INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.36' (ECDSA) to the list of known hosts. 2018/03/31 02:55:22 parsed 1 programs 2018/03/31 02:55:22 executed programs: 0 syzkaller login: [ 28.864500] IPVS: ftp: loaded support on port[0] = 21 [ 28.889189] IPVS: ftp: loaded support on port[0] = 21 [ 28.919492] IPVS: ftp: loaded support on port[0] = 21 [ 28.936632] FAULT_INJECTION: forcing a failure. [ 28.936632] name failslab, interval 1, probability 0, space 0, times 1 [ 28.938565] FAULT_INJECTION: forcing a failure. [ 28.938565] name failslab, interval 1, probability 0, space 0, times 1 [ 28.947939] CPU: 0 PID: 4501 Comm: syz-executor3 Not tainted 4.16.0-rc6+ #42 [ 28.947947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.947949] Call Trace: [ 28.978388] dump_stack+0x194/0x24d [ 28.981989] ? arch_local_irq_restore+0x53/0x53 [ 28.986642] should_fail+0x8c0/0xa40 [ 28.990331] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 28.995409] ? __lock_is_held+0xb6/0x140 [ 28.999447] ? mark_held_locks+0xaf/0x100 [ 29.003566] ? __raw_spin_lock_init+0x1c/0x100 [ 29.008119] ? find_held_lock+0x35/0x1d0 [ 29.012151] ? __lock_is_held+0xb6/0x140 [ 29.016187] ? check_same_owner+0x320/0x320 [ 29.020478] ? d_alloc+0x269/0x340 [ 29.023991] ? rcu_note_context_switch+0x710/0x710 [ 29.028892] ? lock_release+0xa40/0xa40 [ 29.032838] should_failslab+0xec/0x120 [ 29.036784] kmem_cache_alloc+0x47/0x760 [ 29.040815] ? d_drop+0x51/0x60 [ 29.044066] ? rpc_i_callback+0x30/0x30 [ 29.048007] rpc_alloc_inode+0x1a/0x20 [ 29.051866] alloc_inode+0x65/0x180 [ 29.055466] new_inode_pseudo+0x69/0x190 [ 29.059500] ? prune_icache_sb+0x1a0/0x1a0 [ 29.063704] ? do_raw_spin_trylock+0x190/0x190 [ 29.068256] ? d_add+0xa70/0xa70 [ 29.071603] new_inode+0x1c/0x40 [ 29.074939] rpc_get_inode+0x20/0x1e0 [ 29.078719] __rpc_create_common+0x5d/0x1d0 [ 29.083015] rpc_mkpipe_dentry+0x122/0x360 [ 29.087225] nfs4blocklayout_register_sb+0x4b/0x70 [ 29.092134] rpc_pipefs_event+0x3a4/0x480 [ 29.096252] ? nfs4blocklayout_net_init+0x460/0x460 [ 29.101239] ? lock_release+0xa40/0xa40 [ 29.105184] ? check_same_owner+0x320/0x320 [ 29.109476] ? dput.part.20+0x1d9/0x830 [ 29.113425] notifier_call_chain+0x136/0x2c0 [ 29.117804] ? unregister_die_notifier+0x20/0x20 [ 29.122531] ? down_read+0x96/0x150 [ 29.126126] ? blocking_notifier_call_chain+0xe1/0x190 [ 29.131373] ? __down_interruptible+0x6b0/0x6b0 [ 29.136010] ? _raw_spin_unlock+0x22/0x30 [ 29.140131] blocking_notifier_call_chain+0x102/0x190 [ 29.145292] ? srcu_init_notifier_head+0x80/0x80 [ 29.150021] rpc_fill_super+0x525/0xae0 [ 29.153970] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.159135] ? security_capable+0x8e/0xc0 [ 29.163256] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.168417] ? ns_capable_common+0xcf/0x160 [ 29.172708] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.177869] mount_ns+0xc4/0x190 [ 29.181205] rpc_mount+0x9e/0xd0 [ 29.184540] mount_fs+0x66/0x2d0 [ 29.187881] vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.192433] ? may_umount+0xa0/0xa0 [ 29.196029] ? _raw_read_unlock+0x22/0x30 [ 29.200159] ? __get_fs_type+0x8a/0xc0 [ 29.204020] do_mount+0xea4/0x2bb0 [ 29.207618] ? __might_fault+0x110/0x1d0 [ 29.211651] ? copy_mount_string+0x40/0x40 [ 