netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
======================================================
WARNING: possible circular locking dependency detected
4.14.171-syzkaller #0 Not tainted
------------------------------------------------------
kworker/u4:2/25 is trying to acquire lock:
 ((&(&cp->cp_send_w)->work)){+.+.}, at: [<ffffffff813c5de4>] flush_work+0x84/0x730 kernel/workqueue.c:2884

but task is already holding lock:
 (k-sk_lock-AF_INET){+.+.}, at: [<ffffffff85fda7ed>] lock_sock include/net/sock.h:1467 [inline]
 (k-sk_lock-AF_INET){+.+.}, at: [<ffffffff85fda7ed>] rds_tcp_reset_callbacks+0x18d/0x4a0 net/rds/tcp.c:165

which lock already depends on the new lock.


the existing dependency chain (in reverse order) is:

-> #1 (k-sk_lock-AF_INET){+.+.}:
       lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
       lock_sock_nested+0xbd/0x110 net/core/sock.c:2770
       lock_sock include/net/sock.h:1467 [inline]
       do_tcp_setsockopt.isra.0+0x11a/0x1e10 net/ipv4/tcp.c:2557
       tcp_setsockopt+0xb3/0xd0 net/ipv4/tcp.c:2828
       sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968
       kernel_setsockopt+0x104/0x1d0 net/socket.c:3396
       rds_tcp_cork net/rds/tcp_send.c:43 [inline]
       rds_tcp_xmit_path_prepare+0xba/0xf0 net/rds/tcp_send.c:50
       rds_send_xmit+0x1b2/0x1cd0 net/rds/send.c:187
       rds_send_worker+0x73/0x250 net/rds/threads.c:189
       process_one_work+0x863/0x1600 kernel/workqueue.c:2114
       worker_thread+0x5d9/0x1050 kernel/workqueue.c:2248
       kthread+0x319/0x430 kernel/kthread.c:232
       ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404

-> #0 ((&(&cp->cp_send_w)->work)){+.+.}:
       check_prev_add kernel/locking/lockdep.c:1901 [inline]
       check_prevs_add kernel/locking/lockdep.c:2018 [inline]
       validate_chain kernel/locking/lockdep.c:2460 [inline]
       __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487
       lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
       flush_work+0xae/0x730 kernel/workqueue.c:2887
       __cancel_work_timer+0x2f0/0x480 kernel/workqueue.c:2962
       cancel_delayed_work_sync+0x1b/0x20 kernel/workqueue.c:3082
       rds_tcp_reset_callbacks+0x19a/0x4a0 net/rds/tcp.c:167
       rds_tcp_accept_one+0x682/0xa10 net/rds/tcp_listen.c:194
       rds_tcp_accept_worker+0x53/0x70 net/rds/tcp.c:407
       process_one_work+0x863/0x1600 kernel/workqueue.c:2114
       worker_thread+0x5d9/0x1050 kernel/workqueue.c:2248
       kthread+0x319/0x430 kernel/kthread.c:232
       ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404

other info that might help us debug this:

 Possible unsafe locking scenario:

       CPU0                    CPU1
       ----                    ----
  lock(k-sk_lock-AF_INET);
                               lock((&(&cp->cp_send_w)->work));
                               lock(k-sk_lock-AF_INET);
  lock((&(&cp->cp_send_w)->work));

