syz-executor.2 (6724) used greatest stack depth: 20840 bytes left syz-executor.2 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=0 CPU: 1 PID: 296 Comm: syz-executor.2 Not tainted 6.0.0-rc1-next-20220819 #1 BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 296, name: syz-executor.2 preempt_count: 0, expected: 0 RCU nest depth: 0, expected: 0 2 locks held by syz-executor.2/296: #0: ffff88800fad0308 (&xt[i].mutex){+.+.}-{3:3}, at: xt_find_table_lock+0x136/0x680 #1: ffffffff85482f08 (oom_lock){+.+.}-{3:3}, at: __alloc_pages_slowpath.constprop.0+0xb1e/0x2180 irq event stamp: 1159744 hardirqs last enabled at (1159743): [] __up_console_sem+0x78/0x80 hardirqs last disabled at (1159744): [] dump_stack_lvl+0x2e/0xb3 softirqs last enabled at (1159326): [] __irq_exit_rcu+0x11b/0x180 softirqs last disabled at (1159291): [] __irq_exit_rcu+0x11b/0x180 CPU: 1 PID: 296 Comm: syz-executor.2 Not tainted 6.0.0-rc1-next-20220819 #1 syz-executor.2[296] cmdline: /syz-executor.2 exec Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 __might_resched.cold+0x222/0x26b down_read_killable+0x75/0x490 __access_remote_vm+0xac/0x6f0 get_mm_cmdline.part.0+0x214/0x600 get_task_cmdline_kernel+0x1e9/0x230 dump_stack_print_cmdline.part.0+0x82/0x150 dump_stack_print_info+0x185/0x190 dump_stack_lvl+0x7f/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 __alloc_pages_bulk+0x849/0x10c0 alloc_pages_bulk_array_mempolicy+0x126/0x360 __vmalloc_node_range+0x4ff/0x1400 __vmalloc_node+0xa8/0xf0 do_ipt_get_ctl+0x59a/0x950 nf_getsockopt+0x78/0xd0 ip_getsockopt+0x168/0x1c0 tcp_getsockopt+0x8c/0xd0 __sys_getsockopt+0x14c/0x250 __x64_sys_getsockopt+0xba/0x160 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f79a975413a Code: 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffdf31ed478 EFLAGS: 00000216 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f79a975413a RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007ffdf31ed4a0 R08: 00007ffdf31ed49c R09: ffffffffffff0000 R10: 00007ffdf31ed500 R11: 0000000000000216 R12: 00007ffdf31ed500 R13: 0000000000000003 R14: 00007ffdf31ed49c R15: 00007f79a9835d20 syz-executor.2[296] cmdline: /syz-executor.2 exec Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 __alloc_pages_bulk+0x849/0x10c0 alloc_pages_bulk_array_mempolicy+0x126/0x360 __vmalloc_node_range+0x4ff/0x1400 __vmalloc_node+0xa8/0xf0 do_ipt_get_ctl+0x59a/0x950 nf_getsockopt+0x78/0xd0 ip_getsockopt+0x168/0x1c0 tcp_getsockopt+0x8c/0xd0 __sys_getsockopt+0x14c/0x250 __x64_sys_getsockopt+0xba/0x160 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f79a975413a Code: 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007ffdf31ed478 EFLAGS: 00000216 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f79a975413a RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007ffdf31ed4a0 R08: 00007ffdf31ed49c R09: ffffffffffff0000 R10: 00007ffdf31ed500 R11: 0000000000000216 R12: 00007ffdf31ed500 R13: 0000000000000003 R14: 00007ffdf31ed49c R15: 00007f79a9835d20 Mem-Info: active_anon:6116 inactive_anon:248312 isolated_anon:0 active_file:2 inactive_file:7 isolated_file:1 unevictable:11366 dirty:0 writeback:0 slab_reclaimable:9017 slab_unreclaimable:57966 mapped:73428 shmem:206879 pagetables:1316 bounce:0 kernel_misc_reclaimable:0 free:3251 free_pcp:24 free_cma:0 Node 0 active_anon:24464kB inactive_anon:993248kB active_file:8kB inactive_file:28kB unevictable:45464kB isolated(anon):0kB isolated(file):4kB mapped:293712kB dirty:0kB writeback:0kB shmem:827516kB writeback_tmp:0kB kernel_stack:4096kB pagetables:5264kB all_unreclaimable? no Node 0 DMA free:6492kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:8240kB active_file:0kB inactive_file:0kB unevictable:456kB writepending:0kB present:15992kB managed:15360kB mlocked:456kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1613 1613 1613 Node 0 DMA32 free:6512kB boost:0kB min:5116kB low:6764kB high:8412kB reserved_highatomic:2048KB active_anon:24464kB inactive_anon:985092kB active_file:164kB inactive_file:300kB unevictable:44420kB writepending:0kB present:2080640kB managed:1656164kB mlocked:44420kB bounce:0kB free_pcp:88kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 7*4kB (UM) 0*8kB 2*16kB (UM) 5*32kB (UME) 4*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 2*1024kB (ME) 1*2048kB (E) 0*4096kB = 6492kB Node 0 DMA32: 242*4kB (UME) 216*8kB (UMEH) 22*16kB (UME) 82*32kB (UMEH) 16*64kB (UME) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6824kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 207232 total pagecache pages 0 pages in swap cache Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 106277 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz2,mems_allowed=0,global_oom,task_memcg=/syz2,task=syz-executor.2,pid=296,uid=0 Out of memory (oom_kill_allocating_task): Killed process 296 (syz-executor.2) total-vm:93280kB, anon-rss:384kB, file-rss:35460kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:0 syz-executor.7 invoked oom-killer: gfp_mask=0x140dca(GFP_HIGHUSER_MOVABLE|__GFP_COMP|__GFP_ZERO), order=0, oom_score_adj=1000 CPU: 1 PID: 6715 Comm: syz-executor.7 Tainted: G W 6.0.0-rc1-next-20220819 #1 ============================================ WARNING: possible recursive locking detected 6.0.0-rc1-next-20220819 #1 Tainted: G W -------------------------------------------- syz-executor.7/6715 is trying to acquire lock: ffff8880085a7128 (&mm->mmap_lock#2){++++}-{3:3}, at: __access_remote_vm+0xac/0x6f0 but task is already holding lock: ffff8880085a7128 (&mm->mmap_lock#2){++++}-{3:3}, at: __mm_populate+0x25f/0x3d0 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&mm->mmap_lock#2); lock(&mm->mmap_lock#2); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by syz-executor.7/6715: #0: ffff8880085a7128 (&mm->mmap_lock#2){++++}-{3:3}, at: __mm_populate+0x25f/0x3d0 #1: ffffffff85482f08 (oom_lock){+.+.}-{3:3}, at: __alloc_pages_slowpath.constprop.0+0xb1e/0x2180 stack backtrace: CPU: 1 PID: 6715 Comm: syz-executor.7 Tainted: G W 6.0.0-rc1-next-20220819 #1 syz-executor.7[6715] cmdline: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 __lock_acquire.cold+0x178/0x3bd lock_acquire+0x1a2/0x530 down_read_killable+0x9b/0x490 __access_remote_vm+0xac/0x6f0 get_mm_cmdline.part.0+0x214/0x600 get_task_cmdline_kernel+0x1e9/0x230 dump_stack_print_cmdline.part.0+0x82/0x150 dump_stack_print_info+0x185/0x190 dump_stack_lvl+0x7f/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 vma_alloc_folio+0xde/0x480 __handle_mm_fault+0x103d/0x34e0 handle_mm_fault+0x2e6/0xa20 __get_user_pages+0x4f3/0x1150 populate_vma_page_range+0x23d/0x320 __mm_populate+0x1ea/0x3d0 __do_sys_mlockall+0x414/0x4a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fbefa9eeb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbef7f64188 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 RAX: ffffffffffffffda RBX: 00007fbefab01f60 RCX: 00007fbefa9eeb19 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007fbefaa48f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffb81062af R14: 00007fbef7f64300 R15: 0000000000022000 BUG: using __this_cpu_add_return() in preemptible [00000000] code: syz-executor.7/6715 caller is lock_acquire+0x1b2/0x530 CPU: 1 PID: 6715 Comm: syz-executor.7 Tainted: G W 6.0.0-rc1-next-20220819 #1 BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1521 in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 6715, name: syz-executor.7 preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 INFO: lockdep is turned off. irq event stamp: 53659 hardirqs last enabled at (53659): [] finish_task_switch.isra.0+0x22d/0x8a0 hardirqs last disabled at (53658): [] dump_stack_lvl+0x2e/0xb3 softirqs last enabled at (53652): [] __irq_exit_rcu+0x11b/0x180 softirqs last disabled at (53631): [] __irq_exit_rcu+0x11b/0x180 Preemption disabled at: [] __wake_up_klogd.part.0+0x17/0xf0 CPU: 1 PID: 6715 Comm: syz-executor.7 Tainted: G W 6.0.0-rc1-next-20220819 #1 syz-executor.7[6715] cmdline: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 __might_resched.cold+0x222/0x26b down_read_killable+0x75/0x490 __access_remote_vm+0xac/0x6f0 get_mm_cmdline.part.0+0x214/0x600 get_task_cmdline_kernel+0x1e9/0x230 dump_stack_print_cmdline.part.0+0x82/0x150 dump_stack_print_info+0x185/0x190 dump_stack_lvl+0x7f/0xb3 check_preemption_disabled+0x16f/0x180 lock_acquire+0x1b2/0x530 down_read_killable+0x9b/0x490 __access_remote_vm+0xac/0x6f0 get_mm_cmdline.part.0+0x214/0x600 get_task_cmdline_kernel+0x1e9/0x230 dump_stack_print_cmdline.part.0+0x82/0x150 dump_stack_print_info+0x185/0x190 dump_stack_lvl+0x7f/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 vma_alloc_folio+0xde/0x480 __handle_mm_fault+0x103d/0x34e0 handle_mm_fault+0x2e6/0xa20 __get_user_pages+0x4f3/0x1150 populate_vma_page_range+0x23d/0x320 __mm_populate+0x1ea/0x3d0 __do_sys_mlockall+0x414/0x4a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fbefa9eeb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbef7f64188 