request_queue 169KB 169KB blkdev_requests 1KB 3KB blkdev_ioc 37KB 38KB bio-0 7702KB 7702KB biovec-max 2202KB 2202KB INFO: task kworker/u4:1:23 blocked for more than 140 seconds. biovec-64 3819KB 3819KB biovec-16 1515KB 1515KB Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. bio_integrity_payload 1KB 8KB kworker/u4:1 D25648 23 2 0x80000000 Workqueue: netns cleanup_net khugepaged_mm_slot 236KB 260KB Call Trace: user_namespace 6KB 14KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 88KB 90KB skbuff_head_cache 9131KB 9157KB configfs_dir_cache 3KB 7KB file_lock_cache 3KB 15KB file_lock_ctx 8KB 19KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 fsnotify_mark_connector 1KB 7KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 net_namespace 32313KB 32313KB shmem_inode_cache 8023KB 8298KB task_delay_info 1704KB 2300KB taskstats 25KB 195KB proc_dir_entry 167248KB 167250KB pde_opener 2KB 19KB seq_file 80KB 82KB sigqueue 123KB 126KB kernfs_node_cache 479078KB 479103KB mnt_cache 364KB 440KB netdev_run_todo+0x719/0xab0 net/core/dev.c:9005 filp 5271KB 7582KB names_cache 49040KB 49079KB iint_cache 90KB 99KB sit_exit_batch_net+0x548/0x700 net/ipv6/sit.c:1894 key_jar 16KB 41KB uts_namespace 9KB 31KB nsproxy 337KB 339KB vm_area_struct 33251KB 33273KB mm_struct 6430KB 6435KB fs_cache 2258KB 3092KB ops_exit_list+0xf9/0x150 net/core/net_namespace.c:156 cleanup_net+0x3b4/0x8b0 net/core/net_namespace.c:554 files_cache 8235KB 10222KB signal_cache 12914KB 15927KB sighand_cache 9779KB 9809KB process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 task_struct 55878KB 55966KB cred_jar 5267KB 6620KB anon_vma_chain 43683KB 43690KB anon_vma 10631KB 10688KB kthread+0x33f/0x460 kernel/kthread.c:259 pid 667KB 964KB Acpi-Operand 156KB 194KB Acpi-ParseExt 9KB 11KB ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB INFO: task kworker/0:2:1307 blocked for more than 140 seconds. debug_objects_cache 37777KB 37791KB trace_event_file 297KB 298KB Not tainted 4.19.211-syzkaller #0 ftrace_event_field 398KB 401KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. kworker/0:2 D26208 1307 2 0x80000000 pool_workqueue 3834KB 3836KB page->ptl 5806KB 5819KB Workqueue: events switchdev_deferred_process_work kmalloc-4194304 0KB 8192KB Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 kmalloc-2097152 2050KB 6150KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 kmalloc-1048576 1026KB 2052KB kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1806KB __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 kmalloc-131072 2080KB 2080KB kmalloc-65536 3432KB 3762KB kmalloc-32768 204072KB 204072KB kmalloc-16384 62188KB 62188KB kmalloc-8192 141982KB 141982KB kmalloc-4096 637891KB 637916KB kmalloc-2048 511062KB 511090KB kmalloc-1024 203096KB 203096KB kmalloc-512 164899KB 178372KB kmalloc-256 106149KB 108423KB kmalloc-128 53737KB 53935KB kmalloc-96 14203KB 15108KB kmalloc-64 37338KB 38820KB kmalloc-32 33024KB 34268KB kmalloc-192 72156KB 74064KB kmem_cache 178KB 183KB Out of memory (oom_kill_allocating_task): Kill process 20331 (syz-executor.5) score 0 or sacrifice child Killed process 20331 (syz-executor.5) total-vm:57196kB, anon-rss:428kB, file-rss:14080kB, shmem-rss:0kB syz-executor.5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000 switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150 oom_reaper: reaped process 20331 (syz-executor.5), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB syz-executor.5 cpuset=/ mems_allowed=0-1 process_one_work+0x864/0x1570 kernel/workqueue.c:2153 worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 CPU: 1 PID: 22254 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 kthread+0x33f/0x460 kernel/kthread.c:259 