[....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[ 15.926067] random: sshd: uninitialized urandom read (32 bytes read) [?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 19.308541] random: sshd: uninitialized urandom read (32 bytes read) [ 19.693460] random: sshd: uninitialized urandom read (32 bytes read) [ 20.503117] random: sshd: uninitialized urandom read (32 bytes read) [ 23.067861] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.0.37' (ECDSA) to the list of known hosts. [ 28.510265] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 28.603804] IPVS: ftp: loaded support on port[0] = 21 [ 28.603937] IPVS: ftp: loaded support on port[0] = 21 [ 28.610440] IPVS: ftp: loaded support on port[0] = 21 [ 28.619133] IPVS: ftp: loaded support on port[0] = 21 [ 28.621799] IPVS: ftp: loaded support on port[0] = 21 [ 28.627721] IPVS: ftp: loaded support on port[0] = 21 [ 28.639865] IPVS: ftp: loaded support on port[0] = 21 [ 28.647168] IPVS: ftp: loaded support on port[0] = 21 executing program executing program [ 28.695665] FAULT_INJECTION: forcing a failure. [ 28.695665] name failslab, interval 1, probability 0, space 0, times 1 [ 28.706927] CPU: 0 PID: 4473 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 28.715399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.724736] Call Trace: [ 28.727316] dump_stack+0x1c9/0x2b4 [ 28.730940] ? dump_stack_print_info.cold.2+0x52/0x52 [ 28.736123] should_fail.cold.4+0xa/0x11 [ 28.740166] ? fault_create_debugfs_attr+0x1f0/0x1f0 executing program executing program executing program executing program executing program [ 28.745254] ? trace_hardirqs_on+0x10/0x10 [ 28.749484] ? kernel_poison_pages+0x136/0x220 [ 28.754047] ? trace_hardirqs_on+0x10/0x10 [ 28.758267] ? trace_hardirqs_on+0x10/0x10 [ 28.762482] ? trace_hardirqs_on+0x10/0x10 [ 28.766709] ? trace_hardirqs_on+0x10/0x10 [ 28.770928] ? trace_hardirqs_on+0x10/0x10 [ 28.775146] ? lock_acquire+0x1e4/0x540 [ 28.779103] ? fs_reclaim_acquire+0x20/0x20 [ 28.783404] ? lock_downgrade+0x8f0/0x8f0 [ 28.787536] ? check_same_owner+0x340/0x340 [ 28.791847] ? rcu_note_context_switch+0x730/0x730 [ 28.796753] ? lock_release+0xa30/0xa30 [ 28.800706] __should_failslab+0x124/0x180 [ 28.804924] should_failslab+0x9/0x14 [ 28.808717] kmem_cache_alloc+0x2af/0x760 [ 28.812844] alloc_vfsmnt+0xe8/0x9a0 [ 28.816537] ? delayed_free_vfsmnt+0x20/0x20 [ 28.820946] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 28.825952] ? bpf_prog_kallsyms_find+0xde/0x4c0 [ 28.830690] ? trace_hardirqs_on+0x10/0x10 [ 28.834906] ? lock_downgrade+0x8f0/0x8f0 [ 28.839137] ? lock_release+0xa30/0xa30 [ 28.843094] ? kasan_check_read+0x11/0x20 [ 28.847223] ? rcu_is_watching+0x8c/0x150 [ 28.851351] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 28.856348] ? xas_create+0x2ad/0x1150 [ 28.860231] clone_mnt+0x124/0x1500 [ 28.863865] ? __save_stack_trace+0x8d/0xf0 [ 28.868173] ? kern_mount+0x70/0x70 [ 28.871874] ? save_stack+0xa9/0xd0 [ 28.875502] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 28.881025] ? xas_find_tagged+0x44a/0x1440 [ 28.885348] ? attach_recursive_mnt+0x121/0xb70 [ 28.890016] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 28.895546] ? xas_store+0x52f/0x1720 [ 28.899331] ? lock_acquire+0x1e4/0x540 [ 28.903301] ? is_subdir+0x2aa/0x4a0 [ 28.907010] ? lock_downgrade+0x8f0/0x8f0 [ 28.911149] ? lock_release+0xa30/0xa30 [ 28.915102] ? kasan_check_read+0x11/0x20 [ 28.919240] ? do_raw_spin_unlock+0xa7/0x2f0 [ 28.923629] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 28.928195] copy_tree+0x169/0xb00 [ 28.931719] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 28.936940] ? is_subdir+0x2f1/0x4a0 [ 28.940634] ? to_mnt_ns+0x20/0x20 [ 28.944171] propagate_one+0x4e3/0x930 [ 28.948041] ? next_group+0x400/0x400 [ 28.951830] propagate_mnt+0x18a/0x3e0 [ 28.955711] attach_recursive_mnt+0x60c/0xb70 [ 28.960212] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 28.964777] ? count_mounts+0x360/0x360 [ 28.968732] ? kfree+0x15e/0x260 [ 28.972078] ? get_mountpoint+0xe6/0x410 [ 28.976122] ? namespace_unlock+0x210/0x210 [ 28.980427] ? down_read+0x1d0/0x1d0 [ 28.984124] graft_tree+0x1aa/0x240 [ 28.987743] do_add_mount+0x1fe/0x370 [ 28.991526] ? security_sb_mountpoint+0x94/0xc0 [ 28.996179] do_mount+0x1af2/0x1fb0 [ 28.999858] ? kasan_check_write+0x14/0x20 [ 29.004079] ? copy_mount_string+0x40/0x40 [ 29.008295] ? kasan_kmalloc+0xc4/0xe0 [ 29.012174] ? kmem_cache_alloc_trace+0x318/0x780 [ 29.017013] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 29.022794] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 29.028326] ? copy_mount_options+0x285/0x380 [ 29.032803] ksys_mount+0x12d/0x140 [ 29.036412] __x64_sys_mount+0xbe/0x150 [ 29.040461] do_syscall_64+0x1b9/0x820 [ 29.044349] ? syscall_return_slowpath+0x5e0/0x5e0 [ 29.049270] ? syscall_return_slowpath+0x31d/0x5e0 [ 29.054180] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 29.059265] ? prepare_exit_to_usermode+0x291/0x3b0 [ 29.064272] ? perf_trace_sys_enter+0xb10/0xb10 [ 29.068924] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.073746] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 29.078916] RIP: 0033:0x441d79 [ 29.082082] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 29.101203] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.108905] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 29.116165] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 29.123413] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 29.130675] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 