 *** DEADLOCK ***

4 locks held by kworker/u4:2/25:
 #0:  ("%s""krdsd"){+.+.}, at: [<ffffffff813cd58e>] work_static include/linux/workqueue.h:199 [inline]
 #0:  ("%s""krdsd"){+.+.}, at: [<ffffffff813cd58e>] set_work_data kernel/workqueue.c:619 [inline]
 #0:  ("%s""krdsd"){+.+.}, at: [<ffffffff813cd58e>] set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline]
 #0:  ("%s""krdsd"){+.+.}, at: [<ffffffff813cd58e>] process_one_work+0x76e/0x1600 kernel/workqueue.c:2085
 #1:  ((&rtn->rds_tcp_accept_w)){+.+.}, at: [<ffffffff813cd5cb>] process_one_work+0x7ab/0x1600 kernel/workqueue.c:2089
 #2:  (&tc->t_conn_path_lock){+.+.}, at: [<ffffffff85fdc8c8>] rds_tcp_accept_one+0x548/0xa10 net/rds/tcp_listen.c:186
 #3:  (k-sk_lock-AF_INET){+.+.}, at: [<ffffffff85fda7ed>] lock_sock include/net/sock.h:1467 [inline]
 #3:  (k-sk_lock-AF_INET){+.+.}, at: [<ffffffff85fda7ed>] rds_tcp_reset_callbacks+0x18d/0x4a0 net/rds/tcp.c:165