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 INFO: task syz-executor.5:15378 blocked for more than 140 seconds. out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26752 15378 15275 0x00000000 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 __do_cache_alloc mm/slab.c:3361 [inline] slab_alloc mm/slab.c:3389 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x213/0x3c0 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] kzalloc include/linux/slab.h:709 [inline] __register_sysctl_table+0x112/0x1090 fs/proc/proc_sysctl.c:1310 neigh_sysctl_register+0x341/0x680 net/core/neighbour.c:3260 devinet_sysctl_register+0xb1/0x230 net/ipv4/devinet.c:2381 inetdev_init+0x223/0x4a0 net/ipv4/devinet.c:269 inetdev_event+0x9cf/0x1270 net/ipv4/devinet.c:1477 notifier_call_chain+0xc0/0x230 kernel/notifier.c:93 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 call_netdevice_notifiers net/core/dev.c:1762 [inline] register_netdevice+0xdd2/0x10f0 net/core/dev.c:8761 __ip_tunnel_create+0x398/0x580 net/ipv4/ip_tunnel.c:280 ip_tunnel_init_net+0x330/0x990 net/ipv4/ip_tunnel.c:1035 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 Mem-Info: active_anon:236466 inactive_anon:10997 isolated_anon:0 active_file:31 inactive_file:197 isolated_file:0 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:55558 slab_unreclaimable:1173249 mapped:22841 shmem:20602 pagetables:54459 bounce:0 free:28001 free_pcp:244 free_cma:0 Node 0 active_anon:930492kB inactive_anon:41484kB active_file:84kB inactive_file:116kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:76648kB dirty:0kB writeback:0kB shmem:71704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 239616kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 1 active_anon:15372kB inactive_anon:2504kB active_file:4kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14416kB dirty:0kB writeback:0kB shmem:10704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:2468kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:48224kB min:35996kB low:44992kB high:53988kB active_anon:928040kB inactive_anon:41484kB active_file:256kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:30496kB pagetables:49932kB bounce:0kB free_pcp:696kB local_pcp:48kB free_cma:0kB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 lowmem_reserve[]: 0 0 0 0 0 entry_SYSCALL_64_after_hwframe+0x49/0xbe Node 1 Normal free:53848kB min:53876kB low:67344kB high:80812kB active_anon:15372kB inactive_anon:2504kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104768kB pagetables:167904kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 4*4kB (UME) 5*8kB (UME) 4*16kB (UME) 2*32kB (U) 3*64kB (UME) 2*128kB (UE) 2*256kB (UE) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10872kB Node 0 DMA32: 169*4kB (ME) 614*8kB (UME) 955*16kB (UME) 479*32kB (UME) 2*64kB (M) 2*128kB (UE) 2*256kB (UE) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (M) 0*4096kB = 46308kB Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB RIP: 0033:0x7f2ee1c40e99 Node 1 Normal: 1748*4kB (UME) 199*8kB (UME) 167*16kB (UME) 75*32kB (ME) 66*64kB (M) 31*128kB (UM) 15*256kB (UM) 5*512kB (M) 3*1024kB (UME) 1*2048kB (M) 5*4096kB (M) = 53848kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 20726 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 Free swap = 0kB Total swap = 0kB 2097051 pages RAM R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 INFO: task syz-executor.5:15448 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 Name Used Total pid_3 95KB 118KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26792 15448 15256 0x00000000 pid_2 337KB 528KB Call Trace: ubi_wl_entry_slab 1KB 7KB context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 batadv_tt_change_cache 