Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.50' (ECDSA) to the list of known hosts. syzkaller login: [ 32.850421] FAULT_INJECTION: forcing a failure. [ 32.850421] name failslab, interval 1, probability 0, space 0, times 1 [ 32.861754] CPU: 0 PID: 8099 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 32.869626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.878958] Call Trace: [ 32.881531] dump_stack+0x1fc/0x2ef [ 32.885140] should_fail.cold+0xa/0xf [ 32.888924] ? setup_fault_attr+0x200/0x200 [ 32.893228] ? lock_acquire+0x170/0x3c0 [ 32.897185] __should_failslab+0x115/0x180 [ 32.901399] should_failslab+0x5/0x10 [ 32.905182] kmem_cache_alloc+0x277/0x370 [ 32.909310] anon_vma_fork+0xed/0x630 [ 32.913089] ? dup_userfaultfd+0x157/0x6b0 [ 32.917390] ? kmem_cache_alloc+0x315/0x370 [ 32.921707] copy_process.part.0+0x360f/0x8260 [ 32.926297] ? __cleanup_sighand+0x60/0x60 [ 32.930513] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 32.935078] ? debug_object_init_on_stack+0x20/0x20 [ 32.940088] ? kfree+0x110/0x210 [ 32.943437] _do_fork+0x22f/0xf30 [ 32.946872] ? fork_idle+0x220/0x220 [ 32.950563] ? blkcg_schedule_throttle+0x1f0/0x1f0 [ 32.955470] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 32.960035] ? _raw_spin_unlock_irq+0x5a/0x80 [ 32.964512] ? task_work_run+0x126/0x1c0 [ 32.968554] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 32.973896] ? trace_hardirqs_off_caller+0x6e/0x210 [ 32.978890] ? do_syscall_64+0x21/0x620 [ 32.982845] do_syscall_64+0xf9/0x620 [ 32.986633] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 32.991803] RIP: 0033:0x44353b [ 32.994981] Code: ed 0f 85 60 01 00 00 64 4c 8b 0c 25 10 00 00 00 45 31 c0 4d 8d 91 d0 02 00 00 31 d2 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 89 00 00 00 41 89 c5 85 c0 0f 85 90 00 00 [ 33.013865] RSP: 002b:00007ffe510d3d90 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 33.021551] RAX: ffffffffffffffda RBX: 00000000004af098 RCX: 000000000044353b [ 33.028814] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 33.036059] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000002156300 [ 33.043324] R10: 00000000021565d0 R11: 0000000000000246 R12: 0000000000000000 [ 33.050658] R13: 0000000000000000 R14: 00000000004b2018 R15: 00000000004004a0 [ 33.078917] erofs: read_super, device -> /dev/loop2 [ 33.084025] erofs: options -> [ 33.088327] FAULT_INJECTION: forcing a failure. [ 33.088327] name failslab, interval 1, probability 0, space 0, times 0 [ 33.102867] erofs: root inode @ nid 36 [ 33.106922] CPU: 0 PID: 8105 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 33.114814] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.124160] Call Trace: [ 33.126753] dump_stack+0x1fc/0x2ef [ 33.128737] FAULT_INJECTION: forcing a failure. [ 33.128737] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 33.130397] should_fail.cold+0xa/0xf [ 33.145957] ? setup_fault_attr+0x200/0x200 [ 33.150268] ? lock_acquire+0x170/0x3c0 [ 33.154239] __should_failslab+0x115/0x180 [ 33.158497] should_failslab+0x5/0x10 [ 33.162287] kmem_cache_alloc_node_trace+0x244/0x3b0 [ 33.167378] __kmalloc_node+0x38/0x70 [ 33.171171] kvmalloc_node+0x61/0xf0 [ 33.174877] __list_lru_init+0x4c6/0x7f0 [ 33.178927] ? up_read+0x53/0x110 [ 33.182375] sget_userns+0x810/0xcd0 [ 33.186091] ? set_bdev_super+0x110/0x110 [ 33.190234] ? ns_test_super+0x50/0x50 [ 33.194112] ? set_bdev_super+0x110/0x110 [ 33.198248] ? ns_test_super+0x50/0x50 [ 33.202132] sget+0x102/0x140 [ 33.205228] mount_bdev+0xf8/0x3b0 [ 33.208757] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 33.214028] erofs_mount+0x8c/0xc0 [ 33.217559] ? erofs_kill_sb+0x20/0x20 [ 33.221440] ? alloc_pages_current+0x19b/0x2a0 [ 33.226010] ? __lockdep_init_map+0x100/0x5a0 [ 33.230494] mount_fs+0xa3/0x310 [ 33.233855] vfs_kern_mount.part.0+0x68/0x470 [ 33.238365] do_mount+0x113c/0x2f10 [ 33.241996] ? lock_acquire+0x170/0x3c0 [ 33.245962] ? check_preemption_disabled+0x41/0x280 [ 33.250967] ? copy_mount_string+0x40/0x40 [ 33.255189] ? copy_mount_options+0x59/0x380 [ 