ip6_tables: ip6tables: counters copy to user failed while replacing table ====================================================== WARNING: possible circular locking dependency detected syz-executor.0: 4.14.171-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor.3/29168 is trying to acquire lock: (rtnl_mutex){+.+.}, at: [] rtnl_lock+0x17/0x20 net/core/rtnetlink.c:72 but task is already holding lock: page allocation failure: order:0 (&xt[i].mutex){+.+.}, at: [] xt_find_table_lock+0x3c/0x3d0 net/netfilter/x_tables.c:1092 which lock already depends on the new lock. , mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask= the existing dependency chain (in reverse order) is: -> #1 (&xt[i].mutex){+.+.}: lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 xt_find_target+0x3e/0x1e0 net/netfilter/x_tables.c:232 (null) xt_request_find_target net/netfilter/x_tables.c:261 [inline] xt_request_find_target+0x74/0xe0 net/netfilter/x_tables.c:254 ipt_init_target+0xce/0x290 net/sched/act_ipt.c:45 __tcf_ipt_init+0x48c/0xb50 net/sched/act_ipt.c:168 tcf_xt_init+0x4e/0x60 net/sched/act_ipt.c:210 tcf_action_init_1+0x53c/0xaa0 net/sched/act_api.c:682 tcf_action_init+0x2ab/0x480 net/sched/act_api.c:751 tcf_action_add net/sched/act_api.c:1079 [inline] tc_ctl_action+0x30a/0x548 net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3da/0xb70 net/core/rtnetlink.c:4315 netlink_rcv_skb+0x14f/0x3c0 net/netlink/af_netlink.c:2432 rtnetlink_rcv+0x1d/0x30 net/core/rtnetlink.c:4327 netlink_unicast_kernel net/netlink/af_netlink.c:1286 [inline] netlink_unicast+0x44d/0x650 net/netlink/af_netlink.c:1312 netlink_sendmsg+0x7c4/0xc60 net/netlink/af_netlink.c:1877 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 kernel_sendmsg+0x44/0x50 net/socket.c:664 syz-executor.0 cpuset= sock_no_sendpage+0x107/0x130 net/core/sock.c:2569 kernel_sendpage+0x92/0xf0 net/socket.c:3407 sock_sendpage+0x8b/0xc0 net/socket.c:871 pipe_to_sendpage+0x242/0x340 fs/splice.c:451 splice_from_pipe_feed fs/splice.c:502 [inline] __splice_from_pipe+0x348/0x780 fs/splice.c:626 splice_from_pipe+0xf0/0x150 fs/splice.c:661 generic_splice_sendpage+0x3c/0x50 fs/splice.c:832 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0xd92/0x1430 fs/splice.c:1382 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #0 syz0 ( mems_allowed=0-1 rtnl_mutex){+.+.}: check_prev_add kernel/locking/lockdep.c:1901 [inline] check_prevs_add kernel/locking/lockdep.c:2018 [inline] validate_chain kernel/locking/lockdep.c:2460 [inline] __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:72 unregister_netdevice_notifier+0x5f/0x2c0 net/core/dev.c:1634 tee_tg_destroy+0x61/0xc0 net/netfilter/xt_TEE.c:123 cleanup_entry+0x1a6/0x260 net/ipv6/netfilter/ip6_tables.c:684 CPU: 0 PID: 29148 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 __do_replace+0x3c5/0x5c0 net/ipv6/netfilter/ip6_tables.c:1105 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 do_replace net/ipv6/netfilter/ip6_tables.c:1161 [inline] do_ip6t_set_ctl+0x296/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685 Call Trace: nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline] ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 udpv6_setsockopt+0x4e/0x90 net/ipv6/udp.c:1459 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1865 [inline] SyS_setsockopt+0x13c/0x210 net/socket.c:1844 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 entry_SYSCALL_64_after_hwframe+0x42/0xb7 other info that might help us debug this: Possible unsafe locking scenario: __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 CPU0 CPU1 ---- ---- lock( alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 &xt[i].mutex); alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 lock( kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 rtnl_mutex kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 ); lock( vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 &xt[i].mutex ); lock( rtnl_mutex ); kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 *** DEADLOCK *** kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 1 lock held by syz-executor.3/29168: #0: ( &xt[i].mutex ){+.+.}, at: [] xt_find_table_lock+0x3c/0x3d0 net/netfilter/x_tables.c:1092 stack backtrace: vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000d RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc CPU: 1 PID: 29168 Comm: syz-executor.3 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1258 check_prev_add kernel/locking/lockdep.c:1901 [inline] check_prevs_add kernel/locking/lockdep.c:2018 [inline] validate_chain kernel/locking/lockdep.c:2460 [inline] __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0xe8/0x1470 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 rtnl_lock+0x17/0x20 net/core/rtnetlink.c:72 unregister_netdevice_notifier+0x5f/0x2c0 net/core/dev.c:1634 tee_tg_destroy+0x61/0xc0 net/netfilter/xt_TEE.c:123 cleanup_entry+0x1a6/0x260 net/ipv6/netfilter/ip6_tables.c:684 __do_replace+0x3c5/0x5c0 net/ipv6/netfilter/ip6_tables.c:1105 do_replace net/ipv6/netfilter/ip6_tables.c:1161 [inline] do_ip6t_set_ctl+0x296/0x3f4 net/ipv6/netfilter/ip6_tables.c:1685 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:115 ipv6_setsockopt net/ipv6/ipv6_sockglue.c:930 [inline] ipv6_setsockopt+0x105/0x130 net/ipv6/ipv6_sockglue.c:914 