====================================================== WARNING: possible circular locking dependency detected 4.14.0-rc4+ #126 Not tainted ------------------------------------------------------ loop0/15364 is trying to acquire lock: (&sb->s_type->i_mutex_key#9){++++}, at: [] inode_lock include/linux/fs.h:712 [inline] (&sb->s_type->i_mutex_key#9){++++}, at: [] generic_file_write_iter+0xdc/0x7a0 mm/filemap.c:3175 but now in release context of a crosslock acquired at the following: ((complete)&ret.event){+.+.}, at: [] submit_bio_wait+0x15e/0x200 block/bio.c:953 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #4 ((complete)&ret.event){+.+.}: check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x328f/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 complete_acquire include/linux/completion.h:39 [inline] __wait_for_common kernel/sched/completion.c:108 [inline] wait_for_common_io kernel/sched/completion.c:128 [inline] wait_for_completion_io+0xcb/0x7b0 kernel/sched/completion.c:176 submit_bio_wait+0x15e/0x200 block/bio.c:953 blkdev_issue_zeroout+0x13c/0x1d0 block/blk-lib.c:370 sb_issue_zeroout include/linux/blkdev.h:1368 [inline] ext4_init_inode_table+0x4fd/0xdb1 fs/ext4/ialloc.c:1447 ext4_run_li_request fs/ext4/super.c:2866 [inline] ext4_lazyinit_thread+0x808/0xd30 fs/ext4/super.c:2960 kthread+0x39c/0x470 kernel/kthread.c:231 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 -> #3 (&meta_group_info[i]->alloc_sem){++++}: check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x328f/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 down_read+0x96/0x150 kernel/locking/rwsem.c:23 __ext4_new_inode+0x26dc/0x4f00 fs/ext4/ialloc.c:1056 ext4_symlink+0x2d9/0xae0 fs/ext4/namei.c:3118 vfs_symlink+0x323/0x560 fs/namei.c:4115 SYSC_symlinkat fs/namei.c:4142 [inline] SyS_symlinkat fs/namei.c:4122 [inline] SYSC_symlink fs/namei.c:4155 [inline] SyS_symlink+0x134/0x200 fs/namei.c:4153 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #2 (jbd2_handle){++++}: check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x328f/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 start_this_handle+0x4b8/0x1080 fs/jbd2/transaction.c:390 jbd2__journal_start+0x389/0x9f0 fs/jbd2/transaction.c:444 __ext4_journal_start_sb+0x15f/0x550 fs/ext4/ext4_jbd2.c:80 __ext4_journal_start fs/ext4/ext4_jbd2.h:314 [inline] ext4_dirty_inode+0x56/0xa0 fs/ext4/inode.c:5859 __mark_inode_dirty+0x912/0x1170 fs/fs-writeback.c:2096 generic_update_time+0x1b2/0x270 fs/inode.c:1649 update_time fs/inode.c:1665 [inline] touch_atime+0x26d/0x2f0 fs/inode.c:1737 file_accessed include/linux/fs.h:2061 [inline] ext4_file_mmap+0x161/0x1b0 fs/ext4/file.c:352 call_mmap include/linux/fs.h:1775 [inline] mmap_region+0xa99/0x15a0 mm/mmap.c:1690 do_mmap+0x6a1/0xd50 mm/mmap.c:1468 do_mmap_pgoff include/linux/mm.h:2150 [inline] vm_mmap_pgoff+0x1de/0x280 mm/util.c:333 SYSC_mmap_pgoff mm/mmap.c:1518 [inline] SyS_mmap_pgoff+0x462/0x5f0 mm/mmap.c:1476 SYSC_mmap arch/x86/kernel/sys_x86_64.c:99 [inline] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:90 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #1 (&mm->mmap_sem){++++}: check_prevs_add kernel/locking/lockdep.c:2020 [inline] validate_chain kernel/locking/lockdep.c:2469 [inline] __lock_acquire+0x328f/0x4620 kernel/locking/lockdep.c:3498 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4002 __might_fault+0x13a/0x1d0 mm/memory.c:4502 _copy_to_user+0x2c/0xc0 lib/usercopy.c:24 copy_to_user include/linux/uaccess.h:154 [inline] filldir+0x1a7/0x320 fs/readdir.c:196 dir_emit_dot include/linux/fs.h:3339 [inline] dir_emit_dots include/linux/fs.h:3350 [inline] dcache_readdir+0x12d/0x5e0 fs/libfs.c:192 iterate_dir+0x4b2/0x5d0 fs/readdir.c:51 SYSC_getdents fs/readdir.c:231 [inline] SyS_getdents+0x225/0x450 fs/readdir.c:212 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #0 (&sb->s_type->i_mutex_key#9){++++}: down_write+0x87/0x120 kernel/locking/rwsem.c:53 inode_lock include/linux/fs.h:712 [inline] generic_file_write_iter+0xdc/0x7a0 mm/filemap.c:3175 call_write_iter include/linux/fs.h:1770 [inline] do_iter_readv_writev+0x531/0x7f0 fs/read_write.c:673 do_iter_write+0x15a/0x540 fs/read_write.c:952 vfs_iter_write+0x77/0xb0 fs/read_write.c:965 other info that might help us debug this: Chain exists of: &sb->s_type->i_mutex_key#9 --> &meta_group_info[i]->alloc_sem --> (complete)&ret.event Possible unsafe locking scenario by crosslock: CPU0 CPU1 ---- ---- lock(&meta_group_info[i]->alloc_sem); lock((complete)&ret.event); lock(&sb->s_type->i_mutex_key#9); unlock((complete)&ret.event); *** DEADLOCK *** 1 lock held by loop0/15364: #0: (&x->wait#14){..-.