Warning: Permanently added '10.128.0.27' (ECDSA) to the list of known hosts. syzkaller login: [ 26.840796] FAULT_INJECTION: forcing a failure. [ 26.840796] name failslab, interval 1, probability 0, space 0, times 1 [ 26.852429] CPU: 0 PID: 7959 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 26.860431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 26.869778] Call Trace: [ 26.872359] dump_stack+0x1b2/0x281 [ 26.875970] should_fail.cold+0x10a/0x149 [ 26.880107] should_failslab+0xd6/0x130 [ 26.884066] kmem_cache_alloc+0x28e/0x3c0 [ 26.888197] radix_tree_node_alloc.constprop.0+0x5a/0x2f0 [ 26.893722] ? trace_hardirqs_on+0x10/0x10 [ 26.897948] idr_get_free_cmn+0x595/0x8d0 [ 26.902105] idr_alloc_cmn+0xe8/0x1e0 [ 26.905985] ? __fprop_inc_percpu_max+0x1d0/0x1d0 [ 26.910827] ? lock_acquire+0x170/0x3f0 [ 26.914801] cma_alloc_port+0x16f/0x300 [ 26.919532] ? rdma_reject+0x2f0/0x2f0 [ 26.923418] rdma_bind_addr+0x1d74/0x23f0 [ 26.927638] ? rdma_connect+0x15c0/0x15c0 [ 26.931775] ? __mutex_unlock_slowpath+0x75/0x770 [ 26.936614] ? __radix_tree_lookup+0x1b5/0x2e0 [ 26.941206] rdma_listen+0x8f/0x9b0 [ 26.944903] ucma_listen+0x10b/0x170 [ 26.948601] ? ucma_bind_ip+0x150/0x150 [ 26.952556] ? _copy_from_user+0x96/0x100 [ 26.956703] ? ucma_bind_ip+0x150/0x150 [ 26.960670] ucma_write+0x206/0x2c0 [ 26.964290] ? ucma_set_ib_path+0x510/0x510 [ 26.968598] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 26.973520] __vfs_write+0xe4/0x630 [ 26.977133] ? ucma_set_ib_path+0x510/0x510 [ 26.982065] ? kernel_read+0x110/0x110 [ 26.985948] ? common_file_perm+0x3ee/0x580 [ 26.990271] ? security_file_permission+0x82/0x1e0 [ 26.995195] ? rw_verify_area+0xe1/0x2a0 [ 26.999242] vfs_write+0x17f/0x4d0 [ 27.002776] SyS_write+0xf2/0x210 [ 27.006218] ? SyS_read+0x210/0x210 [ 27.009828] ? __do_page_fault+0x159/0xad0 [ 27.014231] ? do_syscall_64+0x4c/0x640 [ 27.018202] ? SyS_read+0x210/0x210 [ 27.021825] do_syscall_64+0x1d5/0x640 [ 27.025707] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.030893] RIP: 0033:0x7f7e9efbfe69 [ 27.034592] RSP: 002b:00007f7e9ef712f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 27.042296] RAX: ffffffffffffffda RBX: 00007f7e9f0494c8 RCX: 00007f7e9efbfe69 [ 27.049557] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 27.056813] RBP: 00007f7e9f0494c0 R08: 0000000000000001 R09: 0000000000000032 [ 27.064076] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 27.071331] R13: 00007f7e9ef71300 R14: 0000000000000001 R15: 0000000000022000 [ 27.091574] FAULT_INJECTION: forcing a failure. [ 27.091574] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 27.091711] FAULT_INJECTION: forcing a failure. [ 27.091711] name fail_futex, interval 1, probability 0, space 0, times 1 [ 27.103577] FAULT_INJECTION: forcing a failure. [ 27.103577] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 27.117447] FAULT_INJECTION: forcing a failure. [ 27.117447] name fail_futex, interval 1, probability 0, space 0, times 1 [ 27.128762] CPU: 0 PID: 7980 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 27.146025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 27.155478] Call Trace: [ 27.158061] dump_stack+0x1b2/0x281 [ 27.161698] should_fail.cold+0x10a/0x149 [ 27.165961] __alloc_pages_nodemask+0x22c/0x2720 [ 27.170890] ? kasan_slab_free+0xc3/0x1a0 [ 27.175212] ? ___pmd_free_tlb+0xa3/0xf0 [ 27.179256] ? free_pgd_range+0x697/0xcd0 [ 27.183421] ? exit_mmap+0x27f/0x4d0 [ 27.187128] ? mmput+0xfa/0x420 [ 27.190397] ? do_exit+0x984/0x2850 [ 27.194013] ? do_signal+0x7c/0x1550 [ 27.197712] ? exit_to_usermode_loop+0x160/0x200 [ 27.202469] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.207903] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.212902] ? lock_acquire+0x170/0x3f0 [ 27.217030] ? lock_downgrade+0x740/0x740 [ 27.221264] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 27.226520] ? exit_to_usermode_loop+0x160/0x200 [ 27.231292] ? ___pmd_free_tlb+0xa3/0xf0 [ 27.235346] alloc_pages_current+0x155/0x260 [ 27.239746] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 27.244748] __get_free_pages+0xb/0x40 [ 27.248824] tlb_remove_table+0x15c/0x240 [ 27.252981] free_pgd_range+0x697/0xcd0 [ 27.257037] free_pgtables+0x1ec/0x2b0 [ 27.260911] exit_mmap+0x27f/0x4d0 [ 27.264443] ? SyS_remap_file_pages+0x6a0/0x6a0 [ 27.269122] ? kmem_cache_free+0x23a/0x2b0 [ 27.273345] ? __khugepaged_exit+0x29b/0x3c0 [ 27.277743] mmput+0xfa/0x420 [ 27.280833] do_exit+0x984/0x2850 [ 27.284268] ? wake_up_q+0x82/0xd0 [ 27.287795] ? __mutex_unlock_slowpath+0x261/0x770 [ 27.292703] ? mm_update_next_owner+0x5b0/0x5b0 [ 27.297354] ? get_signal+0x323/0x1ca0 [ 27.301237] ? lock_acquire+0x170/0x3f0 [ 27.305193] ? lock_downgrade+0x740/0x740 [ 27.309326] do_group_exit+0x100/0x2e0 [ 27.313198] get_signal+0x38d/0x1ca0 [ 27.316897] ? ucma_bind_ip+0x150/0x150 [ 27.320849] ? ucma_bind_ip+0x150/0x150 [ 27.324808] ? ucma_set_ib_path+0x510/0x510 [ 27.329122] do_signal+0x7c/0x1550 [ 27.332655] ? fsnotify+0x974/0x11b0 [ 27.336359] ? ucma_set_ib_path+0x510/0x510 [ 27.340670] ? __handle_mm_fault+0x80f/0x4620 [ 27.345156] ? setup_sigcontext+0x820/0x820 [ 27.349465] ? __fsnotify_inode_delete+0x20/0x20 [ 27.354203] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 27.360852] ? security_file_permission+0x82/0x1e0 [ 27.365763] ? rw_verify_area+0xe1/0x2a0 [ 27.369803] ? vfs_write+0x319/0x4d0 [ 27.373496] ? fput_many+0xe/0x140 [ 27.377018] ? exit_to_usermode_loop+0x41/0x200 [ 27.381667] exit_to_usermode_loop+0x160/0x200 [ 27.386235] do_syscall_64+0x4a3/0x640 [ 27.390114] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.395372] RIP: 0033:0x7f7e9efbfe69 [ 27.399066] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 27.406766] RAX: 0000000000000010 RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 27.414103] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 27.421354] RBP: 00007f7e9f0494d0 