (UE) 8*4096kB (M) = 53828kB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 16749 total pagecache pages copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_4 4KB 11KB pid_3 4KB 7KB pid_2 240KB 244KB ubi_wl_entry_slab 1KB 7KB batadv_tl_cache 4KB 12KB SMC 6KB 6KB TIPC 2257KB 2265KB rds_tcp_connection 9KB 11KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 rds_connection 0KB 3KB entry_SYSCALL_64_after_hwframe+0x49/0xbe SCTPv6 6168KB 6168KB RIP: 0033:0x7f2a0a691e99 sctp_chunk 2KB 7KB Code: Bad RIP value. sctp_bind_bucket 0KB 3KB RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 DCCPv6 7470KB 7470KB RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:22684 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26888 22684 22168 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 DCCP 7096KB 7096KB RXRPC 2448KB 2457KB rxrpc_call_jar 16921KB 16931KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 bridge_fdb_cache 15KB 19KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 xfrm6_tunnel_spi 0KB 4KB fib6_nodes 162KB 172KB ip6_dst_cache 117KB 405KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 RAWv6 30309KB 30314KB UDPLITEv6 1KB 3KB UDPv6 2848KB 2850KB TCPv6 4941KB 4944KB nf_conntrack 25KB 52KB fq_flow_cache 5KB 7KB AF_VSOCK 5KB 7KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 16KB 30KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB kioctx 7KB 7KB aio_kiocb 2KB 3KB dio 71KB 73KB bio-1 1KB 7KB pid_namespace 18KB 27KB kvm_vcpu 0KB 71KB kvm_mmu_page_header 29KB 31KB pte_list_desc 5KB 7KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 103KB 112KB UDP-Lite 13KB 27KB tcp_bind_bucket 189KB 192KB inet_peer_cache 66KB 72KB xfrm_state 13KB 16KB ip_fib_trie 23KB 27KB ip_fib_alias 112KB 118KB ip_dst_cache 10KB 72KB RAW 17962KB 17962KB UDP 5109KB 5109KB TCP 149KB 157KB hugetlbfs_inode_cache 3KB 15KB fscache_cookie_jar 1KB 11KB eventpoll_pwq 14KB 39KB eventpoll_epi 27KB 43KB inotify_inode_mark 6KB 27KB request_queue 199KB 199KB blkdev_requests 1KB 3KB blkdev_ioc 38KB 42KB bio-0 16253KB 16282KB biovec-max 3852KB 3852KB biovec-128 165KB 165KB biovec-64 7473KB 7473KB biovec-16 3855KB 3855KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 175KB 178KB user_namespace 3KB 7KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB audit_buffer 0KB 3KB skbuff_fclone_cache 172KB 225KB skbuff_head_cache 7710KB 7736KB configfs_dir_cache 3KB 7KB file_lock_cache 1KB 11KB file_lock_ctx 9KB 15KB fsnotify_mark_connector 2KB 15KB net_namespace 26180KB 26180KB shmem_inode_cache 7897KB 8100KB task_delay_info 1522KB 1905KB taskstats 19KB 65KB proc_dir_entry 135590KB 135592KB pde_opener 1KB 23KB seq_file 67KB 70KB sigqueue 236KB 236KB kernfs_node_cache 390884KB 390891KB mnt_cache 326KB 352KB filp 4247KB 6172KB names_cache 33825KB 33855KB iint_cache 88KB 95KB key_jar 15KB 26KB uts_namespace 6KB 15KB nsproxy 265KB 276KB vm_area_struct 31659KB 31680KB mm_struct 5239KB 5245KB fs_cache 2042KB 2508KB files_cache 7363KB 8171KB signal_cache 11553KB 12894KB sighand_cache 8010KB 8054KB task_struct 49736KB 49811KB cred_jar 4628KB 6028KB anon_vma_chain 37465KB 37481KB anon_vma 10539KB 10576KB pid 600KB 936KB Acpi-Operand 156KB 194KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB debug_objects_cache 30339KB 30452KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 3128KB 3128KB page->ptl 5229KB 5241KB kmalloc-2097152 2050KB 2050KB kmalloc-1048576 3078KB 3078KB kmalloc-524288 2056KB 2056KB kmalloc-262144 1290KB 1290KB kmalloc-131072 650KB 650KB kmalloc-65536 2376KB 2706KB kmalloc-32768 164934KB 164934KB kmalloc-16384 50589KB 50589KB kmalloc-8192 115145KB 115145KB kmalloc-4096 525091KB 525121KB kmalloc-2048 415807KB 415892KB kmalloc-1024 169475KB 169485KB kmalloc-512 132755KB 145653KB kmalloc-256 87232KB 89497KB kmalloc-128 43674KB 43859KB kmalloc-96 11372KB 12296KB kmalloc-64 30854KB 32544KB kmalloc-32 27100KB 28263KB kmalloc-192 58930KB 60864KB kmem_cache 178KB 183KB Out of memory: Kill process 11639 (syz-executor.2) score 1002 or sacrifice child Killed process 11639 (syz-executor.2) total-vm:60640kB, anon-rss:2472kB, file-rss:14340kB, shmem-rss:56kB kworker/u4:5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 kworker/u4:5 cpuset=/ mems_allowed=0-1 CPU: 1 PID: 3572 Comm: kworker/u4:5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_unbound call_usermodehelper_exec_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1132 [inline] out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 ops_init+0xb3/0x410 net/core/net_namespace.c:129 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 kernel_thread+0x2f/0x40 kernel/fork.c:2278 call_usermodehelper_exec_work kernel/umh.c:199 [inline] call_usermodehelper_exec_work+0x16d/0x260 kernel/umh.c:185 process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Mem-Info: create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 active_anon:476196 inactive_anon:15848 isolated_anon:0 active_file:29 inactive_file:34 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:48693 slab_unreclaimable:962406 mapped:24994 shmem:16684 pagetables:46674 bounce:0 free:30025 free_pcp:0 free_cma:0 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 Node 0 active_anon:1276616kB inactive_anon:51784kB active_file:96kB inactive_file:288kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:88524kB dirty:0kB writeback:0kB shmem:55048kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1087488kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Node 1 active_anon:628168kB inactive_anon:11608kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:11552kB dirty:0kB writeback:0kB shmem:11688kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10856kB min:204kB low:252kB high:300kB active_anon:2096kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:192kB