BUG: KASAN: wild-memory-access on address ffe708746f483000 Read of size 28 by task syz-executor2/16957 CPU: 1 PID: 16957 Comm: syz-executor2 Not tainted 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801aa82f9e8 ffffffff81d93149 ffe708746f483000 000000000000001c 0000000000000000 ffff8801aa519000 ffe708746f483000 ffff8801aa82fa70 ffffffff8153d08f 0000000000000000 0000000000000001 ffffffff826648db Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] kasan_report_error mm/kasan/report.c:284 [inline] [] kasan_report.part.1+0x40f/0x500 mm/kasan/report.c:309 [] kasan_report+0x20/0x30 mm/kasan/report.c:296 [] check_memory_region_inline mm/kasan/kasan.c:308 [inline] [] check_memory_region+0x137/0x190 mm/kasan/kasan.c:315 [] kasan_check_read+0x11/0x20 mm/kasan/kasan.c:320 [] __copy_to_user arch/x86/include/asm/uaccess_64.h:182 [inline] [] sg_read_oxfer drivers/scsi/sg.c:1978 [inline] [] sg_read+0x124b/0x1400 drivers/scsi/sg.c:520 [] do_loop_readv_writev.part.17+0x141/0x1e0 fs/read_write.c:714 [] do_loop_readv_writev fs/read_write.c:880 [inline] [] do_readv_writev+0x520/0x750 fs/read_write.c:874 [] vfs_readv+0x84/0xc0 fs/read_write.c:898 [] do_readv+0xe6/0x250 fs/read_write.c:924 [] SYSC_readv fs/read_write.c:1011 [inline] [] SyS_readv+0x27/0x30 fs/read_write.c:1008 [] entry_SYSCALL_64_fastpath+0x23/0xc6 ================================================================== IPVS: Creating netns size=2536 id=39 program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 program syz-executor5 is using a deprecated SCSI ioctl, please convert it to SG_IO sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 sock: sock_set_timeout: `syz-executor7' (pid 17147) tries to set negative timeout sock: sock_set_timeout: `syz-executor7' (pid 17157) tries to set negative timeout binder: 17207:17208 ioctl 4b45 20306000 returned -22 binder: 17207:17208 ioctl 5607 0 returned -22 binder: 17176:17205 ioctl 540e 5 returned -22 device syz2 left promiscuous mode device syz2 entered promiscuous mode binder: 17207:17219 ioctl 4b45 20306000 returned -22 binder: 17207:17208 ioctl 5607 0 returned -22 device lo entered promiscuous mode device syz2 left promiscuous mode device syz2 entered promiscuous mode SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1025 sclass=netlink_audit_socket pig=17391 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=1025 sclass=netlink_audit_socket pig=17391 comm=syz-executor1 IPVS: Creating netns size=2536 id=40 pktgen: kernel_thread() failed for cpu 0 tmpfs: Bad mount option qü]gÂ4„¯G tmpfs: Bad mount option qü]gÂ4„¯G pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads keychord: keycode 46132 out of range device gre0 entered promiscuous mode keychord: keycode 46132 out of range pktgen: kernel_thread() failed for cpu 0 pktgen: Cannot create thread for cpu 0 (-4) pktgen: kernel_thread() failed for cpu 1 pktgen: Cannot create thread for cpu 1 (-4) pktgen: Initialization failed for all threads FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 17572 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c67278d0 ffffffff81d93149 ffff8801c6727bb0 0000000000000000 ffff8801d05d7190 ffff8801c6727aa0 ffff8801d05d7080 ffff8801c6727ac8 ffffffff81660dc8 ffff8801c6727a20 ffff8801c3af4800 00000001a6c01067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] SyS_rt_sigtimedwait+0x2d/0x40 kernel/signal.c:2819 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 20 CPU: 1 PID: 17588 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801bc04f2a8 ffffffff81d93149 ffff8801bc04f588 0000000000000000 ffff8801d05d7190 ffff8801bc04f478 ffff8801d05d7080 ffff8801bc04f4a0 ffffffff81660dc8 ffff8801bc04f3f8 0000000000000000 