R08: 0000000000000001 R09: 0000000000000032 [ 27.428606] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 27.435855] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 27.443240] CPU: 1 PID: 7981 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 27.451123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 27.460466] Call Trace: [ 27.463042] dump_stack+0x1b2/0x281 [ 27.466676] should_fail.cold+0x10a/0x149 [ 27.470819] get_futex_key+0x82a/0x11b0 [ 27.474776] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 27.479427] ? try_to_wake_up+0x6de/0x1100 [ 27.483648] futex_wait_setup+0xb3/0x260 [ 27.487695] ? futex_wake+0x3c0/0x3c0 [ 27.491475] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 27.495245] FAULT_INJECTION: forcing a failure. [ 27.495245] name fail_futex, interval 1, probability 0, space 0, times 1 [ 27.496564] ? try_to_wake_up+0x6de/0x1100 [ 27.496574] futex_wait+0x199/0x5a0 [ 27.496585] ? futex_wait_setup+0x260/0x260 [ 27.512581] FAULT_INJECTION: forcing a failure. [ 27.512581] name fail_futex, interval 1, probability 0, space 0, times 1 [ 27.515761] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 27.515768] ? wake_up_q+0x82/0xd0 [ 27.515776] ? hash_futex+0x12/0x200 [ 27.543359] ? drop_futex_key_refs+0x2e/0xa0 [ 27.547756] ? futex_wake+0x116/0x3c0 [ 27.551559] do_futex+0x1d8/0x1570 [ 27.555088] ? ucma_bind_ip+0x150/0x150 [ 27.559043] ? ucma_write+0xf9/0x2c0 [ 27.562739] ? ucma_set_ib_path+0x510/0x510 [ 27.567045] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 27.571967] ? futex_exit_release+0x220/0x220 [ 27.576974] ? fsnotify+0x974/0x11b0 [ 27.580674] ? ucma_set_ib_path+0x510/0x510 [ 27.584986] ? __handle_mm_fault+0x80f/0x4620 [ 27.589469] ? __fsnotify_inode_delete+0x20/0x20 [ 27.594208] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 27.600856] ? security_file_permission+0x82/0x1e0 [ 27.605771] SyS_futex+0x1da/0x290 [ 27.609293] ? do_futex+0x1570/0x1570 [ 27.613093] ? SyS_read+0x210/0x210 [ 27.616718] ? __do_page_fault+0x159/0xad0 [ 27.620935] ? do_syscall_64+0x4c/0x640 [ 27.624915] ? do_futex+0x1570/0x1570 [ 27.628719] do_syscall_64+0x1d5/0x640 [ 27.632593] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.637764] RIP: 0033:0x7f7e9efbfe69 [ 27.641455] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 27.649175] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 27.656445] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 27.663696] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 27.670947] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 27.678221] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 27.685498] CPU: 0 PID: 7978 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 27.693382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 27.702753] Call Trace: [ 27.705337] dump_stack+0x1b2/0x281 [ 27.709024] should_fail.cold+0x10a/0x149 [ 27.713168] __alloc_pages_nodemask+0x22c/0x2720 [ 27.717921] ? kasan_slab_free+0xc3/0x1a0 [ 27.722083] ? ___pmd_free_tlb+0xa3/0xf0 [ 27.726135] ? free_pgd_range+0x697/0xcd0 [ 27.730283] ? exit_mmap+0x27f/0x4d0 [ 27.733996] ? mmput+0xfa/0x420 [ 27.737591] ? do_exit+0x984/0x2850 [ 27.741216] ? do_signal+0x7c/0x1550 [ 27.744928] ? exit_to_usermode_loop+0x160/0x200 [ 27.749684] ? entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.755096] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.760198] ? lock_acquire+0x170/0x3f0 [ 27.764166] ? lock_downgrade+0x740/0x740 [ 27.768308] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 27.773159] ? exit_to_usermode_loop+0x160/0x200 [ 27.778028] ? ___pmd_free_tlb+0xa3/0xf0 [ 27.782084] alloc_pages_current+0x155/0x260 [ 27.786475] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 27.791472] __get_free_pages+0xb/0x40 [ 27.795344] tlb_remove_table+0x15c/0x240 [ 27.799492] free_pgd_range+0x697/0xcd0 [ 27.803468] free_pgtables+0x1ec/0x2b0 [ 27.807338] exit_mmap+0x27f/0x4d0 [ 27.810859] ? SyS_remap_file_pages+0x6a0/0x6a0 [ 27.815750] ? kmem_cache_free+0x23a/0x2b0 [ 27.819978] ? __khugepaged_exit+0x29b/0x3c0 [ 27.824374] mmput+0xfa/0x420 [ 27.827469] do_exit+0x984/0x2850 [ 27.830913] ? wake_up_q+0x82/0xd0 [ 27.834445] ? __mutex_unlock_slowpath+0x261/0x770 [ 27.839355] ? mm_update_next_owner+0x5b0/0x5b0 [ 27.844004] ? get_signal+0x323/0x1ca0 [ 27.847886] ? lock_acquire+0x170/0x3f0 [ 27.851850] ? lock_downgrade+0x740/0x740 [ 27.855991] do_group_exit+0x100/0x2e0 [ 27.859863] get_signal+0x38d/0x1ca0 [ 27.863574] ? ucma_bind_ip+0x150/0x150 [ 27.867546] ? ucma_bind_ip+0x150/0x150 [ 27.871503] ? ucma_set_ib_path+0x510/0x510 [ 27.875814] do_signal+0x7c/0x1550 [ 27.879349] ? fsnotify+0x974/0x11b0 [ 27.883041] ? ucma_set_ib_path+0x510/0x510 [ 27.887350] ? __handle_mm_fault+0x80f/0x4620 [ 27.891830] ? setup_sigcontext+0x820/0x820 [ 27.896135] ? __fsnotify_inode_delete+0x20/0x20 [ 27.900986] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 27.907639] ? security_file_permission+0x82/0x1e0 [ 27.912558] ? rw_verify_area+0xe1/0x2a0 [ 27.916602] ? vfs_write+0x319/0x4d0 [ 27.920298] ? fput_many+0xe/0x140 [ 27.923822] ? exit_to_usermode_loop+0x41/0x200 [ 27.928480] exit_to_usermode_loop+0x160/0x200 [ 27.933046] do_syscall_64+0x4a3/0x640 [ 27.936921] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.942095] RIP: 0033:0x7f7e9efbfe69 [ 27.945786] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 27.953476] RAX: 0000000000000010 RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 27.960831] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 27.968170] RBP: 00007f7e9f0494d0 R08: 0000000000000001 R09: 0000000000000032 [ 27.975422] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 27.982670] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 27.989938] CPU: 1 PID: 7982 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 27.998080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 28.007414] Call Trace: [ 28.009983] dump_stack+0x1b2/0x281 [ 28.013590] should_fail.cold+0x10a/0x149 [ 28.017727] ? trace_hardirqs_on+0x10/0x10 [ 28.021962] get_futex_key+0x82a/0x11b0 [ 28.025919] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.030567] ? __schedule+0x893/0x1de0 [ 28.034437] futex_wait_setup+0xb3/0x260 [ 28.038482] ? futex_wake+0x3c0/0x3c0 [ 28.042260] ? do_raw_spin_unlock+0x164/0x220 [ 28.046756] futex_wait+0x199/0x5a0 [ 28.050371] ? futex_wait_setup+0x260/0x260 [ 28.054758] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.059407] ? hash_futex+0x12/0x200 [ 28.063098] ? drop_futex_key_refs+0x2e/0xa0 [ 28.067485] ? futex_wake+0x116/0x3c0 [ 28.071273] do_futex+0x1d8/0x1570 [ 28.074794] ? ucma_bind_ip+0x150/0x150 [ 28.078746] ? ucma_write+0xf9/0x2c0 [ 28.082437] ? ucma_set_ib_path+0x510/0x510 [ 28.086758] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.091666] ? futex_exit_release+0x220/0x220 [ 28.096144] ? fsnotify+0x974/0x11b0 [ 28.099844] ? ucma_set_ib_path+0x510/0x510 [ 28.104148] ? __handle_mm_fault+0x80f/0x4620 [ 28.108625] ? __fsnotify_inode_delete+0x20/0x20 [ 28.113359] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 28.120022] ? security_file_permission+0x82/0x1e0 [ 28.124933] SyS_futex+0x1da/0x290 [ 28.128455] ? do_futex+0x1570/0x1570 [ 28.132234] ? SyS_read+0x210/0x210 [ 28.135839] ? __do_page_fault+0x159/0xad0 [ 28.140068] ? do_syscall_64+0x4c/0x640 [ 28.144034] ? do_futex+0x1570/0x1570 [ 28.147810] do_syscall_64+0x1d5/0x640 [ 28.151679] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.156874] RIP: 0033:0x7f7e9efbfe69 [ 28.160564] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 28.168260] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 28.175508] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 28.182756] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 28.190006] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 28.197257] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 28.204515] CPU: 0 PID: 7989 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 28.212401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 28.221745] Call Trace: [ 28.224437] dump_stack+0x1b2/0x281 [ 28.228059] should_fail.cold+0x10a/0x149 [ 28.232198] get_futex_key+0x82a/0x11b0 [ 28.236193] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.240870] ? io_schedule_timeout+0x140/0x140 [ 28.245438] futex_wait_setup+0xb3/0x260 [ 28.249486] ? futex_wake+0x3c0/0x3c0 [ 28.253285] futex_wait+0x199/0x5a0 [ 28.256907] ? futex_wait_setup+0x260/0x260 [ 28.261221] ? lock_downgrade+0x740/0x740 [ 28.265361] ? wake_up_q+0x82/0xd0 [ 28.268889] ? drop_futex_key_refs+0x2e/0xa0 [ 28.273289] ? futex_wake+0x116/0x3c0 [ 28.277082] do_futex+0x1d8/0x1570 [ 28.280607] ? trace_hardirqs_on+0x10/0x10 [ 28.284848] ? get_pid_task+0xb8/0x130 [ 28.288717] ? proc_fail_nth_write+0x7b/0x180 [ 28.293201] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.298114] ? futex_exit_release+0x220/0x220 [ 28.302589] ? fsnotify+0x974/0x11b0 [ 28.306374] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.311281] ? __handle_mm_fault+0x80f/0x4620 [ 28.315753] ? __fget+0x23e/0x3e0 [ 28.319195] ? lock_acquire+0x170/0x3f0 [ 28.323152] ? lock_downgrade+0x740/0x740 [ 28.327279] ? __fget+0x265/0x3e0 [ 28.330714] SyS_futex+0x1da/0x290 [ 28.334235] ? do_futex+0x1570/0x1570 [ 28.338013] ? SyS_read+0x210/0x210 [ 28.341623] ? __do_page_fault+0x159/0xad0 [ 28.345838] ? do_syscall_64+0x4c/0x640 [ 28.349794] ? do_futex+0x1570/0x1570 [ 28.353579] do_syscall_64+0x1d5/0x640 [ 28.357460] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.362647] RIP: 0033:0x7f7e9efbfe69 [ 28.366342] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 28.374045] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 28.381295] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 28.388544] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 28.395798] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 28.403055] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 28.410325] CPU: 1 PID: 7984 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 28.418202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 28.427536] Call Trace: [ 28.430112] dump_stack+0x1b2/0x281 [ 28.433896] should_fail.cold+0x10a/0x149 [ 28.438024] ? cpuacct_charge+0x1cf/0x350 [ 28.442156] get_futex_key+0x82a/0x11b0 [ 28.446119] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.450768] ? check_preempt_wakeup+0x3b4/0xce0 [ 28.455422] futex_wait_setup+0xb3/0x260 [ 28.459464] ? futex_wake+0x3c0/0x3c0 [ 28.463267] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 28.468266] futex_wait+0x199/0x5a0 [ 28.471873] ? futex_wait_setup+0x260/0x260 [ 28.476176] ? lock_downgrade+0x740/0x740 [ 28.480305] ? wake_up_q+0x82/0xd0 [ 28.483825] ? drop_futex_key_refs+0x2e/0xa0 [ 28.488214] ? futex_wake+0x116/0x3c0 [ 28.492001] do_futex+0x1d8/0x1570 [ 28.495526] ? ucma_bind_ip+0x150/0x150 [ 28.499534] ? ucma_write+0xf9/0x2c0 [ 28.503229] ? ucma_set_ib_path+0x510/0x510 [ 28.507529] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.512453] ? futex_exit_release+0x220/0x220 [ 28.516937] ? __vfs_write+0xec/0x630 [ 28.520716] ? ucma_set_ib_path+0x510/0x510 [ 28.525016] ? __handle_mm_fault+0x80f/0x4620 [ 28.529506] ? kernel_read+0x110/0x110 [ 28.533377] ? common_file_perm+0x3ee/0x580 [ 28.537682] ? security_file_permission+0x82/0x1e0 [ 28.542596] SyS_futex+0x1da/0x290 [ 28.546115] ? do_futex+0x1570/0x1570 [ 28.550021] ? SyS_read+0x210/0x210 [ 28.553636] ? __do_page_fault+0x159/0xad0 [ 28.557853] ? do_syscall_64+0x4c/0x640 [ 28.561807] ? do_futex+0x1570/0x1570 [ 28.565586] do_syscall_64+0x1d5/0x640 [ 28.569476] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.574650] RIP: 0033:0x7f7e9efbfe69 [ 28.578379] RSP: 002b:00007f7e9ef712f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 28.586165] RAX: ffffffffffffffda RBX: 00007f7e9f0494c8 RCX: 