WARNING in __mod_memcg_lruvec_state
------------[ cut here ]------------
WARNING: CPU: 1 PID: 34 at mm/memcontrol.c:749 __mod_memcg_lruvec_state+0x1ab/0x220
Modules linked in:
CPU: 1 PID: 34 Comm: khugepaged Not tainted 5.17.0-rc5-next-20220225-syzkaller-09128-g06aeb1495c39 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__mod_memcg_lruvec_state+0x1ab/0x220
Code: bb 13 92 0e 48 c7 c7 a0 b6 d9 89 e8 df cd 95 07 65 c7 05 f4 c8 37 7e 00 00 00 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 <0f> 0b e9 a6 fe ff ff 4c 89 f6 48 c7 c7 60 63 ee 8b e8 0f fb 45 02
RSP: 0018:ffffc90000ab7b68 EFLAGS: 00010202
RAX: 0000000000000206 RBX: 0000000000000200 RCX: ffffffff81aafa53
RDX: 1ffff1100218fa8d RSI: 000000000000001c RDI: ffff888010c7d468
RBP: ffff888010c7d000 R08: 0000000000000001 R09: ffffffff8ba144e7
R10: fffffbfff174289c R11: 0000000000000001 R12: 000000000000001c
R13: ffff888010ee0000 R14: ffff888010ee0000 R15: ffff88813fffa000
FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000c000d65000 CR3: 00000000715dd000 CR4: 0000000000350ee0
Call Trace:
__mod_lruvec_page_state+0x1e5/0x3e0
page_add_new_anon_rmap+0x2e5/0x930
khugepaged+0x5675/0x6720
kthread+0x2e9/0x3a0
ret_from_fork+0x1f/0x30
no interfaces have a carrier
[ 20.828355][ T3171] 8021q: adding VLAN 0 to HW filter on device bond0
[ 20.840765][ T3171] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: [ 21.047117][ T3260] sshd (3260) used greatest stack depth: 22640 bytes left
OK
syzkaller
Warning: Permanently added '10.128.1.91' (ECDSA) to the list of known hosts.
2022/02/28 12:07:20 fuzzer started
2022/02/28 12:07:21 connecting to host at 10.128.0.169:33423
2022/02/28 12:07:21 checking machine...
2022/02/28 12:07:21 checking revisions...
2022/02/28 12:07:21 testing simple program...
syzkaller login: [ 37.290133][ T3598] cgroup: Unknown subsys name 'net'
[ 37.387418][ T3598] cgroup: Unknown subsys name 'rlimit'
[ 38.628462][ T3603] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 38.636658][ T3603] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 38.644052][ T3603] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 38.651790][ T3603] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 38.659288][ T3603] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 38.666635][ T3603] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 38.736490][ T3600] chnl_net:caif_netlink_parms(): no params data found
[ 38.772865][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state
[ 38.780295][ T3600] bridge0: port 1(bridge_slave_0) entered disabled state
[ 38.788197][ T3600] device bridge_slave_0 entered promiscuous mode
[ 38.796885][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state
[ 38.804014][ T3600] bridge0: port 2(bridge_slave_1) entered disabled state
[ 38.811571][ T3600] device bridge_slave_1 entered promiscuous mode
[ 38.828504][ T3600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 38.839306][ T3600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 38.859589][ T3600] team0: Port device team_slave_0 added
[ 38.866877][ T3600] team0: Port device team_slave_1 added
[ 38.881795][ T3600] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 38.888844][ T3600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 38.914993][ T3600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 38.927250][ T3600] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 38.934230][ T3600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 38.960212][ T3600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 38.983611][ T3600] device hsr_slave_0 entered promiscuous mode
[ 38.990223][ T3600] device hsr_slave_1 entered promiscuous mode
[ 39.055392][ T3600] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 39.065842][ T3600] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 39.074737][ T3600] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 39.084419][ T3600] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 39.102007][ T3600] bridge0: port 2(bridge_slave_1) entered blocking state
[ 39.109245][ T3600] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 39.117129][ T3600] bridge0: port 1(bridge_slave_0) entered blocking state
[ 39.124310][ T3600] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 39.160996][ T3600] 8021q: adding VLAN 0 to HW filter on device bond0
[ 39.175239][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 39.184645][ T32] bridge0: port 1(bridge_slave_0) entered disabled state
[ 39.194226][ T32] bridge0: port 2(bridge_slave_1) entered disabled state
[ 39.202032][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[ 39.214301][ T3600] 8021q: adding VLAN 0 to HW filter on device team0
[ 39.223741][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 39.231960][ T6] bridge0: port 1(bridge_slave_0) entered blocking state
