[ 42.652831] audit: type=1800 audit(1555168031.209:30): pid=7740 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2490 res=0 Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 47.906560] kauditd_printk_skb: 4 callbacks suppressed [ 47.906575] audit: type=1400 audit(1555168036.489:35): avc: denied { map } for pid=7915 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.154' (ECDSA) to the list of known hosts. executing program [ 62.338590] audit: type=1400 audit(1555168050.919:36): avc: denied { map } for pid=7927 comm="syz-executor281" path="/root/syz-executor281188111" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 62.348938] FAULT_INJECTION: forcing a failure. [ 62.348938] name failslab, interval 1, probability 0, space 0, times 1 [ 62.376827] CPU: 0 PID: 7928 Comm: syz-executor281 Not tainted 4.19.34 #2 [ 62.383756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 62.393444] Call Trace: [ 62.396040] dump_stack+0x172/0x1f0 [ 62.399692] should_fail.cold+0xa/0x1b [ 62.403586] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 62.408682] ? lock_downgrade+0x810/0x810 [ 62.412817] ? ___might_sleep+0x163/0x280 [ 62.416973] __should_failslab+0x121/0x190 [ 62.421212] should_failslab+0x9/0x14 [ 62.424996] kmem_cache_alloc+0x2b1/0x700 [ 62.429141] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 62.434690] ptlock_alloc+0x20/0x70 [ 62.438307] pte_alloc_one+0x6d/0x1a0 [ 62.442109] do_huge_pmd_anonymous_page+0xac8/0x15e0 [ 62.447198] ? __lock_acquire+0x6eb/0x48f0 [ 62.451433] ? __thp_get_unmapped_area+0x190/0x190 [ 62.456366] ? __pmd+0x60/0x60 [ 62.459548] __handle_mm_fault+0x2c85/0x3f80 [ 62.463945] ? vmf_insert_mixed_mkwrite+0x90/0x90 [ 62.468774] ? find_held_lock+0x35/0x130 [ 62.472926] ? handle_mm_fault+0x322/0xb30 [ 62.477154] ? kasan_check_read+0x11/0x20 [ 62.481349] handle_mm_fault+0x43f/0xb30 [ 62.485412] __do_page_fault+0x62a/0xe90 [ 62.489467] ? cache_grow_end+0xa4/0x190 [ 62.493561] ? vmalloc_fault+0x770/0x770 [ 62.497610] ? trace_hardirqs_off_caller+0x65/0x220 [ 62.502615] do_page_fault+0x71/0x581 [ 62.506403] page_fault+0x1e/0x30 [ 62.509844] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 [ 62.515749] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 [ 62.534638] RSP: 0018:ffff888094227bc0 EFLAGS: 00010206 [ 62.539990] RAX: 0000000000000000 RBX: 0000000000000800 RCX: 0000000000000800 [ 62.547242] RDX: 0000000000000800 RSI: 0000000020c34fff RDI: ffff8880913ff700 [ 62.554500] RBP: ffff888094227bf8 R08: ffffed101227ffe0 R09: 0000000000000000 [ 62.561752] R10: ffffed101227ffdf R11: ffff8880913ffeff R12: 0000000020c34fff [ 62.569007] R13: 0000000020c357ff R14: ffff8880913ff700 R15: 00007ffffffff000 [ 62.576277] ? _copy_from_user+0x10b/0x150 [ 62.580515] tty_write+0x409/0x7a0 [ 62.584068] ? process_echoes+0x170/0x170 [ 62.588219] __vfs_write+0x116/0x820 [ 62.591919] ? tty_read+0x2a0/0x2a0 [ 62.595557] ? kernel_read+0x120/0x120 [ 62.599431] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 62.604965] ? __inode_security_revalidate+0xda/0x120 [ 62.610139] ? avc_policy_seqno+0xd/0x70 [ 62.614190] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 62.619202] ? selinux_file_permission+0x92/0x550 [ 62.624035] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 62.629577] ? security_file_permission+0x8f/0x230 [ 62.634584] ? rw_verify_area+0x118/0x360 [ 62.638735] vfs_write+0x20c/0x560 [ 62.642262] ksys_write+0xea/0x1f0 [ 62.645785] ? __ia32_sys_read+0xb0/0xb0 [ 62.649925] ? do_syscall_64+0x26/0x610 [ 