29.137935] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 29.149292] FAULT_INJECTION: forcing a failure. [ 29.149292] name failslab, interval 1, probability 0, space 0, times 0 [ 29.160551] CPU: 0 PID: 4474 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 29.164369] FAULT_INJECTION: forcing a failure. [ 29.164369] name failslab, interval 1, probability 0, space 0, times 0 [ 29.169023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.169027] Call Trace: [ 29.169050] dump_stack+0x1c9/0x2b4 [ 29.169067] ? dump_stack_print_info.cold.2+0x52/0x52 [ 29.200943] should_fail.cold.4+0xa/0x11 [ 29.204987] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 29.210159] ? lock_downgrade+0x8f0/0x8f0 [ 29.214304] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 29.219307] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 29.224477] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 29.229994] ? xas_find_tagged+0x44a/0x1440 [ 29.234310] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 29.239824] ? xas_store+0x52f/0x1720 [ 29.243608] ? lock_acquire+0x1e4/0x540 [ 29.247578] ? fs_reclaim_acquire+0x20/0x20 [ 29.251878] ? lock_downgrade+0x8f0/0x8f0 [ 29.256006] ? kasan_check_read+0x11/0x20 [ 29.260138] ? check_same_owner+0x340/0x340 [ 29.264454] ? do_raw_spin_lock+0xc1/0x200 [ 29.268691] ? rcu_note_context_switch+0x730/0x730 [ 29.273601] ? kfree+0x15e/0x260 [ 29.276962] __should_failslab+0x124/0x180 [ 29.281191] should_failslab+0x9/0x14 [ 29.284971] __kmalloc+0x2c8/0x760 [ 29.288489] ? sget_fc+0x741/0x960 [ 29.292009] ? lock_downgrade+0x8f0/0x8f0 [ 29.296143] ? prealloc_shrinker+0x124/0x450 [ 29.300537] prealloc_shrinker+0x124/0x450 [ 29.304751] ? inactive_list_is_low+0x850/0x850 [ 29.309417] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 29.313987] register_shrinker+0x17/0x40 [ 29.318035] sget_fc+0x778/0x960 [ 29.321382] ? compare_single+0x10/0x10 [ 29.325347] ? alloc_super+0xb10/0xb10 [ 29.329246] ? kasan_kmalloc+0xc4/0xe0 [ 29.333120] ? __kmalloc_track_caller+0x311/0x760 [ 29.337954] ? proc_root_lookup+0x60/0x60 [ 29.342101] vfs_get_super+0x6e/0x270 [ 29.345909] proc_get_tree+0x88/0xb0 [ 29.349610] vfs_get_tree+0x1cb/0x5c0 [ 29.353395] do_mount+0x6c1/0x1fb0 [ 29.356920] ? kasan_check_write+0x14/0x20 [ 29.361138] ? copy_mount_string+0x40/0x40 [ 29.365364] ? kasan_kmalloc+0xc4/0xe0 [ 29.369231] ? kmem_cache_alloc_trace+0x318/0x780 [ 29.374058] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 29.379587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 29.385116] ? copy_mount_options+0x285/0x380 [ 29.389594] ksys_mount+0x12d/0x140 [ 29.393205] __x64_sys_mount+0xbe/0x150 [ 29.397161] do_syscall_64+0x1b9/0x820 [ 29.401035] ? syscall_return_slowpath+0x5e0/0x5e0 [ 29.405953] ? syscall_return_slowpath+0x31d/0x5e0 [ 29.410876] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 29.415888] ? prepare_exit_to_usermode+0x291/0x3b0 [ 29.420914] ? perf_trace_sys_enter+0xb10/0xb10 [ 29.425563] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.430402] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 29.435582] RIP: 0033:0x441d79 [ 29.438842] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 29.458578] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.466352] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 29.473599] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 29.480847] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 29.488095] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 29.495428] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 29.502697] CPU: 1 PID: 4475 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 29.505300] FAULT_INJECTION: forcing a failure. [ 29.505300] name failslab, interval 1, probability 0, space 0, times 0 [ 29.511204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.511208] Call Trace: [ 29.511226] dump_stack+0x1c9/0x2b4 [ 29.511244] ? dump_stack_print_info.cold.2+0x52/0x52 [ 29.543221] should_fail.cold.4+0xa/0x11 [ 29.547267] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 29.552354] ? lock_downgrade+0x8f0/0x8f0 [ 29.556497] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 29.561506] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 29.566689] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 29.572218] ? xas_find_tagged+0x44a/0x1440 [ 29.576522] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 29.582055] ? xas_store+0x52f/0x1720 [ 29.585840] ? lock_acquire+0x1e4/0x540 [ 29.589802] ? fs_reclaim_acquire+0x20/0x20 [ 29.594114] ? lock_downgrade+0x8f0/0x8f0 [ 29.598246] ? kasan_check_read+0x11/0x20 [ 29.602378] ? check_same_owner+0x340/0x340 [ 29.606679] ? do_raw_spin_lock+0xc1/0x200 [ 29.610910] ? rcu_note_context_switch+0x730/0x730 [ 29.615818] ? kfree+0x15e/0x260 [ 29.620650] __should_failslab+0x124/0x180 [ 29.624865] should_failslab+0x9/0x14 [ 29.628645] __kmalloc+0x2c8/0x760 [ 29.632164] ? sget_fc+0x741/0x960 [ 29.635683] ? lock_downgrade+0x8f0/0x8f0 [ 29.639811] ? prealloc_shrinker+0x124/0x450 [ 29.644198] prealloc_shrinker+0x124/0x450 [ 29.648413] ? inactive_list_is_low+0x850/0x850 [ 29.653065] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 29.657628] register_shrinker+0x17/0x40 [ 29.661670] sget_fc+0x778/0x960 [ 29.665031] ? compare_single+0x10/0x10 [ 29.668991] ? alloc_super+0xb10/0xb10 [ 29.672873] ? kasan_kmalloc+0xc4/0xe0 [ 29.676752] ? __kmalloc_track_caller+0x311/0x760 [ 29.681587] ? proc_root_lookup+0x60/0x60 [ 29.685738] vfs_get_super+0x6e/0x270 [ 29.689622] proc_get_tree+0x88/0xb0 [ 29.693325] vfs_get_tree+0x1cb/0x5c0 [ 29.697116] do_mount+0x6c1/0x1fb0 [ 29.700650] ? kasan_check_write+0x14/0x20 [ 29.704875] ? copy_mount_string+0x40/0x40 [ 29.709111] ? kasan_kmalloc+0xc4/0xe0 [ 29.712991] ? kmem_cache_alloc_trace+0x318/0x780 [ 29.717827] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 29.723344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 29.728869] ? copy_mount_options+0x285/0x380 [ 29.733363] ksys_mount+0x12d/0x140 [ 29.736981] __x64_sys_mount+0xbe/0x150 [ 29.740949] do_syscall_64+0x1b9/0x820 [ 29.744819] ? syscall_return_slowpath+0x5e0/0x5e0 [ 29.749742] ? syscall_return_slowpath+0x31d/0x5e0 [ 29.754742] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 29.759754] ? prepare_exit_to_usermode+0x291/0x3b0 [ 29.764752] ? perf_trace_sys_enter+0xb10/0xb10 [ 29.769406] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.774231] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 29.779403] RIP: 0033:0x441d79 [ 29.782587] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 29.802292] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.810076] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 29.817350] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 29.824620] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 29.831889] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 29.839139] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 29.846410] CPU: 0 PID: 4476 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 29.849160] FAULT_INJECTION: forcing a failure. [ 29.849160] name failslab, interval 1, probability 0, space 0, times 0 [ 29.854919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.854924] Call Trace: [ 29.854942] dump_stack+0x1c9/0x2b4 [ 29.854952] ? dump_stack_print_info.cold.2+0x52/0x52 [ 29.854963] ? __kernel_text_address+0xd/0x40 [ 29.854991] ? unwind_get_return_address+0x61/0xa0 [ 29.896762] should_fail.cold.4+0xa/0x11 [ 29.900821] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 29.905920] ? save_stack+0xa9/0xd0 [ 29.909531] ? save_stack+0x43/0xd0 [ 29.913149] ? kasan_kmalloc+0xc4/0xe0 [ 29.917016] ? kmem_cache_alloc_trace+0x152/0x780 [ 29.921838] ? __memcg_init_list_lru_node+0x185/0x2d0 [ 29.927006] ? __list_lru_init+0x4d6/0x840 [ 29.931357] ? alloc_super+0x9a6/0xb10 [ 29.935224] ? vfs_get_super+0x6e/0x270 [ 29.939181] ? proc_get_tree+0x88/0xb0 [ 29.943069] ? vfs_get_tree+0x1cb/0x5c0 [ 29.947024] ? do_mount+0x6c1/0x1fb0 [ 29.952452] ? ksys_mount+0x12d/0x140 [ 29.956246] ? __x64_sys_mount+0xbe/0x150 [ 29.960382] ? do_syscall_64+0x1b9/0x820 [ 29.964429] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 29.969779] ? save_stack+0xa9/0xd0 [ 29.973399] ? lock_acquire+0x1e4/0x540 [ 29.977354] ? fs_reclaim_acquire+0x20/0x20 [ 29.981657] ? lock_downgrade+0x8f0/0x8f0 [ 29.985785] ? __x64_sys_mount+0xbe/0x150 [ 29.989913] ? check_same_owner+0x340/0x340 [ 29.994226] ? rcu_note_context_switch+0x730/0x730 [ 29.999155] __should_failslab+0x124/0x180 [ 30.003371] should_failslab+0x9/0x14 [ 30.007173] kmem_cache_alloc_trace+0x2cb/0x780 [ 30.011821] ? kasan_kmalloc+0xc4/0xe0 [ 30.015692] __memcg_init_list_lru_node+0x185/0x2d0 [ 30.020688] ? kvfree_rcu+0x20/0x20 [ 30.024294] ? __kmalloc_node+0x47/0x70 [ 30.028250] __list_lru_init+0x4d6/0x840 [ 30.032288] ? up_write+0x7b/0x220 [ 30.035811] ? list_lru_destroy+0x500/0x500 [ 30.040114] ? prealloc_shrinker+0x124/0x450 [ 30.044505] ? prealloc_shrinker+0x21c/0x450 [ 30.048891] ? inactive_list_is_low+0x850/0x850 [ 30.054288] ? __lockdep_init_map+0x105/0x590 [ 30.058765] alloc_super+0x9a6/0xb10 [ 30.062459] ? destroy_unused_super.part.11+0x110/0x110 [ 30.067815] ? lock_downgrade+0x8f0/0x8f0 [ 30.071949] ? kasan_check_read+0x11/0x20 [ 30.076088] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 30.080658] ? kasan_check_write+0x14/0x20 [ 30.084874] ? do_raw_spin_lock+0xc1/0x200 [ 30.089101] ? ns_test_super+0x50/0x50 [ 30.092991] sget_fc+0x269/0x960 [ 30.096438] ? compare_single+0x10/0x10 [ 30.100396] ? alloc_super+0xb10/0xb10 [ 30.104264] ? kasan_kmalloc+0xc4/0xe0 [ 30.108141] ? __kmalloc_track_caller+0x311/0x760 [ 30.112992] ? proc_root_lookup+0x60/0x60 [ 30.117230] vfs_get_super+0x6e/0x270 [ 30.121017] proc_get_tree+0x88/0xb0 [ 30.124709] vfs_get_tree+0x1cb/0x5c0 [ 30.128505] do_mount+0x6c1/0x1fb0 [ 30.132030] ? retint_kernel+0x10/0x10 [ 30.135904] ? copy_mount_string+0x40/0x40 [ 30.140223] ? kasan_kmalloc+0xc4/0xe0 [ 30.144094] ? kmem_cache_alloc_trace+0x318/0x780 [ 30.148928] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.154451] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.159975] ? copy_mount_options+0x285/0x380 [ 30.164462] ksys_mount+0x12d/0x140 [ 30.168076] __x64_sys_mount+0xbe/0x150 [ 30.172060] do_syscall_64+0x1b9/0x820 [ 30.175934] ? syscall_slow_exit_work+0x500/0x500 [ 30.180781] ? syscall_return_slowpath+0x5e0/0x5e0 [ 30.185699] ? syscall_return_slowpath+0x31d/0x5e0 [ 30.190632] ? prepare_exit_to_usermode+0x291/0x3b0 [ 30.195732] ? perf_trace_sys_enter+0xb10/0xb10 [ 30.200396] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.205220] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.210390] RIP: 0033:0x441d79 [ 30.213644] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 30.232769] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 30.240468] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 30.247736] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 30.254991] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 30.262261] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 30.269519] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 30.276883] CPU: 1 PID: 4479 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 