[ 39.239045][ T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 39.249223][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 39.258483][ T3610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 39.265575][ T3610] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 39.287522][ T3600] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 39.298393][ T3600] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 39.311605][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 39.320095][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 39.328529][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 39.337009][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 39.345270][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 39.353863][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 39.370404][ T3600] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 39.377950][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 39.385421][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 39.473955][ T3600] device veth0_vlan entered promiscuous mode
[ 39.481293][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 39.490872][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 39.499072][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 39.506712][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 39.516942][ T3600] device veth1_vlan entered promiscuous mode
[ 39.532432][ T3600] device veth0_macvtap entered promiscuous mode
[ 39.540528][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 39.548690][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 39.556913][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 39.565825][ T32] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 39.576128][ T3600] device veth1_macvtap entered promiscuous mode
[ 39.589486][ T3600] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 39.597174][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 39.609510][ T3600] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 39.617139][ T140] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 39.628124][ T3600] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 39.637635][ T3600] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 39.646707][ T3600] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 39.655571][ T3600] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 39.703820][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 39.711763][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 39.723064][ T3610] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 39.734938][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 39.743340][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 39.751668][ T6] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
2022/02/28 12:07:23 building call list...
[ 39.947805][ T8] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
executing program
[ 40.351132][ T34] ------------[ cut here ]------------
[ 40.357012][ T34] WARNING: CPU: 1 PID: 34 at mm/memcontrol.c:749 __mod_memcg_lruvec_state+0x1ab/0x220
[ 40.366748][ T34] Modules linked in:
[ 40.370806][ T34] CPU: 1 PID: 34 Comm: khugepaged Not tainted 5.17.0-rc5-next-20220225-syzkaller-09128-g06aeb1495c39 #0
[ 40.382049][ T34] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 40.392151][ T34] RIP: 0010:__mod_memcg_lruvec_state+0x1ab/0x220
[ 40.398532][ T34] Code: bb 13 92 0e 48 c7 c7 a0 b6 d9 89 e8 df cd 95 07 65 c7 05 f4 c8 37 7e 00 00 00 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 <0f> 0b e9 a6 fe ff ff 4c 89 f6 48 c7 c7 60 63 ee 8b e8 0f fb 45 02
[ 40.418445][ T34] RSP: 0018:ffffc90000ab7b68 EFLAGS: 00010202
[ 40.424597][ T34] RAX: 0000000000000206 RBX: 0000000000000200 RCX: ffffffff81aafa53
[ 40.432626][ T34] RDX: 1ffff1100218fa8d RSI: 000000000000001c RDI: ffff888010c7d468
[ 40.440593][ T34] RBP: ffff888010c7d000 R08: 0000000000000001 R09: ffffffff8ba144e7
[ 40.448613][ T34] R10: fffffbfff174289c R11: 0000000000000001 R12: 000000000000001c
[ 40.456607][ T34] R13: ffff888010ee0000 R14: ffff888010ee0000 R15: ffff88813fffa000
[ 40.464629][ T34] FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
[ 40.473621][ T34] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 40.480204][ T34] CR2: 000000c000d65000 CR3: 00000000715dd000 CR4: 0000000000350ee0
[ 40.488218][ T34] Call Trace:
[ 40.491488][ T34]
[ 40.494460][ T34] __mod_lruvec_page_state+0x1e5/0x3e0
[ 40.499939][ T34] page_add_new_anon_rmap+0x2e5/0x930
[ 40.505374][ T34] khugepaged+0x5675/0x6720
[ 40.509915][ T34] ? collapse_pte_mapped_thp+0xbd0/0xbd0
[ 40.515596][ T34] ? finish_wait+0x270/0x270
[ 40.520191][ T34] ? __kthread_parkme+0xce/0x220
[ 40.525181][ T34] ? lock_downgrade+0x6e0/0x6e0
[ 40.530140][ T34] ? lockdep_hardirqs_on+0x79/0x100
[ 40.535392][ T34] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 40.541644][ T34] ? __kthread_parkme+0x15f/0x220
[ 40.546734][ T34] ? collapse_pte_mapped_thp+0xbd0/0xbd0
[ 40.552491][ T34] kthread+0x2e9/0x3a0
[ 40.556585][ T34] ? kthread_complete_and_exit+0x40/0x40
[ 40.562207][ T34] ret_from_fork+0x1f/0x30
[ 40.566668][ T34]
[ 40.569941][ T34] Kernel panic - not syncing: panic_on_warn set ...