udpv6_setsockopt+0x4e/0x90 net/ipv6/udp.c:1459 sock_common_setsockopt+0x94/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1865 [inline] SyS_setsockopt+0x13c/0x210 net/socket.c:1844 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f1b2a50cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 00007f1b2a50d6d4 RCX: 000000000045c449 RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000009 RBP: 000000000076c060 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000020000c40 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000000a32 R14: 00000000004d5bb0 R15: 000000000076c06c ip6_tables: ip6tables: counters copy to user failed while replacing table syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 0 PID: 29205 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000d RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc warn_alloc_show_mem: 1 callbacks suppressed Mem-Info: active_anon:453613 inactive_anon:23075 isolated_anon:0 active_file:11155 inactive_file:4570 isolated_file:0 unevictable:0 dirty:227 writeback:0 unstable:0 slab_reclaimable:17994 slab_unreclaimable:196109 mapped:59500 shmem:258 pagetables:43377 bounce:0 free:757282 free_pcp:567 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235524kB inactive_anon:73304kB active_file:44592kB inactive_file:18280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:29072kB dirty:912kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10476kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35088kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:988kB local_pcp:668kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2983564kB min:53504kB low:66880kB high:80256kB active_anon:235524kB inactive_anon:73304kB active_file:44592kB inactive_file:18280kB unevictable:0kB writepending:912kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13984kB pagetables:41704kB bounce:0kB free_pcp:1276kB local_pcp:632kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 3*8kB (UM) 2*16kB (UM) 1*32kB (E) 2*64kB (UE) 2*128kB (UE) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10476kB Node 0 DMA32: 1156*4kB (UMEH) 517*8kB (UMEH) 607*16kB (UM) 373*32kB (UM) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35080kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 243*4kB (UME) 59*8kB (UME) 52*16kB (UME) 29*32kB (UME) 51*64kB (UME) 81*128kB (UME) 21*256kB (UME) 12*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2983620kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15908 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 1 PID: 29257 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000d RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. QAT: Invalid ioctl QAT: Invalid ioctl syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 0 PID: 29315 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000b RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc warn_alloc_show_mem: 1 callbacks suppressed Mem-Info: active_anon:453626 inactive_anon:23077 isolated_anon:0 active_file:11172 inactive_file:4564 isolated_file:0 unevictable:0 dirty:254 writeback:0 unstable:0 slab_reclaimable:17982 slab_unreclaimable:196024 mapped:59479 shmem:258 pagetables:43332 bounce:0 free:757382 free_pcp:585 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:24kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235576kB inactive_anon:73312kB active_file:44664kB inactive_file:18252kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:28988kB dirty:1016kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10476kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35096kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:24kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:984kB local_pcp:312kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2983956kB min:53504kB low:66880kB high:80256kB active_anon:235576kB inactive_anon:73312kB active_file:44664kB inactive_file:18252kB unevictable:0kB writepending:1016kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13888kB pagetables:41524kB bounce:0kB free_pcp:1344kB local_pcp:736kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 3*8kB (UM) 2*16kB (UM) 1*32kB (E) 2*64kB (UE) 2*128kB (UE) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10476kB Node 0 DMA32: 1156*4kB (UMEH) 523*8kB (UMEH) 603*16kB (UM) 373*32kB (UM) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35064kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 181*4kB (UME) 128*8kB (UME) 58*16kB (UME) 35*32kB (UME) 36*64kB (UE) 81*128kB (UME) 20*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2984020kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15911 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 0 PID: 29371 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000b RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc Mem-Info: active_anon:453610 inactive_anon:23077 isolated_anon:0 active_file:11172 inactive_file:4571 isolated_file:0 unevictable:0 dirty:272 writeback:0 unstable:0 slab_reclaimable:17987 slab_unreclaimable:195633 mapped:59477 shmem:258 pagetables:43356 bounce:0 free:757798 free_pcp:557 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:24kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235512kB inactive_anon:73312kB active_file:44664kB