62.653884] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 62.659238] ? do_syscall_64+0x26/0x610 [ 62.663297] __x64_sys_write+0x73/0xb0 [ 62.667171] do_syscall_64+0x103/0x610 [ 62.671049] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 62.676276] RIP: 0033:0x441769 [ 62.679559] Code: e8 cc ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 62.698452] RSP: 002b:00007ffc07534fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 62.706169] RAX: ffffffffffffffda RBX: 00007ffc07534ff0 RCX: 0000000000441769 [ 62.713424] RDX: 00000000ffffff0b RSI: 0000000020c34fff RDI: 0000000000000004 [ 62.720683] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 62.728012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402690 [ 62.735340] R13: 0000000000402720 R14: 0000000000000000 R15: 0000000000000000 executing program [ 67.346498] FAULT_INJECTION: forcing a failure. [ 67.346498] name failslab, interval 1, probability 0, space 0, times 0 [ 67.358775] CPU: 1 PID: 7929 Comm: syz-executor281 Not tainted 4.19.34 #2 [ 67.365684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.375068] Call Trace: [ 67.377643] dump_stack+0x172/0x1f0 [ 67.381256] should_fail.cold+0xa/0x1b [ 67.385126] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.390232] __should_failslab+0x121/0x190 [ 67.394453] should_failslab+0x9/0x14 [ 67.398231] __kmalloc+0x71/0x750 [ 67.401662] ? __mutex_lock+0x3cd/0x1300 [ 67.405710] ? add_wait_queue+0x112/0x170 [ 67.409841] ? n_tty_write+0xac1/0x1100 [ 67.413806] ? find_held_lock+0x35/0x130 [ 67.417850] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 67.422942] __tty_buffer_request_room+0x1fb/0x5c0 [ 67.427863] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 67.433421] ? do_raw_spin_lock+0xc8/0x240 [ 67.437639] pty_write+0x133/0x200 [ 67.441267] n_tty_write+0xb06/0x1100 [ 67.445059] ? __do_page_fault+0x484/0xe90 [ 67.449277] ? retint_kernel+0x2d/0x2d [ 67.453156] ? process_echoes+0x170/0x170 [ 67.457282] ? do_wait_intr_irq+0x2b0/0x2b0 [ 67.461583] ? copy_user_enhanced_fast_string+0xe/0x20 [ 67.466944] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.472481] ? _copy_from_user+0xdd/0x150 [ 67.476624] tty_write+0x45b/0x7a0 [ 67.480155] ? process_echoes+0x170/0x170 [ 67.484289] __vfs_write+0x116/0x820 [ 67.487987] ? tty_read+0x2a0/0x2a0 [ 67.491599] ? kernel_read+0x120/0x120 [ 67.495494] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 67.501108] ? __inode_security_revalidate+0xda/0x120 [ 67.506278] ? avc_policy_seqno+0xd/0x70 [ 67.510316] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 67.515430] ? selinux_file_permission+0x92/0x550 [ 67.520263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.525839] ? security_file_permission+0x8f/0x230 [ 67.530760] ? rw_verify_area+0x118/0x360 [ 67.534890] vfs_write+0x20c/0x560 [ 67.538413] ksys_write+0xea/0x1f0 [ 67.541930] ? __ia32_sys_read+0xb0/0xb0 [ 67.545986] ? do_syscall_64+0x26/0x610 [ 67.549949] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.555348] ? do_syscall_64+0x26/0x610 [ 67.559320] __x64_sys_write+0x73/0xb0 [ 67.563243] do_syscall_64+0x103/0x610 [ 67.567125] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.572298] RIP: 0033:0x441769 [ 67.575512] Code: e8 cc ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.594402] RSP: 002b:00007ffc07534fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.602090] RAX: ffffffffffffffda RBX: 00007ffc07534ff0 RCX: 0000000000441769 [ 67.609342] RDX: 00000000ffffff0b RSI: 0000000020c34fff RDI: 0000000000000004 [ 