pagetables:368kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 Node 0 DMA32 free:54664kB min:35996kB low:44992kB high:53988kB active_anon:1274520kB inactive_anon:51784kB active_file:772kB inactive_file:396kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:20480kB pagetables:40012kB bounce:0kB free_pcp:1216kB local_pcp:332kB free_cma:0kB lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53828kB min:53876kB low:67344kB high:80812kB active_anon:628168kB inactive_anon:11608kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:86368kB pagetables:146316kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2a0a691e99 Code: Bad RIP value. RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:22980 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26888 22980 22625 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe lowmem_reserve[]: 0 0 0 0 0 RIP: 0033:0x7f2a0a691e99 Node 0 DMA: 2*4kB (UE) 2*8kB (UE) 3*16kB (UME) 1*32kB (E) 2*64kB (UM) 3*128kB (UME) 2*256kB (ME) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10856kB Code: Bad RIP value. Node 0 DMA32: 72*4kB (UM) 475*8kB (UM) 216*16kB (UM) 134*32kB (UM) 148*64kB (UME) 82*128kB (UME) 47*256kB (UME) 11*512kB (UME) 0*1024kB 2*2048kB (M) 0*4096kB = 53560kB RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 Node 1 Normal: 1235*4kB (UME) 29*8kB (UME) 21*16kB (UME) 200*32kB (UME) 7*64kB (ME) 2*128kB (ME) 1*256kB (U) 2*512kB (UE) 3*1024kB (UME) 2*2048kB (UE) 8*4096kB (M) = 53828kB RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB INFO: task syz-executor.5:23074 blocked for more than 140 seconds. 16717 total pagecache pages Not tainted 4.19.211-syzkaller #0 0 pages in swap cache "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Swap cache stats: add 0, delete 0, find 0/0 syz-executor.5 D26888 23074 22402 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 Free swap = 0kB Total swap = 0kB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_4 4KB 11KB pid_3 4KB 7KB pid_2 239KB 244KB ubi_wl_entry_slab 1KB 7KB batadv_tl_cache 4KB 12KB SMC 6KB 6KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 TIPC 2256KB 2265KB rds_tcp_connection 9KB 11KB rds_connection 0KB 3KB SCTPv6 6168KB 6168KB sctp_chunk 2KB 7KB sctp_bind_bucket 0KB 3KB DCCPv6 7470KB 7470KB DCCP 7096KB 7096KB RXRPC 2448KB 2457KB rxrpc_call_jar 16920KB 16931KB bridge_fdb_cache 15KB 19KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 xfrm6_tunnel_spi 0KB 4KB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 fib6_nodes 162KB 172KB ip6_dst_cache 116KB 405KB RAWv6 30309KB 30314KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 UDPLITEv6 1KB 3KB UDPv6 2848KB 2850KB TCPv6 4941KB 4944KB nf_conntrack 25KB 52KB fq_flow_cache 5KB 7KB AF_VSOCK 5KB 7KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 virtio_scsi_cmd 16KB 16KB entry_SYSCALL_64_after_hwframe+0x49/0xbe sgpool-128 8KB 8KB RIP: 0033:0x7f2a0a691e99 sgpool-64 4KB 12KB Code: Bad RIP value. sgpool-32 2KB 15KB RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 sgpool-16 1KB 7KB RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:23158 blocked for more than 140 seconds. sgpool-8 0KB 7KB Not tainted 4.19.211-syzkaller #0 mqueue_inode_cache 16KB 30KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26744 23158 22168 0x00000000 bio_post_read_ctx 14KB 15KB Call Trace: bio-2 14KB 15KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2a0a691e99 Code: Bad RIP value. RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:23167 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26888 23167 22645 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2a0a691e99 Code: Bad RIP value. RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 INFO: task syz-executor.5:23169 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26928 23169 22677 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2a0a691e99 Code: Bad RIP value. RSP: 002b:00007f2a08fe6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2a0a7a5030 RCX: 00007f2a0a691e99 RDX: 0000000020000d40 RSI: 0000000020000cc0 RDI: 00000000c0040000 RBP: 00007f2a0a6ebff1 R08: 0000000020000b00 R09: 0000000000000000 R10: 0000000020000d80 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffc6ef830af R14: 00007f2a08fe6300 R15: 0000000000022000 Showing all locks held in the system: 2 locks held by systemd/1: #0: 00000000509f3870 (&p->lock){+.+.}, at: seq_read+0x6b/0x11c0 fs/seq_file.c:164 #1: 000000009792e16e (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #1: 000000009792e16e (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #1: 000000009792e16e (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #1: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #1: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #1: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 3 locks held by kworker/1:0/19: #0: 0000000022aa3c76 ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 000000009d3e0c7e ((addr_chk_work).work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000b7d264df (rtnl_mutex){+.+.}, at: addrconf_verify_work+0xa/0x20 net/ipv6/addrconf.c:4476 1 lock held by khungtaskd/1569: #0: 00000000184577ae (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 3 locks held by kworker/u4:4/3570: #0: 000000005cddb46a ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 000000001b47c998 ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 000000009792e16e (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 000000009792e16e (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 000000009792e16e (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 000000009792e16e (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 5 locks held by kworker/u4:5/3572: 2 locks held by kworker/0:4/9350: #0: 00000000cbc5abaa ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 00000000d8bcbade ((work_completion)(&cgrp->release_agent_work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 4 locks held by kworker/u4:8/9540: #0: 00000000c4b25542 ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 #1: 00000000ab095853 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 0000000075495c0c (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521 #3: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip6gre_exit_batch_net+0x82/0x6c0 net/ipv6/ip6_gre.c:1632 2 locks held by syz-executor.5/22066: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22146: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22168: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.5/22230: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22261: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22302: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22366: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22402: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22405: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22406: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22415: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22421: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 cifs_request 67KB 67KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 cifs_mpx_ids 0KB 7KB 2 locks held by syz-executor.5/22625: nfs_commit_data 3KB 14KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 nfs_write_data 34KB 44KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 ext4_system_zone 1KB 7KB 2 locks held by syz-executor.5/22626: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kioctx 7KB 7KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22645: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22655: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22658: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip6_tnl_exit_batch_net+0x82/0x840 net/ipv6/ip6_tunnel.c:2284 2 locks held by syz-executor.5/22665: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22674: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22675: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22676: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22677: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22682: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22684: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/22948: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/22980: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23010: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23053: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23061: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23062: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23074: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23137: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23138: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23158: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23166: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23167: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23168: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23169: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23218: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.5/23219: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23220: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23221: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23222: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23223: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23224: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23268: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23270: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23271: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23368: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23559: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23561: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23597: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23721: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23779: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23836: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23863: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23898: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23903: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23948: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23951: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/23982: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/23983: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24100: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24109: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24121: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24143: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24170: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24195: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24196: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24197: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24198: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24199: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24244: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24245: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24272: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24273: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24286: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24287: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24288: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24299: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24300: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24337: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24357: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24366: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24382: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24387: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24388: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24419: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24420: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24487: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24495: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: br_net_exit+0x7b/0x190 net/bridge/br.c:183 2 locks held by syz-executor.5/24585: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24606: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24623: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24712: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24715: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24716: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24717: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24718: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24792: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/24918: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/24927: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25012: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25061: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25182: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: sit_exit_batch_net+0x88/0x700 net/ipv6/sit.c:1889 2 locks held by syz-executor.5/25184: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25185: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25218: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25219: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25279: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25382: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25415: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25446: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25453: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25540: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25579: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25604: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25605: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25650: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25751: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25778: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/25793: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25849: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25852: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25867: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25947: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/25989: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26040: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26054: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26110: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26138: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26139: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26140: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26141: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26195: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26207: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26421: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26422: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26424: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26429: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 aio_kiocb 2KB 3KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 dio 71KB 73KB 2 locks held by syz-executor.5/26430: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26431: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 bio-1 1KB 7KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 pid_namespace 18KB 27KB 2 locks held by syz-executor.5/26432: kvm_vcpu 0KB 71KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 kvm_mmu_page_header 29KB 31KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 pte_list_desc 5KB 7KB 2 locks held by syz-executor.5/26433: rpc_buffers 17KB 25KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 rpc_tasks 2KB 7KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 UNIX 103KB 112KB 2 locks held by syz-executor.5/26434: UDP-Lite 13KB 27KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26435: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26436: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 tcp_bind_bucket 189KB 192KB 2 locks held by syz-executor.5/26437: inet_peer_cache 66KB 72KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26438: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26439: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26440: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: register_netdev+0x11/0x50 net/core/dev.c:8857 2 locks held by syz-executor.5/26493: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 xfrm_state 13KB 16KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ip_fib_trie 23KB 27KB 2 locks held by syz-executor.5/26494: ip_fib_alias 112KB 118KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 2 locks held by syz-executor.5/26559: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ip_dst_cache 10KB 72KB 2 locks held by syz-executor.5/26577: RAW 17962KB 17962KB #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 UDP 5109KB 5109KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 TCP 149KB 157KB 2 locks held by syz-executor.5/26616: #0: 0000000075495c0c (pernet_ops_rwsem){++++}, at: copy_net_ns+0x1d8/0x340 net/core/net_namespace.c:435 hugetlbfs_inode_cache 3KB 15KB #1: 00000000b7d264df (rtnl_mutex){+.+.}, at: ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 fscache_cookie_jar 1KB 11KB 2 locks held by syz-executor.5/26646: eventpoll_pwq 14KB 39KB