[....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [ 42.925936][ T26] audit: type=1800 audit(1556762855.439:25): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="cron" dev="sda1" ino=2414 res=0 [ 42.946995][ T26] audit: type=1800 audit(1556762855.439:26): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="mcstrans" dev="sda1" ino=2457 res=0 [ 43.049917][ T26] audit: type=1800 audit(1556762855.559:27): pid=7754 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed(directio) comm="startpar" name="restorecond" dev="sda1" ino=2436 res=0 [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.87' (ECDSA) to the list of known hosts. 2019/05/02 02:07:49 parsed 1 programs 2019/05/02 02:07:52 executed programs: 0 syzkaller login: [ 60.466818][ T7925] IPVS: ftp: loaded support on port[0] = 21 [ 60.478437][ T7931] IPVS: ftp: loaded support on port[0] = 21 [ 60.481226][ T7929] IPVS: ftp: loaded support on port[0] = 21 [ 60.490868][ T7933] IPVS: ftp: loaded support on port[0] = 21 [ 60.502261][ T7926] IPVS: ftp: loaded support on port[0] = 21 [ 60.540776][ T7934] IPVS: ftp: loaded support on port[0] = 21 [ 60.805855][ T7931] chnl_net:caif_netlink_parms(): no params data found [ 60.884403][ T7929] chnl_net:caif_netlink_parms(): no params data found [ 60.932790][ T7931] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.941881][ T7931] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.949936][ T7931] device bridge_slave_0 entered promiscuous mode [ 60.959106][ T7931] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.966280][ T7931] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.974316][ T7931] device bridge_slave_1 entered promiscuous mode [ 60.991564][ T7926] chnl_net:caif_netlink_parms(): no params data found [ 61.033202][ T7925] chnl_net:caif_netlink_parms(): no params data found [ 61.058492][ T7931] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.068811][ T7931] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.112087][ T7931] team0: Port device team_slave_0 added [ 61.118548][ T7933] chnl_net:caif_netlink_parms(): no params data found [ 61.146121][ T7929] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.153279][ T7929] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.161242][ T7929] device bridge_slave_0 entered promiscuous mode [ 61.170301][ T7931] team0: Port device team_slave_1 added [ 61.203076][ T7929] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.211283][ T7929] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.219471][ T7929] device bridge_slave_1 entered promiscuous mode [ 61.262887][ T7926] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.272083][ T7926] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.280083][ T7926] device bridge_slave_0 entered promiscuous mode [ 61.293079][ T7926] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.300969][ T7926] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.308920][ T7926] device bridge_slave_1 entered promiscuous mode [ 61.376585][ T7931] device hsr_slave_0 entered promiscuous mode [ 61.414044][ T7931] device hsr_slave_1 entered promiscuous mode [ 61.510814][ T7934] chnl_net:caif_netlink_parms(): no params data found [ 61.532995][ T7926] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.543179][ T7925] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.550374][ T7925] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.558877][ T7925] device bridge_slave_0 entered promiscuous mode [ 61.568214][ T7929] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.583803][ T7929] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.601949][ T7926] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.618817][ T7925] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.626075][ T7925] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.634357][ T7925] device bridge_slave_1 entered promiscuous mode [ 61.641226][ T7933] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.648740][ T7933] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.657073][ T7933] device bridge_slave_0 entered promiscuous mode [ 61.670256][ T7933] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.677463][ T7933] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.686628][ T7933] device bridge_slave_1 entered promiscuous mode [ 61.709231][ T7926] team0: Port device team_slave_0 added [ 61.748167][ T7926] team0: Port device team_slave_1 added [ 61.756540][ T7929] team0: Port device team_slave_0 added [ 61.764698][ T7931] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.772460][ T7931] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.780647][ T7931] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.787739][ T7931] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.803010][ T7933] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.815239][ T7925] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 61.825763][ T7925] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.834698][ T7934] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.841867][ T7934] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.850100][ T7934] device bridge_slave_0 entered promiscuous mode [ 61.859307][ T7929] team0: Port device team_slave_1 added [ 61.867644][ T22] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.876961][ T22] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.892145][ T7933] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 61.914985][ T7933] team0: Port device team_slave_0 added [ 61.920879][ T7934] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.929245][ T7934] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.937906][ T7934] device bridge_slave_1 entered promiscuous mode [ 61.966713][ T7933] team0: Port device team_slave_1 added [ 62.016498][ T7926] device hsr_slave_0 entered promiscuous mode [ 62.083900][ T7926] device hsr_slave_1 entered promiscuous mode [ 62.150802][ T7925] team0: Port device team_slave_0 added [ 62.161786][ T7925] team0: Port device team_slave_1 added [ 62.169351][ T7934] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 62.246807][ T7929] device hsr_slave_0 entered promiscuous mode [ 62.284062][ T7929] device hsr_slave_1 entered promiscuous mode [ 62.340058][ T7934] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 62.405691][ T7933] device hsr_slave_0 entered promiscuous mode [ 62.443979][ T7933] device hsr_slave_1 entered promiscuous mode [ 62.494397][ T7934] team0: Port device team_slave_0 added [ 62.501548][ T7934] team0: Port device team_slave_1 added [ 62.576979][ T7925] device hsr_slave_0 entered promiscuous mode [ 62.644337][ T7925] device hsr_slave_1 entered promiscuous mode [ 62.767539][ T7934] device hsr_slave_0 entered promiscuous mode [ 62.826718][ T7934] device hsr_slave_1 entered promiscuous mode [ 62.956798][ T7931] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.000439][ T7925] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.017187][ T7933] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.031819][ T7931] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.056265][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.065676][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.073716][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.081314][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.104133][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.112756][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.121694][ T17] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.128827][ T17] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.136528][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.145675][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.154325][ T17] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.161431][ T17] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.169116][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.178089][ T17] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.190534][ T7926] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.201530][ T7925] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.212510][ T7933] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.225836][ T7929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 63.244788][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.252504][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.261096][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.270090][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.278853][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.312370][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.321470][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.330367][ T2994] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.337505][ T2994] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.345451][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.353055][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.360821][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.369721][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.378167][ T2994] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.385248][ T2994] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.392945][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.400790][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.409339][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.418389][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.427182][ T2994] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.442028][ T7929] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.462923][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.471822][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.481467][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.491223][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.499952][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.508670][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.517058][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.524177][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.532333][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.541280][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.549599][ T22] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.556711][ T22] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.564289][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.572800][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.581231][ T22] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.588309][ T22] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.596097][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.604936][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.613229][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.621841][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.630178][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.638173][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.646305][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.656216][ T7926] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.690666][ T7925] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 63.702404][ T7925] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.718039][ T7931] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 63.730650][ T7931] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.740348][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.749675][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.758088][ T3060] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.765215][ T3060] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.775262][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.784179][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.792639][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 63.801798][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 63.810450][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.819049][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.827846][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 63.836652][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 63.845456][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.853955][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.862316][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.870932][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.879210][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 63.887771][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.896266][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 63.904416][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 63.935062][ T7925] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.955454][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 63.965814][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 63.975042][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 63.983342][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.991849][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.000989][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.010034][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.018524][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.026971][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 64.035635][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 64.044557][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 64.053045][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 64.061785][ T3060] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.068892][ T3060] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.076764][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 64.086110][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 64.094730][ T3060] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.102066][ T3060] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.109821][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 64.119076][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.126971][ T3060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 64.135878][ T7929] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.200700][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 64.209849][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 64.227484][ T7945] FAULT_INJECTION: forcing a failure. [ 64.227484][ T7945] name failslab, interval 1, probability 0, space 0, times 1 [ 64.232498][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 64.240118][ T7945] CPU: 0 PID: 7945 Comm: syz-executor.5 Not tainted 5.1.0-rc7+ #96 [ 64.240127][ T7945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.240133][ T7945] Call Trace: [ 64.240173][ T7945] dump_stack+0x172/0x1f0 [ 64.240196][ T7945] should_fail.cold+0xa/0x15 [ 64.240212][ T7945] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.240230][ T7945] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.240264][ T7945] ? __alloc_pages_nodemask+0x61d/0x8d0 [ 64.240281][ T7945] __should_failslab+0x121/0x190 [ 64.240293][ T7945] should_failslab+0x9/0x14 [ 64.240308][ T7945] kmem_cache_alloc_node+0x56/0x710 [ 64.240321][ T7945] ? __this_cpu_preempt_check+0x3a/0x270 [ 64.240341][ T7945] cache_grow_begin+0x6e1/0x860 [ 64.240360][ T7945] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 64.240374][ T7945] kmem_cache_alloc+0x62d/0x6f0 [ 64.240386][ T7945] ? kasan_check_write+0x14/0x20 [ 64.240406][ T7945] p9_client_prepare_req.part.0+0x3d/0x7a0 [ 64.240419][ T7945] ? trace_hardirqs_on+0x67/0x230 [ 64.240430][ T7945] ? kasan_check_read+0x11/0x20 [ 64.240446][ T7945] p9_client_rpc+0x21c/0x1230 [ 64.240458][ T7945] ? add_wait_queue+0x112/0x170 [ 64.240473][ T7945] ? p9_pollwait+0x76/0x210 [ 64.240484][ T7945] ? p9_client_destroy+0x360/0x360 [ 64.240495][ T7945] ? p9_conn_create+0x4f0/0x4f0 [ 64.240506][ T7945] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.240519][ T7945] ? pipe_poll+0x2c4/0x340 [ 64.240532][ T7945] ? generic_pipe_buf_confirm+0x10/0x10 [ 64.240545][ T7945] ? p9_fd_poll+0x1e7/0x2c0 [ 64.240558][ T7945] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.240569][ T7945] ? p9_conn_create+0x3ef/0x4f0 [ 64.240582][ T7945] ? p9_fd_create+0x277/0x3a0 [ 64.240594][ T7945] ? parse_opts.part.0+0x330/0x330 [ 64.240615][ T7945] p9_client_create+0xb8b/0x1400 [ 64.240627][ T7945] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.240644][ T7945] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 64.240657][ T7945] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.240669][ T7945] ? ksys_mount+0xdb/0x150 [ 64.240684][ T7945] ? lockdep_init_map+0x1be/0x6d0 [ 64.240709][ T7945] v9fs_session_init+0x1e7/0x1960 [ 64.240722][ T7945] ? v9fs_session_init+0x1e7/0x1960 [ 64.240733][ T7945] ? find_held_lock+0x35/0x130 [ 64.240749][ T7945] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 64.240761][ T7945] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.240779][ T7945] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.240796][ T7945] ? v9fs_show_options+0x7e0/0x7e0 [ 64.240814][ T7945] ? v9fs_mount+0x5e/0x920 [ 64.240827][ T7945] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.240841][ T7945] ? kmem_cache_alloc_trace+0x354/0x760 [ 64.240855][ T7945] ? legacy_init_fs_context+0x48/0xe0 [ 64.240867][ T7945] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.240886][ T7945] v9fs_mount+0x7d/0x920 [ 64.240903][ T7945] ? v9fs_write_inode+0x70/0x70 [ 64.240915][ T7945] legacy_get_tree+0xf2/0x200 [ 64.240932][ T7945] vfs_get_tree+0x123/0x450 [ 64.240948][ T7945] do_mount+0x1436/0x2c40 [ 64.240969][ T7945] ? copy_mount_string+0x40/0x40 [ 64.240990][ T7945] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.241010][ T7945] ? copy_mount_options+0x280/0x3a0 [ 64.258191][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 64.267060][ T7945] ksys_mount+0xdb/0x150 [ 64.267078][ T7945] __x64_sys_mount+0xbe/0x150 [ 64.267102][ T7945] do_syscall_64+0x103/0x610 [ 64.267122][ T7945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 64.267133][ T7945] RIP: 0033:0x458da9 [ 64.267148][ T7945] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 64.267155][ T7945] RSP: 002b:00007f96cf33cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 64.267169][ T7945] RAX: ffffffffffffffda RBX: 00007f96cf33cc90 RCX: 0000000000458da9 [ 64.267177][ T7945] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 64.267185][ T7945] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 64.267193][ T7945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96cf33d6d4 [ 64.267201][ T7945] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 64.313289][ T7949] FAULT_INJECTION: forcing a failure. [ 64.313289][ T7949] name failslab, interval 1, probability 0, space 0, times 0 [ 64.324262][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 64.324877][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 64.338755][ T7949] CPU: 0 PID: 7949 Comm: syz-executor.5 Not tainted 5.1.0-rc7+ #96 [ 64.341459][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 64.346365][ T7949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 64.346371][ T7949] Call Trace: [ 64.346398][ T7949] dump_stack+0x172/0x1f0 [ 64.346419][ T7949] should_fail.cold+0xa/0x15 [ 64.346436][ T7949] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.346458][ T7949] ? ___might_sleep+0x163/0x280 [ 64.346479][ T7949] __should_failslab+0x121/0x190 [ 64.353985][ T22] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 64.356357][ T7949] should_failslab+0x9/0x14 [ 64.374743][ T7933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 64.375502][ T7949] __kmalloc+0x2dc/0x740 [ 64.387315][ T7931] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.391029][ T7949] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 64.401068][ T7949] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 64.411064][ T7934] 8021q: adding VLAN 0 to HW filter on device bond0 [ 64.412165][ T7949] p9_fcall_init.isra.0+0x6d/0x1d0 [ 64.429222][ T7934] 8021q: adding VLAN 0 to HW filter on device team0 [ 64.433195][ T7949] p9_client_prepare_req.part.0+0x142/0x7a0 [ 64.465952][ T7934] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.469536][ T7949] p9_client_rpc+0x21c/0x1230 [ 64.476040][ T7934] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 64.481414][ T7949] ? add_wait_queue+0x112/0x170 [ 64.502718][ T7934] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.507960][ T7949] ? p9_pollwait+0x76/0x210 [ 64.507975][ T7949] ? p9_client_destroy+0x360/0x360 [ 64.507989][ T7949] ? p9_conn_create+0x4f0/0x4f0 [ 64.508004][ T7949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.508020][ T7949] ? pipe_poll+0x2c4/0x340 [ 64.508035][ T7949] ? generic_pipe_buf_confirm+0x10/0x10 [ 64.508051][ T7949] ? p9_fd_poll+0x1e7/0x2c0 [ 64.508065][ T7949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.508079][ T7949] ? p9_conn_create+0x3ef/0x4f0 [ 64.508095][ T7949] ? p9_fd_create+0x277/0x3a0 [ 64.508108][ T7949] ? parse_opts.part.0+0x330/0x330 [ 64.508128][ T7949] p9_client_create+0xb8b/0x1400 [ 64.508143][ T7949] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.508164][ T7949] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 64.508183][ T7949] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.508196][ T7949] ? ksys_mount+0xdb/0x150 [ 64.508210][ T7949] ? lockdep_init_map+0x1be/0x6d0 [ 64.508244][ T7949] v9fs_session_init+0x1e7/0x1960 [ 64.508265][ T7949] ? v9fs_session_init+0x1e7/0x1960 [ 64.519391][ T7949] ? find_held_lock+0x35/0x130 [ 64.546873][ T7949] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 64.546890][ T7949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.546909][ T7949] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 64.546929][ T7949] ? v9fs_show_options+0x7e0/0x7e0 [ 64.546948][ T7949] ? v9fs_mount+0x5e/0x920 [ 64.546964][ T7949] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.546980][ T7949] ? kmem_cache_alloc_trace+0x354/0x760 [ 64.546994][ T7949] ? legacy_init_fs_context+0x48/0xe0 [ 64.547006][ T7949] ? rcu_read_lock_sched_held+0x110/0x130 [ 64.547022][ T7949] v9fs_mount+0x7d/0x920 [ 64.547037][ T7949] ? v9fs_write_inode+0x70/0x70 [ 64.547048][ T7949] legacy_get_tree+0xf2/0x200 [ 64.547065][ T7949] vfs_get_tree+0x123/0x450 [ 64.547080][ T7949] do_mount+0x1436/0x2c40 [ 64.547099][ T7949] ? copy_mount_string+0x40/0x40 [ 64.547121][ T7949] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 64.547132][ T7949] ? copy_mount_options+0x280/0x3a0 [ 64.547147][ T7949] ksys_mount+0xdb/0x150 [ 64.547162][ T7949] __x64_sys_mount+0xbe/0x150 [ 64.547183][ T7949] do_syscall_64+0x103/0x610 [ 64.547204][ T7949] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 64.547216][ T7949] RIP: 0033:0x458da9 [ 64.547243][ T7949] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 64.547262][ T7949] RSP: 002b:00007f96cf33cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 64.547276][ T7949] RAX: ffffffffffffffda RBX: 00007f96cf33cc90 RCX: 0000000000458da9 [ 64.547283][ T7949] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 64.547290][ T7949] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 64.566750][ T7949] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96cf33d6d4 [ 64.566759][ T7949] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 64.587246][ T7929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 64.669376][ T7952] FAULT_INJECTION: forcing a failure. [ 64.669376][ T7952] name failslab, interval 1, probability 0, space 0, times 0 [ 64.702755][ T7926] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 64.742282][ T7952] CPU: 0 PID: 7952 Comm: syz-executor.4 Not tainted 5.1.0-rc7+ #96 [ 64.748987][ T7954] FAULT_INJECTION: forcing a failure. [ 64.748987][ T7954] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 64.754445][ T7952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.194688][ T7952] Call Trace: [ 65.197998][ T7952] dump_stack+0x172/0x1f0 [ 65.202511][ T7952] should_fail.cold+0xa/0x15 [ 65.207107][ T7952] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.212921][ T7952] ? ___might_sleep+0x163/0x280 [ 65.217781][ T7952] __should_failslab+0x121/0x190 [ 65.222715][ T7952] should_failslab+0x9/0x14 [ 65.227224][ T7952] __kmalloc+0x2dc/0x740 [ 65.231475][ T7952] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 65.237478][ T7952] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 65.242857][ T7952] p9_fcall_init.isra.0+0x6d/0x1d0 [ 65.247977][ T7952] p9_client_prepare_req.part.0+0x142/0x7a0 [ 65.253876][ T7952] p9_client_rpc+0x21c/0x1230 [ 65.258550][ T7952] ? add_wait_queue+0x112/0x170 [ 65.263414][ T7952] ? p9_pollwait+0x76/0x210 [ 65.267920][ T7952] ? p9_client_destroy+0x360/0x360 [ 65.273029][ T7952] ? p9_conn_create+0x4f0/0x4f0 [ 65.277882][ T7952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.284125][ T7952] ? pipe_poll+0x2c4/0x340 [ 65.288824][ T7952] ? generic_pipe_buf_confirm+0x10/0x10 [ 65.294380][ T7952] ? p9_fd_poll+0x1e7/0x2c0 [ 65.299299][ T7952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.305554][ T7952] ? p9_conn_create+0x3ef/0x4f0 [ 65.310439][ T7952] ? p9_fd_create+0x277/0x3a0 [ 65.315140][ T7952] ? parse_opts.part.0+0x330/0x330 [ 65.320288][ T7952] p9_client_create+0xb8b/0x1400 [ 65.325246][ T7952] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.331074][ T7952] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 65.337336][ T7952] ? rcu_read_lock_sched_held+0x110/0x130 [ 65.343416][ T7952] ? ksys_mount+0xdb/0x150 [ 65.347844][ T7952] ? lockdep_init_map+0x1be/0x6d0 [ 65.352895][ T7952] v9fs_session_init+0x1e7/0x1960 [ 65.357930][ T7952] ? v9fs_session_init+0x1e7/0x1960 [ 65.363138][ T7952] ? find_held_lock+0x35/0x130 [ 65.367912][ T7952] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 65.374163][ T7952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.380414][ T7952] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.386242][ T7952] ? v9fs_show_options+0x7e0/0x7e0 [ 65.391386][ T7952] ? v9fs_mount+0x5e/0x920 [ 65.395811][ T7952] ? rcu_read_lock_sched_held+0x110/0x130 [ 65.401668][ T7952] ? kmem_cache_alloc_trace+0x354/0x760 [ 65.408451][ T7952] ? legacy_init_fs_context+0x48/0xe0 [ 65.413843][ T7952] ? rcu_read_lock_sched_held+0x110/0x130 [ 65.419581][ T7952] v9fs_mount+0x7d/0x920 [ 65.423852][ T7952] ? v9fs_write_inode+0x70/0x70 [ 65.428734][ T7952] legacy_get_tree+0xf2/0x200 [ 65.433425][ T7952] vfs_get_tree+0x123/0x450 [ 65.438023][ T7952] do_mount+0x1436/0x2c40 [ 65.442368][ T7952] ? copy_mount_string+0x40/0x40 [ 65.447305][ T7952] ? _copy_from_user+0xdd/0x150 [ 65.452202][ T7952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.458810][ T7952] ? copy_mount_options+0x280/0x3a0 [ 65.464019][ T7952] ksys_mount+0xdb/0x150 [ 65.468381][ T7952] __x64_sys_mount+0xbe/0x150 [ 65.473160][ T7952] do_syscall_64+0x103/0x610 [ 65.477769][ T7952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.483668][ T7952] RIP: 0033:0x458da9 [ 65.487565][ T7952] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.507177][ T7952] RSP: 002b:00007fb1b2a24c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 65.515626][ T7952] RAX: ffffffffffffffda RBX: 00007fb1b2a24c90 RCX: 0000000000458da9 [ 65.523702][ T7952] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 65.531690][ T7952] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 65.539710][ T7952] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1b2a256d4 [ 65.547702][ T7952] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 65.555756][ T7954] CPU: 1 PID: 7954 Comm: syz-executor.5 Not tainted 5.1.0-rc7+ #96 [ 65.563683][ T7954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 65.566571][ T7926] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 65.573759][ T7954] Call Trace: [ 65.573790][ T7954] dump_stack+0x172/0x1f0 [ 65.573809][ T7954] should_fail.cold+0xa/0x15 [ 65.573825][ T7954] ? p9_client_prepare_req.part.0+0xa3/0x7a0 [ 65.573840][ T7954] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.573864][ T7954] ? do_mount+0x1436/0x2c40 [ 65.602391][ T7954] ? ksys_mount+0xdb/0x150 [ 65.613889][ T7957] FAULT_INJECTION: forcing a failure. [ 65.613889][ T7957] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 65.617131][ T7954] ? __x64_sys_mount+0xbe/0x150 [ 65.635174][ T7954] ? do_syscall_64+0x103/0x610 [ 65.639950][ T7954] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.646037][ T7954] should_fail_alloc_page+0x50/0x60 [ 65.651237][ T7954] __alloc_pages_nodemask+0x1a1/0x8d0 [ 65.656619][ T7954] ? find_held_lock+0x35/0x130 [ 65.661400][ T7954] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 65.667143][ T7954] ? lock_downgrade+0x880/0x880 [ 65.672009][ T7954] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.677832][ T7954] cache_grow_begin+0x9c/0x860 [ 65.682624][ T7954] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 65.687930][ T7954] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 65.694196][ T7954] __kmalloc+0x67f/0x740 [ 65.698542][ T7954] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 65.704556][ T7954] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 65.710204][ T7954] p9_fcall_init.isra.0+0x6d/0x1d0 [ 65.715347][ T7954] p9_client_prepare_req.part.0+0x142/0x7a0 [ 65.721560][ T7954] p9_client_rpc+0x21c/0x1230 [ 65.726255][ T7954] ? add_wait_queue+0x112/0x170 [ 65.731114][ T7954] ? p9_pollwait+0x76/0x210 [ 65.735628][ T7954] ? p9_client_destroy+0x360/0x360 [ 65.740745][ T7954] ? p9_conn_create+0x4f0/0x4f0 [ 65.745597][ T7954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.752086][ T7954] ? pipe_poll+0x2c4/0x340 [ 65.756515][ T7954] ? generic_pipe_buf_confirm+0x10/0x10 [ 65.762071][ T7954] ? p9_fd_poll+0x1e7/0x2c0 [ 65.766700][ T7954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.772967][ T7954] ? p9_conn_create+0x3ef/0x4f0 [ 65.777829][ T7954] ? p9_fd_create+0x277/0x3a0 [ 65.782514][ T7954] ? parse_opts.part.0+0x330/0x330 [ 65.787638][ T7954] p9_client_create+0xb8b/0x1400 [ 65.792761][ T7954] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.798595][ T7954] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 65.804944][ T7954] ? rcu_read_lock_sched_held+0x110/0x130 [ 65.810681][ T7954] ? lockdep_init_map+0x1be/0x6d0 [ 65.815723][ T7954] v9fs_session_init+0x1e7/0x1960 [ 65.820778][ T7954] ? v9fs_session_init+0x1e7/0x1960 [ 65.825983][ T7954] ? find_held_lock+0x35/0x130 [ 65.830768][ T7954] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 65.836495][ T7954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.842748][ T7954] ? __switch_to_asm+0x40/0x70 [ 65.847610][ T7954] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 65.853433][ T7954] ? v9fs_show_options+0x7e0/0x7e0 [ 65.858558][ T7954] ? v9fs_mount+0x5e/0x920 [ 65.862989][ T7954] ? rcu_read_lock_sched_held+0x110/0x130 [ 65.868723][ T7954] ? kmem_cache_alloc_trace+0x354/0x760 [ 65.874277][ T7954] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 65.879759][ T7954] v9fs_mount+0x7d/0x920 [ 65.884101][ T7954] ? v9fs_write_inode+0x70/0x70 [ 65.888976][ T7954] legacy_get_tree+0xf2/0x200 [ 65.893660][ T7954] vfs_get_tree+0x123/0x450 [ 65.898177][ T7954] do_mount+0x1436/0x2c40 [ 65.902522][ T7954] ? copy_mount_string+0x40/0x40 [ 65.907462][ T7954] ? _copy_from_user+0xdd/0x150 [ 65.912345][ T7954] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 65.918588][ T7954] ? copy_mount_options+0x280/0x3a0 [ 65.923796][ T7954] ksys_mount+0xdb/0x150 [ 65.928040][ T7954] __x64_sys_mount+0xbe/0x150 [ 65.932810][ T7954] do_syscall_64+0x103/0x610 [ 65.937419][ T7954] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 65.943311][ T7954] RIP: 0033:0x458da9 [ 65.947206][ T7954] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 65.966833][ T7954] RSP: 002b:00007f96cf33cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 65.975276][ T7954] RAX: ffffffffffffffda RBX: 00007f96cf33cc90 RCX: 0000000000458da9 [ 65.983265][ T7954] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 65.991269][ T7954] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 65.999258][ T7954] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96cf33d6d4 2019/05/02 02:07:58 executed programs: 8 [ 66.007263][ T7954] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 66.015283][ T7957] CPU: 0 PID: 7957 Comm: syz-executor.4 Not tainted 5.1.0-rc7+ #96 [ 66.023206][ T7957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.033285][ T7957] Call Trace: [ 66.036600][ T7957] dump_stack+0x172/0x1f0 [ 66.039874][ T7933] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 66.040954][ T7957] should_fail.cold+0xa/0x15 [ 66.052323][ T7957] ? p9_client_prepare_req.part.0+0xa3/0x7a0 [ 66.058317][ T7957] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.064139][ T7957] ? do_mount+0x1436/0x2c40 [ 66.064251][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 66.068649][ T7957] ? ksys_mount+0xdb/0x150 [ 66.068668][ T7957] ? __x64_sys_mount+0xbe/0x150 [ 66.085134][ T7957] ? do_syscall_64+0x103/0x610 [ 66.089534][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 66.089919][ T7957] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.103222][ T7957] should_fail_alloc_page+0x50/0x60 [ 66.105308][ T7959] FAULT_INJECTION: forcing a failure. [ 66.105308][ T7959] name failslab, interval 1, probability 0, space 0, times 0 [ 66.108442][ T7957] __alloc_pages_nodemask+0x1a1/0x8d0 [ 66.108465][ T7957] ? find_held_lock+0x35/0x130 [ 66.131436][ T7957] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 66.137167][ T7957] ? lock_downgrade+0x880/0x880 [ 66.142023][ T7957] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.147837][ T7957] cache_grow_begin+0x9c/0x860 [ 66.152609][ T7957] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 66.157926][ T7957] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 66.164170][ T7957] __kmalloc+0x67f/0x740 [ 66.168414][ T7957] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 66.174409][ T7957] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 66.179694][ T7957] p9_fcall_init.isra.0+0x6d/0x1d0 [ 66.184811][ T7957] p9_client_prepare_req.part.0+0x142/0x7a0 [ 66.190708][ T7957] p9_client_rpc+0x21c/0x1230 [ 66.195388][ T7957] ? add_wait_queue+0x112/0x170 [ 66.200259][ T7957] ? p9_pollwait+0x76/0x210 [ 66.204766][ T7957] ? p9_client_destroy+0x360/0x360 [ 66.209875][ T7957] ? p9_conn_create+0x4f0/0x4f0 [ 66.214729][ T7957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.220976][ T7957] ? pipe_poll+0x2c4/0x340 [ 66.225395][ T7957] ? generic_pipe_buf_confirm+0x10/0x10 [ 66.230951][ T7957] ? p9_fd_poll+0x1e7/0x2c0 [ 66.235459][ T7957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.241701][ T7957] ? p9_conn_create+0x3ef/0x4f0 [ 66.246560][ T7957] ? p9_fd_create+0x277/0x3a0 [ 66.251249][ T7957] ? parse_opts.part.0+0x330/0x330 [ 66.256478][ T7957] p9_client_create+0xb8b/0x1400 [ 66.261417][ T7957] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.267231][ T7957] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 66.273487][ T7957] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.279219][ T7957] ? ksys_mount+0xdb/0x150 [ 66.283730][ T7957] ? lockdep_init_map+0x1be/0x6d0 [ 66.288767][ T7957] v9fs_session_init+0x1e7/0x1960 [ 66.293802][ T7957] ? v9fs_session_init+0x1e7/0x1960 [ 66.300495][ T7957] ? find_held_lock+0x35/0x130 [ 66.305269][ T7957] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 66.310911][ T7957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.317178][ T7957] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.323002][ T7957] ? v9fs_show_options+0x7e0/0x7e0 [ 66.328133][ T7957] ? v9fs_mount+0x5e/0x920 [ 66.332562][ T7957] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.338290][ T7957] ? kmem_cache_alloc_trace+0x354/0x760 [ 66.343839][ T7957] ? legacy_init_fs_context+0x48/0xe0 [ 66.349227][ T7957] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.354960][ T7957] v9fs_mount+0x7d/0x920 [ 66.359212][ T7957] ? v9fs_write_inode+0x70/0x70 [ 66.364160][ T7957] legacy_get_tree+0xf2/0x200 [ 66.368853][ T7957] vfs_get_tree+0x123/0x450 [ 66.373373][ T7957] do_mount+0x1436/0x2c40 [ 66.377722][ T7957] ? copy_mount_string+0x40/0x40 [ 66.382816][ T7957] ? copy_mount_options+0x1d9/0x3a0 [ 66.388020][ T7957] ? copy_mount_options+0x1fb/0x3a0 [ 66.393405][ T7957] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.399736][ T7957] ? copy_mount_options+0x280/0x3a0 [ 66.404954][ T7957] ksys_mount+0xdb/0x150 [ 66.409208][ T7957] __x64_sys_mount+0xbe/0x150 [ 66.413896][ T7957] do_syscall_64+0x103/0x610 [ 66.418492][ T7957] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.424381][ T7957] RIP: 0033:0x458da9 [ 66.428273][ T7957] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.447880][ T7957] RSP: 002b:00007fb1b2a24c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 66.456301][ T7957] RAX: ffffffffffffffda RBX: 00007fb1b2a24c90 RCX: 0000000000458da9 [ 66.464280][ T7957] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 66.472347][ T7957] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 66.480323][ T7957] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1b2a256d4 [ 66.488378][ T7957] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 66.496382][ T7959] CPU: 1 PID: 7959 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #96 [ 66.504294][ T7959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.514697][ T7959] Call Trace: [ 66.514723][ T7959] dump_stack+0x172/0x1f0 [ 66.514753][ T7959] should_fail.cold+0xa/0x15 [ 66.514770][ T7959] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.514796][ T7959] __should_failslab+0x121/0x190 [ 66.514812][ T7959] should_failslab+0x9/0x14 [ 66.514835][ T7959] kmem_cache_alloc+0x47/0x6f0 [ 66.527044][ T7959] ? p9_client_create+0xb8b/0x1400 [ 66.537772][ T7959] ? v9fs_session_init+0x1e7/0x1960 [ 66.537785][ T7959] ? v9fs_mount+0x7d/0x920 [ 66.537797][ T7959] ? legacy_get_tree+0xf2/0x200 [ 66.537809][ T7959] ? vfs_get_tree+0x123/0x450 [ 66.537821][ T7959] ? do_mount+0x1436/0x2c40 [ 66.537834][ T7959] ? __x64_sys_mount+0xbe/0x150 [ 66.537857][ T7959] radix_tree_node_alloc.constprop.0+0x1eb/0x340 [ 66.580862][ T7959] idr_get_free+0x474/0x890 [ 66.591694][ T7959] idr_alloc_u32+0x19e/0x330 [ 66.596341][ T7959] ? __fprop_inc_percpu_max+0x230/0x230 [ 66.596380][ T7959] idr_alloc+0xe5/0x150 [ 66.596416][ T7959] ? idr_alloc_u32+0x330/0x330 [ 66.610977][ T7959] p9_client_prepare_req.part.0+0x4e5/0x7a0 [ 66.616897][ T7959] p9_client_rpc+0x21c/0x1230 [ 66.616915][ T7959] ? add_wait_queue+0x112/0x170 [ 66.616932][ T7959] ? p9_pollwait+0x76/0x210 [ 66.616946][ T7959] ? p9_client_destroy+0x360/0x360 [ 66.616967][ T7959] ? p9_conn_create+0x4f0/0x4f0 [ 66.636431][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.636450][ T7959] ? pipe_poll+0x2c4/0x340 [ 66.636465][ T7959] ? generic_pipe_buf_confirm+0x10/0x10 [ 66.636483][ T7959] ? p9_fd_poll+0x1e7/0x2c0 [ 66.636503][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.668685][ T7959] ? p9_conn_create+0x3ef/0x4f0 [ 66.673566][ T7959] ? p9_fd_create+0x277/0x3a0 [ 66.678259][ T7959] ? parse_opts.part.0+0x330/0x330 [ 66.683406][ T7959] p9_client_create+0xb8b/0x1400 [ 66.684069][ T7968] FAULT_INJECTION: forcing a failure. [ 66.684069][ T7968] name failslab, interval 1, probability 0, space 0, times 0 [ 66.688356][ T7959] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.688391][ T7959] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 66.702433][ T7967] FAULT_INJECTION: forcing a failure. [ 66.702433][ T7967] name failslab, interval 1, probability 0, space 0, times 0 [ 66.706994][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.707012][ T7959] ? ksys_mount+0xdb/0x150 [ 66.707029][ T7959] ? lockdep_init_map+0x1be/0x6d0 [ 66.707055][ T7959] v9fs_session_init+0x1e7/0x1960 [ 66.746223][ T7959] ? v9fs_session_init+0x1e7/0x1960 [ 66.751458][ T7959] ? find_held_lock+0x35/0x130 [ 66.756236][ T7959] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 66.761880][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.768140][ T7959] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.773962][ T7959] ? v9fs_show_options+0x7e0/0x7e0 [ 66.779092][ T7959] ? v9fs_mount+0x5e/0x920 [ 66.783532][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.789381][ T7959] ? kmem_cache_alloc_trace+0x354/0x760 [ 66.794934][ T7959] ? legacy_init_fs_context+0x48/0xe0 [ 66.800318][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.806056][ T7959] v9fs_mount+0x7d/0x920 [ 66.810313][ T7959] ? v9fs_write_inode+0x70/0x70 [ 66.815182][ T7959] legacy_get_tree+0xf2/0x200 [ 66.819872][ T7959] vfs_get_tree+0x123/0x450 [ 66.824384][ T7959] do_mount+0x1436/0x2c40 [ 66.828726][ T7959] ? copy_mount_string+0x40/0x40 [ 66.833674][ T7959] ? _copy_from_user+0xdd/0x150 [ 66.838537][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.844786][ T7959] ? copy_mount_options+0x280/0x3a0 [ 66.849992][ T7959] ksys_mount+0xdb/0x150 [ 66.854239][ T7959] __x64_sys_mount+0xbe/0x150 [ 66.858930][ T7959] do_syscall_64+0x103/0x610 [ 66.863634][ T7959] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 66.869742][ T7959] RIP: 0033:0x458da9 [ 66.873729][ T7959] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 66.893539][ T7959] RSP: 002b:00007f2e68c68c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 66.901959][ T7959] RAX: ffffffffffffffda RBX: 00007f2e68c68c90 RCX: 0000000000458da9 [ 66.909944][ T7959] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 66.917918][ T7959] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 66.926077][ T7959] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2e68c696d4 [ 66.934055][ T7959] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 66.942062][ T7967] CPU: 0 PID: 7967 Comm: syz-executor.5 Not tainted 5.1.0-rc7+ #96 [ 66.949943][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 66.949976][ T7967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 66.960041][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 66.968098][ T7967] Call Trace: [ 66.968135][ T7967] dump_stack+0x172/0x1f0 [ 66.968155][ T7967] should_fail.cold+0xa/0x15 [ 66.968171][ T7967] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 66.968191][ T7967] ? ___might_sleep+0x163/0x280 [ 66.968208][ T7967] __should_failslab+0x121/0x190 [ 66.968221][ T7967] should_failslab+0x9/0x14 [ 66.968245][ T7967] __kmalloc+0x2dc/0x740 [ 66.968261][ T7967] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 66.968276][ T7967] ? rcu_read_lock_sched_held+0x110/0x130 [ 66.968288][ T7967] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 66.968303][ T7967] p9_fcall_init.isra.0+0x6d/0x1d0 [ 66.968318][ T7967] p9_client_prepare_req.part.0+0xa3/0x7a0 [ 66.968336][ T7967] p9_client_rpc+0x21c/0x1230 [ 66.968350][ T7967] ? add_wait_queue+0x112/0x170 [ 66.968367][ T7967] ? p9_pollwait+0x76/0x210 [ 66.968381][ T7967] ? p9_client_destroy+0x360/0x360 [ 66.968403][ T7967] ? p9_conn_create+0x4f0/0x4f0 [ 66.977036][ T7941] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.979700][ T7967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 66.984115][ T7941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 66.988645][ T7967] ? pipe_poll+0x2c4/0x340 [ 66.995054][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 66.999291][ T7967] ? generic_pipe_buf_confirm+0x10/0x10 [ 67.005003][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 67.008726][ T7967] ? p9_fd_poll+0x1e7/0x2c0 [ 67.013522][ T7941] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.018939][ T7967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.024746][ T7941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.029949][ T7967] ? p9_conn_create+0x3ef/0x4f0 [ 67.035663][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 67.040850][ T7967] ? p9_fd_create+0x277/0x3a0 [ 67.050525][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 67.054849][ T7967] ? parse_opts.part.0+0x330/0x330 [ 67.054872][ T7967] p9_client_create+0xb8b/0x1400 [ 67.054887][ T7967] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.054908][ T7967] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 67.054934][ T7967] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.061080][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 67.064904][ T7967] ? ksys_mount+0xdb/0x150 [ 67.064921][ T7967] ? lockdep_init_map+0x1be/0x6d0 [ 67.064946][ T7967] v9fs_session_init+0x1e7/0x1960 [ 67.064960][ T7967] ? v9fs_session_init+0x1e7/0x1960 [ 67.064980][ T7967] ? find_held_lock+0x35/0x130 [ 67.072969][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 67.078261][ T7967] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 67.078277][ T7967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.078297][ T7967] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.078315][ T7967] ? v9fs_show_options+0x7e0/0x7e0 [ 67.078333][ T7967] ? v9fs_mount+0x5e/0x920 [ 67.078347][ T7967] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.078363][ T7967] ? kmem_cache_alloc_trace+0x354/0x760 [ 67.078376][ T7967] ? legacy_init_fs_context+0x48/0xe0 [ 67.078389][ T7967] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.078408][ T7967] v9fs_mount+0x7d/0x920 [ 67.078425][ T7967] ? v9fs_write_inode+0x70/0x70 [ 67.078437][ T7967] legacy_get_tree+0xf2/0x200 [ 67.078458][ T7967] vfs_get_tree+0x123/0x450 [ 67.113438][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 67.116214][ T7967] do_mount+0x1436/0x2c40 [ 67.133905][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 67.136690][ T7967] ? copy_mount_string+0x40/0x40 [ 67.147848][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.149416][ T7967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.159227][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.161965][ T7967] ? copy_mount_options+0x280/0x3a0 [ 67.173602][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.177874][ T7967] ksys_mount+0xdb/0x150 [ 67.192596][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.197708][ T7967] __x64_sys_mount+0xbe/0x150 [ 67.197729][ T7967] do_syscall_64+0x103/0x610 [ 67.197749][ T7967] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.197760][ T7967] RIP: 0033:0x458da9 [ 67.197779][ T7967] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.209480][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 