stack backtrace:
CPU: 0 PID: 25 Comm: kworker/u4:2 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: krdsd rds_tcp_accept_worker
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1258
 check_prev_add kernel/locking/lockdep.c:1901 [inline]
 check_prevs_add kernel/locking/lockdep.c:2018 [inline]
 validate_chain kernel/locking/lockdep.c:2460 [inline]
 __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487
 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994
 flush_work+0xae/0x730 kernel/workqueue.c:2887
 __cancel_work_timer+0x2f0/0x480 kernel/workqueue.c:2962
 cancel_delayed_work_sync+0x1b/0x20 kernel/workqueue.c:3082
 rds_tcp_reset_callbacks+0x19a/0x4a0 net/rds/tcp.c:167
 rds_tcp_accept_one+0x682/0xa10 net/rds/tcp_listen.c:194
 rds_tcp_accept_worker+0x53/0x70 net/rds/tcp.c:407
 process_one_work+0x863/0x1600 kernel/workqueue.c:2114
 worker_thread+0x5d9/0x1050 kernel/workqueue.c:2248
 kthread+0x319/0x430 kernel/kthread.c:232
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
nla_parse: 2 callbacks suppressed
netlink: 144 bytes leftover after parsing attributes in process `syz-executor.2'.
IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
syz-executor.4: vmalloc: allocation failure: 17179869496 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null)
syz-executor.4 cpuset=syz4 mems_allowed=0-1
CPU: 1 PID: 10443 Comm: syz-executor.4 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
 __vmalloc_node_range mm/vmalloc.c:1786 [inline]
 __vmalloc_node_range+0x3c3/0x6a0 mm/vmalloc.c:1746
 __vmalloc_node mm/vmalloc.c:1815 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1829 [inline]
 vmalloc+0x46/0x50 mm/vmalloc.c:1851
 htable_create net/netfilter/xt_hashlimit.c:290 [inline]
 hashlimit_mt_check_common.isra.0+0x68b/0x11b0 net/netfilter/xt_hashlimit.c:899
 hashlimit_mt_check_v2+0x304/0x390 net/netfilter/xt_hashlimit.c:943
 xt_check_match+0x254/0x530 net/netfilter/x_tables.c:501
 check_match net/ipv6/netfilter/ip6_tables.c:502 [inline]
 find_check_match net/ipv6/netfilter/ip6_tables.c:519 [inline]
 find_check_entry.isra.0+0x339/0x910 net/ipv6/netfilter/ip6_tables.c:571
 translate_table+0xb9c/0x1610 net/ipv6/netfilter/ip6_tables.c:755
 do_replace net/ipv6/netfilter/ip6_tables.c:1157 [inline]
 do_ip6t_set_ctl+0x268/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline]
 ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914
 tcp_setsockopt net/ipv4/tcp.c:2826 [inline]
 tcp_setsockopt+0x84/0xd0 net/ipv4/tcp.c:2820
 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1865 [inline]
 SyS_setsockopt+0x13c/0x210 net/socket.c:1844
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c449
RSP: 002b:00007f72d72bbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f72d72bc6d4 RCX: 000000000045c449
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 000000000076bf20 R08: 0000000000000498 R09: 0000000000000000
R10: 00000000200004c0 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000a09 R14: 00000000004d5720 R15: 000000000076bf2c
Mem-Info:
active_anon:88889 inactive_anon:190 isolated_anon:0
 active_file:8090 inactive_file:11676 isolated_file:0
 unevictable:0 dirty:113 writeback:0 unstable:0
 slab_reclaimable:15122 slab_unreclaimable:102615
 mapped:60372 shmem:250 pagetables:923 bounce:0
 free:1305594 free_pcp:354 free_cma:0
Node 0 active_anon:355556kB inactive_anon:760kB active_file:32220kB inactive_file:46704kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:241488kB dirty:452kB writeback:0kB shmem:1000kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 241664kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2569 2569 2569 2569
Node 0 DMA32 free:1423920kB min:36384kB low:45480kB high:54576kB active_anon:355548kB inactive_anon:760kB active_file:32220kB inactive_file:46704kB unevictable:0kB writepending:452kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:7296kB pagetables:3692kB bounce:0kB free_pcp:1032kB local_pcp:660kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:3783072kB min:53504kB low:66880kB high:80256kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 6963*4kB (UME) 1740*8kB (UME) 1295*16kB (UME) 788*32kB (UME) 645*64kB (UME) 75*128kB (UME) 11*256kB (UME) 1*512kB (M) 0*1024kB 2*2048kB (UM) 312*4096kB (M) = 1423964kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 60*4kB (UME) 354*8kB (UME) 294*16kB (UM) 66*32kB (UME) 20*64kB (UME) 10*128kB (UM) 7*256kB (U) 1*512kB (U) 2*1024kB (UM) 5*2048kB (UME) 917*4096kB (M) = 3783072kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
20022 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
335854 pages reserved
0 pages cma reserved