[ 40.576499][ T34] CPU: 1 PID: 34 Comm: khugepaged Not tainted 5.17.0-rc5-next-20220225-syzkaller-09128-g06aeb1495c39 #0
[ 40.587581][ T34] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 40.597914][ T34] Call Trace:
[ 40.601173][ T34]
[ 40.604083][ T34] dump_stack_lvl+0xcd/0x134
[ 40.608678][ T34] panic+0x2d7/0x735
[ 40.612576][ T34] ? __warn_printk+0xf3/0xf3
[ 40.617162][ T34] ? __warn.cold+0x1d1/0x2c5
[ 40.621744][ T34] ? __mod_memcg_lruvec_state+0x1ab/0x220
[ 40.627547][ T34] __warn.cold+0x1e2/0x2c5
[ 40.631968][ T34] ? __mod_memcg_lruvec_state+0x1ab/0x220
[ 40.637686][ T34] report_bug+0x1bd/0x210
[ 40.642016][ T34] handle_bug+0x3c/0x60
[ 40.646157][ T34] exc_invalid_op+0x14/0x40
[ 40.650647][ T34] asm_exc_invalid_op+0x12/0x20
[ 40.655488][ T34] RIP: 0010:__mod_memcg_lruvec_state+0x1ab/0x220
[ 40.661897][ T34] Code: bb 13 92 0e 48 c7 c7 a0 b6 d9 89 e8 df cd 95 07 65 c7 05 f4 c8 37 7e 00 00 00 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 <0f> 0b e9 a6 fe ff ff 4c 89 f6 48 c7 c7 60 63 ee 8b e8 0f fb 45 02
[ 40.681497][ T34] RSP: 0018:ffffc90000ab7b68 EFLAGS: 00010202
[ 40.687558][ T34] RAX: 0000000000000206 RBX: 0000000000000200 RCX: ffffffff81aafa53
[ 40.695517][ T34] RDX: 1ffff1100218fa8d RSI: 000000000000001c RDI: ffff888010c7d468
[ 40.703477][ T34] RBP: ffff888010c7d000 R08: 0000000000000001 R09: ffffffff8ba144e7
[ 40.711437][ T34] R10: fffffbfff174289c R11: 0000000000000001 R12: 000000000000001c
[ 40.719491][ T34] R13: ffff888010ee0000 R14: ffff888010ee0000 R15: ffff88813fffa000
[ 40.727477][ T34] ? __mod_node_page_state+0xf3/0x130
[ 40.732876][ T34] __mod_lruvec_page_state+0x1e5/0x3e0
[ 40.738533][ T34] page_add_new_anon_rmap+0x2e5/0x930
[ 40.744059][ T34] khugepaged+0x5675/0x6720
[ 40.748580][ T34] ? collapse_pte_mapped_thp+0xbd0/0xbd0
[ 40.754302][ T34] ? finish_wait+0x270/0x270
[ 40.758889][ T34] ? __kthread_parkme+0xce/0x220
[ 40.763823][ T34] ? lock_downgrade+0x6e0/0x6e0
[ 40.768682][ T34] ? lockdep_hardirqs_on+0x79/0x100
[ 40.773877][ T34] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 40.780125][ T34] ? __kthread_parkme+0x15f/0x220
[ 40.785160][ T34] ? collapse_pte_mapped_thp+0xbd0/0xbd0
[ 40.790885][ T34] kthread+0x2e9/0x3a0
[ 40.794959][ T34] ? kthread_complete_and_exit+0x40/0x40
[ 40.800606][ T34] ret_from_fork+0x1f/0x30
[ 40.805030][ T34]
[ 40.809071][ T34] Kernel Offset: disabled
[ 40.813889][ T34] Rebooting in 86400 seconds..