30.280836] FAULT_INJECTION: forcing a failure. [ 30.280836] name failslab, interval 1, probability 0, space 0, times 0 [ 30.285418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.285422] Call Trace: [ 30.285439] dump_stack+0x1c9/0x2b4 [ 30.285449] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.285468] should_fail.cold.4+0xa/0x11 [ 30.321369] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 30.326455] ? lock_downgrade+0x8f0/0x8f0 [ 30.330585] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.335581] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 30.340750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.346292] ? xas_find_tagged+0x44a/0x1440 [ 30.350613] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.356130] ? xas_store+0x52f/0x1720 [ 30.359920] ? lock_acquire+0x1e4/0x540 [ 30.363883] ? fs_reclaim_acquire+0x20/0x20 [ 30.368186] ? lock_downgrade+0x8f0/0x8f0 [ 30.372315] ? kasan_check_read+0x11/0x20 [ 30.376446] ? check_same_owner+0x340/0x340 [ 30.380774] ? do_raw_spin_lock+0xc1/0x200 [ 30.384991] ? rcu_note_context_switch+0x730/0x730 [ 30.389918] ? kfree+0x15e/0x260 [ 30.393277] __should_failslab+0x124/0x180 [ 30.397503] should_failslab+0x9/0x14 [ 30.401377] __kmalloc+0x2c8/0x760 [ 30.404938] ? sget_fc+0x741/0x960 [ 30.408488] ? lock_downgrade+0x8f0/0x8f0 [ 30.412620] ? prealloc_shrinker+0x124/0x450 [ 30.417031] prealloc_shrinker+0x124/0x450 [ 30.421249] ? inactive_list_is_low+0x850/0x850 [ 30.425930] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 30.430539] register_shrinker+0x17/0x40 [ 30.434603] sget_fc+0x778/0x960 [ 30.437961] ? compare_single+0x10/0x10 [ 30.441925] ? alloc_super+0xb10/0xb10 [ 30.445811] ? kasan_kmalloc+0xc4/0xe0 [ 30.449859] ? __kmalloc_track_caller+0x311/0x760 [ 30.454709] ? proc_root_lookup+0x60/0x60 [ 30.458849] vfs_get_super+0x6e/0x270 [ 30.462644] proc_get_tree+0x88/0xb0 [ 30.466340] vfs_get_tree+0x1cb/0x5c0 [ 30.470139] do_mount+0x6c1/0x1fb0 [ 30.473668] ? kasan_check_write+0x14/0x20 [ 30.477911] ? copy_mount_string+0x40/0x40 [ 30.482146] ? kasan_kmalloc+0xc4/0xe0 [ 30.486026] ? kmem_cache_alloc_trace+0x318/0x780 [ 30.490857] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.496381] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.501916] ? copy_mount_options+0x285/0x380 [ 30.506584] ksys_mount+0x12d/0x140 [ 30.510205] __x64_sys_mount+0xbe/0x150 [ 30.514182] do_syscall_64+0x1b9/0x820 [ 30.518061] ? syscall_return_slowpath+0x5e0/0x5e0 [ 30.522985] ? syscall_return_slowpath+0x31d/0x5e0 [ 30.527912] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 30.532925] ? prepare_exit_to_usermode+0x291/0x3b0 [ 30.537931] ? perf_trace_sys_enter+0xb10/0xb10 [ 30.542583] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.547423] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.552596] RIP: 0033:0x441d79 [ 30.555776] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 30.574930] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 30.582631] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 30.589905] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 30.597170] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 30.604454] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 30.611717] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 30.619003] CPU: 0 PID: 4480 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 30.622754] FAULT_INJECTION: forcing a failure. [ 30.622754] name failslab, interval 1, probability 0, space 0, times 0 [ 30.627958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.627962] Call Trace: [ 30.627979] dump_stack+0x1c9/0x2b4 [ 30.627989] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.628012] should_fail.cold.4+0xa/0x11 [ 30.664947] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 30.670155] ? lock_downgrade+0x8f0/0x8f0 [ 30.674300] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 30.679309] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 30.684483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.690002] ? xas_find_tagged+0x44a/0x1440 [ 30.694306] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.699821] ? xas_store+0x52f/0x1720 [ 30.703603] ? lock_acquire+0x1e4/0x540 [ 30.707567] ? fs_reclaim_acquire+0x20/0x20 [ 30.711871] ? lock_downgrade+0x8f0/0x8f0 [ 30.716001] ? check_same_owner+0x340/0x340 [ 30.720303] ? rcu_note_context_switch+0x730/0x730 [ 30.725301] ? kfree+0x15e/0x260 [ 30.728659] __should_failslab+0x124/0x180 [ 30.732881] should_failslab+0x9/0x14 [ 30.736665] __kmalloc+0x2c8/0x760 [ 30.740201] ? sget_fc+0x741/0x960 [ 30.743723] ? lock_downgrade+0x8f0/0x8f0 [ 30.747857] ? prealloc_shrinker+0x124/0x450 [ 30.752247] prealloc_shrinker+0x124/0x450 [ 30.756483] ? inactive_list_is_low+0x850/0x850 [ 30.761151] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 30.765717] register_shrinker+0x17/0x40 [ 30.769767] sget_fc+0x778/0x960 [ 30.773125] ? compare_single+0x10/0x10 [ 30.777092] ? alloc_super+0xb10/0xb10 [ 30.780972] ? kasan_kmalloc+0xc4/0xe0 [ 30.784853] ? __kmalloc_track_caller+0x311/0x760 [ 30.789767] ? proc_root_lookup+0x60/0x60 [ 30.793994] vfs_get_super+0x6e/0x270 [ 30.797885] proc_get_tree+0x88/0xb0 [ 30.801580] vfs_get_tree+0x1cb/0x5c0 [ 30.805373] do_mount+0x6c1/0x1fb0 [ 30.808893] ? kasan_check_write+0x14/0x20 [ 30.813136] ? copy_mount_string+0x40/0x40 [ 30.817438] ? kasan_kmalloc+0xc4/0xe0 [ 30.821306] ? kmem_cache_alloc_trace+0x318/0x780 [ 30.826151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 30.831717] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 30.837340] ? copy_mount_options+0x285/0x380 [ 30.841840] ksys_mount+0x12d/0x140 [ 30.845478] __x64_sys_mount+0xbe/0x150 [ 30.849471] do_syscall_64+0x1b9/0x820 [ 30.853389] ? syscall_return_slowpath+0x5e0/0x5e0 [ 30.858464] ? syscall_return_slowpath+0x31d/0x5e0 [ 30.863377] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 30.868461] ? prepare_exit_to_usermode+0x291/0x3b0 [ 30.873461] ? perf_trace_sys_enter+0xb10/0xb10 [ 30.878332] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 30.883659] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 30.888936] RIP: 0033:0x441d79 [ 30.892110] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 30.912243] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 30.919960] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 30.927239] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 30.934498] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 30.941760] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 30.949028] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 30.956298] CPU: 1 PID: 4478 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 30.967272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.970943] FAULT_INJECTION: forcing a failure. [ 30.970943] name failslab, interval 1, probability 0, space 0, times 0 [ 30.976703] Call Trace: [ 30.976722] dump_stack+0x1c9/0x2b4 [ 30.976732] ? dump_stack_print_info.cold.2+0x52/0x52 [ 30.976751] should_fail.cold.4+0xa/0x11 [ 31.003506] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 31.008587] ? lock_downgrade+0x8f0/0x8f0 [ 31.012718] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 31.017724] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 31.022893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.028412] ? xas_find_tagged+0x44a/0x1440 [ 31.032730] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 31.038247] ? xas_store+0x52f/0x1720 [ 31.042119] ? lock_acquire+0x1e4/0x540 [ 31.046081] ? fs_reclaim_acquire+0x20/0x20 [ 31.050395] ? lock_downgrade+0x8f0/0x8f0 [ 31.054548] ? kasan_check_read+0x11/0x20 [ 31.059741] ? check_same_owner+0x340/0x340 [ 31.064065] ? do_raw_spin_lock+0xc1/0x200 [ 31.068287] ? rcu_note_context_switch+0x730/0x730 [ 31.073262] ? kfree+0x15e/0x260 [ 31.076617] __should_failslab+0x124/0x180 [ 31.081130] should_failslab+0x9/0x14 [ 31.084920] __kmalloc+0x2c8/0x760 [ 31.088458] ? sget_fc+0x741/0x960 [ 31.092075] ? lock_downgrade+0x8f0/0x8f0 [ 31.096204] ? prealloc_shrinker+0x124/0x450 [ 31.100681] prealloc_shrinker+0x124/0x450 [ 31.105024] ? inactive_list_is_low+0x850/0x850 [ 31.109673] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 31.114236] register_shrinker+0x17/0x40 [ 31.118278] sget_fc+0x778/0x960 [ 31.121740] ? compare_single+0x10/0x10 [ 31.125700] ? alloc_super+0xb10/0xb10 [ 31.129567] ? kasan_kmalloc+0xc4/0xe0 [ 31.133435] ? __kmalloc_track_caller+0x311/0x760 [ 31.138283] ? proc_root_lookup+0x60/0x60 [ 31.142614] vfs_get_super+0x6e/0x270 [ 31.146406] proc_get_tree+0x88/0xb0 [ 31.150114] vfs_get_tree+0x1cb/0x5c0 [ 31.153903] do_mount+0x6c1/0x1fb0 [ 31.157440] ? kasan_check_write+0x14/0x20 [ 31.161667] ? copy_mount_string+0x40/0x40 [ 31.165889] ? kasan_kmalloc+0xc4/0xe0 [ 31.169761] ? kmem_cache_alloc_trace+0x318/0x780 [ 31.174599] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 31.180128] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.185658] ? copy_mount_options+0x285/0x380 [ 31.190136] ksys_mount+0x12d/0x140 [ 31.193745] __x64_sys_mount+0xbe/0x150 [ 31.197700] do_syscall_64+0x1b9/0x820 [ 31.201569] ? syscall_return_slowpath+0x5e0/0x5e0 [ 31.206481] ? syscall_return_slowpath+0x31d/0x5e0 [ 31.211389] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 31.216392] ? prepare_exit_to_usermode+0x291/0x3b0 [ 31.221402] ? perf_trace_sys_enter+0xb10/0xb10 [ 31.226075] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.230920] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 31.236102] RIP: 0033:0x441d79 [ 31.239285] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 31.258494] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 31.266195] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 31.273467] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 31.280743] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 31.288002] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 31.295262] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 31.302535] CPU: 0 PID: 4477 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 31.311037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.320394] Call Trace: [ 31.322970] dump_stack+0x1c9/0x2b4 [ 31.326582] ? dump_stack_print_info.cold.2+0x52/0x52 [ 31.331759] should_fail.cold.4+0xa/0x11 [ 31.335816] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 31.340923] ? lock_downgrade+0x8f0/0x8f0 [ 31.345067] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 31.350099] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 31.355290] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.360819] ? xas_find_tagged+0x44a/0x1440 [ 31.365129] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 31.370649] ? xas_store+0x52f/0x1720 [ 31.374439] ? lock_acquire+0x1e4/0x540 [ 31.378399] ? fs_reclaim_acquire+0x20/0x20 [ 31.382707] ? lock_downgrade+0x8f0/0x8f0 [ 31.386843] ? kasan_check_read+0x11/0x20 [ 31.390976] ? check_same_owner+0x340/0x340 [ 31.395306] ? do_raw_spin_lock+0xc1/0x200 [ 31.399556] ? rcu_note_context_switch+0x730/0x730 [ 31.404486] ? kfree+0x15e/0x260 [ 31.407836] __should_failslab+0x124/0x180 [ 31.412061] should_failslab+0x9/0x14 [ 31.415856] __kmalloc+0x2c8/0x760 [ 31.419381] ? sget_fc+0x741/0x960 [ 31.422919] ? lock_downgrade+0x8f0/0x8f0 [ 31.427063] ? prealloc_shrinker+0x124/0x450 [ 31.431465] prealloc_shrinker+0x124/0x450 [ 31.435686] ? inactive_list_is_low+0x850/0x850 [ 31.440342] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 31.444909] register_shrinker+0x17/0x40 [ 31.448955] sget_fc+0x778/0x960 [ 31.452304] ? compare_single+0x10/0x10 [ 31.456270] ? alloc_super+0xb10/0xb10 [ 31.460157] ? kasan_kmalloc+0xc4/0xe0 [ 31.464044] ? __kmalloc_track_caller+0x311/0x760 [ 31.468896] ? proc_root_lookup+0x60/0x60 [ 31.473040] vfs_get_super+0x6e/0x270 [ 31.476832] proc_get_tree+0x88/0xb0 [ 31.480531] vfs_get_tree+0x1cb/0x5c0 [ 31.484315] do_mount+0x6c1/0x1fb0 [ 31.487841] ? kasan_check_write+0x14/0x20 [ 31.492064] ? copy_mount_string+0x40/0x40 [ 31.496289] ? kasan_kmalloc+0xc4/0xe0 [ 31.500172] ? kmem_cache_alloc_trace+0x318/0x780 [ 31.505022] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 31.510561] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.516101] ? copy_mount_options+0x285/0x380 [ 31.520588] ksys_mount+0x12d/0x140 [ 31.524209] __x64_sys_mount+0xbe/0x150 [ 31.528254] do_syscall_64+0x1b9/0x820 [ 31.532123] ? syscall_return_slowpath+0x5e0/0x5e0 [ 31.537038] ? syscall_return_slowpath+0x31d/0x5e0 [ 31.541950] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 31.546952] ? prepare_exit_to_usermode+0x291/0x3b0 [ 31.551951] ? perf_trace_sys_enter+0xb10/0xb10 [ 31.556606] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.561436] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 31.566621] RIP: 0033:0x441d79 [ 31.569797] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 31.588945] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 31.596653] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 31.603906] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 executing program executing program [ 31.611165] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 31.618424] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 31.625686] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 31.655167] FAULT_INJECTION: forcing a failure. [ 31.655167] name failslab, interval 1, probability 0, space 0, times 0 [ 31.661104] FAULT_INJECTION: forcing a failure. [ 31.661104] name failslab, interval 1, probability 0, space 0, times 0 [ 31.666544] CPU: 0 PID: 4482 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 31.686141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.695478] Call Trace: [ 31.698317] dump_stack+0x1c9/0x2b4 [ 31.701936] ? dump_stack_print_info.cold.2+0x52/0x52 [ 31.707120] should_fail.cold.4+0xa/0x11 [ 31.711256] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 31.716348] ? trace_hardirqs_on+0x10/0x10 [ 31.720568] ? __kernel_text_address+0xd/0x40 [ 31.725052] ? __save_stack_trace+0x8d/0xf0 [ 31.729380] ? save_stack+0xa9/0xd0 [ 31.732999] ? __lockdep_init_map+0x105/0x590 [ 31.737484] ? lock_acquire+0x1e4/0x540 [ 31.741446] ? fs_reclaim_acquire+0x20/0x20 [ 31.745757] ? lock_downgrade+0x8f0/0x8f0 [ 31.749898] ? check_same_owner+0x340/0x340 [ 31.754212] ? rcu_note_context_switch+0x730/0x730 [ 31.759134] __should_failslab+0x124/0x180 [ 31.763369] should_failslab+0x9/0x14 [ 31.767245] kmem_cache_alloc+0x2af/0x760 [ 31.771559] ? lock_release+0xa30/0xa30 [ 31.775525] __d_alloc+0xc8/0xd50 [ 31.778972] ? shrink_dcache_for_umount+0x2b0/0x2b0 [ 31.783979] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 31.788984] ? ktime_get_coarse_real_ts64+0x243/0x3a0 [ 31.794165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.799693] ? timespec64_trunc+0xea/0x180 [ 31.803925] ? init_special_inode+0x210/0x210 [ 31.808411] ? do_raw_spin_lock+0xc1/0x200 [ 31.812650] ? current_time+0x131/0x1b0 [ 31.816612] ? timespec64_trunc+0x180/0x180 [ 31.820924] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.826460] ? set_nlink+0xaf/0x140 [ 31.830079] d_make_root+0x42/0x90 [ 31.833611] proc_fill_super+0x345/0x630 [ 31.837665] ? proc_root_lookup+0x60/0x60 [ 31.841804] ? __kmalloc_track_caller+0x311/0x760 [ 31.846639] ? proc_root_lookup+0x60/0x60 [ 31.850808] vfs_get_super+0x15e/0x270 [ 31.854700] proc_get_tree+0x88/0xb0 [ 31.858413] vfs_get_tree+0x1cb/0x5c0 [ 31.862204] do_mount+0x6c1/0x1fb0 [ 31.865733] ? kasan_check_read+0x11/0x20 [ 31.869874] ? do_raw_spin_unlock+0xa7/0x2f0 [ 31.874275] ? copy_mount_string+0x40/0x40 [ 31.878499] ? kasan_kmalloc+0xc4/0xe0 [ 31.882375] ? kmem_cache_alloc_trace+0x318/0x780 [ 31.887210] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 31.892735] ? copy_mount_options+0x285/0x380 [ 31.897237] ksys_mount+0x12d/0x140 [ 31.900856] __x64_sys_mount+0xbe/0x150 [ 31.904834] do_syscall_64+0x1b9/0x820 [ 31.908718] ? syscall_return_slowpath+0x5e0/0x5e0 [ 31.913645] ? syscall_return_slowpath+0x31d/0x5e0 [ 31.918563] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 31.923564] ? prepare_exit_to_usermode+0x291/0x3b0 [ 31.928567] ? perf_trace_sys_enter+0xb10/0xb10 [ 31.933223] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 31.938143] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 31.943320] RIP: 0033:0x441d79 [ 31.946490] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 31.965693] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 31.973390] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 31.980646] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 31.987903] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 31.995159] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 32.002412] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 32.009687] CPU: 1 PID: 4483 