syz-executor.4: vmalloc: allocation failure: 17179869496 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null)
syz-executor.4 cpuset=syz4 mems_allowed=0-1
CPU: 0 PID: 10492 Comm: syz-executor.4 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
 __vmalloc_node_range mm/vmalloc.c:1786 [inline]
 __vmalloc_node_range+0x3c3/0x6a0 mm/vmalloc.c:1746
 __vmalloc_node mm/vmalloc.c:1815 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1829 [inline]
 vmalloc+0x46/0x50 mm/vmalloc.c:1851
 htable_create net/netfilter/xt_hashlimit.c:290 [inline]
 hashlimit_mt_check_common.isra.0+0x68b/0x11b0 net/netfilter/xt_hashlimit.c:899
 hashlimit_mt_check_v2+0x304/0x390 net/netfilter/xt_hashlimit.c:943
 xt_check_match+0x254/0x530 net/netfilter/x_tables.c:501
 check_match net/ipv6/netfilter/ip6_tables.c:502 [inline]
 find_check_match net/ipv6/netfilter/ip6_tables.c:519 [inline]
 find_check_entry.isra.0+0x339/0x910 net/ipv6/netfilter/ip6_tables.c:571
 translate_table+0xb9c/0x1610 net/ipv6/netfilter/ip6_tables.c:755
 do_replace net/ipv6/netfilter/ip6_tables.c:1157 [inline]
 do_ip6t_set_ctl+0x268/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline]
 ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914
 tcp_setsockopt net/ipv4/tcp.c:2826 [inline]
 tcp_setsockopt+0x84/0xd0 net/ipv4/tcp.c:2820
 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1865 [inline]
 SyS_setsockopt+0x13c/0x210 net/socket.c:1844
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c449
RSP: 002b:00007f72d72bbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f72d72bc6d4 RCX: 000000000045c449
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 000000000076bf20 R08: 0000000000000498 R09: 0000000000000000
R10: 00000000200004c0 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000a09 R14: 00000000004d5720 R15: 000000000076bf2c
Mem-Info:
active_anon:89411 inactive_anon:189 isolated_anon:0
 active_file:8090 inactive_file:11685 isolated_file:0
 unevictable:0 dirty:122 writeback:0 unstable:0
 slab_reclaimable:15103 slab_unreclaimable:103261
 mapped:60369 shmem:249 pagetables:931 bounce:0
 free:1303871 free_pcp:277 free_cma:0
Node 0 active_anon:353536kB inactive_anon:756kB active_file:32220kB inactive_file:46740kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:241476kB dirty:488kB writeback:0kB shmem:996kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 239616kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2569 2569 2569 2569
Node 0 DMA32 free:1423696kB min:36384kB low:45480kB high:54576kB active_anon:353536kB inactive_anon:756kB active_file:32220kB inactive_file:46740kB unevictable:0kB writepending:488kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:7264kB pagetables:3576kB bounce:0kB free_pcp:1304kB local_pcp:632kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:3783072kB min:53504kB low:66880kB high:80256kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 6894*4kB (UME) 1824*8kB (UME) 1301*16kB (UME) 791*32kB (UME) 600*64kB (UME) 75*128kB (UME) 11*256kB (UME) 1*512kB (M) 0*1024kB 3*2048kB (UM) 312*4096kB (M) = 1423720kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 60*4kB (UME) 354*8kB (UME) 294*16kB (UM) 66*32kB (UME) 20*64kB (UME) 10*128kB (UM) 7*256kB (U) 1*512kB (U) 2*1024kB (UM) 5*2048kB (UME) 917*4096kB (M) = 3783072kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
20027 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
335854 pages reserved
0 pages cma reserved
syz-executor.4: vmalloc: allocation failure: 17179869496 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null)
syz-executor.4 cpuset=syz4 mems_allowed=0-1
CPU: 1 PID: 10540 Comm: syz-executor.4 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
 __vmalloc_node_range mm/vmalloc.c:1786 [inline]
 __vmalloc_node_range+0x3c3/0x6a0 mm/vmalloc.c:1746
 __vmalloc_node mm/vmalloc.c:1815 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1829 [inline]
 vmalloc+0x46/0x50 mm/vmalloc.c:1851
 htable_create net/netfilter/xt_hashlimit.c:290 [inline]
 hashlimit_mt_check_common.isra.0+0x68b/0x11b0 net/netfilter/xt_hashlimit.c:899
 hashlimit_mt_check_v2+0x304/0x390 net/netfilter/xt_hashlimit.c:943
 xt_check_match+0x254/0x530 net/netfilter/x_tables.c:501
 check_match net/ipv6/netfilter/ip6_tables.c:502 [inline]
 find_check_match net/ipv6/netfilter/ip6_tables.c:519 [inline]
 find_check_entry.isra.0+0x339/0x910 net/ipv6/netfilter/ip6_tables.c:571
 translate_table+0xb9c/0x1610 net/ipv6/netfilter/ip6_tables.c:755
 do_replace net/ipv6/netfilter/ip6_tables.c:1157 [inline]
 do_ip6t_set_ctl+0x268/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline]
 ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914
 tcp_setsockopt net/ipv4/tcp.c:2826 [inline]
 tcp_setsockopt+0x84/0xd0 net/ipv4/tcp.c:2820
 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1865 [inline]
 SyS_setsockopt+0x13c/0x210 net/socket.c:1844
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c449
RSP: 002b:00007f72d72bbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f72d72bc6d4 RCX: 000000000045c449
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 000000000076bf20 R08: 0000000000000498 R09: 0000000000000000
R10: 00000000200004c0 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000a09 R14: 00000000004d5720 R15: 000000000076bf2c
syz-executor.4: vmalloc: allocation failure: 17179869496 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null)
syz-executor.4 cpuset=syz4 mems_allowed=0-1
CPU: 0 PID: 10574 Comm: syz-executor.4 Not tainted 4.14.171-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x142/0x197 lib/dump_stack.c:58
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
 __vmalloc_node_range mm/vmalloc.c:1786 [inline]
 __vmalloc_node_range+0x3c3/0x6a0 mm/vmalloc.c:1746
 __vmalloc_node mm/vmalloc.c:1815 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1829 [inline]
 vmalloc+0x46/0x50 mm/vmalloc.c:1851
 htable_create net/netfilter/xt_hashlimit.c:290 [inline]
 hashlimit_mt_check_common.isra.0+0x68b/0x11b0 net/netfilter/xt_hashlimit.c:899
 hashlimit_mt_check_v2+0x304/0x390 net/netfilter/xt_hashlimit.c:943
 xt_check_match+0x254/0x530 net/netfilter/x_tables.c:501
 check_match net/ipv6/netfilter/ip6_tables.c:502 [inline]
 find_check_match net/ipv6/netfilter/ip6_tables.c:519 [inline]
 find_check_entry.isra.0+0x339/0x910 net/ipv6/netfilter/ip6_tables.c:571
 translate_table+0xb9c/0x1610 net/ipv6/netfilter/ip6_tables.c:755
 do_replace net/ipv6/netfilter/ip6_tables.c:1157 [inline]
 do_ip6t_set_ctl+0x268/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685
 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline]
 nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115
 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline]
 ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914
 tcp_setsockopt net/ipv4/tcp.c:2826 [inline]
 tcp_setsockopt+0x84/0xd0 net/ipv4/tcp.c:2820
 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968
 SYSC_setsockopt net/socket.c:1865 [inline]
 SyS_setsockopt+0x13c/0x210 net/socket.c:1844
 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45c449
RSP: 002b:00007f72d72bbc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 00007f72d72bc6d4 RCX: 000000000045c449
RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 000000000076bf20 R08: 0000000000000498 R09: 0000000000000000
R10: 00000000200004c0 R11: 0000000000000246 R12: 00000000ffffffff
R13: 0000000000000a09 R14: 00000000004d5720 R15: 000000000076bf2c
warn_alloc_show_mem: 1 callbacks suppressed
Mem-Info:
active_anon:88406 inactive_anon:191 isolated_anon:0
 active_file:8091 inactive_file:11695 isolated_file:0
 unevictable:0 dirty:133 writeback:0 unstable:0
 slab_reclaimable:14547 slab_unreclaimable:105475
 mapped:60385 shmem:250 pagetables:910 bounce:0
 free:1303742 free_pcp:231 free_cma:0
Node 0 active_anon:353612kB inactive_anon:764kB active_file:32224kB inactive_file:46780kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:241540kB dirty:532kB writeback:0kB shmem:1000kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 241664kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
Node 0 DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 2569 2569 2569 2569
Node 0 DMA32 free:1416632kB min:36384kB low:45480kB high:54576kB active_anon:353512kB inactive_anon:756kB active_file:32224kB inactive_file:46796kB unevictable:0kB writepending:552kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:7264kB pagetables:3604kB bounce:0kB free_pcp:1312kB local_pcp:688kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 1 Normal free:3783072kB min:53504kB low:66880kB high:80256kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:0kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 7095*4kB (UME) 1761*8kB (UME) 1330*16kB (ME) 807*32kB (UME) 470*64kB (UME) 76*128kB (UME) 11*256kB (UME) 1*512kB (M) 0*1024kB 3*2048kB (UM) 312*4096kB (M) = 1416804kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 60*4kB (UME) 354*8kB (UME) 294*16kB (UM) 66*32kB (UME) 20*64kB (UME) 10*128kB (UM) 7*256kB (U) 1*512kB (U) 2*1024kB (UM) 5*2048kB (UME) 917*4096kB (M) = 3783072kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
20040 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
335854 pages reserved
0 pages cma reserved