67.212212][ T7967] RSP: 002b:00007f96cf33cc78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 67.223878][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 67.230049][ T7967] RAX: ffffffffffffffda RBX: 00007f96cf33cc90 RCX: 0000000000458da9 [ 67.230064][ T7967] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 67.244426][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 67.247714][ T7967] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 67.260109][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 67.262963][ T7967] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f96cf33d6d4 [ 67.276084][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 67.279561][ T7967] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 67.413835][ T7968] CPU: 0 PID: 7968 Comm: syz-executor.4 Not tainted 5.1.0-rc7+ #96 [ 67.430818][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 67.434753][ T7968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.434760][ T7968] Call Trace: [ 67.434787][ T7968] dump_stack+0x172/0x1f0 [ 67.434810][ T7968] should_fail.cold+0xa/0x15 [ 67.434827][ T7968] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.434849][ T7968] ? ___might_sleep+0x163/0x280 [ 67.434868][ T7968] __should_failslab+0x121/0x190 [ 67.434884][ T7968] should_failslab+0x9/0x14 [ 67.434899][ T7968] __kmalloc+0x2dc/0x740 [ 67.434915][ T7968] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 67.434933][ T7968] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.434953][ T7968] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 67.444349][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.450938][ T7968] p9_fcall_init.isra.0+0x6d/0x1d0 [ 67.465808][ T7941] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 67.466738][ T7968] p9_client_prepare_req.part.0+0xa3/0x7a0 [ 67.501746][ T7959] ------------[ cut here ]------------ [ 67.505776][ T7968] p9_client_rpc+0x21c/0x1230 [ 67.505792][ T7968] ? add_wait_queue+0x112/0x170 [ 67.505809][ T7968] ? p9_pollwait+0x76/0x210 [ 67.505823][ T7968] ? p9_client_destroy+0x360/0x360 [ 67.505836][ T7968] ? p9_conn_create+0x4f0/0x4f0 [ 67.505851][ T7968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.505867][ T7968] ? pipe_poll+0x2c4/0x340 [ 67.505883][ T7968] ? generic_pipe_buf_confirm+0x10/0x10 [ 67.505902][ T7968] ? p9_fd_poll+0x1e7/0x2c0 [ 67.513863][ T7959] refcount_t: underflow; use-after-free. [ 67.523492][ T7968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.523511][ T7968] ? p9_conn_create+0x3ef/0x4f0 [ 67.523526][ T7968] ? p9_fd_create+0x277/0x3a0 [ 67.523540][ T7968] ? parse_opts.part.0+0x330/0x330 [ 67.523560][ T7968] ? kfree+0x186/0x230 [ 67.523577][ T7968] p9_client_create+0xb8b/0x1400 [ 67.523592][ T7968] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.523611][ T7968] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 67.523629][ T7968] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.523643][ T7968] ? ksys_mount+0xdb/0x150 [ 67.523657][ T7968] ? lockdep_init_map+0x1be/0x6d0 [ 67.523680][ T7968] v9fs_session_init+0x1e7/0x1960 [ 67.523694][ T7968] ? v9fs_session_init+0x1e7/0x1960 [ 67.523706][ T7968] ? find_held_lock+0x35/0x130 [ 67.523722][ T7968] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 67.523735][ T7968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.523752][ T7968] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 67.523774][ T7968] ? v9fs_show_options+0x7e0/0x7e0 [ 67.533194][ T7959] WARNING: CPU: 1 PID: 7959 at lib/refcount.c:190 refcount_sub_and_test_checked+0x1d0/0x200 [ 67.536154][ T7968] ? v9fs_mount+0x5e/0x920 [ 67.541945][ T7959] Kernel panic - not syncing: panic_on_warn set ... [ 67.546802][ T7968] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.779996][ T7968] ? kmem_cache_alloc_trace+0x354/0x760 [ 67.785543][ T7968] ? legacy_init_fs_context+0x48/0xe0 [ 67.790930][ T7968] ? rcu_read_lock_sched_held+0x110/0x130 [ 67.796658][ T7968] v9fs_mount+0x7d/0x920 [ 67.800906][ T7968] ? v9fs_write_inode+0x70/0x70 [ 67.805760][ T7968] legacy_get_tree+0xf2/0x200 [ 67.810451][ T7968] vfs_get_tree+0x123/0x450 [ 67.814956][ T7968] do_mount+0x1436/0x2c40 [ 67.819303][ T7968] ? copy_mount_string+0x40/0x40 [ 67.824258][ T7968] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.830494][ T7968] ? copy_mount_options+0x280/0x3a0 [ 67.835698][ T7968] ksys_mount+0xdb/0x150 [ 67.839941][ T7968] __x64_sys_mount+0xbe/0x150 [ 67.844622][ T7968] do_syscall_64+0x103/0x610 [ 67.849223][ T7968] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 67.855119][ T7968] RIP: 0033:0x458da9 [ 67.859012][ T7968] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 67.878624][ T7968] RSP: 002b:00007fb1b2a24c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 67.887048][ T7968] RAX: ffffffffffffffda RBX: 00007fb1b2a24c90 RCX: 0000000000458da9 [ 67.895019][ T7968] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 67.902988][ T7968] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 67.911054][ T7968] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb1b2a256d4 [ 67.919055][ T7968] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 67.927056][ T7959] CPU: 1 PID: 7959 Comm: syz-executor.1 Not tainted 5.1.0-rc7+ #96 [ 67.928158][ T3877] kobject: 'loop5' (000000004d45cd5b): kobject_uevent_env [ 67.935180][ T7959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 67.935187][ T7959] Call Trace: [ 67.935212][ T7959] dump_stack+0x172/0x1f0 [ 67.935236][ T7959] ? refcount_sub_and_test_checked+0x1d0/0x200 [ 67.935255][ T7959] panic+0x2cb/0x65c [ 67.935276][ T7959] ? __warn_printk+0xf3/0xf3 [ 67.970344][ T7926] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.974690][ T7959] ? refcount_sub_and_test_checked+0x1d0/0x200 [ 67.974707][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 67.974741][ T7959] ? __warn.cold+0x5/0x45 [ 67.991945][ T3877] kobject: 'loop5' (000000004d45cd5b): fill_kobj_path: path = '/devices/virtual/block/loop5' [ 67.994066][ T7959] ? __warn+0xe8/0x1d0 [ 67.994090][ T7959] ? refcount_sub_and_test_checked+0x1d0/0x200 [ 67.994105][ T7959] __warn.cold+0x20/0x45 [ 67.994135][ T7959] ? vprintk_emit+0x1ce/0x6d0 [ 68.006735][ T3877] kobject: 'loop3' (0000000000b7bb2b): kobject_uevent_env [ 68.008602][ T7959] ? refcount_sub_and_test_checked+0x1d0/0x200 [ 68.008632][ T7959] report_bug+0x263/0x2b0 [ 68.019202][ T7926] kobject: 'vlan0' (00000000552e9bf6): kobject_add_internal: parent: 'mesh', set: '' [ 68.023103][ T7959] do_error_trap+0x11b/0x200 [ 68.028021][ T3877] kobject: 'loop3' (0000000000b7bb2b): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 68.035049][ T7959] do_invalid_op+0x37/0x50 [ 68.035069][ T7959] ? refcount_sub_and_test_checked+0x1d0/0x200 [ 68.035091][ T7959] invalid_op+0x14/0x20 [ 68.085164][ T7959] RIP: 0010:refcount_sub_and_test_checked+0x1d0/0x200 [ 68.091941][ T7959] Code: 1d c8 30 2a 06 31 ff 89 de e8 0c 32 40 fe 84 db 75 94 e8 c3 30 40 fe 48 c7 c7 60 79 a1 87 c6 05 a8 30 2a 06 01 e8 ae de 12 fe <0f> 0b e9 75 ff ff ff e8 a4 30 40 fe e9 6e ff ff ff 48 89 df e8 37 [ 68.109699][ T3877] kobject: 'loop0' (00000000a4507239): kobject_uevent_env [ 68.111558][ T7959] RSP: 0018:ffff888089ce7860 EFLAGS: 00010282 [ 68.111571][ T7959] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 68.111580][ T7959] RDX: 0000000000000000 RSI: ffffffff815afcb6 RDI: ffffed101139cefe [ 68.111589][ T7959] RBP: ffff888089ce78f8 R08: ffff8880a4c584c0 R09: ffffed1015d25011 [ 68.111608][ T7959] R10: ffffed1015d25010 R11: ffff8880ae928087 R12: 00000000ffffffff [ 68.129144][ T3877] kobject: 'loop0' (00000000a4507239): fill_kobj_path: path = '/devices/virtual/block/loop0' [ 68.133584][ T7959] R13: 0000000000000001 R14: ffff888089ce78d0 R15: 0000000000000000 [ 68.133620][ T7959] ? vprintk_func+0x86/0x189 [ 68.133646][ T7959] ? refcount_dec_not_one+0x1f0/0x1f0 [ 68.133673][ T7959] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 68.150331][ T7978] FAULT_INJECTION: forcing a failure. [ 68.150331][ T7978] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 68.157614][ T7959] ? p9_fd_close+0x29e/0x570 [ 68.209224][ T7959] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 68.215158][ T7959] ? lockdep_hardirqs_on+0x418/0x5d0 [ 68.220463][ T7959] refcount_dec_and_test_checked+0x1b/0x20 [ 68.226281][ T7959] p9_req_put+0x20/0x60 [ 68.230451][ T7959] p9_fd_close+0x2ee/0x570 [ 68.234979][ T7959] p9_client_create+0x998/0x1400 [ 68.239922][ T7959] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.245839][ T7959] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 68.252104][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.258336][ T7959] ? ksys_mount+0xdb/0x150 [ 68.263142][ T7959] ? lockdep_init_map+0x1be/0x6d0 [ 68.268407][ T7959] v9fs_session_init+0x1e7/0x1960 [ 68.273442][ T7959] ? v9fs_session_init+0x1e7/0x1960 [ 68.278898][ T7959] ? find_held_lock+0x35/0x130 [ 68.283669][ T7959] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 68.289311][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.295560][ T7959] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.302400][ T7959] ? v9fs_show_options+0x7e0/0x7e0 [ 68.307525][ T7959] ? v9fs_mount+0x5e/0x920 [ 68.312252][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.318121][ T7959] ? kmem_cache_alloc_trace+0x354/0x760 [ 68.323802][ T7959] ? legacy_init_fs_context+0x48/0xe0 [ 68.329182][ T7959] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.335002][ T7959] v9fs_mount+0x7d/0x920 [ 68.339261][ T7959] ? v9fs_write_inode+0x70/0x70 [ 68.344120][ T7959] legacy_get_tree+0xf2/0x200 [ 68.348801][ T7959] vfs_get_tree+0x123/0x450 [ 68.353311][ T7959] do_mount+0x1436/0x2c40 [ 68.357648][ T7959] ? copy_mount_string+0x40/0x40 [ 68.362675][ T7959] ? _copy_from_user+0xdd/0x150 [ 68.367627][ T7959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.374131][ T7959] ? copy_mount_options+0x280/0x3a0 [ 68.379336][ T7959] ksys_mount+0xdb/0x150 [ 68.383585][ T7959] __x64_sys_mount+0xbe/0x150 [ 68.388270][ T7959] do_syscall_64+0x103/0x610 [ 68.392870][ T7959] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 68.398765][ T7959] RIP: 0033:0x458da9 [ 68.402663][ T7959] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.422296][ T7959] RSP: 002b:00007f2e68c68c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.430733][ T7959] RAX: ffffffffffffffda RBX: 00007f2e68c68c90 RCX: 0000000000458da9 [ 68.438749][ T7959] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 68.446731][ T7959] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 68.454717][ T7959] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2e68c696d4 [ 68.462790][ T7959] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 68.470802][ T7978] CPU: 0 PID: 7978 Comm: syz-executor.0 Not tainted 5.1.0-rc7+ #96 [ 68.478735][ T7978] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 68.488795][ T7978] Call Trace: [ 68.492101][ T7978] dump_stack+0x172/0x1f0 [ 68.496436][ T7978] should_fail.cold+0xa/0x15 [ 68.501027][ T7978] ? p9_client_prepare_req.part.0+0xa3/0x7a0 [ 68.507096][ T7978] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.512902][ T7978] ? do_mount+0x1436/0x2c40 [ 68.517747][ T7978] ? ksys_mount+0xdb/0x150 [ 68.522158][ T7978] ? __x64_sys_mount+0xbe/0x150 [ 68.527004][ T7978] ? do_syscall_64+0x103/0x610 [ 68.531766][ T7978] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 68.537845][ T7978] should_fail_alloc_page+0x50/0x60 [ 68.543053][ T7978] __alloc_pages_nodemask+0x1a1/0x8d0 [ 68.548432][ T7978] ? find_held_lock+0x35/0x130 [ 68.553203][ T7978] ? __alloc_pages_slowpath+0x28b0/0x28b0 [ 68.558932][ T7978] ? lock_downgrade+0x880/0x880 [ 68.563787][ T7978] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.569648][ T7978] cache_grow_begin+0x9c/0x860 [ 68.574419][ T7978] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 68.579701][ T7978] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 68.585976][ T7978] __kmalloc+0x67f/0x740 [ 68.590248][ T7978] ? p9_client_prepare_req.part.0+0x3d/0x7a0 [ 68.596253][ T7978] ? p9_fcall_init.isra.0+0x6d/0x1d0 [ 68.601554][ T7978] p9_fcall_init.isra.0+0x6d/0x1d0 [ 68.606673][ T7978] p9_client_prepare_req.part.0+0x142/0x7a0 [ 68.612598][ T7978] p9_client_rpc+0x21c/0x1230 [ 68.617278][ T7978] ? add_wait_queue+0x112/0x170 [ 68.623097][ T7978] ? p9_pollwait+0x76/0x210 [ 68.627603][ T7978] ? p9_client_destroy+0x360/0x360 [ 68.632719][ T7978] ? p9_conn_create+0x4f0/0x4f0 [ 68.637584][ T7978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.643832][ T7978] ? pipe_poll+0x2c4/0x340 [ 68.648265][ T7978] ? generic_pipe_buf_confirm+0x10/0x10 [ 68.653815][ T7978] ? p9_fd_poll+0x1e7/0x2c0 [ 68.658325][ T7978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.664579][ T7978] ? p9_conn_create+0x3ef/0x4f0 [ 68.669442][ T7978] ? p9_fd_create+0x277/0x3a0 [ 68.674132][ T7978] ? parse_opts.part.0+0x330/0x330 [ 68.679270][ T7978] p9_client_create+0xb8b/0x1400 [ 68.684214][ T7978] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.690040][ T7978] ? p9_client_zc_rpc.constprop.0+0x10c0/0x10c0 [ 68.696296][ T7978] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.702205][ T7978] ? ksys_mount+0xdb/0x150 [ 68.706632][ T7978] ? lockdep_init_map+0xd5/0x6d0 [ 68.711579][ T7978] v9fs_session_init+0x1e7/0x1960 [ 68.716608][ T7978] ? v9fs_session_init+0x1e7/0x1960 [ 68.721896][ T7978] ? find_held_lock+0x35/0x130 [ 68.726685][ T7978] ? fs_reclaim_acquire.part.0+0x30/0x30 [ 68.732336][ T7978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.738602][ T7978] ? fault_create_debugfs_attr+0x1e0/0x1e0 [ 68.744440][ T7978] ? v9fs_show_options+0x7e0/0x7e0 [ 68.749567][ T7978] ? v9fs_mount+0x5e/0x920 [ 68.753997][ T7978] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.759728][ T7978] ? kmem_cache_alloc_trace+0x354/0x760 [ 68.765281][ T7978] ? legacy_init_fs_context+0x48/0xe0 [ 68.770662][ T7978] ? rcu_read_lock_sched_held+0x110/0x130 [ 68.776400][ T7978] v9fs_mount+0x7d/0x920 [ 68.780649][ T7978] ? v9fs_write_inode+0x70/0x70 [ 68.785511][ T7978] legacy_get_tree+0xf2/0x200 [ 68.790200][ T7978] vfs_get_tree+0x123/0x450 [ 68.794731][ T7978] do_mount+0x1436/0x2c40 [ 68.799444][ T7978] ? copy_mount_string+0x40/0x40 [ 68.804584][ T7978] ? _copy_from_user+0xdd/0x150 [ 68.809531][ T7978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 68.815787][ T7978] ? copy_mount_options+0x280/0x3a0 [ 68.821002][ T7978] ksys_mount+0xdb/0x150 [ 68.825262][ T7978] __x64_sys_mount+0xbe/0x150 [ 68.829951][ T7978] do_syscall_64+0x103/0x610 [ 68.834569][ T7978] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 68.840662][ T7978] RIP: 0033:0x458da9 [ 68.844565][ T7978] Code: ad b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b8 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 68.864371][ T7978] RSP: 002b:00007fc46d357c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.872889][ T7978] RAX: ffffffffffffffda RBX: 00007fc46d357c90 RCX: 0000000000458da9 [ 68.880882][ T7978] RDX: 0000000020000100 RSI: 00000000200000c0 RDI: 0000000000000000 [ 68.888869][ T7978] RBP: 000000000073bf00 R08: 00000000200013c0 R09: 0000000000000000 [ 68.896967][ T7978] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc46d3586d4 [ 68.904974][ T7978] R13: 00000000004c4da7 R14: 00000000004d8a20 R15: 0000000000000005 [ 68.914174][ T7959] Kernel Offset: disabled [ 68.918647][ T7959] Rebooting in 86400 seconds..