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 32.009820] proc_fill_super: allocate dentry failed [ 32.018192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.018196] Call Trace: [ 32.018217] dump_stack+0x1c9/0x2b4 [ 32.018235] ? dump_stack_print_info.cold.2+0x52/0x52 [ 32.026649] ================================================================== [ 32.032604] should_fail.cold.4+0xa/0x11 [ 32.035194] BUG: KASAN: use-after-free in dput.part.26+0x634/0x7a0 [ 32.038799] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 32.043975] Read of size 4 at addr ffff8801a7b8c4a0 by task syz-executor287/4482 [ 32.051321] ? lock_downgrade+0x8f0/0x8f0 [ 32.055437] [ 32.061799] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 32.085176] ? __memcg_init_list_lru_node+0x20a/0x2d0 [ 32.090361] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 32.095889] ? xas_find_tagged+0x44a/0x1440 [ 32.100202] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 32.105727] ? xas_store+0x52f/0x1720 [ 32.109522] ? lock_acquire+0x1e4/0x540 [ 32.113495] ? fs_reclaim_acquire+0x20/0x20 [ 32.117806] ? lock_downgrade+0x8f0/0x8f0 [ 32.122460] ? kasan_check_read+0x11/0x20 [ 32.126602] ? check_same_owner+0x340/0x340 [ 32.130910] ? do_raw_spin_lock+0xc1/0x200 [ 32.135134] ? rcu_note_context_switch+0x730/0x730 [ 32.140057] ? kfree+0x15e/0x260 [ 32.143412] __should_failslab+0x124/0x180 [ 32.147637] should_failslab+0x9/0x14 [ 32.151425] __kmalloc+0x2c8/0x760 [ 32.154960] ? sget_fc+0x741/0x960 [ 32.158492] ? lock_downgrade+0x8f0/0x8f0 [ 32.162637] ? prealloc_shrinker+0x124/0x450 [ 32.167033] prealloc_shrinker+0x124/0x450 [ 32.171263] ? inactive_list_is_low+0x850/0x850 [ 32.175921] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 32.180492] register_shrinker+0x17/0x40 [ 32.184537] sget_fc+0x778/0x960 [ 32.187891] ? compare_single+0x10/0x10 [ 32.191853] ? alloc_super+0xb10/0xb10 [ 32.195726] ? kasan_kmalloc+0xc4/0xe0 [ 32.199612] ? __kmalloc_track_caller+0x311/0x760 [ 32.204441] ? proc_root_lookup+0x60/0x60 [ 32.208578] vfs_get_super+0x6e/0x270 [ 32.212367] proc_get_tree+0x88/0xb0 [ 32.216068] vfs_get_tree+0x1cb/0x5c0 [ 32.219872] do_mount+0x6c1/0x1fb0 [ 32.223403] ? kasan_check_write+0x14/0x20 [ 32.227625] ? copy_mount_string+0x40/0x40 [ 32.231849] ? retint_kernel+0x10/0x10 [ 32.235727] ? copy_mount_options+0x1e3/0x380 [ 32.240206] ? copy_mount_options+0x1f0/0x380 [ 32.244691] ? copy_mount_options+0x1f6/0x380 [ 32.249176] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 32.254700] ? copy_mount_options+0x285/0x380 [ 32.259200] ksys_mount+0x12d/0x140 [ 32.262839] __x64_sys_mount+0xbe/0x150 [ 32.266803] do_syscall_64+0x1b9/0x820 [ 32.270682] ? syscall_return_slowpath+0x5e0/0x5e0 [ 32.275614] ? syscall_return_slowpath+0x31d/0x5e0 [ 32.280530] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 32.285533] ? prepare_exit_to_usermode+0x291/0x3b0 [ 32.290538] ? perf_trace_sys_enter+0xb10/0xb10 [ 32.295194] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.300031] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.305204] RIP: 0033:0x441d79 [ 32.308389] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 32.327610] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 32.335306] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 32.342569] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 32.349837] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 32.357096] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 32.364355] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 32.371634] CPU: 0 PID: 4482 Comm: syz-executor287 Not tainted 4.18.0-rc3-next-20180706+ #1 [ 32.380136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.389469] Call Trace: [ 32.392044] dump_stack+0x1c9/0x2b4 [ 32.395659] ? dump_stack_print_info.cold.2+0x52/0x52 [ 32.400841] ? printk+0xa7/0xcf [ 32.404104] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 32.408839] ? dput.part.26+0x634/0x7a0 [ 32.412792] print_address_description+0x6c/0x20b [ 32.417630] ? dput.part.26+0x634/0x7a0 [ 32.421589] kasan_report.cold.7+0x242/0x30d [ 32.425983] __asan_report_load4_noabort+0x14/0x20 [ 32.430893] dput.part.26+0x634/0x7a0 [ 32.434672] ? shrink_dcache_sb+0x350/0x350 [ 32.438973] ? __kasan_slab_free+0x131/0x170 [ 32.443370] ? trace_hardirqs_on+0xd/0x10 [ 32.447501] dput+0x15/0x20 [ 32.450415] proc_kill_sb+0x125/0x1e0 [ 32.454211] ? proc_get_inode+0x680/0x680 [ 32.458338] ? proc_root_lookup+0x60/0x60 [ 32.462467] deactivate_locked_super+0x97/0x100 [ 32.467114] vfs_get_super+0x20f/0x270 [ 32.470981] proc_get_tree+0x88/0xb0 [ 32.474681] vfs_get_tree+0x1cb/0x5c0 [ 32.478460] do_mount+0x6c1/0x1fb0 [ 32.481985] ? kasan_check_read+0x11/0x20 [ 32.486125] ? do_raw_spin_unlock+0xa7/0x2f0 [ 32.490530] ? copy_mount_string+0x40/0x40 [ 32.494746] ? kasan_kmalloc+0xc4/0xe0 [ 32.498614] ? kmem_cache_alloc_trace+0x318/0x780 [ 32.503449] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 32.508964] ? copy_mount_options+0x285/0x380 [ 32.513448] ksys_mount+0x12d/0x140 [ 32.517053] __x64_sys_mount+0xbe/0x150 [ 32.521013] do_syscall_64+0x1b9/0x820 [ 32.524887] ? syscall_return_slowpath+0x5e0/0x5e0 [ 32.529793] ? syscall_return_slowpath+0x31d/0x5e0 [ 32.534706] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 32.539709] ? prepare_exit_to_usermode+0x291/0x3b0 [ 32.544707] ? perf_trace_sys_enter+0xb10/0xb10 [ 32.549364] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 32.554199] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.559370] RIP: 0033:0x441d79 [ 32.562546] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 32.581679] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 