inactive_file:18280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:28980kB dirty:1096kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10420kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35072kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:24kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:980kB local_pcp:668kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2985652kB min:53504kB low:66880kB high:80256kB active_anon:235512kB inactive_anon:73312kB active_file:44664kB inactive_file:18280kB unevictable:0kB writepending:1096kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13984kB pagetables:41620kB bounce:0kB free_pcp:1240kB local_pcp:712kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 2*8kB (M) 1*16kB (M) 2*32kB (UE) 1*64kB (E) 2*128kB (UE) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10420kB Node 0 DMA32: 1156*4kB (UMEH) 524*8kB (UMEH) 603*16kB (UM) 373*32kB (UMH) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35072kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 163*4kB (UME) 193*8kB (UME) 68*16kB (UME) 39*32kB (UME) 38*64kB (UME) 86*128kB (UME) 21*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2985780kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15924 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pig=29404 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=29404 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pig=29409 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=29409 comm=syz-executor.3 SELinux: unknown mount option netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. SELinux: unknown mount option netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.1'. syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 0 PID: 29434 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000b RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc Mem-Info: active_anon:453604 inactive_anon:23077 isolated_anon:0 active_file:11173 inactive_file:4570 isolated_file:0 unevictable:0 dirty:277 writeback:0 unstable:0 slab_reclaimable:17983 slab_unreclaimable:195493 mapped:59527 shmem:258 pagetables:43367 bounce:0 free:757919 free_pcp:480 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235488kB inactive_anon:73312kB active_file:44664kB inactive_file:18280kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:29080kB dirty:1108kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10372kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35072kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:976kB local_pcp:668kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2986124kB min:53504kB low:66880kB high:80256kB active_anon:235512kB inactive_anon:73312kB active_file:44664kB inactive_file:18324kB unevictable:0kB writepending:1188kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13984kB pagetables:41620kB bounce:0kB free_pcp:1036kB local_pcp:408kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 2*8kB (M) 1*16kB (M) 2*32kB (UE) 2*64kB (UE) 1*128kB (E) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10356kB Node 0 DMA32: 1156*4kB (UMEH) 531*8kB (UMEH) 604*16kB (UMH) 372*32kB (UM) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35112kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 161*4kB (UME) 151*8kB (UME) 79*16kB (UME) 49*32kB (UME) 39*64kB (UME) 86*128kB (UME) 22*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2986252kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15932 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pig=29470 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=29470 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=62464 sclass=netlink_route_socket pig=29470 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=29476 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2048 sclass=netlink_route_socket pig=29470 comm=syz-executor.3 syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 1 PID: 29503 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871aec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871af6d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000e RBP: 000000000076c060 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076c06c Mem-Info: active_anon:453634 inactive_anon:23077 isolated_anon:0 active_file:11169 inactive_file:4587 isolated_file:3 unevictable:0 dirty:310 writeback:0 unstable:0 slab_reclaimable:17987 slab_unreclaimable:195475 mapped:59477 shmem:258 pagetables:43352 bounce:0 free:757901 free_pcp:503 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:12kB inactive_file:4kB unevictable:0kB isolated(anon):0kB isolated(file):12kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235608kB inactive_anon:73312kB active_file:44664kB inactive_file:18344kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:28980kB dirty:1240kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10356kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35072kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:960kB local_pcp:308kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2986256kB min:53504kB low:66880kB high:80256kB active_anon:235512kB inactive_anon:73312kB active_file:44664kB inactive_file:18344kB unevictable:0kB writepending:1240kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13984kB pagetables:41620kB bounce:0kB