INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.27' (ECDSA) to the list of known hosts. syzkaller login: [ 32.487952] IPVS: ftp: loaded support on port[0] = 21 executing program [ 32.513256] IPVS: ftp: loaded support on port[0] = 21 [ 32.530837] FAULT_INJECTION: forcing a failure. [ 32.530837] name failslab, interval 1, probability 0, space 0, times 1 [ 32.538446] IPVS: ftp: loaded support on port[0] = 21 [ 32.542131] CPU: 1 PID: 4476 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 executing program [ 32.554646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.563982] Call Trace: [ 32.566547] dump_stack+0x194/0x24d [ 32.570236] ? arch_local_irq_restore+0x53/0x53 [ 32.574887] should_fail+0x8c0/0xa40 [ 32.578599] ? unwind_next_frame.part.6+0x1a6/0xb40 [ 32.580122] FAULT_INJECTION: forcing a failure. [ 32.580122] name failslab, interval 1, probability 0, space 0, times 1 [ 32.583590] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 32.583598] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 32.583604] ? __lock_acquire+0x664/0x3e00 [ 32.583609] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 32.583615] ? find_held_lock+0x35/0x1d0 [ 32.583622] ? __lock_is_held+0xb6/0x140 [ 32.583632] ? check_same_owner+0x320/0x320 [ 32.583637] ? __d_lookup+0x4f4/0x830 [ 32.583644] ? rcu_note_context_switch+0x710/0x710 [ 32.583652] should_failslab+0xec/0x120 [ 32.583659] kmem_cache_alloc+0x47/0x760 [ 32.583667] __d_alloc+0xc1/0xbd0 [ 32.583673] ? shrink_dcache_for_umount+0x290/0x290 [ 32.583678] ? d_alloc_parallel+0x1b40/0x1b40 [ 32.583684] ? lock_release+0xa40/0xa40 [ 32.583691] ? mark_held_locks+0xaf/0x100 [ 32.583695] ? d_lookup+0x133/0x2e0 [ 32.583701] ? d_lookup+0x1d5/0x2e0 [ 32.583707] d_alloc+0x8e/0x340 [ 32.583711] ? __d_alloc+0xbd0/0xbd0 [ 32.583717] ? full_name_hash+0x9b/0xe0 [ 32.583727] __rpc_lookup_create_exclusive+0x183/0x1d0 [ 32.583731] ? rpc_d_lookup_sb+0x1a0/0x1a0 [ 32.583745] rpc_populate.constprop.15+0xa3/0x340 [ 32.583756] rpc_fill_super+0x379/0xae0 [ 32.583764] ? cap_capable+0x1b5/0x230 [ 32.583769] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 32.583775] ? security_capable+0x8e/0xc0 [ 32.583780] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 32.583787] ? ns_capable_common+0xcf/0x160 [ 32.583793] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 32.583798] mount_ns+0xc4/0x190 [ 32.583804] rpc_mount+0x9e/0xd0 [ 32.583809] mount_fs+0x66/0x2d0 [ 32.583816] vfs_kern_mount.part.26+0xc6/0x4a0 [ 32.583821] ? may_umount+0xa0/0xa0 [ 32.583827] ? _raw_read_unlock+0x22/0x30 [ 32.583832] ? __get_fs_type+0x8a/0xc0 [ 32.583838] do_mount+0xea4/0x2bb0 [ 32.583844] ? __might_fault+0x110/0x1d0 [ 32.583851] ? copy_mount_string+0x40/0x40 [ 32.583855] ? check_same_owner+0x320/0x320 [ 32.583860] ? __check_object_size+0x8b/0x530 [ 32.583868] ? __might_sleep+0x95/0x190 [ 32.779591] ? kasan_check_write+0x14/0x20 [ 32.783800] ? _copy_from_user+0x99/0x110 [ 32.787925] ? memdup_user+0x5e/0x90 [ 32.791616] ? copy_mount_options+0x1f7/0x2e0 [ 32.796092] SyS_mount+0xab/0x120 [ 32.799528] ? copy_mnt_ns+0xb30/0xb30 [ 32.803393] do_syscall_64+0x281/0x940 [ 32.807253] ? vmalloc_sync_all+0x30/0x30 [ 32.811380] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 32.816110] ? syscall_return_slowpath+0x550/0x550 [ 32.821013] ? syscall_return_slowpath+0x2ac/0x550 [ 32.825917] ? prepare_exit_to_usermode+0x350/0x350 [ 32.830907] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 32.836246] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.841065] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 32.846226] RIP: 0033:0x442d59 [ 32.849395] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 32.857075] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 executing program [ 32.864317] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 32.871561] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 32.878804] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 32.886133] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 32.893390] CPU: 0 PID: 4478 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 32.898115] IPVS: ftp: loaded support on port[0] = 21 [ 32.900759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.900762] Call Trace: [ 32.900774] dump_stack+0x194/0x24d [ 32.900781] ? arch_local_irq_restore+0x53/0x53 [ 32.907345] FAULT_INJECTION: forcing a failure. [ 32.907345] name failslab, interval 1, probability 0, space 0, times 0 [ 32.915300] should_fail+0x8c0/0xa40 [ 32.915309] ? unwind_next_frame.part.6+0x1a6/0xb40 [ 32.915315] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 32.951015] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 32.956190] ? __lock_acquire+0x664/0x3e00 [ 32.960401] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 32.965572] ? find_held_lock+0x35/0x1d0 [ 32.969782] ? __lock_is_held+0xb6/0x140 [ 32.973820] ? check_same_owner+0x320/0x320 [ 32.978114] ? __d_lookup+0x4f4/0x830 [ 32.981892] ? rcu_note_context_switch+0x710/0x710 [ 32.986796] should_failslab+0xec/0x120 [ 32.990745] kmem_cache_alloc+0x47/0x760 [ 32.994787] __d_alloc+0xc1/0xbd0 [ 32.998217] ? shrink_dcache_for_umount+0x290/0x290 [ 33.003214] ? d_alloc_parallel+0x1b40/0x1b40 [ 33.007684] ? lock_release+0xa40/0xa40 [ 33.011631] ? mark_held_locks+0xaf/0x100 [ 33.015752] ? d_lookup+0x133/0x2e0 [ 33.019351] ? d_lookup+0x1d5/0x2e0 [ 33.023036] d_alloc+0x8e/0x340 [ 33.026298] ? __d_alloc+0xbd0/0xbd0 [ 33.029984] ? full_name_hash+0x9b/0xe0 [ 33.033941] __rpc_lookup_create_exclusive+0x183/0x1d0 [ 33.039191] ? rpc_d_lookup_sb+0x1a0/0x1a0 [ 33.043405] rpc_populate.constprop.15+0xa3/0x340 [ 33.048224] rpc_fill_super+0x379/0xae0 [ 33.052175] ? cap_capable+0x1b5/0x230 [ 33.056041] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.061764] ? security_capable+0x8e/0xc0 [ 33.065889] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.071051] ? ns_capable_common+0xcf/0x160 [ 33.075353] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.080514] mount_ns+0xc4/0x190 [ 33.083857] rpc_mount+0x9e/0xd0 [ 33.087205] mount_fs+0x66/0x2d0 [ 33.090546] vfs_kern_mount.part.26+0xc6/0x4a0 [ 33.095101] ? may_umount+0xa0/0xa0 [ 33.098699] ? _raw_read_unlock+0x22/0x30 [ 33.102822] ? __get_fs_type+0x8a/0xc0 [ 33.106682] do_mount+0xea4/0x2bb0 [ 33.110194] ? __might_fault+0x110/0x1d0 [ 33.114227] ? copy_mount_string+0x40/0x40 [ 33.118436] ? check_same_owner+0x320/0x320 [ 33.122733] ? __check_object_size+0x8b/0x530 [ 33.127290] ? __might_sleep+0x95/0x190 [ 33.131241] ? kasan_check_write+0x14/0x20 [ 33.135450] ? _copy_from_user+0x99/0x110 [ 33.139572] ? memdup_user+0x5e/0x90 [ 33.143257] ? copy_mount_options+0x1f7/0x2e0 [ 33.147728] SyS_mount+0xab/0x120 [ 33.151327] ? copy_mnt_ns+0xb30/0xb30 [ 33.155187] do_syscall_64+0x281/0x940 [ 33.159053] ? vmalloc_sync_all+0x30/0x30 [ 33.163174] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 33.167900] ? syscall_return_slowpath+0x550/0x550 [ 33.172802] ? syscall_return_slowpath+0x2ac/0x550 [ 33.177802] ? prepare_exit_to_usermode+0x350/0x350 [ 33.182804] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 33.188401] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 33.193225] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 33.198473] RIP: 0033:0x442d59 [ 33.201639] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 33.209321] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 33.216757] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 33.224003] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 33.231247] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 33.238592] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 33.245849] CPU: 1 PID: 4477 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 33.248058] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 33.253208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.253212] Call Trace: [ 33.253224] dump_stack+0x194/0x24d [ 33.253230] ? arch_local_irq_restore+0x53/0x53 [ 33.253240] should_fail+0x8c0/0xa40 [ 33.253246] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 33.253255] ? __lock_is_held+0xb6/0x140 [ 33.262239] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 33.269971] ? mark_held_locks+0xaf/0x100 [ 33.269978] ? __raw_spin_lock_init+0x1c/0x100 [ 33.269984] ? find_held_lock+0x35/0x1d0 [ 33.269990] ? __lock_is_held+0xb6/0x140 [ 33.269999] ? check_same_owner+0x320/0x320 [ 33.270005] ? d_alloc+0x269/0x340 [ 33.270011] ? rcu_note_context_switch+0x710/0x710 [ 33.270015] ? lock_release+0xa40/0xa40 [ 33.270023] should_failslab+0xec/0x120 [ 33.270030] kmem_cache_alloc+0x47/0x760 [ 33.270035] ? d_drop+0x51/0x60 [ 33.270045] ? rpc_i_callback+0x30/0x30 [ 33.292921] IPVS: ftp: loaded support on port[0] = 21 [ 33.293724] rpc_alloc_inode+0x1a/0x20 [ 33.293730] alloc_inode+0x65/0x180 [ 33.293735] new_inode_pseudo+0x69/0x190 [ 33.293742] ? prune_icache_sb+0x1a0/0x1a0 [ 33.343099] IPVS: ftp: loaded support on port[0] = 21 [ 33.346351] ? do_raw_spin_trylock+0x190/0x190 [ 33.346357] ? d_add+0xa70/0xa70 [ 33.346365] new_inode+0x1c/0x40 [ 33.346373] rpc_get_inode+0x20/0x1e0 [ 33.353798] FAULT_INJECTION: forcing a failure. [ 33.353798] name failslab, interval 1, probability 0, space 0, times 0 [ 33.355522] __rpc_create_common+0x5d/0x1d0 [ 33.355529] rpc_populate.constprop.15+0x1ad/0x340 [ 33.355537] rpc_fill_super+0x379/0xae0 [ 33.355545] ? cap_capable+0x1b5/0x230 [ 33.355551] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.355557] ? security_capable+0x8e/0xc0 [ 33.355563] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.355570] ? ns_capable_common+0xcf/0x160 [ 33.439217] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.444380] mount_ns+0xc4/0x190 [ 33.447722] rpc_mount+0x9e/0xd0 [ 33.451164] mount_fs+0x66/0x2d0 [ 33.454505] vfs_kern_mount.part.26+0xc6/0x4a0 [ 33.459091] ? may_umount+0xa0/0xa0 [ 33.462692] ? _raw_read_unlock+0x22/0x30 [ 33.466812] ? __get_fs_type+0x8a/0xc0 [ 33.470848] do_mount+0xea4/0x2bb0 [ 33.474359] ? __might_fault+0x110/0x1d0 [ 33.478404] ? copy_mount_string+0x40/0x40 [ 33.483043] ? check_same_owner+0x320/0x320 [ 33.487345] ? __check_object_size+0x8b/0x530 [ 33.491813] ? __might_sleep+0x95/0x190 [ 33.495762] ? kasan_check_write+0x14/0x20 [ 33.499969] ? _copy_from_user+0x99/0x110 [ 33.504093] ? memdup_user+0x5e/0x90 [ 33.507886] ? copy_mount_options+0x1f7/0x2e0 [ 33.512355] SyS_mount+0xab/0x120 [ 33.515786] ? copy_mnt_ns+0xb30/0xb30 [ 33.519644] do_syscall_64+0x281/0x940 [ 33.523508] ? vmalloc_sync_all+0x30/0x30 [ 33.527628] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 33.532364] ? syscall_return_slowpath+0x550/0x550 [ 33.537267] ? syscall_return_slowpath+0x2ac/0x550 [ 33.542176] ? prepare_exit_to_usermode+0x350/0x350 [ 33.547168] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 33.552942] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 33.557856] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 33.563028] RIP: 0033:0x442d59 [ 33.566188] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 33.573867] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 33.581109] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 33.588352] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 33.595595] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 33.602934] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 33.610188] CPU: 0 PID: 4481 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 executing program executing program [ 33.610681] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry portmap [ 33.617552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.617556] Call Trace: [ 33.617568] dump_stack+0x194/0x24d [ 33.617575] ? arch_local_irq_restore+0x53/0x53 [ 33.617581] ? __save_stack_trace+0x7e/0xd0 [ 