67.616589] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 67.623836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402690 [ 67.631086] R13: 0000000000402720 R14: 0000000000000000 R15: 0000000000000000 [ 67.638434] [ 67.638437] ====================================================== [ 67.638441] WARNING: possible circular locking dependency detected [ 67.638442] 4.19.34 #2 Not tainted [ 67.638446] ------------------------------------------------------ [ 67.638448] syz-executor281/7929 is trying to acquire lock: [ 67.638451] 00000000d46d5bf4 (console_owner){-...}, at: console_unlock+0x426/0x1080 [ 67.638459] [ 67.638461] but task is already holding lock: [ 67.638463] 00000000e525e911 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 [ 67.638471] [ 67.638474] which lock already depends on the new lock. [ 67.638475] [ 67.638476] [ 67.638479] the existing dependency chain (in reverse order) is: [ 67.638480] [ 67.638481] -> #2 (&(&port->lock)->rlock){-.-.}: [ 67.638490] _raw_spin_lock_irqsave+0x95/0xcd [ 67.638492] tty_port_tty_get+0x22/0x80 [ 67.638494] tty_port_default_wakeup+0x16/0x40 [ 67.638497] tty_port_tty_wakeup+0x5d/0x70 [ 67.638499] uart_write_wakeup+0x46/0x70 [ 67.638501] serial8250_tx_chars+0x4a4/0xb20 [ 67.638504] serial8250_handle_irq.part.0+0x1e2/0x270 [ 67.638507] serial8250_default_handle_irq+0xc5/0x150 [ 67.638509] serial8250_interrupt+0x102/0x1e0 [ 67.638512] __handle_irq_event_percpu+0x146/0x900 [ 67.638515] handle_irq_event_percpu+0x74/0x160 [ 67.638517] handle_irq_event+0xa7/0x134 [ 67.638519] handle_edge_irq+0x264/0x8e0 [ 67.638521] handle_irq+0x252/0x3d8 [ 67.638523] do_IRQ+0x99/0x1d0 [ 67.638526] ret_from_intr+0x0/0x1e [ 67.638528] native_safe_halt+0x2/0x10 [ 67.638530] arch_cpu_idle+0x10/0x20 [ 67.638532] default_idle_call+0x36/0x90 [ 67.638534] do_idle+0x386/0x570 [ 67.638551] cpu_startup_entry+0xc8/0xe0 [ 67.638553] rest_init+0xf1/0xf6 [ 67.638555] start_kernel+0x88f/0x8c8 [ 67.638557] x86_64_start_reservations+0x29/0x2b [ 67.638560] x86_64_start_kernel+0x77/0x7b [ 67.638562] secondary_startup_64+0xa4/0xb0 [ 67.638563] [ 67.638564] -> #1 (&port_lock_key){-.-.}: [ 67.638572] _raw_spin_lock_irqsave+0x95/0xcd [ 67.638574] serial8250_console_write+0x7ed/0xa10 [ 67.638577] univ8250_console_write+0x5f/0x70 [ 67.638579] console_unlock+0xbbe/0x1080 [ 67.638581] vprintk_emit+0x238/0x690 [ 67.638583] vprintk_default+0x28/0x30 [ 67.638585] vprintk_func+0x7e/0x189 [ 67.638587] printk+0xba/0xed [ 67.638589] register_console+0x787/0xb90 [ 67.638592] univ8250_console_init+0x3e/0x4b [ 67.638594] console_init+0x4f7/0x761 [ 67.638596] start_kernel+0x59f/0x8c8 [ 67.638598] x86_64_start_reservations+0x29/0x2b [ 67.638600] x86_64_start_kernel+0x77/0x7b [ 67.638603] secondary_startup_64+0xa4/0xb0 [ 67.638604] [ 67.638605] -> #0 (console_owner){-...}: [ 67.638612] lock_acquire+0x16f/0x3f0 [ 67.638615] console_unlock+0x490/0x1080 [ 67.638617] vprintk_emit+0x238/0x690 [ 67.638619] vprintk_default+0x28/0x30 [ 67.638621] vprintk_func+0x7e/0x189 [ 67.638623] printk+0xba/0xed [ 67.638625] should_fail+0x6f1/0x85c [ 67.638627] __should_failslab+0x121/0x190 [ 67.638629] should_failslab+0x9/0x14 [ 67.638631] __kmalloc+0x71/0x750 [ 67.638634] __tty_buffer_request_room+0x1fb/0x5c0 [ 67.638636] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 67.638638] pty_write+0x133/0x200 [ 67.638641] n_tty_write+0xb06/0x1100 [ 67.638643] tty_write+0x45b/0x7a0 [ 67.638645] __vfs_write+0x116/0x820 [ 67.638647] vfs_write+0x20c/0x560 [ 67.638649] ksys_write+0xea/0x1f0 [ 67.638651] __x64_sys_write+0x73/0xb0 [ 67.638653] do_syscall_64+0x103/0x610 [ 67.638656] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.638657] [ 67.638671] other info that might help us debug this: [ 67.638673] [ 67.638674] Chain exists of: [ 67.638676] console_owner --> &port_lock_key --> &(&port->lock)->rlock [ 67.638687] [ 67.638690] Possible unsafe locking scenario: [ 67.638691] [ 67.638693] CPU0 CPU1 [ 67.638695] ---- ---- [ 67.638697] lock(&(&port->lock)->rlock); [ 67.638702] lock(&port_lock_key); [ 67.638707] lock(&(&port->lock)->rlock); [ 67.638712] lock(console_owner); [ 67.638716] [ 67.638718] *** DEADLOCK *** [ 67.638719] [ 67.638721] 6 locks held by syz-executor281/7929: [ 67.638723] #0: 00000000eec7e1a2 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 [ 67.638732] #1: 00000000e6694a86 (&tty->atomic_write_lock){+.+.}, at: tty_write_lock+0x23/0x90 [ 67.638742] #2: 000000007c9edac7 (&tty->termios_rwsem){++++}, at: n_tty_write+0x1ab/0x1100 [ 67.638751] #3: 000000008fd1a235 (&ldata->output_lock){+.+.}, at: n_tty_write+0xac1/0x1100 [ 67.638761] #4: 00000000e525e911 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 [ 67.638770] #5: 00000000df78913d (console_lock){+.+.}, at: vprintk_emit+0x21d/0x690 [ 67.638780] [ 67.638781] stack backtrace: [ 67.638785] CPU: 1 PID: 7929 Comm: syz-executor281 Not tainted 4.19.34 #2 [ 67.638789] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.638791] Call Trace: [ 67.638793] dump_stack+0x172/0x1f0 [ 67.638796] print_circular_bug.isra.0.cold+0x1cc/0x28f [ 67.638798] __lock_acquire+0x2e6d/0x48f0 [ 67.638800] ? mark_held_locks+0x100/0x100 [ 67.638802] ? scnprintf+0x140/0x140 [ 67.638805] ? console_unlock+0x46b/0x1080 [ 67.638807] lock_acquire+0x16f/0x3f0 [ 67.638809] ? console_unlock+0x426/0x1080 [ 67.638812] console_unlock+0x490/0x1080 [ 67.638814] ? console_unlock+0x426/0x1080 [ 67.638816] vprintk_emit+0x238/0x690 [ 67.638818] vprintk_default+0x28/0x30 [ 67.638820] vprintk_func+0x7e/0x189 [ 67.638822] printk+0xba/0xed [ 67.638824] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 67.638827] ? __lock_acquire+0x6eb/0x48f0 [ 67.638830] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.638832] ? ___ratelimit+0x60/0x595 [ 67.638834] should_fail+0x6f1/0x85c [ 67.638836] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.638839] __should_failslab+0x121/0x190 [ 67.638841] should_failslab+0x9/0x14 [ 67.638843] __kmalloc+0x71/0x750 [ 67.638845] ? __mutex_lock+0x3cd/0x1300 [ 67.638847] ? add_wait_queue+0x112/0x170 [ 67.638849] ? n_tty_write+0xac1/0x1100 [ 67.638852] ? find_held_lock+0x35/0x130 [ 67.638854] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 67.638857] __tty_buffer_request_room+0x1fb/0x5c0 [ 67.638860] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 67.638862] ? do_raw_spin_lock+0xc8/0x240 [ 67.638864] pty_write+0x133/0x200 [ 67.638866] n_tty_write+0xb06/0x1100 [ 67.638868] ? __do_page_fault+0x484/0xe90 [ 67.638870] ? retint_kernel+0x2d/0x2d [ 67.638873] ? process_echoes+0x170/0x170 [ 67.638875] ? do_wait_intr_irq+0x2b0/0x2b0 [ 67.638878] ? copy_user_enhanced_fast_string+0xe/0x20 [ 67.638880] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 67.638883] ? _copy_from_user+0xdd/0x150 [ 67.638885] tty_write+0x45b/0x7a0 [ 67.638887] ? process_echoes+0x170/0x170 [ 67.638889] __vfs_write+0x116/0x820 [ 67.638891] ? tty_read+0x2a0/0x2a0 [ 67.638893] ? kernel_read+0x120/0x120 [ 67.638896] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 67.638898] ? __inode_security_revalidate+0xda/0x120 [ 