1KB 3KB batadv_tl_cache 16KB 28KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 SMC 4KB 13KB TIPC 2796KB 2805KB rds_tcp_connection 4KB 7KB rds_connection 1KB 7KB SCTPv6 7604KB 7610KB ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 DCCPv6 9217KB 9225KB DCCP 8756KB 8763KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 RXRPC 3022KB 3029KB rxrpc_call_jar 20925KB 20931KB bridge_fdb_cache 10KB 23KB fib6_nodes 165KB 224KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 ip6_dst_cache 228KB 423KB RAWv6 37406KB 37408KB UDPv6 3504KB 3506KB tw_sock_TCPv6 0KB 3KB TCPv6 5799KB 5802KB nf_conntrack 10KB 48KB t10_alua_lu_gp_cache 0KB 3KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 sgpool-32 2KB 15KB sgpool-16 1KB 7KB RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 sgpool-8 0KB 7KB mqueue_inode_cache 21KB 52KB bio_post_read_ctx 14KB 15KB R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 bio-2 14KB 15KB jfs_mp 7KB 7KB INFO: task syz-executor.5:15454 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB syz-executor.5 D26880 15454 15311 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB fasync_cache 0KB 4KB pid_namespace 11KB 19KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 kvm_vcpu 0KB 23KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 326KB 363KB UDP-Lite 3KB 6KB tcp_bind_bucket 233KB 240KB inet_peer_cache 2KB 8KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 xfrm_dst_cache 13KB 22KB xfrm_state 37KB 44KB vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 ip_fib_trie 22KB 39KB ip_fib_alias 108KB 162KB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 ip_dst_cache 11KB 80KB RAW 22173KB 22177KB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 UDP 6258KB 6264KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 TCP 149KB 157KB hugetlbfs_inode_cache 4KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 10KB 31KB eventpoll_epi 20KB 43KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 inotify_inode_mark 5KB 15KB request_queue 169KB 169KB entry_SYSCALL_64_after_hwframe+0x49/0xbe blkdev_requests 1KB 3KB blkdev_ioc 34KB 38KB RIP: 0033:0x7f2ee1c40e99 bio-0 8133KB 8133KB Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 biovec-max 2202KB 2202KB biovec-64 3819KB 3819KB RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 biovec-16 1646KB 1646KB R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 bio_integrity_payload 1KB 8KB INFO: task syz-executor.5:15460 blocked for more than 140 seconds. khugepaged_mm_slot 236KB 260KB user_namespace 6KB 14KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB Not tainted 4.19.211-syzkaller #0 skbuff_fclone_cache 92KB 93KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. skbuff_head_cache 9247KB 9273KB configfs_dir_cache 3KB 7KB syz-executor.5 D26928 15460 15111 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 file_lock_cache 3KB 15KB file_lock_ctx 8KB 19KB fsnotify_mark_connector 1KB 7KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 net_namespace 32313KB 32313KB shmem_inode_cache 8023KB 8298KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 task_delay_info 1694KB 2300KB taskstats 25KB 195KB proc_dir_entry 167252KB 167253KB pde_opener 2KB 19KB seq_file 77KB 82KB sigqueue 158KB 161KB kernfs_node_cache 479114KB 479134KB mnt_cache 364KB 440KB filp 5257KB 7582KB names_cache 49040KB 49079KB iint_cache 87KB 99KB key_jar 16KB 41KB uts_namespace 9KB 31KB nsproxy 337KB 339KB vm_area_struct 33250KB 33273KB mm_struct 6430KB 6435KB fs_cache 2246KB 3092KB files_cache 8173KB 10207KB signal_cache 12871KB 15920KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 sighand_cache 9765KB 9809KB vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 task_struct 