00007f7e9efbfe69 [ 28.593431] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494c8 [ 28.600683] RBP: 00007f7e9f0494c0 R08: 0000000000000032 R09: 0000000000000032 [ 28.607951] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 28.615212] R13: 00007f7e9ef71300 R14: 0000000000000001 R15: 0000000000022000 [ 28.626924] FAULT_INJECTION: forcing a failure. [ 28.626924] name fail_futex, interval 1, probability 0, space 0, times 0 [ 28.641510] CPU: 0 PID: 7992 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 28.649428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 28.658779] Call Trace: [ 28.661366] dump_stack+0x1b2/0x281 [ 28.664983] should_fail.cold+0x10a/0x149 [ 28.669122] get_futex_key+0x82a/0x11b0 [ 28.672498] FAULT_INJECTION: forcing a failure. [ 28.672498] name failslab, interval 1, probability 0, space 0, times 0 [ 28.673092] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.673102] ? io_schedule_timeout+0x140/0x140 [ 28.673114] futex_wait_setup+0xb3/0x260 [ 28.673128] ? futex_wake+0x3c0/0x3c0 [ 28.701414] futex_wait+0x199/0x5a0 [ 28.705022] ? futex_wait_setup+0x260/0x260 [ 28.709337] ? lock_downgrade+0x740/0x740 [ 28.713592] ? wake_up_q+0x82/0xd0 [ 28.717099] FAULT_INJECTION: forcing a failure. [ 28.717099] name fail_futex, interval 1, probability 0, space 0, times 0 [ 28.717125] ? drop_futex_key_refs+0x2e/0xa0 [ 28.732898] ? futex_wake+0x116/0x3c0 [ 28.736696] do_futex+0x1d8/0x1570 [ 28.740222] ? trace_hardirqs_on+0x10/0x10 [ 28.744432] ? get_pid_task+0xb8/0x130 [ 28.748299] ? proc_fail_nth_write+0x7b/0x180 [ 28.752772] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.757684] ? futex_exit_release+0x220/0x220 [ 28.762160] ? fsnotify+0x974/0x11b0 [ 28.765850] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.770761] ? __handle_mm_fault+0x80f/0x4620 [ 28.775240] ? __fget+0x23e/0x3e0 [ 28.778675] ? lock_acquire+0x170/0x3f0 [ 28.782639] ? lock_downgrade+0x740/0x740 [ 28.786773] ? __fget+0x265/0x3e0 [ 28.790206] SyS_futex+0x1da/0x290 [ 28.793733] ? do_futex+0x1570/0x1570 [ 28.797511] ? SyS_read+0x210/0x210 [ 28.801118] ? __do_page_fault+0x159/0xad0 [ 28.805336] ? do_syscall_64+0x4c/0x640 [ 28.809398] ? do_futex+0x1570/0x1570 [ 28.813194] do_syscall_64+0x1d5/0x640 [ 28.817065] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.822248] RIP: 0033:0x7f7e9efbfe69 [ 28.825946] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 28.833638] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 28.840890] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 28.848144] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 28.855393] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 28.862643] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 28.869906] CPU: 1 PID: 8005 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 28.873881] FAULT_INJECTION: forcing a failure. [ 28.873881] name fail_futex, interval 1, probability 0, space 0, times 0 [ 28.877791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 28.877796] Call Trace: [ 28.877809] dump_stack+0x1b2/0x281 [ 28.877823] should_fail.cold+0x10a/0x149 [ 28.908777] get_futex_key+0x82a/0x11b0 [ 28.912747] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 28.917395] ? io_schedule_timeout+0x140/0x140 [ 28.921961] futex_wait_setup+0xb3/0x260 [ 28.926004] ? futex_wake+0x3c0/0x3c0 [ 28.926517] FAULT_INJECTION: forcing a failure. [ 28.926517] name fail_futex, interval 1, probability 0, space 0, times 0 [ 28.929790] futex_wait+0x199/0x5a0 [ 28.929801] ? futex_wait_setup+0x260/0x260 [ 28.929810] ? lock_downgrade+0x740/0x740 [ 28.929819] ? wake_up_q+0x82/0xd0 [ 28.929826] ? drop_futex_key_refs+0x2e/0xa0 [ 28.929833] ? futex_wake+0x116/0x3c0 [ 28.929849] do_futex+0x1d8/0x1570 [ 28.929857] ? trace_hardirqs_on+0x10/0x10 [ 28.929867] ? get_pid_task+0xb8/0x130 [ 28.947199] FAULT_INJECTION: forcing a failure. [ 28.947199] name fail_futex, interval 1, probability 0, space 0, times 0 [ 28.949140] ? proc_fail_nth_write+0x7b/0x180 [ 28.949148] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.949158] ? futex_exit_release+0x220/0x220 [ 28.949166] ? fsnotify+0x974/0x11b0 [ 28.949172] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.949179] ? __handle_mm_fault+0x80f/0x4620 [ 28.949185] ? __fget+0x23e/0x3e0 [ 28.949195] ? lock_acquire+0x170/0x3f0 [ 28.949203] ? lock_downgrade+0x740/0x740 [ 29.029525] ? __fget+0x265/0x3e0 [ 29.033082] SyS_futex+0x1da/0x290 [ 29.036605] ? do_futex+0x1570/0x1570 [ 29.040387] ? SyS_read+0x210/0x210 [ 29.043994] ? __do_page_fault+0x159/0xad0 [ 29.048231] ? do_syscall_64+0x4c/0x640 [ 29.052205] ? do_futex+0x1570/0x1570 [ 29.055988] do_syscall_64+0x1d5/0x640 [ 29.059857] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.065027] RIP: 0033:0x7f7e9efbfe69 [ 29.070019] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 29.077710] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 29.085047] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 29.092388] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 29.099676] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 29.106926] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 29.114190] CPU: 0 PID: 8006 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 29.122260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 29.131615] Call Trace: [ 29.134212] dump_stack+0x1b2/0x281 [ 29.137847] should_fail.cold+0x10a/0x149 [ 29.141999] get_futex_key+0x82a/0x11b0 [ 29.145985] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 29.150649] ? io_schedule_timeout+0x140/0x140 [ 29.155234] futex_wait_setup+0xb3/0x260 [ 29.159323] ? futex_wake+0x3c0/0x3c0 [ 29.163128] futex_wait+0x199/0x5a0 [ 29.166749] ? futex_wait_setup+0x260/0x260 [ 29.171062] ? lock_downgrade+0x740/0x740 [ 29.175205] ? wake_up_q+0x82/0xd0 [ 29.178746] ? drop_futex_key_refs+0x2e/0xa0 [ 29.183154] ? futex_wake+0x116/0x3c0 [ 29.186962] do_futex+0x1d8/0x1570 [ 29.190500] ? trace_hardirqs_on+0x10/0x10 [ 29.194722] ? get_pid_task+0xb8/0x130 [ 29.198619] ? proc_fail_nth_write+0x7b/0x180 [ 29.203096] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.208011] ? futex_exit_release+0x220/0x220 [ 29.212579] ? fsnotify+0x974/0x11b0 [ 29.216271] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.221182] ? __handle_mm_fault+0x80f/0x4620 [ 29.225655] ? __fget+0x23e/0x3e0 [ 29.229091] ? lock_acquire+0x170/0x3f0 [ 29.233050] ? lock_downgrade+0x740/0x740 [ 29.237178] ? __fget+0x265/0x3e0 [ 29.240617] SyS_futex+0x1da/0x290 [ 29.244138] ? do_futex+0x1570/0x1570 [ 29.247924] ? SyS_read+0x210/0x210 [ 29.251627] ? __do_page_fault+0x159/0xad0 [ 29.255848] ? do_syscall_64+0x4c/0x640 [ 29.259893] ? do_futex+0x1570/0x1570 [ 29.263684] do_syscall_64+0x1d5/0x640 [ 29.267570] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.272747] RIP: 0033:0x7f7e9efbfe69 [ 29.276444] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 29.284145] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 29.291398] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 29.298655] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 29.305904] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 29.313241] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 29.320520] CPU: 1 PID: 8001 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 29.328666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 29.338016] Call Trace: [ 29.340591] dump_stack+0x1b2/0x281 [ 29.344215] should_fail.cold+0x10a/0x149 [ 29.348361] should_failslab+0xd6/0x130 [ 29.352579] kmem_cache_alloc+0x28e/0x3c0 [ 29.356714] radix_tree_node_alloc.constprop.0+0x5a/0x2f0 [ 29.362247] ? trace_hardirqs_on+0x10/0x10 [ 29.366465] idr_get_free_cmn+0x595/0x8d0 [ 29.370616] idr_alloc_cmn+0xe8/0x1e0 [ 29.374398] ? __fprop_inc_percpu_max+0x1d0/0x1d0 [ 29.379222] ? lock_acquire+0x170/0x3f0 [ 29.383190] cma_alloc_port+0x16f/0x300 [ 29.387145] ? rdma_reject+0x2f0/0x2f0 [ 29.388601] FAULT_INJECTION: forcing a failure. [ 29.388601] name fail_futex, interval 1, probability 0, space 0, times 0 [ 29.391020] rdma_bind_addr+0x1d74/0x23f0 [ 29.391035] ? rdma_connect+0x15c0/0x15c0 [ 29.410913] ? __mutex_unlock_slowpath+0x75/0x770 [ 29.415738] ? __radix_tree_lookup+0x1b5/0x2e0 [ 29.420319] rdma_listen+0x8f/0x9b0 [ 29.423949] ucma_listen+0x10b/0x170 [ 29.427649] ? ucma_bind_ip+0x150/0x150 [ 29.431613] ? _copy_from_user+0x96/0x100 [ 29.435832] ? ucma_bind_ip+0x150/0x150 [ 29.439790] ucma_write+0x206/0x2c0 [ 29.443413] ? ucma_set_ib_path+0x510/0x510 [ 29.447715] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.452629] __vfs_write+0xe4/0x630 [ 29.456239] ? ucma_set_ib_path+0x510/0x510 [ 29.460540] ? __handle_mm_fault+0x80f/0x4620 [ 29.465143] ? kernel_read+0x110/0x110 [ 29.469016] ? common_file_perm+0x3ee/0x580 [ 29.473323] ? security_file_permission+0x82/0x1e0 [ 29.478413] ? rw_verify_area+0xe1/0x2a0 [ 29.482456] vfs_write+0x17f/0x4d0 [ 29.485981] SyS_write+0xf2/0x210 [ 29.489414] ? SyS_read+0x210/0x210 [ 29.493023] ? __do_page_fault+0x159/0xad0 [ 29.497240] ? do_syscall_64+0x4c/0x640 [ 29.501195] ? SyS_read+0x210/0x210 [ 29.504805] do_syscall_64+0x1d5/0x640 [ 29.508676] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.513848] RIP: 0033:0x7f7e9efbfe69 [ 29.517541] RSP: 002b:00007f7e9ef712f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 29.525227] RAX: ffffffffffffffda RBX: 00007f7e9f0494c8 RCX: 00007f7e9efbfe69 [ 29.532484] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 29.539737] RBP: 00007f7e9f0494c0 R08: 0000000000000001 R09: 0000000000000032 [ 29.546986] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 29.554236] R13: 00007f7e9ef71300 R14: 0000000000000001 R15: 0000000000022000 [ 29.561500] CPU: 0 PID: 8008 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 29.569382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 29.578829] Call Trace: [ 29.581418] dump_stack+0x1b2/0x281 [ 29.585047] should_fail.cold+0x10a/0x149 [ 29.589193] get_futex_key+0x82a/0x11b0 [ 29.593165] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 29.597838] ? io_schedule_timeout+0x140/0x140 [ 29.602410] futex_wait_setup+0xb3/0x260 [ 29.606472] ? futex_wake+0x3c0/0x3c0 [ 29.610382] futex_wait+0x199/0x5a0 [ 29.614009] ? futex_wait_setup+0x260/0x260 [ 29.618332] ? lock_downgrade+0x740/0x740 [ 29.622468] ? wake_up_q+0x82/0xd0 [ 29.625995] ? drop_futex_key_refs+0x2e/0xa0 [ 29.627251] FAULT_INJECTION: forcing a failure. [ 29.627251] name failslab, interval 1, probability 0, space 0, times 0 [ 29.630397] ? futex_wake+0x116/0x3c0 [ 29.630419] do_futex+0x1d8/0x1570 [ 29.648915] ? ucma_bind_ip+0x150/0x150 [ 29.652881] ? ucma_write+0xf9/0x2c0 [ 29.656582] ? ucma_set_ib_path+0x510/0x510 [ 29.660888] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.665822] ? futex_exit_release+0x220/0x220 [ 29.670299] ? __vfs_write+0xec/0x630 [ 29.674078] ? ucma_set_ib_path+0x510/0x510 [ 29.678380] ? __handle_mm_fault+0x80f/0x4620 [ 29.682861] ? kernel_read+0x110/0x110 [ 29.686741] ? common_file_perm+0x3ee/0x580 [ 29.691057] ? security_file_permission+0x82/0x1e0 [ 29.695975] SyS_futex+0x1da/0x290 [ 29.699510] ? do_futex+0x1570/0x1570 [ 29.703307] ? SyS_read+0x210/0x210 [ 29.706962] ? __do_page_fault+0x159/0xad0 [ 29.708436] FAULT_INJECTION: forcing a failure. [ 29.708436] name fail_futex, interval 1, probability 0, space 0, times 0 [ 29.711186] ? do_syscall_64+0x4c/0x640 [ 29.711196] ? do_futex+0x1570/0x1570 [ 29.711205] do_syscall_64+0x1d5/0x640 [ 29.711219] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.711226] RIP: 0033:0x7f7e9efbfe69 [ 29.711231] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 29.711240] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 29.711249] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 29.765435] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 