00000001a6c01067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] faultin_page mm/gup.c:386 [inline] [] __get_user_pages+0x3b4/0x1110 mm/gup.c:585 [] __get_user_pages_locked mm/gup.c:797 [inline] [] __get_user_pages_unlocked mm/gup.c:872 [inline] [] get_user_pages_unlocked+0x1d3/0x370 mm/gup.c:900 [] get_user_pages_fast+0x11e/0x320 arch/x86/mm/gup.c:440 [] get_futex_key+0x1f1/0x1000 kernel/futex.c:545 [] futex_requeue+0x215/0x15c0 kernel/futex.c:1743 [] do_futex+0x47f/0x1640 kernel/futex.c:3242 [] SYSC_futex kernel/futex.c:3280 [inline] [] SyS_futex+0x226/0x2d0 kernel/futex.c:3248 [] entry_SYSCALL_64_fastpath+0x23/0xc6 CPU: 0 PID: 17608 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c8e4f9d0 ffffffff81d93149 ffff8801c8e4fcb0 0000000000000000 ffff8801d05d7190 ffff8801c8e4fba0 ffff8801d05d7080 ffff8801c8e4fbc8 ffffffff81660dc8 ffff8801c8e4fb20 0000000000000000 00000001a6c01067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode nla_parse: 8 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor7'. IPVS: Creating netns size=2536 id=41 netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor6'. IPVS: Creating netns size=2536 id=42 netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor7'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47638 sclass=netlink_route_socket pig=18153 comm=syz-executor5 binder: 18145:18149 ioctl 4b3b 81 returned -22 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 18142 Comm: syz-executor7 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801a80379b0 ffffffff81d93149 ffff8801a8037c90 0000000000000000 ffff8801d05d6110 ffff8801a8037b80 ffff8801d05d6000 ffff8801a8037ba8 ffffffff81660dc8 ffff8801a8037b00 ffff8801a8037be0 00000001c8d95067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 18133 Comm: syz-executor7 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d4f8f7b0 ffffffff81d93149 ffff8801d4f8fa90 0000000000000000 ffff8801d05d6110 ffff8801d4f8f980 ffff8801d05d6000 ffff8801d4f8f9a8 ffffffff81660dc8 ffff8801d4f8f900 ffffffff811b99c1 00000001c8d95067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] do_fcntl fs/fcntl.c:274 [inline] [] SYSC_fcntl fs/fcntl.c:372 [inline] [] SyS_fcntl+0x8fd/0xc70 fs/fcntl.c:357 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 18121 Comm: syz-executor7 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801ce92f840 ffffffff81d93149 ffff8801ce92fb20 0000000000000000 ffff8801d05d6110 ffff8801ce92fa10 ffff8801d05d6000 ffff8801ce92fa38 ffffffff81660dc8 ffff8801ce92f990 ffff8801db221518 00000001c8d95067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] SYSC_capset kernel/capability.c:232 [inline] [] SyS_capset+0xbb/0x8e0 kernel/capability.c:223 [] entry_SYSCALL_64_fastpath+0x23/0xc6 binder: 18145:18149 ioctl 4b3b 81 returned -22 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47638 sclass=netlink_route_socket pig=18172 comm=syz-executor5 FAULT_FLAG_ALLOW_RETRY missing 30 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 18180 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d1abf8a0 ffffffff81d93149 ffff8801d1abfb80 0000000000000000 ffff8801aaa67910 ffff8801d1abfa70 ffff8801aaa67800 ffff8801d1abfa98 ffffffff81660dc8 ffff8801d1abf9f0 ffff8801d1ab0000 00000001cc642067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] move_addr_to_kernel net/socket.c:1568 [inline] [] SYSC_connect+0x288/0x310 net/socket.c:1553 [] SyS_connect+0x24/0x30 net/socket.c:1543 [] entry_SYSCALL_64_fastpath+0x23/0xc6 CPU: 1 PID: 18190 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d5d3f9b0 ffffffff81d93149 ffff8801d5d3fc90 0000000000000000 ffff8801aaa67910 ffff8801d5d3fb80 ffff8801aaa67800 ffff8801d5d3fba8 ffffffff81660dc8 ffff8801d5d3fb00 ffffffff8418d948 