55853KB 55941KB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 cred_jar 5237KB 6620KB anon_vma_chain 43683KB 43690KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 anon_vma 10629KB 10688KB pid 661KB 964KB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Acpi-Operand 156KB 194KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 numa_policy 0KB 3KB debug_objects_cache 37783KB 37791KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 3834KB 3836KB page->ptl 5806KB 5819KB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe kmalloc-4194304 0KB 8192KB RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. kmalloc-2097152 2050KB 6150KB kmalloc-1048576 1026KB 2052KB RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1806KB RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 kmalloc-131072 2080KB 2080KB kmalloc-65536 3432KB 3762KB kmalloc-32768 204105KB 204105KB R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 kmalloc-16384 62188KB 62188KB kmalloc-8192 141982KB 141982KB INFO: task syz-executor.5:15645 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 kmalloc-4096 637920KB 637929KB "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26888 15645 15449 0x00000000 kmalloc-2048 511079KB 511096KB kmalloc-1024 203245KB 203245KB kmalloc-512 165026KB 178500KB Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 kmalloc-256 106168KB 108442KB schedule+0x8d/0x1b0 kernel/sched/core.c:3561 kmalloc-128 53740KB 53935KB schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 kmalloc-96 14215KB 15120KB kmalloc-64 37338KB 38820KB kmalloc-32 33044KB 34287KB kmalloc-192 72156KB 74064KB kmem_cache 178KB 183KB Out of memory (oom_kill_allocating_task): Kill process 22254 (syz-executor.5) score 0 or sacrifice child Killed process 22254 (syz-executor.5) total-vm:57196kB, anon-rss:428kB, file-rss:14080kB, shmem-rss:0kB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 ops_init+0xb3/0x410 net/core/net_namespace.c:129 oom_reaper: reaped process 22254 (syz-executor.5), now anon-rss:0kB, file-rss:14080kB, shmem-rss:0kB setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 syz-executor.5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=2, oom_score_adj=1000 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 syz-executor.5 cpuset=/ mems_allowed=0-1 CPU: 0 PID: 11081 Comm: syz-executor.5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1114 [inline] out_of_memory+0x1072/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] kmem_getpages mm/slab.c:1412 [inline] cache_grow_begin+0xa4/0x8a0 mm/slab.c:2682 fallback_alloc+0x213/0x2e0 mm/slab.c:3224 __do_cache_alloc mm/slab.c:3361 [inline] slab_alloc mm/slab.c:3389 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x213/0x3c0 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] kzalloc include/linux/slab.h:709 [inline] ops_init+0xfe/0x410 net/core/net_namespace.c:119 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 INFO: task syz-executor.5:15734 blocked for more than 140 seconds. Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26792 15734 15460 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Mem-Info: active_anon:236474 inactive_anon:10997 isolated_anon:0 active_file:66 inactive_file:81 isolated_file:19 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:55161 slab_unreclaimable:1173591 mapped:22837 shmem:20602 pagetables:54459 bounce:0 free:28478 free_pcp:186 free_cma:0 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 vti_init_net+0x2a/0x370 net/ipv4/ip_vti.c:520 Node 0 active_anon:930524kB inactive_anon:41484kB active_file:20kB inactive_file:588kB unevictable:0kB isolated(anon):0kB isolated(file):76kB mapped:77132kB dirty:0kB writeback:0kB