29.772687] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 29.779938] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 29.787207] CPU: 1 PID: 8026 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 29.795079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 29.805020] Call Trace: [ 29.807592] dump_stack+0x1b2/0x281 [ 29.811205] should_fail.cold+0x10a/0x149 [ 29.815342] get_futex_key+0x82a/0x11b0 [ 29.819327] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 29.824063] ? io_schedule_timeout+0x140/0x140 [ 29.828625] futex_wait_setup+0xb3/0x260 [ 29.832670] ? futex_wake+0x3c0/0x3c0 [ 29.836462] futex_wait+0x199/0x5a0 [ 29.840141] ? futex_wait_setup+0x260/0x260 [ 29.844454] ? lock_downgrade+0x740/0x740 [ 29.848603] ? wake_up_q+0x82/0xd0 [ 29.852125] ? drop_futex_key_refs+0x2e/0xa0 [ 29.856523] ? futex_wake+0x116/0x3c0 [ 29.860329] do_futex+0x1d8/0x1570 [ 29.863863] ? trace_hardirqs_on+0x10/0x10 [ 29.868267] ? get_pid_task+0xb8/0x130 [ 29.872145] ? proc_fail_nth_write+0x7b/0x180 [ 29.876640] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.881555] ? futex_exit_release+0x220/0x220 [ 29.886034] ? fsnotify+0x974/0x11b0 [ 29.889727] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 29.894638] ? __handle_mm_fault+0x80f/0x4620 [ 29.899114] ? __fget+0x23e/0x3e0 [ 29.902567] ? lock_acquire+0x170/0x3f0 [ 29.906524] ? lock_downgrade+0x740/0x740 [ 29.910668] ? __fget+0x265/0x3e0 [ 29.914120] SyS_futex+0x1da/0x290 [ 29.917654] ? do_futex+0x1570/0x1570 [ 29.921445] ? SyS_read+0x210/0x210 [ 29.925073] ? __do_page_fault+0x159/0xad0 [ 29.929323] ? do_syscall_64+0x4c/0x640 [ 29.933287] ? do_futex+0x1570/0x1570 [ 29.937073] do_syscall_64+0x1d5/0x640 [ 29.940960] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 29.946147] RIP: 0033:0x7f7e9efbfe69 [ 29.949837] RSP: 002b:00007f7e9ef2f2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 29.957538] RAX: ffffffffffffffda RBX: 00007f7e9f0494e8 RCX: 00007f7e9efbfe69 [ 29.964791] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494e8 [ 29.972041] RBP: 00007f7e9f0494e0 R08: 0000000000000032 R09: 0000000000000032 [ 29.979293] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 29.986560] R13: 00007f7e9ef2f300 R14: 0000000000000001 R15: 0000000000022000 [ 29.993822] CPU: 0 PID: 8021 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 30.001700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 30.011057] Call Trace: [ 30.013632] dump_stack+0x1b2/0x281 [ 30.017242] should_fail.cold+0x10a/0x149 [ 30.021376] should_failslab+0xd6/0x130 [ 30.025337] kmem_cache_alloc+0x28e/0x3c0 [ 30.029469] radix_tree_node_alloc.constprop.0+0x5a/0x2f0 [ 30.035089] ? trace_hardirqs_on+0x10/0x10 [ 30.039312] idr_get_free_cmn+0x595/0x8d0 [ 30.043447] idr_alloc_cmn+0xe8/0x1e0 [ 30.047238] ? __fprop_inc_percpu_max+0x1d0/0x1d0 [ 30.052064] ? lock_acquire+0x170/0x3f0 [ 30.056043] cma_alloc_port+0x16f/0x300 [ 30.060012] ? rdma_reject+0x2f0/0x2f0 [ 30.063885] rdma_bind_addr+0x1d74/0x23f0 [ 30.068022] ? rdma_connect+0x15c0/0x15c0 [ 30.072152] ? __mutex_unlock_slowpath+0x75/0x770 [ 30.076978] ? __radix_tree_lookup+0x1b5/0x2e0 [ 30.081558] rdma_listen+0x8f/0x9b0 [ 30.085184] ucma_listen+0x10b/0x170 [ 30.088885] ? ucma_bind_ip+0x150/0x150 [ 30.092840] ? _copy_from_user+0x96/0x100 [ 30.096974] ? ucma_bind_ip+0x150/0x150 [ 30.100926] ucma_write+0x206/0x2c0 [ 30.104533] ? ucma_set_ib_path+0x510/0x510 [ 30.108835] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.113753] __vfs_write+0xe4/0x630 [ 30.117359] ? ucma_set_ib_path+0x510/0x510 [ 30.121662] ? __handle_mm_fault+0x80f/0x4620 [ 30.126136] ? kernel_read+0x110/0x110 [ 30.130004] ? common_file_perm+0x3ee/0x580 [ 30.134310] ? security_file_permission+0x82/0x1e0 [ 30.139220] ? rw_verify_area+0xe1/0x2a0 [ 30.143264] vfs_write+0x17f/0x4d0 [ 30.146802] SyS_write+0xf2/0x210 [ 30.150237] ? SyS_read+0x210/0x210 [ 30.153842] ? __do_page_fault+0x159/0xad0 [ 30.158057] ? do_syscall_64+0x4c/0x640 [ 30.162010] ? SyS_read+0x210/0x210 [ 30.165627] do_syscall_64+0x1d5/0x640 [ 30.169498] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.174668] RIP: 0033:0x7f7e9efbfe69 [ 30.178360] RSP: 002b:00007f7e9ef712f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 30.186059] RAX: ffffffffffffffda RBX: 00007f7e9f0494c8 RCX: 00007f7e9efbfe69 [ 30.193310] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 30.200557] RBP: 00007f7e9f0494c0 R08: 0000000000000001 R09: 0000000000000032 [ 30.207804] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 30.215054] R13: 00007f7e9ef71300 R14: 0000000000000001 R15: 0000000000022000 [ 30.222329] CPU: 1 PID: 8018 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 30.230209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 30.239550] Call Trace: [ 30.242121] dump_stack+0x1b2/0x281 [ 30.245730] should_fail.cold+0x10a/0x149 [ 30.249866] get_futex_key+0x82a/0x11b0 [ 30.253834] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 30.258487] ? io_schedule_timeout+0x140/0x140 [ 30.263054] futex_wait_setup+0xb3/0x260 [ 30.267094] ? futex_wake+0x3c0/0x3c0 [ 30.270874] futex_wait+0x199/0x5a0 [ 30.274484] ? futex_wait_setup+0x260/0x260 [ 30.278786] ? lock_downgrade+0x740/0x740 [ 30.282912] ? wake_up_q+0x82/0xd0 [ 30.286432] ? drop_futex_key_refs+0x2e/0xa0 [ 30.290819] ? futex_wake+0x116/0x3c0 [ 30.294615] do_futex+0x1d8/0x1570 [ 30.298141] ? trace_hardirqs_on+0x10/0x10 [ 30.302362] ? get_pid_task+0xb8/0x130 [ 30.306231] ? proc_fail_nth_write+0x7b/0x180 [ 30.310880] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.315791] ? futex_exit_release+0x220/0x220 [ 30.320264] ? fsnotify+0x974/0x11b0 [ 30.323953] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.328857] ? __handle_mm_fault+0x80f/0x4620 [ 30.333327] ? __fget+0x23e/0x3e0 [ 30.336765] ? lock_acquire+0x170/0x3f0 [ 30.340717] ? lock_downgrade+0x740/0x740 [ 30.344864] ? __fget+0x265/0x3e0 [ 30.348300] SyS_futex+0x1da/0x290 [ 30.351841] ? do_futex+0x1570/0x1570 [ 30.355623] ? SyS_read+0x210/0x210 [ 30.359263] ? __do_page_fault+0x159/0xad0 [ 30.363566] ? do_syscall_64+0x4c/0x640 [ 30.367522] ? do_futex+0x1570/0x1570 [ 30.371305] do_syscall_64+0x1d5/0x640 [ 30.375181] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.380349] RIP: 0033:0x7f7e9efbfe69 [ 30.384053] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 30.391744] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 30.399025] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 30.406287] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 30.413721] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 30.420972] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 30.428408] CPU: 0 PID: 8009 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 30.436288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 30.445636] Call Trace: [ 30.448217] dump_stack+0x1b2/0x281 [ 30.451842] should_fail.cold+0x10a/0x149 [ 30.453492] ================================================================== [ 30.456077] get_futex_key+0x82a/0x11b0 [ 30.456089] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 30.463483] BUG: KASAN: use-after-free in __list_add_valid+0x93/0xa0 [ 30.467434] ? io_schedule_timeout+0x140/0x140 [ 30.472075] Read of size 8 at addr ffff8880b342bd18 by task syz-executor258/8030 [ 30.478543] futex_wait_setup+0xb3/0x260 [ 30.483089] [ 30.496274] ? futex_wake+0x3c0/0x3c0 [ 30.500057] futex_wait+0x199/0x5a0 [ 30.503679] ? futex_wait_setup+0x260/0x260 [ 30.507992] ? lock_downgrade+0x740/0x740 [ 30.512132] ? wake_up_q+0x82/0xd0 [ 30.515661] ? drop_futex_key_refs+0x2e/0xa0 [ 30.520052] ? futex_wake+0x116/0x3c0 [ 30.523839] do_futex+0x1d8/0x1570 [ 30.527387] ? trace_hardirqs_on+0x10/0x10 [ 30.531619] ? get_pid_task+0xb8/0x130 [ 30.535496] ? proc_fail_nth_write+0x7b/0x180 [ 30.539987] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.544924] ? futex_exit_release+0x220/0x220 [ 30.549402] ? fsnotify+0x974/0x11b0 [ 30.553095] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.558002] ? __handle_mm_fault+0x80f/0x4620 [ 30.562474] ? __fget+0x23e/0x3e0 [ 30.565944] ? lock_acquire+0x170/0x3f0 [ 30.569908] ? lock_downgrade+0x740/0x740 [ 30.574046] ? __fget+0x265/0x3e0 [ 30.577499] SyS_futex+0x1da/0x290 [ 30.581030] ? do_futex+0x1570/0x1570 [ 30.584834] ? SyS_read+0x210/0x210 [ 30.588445] ? __do_page_fault+0x159/0xad0 [ 30.592664] ? do_syscall_64+0x4c/0x640 [ 30.596630] ? do_futex+0x1570/0x1570 [ 30.600432] do_syscall_64+0x1d5/0x640 [ 30.604309] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.609486] RIP: 0033:0x7f7e9efbfe69 [ 30.613177] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 30.620862] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 30.628109] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 30.635359] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 30.642607] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 30.649853] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 30.657115] CPU: 1 PID: 8030 Comm: syz-executor258 Not tainted 4.14.290-syzkaller #0 [ 30.664996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 30.674346] Call Trace: [ 30.676925] dump_stack+0x1b2/0x281 [ 30.680532] print_address_description.cold+0x54/0x1d3 [ 30.685808] kasan_report_error.cold+0x8a/0x191 [ 30.690455] ? __list_add_valid+0x93/0xa0 [ 30.694578] __asan_report_load8_noabort+0x68/0x70 [ 30.699622] ? __list_add_valid+0x93/0xa0 [ 30.703851] __list_add_valid+0x93/0xa0 [ 30.707817] rdma_listen+0x656/0x9b0 [ 30.711524] ucma_listen+0x10b/0x170 [ 30.715214] ? ucma_bind_ip+0x150/0x150 [ 30.719176] ? _copy_from_user+0x96/0x100 [ 30.723305] ? ucma_bind_ip+0x150/0x150 [ 30.727260] ucma_write+0x206/0x2c0 [ 30.730864] ? ucma_set_ib_path+0x510/0x510 [ 30.735159] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 30.740065] __vfs_write+0xe4/0x630 [ 30.743667] ? ucma_set_ib_path+0x510/0x510 [ 30.747960] ? __handle_mm_fault+0x80f/0x4620 [ 30.752432] ? kernel_read+0x110/0x110 [ 30.756295] ? common_file_perm+0x3ee/0x580 [ 30.760596] ? security_file_permission+0x82/0x1e0 [ 30.765514] ? rw_verify_area+0xe1/0x2a0 [ 30.769553] vfs_write+0x17f/0x4d0 [ 30.773119] SyS_write+0xf2/0x210 [ 30.776648] ? SyS_read+0x210/0x210 [ 30.780280] ? __do_page_fault+0x159/0xad0 [ 30.784520] ? do_syscall_64+0x4c/0x640 [ 30.788479] ? SyS_read+0x210/0x210 [ 30.792090] do_syscall_64+0x1d5/0x640 [ 30.796216] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.801402] RIP: 0033:0x7f7e9efbfe69 [ 30.805105] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 30.812808] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 30.820086] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 30.827341] RBP: 00007f7e9f0494d0 R08: 0000000000000001 R09: 0000000000000032 [ 30.834613] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 30.841984] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 30.849251] [ 30.850857] Allocated by task 7972: [ 30.854464] kasan_kmalloc+0xeb/0x160 [ 30.858251] kmem_cache_alloc_trace+0x131/0x3d0 [ 30.862893] rdma_create_id+0x57/0x4c0 [ 30.866779] ucma_create_id+0x18b/0x500 [ 30.870727] ucma_write+0x206/0x2c0 [ 30.874330] __vfs_write+0xe4/0x630 [ 30.877929] vfs_write+0x17f/0x4d0 [ 30.881455] SyS_write+0xf2/0x210 [ 30.884891] do_syscall_64+0x1d5/0x640 [ 30.888756] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.894191] [ 30.895819] Freed by task 7982: [ 30.899077] kasan_slab_free+0xc3/0x1a0 [ 30.903026] kfree+0xc9/0x250 [ 30.906108] ucma_close+0x11a/0x340 [ 30.909711] __fput+0x25f/0x7a0 [ 30.912969] task_work_run+0x11f/0x190 [ 30.916834] do_exit+0xa44/0x2850 [ 30.920263] do_group_exit+0x100/0x2e0 [ 30.924138] get_signal+0x38d/0x1ca0 [ 30.927828] do_signal+0x7c/0x1550 [ 30.931345] exit_to_usermode_loop+0x160/0x200 [ 30.935929] do_syscall_64+0x4a3/0x640 [ 30.939790] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 