00000001cc642067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 18167 Comm: syz-executor1 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801aab47900 ffffffff81d93149 ffff8801aab47be0 0000000000000000 ffff8801aaa67910 ffff8801aab47ad0 ffff8801aaa67800 ffff8801aab47af8 ffffffff81660dc8 ffff8801aab47a50 ffff8801d5cf87f8 00000001cc642067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] getname_flags+0x10e/0x580 fs/namei.c:148 [] getname+0x19/0x20 fs/namei.c:208 [] do_sys_open+0x21d/0x4c0 fs/open.c:1066 [] SYSC_openat fs/open.c:1099 [inline] [] SyS_openat+0x30/0x40 fs/open.c:1093 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device gre0 entered promiscuous mode devpts: called with bogus options devpts: called with bogus options IPVS: Creating netns size=2536 id=43 IPVS: Creating netns size=2536 id=44 device gre0 entered promiscuous mode sg_write: data in/out 93/34 bytes for SCSI command 0xfc-- guessing data in; program syz-executor3 not setting count and/or reply_len properly FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 1 PID: 18404 Comm: syz-executor5 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801c6adf9b0 ffffffff81d93149 ffff8801c6adfc90 0000000000000000 ffff8801a9f67490 ffff8801c6adfb80 ffff8801a9f67380 ffff8801c6adfba8 ffffffff81660dc8 ffff8801c6adfb00 ffffffff811c9fc7 00000001c52d5067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 tmpfs: No value for mount option '‹¶K"WöËO¢©S£d€Yl®' tmpfs: No value for mount option '‹¶K"WöËO¢©S£d€Yl®' device gre0 entered promiscuous mode PF_BRIDGE: RTM_SETLINK with unknown ifindex PF_BRIDGE: RTM_SETLINK with unknown ifindex FAULT_FLAG_ALLOW_RETRY missing 30 CPU: 0 PID: 18664 Comm: syz-executor6 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801bc1a7a00 ffffffff81d93149 ffff8801bc1a7ce0 0000000000000000 ffff8801d69c2290 ffff8801bc1a7bd0 ffff8801d69c2180 ffff8801bc1a7bf8 ffffffff81660dc8 ffff8801bc1a7b50 0000000041b58ab3 00000001c993e067 Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] handle_userfault+0xa48/0x1300 fs/userfaultfd.c:323 [] do_anonymous_page mm/memory.c:2747 [inline] [] handle_pte_fault mm/memory.c:3488 [inline] [] __handle_mm_fault mm/memory.c:3577 [inline] [] handle_mm_fault+0x1fd1/0x2530 mm/memory.c:3614 [] __do_page_fault+0x4eb/0xbd0 arch/x86/mm/fault.c:1397 [] do_page_fault+0x27/0x30 arch/x86/mm/fault.c:1460 [] page_fault+0x28/0x30 arch/x86/entry/entry_64.S:1012 [] entry_SYSCALL_64_fastpath+0x23/0xc6 device lo entered promiscuous mode syz-executor3: [ 94.865266] IPVS: Creating netns size=2536 id=45 vmalloc: allocation failure: 17178820608 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) CPU: 0 PID: 18809 Comm: syz-executor3 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801aa257880 ffffffff81d93149 1ffff1003544af13 ffff8801d5480000 ffffffff83ab7ac0 0000000000000001 0000000000400000 ffff8801aa257990 ffffffff81450d72 024000c28cf3e3ba 0000000041b58ab3 ffffffff8418fa0d Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] warn_alloc+0x212/0x240 mm/page_alloc.c:3054 [] __vmalloc_node_range+0x3f5/0x5f0 mm/vmalloc.c:1722 [] __vmalloc_node mm/vmalloc.c:1744 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1758 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1773 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:722 [] translate_table+0x21a/0x1e80 net/ipv6/netfilter/ip6_tables.c:730 [] ? 