shmem:71704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 239616kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 Node 1 active_anon:15372kB inactive_anon:2504kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14416kB dirty:0kB writeback:0kB shmem:10704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:2468kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:49132kB min:35996kB low:44992kB high:53988kB active_anon:928056kB inactive_anon:41484kB active_file:152kB inactive_file:604kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:30496kB pagetables:49932kB bounce:0kB free_pcp:340kB local_pcp:0kB free_cma:0kB copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53848kB min:53876kB low:67344kB high:80812kB active_anon:15372kB inactive_anon:2504kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104768kB pagetables:167904kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 4*4kB (UME) 5*8kB (UME) 4*16kB (UME) 2*32kB (U) 3*64kB (UME) 2*128kB (UE) 2*256kB (UE) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10872kB Node 0 DMA32: 296*4kB (ME) 831*8kB (UME) 935*16kB (UME) 461*32kB (UME) 3*64kB (ME) 2*128kB (UE) 2*256kB (UE) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (M) 0*4096kB = 47720kB Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 Node 1 Normal: 1748*4kB (UME) 199*8kB (UME) 167*16kB (UME) 75*32kB (ME) 66*64kB (M) 31*128kB (UM) 15*256kB (UM) 5*512kB (M) 3*1024kB (UME) 1*2048kB (M) 5*4096kB (M) = 53848kB entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 20740 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 INFO: task syz-executor.5:15811 blocked for more than 140 seconds. Free swap = 0kB Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. syz-executor.5 D26776 15811 15383 0x00000000 Call Trace: context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved Unreclaimable slab info: Name Used Total pid_3 95KB 118KB pid_2 337KB 528KB ubi_wl_entry_slab 1KB 7KB batadv_tt_change_cache 1KB 3KB ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 batadv_tl_cache 16KB 28KB copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 SMC 4KB 13KB TIPC 2796KB 2805KB rds_tcp_connection 4KB 7KB create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 rds_connection 1KB 7KB SCTPv6 7604KB 7610KB DCCPv6 9217KB 9225KB DCCP 8756KB 8763KB RXRPC 3022KB 3029KB rxrpc_call_jar 20925KB 20931KB bridge_fdb_cache 10KB 23KB fib6_nodes 165KB 224KB ip6_dst_cache 227KB 423KB RAWv6 37406KB 37408KB UDPv6 3504KB 3506KB tw_sock_TCPv6 0KB 3KB TCPv6 5799KB 5802KB nf_conntrack 10KB 48KB t10_alua_lu_gp_cache 0KB 3KB sd_ext_cdb 0KB 7KB scsi_sense_cache 1056KB 1060KB virtio_scsi_cmd 16KB 16KB sgpool-128 8KB 8KB sgpool-64 4KB 12KB sgpool-32 2KB 15KB sgpool-16 1KB 7KB sgpool-8 0KB 7KB mqueue_inode_cache 21KB 52KB bio_post_read_ctx 14KB 15KB bio-2 14KB 15KB jfs_mp 7KB 7KB cifs_small_rq 15KB 16KB cifs_request 67KB 67KB cifs_mpx_ids 0KB 7KB nfs_commit_data 3KB 14KB nfs_write_data 34KB 44KB ext4_system_zone 1KB 7KB bio-1 1KB 7KB fasync_cache 0KB 4KB pid_namespace 11KB 19KB kvm_vcpu 0KB 23KB rpc_buffers 17KB 25KB rpc_tasks 2KB 7KB UNIX 326KB 363KB UDP-Lite 3KB 6KB tcp_bind_bucket 233KB 240KB inet_peer_cache 2KB 8KB xfrm_dst_cache 13KB 22KB xfrm_state 37KB 44KB ip_fib_trie 22KB 39KB ip_fib_alias 108KB 162KB ip_dst_cache 11KB 80KB RAW 22173KB 22177KB UDP 6258KB 6264KB TCP 149KB 157KB hugetlbfs_inode_cache 4KB 15KB fscache_cookie_jar 1KB 7KB eventpoll_pwq 10KB 31KB eventpoll_epi 20KB 43KB inotify_inode_mark 5KB 15KB request_queue 169KB 169KB blkdev_requests 1KB 3KB blkdev_ioc 33KB 38KB bio-0 8418KB 8418KB biovec-max 2202KB 2202KB biovec-64 3819KB 3819KB biovec-16 1743KB 1743KB bio_integrity_payload 1KB 8KB khugepaged_mm_slot 235KB 260KB user_namespace 6KB 14KB uid_cache 