67.638901] ? avc_policy_seqno+0xd/0x70 [ 67.638903] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 67.638906] ? selinux_file_permission+0x92/0x550 [ 67.638909] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.638911] ? security_file_permission+0x8f/0x230 [ 67.638913] ? rw_verify_area+0x118/0x360 [ 67.638915] vfs_write+0x20c/0x560 [ 67.638917] ksys_write+0xea/0x1f0 [ 67.638920] ? __ia32_sys_read+0xb0/0xb0 [ 67.638922] ? do_syscall_64+0x26/0x610 [ 67.638924] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.638927] ? do_syscall_64+0x26/0x610 [ 67.638929] __x64_sys_write+0x73/0xb0 [ 67.638931] do_syscall_64+0x103/0x610 [ 67.638933] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.638935] RIP: 0033:0x441769 [ 67.638943] Code: e8 cc ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.638946] RSP: 002b:00007ffc07534fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 67.638952] RAX: ffffffffffffffda RBX: 00007ffc07534ff0 RCX: 0000000000441769 [ 67.638955] RDX: 00000000ffffff0b RSI: 0000000020c34fff RDI: 0000000000000004 [ 67.638958] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 67.638962] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402690 [ 67.638965] R13: 0000000000402720 R14: 0000000000000000 R15: 0000000000000000 executing program [ 72.346825] FAULT_INJECTION: forcing a failure. [ 72.346825] name failslab, interval 1, probability 0, space 0, times 0 [ 72.358062] CPU: 1 PID: 7930 Comm: syz-executor281 Not tainted 4.19.34 #2 [ 72.365020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 72.374365] Call Trace: [ 72.376936] dump_stack+0x172/0x1f0 [ 72.380595] should_fail.cold+0xa/0x1b [ 72.384480] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 72.389564] ? __handle_mm_fault+0x7d3/0x3f80 [ 72.394055] __should_failslab+0x121/0x190 [ 72.398272] should_failslab+0x9/0x14 [ 72.402056] __kmalloc+0x71/0x750 [ 72.405514] ? __mutex_lock+0x3cd/0x1300 [ 72.409560] ? n_tty_write+0xac1/0x1100 [ 72.413519] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 72.418622] __tty_buffer_request_room+0x1fb/0x5c0 [ 72.423537] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 72.429062] ? do_raw_spin_lock+0xc8/0x240 [ 72.433396] pty_write+0x133/0x200 [ 72.436919] n_tty_write+0xb06/0x1100 [ 72.440704] ? __do_page_fault+0x484/0xe90 [ 72.444918] ? retint_kernel+0x2d/0x2d [ 72.448789] ? process_echoes+0x170/0x170 [ 72.452919] ? do_wait_intr_irq+0x2b0/0x2b0 [ 72.457226] ? copy_user_enhanced_fast_string+0xe/0x20 [ 72.462487] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 72.468024] ? _copy_from_user+0xdd/0x150 [ 72.472174] tty_write+0x45b/0x7a0 [ 72.475700] ? process_echoes+0x170/0x170 [ 72.479848] __vfs_write+0x116/0x820 [ 72.483546] ? tty_read+0x2a0/0x2a0 [ 72.487160] ? kernel_read+0x120/0x120 [ 72.491030] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 72.496554] ? __inode_security_revalidate+0xda/0x120 [ 72.501733] ? avc_policy_seqno+0xd/0x70 [ 72.505774] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 72.510772] ? selinux_file_permission+0x92/0x550 [ 72.515602] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 72.521122] ? security_file_permission+0x8f/0x230 [ 72.526058] ? rw_verify_area+0x118/0x360 [ 72.530189] vfs_write+0x20c/0x560 [ 72.533713] ksys_write+0xea/0x1f0 [ 72.537237] ? __ia32_sys_read+0xb0/0xb0 [ 72.541283] ? do_syscall_64+0x52d/0x610 [ 72.545327] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 72.550673] __x64_sys_write+0x73/0xb0 [ 72.554557] do_syscall_64+0x103/0x610 [ 