}, at: [] complete+0x18/0x80 kernel/sched/completion.c:34 stack backtrace: CPU: 0 PID: 15364 Comm: loop0 Not tainted 4.14.0-rc4+ #126 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 print_circular_bug+0x503/0x710 kernel/locking/lockdep.c:1259 check_prev_add+0x865/0x1520 kernel/locking/lockdep.c:1894 commit_xhlock kernel/locking/lockdep.c:5015 [inline] commit_xhlocks kernel/locking/lockdep.c:5059 [inline] lock_commit_crosslock+0xe59/0x1d00 kernel/locking/lockdep.c:5098 complete_release_commit include/linux/completion.h:49 [inline] complete+0x24/0x80 kernel/sched/completion.c:39 submit_bio_wait_endio+0x9c/0xd0 block/bio.c:930 bio_endio+0x2f8/0x8d0 block/bio.c:1855 req_bio_endio block/blk-core.c:204 [inline] blk_update_request+0x2a6/0xe20 block/blk-core.c:2746 blk_mq_end_request+0x54/0x120 block/blk-mq.c:509 lo_complete_rq+0xbe/0x1f0 drivers/block/loop.c:463 __blk_mq_complete_request+0x38f/0x6c0 block/blk-mq.c:550 blk_mq_complete_request+0x4f/0x60 block/blk-mq.c:570 loop_handle_cmd drivers/block/loop.c:1710 [inline] loop_queue_work+0x26b/0x3900 drivers/block/loop.c:1719 kthread_worker_fn+0x32b/0x980 kernel/kthread.c:635 loop_kthread_worker_fn+0x51/0x60 drivers/block/loop.c:836 kthread+0x39c/0x470 kernel/kthread.c:231 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 device syz6 left promiscuous mode device syz6 entered promiscuous mode device syz6 left promiscuous mode device syz6 entered promiscuous mode IPv6: NLM_F_REPLACE set, but no existing node found! IPv6: NLM_F_REPLACE set, but no existing node found! audit: type=1326 audit(1507785699.004:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=15502 comm=03 exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x0 audit: type=1326 audit(1507785699.079:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=15502 comm=03 exe="/root/syz-executor3" sig=9 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x0 nla_parse: 4 callbacks suppressed netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65535 sclass=netlink_xfrm_socket pig=15545 comm=syz-executor5 netlink: 60 bytes leftover after parsing attributes in process `syz-executor5'. SELinux: unrecognized netlink message: protocol=6 nlmsg_type=65535 sclass=netlink_xfrm_socket pig=15560 comm=syz-executor5 netlink: 60 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. xprt_adjust_timeout: rq_timeout = 0! xprt_adjust_timeout: rq_timeout = 0! QAT: Invalid ioctl QAT: Invalid ioctl netlink: 6 bytes leftover after parsing attributes in process `syz-executor3'. kvm_pmu: event creation failed -2 netlink: 6 bytes leftover after parsing attributes in process `syz-executor3'. Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'. IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready device eql entered promiscuous mode device eql entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor6'. lo: Invalid MTU -33619942 requested, hw min 0 netlink: 2 bytes leftover after parsing attributes in process `syz-executor6'. device  entered promiscuous mode lo: Invalid MTU -33619942 requested, hw min 0 device  left promiscuous mode device  entered promiscuous mode device  left promiscuous mode device syz0 left promiscuous mode device syz0 entered promiscuous mode device syz0 left promiscuous mode device syz0 entered promiscuous mode QAT: Invalid ioctl kvm_hv_set_msr: 121 callbacks suppressed kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008f data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008e data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008d data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008c data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008b data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008a data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000089 data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000088 data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000087 data 0xe0000011 kvm [16048]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000086 data 0xe0000011 audit: type=1326 audit(1507785701.653:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16111 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0xffff0000 audit: type=1326 audit(1507785701.742:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16111 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0xffff0000 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16134 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9 sclass=netlink_route_socket pig=16134 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16149 comm=syz-executor0 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9 sclass=netlink_route_socket pig=16156 comm=syz-executor0 QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl device syz1 entered promiscuous mode QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor0 (pid 16307) Use of int in max_burst socket option deprecated. Use struct sctp_assoc_value instead QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor0 (pid 16307) Use of int in max_burst socket option deprecated. Use struct sctp_assoc_value instead device syz1 left promiscuous mode audit: type=1326 audit(1507785702.682:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16387 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785702.682:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16387 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=53 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785702.682:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16387 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785702.685:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16387 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=85 compat=0 ip=0x4520a9 code=0x7ffc0000 *** Guest State *** SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16438 comm=syz-executor5 CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 *** Guest State *** CR0: actual=0x0000000080000031, shadow=0x0000000060000011, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002050, shadow=0x0000000000000020, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x0000000000000f80 RIP = 0x0000000000000000 RFLAGS=0x00000002 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000f80 CS:RIP=0050:0000000000002810 CS: sel=0x0030, attr=0x0409b, limit=0x000fffff, base=0x0000000000000000 DS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 SS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 ES: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 FS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GS: sel=0x0038, attr=0x04093, limit=0x000fffff, base=0x0000000000000000 GDTR: limit=0x000007ff, base=0x0000000000001000 LDTR: sel=0x0008, attr=0x04082, limit=0x000007ff, base=0x0000000000001800 IDTR: limit=0x000001ff, base=0x0000000000003800 TR: sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000 EFER = 0x0000000000000001 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811ba093 RSP = 0xffff8801c3f074c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f860a465700 GSBase=ffff8801db300000 TRBase=ffff8801db3231c0 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=00000001cea98000 CR4=00000000001426e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d45170 EFER = 0x0000000000000d01 PAT = 0x0000000000000000 *** Control State *** PinBased=0000003f CPUBased=b699edfe SecondaryExec=00000042 EntryControls=0000d1ff ExitControls=0023efff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000080 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffb7403f2732 EPT pointer = 0x00000001d1a1b01e Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811ba093 RSP = 0xffff8801c4a974c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f860a4c9700 GSBase=ffff8801db200000 TRBase=ffff8801db3231c0 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=00000001cea98000 CR4=00000000001426f0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff84d45170 EFER = 0x0000000000000d01 PAT = 0x0000000000000000 *** Control State *** PinBased=0000003f CPUBased=b699edfe SecondaryExec=00000042 EntryControls=0000d1ff ExitControls=0023efff ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=80000080 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffb760ea669d EPT pointer = 0x00000001ca34901e QAT: Invalid ioctl QAT: Invalid ioctl TCP: lo: Driver has suspect GRO implementation, TCP performance may be compromised. kauditd_printk_skb: 85 callbacks suppressed audit: type=1326 audit(1507785704.080:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.081:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=22 compat=0 ip=0x4520a9 code=0x7ffc0000 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pig=16713 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=23 sclass=netlink_route_socket pig=16722 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3 sclass=netlink_route_socket pig=16730 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16730 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16730 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3 sclass=netlink_route_socket pig=16730 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16730 comm=syz-executor1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=16730 comm=syz-executor1 sg_write: data in/out 822404280/197 bytes for SCSI command 0x12-- guessing data in; program syz-executor2 not setting count and/or reply_len properly sg_write: data in/out 213832448/199 bytes for SCSI command 0xf-- guessing data in; program syz-executor2 not setting count and/or reply_len properly audit: type=1326 audit(1507785704.081:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.081:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=16 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.081:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.083:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=55 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.083:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.083:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=54 