30.944962] [ 30.946568] The buggy address belongs to the object at ffff8880b342bb40 [ 30.946568] which belongs to the cache kmalloc-1024 of size 1024 [ 30.959383] The buggy address is located 472 bytes inside of [ 30.959383] 1024-byte region [ffff8880b342bb40, ffff8880b342bf40) [ 30.971326] The buggy address belongs to the page: [ 30.976231] page:ffffea0002cd0a80 count:1 mapcount:0 mapping:ffff8880b342a040 index:0xffff8880b342b240 compound_mapcount: 0 [ 30.987504] flags: 0xfff00000008100(slab|head) [ 30.992064] raw: 00fff00000008100 ffff8880b342a040 ffff8880b342b240 0000000100000005 [ 30.999947] raw: ffffea0002ce3a20 ffffea0002cb1f20 ffff88813fe74ac0 0000000000000000 [ 31.007810] page dumped because: kasan: bad access detected [ 31.013492] [ 31.015090] Memory state around the buggy address: [ 31.020002] ffff8880b342bc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.027346] ffff8880b342bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.034677] >ffff8880b342bd00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.042014] ^ [ 31.046132] ffff8880b342bd80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.053475] ffff8880b342be00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 31.060806] ================================================================== [ 31.068136] Disabling lock debugging due to kernel taint [ 31.076113] Kernel panic - not syncing: panic_on_warn set ... [ 31.076113] [ 31.078203] FAULT_INJECTION: forcing a failure. [ 31.078203] name fail_futex, interval 1, probability 0, space 0, times 0 [ 31.083469] CPU: 1 PID: 8030 Comm: syz-executor258 Tainted: G B 4.14.290-syzkaller #0 [ 31.083474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 31.083481] Call Trace: [ 31.115812] dump_stack+0x1b2/0x281 [ 31.119432] panic+0x1f9/0x42d [ 31.122607] ? add_taint.cold+0x16/0x16 [ 31.126571] ? ___preempt_schedule+0x16/0x18 [ 31.130969] kasan_end_report+0x43/0x49 [ 31.134930] kasan_report_error.cold+0xa7/0x191 [ 31.139580] ? __list_add_valid+0x93/0xa0 [ 31.143705] __asan_report_load8_noabort+0x68/0x70 [ 31.148619] ? __list_add_valid+0x93/0xa0 [ 31.151445] FAULT_INJECTION: forcing a failure. [ 31.151445] name fail_futex, interval 1, probability 0, space 0, times 0 [ 31.154066] __list_add_valid+0x93/0xa0 [ 31.154075] rdma_listen+0x656/0x9b0 [ 31.154086] ucma_listen+0x10b/0x170 [ 31.176745] ? ucma_bind_ip+0x150/0x150 [ 31.180701] ? _copy_from_user+0x96/0x100 [ 31.184844] ? ucma_bind_ip+0x150/0x150 [ 31.188810] ucma_write+0x206/0x2c0 [ 31.192502] ? ucma_set_ib_path+0x510/0x510 [ 31.196803] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 31.201712] __vfs_write+0xe4/0x630 [ 31.205315] ? ucma_set_ib_path+0x510/0x510 [ 31.209631] ? __handle_mm_fault+0x80f/0x4620 [ 31.214104] ? kernel_read+0x110/0x110 [ 31.217997] ? common_file_perm+0x3ee/0x580 [ 31.222300] ? security_file_permission+0x82/0x1e0 [ 31.227220] ? rw_verify_area+0xe1/0x2a0 [ 31.231260] vfs_write+0x17f/0x4d0 [ 31.234777] SyS_write+0xf2/0x210 [ 31.238208] ? SyS_read+0x210/0x210 [ 31.241812] ? __do_page_fault+0x159/0xad0 [ 31.246025] ? do_syscall_64+0x4c/0x640 [ 31.249991] ? SyS_read+0x210/0x210 [ 31.253596] do_syscall_64+0x1d5/0x640 [ 31.257463] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 31.262630] RIP: 0033:0x7f7e9efbfe69 [ 31.266317] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 31.274005] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 31.281253] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003 [ 31.288499] RBP: 00007f7e9f0494d0 R08: 0000000000000001 R09: 0000000000000032 [ 31.295745] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 31.302992] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 31.310249] CPU: 0 PID: 8041 Comm: syz-executor258 Tainted: G B 4.14.290-syzkaller #0 [ 31.319334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 31.328668] Call Trace: [ 31.331240] dump_stack+0x1b2/0x281 [ 31.334858] should_fail.cold+0x10a/0x149 [ 31.338990] get_futex_key+0x82a/0x11b0 [ 31.342948] ? futex_lock_pi_atomic+0x2e0/0x2e0 [ 31.347613] ? io_schedule_timeout+0x140/0x140 [ 31.352207] futex_wait_setup+0xb3/0x260 [ 31.356255] ? futex_wake+0x3c0/0x3c0 [ 31.360055] futex_wait+0x199/0x5a0 [ 31.363672] ? futex_wait_setup+0x260/0x260 [ 31.367983] ? lock_downgrade+0x740/0x740 [ 31.372121] ? wake_up_q+0x82/0xd0 [ 31.375648] ? drop_futex_key_refs+0x2e/0xa0 [ 31.380059] ? futex_wake+0x116/0x3c0 [ 31.383845] ? lock_acquire+0x170/0x3f0 [ 31.387807] do_futex+0x1d8/0x1570 [ 31.391331] ? trace_hardirqs_on+0x10/0x10 [ 31.395550] ? get_pid_task+0xb8/0x130 [ 31.399424] ? proc_fail_nth_write+0x7b/0x180 [ 31.403904] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 31.408817] ? futex_exit_release+0x220/0x220 [ 31.413301] ? fsnotify+0x974/0x11b0 [ 31.416996] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 31.421909] ? __handle_mm_fault+0x80f/0x4620 [ 31.426389] ? lock_acquire+0x170/0x3f0 [ 31.430345] ? lock_downgrade+0x740/0x740 [ 31.434481] ? __fget+0x265/0x3e0 [ 31.437923] SyS_futex+0x1da/0x290 [ 31.441470] ? do_futex+0x1570/0x1570 [ 31.445254] ? SyS_read+0x210/0x210 [ 31.448872] ? __do_page_fault+0x159/0xad0 [ 31.453091] ? do_futex+0x1570/0x1570 [ 31.456877] do_syscall_64+0x1d5/0x640 [ 31.460750] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 31.465921] RIP: 0033:0x7f7e9efbfe69 [ 31.469612] RSP: 002b:00007f7e9ef502f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 31.477315] RAX: ffffffffffffffda RBX: 00007f7e9f0494d8 RCX: 00007f7e9efbfe69 [ 31.484568] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f7e9f0494d8 [ 31.491820] RBP: 00007f7e9f0494d0 R08: 0000000000000032 R09: 0000000000000032 [ 31.499071] R10: 0000000000000000 R11: 0000000000000246 R12: 006d635f616d6472 [ 31.506322] R13: 00007f7e9ef50300 R14: 0000000000000001 R15: 0000000000022000 [ 31.513738] Kernel Offset: disabled [ 31.517391] Rebooting in 86400 seconds..