32.589374] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 32.596625] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 32.603906] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 32.611242] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 32.618497] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 32.625761] [ 32.627365] Allocated by task 4473: [ 32.630986] save_stack+0x43/0xd0 [ 32.634426] kasan_kmalloc+0xc4/0xe0 [ 32.638126] kasan_slab_alloc+0x12/0x20 [ 32.642086] kmem_cache_alloc+0x12e/0x760 [ 32.646212] __d_alloc+0xc8/0xd50 [ 32.649645] d_alloc+0x96/0x380 [ 32.652904] d_alloc_name+0xbb/0x120 [ 32.656609] proc_setup_self+0xe1/0x3af [ 32.660733] proc_fill_super+0x37e/0x630 [ 32.664808] vfs_get_super+0x15e/0x270 [ 32.668674] proc_get_tree+0x88/0xb0 [ 32.672381] vfs_get_tree+0x1cb/0x5c0 [ 32.676165] do_mount+0x6c1/0x1fb0 [ 32.679685] ksys_mount+0x12d/0x140 [ 32.683297] __x64_sys_mount+0xbe/0x150 [ 32.687259] do_syscall_64+0x1b9/0x820 [ 32.691134] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.696295] [ 32.697901] Freed by task 4474: [ 32.701161] save_stack+0x43/0xd0 [ 32.704601] __kasan_slab_free+0x11a/0x170 [ 32.708905] kasan_slab_free+0xe/0x10 [ 32.712682] kmem_cache_free+0x86/0x2d0 [ 32.716652] __d_free+0x20/0x30 [ 32.719909] rcu_process_callbacks+0xe01/0x2810 [ 32.724557] __do_softirq+0x2e8/0xb17 [ 32.728335] [ 32.729941] The buggy address belongs to the object at ffff8801a7b8c4a0 [ 32.729941] which belongs to the cache dentry(17:syz4) of size 288 [ 32.742933] The buggy address is located 0 bytes inside of [ 32.742933] 288-byte region [ffff8801a7b8c4a0, ffff8801a7b8c5c0) [ 32.754618] The buggy address belongs to the page: [ 32.759538] page:ffffea00069ee300 count:1 mapcount:0 mapping:ffff8801ccf543c0 index:0x0 [ 32.767689] flags: 0x2fffc0000000100(slab) [ 32.771921] raw: 02fffc0000000100 ffff8801d4348948 ffffea00069ee788 ffff8801ccf543c0 [ 32.779790] raw: 0000000000000000 ffff8801a7b8c080 000000010000000b ffff8801ab42c3c0 [ 32.787700] page dumped because: kasan: bad access detected [ 32.793403] page->mem_cgroup:ffff8801ab42c3c0 [ 32.797898] [ 32.799501] Memory state around the buggy address: [ 32.804426] ffff8801a7b8c380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.811776] ffff8801a7b8c400: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 32.819122] >ffff8801a7b8c480: fc fc fc fc fb fb fb fb fb fb fb fb fb fb fb fb [ 32.826465] ^ [ 32.830850] ffff8801a7b8c500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 32.838196] ffff8801a7b8c580: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 32.845538] ================================================================== [ 32.860915] Kernel panic - not syncing: panic_on_warn set ... [ 32.860915] [ 32.868363] CPU: 0 PID: 4482 Comm: syz-executor287 Tainted: G B 4.18.0-rc3-next-20180706+ #1 [ 32.878282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.887637] Call Trace: [ 32.890214] dump_stack+0x1c9/0x2b4 [ 32.893837] ? dump_stack_print_info.cold.2+0x52/0x52 [ 32.899038] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 32.903779] panic+0x238/0x4e7 [ 32.906958] ? add_taint.cold.5+0x16/0x16 [ 32.911089] ? do_raw_spin_unlock+0xa7/0x2f0 [ 32.915500] ? do_raw_spin_unlock+0xa7/0x2f0 [ 32.919900] ? dput.part.26+0x634/0x7a0 [ 32.923878] kasan_end_report+0x47/0x4f [ 32.927841] kasan_report.cold.7+0x76/0x30d [ 32.932162] __asan_report_load4_noabort+0x14/0x20 [ 32.937075] dput.part.26+0x634/0x7a0 [ 32.940856] ? shrink_dcache_sb+0x350/0x350 [ 32.945169] ? __kasan_slab_free+0x131/0x170 [ 32.949562] ? trace_hardirqs_on+0xd/0x10 [ 32.953690] dput+0x15/0x20 [ 32.956601] proc_kill_sb+0x125/0x1e0 [ 32.960381] ? proc_get_inode+0x680/0x680 [ 32.964508] ? proc_root_lookup+0x60/0x60 [ 32.968637] deactivate_locked_super+0x97/0x100 [ 32.973394] vfs_get_super+0x20f/0x270 [ 32.977269] proc_get_tree+0x88/0xb0 [ 32.980973] vfs_get_tree+0x1cb/0x5c0 [ 32.984760] do_mount+0x6c1/0x1fb0 [ 32.988286] ? kasan_check_read+0x11/0x20 [ 32.992426] ? do_raw_spin_unlock+0xa7/0x2f0 [ 32.996912] ? copy_mount_string+0x40/0x40 [ 33.001140] ? kasan_kmalloc+0xc4/0xe0 [ 33.005024] ? kmem_cache_alloc_trace+0x318/0x780 [ 33.009863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 33.015387] ? copy_mount_options+0x285/0x380 [ 33.019864] ksys_mount+0x12d/0x140 [ 33.023474] __x64_sys_mount+0xbe/0x150 [ 33.027440] do_syscall_64+0x1b9/0x820 [ 33.031309] ? syscall_return_slowpath+0x5e0/0x5e0 [ 33.036219] ? syscall_return_slowpath+0x31d/0x5e0 [ 33.041128] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 33.046137] ? prepare_exit_to_usermode+0x291/0x3b0 [ 33.051138] ? perf_trace_sys_enter+0xb10/0xb10 [ 33.055802] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 33.060642] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.065815] RIP: 0033:0x441d79 [ 33.068990] Code: e8 6c e6 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb 07 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 33.088224] RSP: 002b:00007ffe4c8551b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 33.095921] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441d79 [ 33.103175] RDX: 0000000020000540 RSI: 0000000020000500 RDI: 00000000200004c0 [ 33.110438] RBP: 00007ffe4c8551d0 R08: 0000000020000580 R09: 0000000000000000 [ 33.117690] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 33.124939] R13: 0000000000000004 R14: 0000000000000000 R15: 0000000000000000 [ 33.132734] Dumping ftrace buffer: [ 33.136255] (ftrace buffer empty) [ 33.139948] Kernel Offset: disabled [ 33.143557] Rebooting in 86400 seconds..