0KB 4KB dmaengine-unmap-2 0KB 3KB skbuff_fclone_cache 92KB 93KB skbuff_head_cache 9307KB 9333KB configfs_dir_cache 3KB 7KB file_lock_cache 3KB 15KB file_lock_ctx 8KB 19KB fsnotify_mark_connector 1KB 7KB net_namespace 32313KB 32313KB shmem_inode_cache 8023KB 8298KB task_delay_info 1689KB 2300KB taskstats 25KB 195KB proc_dir_entry 167252KB 167253KB pde_opener 2KB 19KB seq_file 76KB 82KB sigqueue 174KB 177KB kernfs_node_cache 479153KB 479174KB mnt_cache 364KB 440KB filp 5246KB 7582KB names_cache 49015KB 49045KB iint_cache 87KB 99KB key_jar 16KB 41KB uts_namespace 9KB 31KB nsproxy 337KB 339KB vm_area_struct 33250KB 33273KB mm_struct 6430KB 6435KB fs_cache 2240KB 3092KB files_cache 8121KB 10181KB signal_cache 12855KB 15905KB sighand_cache 9761KB 9809KB task_struct 55853KB 55928KB cred_jar 5207KB 6620KB anon_vma_chain 43683KB 43690KB anon_vma 10628KB 10688KB pid 658KB 964KB Acpi-Operand 156KB 194KB Acpi-ParseExt 9KB 11KB Acpi-Parse 41KB 47KB Acpi-State 52KB 63KB Acpi-Namespace 21KB 27KB numa_policy 0KB 3KB debug_objects_cache 37783KB 37791KB trace_event_file 297KB 298KB ftrace_event_field 398KB 401KB pool_workqueue 3834KB 3836KB page->ptl 5806KB 5819KB kmalloc-4194304 0KB 8192KB kmalloc-2097152 2050KB 6150KB kmalloc-1048576 1026KB 2052KB kmalloc-524288 2056KB 3084KB kmalloc-262144 1290KB 1806KB kmalloc-131072 2080KB 2080KB kmalloc-65536 3432KB 3762KB kmalloc-32768 204105KB 204105KB kmalloc-16384 62188KB 62188KB kmalloc-8192 141982KB 141982KB kmalloc-4096 637925KB 637929KB kmalloc-2048 511090KB 511102KB kmalloc-1024 203316KB 203316KB kmalloc-512 165083KB 178556KB kmalloc-256 106183KB 108457KB kmalloc-128 53744KB 53939KB kmalloc-96 14215KB 15120KB kmalloc-64 37338KB 38820KB kmalloc-32 33052KB 34295KB kmalloc-192 72156KB 74064KB kmem_cache 178KB 183KB Out of memory (oom_kill_allocating_task): Kill process 11081 (syz-executor.5) score 0 or sacrifice child Killed process 11081 (syz-executor.5) total-vm:57196kB, anon-rss:428kB, file-rss:13836kB, shmem-rss:0kB oom_reaper: reaped process 11081 (syz-executor.5), now anon-rss:0kB, file-rss:13836kB, shmem-rss:0kB copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 kworker/u4:5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 kworker/u4:5 cpuset=/ mems_allowed=0-1 CPU: 1 PID: 9291 Comm: kworker/u4:5 Not tainted 4.19.211-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 Workqueue: events_unbound call_usermodehelper_exec_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1fc/0x2ef lib/dump_stack.c:118 dump_header+0x15d/0xc3f mm/oom_kill.c:443 oom_kill_process.cold+0x10/0x692 mm/oom_kill.c:956 out_of_memory mm/oom_kill.c:1132 [inline] out_of_memory+0x34d/0x1390 mm/oom_kill.c:1064 __alloc_pages_may_oom mm/page_alloc.c:3553 [inline] __alloc_pages_slowpath mm/page_alloc.c:4255 [inline] __alloc_pages_nodemask+0x23a2/0x2890 mm/page_alloc.c:4419 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe __alloc_pages include/linux/gfp.h:496 [inline] __alloc_pages_node include/linux/gfp.h:509 [inline] alloc_pages_node include/linux/gfp.h:523 [inline] alloc_thread_stack_node kernel/fork.c:240 [inline] dup_task_struct kernel/fork.c:811 [inline] copy_process.part.0+0x3cf/0x8260 kernel/fork.c:1753 RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 kernel_thread+0x2f/0x40 kernel/fork.c:2278 INFO: task syz-executor.5:15958 blocked for more than 140 seconds. call_usermodehelper_exec_work kernel/umh.c:199 [inline] call_usermodehelper_exec_work+0x16d/0x260 kernel/umh.c:185 Not tainted 4.19.211-syzkaller #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. process_one_work+0x864/0x1570 kernel/workqueue.c:2153 syz-executor.5 D26784 15958 15584 0x00000000 Call Trace: worker_thread+0x64c/0x1130 kernel/workqueue.c:2296 