29.215854] ? check_same_owner+0x320/0x320 [ 29.220146] ? __check_object_size+0x8b/0x530 [ 29.224616] ? __might_sleep+0x95/0x190 [ 29.228563] ? kasan_check_write+0x14/0x20 [ 29.232767] ? _copy_from_user+0x99/0x110 [ 29.236890] ? memdup_user+0x5e/0x90 [ 29.240572] ? copy_mount_options+0x1f7/0x2e0 [ 29.245037] SyS_mount+0xab/0x120 [ 29.248460] ? copy_mnt_ns+0xb30/0xb30 [ 29.252322] do_syscall_64+0x281/0x940 [ 29.256178] ? vmalloc_sync_all+0x30/0x30 [ 29.260298] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.264768] ? finish_task_switch+0x1c1/0x7e0 [ 29.269234] ? syscall_return_slowpath+0x550/0x550 [ 29.274131] ? syscall_return_slowpath+0x2ac/0x550 [ 29.279030] ? prepare_exit_to_usermode+0x350/0x350 [ 29.284014] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.289353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.294168] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.299328] RIP: 0033:0x454e79 [ 29.302489] RSP: 002b:00007f2cb0616c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.310167] RAX: ffffffffffffffda RBX: 00007f2cb06176d4 RCX: 0000000000454e79 [ 29.317409] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 29.324648] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 29.331888] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000006 [ 29.339136] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000037 [ 29.346392] CPU: 1 PID: 4503 Comm: syz-executor5 Not tainted 4.16.0-rc6+ #42 [ 29.346711] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry blocklayout [ 29.353578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.353582] Call Trace: [ 29.353595] dump_stack+0x194/0x24d [ 29.353602] ? arch_local_irq_restore+0x53/0x53 [ 29.353612] should_fail+0x8c0/0xa40 [ 29.353618] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 29.353627] ? __lock_is_held+0xb6/0x140 [ 29.382123] net/sunrpc/rpc_pipe.c: rpc_mkpipe_dentry() failed to create pipe nfs/blocklayout (errno = -12) [ 29.383164] ? mark_held_locks+0xaf/0x100 [ 29.383170] ? __raw_spin_lock_init+0x1c/0x100 [ 29.383176] ? find_held_lock+0x35/0x1d0 [ 29.383183] ? __lock_is_held+0xb6/0x140 [ 29.383193] ? check_same_owner+0x320/0x320 [ 29.383198] ? d_alloc+0x269/0x340 [ 29.383205] ? rcu_note_context_switch+0x710/0x710 [ 29.383209] ? lock_release+0xa40/0xa40 [ 29.383217] should_failslab+0xec/0x120 [ 29.383225] kmem_cache_alloc+0x47/0x760 [ 29.387586] list_del corruption. prev->next should be 00000000d96d7485, but was 00000000f640dee4 [ 29.392010] ? d_drop+0x51/0x60 [ 29.392018] ? rpc_i_callback+0x30/0x30 [ 29.392023] rpc_alloc_inode+0x1a/0x20 [ 29.392027] alloc_inode+0x65/0x180 [ 29.392032] new_inode_pseudo+0x69/0x190 [ 29.392037] ? prune_icache_sb+0x1a0/0x1a0 [ 29.392041] ? do_raw_spin_trylock+0x190/0x190 [ 29.392045] ? d_add+0xa70/0xa70 [ 29.392052] new_inode+0x1c/0x40 [ 29.392056] rpc_get_inode+0x20/0x1e0 [ 29.392061] __rpc_create_common+0x5d/0x1d0 [ 29.392065] ? __d_lookup+0x830/0x830 [ 29.392072] rpc_populate.constprop.15+0x126/0x340 [ 29.392079] rpc_fill_super+0x831/0xae0 [ 29.392086] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.392093] ? security_capable+0x8e/0xc0 [ 29.392099] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.392105] ? ns_capable_common+0xcf/0x160 [ 