33.617590] should_fail+0x8c0/0xa40 [ 33.630910] FAULT_INJECTION: forcing a failure. [ 33.630910] name failslab, interval 1, probability 0, space 0, times 0 [ 33.636011] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 33.636019] ? kasan_kmalloc+0xad/0xe0 [ 33.636023] ? kmem_cache_alloc_trace+0x136/0x740 [ 33.636029] ? __memcg_init_list_lru_node+0x169/0x270 [ 33.636035] ? __list_lru_init+0x544/0x750 [ 33.689822] ? sget_userns+0x6b1/0xe40 [ 33.693684] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 33.698412] ? do_mount+0xea4/0x2bb0 [ 33.702096] ? SyS_mount+0xab/0x120 [ 33.705715] ? do_syscall_64+0x281/0x940 [ 33.709761] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 33.715101] ? find_held_lock+0x35/0x1d0 [ 33.719139] ? __lock_is_held+0xb6/0x140 [ 33.723175] ? check_same_owner+0x320/0x320 [ 33.727471] ? rcu_note_context_switch+0x710/0x710 [ 33.732374] should_failslab+0xec/0x120 [ 33.736332] kmem_cache_alloc_trace+0x4b/0x740 [ 33.740892] ? __kmalloc_node+0x33/0x70 [ 33.744838] ? __kmalloc_node+0x33/0x70 [ 33.748783] ? rcu_read_lock_sched_held+0x108/0x120 [ 33.753776] __memcg_init_list_lru_node+0x169/0x270 [ 33.758766] ? list_lru_add+0x7c0/0x7c0 [ 33.762710] ? __kmalloc_node+0x47/0x70 [ 33.766659] __list_lru_init+0x544/0x750 [ 33.770696] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 33.776721] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 33.781711] ? lockdep_init_map+0x9/0x10 [ 33.785744] sget_userns+0x6b1/0xe40 [ 33.789429] ? set_anon_super+0x20/0x20 [ 33.793377] ? put_filp+0x90/0x90 [ 33.796802] ? destroy_unused_super.part.6+0xd0/0xd0 [ 33.801877] ? alloc_vfsmnt+0x762/0x9c0 [ 33.805825] ? path_lookupat+0x238/0xba0 [ 33.809864] ? mnt_free_id.isra.21+0x50/0x50 [ 33.814246] ? trace_hardirqs_off+0x10/0x10 [ 33.818540] ? putname+0xee/0x130 [ 33.821969] ? cap_capable+0x1b5/0x230 [ 33.825840] ? security_capable+0x8e/0xc0 [ 33.829964] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.835236] ? ns_capable_common+0xcf/0x160 [ 33.839530] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 33.844692] mount_ns+0x6d/0x190 [ 33.848031] rpc_mount+0x9e/0xd0 [ 33.851370] mount_fs+0x66/0x2d0 [ 33.854708] vfs_kern_mount.part.26+0xc6/0x4a0 [ 33.859262] ? may_umount+0xa0/0xa0 [ 33.862863] ? _raw_read_unlock+0x22/0x30 [ 33.866985] ? __get_fs_type+0x8a/0xc0 [ 33.870847] do_mount+0xea4/0x2bb0 [ 33.874358] ? __might_fault+0x110/0x1d0 [ 33.878393] ? copy_mount_string+0x40/0x40 [ 33.882599] ? check_same_owner+0x320/0x320 [ 33.886895] ? __check_object_size+0x8b/0x530 [ 33.891539] ? __might_sleep+0x95/0x190 [ 33.895488] ? kasan_check_write+0x14/0x20 [ 33.899704] ? _copy_from_user+0x99/0x110 [ 33.903827] ? memdup_user+0x5e/0x90 [ 33.907521] ? copy_mount_options+0x1f7/0x2e0 [ 33.911988] SyS_mount+0xab/0x120 [ 33.915413] ? copy_mnt_ns+0xb30/0xb30 [ 33.919282] do_syscall_64+0x281/0x940 [ 33.923149] ? vmalloc_sync_all+0x30/0x30 [ 33.927275] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 33.932004] ? syscall_return_slowpath+0x550/0x550 [ 33.936905] ? syscall_return_slowpath+0x2ac/0x550 [ 33.941814] ? prepare_exit_to_usermode+0x350/0x350 [ 33.946812] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 33.952325] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 33.957142] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 33.962312] RIP: 0033:0x442d59 [ 33.965477] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 33.973160] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 33.980403] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 33.987646] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 33.994891] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 34.002134] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 34.009398] CPU: 1 PID: 4482 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 34.016768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.026191] Call Trace: [ 34.028758] dump_stack+0x194/0x24d [ 34.032365] ? arch_local_irq_restore+0x53/0x53 [ 34.037925] ? __save_stack_trace+0x7e/0xd0 [ 34.042234] should_fail+0x8c0/0xa40 [ 34.046792] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 34.051872] ? kasan_kmalloc+0xad/0xe0 [ 34.055732] ? kmem_cache_alloc_trace+0x136/0x740 [ 34.060546] ? __memcg_init_list_lru_node+0x169/0x270 [ 34.065725] ? __list_lru_init+0x544/0x750 [ 34.069934] ? sget_userns+0x6b1/0xe40 [ 34.073796] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 34.078526] ? do_mount+0xea4/0x2bb0 [ 34.082218] ? SyS_mount+0xab/0x120 [ 34.085817] ? do_syscall_64+0x281/0x940 [ 34.089852] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.095207] ? find_held_lock+0x35/0x1d0 [ 34.099250] ? __lock_is_held+0xb6/0x140 [ 34.103303] ? check_same_owner+0x320/0x320 [ 34.107598] ? rcu_note_context_switch+0x710/0x710 [ 34.112503] should_failslab+0xec/0x120 [ 34.116459] kmem_cache_alloc_trace+0x4b/0x740 [ 34.121013] ? __kmalloc_node+0x33/0x70 [ 34.124958] ? __kmalloc_node+0x33/0x70 [ 34.128902] ? rcu_read_lock_sched_held+0x108/0x120 [ 34.133905] __memcg_init_list_lru_node+0x169/0x270 [ 34.138893] ? list_lru_add+0x7c0/0x7c0 [ 34.142856] ? __kmalloc_node+0x47/0x70 [ 34.146803] __list_lru_init+0x544/0x750 [ 34.150839] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 34.156696] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 34.161686] ? lockdep_init_map+0x9/0x10 [ 34.165733] sget_userns+0x6b1/0xe40 [ 34.169418] ? set_anon_super+0x20/0x20 [ 34.173363] ? put_filp+0x90/0x90 [ 34.176796] ? destroy_unused_super.part.6+0xd0/0xd0 [ 34.181873] ? alloc_vfsmnt+0x762/0x9c0 [ 34.185820] ? path_lookupat+0x238/0xba0 [ 34.189853] ? mnt_free_id.isra.21+0x50/0x50 [ 34.194233] ? trace_hardirqs_off+0x10/0x10 [ 34.198530] ? putname+0xee/0x130 [ 34.201957] ? cap_capable+0x1b5/0x230 [ 34.205825] ? security_capable+0x8e/0xc0 [ 34.209955] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.215117] ? ns_capable_common+0xcf/0x160 [ 34.219425] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.224588] mount_ns+0x6d/0x190 [ 34.227927] rpc_mount+0x9e/0xd0 [ 34.231268] mount_fs+0x66/0x2d0 [ 34.234607] vfs_kern_mount.part.26+0xc6/0x4a0 [ 34.239161] ? may_umount+0xa0/0xa0 [ 34.242760] ? _raw_read_unlock+0x22/0x30 [ 34.246888] ? __get_fs_type+0x8a/0xc0 [ 34.250749] do_mount+0xea4/0x2bb0 [ 34.254268] ? __might_fault+0x110/0x1d0 [ 34.258575] ? copy_mount_string+0x40/0x40 [ 34.262820] ? check_same_owner+0x320/0x320 [ 34.267139] ? __check_object_size+0x8b/0x530 [ 34.271611] ? __might_sleep+0x95/0x190 [ 34.275559] ? kasan_check_write+0x14/0x20 [ 34.279766] ? _copy_from_user+0x99/0x110 [ 34.283887] ? memdup_user+0x5e/0x90 [ 34.287581] ? copy_mount_options+0x1f7/0x2e0 [ 34.292052] SyS_mount+0xab/0x120 [ 34.295564] ? copy_mnt_ns+0xb30/0xb30 [ 34.299423] do_syscall_64+0x281/0x940 [ 34.303281] ? vmalloc_sync_all+0x30/0x30 [ 34.307401] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 34.312128] ? syscall_return_slowpath+0x550/0x550 [ 34.317149] ? syscall_return_slowpath+0x2ac/0x550 [ 34.322048] ? prepare_exit_to_usermode+0x350/0x350 [ 34.327038] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 34.332374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.337194] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.342364] RIP: 0033:0x442d59 [ 34.345527] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 34.353208] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 34.360449] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 executing program executing program [ 34.367690] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 34.374944] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 34.382189] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 34.402489] FAULT_INJECTION: forcing a failure. [ 34.402489] name failslab, interval 1, probability 0, space 0, times 0 [ 34.411007] IPVS: ftp: loaded support on port[0] = 21 executing program [ 34.413728] CPU: 0 PID: 4484 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 34.426215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.428484] FAULT_INJECTION: forcing a failure. [ 34.428484] name failslab, interval 1, probability 0, space 0, times 0 [ 34.435555] Call Trace: [ 34.435569] dump_stack+0x194/0x24d [ 34.435575] ? arch_local_irq_restore+0x53/0x53 [ 34.435581] ? __save_stack_trace+0x7e/0xd0 [ 34.435592] should_fail+0x8c0/0xa40 [ 34.465641] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 34.470723] ? kasan_kmalloc+0xad/0xe0 [ 34.474581] ? kmem_cache_alloc_trace+0x136/0x740 [ 34.479399] ? __memcg_init_list_lru_node+0x169/0x270 [ 34.484588] ? __list_lru_init+0x544/0x750 [ 34.488800] ? sget_userns+0x6b1/0xe40 [ 34.492659] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 34.497387] ? do_mount+0xea4/0x2bb0 [ 34.501074] ? SyS_mount+0xab/0x120 [ 34.504675] ? do_syscall_64+0x281/0x940 [ 34.508713] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.514050] ? find_held_lock+0x35/0x1d0 [ 34.518087] ? __lock_is_held+0xb6/0x140 [ 34.522135] ? check_same_owner+0x320/0x320 [ 34.526453] ? rcu_note_context_switch+0x710/0x710 [ 34.531369] should_failslab+0xec/0x120 [ 34.535325] kmem_cache_alloc_trace+0x4b/0x740 [ 34.539890] ? __kmalloc_node+0x33/0x70 [ 34.543841] ? __kmalloc_node+0x33/0x70 [ 34.547801] ? rcu_read_lock_sched_held+0x108/0x120 [ 34.552796] __memcg_init_list_lru_node+0x169/0x270 [ 34.557785] ? list_lru_add+0x7c0/0x7c0 [ 34.561730] ? __kmalloc_node+0x47/0x70 [ 34.566529] __list_lru_init+0x544/0x750 [ 34.570565] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 34.576423] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 34.581414] ? lockdep_init_map+0x9/0x10 [ 34.585449] sget_userns+0x6b1/0xe40 [ 34.589135] ? set_anon_super+0x20/0x20 [ 34.593087] ? put_filp+0x90/0x90 [ 34.596515] ? destroy_unused_super.part.6+0xd0/0xd0 [ 34.601592] ? alloc_vfsmnt+0x762/0x9c0 [ 34.605537] ? path_lookupat+0x238/0xba0 [ 34.609571] ? mnt_free_id.isra.21+0x50/0x50 [ 34.613954] ? trace_hardirqs_off+0x10/0x10 [ 34.618249] ? putname+0xee/0x130 [ 34.621679] ? cap_capable+0x1b5/0x230 [ 34.625544] ? security_capable+0x8e/0xc0 [ 34.629668] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.634838] ? ns_capable_common+0xcf/0x160 [ 34.639151] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.644316] mount_ns+0x6d/0x190 [ 34.647656] rpc_mount+0x9e/0xd0 [ 34.651004] mount_fs+0x66/0x2d0 [ 34.654344] vfs_kern_mount.part.26+0xc6/0x4a0 [ 34.658902] ? may_umount+0xa0/0xa0 [ 34.662509] ? _raw_read_unlock+0x22/0x30 [ 34.666635] ? __get_fs_type+0x8a/0xc0 [ 34.670501] do_mount+0xea4/0x2bb0 [ 34.674012] ? __might_fault+0x110/0x1d0 [ 34.678046] ? copy_mount_string+0x40/0x40 [ 34.682255] ? check_same_owner+0x320/0x320 [ 34.686558] ? __check_object_size+0x8b/0x530 [ 34.691025] ? __might_sleep+0x95/0x190 [ 34.694973] ? kasan_check_write+0x14/0x20 [ 34.699442] ? _copy_from_user+0x99/0x110 [ 34.703564] ? memdup_user+0x5e/0x90 [ 34.707247] ? copy_mount_options+0x1f7/0x2e0 [ 34.711715] SyS_mount+0xab/0x120 [ 34.715151] ? copy_mnt_ns+0xb30/0xb30 [ 34.719015] do_syscall_64+0x281/0x940 [ 34.722884] ? vmalloc_sync_all+0x30/0x30 [ 34.727011] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 34.731749] ? syscall_return_slowpath+0x550/0x550 [ 34.736659] ? syscall_return_slowpath+0x2ac/0x550 [ 34.741561] ? prepare_exit_to_usermode+0x350/0x350 [ 34.746552] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 34.751900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.756726] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 34.761905] RIP: 0033:0x442d59 [ 34.765087] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 34.772768] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 34.780011] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 34.787252] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000300000000 [ 