context_switch kernel/sched/core.c:2828 [inline] __schedule+0x887/0x2040 kernel/sched/core.c:3517 kthread+0x33f/0x460 kernel/kthread.c:259 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:415 Mem-Info: active_anon:236474 inactive_anon:10997 isolated_anon:0 active_file:73 inactive_file:69 isolated_file:15 unevictable:0 dirty:0 writeback:0 unstable:0 slab_reclaimable:55150 slab_unreclaimable:1173714 mapped:22876 shmem:20602 pagetables:54459 bounce:0 free:28285 free_pcp:99 free_cma:0 schedule+0x8d/0x1b0 kernel/sched/core.c:3561 schedule_preempt_disabled+0xf/0x20 kernel/sched/core.c:3619 __mutex_lock_common kernel/locking/mutex.c:1016 [inline] __mutex_lock+0x5f0/0x1190 kernel/locking/mutex.c:1078 ip_tunnel_init_net+0x321/0x990 net/ipv4/ip_tunnel.c:1034 ops_init+0xb3/0x410 net/core/net_namespace.c:129 setup_net+0x2c2/0x720 net/core/net_namespace.c:316 copy_net_ns+0x1f7/0x340 net/core/net_namespace.c:439 create_new_namespaces+0x3f6/0x7b0 kernel/nsproxy.c:107 copy_namespaces+0x325/0x3c0 kernel/nsproxy.c:165 copy_process.part.0+0x3a59/0x8260 kernel/fork.c:1916 copy_process kernel/fork.c:1710 [inline] _do_fork+0x22f/0xf30 kernel/fork.c:2219 do_syscall_64+0xf9/0x620 arch/x86/entry/common.c:293 Node 0 active_anon:930524kB inactive_anon:41484kB active_file:168kB inactive_file:360kB unevictable:0kB isolated(anon):0kB isolated(file):60kB mapped:76988kB dirty:0kB writeback:0kB shmem:71704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 239616kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x7f2ee1c40e99 Code: Bad RIP value. RSP: 002b:00007f2ee05b6168 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 RAX: ffffffffffffffda RBX: 00007f2ee1d53f60 RCX: 00007f2ee1c40e99 RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000040000000 Node 1 active_anon:15372kB inactive_anon:2504kB active_file:0kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:14416kB dirty:0kB writeback:0kB shmem:10704kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes RBP: 00007f2ee1c9aff1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000020000180 R11: 0000000000000246 R12: 0000000000000000 Node 0 DMA free:10872kB min:204kB low:252kB high:300kB active_anon:2468kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB R13: 00007ffd891dd67f R14: 00007f2ee05b6300 R15: 0000000000022000 Showing all locks held in the system: 2 locks held by systemd/1: #0: 000000004db9a00f (&p->lock){+.+.}, at: seq_read+0x6b/0x11c0 fs/seq_file.c:164 lowmem_reserve[]: 0 2693 2695 2695 2695 Node 0 DMA32 free:47864kB min:35996kB low:44992kB high:53988kB active_anon:928056kB inactive_anon:41484kB active_file:120kB inactive_file:192kB unevictable:0kB writepending:0kB present:3129332kB managed:2763452kB mlocked:0kB kernel_stack:30496kB pagetables:49932kB bounce:0kB free_pcp:876kB local_pcp:228kB free_cma:0kB #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 1 lock held by kthreadd/2: #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #0: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 4 locks held by kworker/u4:1/23: #0: 000000001bf71f4d ((wq_completion)"%s""netns"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 lowmem_reserve[]: 0 0 1 1 1 Node 0 Normal free:8kB min:24kB low:28kB high:32kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:1048576kB managed:2000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB #1: 0000000081ba4478 (net_cleanup_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000209ac868 (pernet_ops_rwsem){++++}, at: cleanup_net+0xa8/0x8b0 net/core/net_namespace.c:521 #3: 00000000366ec5c3 (rtnl_mutex){+.+.