0xffffffff810002b8 [] do_replace net/ipv6/netfilter/ip6_tables.c:1182 [inline] [] do_ip6t_set_ctl+0x2be/0x470 net/ipv6/netfilter/ip6_tables.c:1708 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:903 [] tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2705 [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2705 [] SYSC_setsockopt net/socket.c:1771 [inline] [] SyS_setsockopt+0x160/0x250 net/socket.c:1750 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Mem-Info: active_anon:87405 inactive_anon:58 isolated_anon:0 active_file:3790 inactive_file:6117 isolated_file:0 unevictable:0 dirty:88 writeback:0 unstable:0 slab_reclaimable:6640 slab_unreclaimable:20781 mapped:22149 shmem:198 pagetables:766 bounce:0 free:1483388 free_pcp:373 free_cma:0 Node 0 active_anon:329364kB inactive_anon:232kB active_file:15160kB inactive_file:24468kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88596kB dirty:352kB writeback:0kB shmem:792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 51200kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB IPVS: Creating netns size=2536 id=46 lowmem_reserve[]: 0 2910 6411 6411 DMA32 free:2981152kB min:30600kB low:38248kB high:45896kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2981848kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:696kB local_pcp:48kB free_cma:0kB syz-executor3: vmalloc: allocation failure: 17178820608 bytes, mode:0x24000c2(GFP_KERNEL|__GFP_HIGHMEM) CPU: 0 PID: 18855 Comm: syz-executor3 Tainted: G B 4.9.52-gc30c69c #54 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ffff8801d0f7f880 ffffffff81d93149 1ffff1003a1eff13 ffff8801c4d83000 ffffffff83ab7ac0 0000000000000001 0000000000400000 ffff8801d0f7f990 ffffffff81450d72 024000c2431ea065 0000000041b58ab3 ffffffff8418fa0d Call Trace: [] __dump_stack lib/dump_stack.c:15 [inline] [] dump_stack+0xc1/0x128 lib/dump_stack.c:51 [] warn_alloc+0x212/0x240 mm/page_alloc.c:3054 [] __vmalloc_node_range+0x3f5/0x5f0 mm/vmalloc.c:1722 [] __vmalloc_node mm/vmalloc.c:1744 [inline] [] __vmalloc_node_flags mm/vmalloc.c:1758 [inline] [] vmalloc+0x5b/0x70 mm/vmalloc.c:1773 [] xt_alloc_entry_offsets+0x41/0x60 net/netfilter/x_tables.c:722 [] translate_table+0x21a/0x1e80 net/ipv6/netfilter/ip6_tables.c:730 [] ? 0xffffffff810002b8 [] do_replace net/ipv6/netfilter/ip6_tables.c:1182 [inline] [] do_ip6t_set_ctl+0x2be/0x470 net/ipv6/netfilter/ip6_tables.c:1708 [] nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] [] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 [] ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:903 [] tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2705 [] sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2705 [] SYSC_setsockopt net/socket.c:1771 [inline] [] SyS_setsockopt+0x160/0x250 net/socket.c:1750 [] entry_SYSCALL_64_fastpath+0x23/0xc6 Mem-Info: active_anon:84869 inactive_anon:58 isolated_anon:0 active_file:3790 inactive_file:6117 isolated_file:0 unevictable:0 dirty:88 writeback:0 unstable:0 slab_reclaimable:6640 slab_unreclaimable:21243 mapped:22124 shmem:198 pagetables:766 bounce:0 free:1485435 free_pcp:426 free_cma:0 Node 0 active_anon:339476kB inactive_anon:232kB active_file:15160kB inactive_file:24468kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:88496kB dirty:352kB writeback:0kB shmem:792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 51200kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB DMA32 free:2981152kB min:30600kB low:38248kB high:45896kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2981848kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:696kB local_pcp:48kB free_cma:0kB Normal free:2944680kB min:36816kB low:46020kB high:55224kB active_anon:339476kB inactive_anon:232kB active_file:15160kB inactive_file:24468kB unevictable:0kB writepending:352kB present:4718592kB managed:3585220kB mlocked:0kB slab_reclaimable:26560kB slab_unreclaimable:84972kB kernel_stack:6368kB pagetables:3064kB bounce:0kB free_pcp:1008kB local_pcp:428kB free_cma:0kB DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB