syzbot


inconsistent lock state in fs_reclaim_acquire

Status: auto-closed as invalid on 2019/10/25 08:45
Reported-by: syzbot+a34b24d95a625ff4455a@syzkaller.appspotmail.com
First crash: 1165d, last: 1148d
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream inconsistent lock state in fs_reclaim_acquire C 36235 1508d 1519d 6/22 fixed on 2018/05/08 18:30
upstream inconsistent lock state in fs_reclaim_acquire (2) 211 1274d 1506d 0/22 auto-closed as invalid on 2019/06/26 10:05

Sample crash report:
================================
WARNING: inconsistent lock state
4.14.115 #5 Not tainted
--------------------------------
inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage.
syz-executor.1/7141 [HC0[0]:SC1[1]:HE1:SE0] takes:
 (fs_reclaim){+.?.}, at: [<ffffffff8171c9d0>] fs_reclaim_acquire.part.0+0x0/0x30 include/linux/compiler.h:186
{SOFTIRQ-ON-W} state was registered at:
  mark_irqflags kernel/locking/lockdep.c:3086 [inline]
  __lock_acquire+0xbfd/0x45e0 kernel/locking/lockdep.c:3444
  lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991
  fs_reclaim_acquire.part.0+0x24/0x30 mm/page_alloc.c:3551
  fs_reclaim_acquire+0x14/0x20 mm/page_alloc.c:3552
  slab_pre_alloc_hook mm/slab.h:416 [inline]
  slab_alloc mm/slab.c:3376 [inline]
  __do_kmalloc mm/slab.c:3718 [inline]
  __kmalloc+0x52/0x7a0 mm/slab.c:3729
  kmalloc include/linux/slab.h:493 [inline]
  smp_init_package_map arch/x86/kernel/smpboot.c:385 [inline]
  smp_store_boot_cpu_info+0x1f0/0x282 arch/x86/kernel/smpboot.c:402
  native_smp_prepare_cpus+0xe2/0x8ab arch/x86/kernel/smpboot.c:1316
  smp_prepare_cpus arch/x86/include/asm/smp.h:86 [inline]
  kernel_init_freeable+0x2ad/0x538 init/main.c:1058
  kernel_init+0x12/0x162 init/main.c:999
  ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:402
irq event stamp: 3571950
hardirqs last  enabled at (3571950): [<ffffffff814b1a0c>] console_unlock+0x6ac/0xed0 kernel/printk/printk.c:2424
hardirqs last disabled at (3571949): [<ffffffff814b14cf>] console_unlock+0x16f/0xed0 kernel/printk/printk.c:2335
softirqs last  enabled at (3571906): [<ffffffff84cf86fc>] spin_unlock_bh include/linux/spinlock.h:362 [inline]
softirqs last  enabled at (3571906): [<ffffffff84cf86fc>] release_sock+0x14c/0x1c0 net/core/sock.c:2788
softirqs last disabled at (3571915): [<ffffffff8138f040>] invoke_softirq kernel/softirq.c:368 [inline]
softirqs last disabled at (3571915): [<ffffffff8138f040>] irq_exit+0x160/0x1b0 kernel/softirq.c:409

other info that might help us debug this:
 Possible unsafe locking scenario:

       CPU0
       ----
  lock(fs_reclaim);
  <Interrupt>
    lock(fs_reclaim);

 *** DEADLOCK ***

2 locks held by syz-executor.1/7141:
 #0:  (&xt[i].mutex){+.+.}, at: [<ffffffff8503720c>] xt_find_table_lock+0x3c/0x3d0 net/netfilter/x_tables.c:1092
 #1:  (rcu_callback){....}, at: [<ffffffff814e46cb>] __rcu_reclaim kernel/rcu/rcu.h:185 [inline]
 #1:  (rcu_callback){....}, at: [<ffffffff814e46cb>] rcu_do_batch kernel/rcu/tree.c:2699 [inline]
 #1:  (rcu_callback){....}, at: [<ffffffff814e46cb>] invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline]
 #1:  (rcu_callback){....}, at: [<ffffffff814e46cb>] __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline]
 #1:  (rcu_callback){....}, at: [<ffffffff814e46cb>] rcu_process_callbacks+0x89b/0x12c0 kernel/rcu/tree.c:2946

stack backtrace:
CPU: 0 PID: 7141 Comm: syz-executor.1 Not tainted 4.14.115 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 print_usage_bug.cold+0x330/0x42a kernel/locking/lockdep.c:2585
 valid_state kernel/locking/lockdep.c:2598 [inline]
 mark_lock_irq kernel/locking/lockdep.c:2792 [inline]
 mark_lock+0xdc9/0x1250 kernel/locking/lockdep.c:3190
 mark_irqflags kernel/locking/lockdep.c:3068 [inline]
 __lock_acquire+0xb21/0x45e0 kernel/locking/lockdep.c:3444
 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3991
 fs_reclaim_acquire.part.0+0x24/0x30 mm/page_alloc.c:3551
 fs_reclaim_acquire+0x14/0x20 mm/page_alloc.c:3552
 slab_pre_alloc_hook mm/slab.h:416 [inline]
 slab_alloc mm/slab.c:3376 [inline]
 kmem_cache_alloc_trace+0x2d/0x790 mm/slab.c:3616
 kmalloc include/linux/slab.h:488 [inline]
 kzalloc include/linux/slab.h:661 [inline]
 kobject_uevent_env+0x2fa/0xc41 lib/kobject_uevent.c:390
 kobject_uevent+0x20/0x26 lib/kobject_uevent.c:550
 kobject_cleanup lib/kobject.c:633 [inline]
 kobject_release lib/kobject.c:675 [inline]
 kref_put include/linux/kref.h:70 [inline]
 kobject_put.cold+0x168/0x2ff lib/kobject.c:692
 put_device+0x20/0x30 drivers/base/core.c:1954
 delete_partition_rcu_cb+0x132/0x190 block/partition-generic.c:255
 __rcu_reclaim kernel/rcu/rcu.h:195 [inline]
 rcu_do_batch kernel/rcu/tree.c:2699 [inline]
 invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline]
 __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline]
 rcu_process_callbacks+0x7c0/0x12c0 kernel/rcu/tree.c:2946
 __do_softirq+0x24e/0x9ae kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x160/0x1b0 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:648 [inline]
 smp_apic_timer_interrupt+0x156/0x600 arch/x86/kernel/apic/apic.c:1064
 apic_timer_interrupt+0x8e/0xa0 arch/x86/entry/entry_64.S:787
 </IRQ>
RIP: 0010:unwind_get_return_address+0x22/0xa0 arch/x86/kernel/unwind_frame.c:15
RSP: 0018:ffff888067307710 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff10
RAX: ffff888067307730 RBX: ffff888067307730 RCX: 1ffff1100ce60eee
RDX: 0000000000000000 RSI: 1ffff1100ce60e00 RDI: ffff888067307730
RBP: ffff888067307720 R08: 0000000000000001 R09: ffff888067307788
R10: ffff888067307758 R11: ffff888067307768 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8880672f8700 R15: ffff8880aa8001c0
 __save_stack_trace+0x7b/0xd0 arch/x86/kernel/stacktrace.c:45
 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:59
 save_stack+0x45/0xd0 mm/kasan/kasan.c:447
 set_track mm/kasan/kasan.c:459 [inline]
 kasan_kmalloc mm/kasan/kasan.c:551 [inline]
 kasan_kmalloc+0xce/0xf0 mm/kasan/kasan.c:529
 kmem_cache_alloc_node_trace+0x153/0x770 mm/slab.c:3661
 __do_kmalloc_node mm/slab.c:3681 [inline]
 __kmalloc_node+0x3d/0x80 mm/slab.c:3689
 kmalloc_node include/linux/slab.h:530 [inline]
 __vmalloc_area_node mm/vmalloc.c:1691 [inline]
 __vmalloc_node_range+0x1a1/0x6a0 mm/vmalloc.c:1764
 __vmalloc_node mm/vmalloc.c:1809 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1823 [inline]
 vzalloc+0x46/0x50 mm/vmalloc.c:1862
 alloc_counters.isra.0+0x48/0x90 net/ipv6/netfilter/ip6_tables.c:818
 copy_entries_to_user net/ipv4/netfilter/ip_tables.c:822 [inline]
 get_entries net/ipv4/netfilter/ip_tables.c:1025 [inline]
 do_ipt_get_ctl+0x439/0x7e0 net/ipv4/netfilter/ip_tables.c:1702
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x70/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1566 [inline]
 ip_getsockopt+0x10d/0x150 net/ipv4/ip_sockglue.c:1551
 tcp_getsockopt net/ipv4/tcp.c:3234 [inline]
 tcp_getsockopt+0x8a/0xe0 net/ipv4/tcp.c:3228
 sock_common_getsockopt+0x9a/0xe0 net/core/sock.c:2925
 SYSC_getsockopt net/socket.c:1896 [inline]
 SyS_getsockopt+0x12b/0x1f0 net/socket.c:1878
 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45b8da
RSP: 002b:00007fff8e6c50a8 EFLAGS: 00000216 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00007fff8e6c50d0 RCX: 000000000045b8da
RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000712e80 R08: 00007fff8e6c50cc R09: 0000000000004000
R10: 00007fff8e6c51d0 R11: 0000000000000216 R12: 0000000000000003
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000710cc0
BUG: sleeping function called from invalid context at mm/slab.h:419
in_atomic(): 1, irqs_disabled(): 0, pid: 7141, name: syz-executor.1
INFO: lockdep is turned off.
Preemption disabled at:
[<ffffffff864000e7>] __do_softirq+0xe7/0x9ae kernel/softirq.c:265
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
CPU: 0 PID: 7141 Comm: syz-executor.1 Not tainted 4.14.115 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 ___might_sleep.cold+0x1bd/0x1f6 kernel/sched/core.c:6039
 __might_sleep+0x93/0xb0 kernel/sched/core.c:5992
 slab_pre_alloc_hook mm/slab.h:419 [inline]
 slab_alloc mm/slab.c:3376 [inline]
 kmem_cache_alloc_trace+0x2e2/0x790 mm/slab.c:3616
 kmalloc include/linux/slab.h:488 [inline]
 kzalloc include/linux/slab.h:661 [inline]
 kobject_uevent_env+0x2fa/0xc41 lib/kobject_uevent.c:390
 kobject_uevent+0x20/0x26 lib/kobject_uevent.c:550
 kobject_cleanup lib/kobject.c:633 [inline]
 kobject_release lib/kobject.c:675 [inline]
 kref_put include/linux/kref.h:70 [inline]
 kobject_put.cold+0x168/0x2ff lib/kobject.c:692
 put_device+0x20/0x30 drivers/base/core.c:1954
 delete_partition_rcu_cb+0x132/0x190 block/partition-generic.c:255
 __rcu_reclaim kernel/rcu/rcu.h:195 [inline]
 rcu_do_batch kernel/rcu/tree.c:2699 [inline]
 invoke_rcu_callbacks kernel/rcu/tree.c:2962 [inline]
 __rcu_process_callbacks kernel/rcu/tree.c:2929 [inline]
 rcu_process_callbacks+0x7c0/0x12c0 kernel/rcu/tree.c:2946
 __do_softirq+0x24e/0x9ae kernel/softirq.c:288
 invoke_softirq kernel/softirq.c:368 [inline]
 irq_exit+0x160/0x1b0 kernel/softirq.c:409
 exiting_irq arch/x86/include/asm/apic.h:648 [inline]
 smp_apic_timer_interrupt+0x156/0x600 arch/x86/kernel/apic/apic.c:1064
 apic_timer_interrupt+0x8e/0xa0 arch/x86/entry/entry_64.S:787
 </IRQ>
RIP: 0010:unwind_get_return_address+0x22/0xa0 arch/x86/kernel/unwind_frame.c:15
RSP: 0018:ffff888067307710 EFLAGS: 00000a02 ORIG_RAX: ffffffffffffff10
RAX: ffff888067307730 RBX: ffff888067307730 RCX: 1ffff1100ce60eee
RDX: 0000000000000000 RSI: 1ffff1100ce60e00 RDI: ffff888067307730
RBP: ffff888067307720 R08: 0000000000000001 R09: ffff888067307788
R10: ffff888067307758 R11: ffff888067307768 R12: 0000000000000000
R13: 0000000000000000 R14: ffff8880672f8700 R15: ffff8880aa8001c0
 __save_stack_trace+0x7b/0xd0 arch/x86/kernel/stacktrace.c:45
 save_stack_trace+0x16/0x20 arch/x86/kernel/stacktrace.c:59
 save_stack+0x45/0xd0 mm/kasan/kasan.c:447
 set_track mm/kasan/kasan.c:459 [inline]
 kasan_kmalloc mm/kasan/kasan.c:551 [inline]
 kasan_kmalloc+0xce/0xf0 mm/kasan/kasan.c:529
 kmem_cache_alloc_node_trace+0x153/0x770 mm/slab.c:3661
 __do_kmalloc_node mm/slab.c:3681 [inline]
 __kmalloc_node+0x3d/0x80 mm/slab.c:3689
 kmalloc_node include/linux/slab.h:530 [inline]
 __vmalloc_area_node mm/vmalloc.c:1691 [inline]
 __vmalloc_node_range+0x1a1/0x6a0 mm/vmalloc.c:1764
 __vmalloc_node mm/vmalloc.c:1809 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1823 [inline]
 vzalloc+0x46/0x50 mm/vmalloc.c:1862
 alloc_counters.isra.0+0x48/0x90 net/ipv6/netfilter/ip6_tables.c:818
 copy_entries_to_user net/ipv4/netfilter/ip_tables.c:822 [inline]
 get_entries net/ipv4/netfilter/ip_tables.c:1025 [inline]
 do_ipt_get_ctl+0x439/0x7e0 net/ipv4/netfilter/ip_tables.c:1702
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x70/0xd0 net/netfilter/nf_sockopt.c:122
 ip_getsockopt net/ipv4/ip_sockglue.c:1566 [inline]
 ip_getsockopt+0x10d/0x150 net/ipv4/ip_sockglue.c:1551
 tcp_getsockopt net/ipv4/tcp.c:3234 [inline]
 tcp_getsockopt+0x8a/0xe0 net/ipv4/tcp.c:3228
 sock_common_getsockopt+0x9a/0xe0 net/core/sock.c:2925
 SYSC_getsockopt net/socket.c:1896 [inline]
 SyS_getsockopt+0x12b/0x1f0 net/socket.c:1878
 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45b8da
RSP: 002b:00007fff8e6c50a8 EFLAGS: 00000216 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 00007fff8e6c50d0 RCX: 000000000045b8da
RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000712e80 R08: 00007fff8e6c50cc R09: 0000000000004000
R10: 00007fff8e6c51d0 R11: 0000000000000216 R12: 0000000000000003
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000710cc0
kobject: 'loop1p1' (ffff888081111398): fill_kobj_path: path = '/loop1p1'
kobject: 'loop1p1' (ffff888081111398): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop1p1' (ffff88809697f318): kobject_cleanup, parent           (null)
kobject: 'loop1p1' (ffff88809697f318): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 1 PID: 17817 Comm: syz-executor.3 Tainted: G        W       4.14.115 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold+0x10f/0x159 lib/fault-inject.c:149
 should_failslab+0xdb/0x130 mm/failslab.c:32
 slab_pre_alloc_hook mm/slab.h:421 [inline]
 slab_alloc mm/slab.c:3376 [inline]
 __do_kmalloc mm/slab.c:3718 [inline]
 __kmalloc_track_caller+0x2ef/0x790 mm/slab.c:3735
 memdup_user+0x26/0xa0 mm/util.c:164
 strndup_user+0x62/0xf0 mm/util.c:195
 copy_mount_string fs/namespace.c:2783 [inline]
 SYSC_mount fs/namespace.c:3080 [inline]
 SyS_mount+0x3c/0x120 fs/namespace.c:3072
 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x45b81a
RSP: 002b:00007f33453d2a88 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007f33453d2b40 RCX: 000000000045b81a
RDX: 00007f33453d2ae0 RSI: 0000000020000200 RDI: 00007f33453d2b00
RBP: 0000000000000000 R08: 00007f33453d2b40 R09: 00007f33453d2ae0
R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000004
R13: 00000000004c78d3 R14: 00000000004dd8f8 R15: 0000000000000003
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 1 PID: 17834 Comm: syz-executor.1 Tainted: G        W       4.14.115 #5
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold+0x10f/0x159 lib/fault-inject.c:149
 should_failslab+0xdb/0x130 mm/failslab.c:32
 slab_pre_alloc_hook mm/slab.h:421 [inline]
 slab_alloc_node mm/slab.c:3297 [inline]
 kmem_cache_alloc_node_trace+0x283/0x770 mm/slab.c:3659
 kmalloc_node include/linux/slab.h:526 [inline]
 kzalloc_node include/linux/slab.h:672 [inline]
 __get_vm_area_node+0xf0/0x340 mm/vmalloc.c:1406
 __vmalloc_node_range+0x9f/0x6a0 mm/vmalloc.c:1759
 __vmalloc_node mm/vmalloc.c:1809 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1823 [inline]
 vzalloc+0x46/0x50 mm/vmalloc.c:1862
 allocate_partitions block/partitions/check.c:125 [inline]
 check_partition+0xec/0x630 block/partitions/check.c:148
 rescan_partitions+0x1e5/0x860 block/partition-generic.c:523
 __blkdev_reread_part+0x15c/0x1e0 block/ioctl.c:173
 blkdev_reread_part+0x27/0x40 block/ioctl.c:193
 loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:614
 loop_set_status+0xc28/0x1200 drivers/block/loop.c:1183
 loop_set_status64+0xa6/0xf0 drivers/block/loop.c:1301
 lo_ioctl+0xd9/0x1d00 drivers/block/loop.c:1431
 __blkdev_driver_ioctl block/ioctl.c:297 [inline]
 blkdev_ioctl+0x631/0x1910 block/ioctl.c:594
 block_ioctl+0xde/0x120 fs/block_dev.c:1881
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458c17
RSP: 002b:00007fbb80fa49f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fbb80fa56d4 RCX: 0000000000458c17
RDX: 00007fbb80fa4ab0 RSI: 0000000000004c04 RDI: 0000000000000005
RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000004
R13: 0000000000000004 R14: 0000000000000005 R15: 0000000000000003
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
syz-executor.1: 
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
vmalloc: allocation failure: 32768 bytes
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
, mode:0x14080c0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
syz-executor.1 cpuset=syz1 mems_allowed=0-1
CPU: 1 PID: 17834 Comm: syz-executor.1 Tainted: G        W       4.14.115 #5
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 warn_alloc.cold+0x96/0x1af mm/page_alloc.c:3248
 __vmalloc_node_range mm/vmalloc.c:1780 [inline]
 __vmalloc_node_range+0x3be/0x6a0 mm/vmalloc.c:1746
 __vmalloc_node mm/vmalloc.c:1809 [inline]
 __vmalloc_node_flags mm/vmalloc.c:1823 [inline]
 vzalloc+0x46/0x50 mm/vmalloc.c:1862
 allocate_partitions block/partitions/check.c:125 [inline]
 check_partition+0xec/0x630 block/partitions/check.c:148
 rescan_partitions+0x1e5/0x860 block/partition-generic.c:523
 __blkdev_reread_part+0x15c/0x1e0 block/ioctl.c:173
 blkdev_reread_part+0x27/0x40 block/ioctl.c:193
 loop_reread_partitions+0x7c/0x90 drivers/block/loop.c:614
 loop_set_status+0xc28/0x1200 drivers/block/loop.c:1183
 loop_set_status64+0xa6/0xf0 drivers/block/loop.c:1301
 lo_ioctl+0xd9/0x1d00 drivers/block/loop.c:1431
 __blkdev_driver_ioctl block/ioctl.c:297 [inline]
 blkdev_ioctl+0x631/0x1910 block/ioctl.c:594
 block_ioctl+0xde/0x120 fs/block_dev.c:1881
 vfs_ioctl fs/ioctl.c:46 [inline]
 file_ioctl fs/ioctl.c:500 [inline]
 do_vfs_ioctl+0x7b9/0x1070 fs/ioctl.c:684
 SYSC_ioctl fs/ioctl.c:701 [inline]
 SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692
 do_syscall_64+0x1eb/0x630 arch/x86/entry/common.c:289
 entry_SYSCALL_64_after_hwframe+0x42/0xb7
RIP: 0033:0x458c17
RSP: 002b:00007fbb80fa49f8 EFLAGS: 00000202 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00007fbb80fa56d4 RCX: 0000000000458c17
RDX: 00007fbb80fa4ab0 RSI: 0000000000004c04 RDI: 0000000000000005
RBP: 0000000000000001 R08: 0000000000000000 R09: 000000000000000a
R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000004
R13: 0000000000000004 R14: 0000000000000005 R15: 0000000000000003
CPU: 0 PID: 17847 Comm: syz-executor.3 Tainted: G        W       4.14.115 #5
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x138/0x19c lib/dump_stack.c:53
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold+0x10f/0x159 lib/fault-inject.c:149
 should_failslab+0xdb/0x130 mm/failslab.c:32
Mem-Info:
 slab_pre_alloc_hook mm/slab.h:421 [inline]
 slab_alloc mm/slab.c:3376 [inline]
 kmem_cache_alloc+0x47/0x780 mm/slab.c:3550
active_anon:142491 inactive_anon:197 isolated_anon:0
 active_file:8913 inactive_file:16233 isolated_file:0
 unevictable:21 dirty:390 writeback:21 unstable:0
 slab_reclaimable:13171 slab_unreclaimable:108561
 mapped:58979 shmem:242 pagetables:2095 bounce:0
 free:1243273 free_pcp:246 free_cma:0
 __sigqueue_alloc+0x1da/0x400 kernel/signal.c:386
Node 0 active_anon:569964kB inactive_anon:788kB active_file:35512kB inactive_file:64932kB unevictable:84kB isolated(anon):0kB isolated(file):0kB mapped:235916kB dirty:1552kB writeback:84kB shmem:968kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 505856kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
 __send_signal+0x1a2/0x1280 kernel/signal.c:1083
 send_signal+0x49/0xc0 kernel/signal.c:1149
Node 1 active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:8kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 0kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no
 specific_send_sig_info kernel/signal.c:1194 [inline]
 force_sig_info+0x243/0x350 kernel/signal.c:1246
 force_sig_info_fault.constprop.0+0x1c6/0x2b0 arch/x86/mm/fault.c:225
Node 0 
 __bad_area_nosemaphore+0x1dc/0x2a0 arch/x86/mm/fault.c:923
 __bad_area arch/x86/mm/fault.c:957 [inline]
 bad_area+0x69/0x80 arch/x86/mm/fault.c:964
DMA free:15908kB min:216kB low:268kB high:320kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
 __do_page_fault+0x86f/0xb80 arch/x86/mm/fault.c:1395
lowmem_reserve[]:
 do_page_fault+0x71/0x515 arch/x86/mm/fault.c:1500
 0
 page_fault+0x45/0x50 arch/x86/entry/entry_64.S:1104
RIP: 0033:0x452a5f
RSP: 002b:00007f33453d2a88 EFLAGS: 00010283
 2580
RAX: 00007f33453d2b40 RBX: 0000000000000010 RCX: 0000000000000000
RDX: 00000000000000e0 RSI: 0000000000000000 RDI: 00007f33453d2b40
RBP: 0000000000000000 R08: 00000000000000e0 R09: 000000000000000a
R10: 0000000000000075 R11: 00000000004e31a0 R12: 0000000000000004
 2580
R13: 00000000004c78d3 R14: 00000000004dd8f8 R15: 0000000000000003
 2580
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
Node 0 DMA32 free:1174604kB min:36468kB low:45584kB high:54700kB active_anon:565768kB inactive_anon:796kB active_file:35444kB inactive_file:64968kB unevictable:0kB writepending:1612kB present:3129332kB managed:2644920kB mlocked:0kB kernel_stack:8576kB pagetables:8432kB bounce:0kB free_pcp:1004kB local_pcp:324kB free_cma:0kB
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
net_ratelimit: 6 callbacks suppressed
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
lowmem_reserve[]: 0 0 0 0
Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
lowmem_reserve[]: 0 0 0 0
Node 1 Normal free:3786812kB min:53420kB low:66772kB high:80124kB active_anon:0kB inactive_anon:0kB active_file:140kB inactive_file:0kB unevictable:0kB writepending:8kB present:3932160kB managed:3870208kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
lowmem_reserve[]: 0 0 0 0
Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB
Node 0 DMA32: 5904*4kB (UME) 2372*8kB (UME) 576*16kB (UME) 979*32kB (UME) 451*64kB (UM) 102*128kB (UME) 26*256kB (UM) 18*512kB (UME) 21*1024kB (UME) 8*2048kB (UE) 242*4096kB (UM) = 1170048kB
Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
Node 1 Normal: 57*4kB (UE) 337*8kB (UME) 259*16kB (UM) 65*32kB (UME) 18*64kB (UME) 8*128kB (UE) 4*256kB (UM) 4*512kB (UE) 2*1024kB (ME) 5*2048kB (UME) 918*4096kB (M) = 3786812kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
25380 total pagecache pages
0 pages in swap cache
Swap cache stats: add 0, delete 0, find 0/0
Free swap  = 0kB
Total swap = 0kB
1965979 pages RAM
0 pages HighMem/MovableOnly
333220 pages reserved
0 pages cma reserved
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
 loop1: p1 < > p4
gfs2: not a GFS2 filesystem
loop1: partition table partially beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
loop1: p1 size 2 extends beyond EOD, truncated
kobject: 'loop1p1' (ffff888061ff2218): kobject_add_internal: parent: 'loop1', set: 'devices'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop1p1' (ffff888061ff2218): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1p1' (ffff888061ff2218): kobject_uevent_env: uevent_suppress caused the event to drop!
kobject: 'holders' (ffff8880a7176380): kobject_add_internal: parent: 'loop1p1', set: '<NULL>'
kobject: 'loop1p1' (ffff888061ff2218): kobject_uevent_env
kobject: 'loop1p1' (ffff888061ff2218): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
loop1: p4 start 1854537728 is beyond EOD, truncated
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
gfs2: not a GFS2 filesystem
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'holders' (ffff8880a7176380): kobject_cleanup, parent ffff888061ff2218
kobject: 'holders' (ffff8880a7176380): auto cleanup kobject_del
kobject: 'holders' (ffff8880a7176380): calling ktype release
kobject: (ffff8880a7176380): dynamic_kobj_release
kobject: 'holders': free name
kobject: 'loop1p1' (ffff888061ff2218): kobject_uevent_env
kobject: 'loop1p1' (ffff888061ff2218): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop1p1' (ffff888061ff2218): kobject_cleanup, parent           (null)
kobject: 'loop1p1' (ffff888061ff2218): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
Dev loop1: unable to read RDB block 8
 loop1: unable to read partition table
loop1: partition table beyond EOD, truncated
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
gfs2: not a GFS2 filesystem
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
gfs2: not a GFS2 filesystem
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
gfs2: not a GFS2 filesystem
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
gfs2: not a GFS2 filesystem
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
IPVS: Error connecting to the multicast addr
IPVS: Error connecting to the multicast addr
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
IPVS: Error connecting to the multicast addr
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
IPVS: Unknown mcast interface: p
IPVS: sync thread started: state = MASTER, mcast_ifn = syz_tun, syncid = 0, id = 0
gfs2: not a GFS2 filesystem
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
IPVS: Error connecting to the multicast addr
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
 loop1: p1 < > p4
loop1: partition table partially beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
loop1: p1 size 2 extends beyond EOD, truncated
kobject: 'loop1p1' (ffff888085710258): kobject_add_internal: parent: 'loop1', set: 'devices'
kobject: 'loop1p1' (ffff888085710258): kobject_uevent_env
kobject: 'loop1p1' (ffff888085710258): kobject_uevent_env: uevent_suppress caused the event to drop!
kobject: 'holders' (ffff88809f852a80): kobject_add_internal: parent: 'loop1p1', set: '<NULL>'
kobject: 'loop1p1' (ffff888085710258): kobject_uevent_env
kobject: 'loop1p1' (ffff888085710258): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
loop1: p4 start 1854537728 is beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'holders' (ffff88809f852a80): kobject_cleanup, parent ffff888085710258
kobject: 'holders' (ffff88809f852a80): auto cleanup kobject_del
kobject: 'holders' (ffff88809f852a80): calling ktype release
kobject: (ffff88809f852a80): dynamic_kobj_release
kobject: 'holders': free name
kobject: 'loop1p1' (ffff888085710258): kobject_uevent_env
kobject: 'loop1p1' (ffff888085710258): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
kobject: 'loop1p1' (ffff888085710258): kobject_cleanup, parent           (null)
kobject: 'loop1p1' (ffff888085710258): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
IPVS: Error connecting to the multicast addr
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'kvm' (ffff8880a6e4a210): kobject_uevent_env
kobject: 'kvm' (ffff8880a6e4a210): fill_kobj_path: path = '/devices/virtual/misc/kvm'
IPVS: Error connecting to the multicast addr
kobject: 'kvm' (ffff8880a6e4a210): kobject_uevent_env
kobject: 'kvm' (ffff8880a6e4a210): fill_kobj_path: path = '/devices/virtual/misc/kvm'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
gfs2: not a GFS2 filesystem
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
 loop1: p1 < > p4
loop1: partition table partially beyond EOD, truncated
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
loop1: p1 size 2 extends beyond EOD, truncated
kobject: 'loop1p1' (ffff888066b502d8): kobject_add_internal: parent: 'loop1', set: 'devices'
kobject: 'loop1p1' (ffff888066b502d8): kobject_uevent_env
kobject: 'loop1p1' (ffff888066b502d8): kobject_uevent_env: uevent_suppress caused the event to drop!
net_ratelimit: 4 callbacks suppressed
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_0
protocol 88fb is buggy, dev hsr_slave_1
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'holders' (ffff8880956ca780): kobject_add_internal: parent: 'loop1p1', set: '<NULL>'
kobject: 'loop1p1' (ffff888066b502d8): kobject_uevent_env
kobject: 'loop1p1' (ffff888066b502d8): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
loop1: p4 start 1854537728 is beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'holders' (ffff8880956ca780): kobject_cleanup, parent ffff888066b502d8
kobject: 'holders' (ffff8880956ca780): auto cleanup kobject_del
kobject: 'holders' (ffff8880956ca780): calling ktype release
kobject: (ffff8880956ca780): dynamic_kobj_release
kobject: 'holders': free name
kobject: 'loop1p1' (ffff888066b502d8): kobject_uevent_env
kobject: 'loop1p1' (ffff888066b502d8): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
 loop1: p1 < > p4
loop1: partition table partially beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
loop1: p1 size 2 extends beyond EOD, truncated
kobject: 'loop1p1' (ffff888066b502d8): kobject_cleanup, parent           (null)
kobject: 'loop1p1' (ffff888066b502d8): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop1p1' (ffff888089fe2b18): kobject_add_internal: parent: 'loop1', set: 'devices'
kobject: 'loop1p1' (ffff888089fe2b18): kobject_uevent_env
kobject: 'loop1p1' (ffff888089fe2b18): kobject_uevent_env: uevent_suppress caused the event to drop!
kobject: 'holders' (ffff88809dfc6c00): kobject_add_internal: parent: 'loop1p1', set: '<NULL>'
kobject: 'loop1p1' (ffff888089fe2b18): kobject_uevent_env
kobject: 'loop1p1' (ffff888089fe2b18): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
loop1: p4 start 1854537728 is beyond EOD, truncated
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'holders' (ffff88809dfc6c00): kobject_cleanup, parent ffff888089fe2b18
kobject: 'holders' (ffff88809dfc6c00): auto cleanup kobject_del
kobject: 'holders' (ffff88809dfc6c00): calling ktype release
kobject: (ffff88809dfc6c00): dynamic_kobj_release
kobject: 'holders': free name
kobject: 'loop1p1' (ffff888089fe2b18): kobject_uevent_env
kobject: 'loop1p1' (ffff888089fe2b18): fill_kobj_path: path = '/devices/virtual/block/loop1/loop1p1'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop1p1' (ffff888089fe2b18): kobject_cleanup, parent           (null)
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1p1' (ffff888089fe2b18): calling ktype release
kobject: 'loop1p1': free name
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
gfs2: not a GFS2 filesystem
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop2' (ffff8880a49f7760): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop2' (ffff8880a49f7760): fill_kobj_path: path = '/devices/virtual/block/loop2'
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
protocol 88fb is buggy, dev hsr_slave_0
kauditd_printk_skb: 4 callbacks suppressed
audit: type=1800 audit(1556892734.349:135): pid=18213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op="collect_data" cause="failed(directio)" comm="syz-executor.4" name="snapshot" dev="sda1" ino=17738 res=0
protocol 88fb is buggy, dev hsr_slave_1
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
gfs2: not a GFS2 filesystem
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'loop5' (ffff8880a4ade120): kobject_uevent_env
kobject: 'loop5' (ffff8880a4ade120): fill_kobj_path: path = '/devices/virtual/block/loop5'
kobject: 'loop1' (ffff8880a49bae60): kobject_uevent_env
kobject: 'loop1' (ffff8880a49bae60): fill_kobj_path: path = '/devices/virtual/block/loop1'
kobject: 'loop3' (ffff8880a4a457e0): kobject_uevent_env
kobject: 'loop3' (ffff8880a4a457e0): fill_kobj_path: path = '/devices/virtual/block/loop3'
kobject: 'integrity' (ffff8880a49812d0): kobject_uevent_env
kobject: 'integrity' (ffff8880a49812d0): kobject_uevent_env: filter function caused the event to drop!
kobject: 'integrity' (ffff8880a49812d0): kobject_cleanup, parent           (null)
kobject: 'integrity' (ffff8880a49812d0): does not have a release() function, it is broken and must be fixed.
kobject: 'integrity': free name
kobject: '7:0' (ffff8880a49804d0): kobject_uevent_env
kobject: '7:0' (ffff8880a49804d0): fill_kobj_path: path = '/devices/virtual/bdi/7:0'
kobject: '7:0' (ffff8880a49804d0): kobject_cleanup, parent           (null)
kobject: '7:0' (ffff8880a49804d0): calling ktype release
kobject: '7:0': free name
kobject: 'mq' (ffff8880a4967188): kobject_uevent_env
kobject: 'mq' (ffff8880a4967188): kobject_uevent_env: filter function caused the event to drop!
kobject: 'iosched' (ffff8880a496f210): kobject_uevent_env
kobject: 'iosched' (ffff8880a496f210): kobject_uevent_env: filter function caused the event to drop!
kobject: 'queue' (ffff8880a4967148): kobject_uevent_env
kobject: 'queue' (ffff8880a4967148): kobject_uevent_env: filter function caused the event to drop!
kobject: 'holders' (ffff8880a4877480): kobject_cleanup, parent ffff8880a4980de0
kobject: 'holders' (ffff8880a4877480): auto cleanup kobject_del
kobject: 'holders' (ffff8880a4877480): calling ktype release
kobject: (ffff8880a4877480): dynamic_kobj_release
kobject: 'holders': free name
kobject: 'slaves' (ffff8880a4877400): kobject_cleanup, parent ffff8880a4980de0
kobject: 'slaves' (ffff8880a4877400): auto cleanup kobject_del
kobject: 'slaves' (ffff8880a4877400): calling ktype release
kobject: (ffff8880a4877400): dynamic_kobj_release
kobject: 'slaves': free name
kobject: 'loop0' (ffff8880a4980de0): kobject_uevent_env
kobject: 'loop0' (ffff8880a4980de0): fill_kobj_path: path = '/devices/virtual/block/loop0'
kobject: 'loop0' (ffff8880a4980de0): kobject_cleanup, parent           (null)
gfs2: not a GFS2 filesystem
Dev loop1: unable to read RDB block 9
 loop1: unable to read partition table
kobject: 'loop0' (ffff8880a4980de0): calling ktype release

Crashes (4):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-linux-4-14 2019/05/03 14:12 linux-4.14.y 1c046f373132 1bfa09b9 .config log report
ci2-linux-4-14 2019/05/02 22:44 linux-4.14.y 1c046f373132 e9039493 .config log report
ci2-linux-4-14 2019/05/01 08:52 linux-4.14.y fa5941f45d7e 618456b4 .config log report
ci2-linux-4-14 2019/04/16 08:05 linux-4.14.y 1ec8f1f0bffe 505ab413 .config log report