free_pcp:1292kB local_pcp:644kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 2*8kB (M) 1*16kB (M) 2*32kB (UE) 2*64kB (UE) 1*128kB (E) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10356kB Node 0 DMA32: 1156*4kB (UMEH) 528*8kB (UME) 603*16kB (UMH) 372*32kB (UMH) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35072kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 178*4kB (UME) 165*8kB (UME) 98*16kB (UME) 43*32kB (UME) 40*64kB (UME) 83*128kB (UME) 22*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2986224kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15938 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=29528 comm=syz-executor.3 syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 1 PID: 29540 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000d RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc IPVS: set_ctl: invalid protocol: 44 0.0.0.0:20001 IPVS: set_ctl: invalid protocol: 44 0.0.0.0:20001 audit: type=1400 audit(1582602736.082:15322): avc: denied { relabelto } for pid=29610 comm="syz-executor.3" name="NETLINK" dev="sockfs" ino=380474 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:audisp_var_run_t:s0 tclass=netlink_route_socket permissive=1 netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 1 PID: 29599 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'. warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000b RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc warn_alloc_show_mem: 1 callbacks suppressed Mem-Info: active_anon:453634 inactive_anon:23077 isolated_anon:0 active_file:11173 inactive_file:4598 isolated_file:0 unevictable:0 dirty:323 writeback:0 unstable:0 slab_reclaimable:18017 slab_unreclaimable:195412 mapped:59500 shmem:258 pagetables:43368 bounce:0 free:757830 free_pcp:520 free_cma:0 Node 0 active_anon:1578928kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:208928kB dirty:0kB writeback:0kB shmem:964kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 1097728kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes Node 1 active_anon:235608kB inactive_anon:73312kB active_file:44664kB inactive_file:18392kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:29072kB dirty:1296kB writeback:0kB shmem:68kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 55296kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:10356kB min:216kB low:268kB high:320kB active_anon:4316kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:64kB pagetables:76kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2569 2569 2569 2569 Node 0 DMA32 free:35032kB min:36384kB low:45480kB high:54576kB active_anon:1574612kB inactive_anon:18996kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2634400kB mlocked:0kB kernel_stack:45696kB pagetables:131728kB bounce:0kB free_pcp:920kB local_pcp:292kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 1 Normal free:2986380kB min:53504kB low:66880kB high:80256kB active_anon:235512kB inactive_anon:73312kB active_file:44664kB inactive_file:18392kB unevictable:0kB writepending:1300kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:13984kB pagetables:41620kB bounce:0kB free_pcp:1328kB local_pcp:648kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 0 Node 0 DMA: 5*4kB (ME) 2*8kB (M) 1*16kB (M) 2*32kB (UE) 2*64kB (UE) 1*128kB (E) 3*256kB (UME) 2*512kB (ME) 2*1024kB (ME) 1*2048kB (E) 1*4096kB (U) = 10356kB Node 0 DMA32: 1156*4kB (UMEH) 529*8kB (UMEH) 600*16kB (UM) 372*32kB (UMH) 63*64kB (UME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 35032kB Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB Node 1 Normal: 85*4kB (UME) 108*8kB (UME) 84*16kB (UME) 64*32kB (UE) 43*64kB (UME) 84*128kB (UME) 23*256kB (UME) 12*512kB (UME) 5*1024kB (UME) 1*2048kB (U) 720*4096kB (M) = 2986420kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 15950 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 335854 pages reserved 0 pages cma reserved syz-executor.0: page allocation failure: order:0, mode:0x14000c4(GFP_KERNEL|GFP_DMA32), nodemask=(null) syz-executor.0 cpuset=syz0 mems_allowed=0-1 CPU: 0 PID: 29648 Comm: syz-executor.0 Not tainted 4.14.171-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248 __alloc_pages_slowpath+0x23c6/0x2930 mm/page_alloc.c:4095 __alloc_pages_nodemask+0x62c/0x7a0 mm/page_alloc.c:4198 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] alloc_mmu_pages arch/x86/kvm/mmu.c:5142 [inline] kvm_mmu_create+0xdf/0x1e0 arch/x86/kvm/mmu.c:5160 kvm_arch_vcpu_init+0x29c/0x8e0 arch/x86/kvm/x86.c:8306 kvm_vcpu_init+0x272/0x360 arch/x86/kvm/../../../virt/kvm/kvm_main.c:320 vmx_create_vcpu+0xfc/0x2aa0 arch/x86/kvm/vmx.c:10050 kvm_arch_vcpu_create+0x8c/0xc0 arch/x86/kvm/x86.c:8019 kvm_vm_ioctl_create_vcpu arch/x86/kvm/../../../virt/kvm/kvm_main.c:2549 [inline] kvm_vm_ioctl+0x501/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3057 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x7ae/0x1060 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45c449 RSP: 002b:00007f6d871cfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00007f6d871d06d4 RCX: 000000000045c449 RDX: 0000000000000000 RSI: 000000000000ae41 RDI: 000000000000000d RBP: 000000000076bfc0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 000000000000038f R14: 00000000004c5c3b R15: 000000000076bfcc