29.392111] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.392116] mount_ns+0xc4/0x190 [ 29.392122] rpc_mount+0x9e/0xd0 [ 29.392128] mount_fs+0x66/0x2d0 [ 29.392134] vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.392139] ? may_umount+0xa0/0xa0 [ 29.392146] ? _raw_read_unlock+0x22/0x30 [ 29.392150] ? __get_fs_type+0x8a/0xc0 [ 29.392157] do_mount+0xea4/0x2bb0 [ 29.392162] ? __might_fault+0x110/0x1d0 [ 29.392169] ? copy_mount_string+0x40/0x40 [ 29.392173] ? check_same_owner+0x320/0x320 [ 29.392179] ? __check_object_size+0x8b/0x530 [ 29.392186] ? __might_sleep+0x95/0x190 [ 29.392194] ? kasan_check_write+0x14/0x20 [ 29.396441] ------------[ cut here ]------------ [ 29.406112] ? _copy_from_user+0x99/0x110 [ 29.410230] kernel BUG at lib/list_debug.c:53! [ 29.410287] invalid opcode: 0000 [#1] SMP KASAN [ 29.414798] ? memdup_user+0x5e/0x90 [ 29.418830] Dumping ftrace buffer: [ 29.422887] ? copy_mount_options+0x1f7/0x2e0 [ 29.427186] (ftrace buffer empty) [ 29.430703] SyS_mount+0xab/0x120 [ 29.435603] Modules linked in: [ 29.439556] ? copy_mnt_ns+0xb30/0xb30 [ 29.447542] do_syscall_64+0x281/0x940 [ 29.456449] CPU: 0 PID: 4501 Comm: syz-executor3 Not tainted 4.16.0-rc6+ #42 [ 29.459710] ? vmalloc_sync_all+0x30/0x30 [ 29.463653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.467516] ? _raw_spin_unlock_irq+0x27/0x70 [ 29.471125] RIP: 0010:__list_del_entry_valid+0xef/0x150 [ 29.475168] ? finish_task_switch+0x1c1/0x7e0 [ 29.479367] RSP: 0018:ffff8801b94cf7a0 EFLAGS: 00010282 [ 29.483936] ? syscall_return_slowpath+0x550/0x550 [ 29.487278] RAX: 0000000000000054 RBX: ffff8801a9e8ddf0 RCX: 0000000000000000 [ 29.490625] ? syscall_return_slowpath+0x2ac/0x550 [ 29.494657] RDX: 0000000000000054 RSI: 1ffff10037299ea9 RDI: ffffed0037299ee8 [ 29.498960] ? prepare_exit_to_usermode+0x350/0x350 [ 29.502728] RBP: ffff8801b94cf7b8 R08: 1ffff10037299e40 R09: 0000000000000000 [ 29.502734] R10: ffff8801b94cf778 R11: 0000000000000000 R12: ffff8801a9e8dc70 [ 29.507643] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.511594] R13: 1ffff10037299efd R14: ffff8801a9e8db00 R15: dffffc0000000000 [ 29.516762] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.520890] FS: 00007f2cb0617700(0000) GS:ffff8801db000000(0000) knlGS:0000000000000000 [ 29.526062] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.530359] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 29.535526] RIP: 0033:0x454e79 [ 29.538867] CR2: 000000000072c051 CR3: 00000001b1d8b003 CR4: 00000000001606f0 [ 29.542209] RSP: 002b:00007f858ed69c68 EFLAGS: 00000246 [ 29.545550] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 29.550108] ORIG_RAX: 00000000000000a5 [ 29.553713] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 29.557838] RAX: ffffffffffffffda RBX: 00007f858ed6a6d4 RCX: 0000000000454e79 [ 29.561702] Call Trace: [ 29.565217] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 29.565224] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 29.569286] __dentry_kill+0x260/0x700 [ 29.573490] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000006 [ 29.577790] ? check_and_drop+0x1b0/0x1b0 [ 29.582255] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000037 [ 29.582325] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry info [ 29.586388] ? d_path+0x930/0x930 [ 29.586396] ? rcu_note_context_switch+0x710/0x710 [ 29.586404] dput.part.20+0x5a0/0x830 [ 29.586412] ? d_path+0x930/0x930 [ 29.594274] IPVS: ftp: loaded support on port[0] = 21 [ 29.595378] ? rpc_show_info+0x460/0x460 [ 29.595384] ? d_delete+0x181/0x280 [ 29.616723] IPVS: ftp: loaded support on port[0] = 21 [ 29.620355] dput+0x1f/0x30 [ 29.620361] rpc_fill_super+0x628/0xae0 [ 29.620368] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.643157] IPVS: ftp: loaded support on port[0] = 21 [ 29.645535] ? security_capable+0x8e/0xc0 [ 29.645543] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.674667] IPVS: ftp: loaded support on port[0] = 21 [ 29.678595] ? ns_capable_common+0xcf/0x160 [ 29.678605] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.703264] IPVS: ftp: loaded support on port[0] = 21 [ 29.707884] mount_ns+0xc4/0x190 [ 29.707895] rpc_mount+0x9e/0xd0 [ 29.739820] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory clntXX [ 29.747988] mount_fs+0x66/0x2d0 [ 29.747995] vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.747999] ? may_umount+0xa0/0xa0 [ 29.748004] ? _raw_read_unlock+0x22/0x30 [ 29.748009] ? __get_fs_type+0x8a/0xc0 [ 29.748014] do_mount+0xea4/0x2bb0 [ 29.748019] ? __might_fault+0x110/0x1d0 [ 29.748024] ? copy_mount_string+0x40/0x40 [ 29.748032] ? check_same_owner+0x320/0x320 [ 29.978215] ? __check_object_size+0x8b/0x530 [ 29.982686] ? __might_sleep+0x95/0x190 [ 29.986629] ? kasan_check_write+0x14/0x20 [ 29.990834] ? _copy_from_user+0x99/0x110 [ 29.994952] ? memdup_user+0x5e/0x90 [ 29.998633] ? copy_mount_options+0x1f7/0x2e0 [ 30.003094] SyS_mount+0xab/0x120 [ 30.006515] ? copy_mnt_ns+0xb30/0xb30 [ 30.010369] do_syscall_64+0x281/0x940 [ 30.014239] ? vmalloc_sync_all+0x30/0x30 [ 30.018356] ? _raw_spin_unlock_irq+0x27/0x70 [ 30.022820] ? finish_task_switch+0x1c1/0x7e0 [ 30.027284] ? syscall_return_slowpath+0x550/0x550 [ 30.032180] ? syscall_return_slowpath+0x2ac/0x550 [ 30.037076] ? prepare_exit_to_usermode+0x350/0x350 [ 30.042061] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 30.047391] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.052213] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 30.057372] RIP: 0033:0x454e79 [ 30.060529] RSP: 002b:00007f2cb0616c68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 30.068205] RAX: ffffffffffffffda RBX: 00007f2cb06176d4 RCX: 0000000000454e79 [ 30.075445] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 30.082683] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 30.090095] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000006 [ 30.097339] R13: 00000000000003fa R14: 00000000006f8010 R15: 0000000000000037 [ 30.104582] Code: 4c 89 e2 48 c7 c7 00 bf 75 87 e8 f5 cc 46 fe 0f 0b 48 c7 c7 60 bf 75 87 e8 e7 cc 46 fe 0f 0b 48 c7 c7 c0 bf 75 87 e8 d9 cc 46 fe <0f> 0b 48 c7 c7 20 c0 75 87 e8 cb cc 46 fe 0f 0b 48 89 df 48 89 [ 30.123668] RIP: __list_del_entry_valid+0xef/0x150 RSP: ffff8801b94cf7a0 [ 30.130601] ---[ end trace 0f973ac8284e2b68 ]--- [ 30.135346] Kernel panic - not syncing: Fatal exception [ 30.141030] Dumping ftrace buffer: [ 30.144543] (ftrace buffer empty) [ 30.148226] Kernel Offset: disabled [ 30.151826] Rebooting in 86400 seconds..