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 RAX: ffffffffffffffda RBX: 00007fbefab01f60 RCX: 00007fbefa9eeb19 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007fbefaa48f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffb81062af R14: 00007fbef7f64300 R15: 0000000000022000 syz-executor.7[6715] cmdline: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 check_preemption_disabled+0x16f/0x180 lock_acquire+0x1b2/0x530 down_read_killable+0x9b/0x490 __access_remote_vm+0xac/0x6f0 get_mm_cmdline.part.0+0x214/0x600 get_task_cmdline_kernel+0x1e9/0x230 dump_stack_print_cmdline.part.0+0x82/0x150 dump_stack_print_info+0x185/0x190 dump_stack_lvl+0x7f/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 vma_alloc_folio+0xde/0x480 __handle_mm_fault+0x103d/0x34e0 handle_mm_fault+0x2e6/0xa20 __get_user_pages+0x4f3/0x1150 populate_vma_page_range+0x23d/0x320 __mm_populate+0x1ea/0x3d0 __do_sys_mlockall+0x414/0x4a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fbefa9eeb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbef7f64188 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 RAX: ffffffffffffffda RBX: 00007fbefab01f60 RCX: 00007fbefa9eeb19 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007fbefaa48f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffb81062af R14: 00007fbef7f64300 R15: 0000000000022000 syz-executor.7[6715] cmdline: Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014 Call Trace: dump_stack_lvl+0x8b/0xb3 dump_header+0x10b/0x7e4 oom_kill_process.cold+0x10/0x15 out_of_memory+0x11eb/0x14b0 __alloc_pages_slowpath.constprop.0+0x1a76/0x2180 __alloc_pages+0x428/0x500 vma_alloc_folio+0xde/0x480 __handle_mm_fault+0x103d/0x34e0 handle_mm_fault+0x2e6/0xa20 __get_user_pages+0x4f3/0x1150 populate_vma_page_range+0x23d/0x320 __mm_populate+0x1ea/0x3d0 __do_sys_mlockall+0x414/0x4a0 do_syscall_64+0x3b/0x90 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7fbefa9eeb19 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbef7f64188 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 RAX: ffffffffffffffda RBX: 00007fbefab01f60 RCX: 00007fbefa9eeb19 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 RBP: 00007fbefaa48f6d R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fffb81062af R14: 00007fbef7f64300 R15: 0000000000022000 Mem-Info: active_anon:6116 inactive_anon:248288 isolated_anon:0 active_file:8 inactive_file:0 isolated_file:2 unevictable:11437 dirty:1 writeback:0 slab_reclaimable:8963 slab_unreclaimable:57909 mapped:73418 shmem:206910 pagetables:1279 bounce:0 kernel_misc_reclaimable:0 free:3216 free_pcp:265 free_cma:0 Node 0 active_anon:24464kB inactive_anon:993152kB active_file:32kB inactive_file:0kB unevictable:45748kB isolated(anon):0kB isolated(file):8kB mapped:293672kB dirty:4kB writeback:0kB shmem:827640kB writeback_tmp:0kB kernel_stack:4000kB pagetables:5116kB all_unreclaimable? yes Node 0 DMA free:6492kB boost:0kB min:44kB low:56kB high:68kB reserved_highatomic:0KB active_anon:0kB inactive_anon:8240kB active_file:0kB inactive_file:0kB unevictable:464kB writepending:0kB present:15992kB managed:15360kB mlocked:464kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 1613 1613 1613 Node 0 DMA32 free:6372kB boost:0kB min:5116kB low:6764kB high:8412kB reserved_highatomic:2048KB active_anon:24464kB inactive_anon:984912kB active_file:32kB inactive_file:0kB unevictable:45284kB writepending:4kB present:2080640kB managed:1656164kB mlocked:45284kB bounce:0kB free_pcp:1060kB local_pcp:960kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 5*4kB (UM) 1*8kB (U) 2*16kB (UM) 5*32kB (UME) 4*64kB (UME) 3*128kB (UME) 2*256kB (ME) 2*512kB (UE) 2*1024kB (ME) 1*2048kB (E) 0*4096kB = 6492kB Node 0 DMA32: 197*4kB (UE) 220*8kB (UEH) 21*16kB (ME) 73*32kB (UMEH) 16*64kB (UME) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6372kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 207215 total pagecache pages 0 pages in swap cache Free swap = 0kB Total swap = 0kB 524158 pages RAM 0 pages HighMem/MovableOnly 106277 pages reserved oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=syz7,mems_allowed=0,global_oom,task_memcg=/syz7,task=syz-executor.7,pid=6715,uid=0 Out of memory (oom_kill_allocating_task): Killed process 6715 (syz-executor.7) total-vm:93412kB, anon-rss:15728kB, file-rss:35676kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000