34.794497] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 34.801740] R13: 0000000000000006 R14: 0000000000001380 R15: 00007ffc5d8c3528 [ 34.809007] CPU: 1 PID: 4485 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 34.809723] FAULT_INJECTION: forcing a failure. [ 34.809723] name failslab, interval 1, probability 0, space 0, times 0 [ 34.816373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.816377] Call Trace: [ 34.816389] dump_stack+0x194/0x24d [ 34.816395] ? arch_local_irq_restore+0x53/0x53 [ 34.816403] ? find_held_lock+0x35/0x1d0 [ 34.816411] should_fail+0x8c0/0xa40 [ 34.816417] ? __list_lru_init+0x352/0x750 [ 34.816423] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 34.816427] ? trace_hardirqs_off+0x10/0x10 [ 34.816433] ? find_next_zero_bit+0xe3/0x110 [ 34.816439] ? trace_hardirqs_off+0x10/0x10 [ 34.816445] ? find_held_lock+0x35/0x1d0 [ 34.816451] ? __lock_is_held+0xb6/0x140 [ 34.816465] ? check_same_owner+0x320/0x320 [ 34.890112] ? lock_downgrade+0x980/0x980 [ 34.894250] ? rcu_note_context_switch+0x710/0x710 [ 34.899652] ? find_held_lock+0x35/0x1d0 [ 34.903703] should_failslab+0xec/0x120 [ 34.907661] __kmalloc+0x63/0x760 [ 34.911103] ? lock_downgrade+0x980/0x980 [ 34.915236] ? register_shrinker+0x10e/0x2d0 [ 34.919627] ? trace_event_raw_event_module_request+0x320/0x320 [ 34.925668] register_shrinker+0x10e/0x2d0 [ 34.929901] ? __bpf_trace_mm_vmscan_wakeup_kswapd+0x40/0x40 [ 34.935687] ? memcpy+0x45/0x50 [ 34.938953] sget_userns+0xbbf/0xe40 [ 34.942647] ? set_anon_super+0x20/0x20 [ 34.946642] ? put_filp+0x90/0x90 [ 34.950086] ? destroy_unused_super.part.6+0xd0/0xd0 [ 34.955176] ? path_lookupat+0x238/0xba0 [ 34.959219] ? mnt_free_id.isra.21+0x50/0x50 [ 34.963616] ? trace_hardirqs_off+0x10/0x10 [ 34.967921] ? putname+0xee/0x130 [ 34.971359] ? cap_capable+0x1b5/0x230 [ 34.975230] ? security_capable+0x8e/0xc0 [ 34.979366] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.984539] ? ns_capable_common+0xcf/0x160 [ 34.988843] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 34.994013] mount_ns+0x6d/0x190 [ 34.997364] rpc_mount+0x9e/0xd0 [ 35.000715] mount_fs+0x66/0x2d0 [ 35.004064] vfs_kern_mount.part.26+0xc6/0x4a0 [ 35.008627] ? may_umount+0xa0/0xa0 [ 35.012238] ? _raw_read_unlock+0x22/0x30 [ 35.016367] ? __get_fs_type+0x8a/0xc0 [ 35.020252] do_mount+0xea4/0x2bb0 [ 35.023778] ? __might_fault+0x110/0x1d0 [ 35.027822] ? copy_mount_string+0x40/0x40 [ 35.032040] ? check_same_owner+0x320/0x320 [ 35.036345] ? __check_object_size+0x8b/0x530 [ 35.040827] ? __might_sleep+0x95/0x190 [ 35.044787] ? kasan_check_write+0x14/0x20 [ 35.049017] ? _copy_from_user+0x99/0x110 [ 35.053154] ? memdup_user+0x5e/0x90 [ 35.056849] ? copy_mount_options+0x1f7/0x2e0 [ 35.061329] SyS_mount+0xab/0x120 [ 35.064774] ? copy_mnt_ns+0xb30/0xb30 [ 35.068649] do_syscall_64+0x281/0x940 [ 35.072518] ? vmalloc_sync_all+0x30/0x30 [ 35.076649] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 35.081387] ? syscall_return_slowpath+0x550/0x550 [ 35.086299] ? syscall_return_slowpath+0x2ac/0x550 [ 35.091213] ? prepare_exit_to_usermode+0x350/0x350 [ 35.096215] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 35.101562] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.106393] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.111562] RIP: 0033:0x442d59 [ 35.114736] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 35.122426] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 35.129678] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 35.136950] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 35.144201] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 35.151451] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 35.158716] CPU: 0 PID: 4483 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 35.166070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 executing program [ 35.175423] Call Trace: [ 35.178004] dump_stack+0x194/0x24d [ 35.181629] ? arch_local_irq_restore+0x53/0x53 [ 35.186297] ? find_held_lock+0x35/0x1d0 [ 35.187857] IPVS: ftp: loaded support on port[0] = 21 [ 35.190354] should_fail+0x8c0/0xa40 [ 35.190363] ? __list_lru_init+0x352/0x750 [ 35.190371] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 35.208531] ? trace_hardirqs_off+0x10/0x10 [ 35.208832] FAULT_INJECTION: forcing a failure. [ 35.208832] name failslab, interval 1, probability 0, space 0, times 0 [ 35.212837] ? find_next_zero_bit+0xe3/0x110 [ 35.212849] ? trace_hardirqs_off+0x10/0x10 [ 35.212860] ? find_held_lock+0x35/0x1d0 [ 35.212872] ? __lock_is_held+0xb6/0x140 [ 35.240824] ? check_same_owner+0x320/0x320 [ 35.245126] ? lock_downgrade+0x980/0x980 [ 35.249259] ? rcu_note_context_switch+0x710/0x710 [ 35.254169] ? find_held_lock+0x35/0x1d0 [ 35.258220] should_failslab+0xec/0x120 [ 35.262176] __kmalloc+0x63/0x760 [ 35.265614] ? lock_downgrade+0x980/0x980 [ 35.269746] ? register_shrinker+0x10e/0x2d0 [ 35.274137] ? trace_event_raw_event_module_request+0x320/0x320 [ 35.280184] register_shrinker+0x10e/0x2d0 [ 35.284402] ? __bpf_trace_mm_vmscan_wakeup_kswapd+0x40/0x40 [ 35.290183] ? memcpy+0x45/0x50 [ 35.293446] sget_userns+0xbbf/0xe40 [ 35.297400] ? set_anon_super+0x20/0x20 [ 35.301358] ? put_filp+0x90/0x90 [ 35.304795] ? destroy_unused_super.part.6+0xd0/0xd0 [ 35.310058] ? path_lookupat+0x238/0xba0 [ 35.314114] ? mnt_free_id.isra.21+0x50/0x50 [ 35.318506] ? trace_hardirqs_off+0x10/0x10 [ 35.322812] ? putname+0xee/0x130 [ 35.326253] ? cap_capable+0x1b5/0x230 [ 35.330126] ? security_capable+0x8e/0xc0 [ 35.334258] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 35.339428] ? ns_capable_common+0xcf/0x160 [ 35.343733] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 35.348998] mount_ns+0x6d/0x190 [ 35.352353] rpc_mount+0x9e/0xd0 [ 35.355709] mount_fs+0x66/0x2d0 [ 35.359061] vfs_kern_mount.part.26+0xc6/0x4a0 [ 35.363629] ? may_umount+0xa0/0xa0 [ 