72.558431] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 72.563601] RIP: 0033:0x441769 [ 72.566778] Code: e8 cc ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 72.585659] RSP: 002b:00007ffc07534fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 72.593355] RAX: ffffffffffffffda RBX: 00007ffc07534ff0 RCX: 0000000000441769 [ 72.600605] RDX: 00000000ffffff0b RSI: 0000000020c34fff RDI: 0000000000000004 [ 72.607853] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 72.615103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402690 [ 72.622352] R13: 0000000000402720 R14: 0000000000000000 R15: 0000000000000000 executing program [ 77.347872] FAULT_INJECTION: forcing a failure. [ 77.347872] name failslab, interval 1, probability 0, space 0, times 0 [ 77.359096] CPU: 1 PID: 7931 Comm: syz-executor281 Not tainted 4.19.34 #2 [ 77.366052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.375388] Call Trace: [ 77.377979] dump_stack+0x172/0x1f0 [ 77.381609] should_fail.cold+0xa/0x1b [ 77.385529] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 77.390615] ? __handle_mm_fault+0x7d3/0x3f80 [ 77.395099] __should_failslab+0x121/0x190 [ 77.399318] should_failslab+0x9/0x14 [ 77.403112] __kmalloc+0x71/0x750 [ 77.406548] ? __mutex_lock+0x3cd/0x1300 [ 77.410599] ? n_tty_write+0xac1/0x1100 [ 77.414559] ? __tty_buffer_request_room+0x1fb/0x5c0 [ 77.419650] __tty_buffer_request_room+0x1fb/0x5c0 [ 77.424565] tty_insert_flip_string_fixed_flag+0x93/0x1f0 [ 77.430107] ? do_raw_spin_lock+0xc8/0x240 [ 77.434330] pty_write+0x133/0x200 [ 77.437880] n_tty_write+0xb06/0x1100 [ 77.441691] ? __do_page_fault+0x484/0xe90 [ 77.445914] ? retint_kernel+0x2d/0x2d [ 77.449786] ? process_echoes+0x170/0x170 [ 77.453927] ? do_wait_intr_irq+0x2b0/0x2b0 [ 77.458241] ? copy_user_enhanced_fast_string+0xe/0x20 [ 77.463511] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 77.469041] ? _copy_from_user+0xdd/0x150 [ 77.473178] tty_write+0x45b/0x7a0 [ 77.476713] ? process_echoes+0x170/0x170 [ 77.480843] __vfs_write+0x116/0x820 [ 77.484656] ? tty_read+0x2a0/0x2a0 [ 77.488282] ? kernel_read+0x120/0x120 [ 77.492153] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 77.497673] ? __inode_security_revalidate+0xda/0x120 [ 77.502868] ? avc_policy_seqno+0xd/0x70 [ 77.506912] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 77.511910] ? selinux_file_permission+0x92/0x550 [ 77.516750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 77.522272] ? security_file_permission+0x8f/0x230 [ 77.527183] ? rw_verify_area+0x118/0x360 [ 77.531313] vfs_write+0x20c/0x560 [ 77.534860] ksys_write+0xea/0x1f0 [ 77.538405] ? __ia32_sys_read+0xb0/0xb0 [ 77.542455] ? do_syscall_64+0x52d/0x610 [ 77.546500] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 77.551850] __x64_sys_write+0x73/0xb0 [ 77.555722] do_syscall_64+0x103/0x610 [ 77.559595] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 77.564767] RIP: 0033:0x441769 [ 77.567943] Code: e8 cc ac 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 9b 0a fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.586839] RSP: 002b:00007ffc07534fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 77.594542] RAX: ffffffffffffffda RBX: 00007ffc07534ff0 RCX: 0000000000441769 [ 77.601793] RDX: 00000000ffffff0b RSI: 0000000020c34fff RDI: 0000000000000004 [ 77.609041] RBP: 0000000000000005 R08: 0000000000000001 R09: 0000000000000000 [ 77.616292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000402690 [ 77.623543] R13: 0000000000402720 R14: 0000000000000000 R15: 0000000000000000