}, at: netdev_run_todo+0x719/0xab0 net/core/dev.c:9005 3 locks held by kworker/u4:2/54: #0: 0000000006466919 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:53848kB min:53876kB low:67344kB high:80812kB active_anon:15372kB inactive_anon:2504kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:4194304kB managed:4128248kB mlocked:0kB kernel_stack:104768kB pagetables:167904kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB #1: 00000000e38fcdd9 ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 3 locks held by kworker/u4:3/155: #0: 0000000006466919 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 4*4kB (UME) 5*8kB (UME) 4*16kB (UME) 2*32kB (U) 3*64kB (UME) 2*128kB (UE) 2*256kB (UE) 3*512kB (UME) 2*1024kB (ME) 3*2048kB (UME) 0*4096kB = 10872kB #1: 00000000131e9ef3 ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 1 lock held by khungtaskd/1571: Node 0 DMA32: 599*4kB (UME) 833*8kB (UME) 941*16kB (UME) 455*32kB (UME) 3*64kB (ME) 1*128kB (E) 1*256kB (E) 2*512kB (UE) 2*1024kB (UE) 3*2048kB (M) 0*4096kB = 48468kB #0: 000000000223a50b (rcu_read_lock){....}, at: debug_show_all_locks+0x53/0x265 kernel/locking/lockdep.c:4441 Node 0 Normal: 0*4kB 1*8kB (U) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB 3 locks held by kswapd0/1969: 2 locks held by syz-fuzzer/8097: #0: 00000000de144c6a (sk_lock-AF_INET){+.+.}, at: lock_sock include/net/sock.h:1512 [inline] #0: 00000000de144c6a (sk_lock-AF_INET){+.+.}, at: tcp_sendmsg+0x1d/0x40 net/ipv4/tcp.c:1461 Node 1 Normal: 1748*4kB (UME) 199*8kB (UME) 167*16kB (UME) 75*32kB (ME) 66*64kB (M) 31*128kB (UM) 15*256kB (UM) 5*512kB (M) 3*1024kB (UME) 1*2048kB (M) 5*4096kB (M) = 53848kB #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #1: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 2 locks held by syz-fuzzer/8101: 3 locks held by kworker/u4:5/9291: 3 locks held by kworker/u4:6/9451: #0: 0000000006466919 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB #1: 00000000993982b0 ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 3 locks held by kworker/u4:8/9468: 20705 total pagecache pages #0: 0000000006466919 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 2097051 pages RAM 0 pages HighMem/MovableOnly 369649 pages reserved 0 pages cma reserved #1: 000000004599362e ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 3 locks held by kworker/u4:9/16228: Unreclaimable slab info: #0: 0000000006466919 ((wq_completion)"events_unbound"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 Name Used Total #1: 00000000cdc14aaf ((work_completion)(&sub_info->work)){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 pid_3 95KB 118KB #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3778 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: fs_reclaim_release mm/page_alloc.c:3774 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __perform_reclaim mm/page_alloc.c:3805 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_direct_reclaim mm/page_alloc.c:3821 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_slowpath mm/page_alloc.c:4211 [inline] #2: 00000000a78ac06d (fs_reclaim){+.+.}, at: __alloc_pages_nodemask+0x191e/0x2890 mm/page_alloc.c:4419 3 locks held by kworker/0:2/1307: pid_2 337KB 528KB #0: 00000000c0104c37 ((wq_completion)"events"){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124 ubi_wl_entry_slab 1KB 7KB batadv_tt_change_cache 1KB 3KB batadv_tl_cache 16KB 28KB #1: 000000008d24b157 (deferred_process_work){+.+.}, at: process_one_work+0x79c/0x1570 kernel/workqueue.c:2128 SMC 4KB 13KB TIPC 2796KB 2805KB #2: 00000000366ec5c3 (rtnl_mutex){+.+.}, at: switchdev_deferred_process_work+0xa/0x20 net/switchdev/switchdev.c:150 rds_tcp_connection 4KB 7KB rds_connection 1KB 7KB 3 locks held by kworker/1:60/2874: #0: 000000006439520e ((wq_completion)"%s"("ipv6_addrconf")){+.+.}, at: process_one_work+0x767/0x1570 kernel/workqueue.c:2124