35.367240] ? _raw_read_unlock+0x22/0x30 [ 35.371369] ? __get_fs_type+0x8a/0xc0 [ 35.375239] do_mount+0xea4/0x2bb0 [ 35.378761] ? __might_fault+0x110/0x1d0 [ 35.382805] ? copy_mount_string+0x40/0x40 [ 35.387023] ? check_same_owner+0x320/0x320 [ 35.391335] ? __check_object_size+0x8b/0x530 [ 35.395817] ? __might_sleep+0x95/0x190 [ 35.399776] ? kasan_check_write+0x14/0x20 [ 35.403993] ? _copy_from_user+0x99/0x110 [ 35.408130] ? memdup_user+0x5e/0x90 [ 35.411826] ? copy_mount_options+0x1f7/0x2e0 [ 35.416307] SyS_mount+0xab/0x120 [ 35.419740] ? copy_mnt_ns+0xb30/0xb30 [ 35.423612] do_syscall_64+0x281/0x940 [ 35.427485] ? vmalloc_sync_all+0x30/0x30 [ 35.431617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 35.436375] ? syscall_return_slowpath+0x550/0x550 [ 35.441288] ? syscall_return_slowpath+0x2ac/0x550 [ 35.446198] ? prepare_exit_to_usermode+0x350/0x350 [ 35.451201] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 35.456552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.461380] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.466551] RIP: 0033:0x442d59 [ 35.469723] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 35.477416] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 35.484666] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 35.491916] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000300000000 [ 35.499166] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 35.506418] R13: 0000000000000006 R14: 0000000000001380 R15: 00007ffc5d8c3528 [ 35.513685] CPU: 1 PID: 4486 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 35.514091] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 35.521035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.521038] Call Trace: [ 35.521050] dump_stack+0x194/0x24d [ 35.521059] ? arch_local_irq_restore+0x53/0x53 [ 35.521068] ? __save_stack_trace+0x7e/0xd0 [ 35.521082] should_fail+0x8c0/0xa40 [ 35.521095] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 35.561791] ? kasan_kmalloc+0xad/0xe0 [ 35.565663] ? kmem_cache_alloc_trace+0x136/0x740 [ 35.570479] ? __memcg_init_list_lru_node+0x169/0x270 [ 35.575645] ? __list_lru_init+0x544/0x750 [ 35.579853] ? sget_userns+0x6b1/0xe40 [ 35.583717] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 35.588447] ? do_mount+0xea4/0x2bb0 [ 35.592134] ? SyS_mount+0xab/0x120 [ 35.595737] ? do_syscall_64+0x281/0x940 [ 35.599862] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.605204] ? find_held_lock+0x35/0x1d0 [ 35.609242] ? __lock_is_held+0xb6/0x140 [ 35.613285] ? check_same_owner+0x320/0x320 [ 35.617583] ? rcu_note_context_switch+0x710/0x710 [ 35.622491] should_failslab+0xec/0x120 [ 35.626444] kmem_cache_alloc_trace+0x4b/0x740 [ 35.631004] ? __kmalloc_node+0x33/0x70 [ 35.634956] ? __kmalloc_node+0x33/0x70 [ 35.638906] ? rcu_read_lock_sched_held+0x108/0x120 [ 35.643901] __memcg_init_list_lru_node+0x169/0x270 [ 35.648892] ? list_lru_add+0x7c0/0x7c0 [ 35.652842] ? __kmalloc_node+0x47/0x70 [ 35.656796] __list_lru_init+0x544/0x750 [ 35.660833] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 35.666697] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 35.671691] ? lockdep_init_map+0x9/0x10 [ 35.675731] sget_userns+0x6b1/0xe40 [ 35.679417] ? set_anon_super+0x20/0x20 [ 35.683366] ? put_filp+0x90/0x90 [ 35.686811] ? destroy_unused_super.part.6+0xd0/0xd0 [ 35.691888] ? alloc_vfsmnt+0x762/0x9c0 [ 35.695838] ? path_lookupat+0x238/0xba0 [ 35.699883] ? mnt_free_id.isra.21+0x50/0x50 [ 35.704279] ? trace_hardirqs_off+0x10/0x10 [ 35.708576] ? putname+0xee/0x130 [ 35.712007] ? cap_capable+0x1b5/0x230 [ 35.715876] ? security_capable+0x8e/0xc0 [ 35.720001] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 35.725172] ? ns_capable_common+0xcf/0x160 [ 35.729469] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 35.734634] mount_ns+0x6d/0x190 [ 35.737978] rpc_mount+0x9e/0xd0 [ 35.741322] mount_fs+0x66/0x2d0 [ 35.744665] vfs_kern_mount.part.26+0xc6/0x4a0 [ 35.749221] ? may_umount+0xa0/0xa0 [ 35.752825] ? _raw_read_unlock+0x22/0x30 [ 35.756968] ? __get_fs_type+0x8a/0xc0 [ 35.760832] do_mount+0xea4/0x2bb0 [ 35.764693] ? __might_fault+0x110/0x1d0 [ 35.768748] ? copy_mount_string+0x40/0x40 [ 35.772957] ? check_same_owner+0x320/0x320 [ 35.777256] ? __check_object_size+0x8b/0x530 [ 35.781737] ? __might_sleep+0x95/0x190 [ 35.785688] ? kasan_check_write+0x14/0x20 [ 35.789898] ? _copy_from_user+0x99/0x110 [ 35.794031] ? memdup_user+0x5e/0x90 [ 35.797721] ? copy_mount_options+0x1f7/0x2e0 [ 35.802278] SyS_mount+0xab/0x120 [ 35.805704] ? copy_mnt_ns+0xb30/0xb30 [ 35.809568] do_syscall_64+0x281/0x940 [ 35.813429] ? vmalloc_sync_all+0x30/0x30 [ 35.817550] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 35.822282] ? syscall_return_slowpath+0x550/0x550 [ 35.827185] ? syscall_return_slowpath+0x2ac/0x550 [ 35.832091] ? prepare_exit_to_usermode+0x350/0x350 [ 35.837089] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 35.842428] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 35.847259] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 35.852423] RIP: 0033:0x442d59 [ 35.855588] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 35.863273] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 35.870521] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 executing program executing program [ 35.877774] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000000000000 [ 35.885026] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 35.892287] R13: 0000000000000006 R14: 0000000000000000 R15: 00007ffc5d8c3528 [ 35.926741] FAULT_INJECTION: forcing a failure. [ 35.926741] name failslab, interval 1, probability 0, space 0, times 0 [ 35.928479] ------------[ cut here ]------------ [ 35.938095] CPU: 1 PID: 4490 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 35.942782] refcount_t: increment on 0; use-after-free. [ 35.950099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 35.950102] Call Trace: [ 35.950117] dump_stack+0x194/0x24d [ 35.950128] ? arch_local_irq_restore+0x53/0x53 [ 35.950136] ? __save_stack_trace+0x7e/0xd0 [ 35.950149] should_fail+0x8c0/0xa40 [ 35.955622] WARNING: CPU: 0 PID: 4467 at lib/refcount.c:153 refcount_inc+0x47/0x50 [ 35.964818] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 35.967369] Kernel panic - not syncing: panic_on_warn set ... [ 35.967369] [ 35.970978] ? kasan_kmalloc+0xad/0xe0 [ 36.007540] ? kmem_cache_alloc_trace+0x136/0x740 [ 36.012361] ? __memcg_init_list_lru_node+0x169/0x270 [ 36.017532] ? __list_lru_init+0x544/0x750 [ 36.021744] ? sget_userns+0x6b1/0xe40 [ 36.025698] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 36.030525] ? do_mount+0xea4/0x2bb0 [ 36.034216] ? SyS_mount+0xab/0x120 [ 36.037822] ? do_syscall_64+0x281/0x940 [ 36.041864] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 36.047210] ? find_held_lock+0x35/0x1d0 [ 36.051252] ? __lock_is_held+0xb6/0x140 [ 36.055297] ? check_same_owner+0x320/0x320 [ 36.059604] ? rcu_note_context_switch+0x710/0x710 [ 36.064519] should_failslab+0xec/0x120 [ 36.068476] kmem_cache_alloc_trace+0x4b/0x740 [ 36.073038] ? __kmalloc_node+0x33/0x70 [ 36.076992] ? __kmalloc_node+0x33/0x70 [ 36.080944] ? rcu_read_lock_sched_held+0x108/0x120 [ 36.085942] __memcg_init_list_lru_node+0x169/0x270 [ 36.090937] ? list_lru_add+0x7c0/0x7c0 [ 36.094895] ? __kmalloc_node+0x47/0x70 [ 36.098853] __list_lru_init+0x544/0x750 [ 36.102894] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 36.108761] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.113758] ? lockdep_init_map+0x9/0x10 [ 36.117803] sget_userns+0x6b1/0xe40 [ 36.121506] ? set_anon_super+0x20/0x20 [ 36.125461] ? put_filp+0x90/0x90 [ 36.128896] ? destroy_unused_super.part.6+0xd0/0xd0 [ 36.133980] ? alloc_vfsmnt+0x762/0x9c0 [ 36.137932] ? path_lookupat+0x238/0xba0 [ 36.141970] ? mnt_free_id.isra.21+0x50/0x50 [ 36.146361] ? trace_hardirqs_off+0x10/0x10 [ 36.150664] ? putname+0xee/0x130 [ 36.154101] ? cap_capable+0x1b5/0x230 [ 36.157969] ? security_capable+0x8e/0xc0 [ 36.162098] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 36.167272] ? ns_capable_common+0xcf/0x160 [ 36.171593] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 36.176764] mount_ns+0x6d/0x190 [ 36.180113] rpc_mount+0x9e/0xd0 [ 36.183461] mount_fs+0x66/0x2d0 [ 36.186812] vfs_kern_mount.part.26+0xc6/0x4a0 [ 36.191376] ? may_umount+0xa0/0xa0 [ 36.194982] ? _raw_read_unlock+0x22/0x30 [ 36.199115] ? __get_fs_type+0x8a/0xc0 [ 36.202987] do_mount+0xea4/0x2bb0 [ 36.206508] ? __might_fault+0x110/0x1d0 [ 36.210553] ? copy_mount_string+0x40/0x40 [ 36.214766] ? check_same_owner+0x320/0x320 [ 36.219078] ? __check_object_size+0x8b/0x530 [ 36.223553] ? __might_sleep+0x95/0x190 [ 36.227512] ? kasan_check_write+0x14/0x20 [ 36.231725] ? _copy_from_user+0x99/0x110 [ 36.235853] ? memdup_user+0x5e/0x90 [ 36.239561] ? copy_mount_options+0x1f7/0x2e0 [ 36.244039] SyS_mount+0xab/0x120 [ 36.247474] ? copy_mnt_ns+0xb30/0xb30 [ 36.251345] do_syscall_64+0x281/0x940 [ 36.255213] ? vmalloc_sync_all+0x30/0x30 [ 36.259343] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 36.264860] ? syscall_return_slowpath+0x550/0x550 [ 36.269773] ? syscall_return_slowpath+0x2ac/0x550 [ 36.274684] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 36.280030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.284856] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 36.290022] RIP: 0033:0x442d59 [ 36.293194] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 36.300884] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 36.308227] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 36.315482] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000300000000 [ 36.322730] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 36.329982] R13: 0000000000000006 R14: 0000000000001380 R15: 00007ffc5d8c3528 [ 36.337247] CPU: 0 PID: 4467 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 36.344487] FAULT_INJECTION: forcing a failure. [ 36.344487] name failslab, interval 1, probability 0, space 0, times 0 [ 36.344605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.365094] Call Trace: [ 36.367676] dump_stack+0x194/0x24d [ 36.371288] ? arch_local_irq_restore+0x53/0x53 [ 36.375940] ? vsnprintf+0x1ed/0x1900 [ 36.379723] panic+0x1e4/0x41c [ 36.382898] ? refcount_error_report+0x214/0x214 [ 36.387640] ? show_regs_print_info+0x18/0x18 [ 36.392117] ? vprintk_emit+0xa5f/0xb90 [ 36.396078] ? __warn+0x1c1/0x200 [ 36.399522] ? refcount_inc+0x47/0x50 [ 36.403304] __warn+0x1dc/0x200 [ 36.406568] ? refcount_inc+0x47/0x50 [ 36.410363] report_bug+0x1f4/0x2b0 [ 36.413979] fixup_bug.part.10+0x37/0x80 [ 36.418025] do_error_trap+0x2d7/0x3e0 [ 36.421895] ? vprintk_default+0x28/0x30 [ 36.425940] ? math_error+0x400/0x400 [ 36.429719] ? printk+0xaa/0xca [ 36.432991] ? show_regs_print_info+0x18/0x18 [ 36.437477] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.442303] do_invalid_op+0x1b/0x20 [ 36.446259] invalid_op+0x1b/0x40 [ 36.449696] RIP: 0010:refcount_inc+0x47/0x50 [ 36.454082] RSP: 0018:ffff8801add77860 EFLAGS: 00010286 [ 36.459431] RAX: dffffc0000000008 RBX: ffff8801ada40044 RCX: ffffffff815b421e [ 36.466686] RDX: 0000000000000000 RSI: 1ffff10035baeebc RDI: 1ffff10035baee91 [ 36.473940] RBP: ffff8801add77868 R08: 0000000000000000 R09: 0000000000000000 [ 36.481195] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801add77af8 [ 36.488448] R13: ffff8801b2d0aa93 R14: ffff8801ada40040 R15: ffff8801b2d0ab01 [ 36.495711] ? vprintk_func+0x5e/0xc0 [ 36.499503] sk_alloc+0x3f9/0x1440 [ 36.503029] ? sock_def_error_report+0x5e0/0x5e0 [ 36.507772] ? __raw_spin_lock_init+0x2d/0x100 [ 36.512337] ? trace_hardirqs_off+0x10/0x10 [ 36.516642] ? do_raw_write_unlock+0x290/0x290 [ 36.521208] ? trace_hardirqs_off+0x10/0x10 [ 36.525685] ? __raw_spin_lock_init+0x1c/0x100 [ 36.530256] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.535260] ? find_held_lock+0x35/0x1d0 [ 36.539395] ? inet_create+0x3fc/0xf50 [ 36.543268] ? lock_downgrade+0x980/0x980 [ 36.547399] ? lock_release+0xa40/0xa40 [ 36.551352] ? lock_downgrade+0x980/0x980 [ 36.555490] inet_create+0x47c/0xf50 [ 36.559192] ? ipip_gro_receive+0xf0/0xf0 [ 36.563327] ? __lock_is_held+0xb6/0x140 [ 36.567380] __sock_create+0x4d4/0x850 [ 36.571252] ? kernel_sock_ip_overhead+0x4c0/0x4c0 [ 36.576168] ? user_path_create+0x40/0x40 [ 36.580301] SyS_socket+0xeb/0x1d0 [ 36.583823] ? fillonedir+0x250/0x250 [ 36.587692] ? move_addr_to_kernel+0x60/0x60 [ 36.592170] ? getname_flags+0x256/0x580 [ 36.596215] ? do_syscall_64+0xb7/0x940 [ 36.600170] ? move_addr_to_kernel+0x60/0x60 [ 36.604560] do_syscall_64+0x281/0x940 [ 36.608429] ? vmalloc_sync_all+0x30/0x30 [ 36.612561] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 36.617647] ? syscall_return_slowpath+0x550/0x550 [ 36.622565] ? syscall_return_slowpath+0x2ac/0x550 [ 36.627481] ? prepare_exit_to_usermode+0x350/0x350 [ 36.632480] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 36.638001] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 36.642841] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 36.648027] RIP: 0033:0x4457d7 [ 36.651201] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 [ 36.658896] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000004457d7 [ 36.666148] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 36.673401] RBP: 00007ffc5d8c3500 R08: 0000000000000000 R09: 0000000000000001 [ 36.680654] R10: 000000000000000a R11: 0000000000000202 R12: 0000000000000003 [ 36.687929] R13: 0000000000000003 R14: 000000000000865d R15: 00007ffc5d8c3528 [ 36.695406] CPU: 1 PID: 4488 Comm: syzkaller539107 Not tainted 4.16.0-rc6+ #42 [ 36.702758] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 36.712090] Call Trace: [ 36.714656] dump_stack+0x194/0x24d [ 36.718262] ? arch_local_irq_restore+0x53/0x53 [ 36.722910] ? __save_stack_trace+0x7e/0xd0 [ 36.727212] should_fail+0x8c0/0xa40 [ 36.730901] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 36.735988] ? kasan_kmalloc+0xad/0xe0 [ 36.739852] ? kmem_cache_alloc_trace+0x136/0x740 [ 36.744679] ? __memcg_init_list_lru_node+0x169/0x270 [ 36.749931] ? __list_lru_init+0x544/0x750 [ 36.754143] ? sget_userns+0x6b1/0xe40 [ 36.758007] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 36.762737] ? do_mount+0xea4/0x2bb0 [ 36.766425] ? SyS_mount+0xab/0x120 [ 36.770039] ? do_syscall_64+0x281/0x940 [ 36.774078] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 36.779421] ? find_held_lock+0x35/0x1d0 [ 36.783476] ? __lock_is_held+0xb6/0x140 [ 36.787518] ? check_same_owner+0x320/0x320 [ 36.791821] ? rcu_note_context_switch+0x710/0x710 [ 36.796731] should_failslab+0xec/0x120 [ 36.800688] kmem_cache_alloc_trace+0x4b/0x740 [ 36.805248] ? __kmalloc_node+0x33/0x70 [ 36.809199] ? __kmalloc_node+0x33/0x70 [ 36.813150] ? rcu_read_lock_sched_held+0x108/0x120 [ 36.818147] __memcg_init_list_lru_node+0x169/0x270 [ 36.823147] ? list_lru_add+0x7c0/0x7c0 [ 36.827099] ? __kmalloc_node+0x47/0x70 [ 36.831057] __list_lru_init+0x544/0x750 [ 36.835099] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 36.840963] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 36.845963] ? lockdep_init_map+0x9/0x10 [ 36.850027] sget_userns+0x6b1/0xe40 [ 36.853716] ? set_anon_super+0x20/0x20 [ 36.857684] ? put_filp+0x90/0x90 [ 36.861115] ? destroy_unused_super.part.6+0xd0/0xd0 [ 36.866195] ? alloc_vfsmnt+0x762/0x9c0 [ 36.870147] ? path_lookupat+0x238/0xba0 [ 36.874188] ? mnt_free_id.isra.21+0x50/0x50 [ 36.878575] ? trace_hardirqs_off+0x10/0x10 [ 36.882877] ? putname+0xee/0x130 [ 36.886397] ? cap_capable+0x1b5/0x230 [ 36.890265] ? security_capable+0x8e/0xc0 [ 36.894392] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 36.900303] ? ns_capable_common+0xcf/0x160 [ 36.904608] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 36.909949] mount_ns+0x6d/0x190 [ 36.913295] rpc_mount+0x9e/0xd0 [ 36.916646] mount_fs+0x66/0x2d0 [ 36.919994] vfs_kern_mount.part.26+0xc6/0x4a0 [ 36.924552] ? may_umount+0xa0/0xa0 [ 36.928158] ? _raw_read_unlock+0x22/0x30 [ 36.932283] ? __get_fs_type+0x8a/0xc0 [ 36.936148] do_mount+0xea4/0x2bb0 [ 36.939666] ? __might_fault+0x110/0x1d0 [ 36.943709] ? copy_mount_string+0x40/0x40 [ 36.947920] ? check_same_owner+0x320/0x320 [ 36.952228] ? __check_object_size+0x8b/0x530 [ 36.956701] ? __might_sleep+0x95/0x190 [ 36.960655] ? kasan_check_write+0x14/0x20 [ 36.964866] ? _copy_from_user+0x99/0x110 [ 36.968990] ? memdup_user+0x5e/0x90 [ 36.972678] ? copy_mount_options+0x1f7/0x2e0 [ 36.977444] SyS_mount+0xab/0x120 [ 36.980876] ? copy_mnt_ns+0xb30/0xb30 [ 36.984742] do_syscall_64+0x281/0x940 [ 36.988603] ? vmalloc_sync_all+0x30/0x30 [ 36.992727] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 36.997460] ? syscall_return_slowpath+0x550/0x550 [ 37.002375] ? syscall_return_slowpath+0x2ac/0x550 [ 37.007280] ? prepare_exit_to_usermode+0x350/0x350 [ 37.012281] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 37.017623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 37.022443] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 37.027608] RIP: 0033:0x442d59 [ 37.030773] RSP: 002b:00007ffc5d8c33e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 37.038459] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442d59 [ 37.045706] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 37.052952] RBP: 00007ffc5d8c3c90 R08: 0000000000000000 R09: 0000000300000000 [ 37.060198] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 37.067455] R13: 0000000000000006 R14: 0000000000001380 R15: 00007ffc5d8c3528 [ 37.075211] Dumping ftrace buffer: [ 37.078901] (ftrace buffer empty) [ 37.082607] Kernel Offset: disabled [ 37.086208] Rebooting in 86400 seconds..