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.083:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=202 compat=0 ip=0x4520a9 code=0x7ffc0000 audit: type=1326 audit(1507785704.083:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=16663 comm="syz-executor7" exe="/root/syz-executor7" sig=0 arch=c000003e syscall=330 compat=0 ip=0x4520a9 code=0x7ffc0000 device syz1 entered promiscuous mode nla_parse: 12 callbacks suppressed netlink: 5 bytes leftover after parsing attributes in process `syz-executor6'. device syz1 left promiscuous mode device syz1 entered promiscuous mode netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 12 bytes leftover after parsing attributes in process `syz-executor3'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor1'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=17035 comm=syz-executor5 sctp: [Deprecated]: syz-executor5 (pid 17095) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead SELinux: unrecognized netlink message: protocol=9 nlmsg_type=257 sclass=netlink_audit_socket pig=17076 comm=syz-executor3 sctp: [Deprecated]: syz-executor5 (pid 17113) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead syz-executor0: vmalloc: allocation failure: 17179607040 bytes, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null) syz-executor0 cpuset=/ mems_allowed=0 CPU: 1 PID: 17111 Comm: syz-executor0 Not tainted 4.14.0-rc4+ #126 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 warn_alloc+0x1c2/0x2f0 mm/page_alloc.c:3254 __vmalloc_node_range+0x581/0x710 mm/vmalloc.c:1781 __vmalloc_node mm/vmalloc.c:1810 [inline] __vmalloc_node_flags_caller+0x50/0x60 mm/vmalloc.c:1832 kvmalloc_node+0x82/0xd0 mm/util.c:406 kvmalloc include/linux/mm.h:529 [inline] kvmalloc_array include/linux/mm.h:545 [inline] xt_alloc_entry_offsets+0x21/0x30 net/netfilter/x_tables.c:774 translate_table+0x235/0x1690 net/ipv6/netfilter/ip6_tables.c:705 do_replace net/ipv6/netfilter/ip6_tables.c:1150 [inline] do_ip6t_set_ctl+0x34b/0x5c0 net/ipv6/netfilter/ip6_tables.c:1676 nf_sockopt net/netfilter/nf_sockopt.c:105 [inline] nf_setsockopt+0x67/0xc0 net/netfilter/nf_sockopt.c:114 ipv6_setsockopt+0x115/0x150 net/ipv6/ipv6_sockglue.c:919 tcp_setsockopt+0x82/0xd0 net/ipv4/tcp.c:2799 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2965 SYSC_setsockopt net/socket.c:1852 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1831 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x4520a9 RSP: 002b:00007fb42b083c08 EFLAGS: 00000216 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000018 RBP: 0000000000003d90 R08: 0000000000000004 R09: 0000000000000000 R10: 0000000020001fde R11: 0000000000000216 R12: 00000000004b7fd1 R13: 00000000ffffffff R14: 0000000020000000 R15: 0000000000001000 Mem-Info: active_anon:126731 inactive_anon:110 isolated_anon:0 active_file:3710 inactive_file:6241 isolated_file:0 unevictable:0 dirty:124 writeback:0 unstable:0 slab_reclaimable:8431 slab_unreclaimable:106120 mapped:22295 shmem:282 pagetables:923 bounce:0 free:1354841 free_pcp:438 free_cma:0 Node 0 active_anon:511020kB inactive_anon:440kB active_file:14840kB inactive_file:24964kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:89180kB dirty:496kB writeback:0kB shmem:1128kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 43008kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no QAT: Invalid ioctl Node 0 DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2886 6399 6399 Node 0 DMA32 free:2957424kB min:30408kB low:38008kB high:45608kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2958156kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:732kB local_pcp:120kB free_cma:0kB lowmem_reserve[]: 0 0 3513 3513 Node 0 Normal free:2445220kB min:37008kB low:46260kB high:55512kB active_anon:506844kB inactive_anon:440kB active_file:14840kB inactive_file:48872kB unevictable:0kB writepending:496kB present:4718592kB managed:3597444kB mlocked:0kB kernel_stack:5056kB pagetables:3544kB bounce:0kB free_pcp:1008kB local_pcp:620kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 8*4kB (UM) 2*8kB (U) 4*16kB (UM) 4*32kB (UM) 4*64kB (M) 3*128kB (M) 3*256kB (UM) 5*512kB (UM) 2*1024kB (UM) 3*2048kB (UM) 719*4096kB (M) = 2957424kB Node 0 Normal: 38*4kB (ME) 107*8kB (UE) 1378*16kB (UME) 919*32kB (UME) 1311*64kB (UME) 341*128kB (UM) 77*256kB (UM) 12*512kB (UME) 31*1024kB (UM) 1*2048kB (E) 534*4096kB (M) = 2426928kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 10932 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 323102 pages reserved netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. device gre0 entered promiscuous mode device gre0 left promiscuous mode netlink: 5 bytes leftover after parsing attributes in process `syz-executor0'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 13 bytes leftover after parsing attributes in process `syz-executor0'.