33.259588] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 33.264607] ? kmem_cache_alloc_trace+0x323/0x380 [ 33.269442] ? copy_mount_options+0x26f/0x380 [ 33.273957] ksys_mount+0xcf/0x130 [ 33.277491] __x64_sys_mount+0xba/0x150 [ 33.281455] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 33.286065] do_syscall_64+0xf9/0x620 [ 33.289856] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.295033] RIP: 0033:0x445f0a [ 33.298214] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 33.317115] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 33.324810] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 33.332069] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 33.339323] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 33.346577] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 33.353832] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 33.361108] CPU: 1 PID: 8106 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 33.368987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.378336] Call Trace: [ 33.380936] dump_stack+0x1fc/0x2ef [ 33.384567] should_fail.cold+0xa/0xf [ 33.388375] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.393744] ? setup_fault_attr+0x200/0x200 [ 33.398064] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 33.403166] __alloc_pages_nodemask+0x239/0x2890 [ 33.407902] ? add_lock_to_list.constprop.0+0x17d/0x330 [ 33.413247] ? save_trace+0xd6/0x290 [ 33.416967] ? __lock_acquire+0x6de/0x3ff0 [ 33.421236] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 33.426068] ? mark_held_locks+0xf0/0xf0 [ 33.430115] ? mark_page_accessed+0x581/0xda0 [ 33.434593] ? fs_reclaim_release+0xd0/0x110 [ 33.438980] ? setup_fault_attr+0x200/0x200 [ 33.443299] ? lock_acquire+0x170/0x3c0 [ 33.447271] cache_grow_begin+0xa4/0x8a0 [ 33.451313] ? setup_fault_attr+0x200/0x200 [ 33.455614] ? lock_acquire+0x170/0x3c0 [ 33.459580] cache_alloc_refill+0x273/0x340 [ 33.463892] kmem_cache_alloc+0x346/0x370 [ 33.468021] erofs_fill_super+0x10a1/0x12cc [ 33.472327] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 33.477583] ? vsprintf+0x30/0x30 [ 33.481019] ? wait_for_completion_io+0x10/0x10 [ 33.485664] ? set_blocksize+0x163/0x3f0 [ 33.489705] mount_bdev+0x2fc/0x3b0 [ 33.493310] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 33.498572] erofs_mount+0x8c/0xc0 [ 33.502093] ? erofs_kill_sb+0x20/0x20 [ 33.505965] ? alloc_pages_current+0x19b/0x2a0 [ 33.510525] ? __lockdep_init_map+0x100/0x5a0 [ 33.515011] mount_fs+0xa3/0x310 [ 33.518361] vfs_kern_mount.part.0+0x68/0x470 [ 33.522837] do_mount+0x113c/0x2f10 [ 33.526470] ? lock_acquire+0x170/0x3c0 [ 33.530444] ? check_preemption_disabled+0x41/0x280 [ 33.535529] ? copy_mount_string+0x40/0x40 [ 33.539761] ? copy_mount_options+0x59/0x380 [ 33.544241] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 33.549250] ? kmem_cache_alloc_trace+0x323/0x380 [ 33.554079] ? copy_mount_options+0x26f/0x380 [ 33.558566] ksys_mount+0xcf/0x130 [ 33.562101] __x64_sys_mount+0xba/0x150 [ 33.566059] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 33.570631] do_syscall_64+0xf9/0x620 [ 33.574436] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.579614] RIP: 0033:0x445f0a [ 33.582791] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 33.601677] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 33.609383] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 33.616632] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 33.623890] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 33.631142] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 33.638393] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 33.646829] erofs: mounted on /dev/loop2 with opts: . [ 33.667450] erofs: read_super, device -> /dev/loop1 [ 33.672473] erofs: options -> [ 33.675709] erofs: root inode @ nid 36 [ 33.680090] erofs: read_super, device -> /dev/loop5 [ 33.685363] erofs: read_super, device -> /dev/loop3 [ 33.693820] erofs: mounted on /dev/loop1 with opts: . [ 33.697441] erofs: options -> [ 33.702338] erofs: options -> [ 33.705162] FAULT_INJECTION: forcing a failure. [ 33.705162] name failslab, interval 1, probability 0, space 0, times 0 [ 33.705886] erofs: root inode @ nid 36 [ 33.719510] CPU: 1 PID: 8114 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 33.722423] erofs: root inode @ nid 36 [ 33.728748] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.728753] Call Trace: [ 33.728772] dump_stack+0x1fc/0x2ef [ 33.728789] should_fail.cold+0xa/0xf [ 33.734952] FAULT_INJECTION: forcing a failure. [ 33.734952] name failslab, interval 1, probability 0, space 0, times 0 [ 33.742014] ? setup_fault_attr+0x200/0x200 [ 33.742029] ? lock_acquire+0x170/0x3c0 [ 33.742047] __should_failslab+0x115/0x180 [ 33.742064] should_failslab+0x5/0x10 [ 33.744933] FAULT_INJECTION: forcing a failure. [ 33.744933] name failslab, interval 1, probability 0, space 0, times 0 [ 33.748234] kmem_cache_alloc_trace+0x284/0x380 [ 33.748251] get_mountpoint+0x140/0x3c0 [ 33.748269] attach_recursive_mnt+0xc9/0xd80 [ 33.803677] ? count_mounts+0x210/0x210 [ 33.807642] ? lookup_mnt+0x420/0x420 [ 33.811429] ? vfs_kern_mount.part.0+0x2b4/0x470 [ 33.816176] graft_tree+0x187/0x210 [ 33.819798] do_add_mount+0x239/0x560 [ 33.823677] ? graft_tree+0x210/0x210 [ 33.827495] ? do_raw_spin_unlock+0x171/0x230 [ 33.831981] ? _raw_spin_unlock+0x29/0x40 [ 33.836118] ? vfs_kern_mount.part.0+0x2b9/0x470 [ 33.840864] do_mount+0x1956/0x2f10 [ 33.844494] ? lock_acquire+0x170/0x3c0 [ 33.848459] ? check_preemption_disabled+0x41/0x280 [ 33.853478] ? copy_mount_string+0x40/0x40 [ 33.857703] ? copy_mount_options+0x59/0x380 [ 33.862115] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 33.867127] ? kmem_cache_alloc_trace+0x323/0x380 [ 33.871962] ? copy_mount_options+0x26f/0x380 [ 33.876451] ksys_mount+0xcf/0x130 [ 33.879984] __x64_sys_mount+0xba/0x150 [ 33.883947] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 33.888518] do_syscall_64+0xf9/0x620 [ 33.892314] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 33.897489] RIP: 0033:0x445f0a [ 33.900669] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 33.919555] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 33.927251] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 33.934506] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 33.941761] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 33.949030] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 33.956284] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 33.963558] CPU: 0 PID: 8115 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 33.971439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.980789] Call Trace: [ 33.983203] erofs: unmounted for /dev/loop1 [ 33.983377] dump_stack+0x1fc/0x2ef [ 33.991323] should_fail.cold+0xa/0xf [ 33.995122] ? setup_fault_attr+0x200/0x200 [ 33.999442] ? lock_acquire+0x170/0x3c0 [ 34.003409] __should_failslab+0x115/0x180 [ 34.007641] should_failslab+0x5/0x10 [ 34.011433] kmem_cache_alloc+0x277/0x370 [ 34.015570] erofs_fill_super+0x10a1/0x12cc [ 34.019884] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 34.025149] ? vsprintf+0x30/0x30 [ 34.028606] ? wait_for_completion_io+0x10/0x10 [ 34.033265] ? set_blocksize+0x163/0x3f0 [ 34.037318] mount_bdev+0x2fc/0x3b0 [ 34.040935] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 34.046219] erofs_mount+0x8c/0xc0 [ 34.049750] ? erofs_kill_sb+0x20/0x20 [ 34.053646] ? alloc_pages_current+0x19b/0x2a0 [ 34.058236] ? __lockdep_init_map+0x100/0x5a0 [ 34.062720] mount_fs+0xa3/0x310 [ 34.066081] vfs_kern_mount.part.0+0x68/0x470 [ 34.070575] do_mount+0x113c/0x2f10 [ 34.074198] ? rcu_nmi_exit+0xb3/0x180 [ 34.078145] ? retint_kernel+0x2d/0x2d [ 34.082021] ? copy_mount_string+0x40/0x40 [ 34.086252] ? copy_mount_options+0x1cd/0x380 [ 34.090740] ? __sanitizer_cov_trace_const_cmp8+0x4/0x20 [ 34.096180] ? copy_mount_options+0x26f/0x380 [ 34.097832] erofs: read_super, device -> /dev/loop4 [ 34.100673] ksys_mount+0xcf/0x130 [ 34.105657] erofs: options -> [ 34.109186] __x64_sys_mount+0xba/0x150 [ 34.109202] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 34.109215] do_syscall_64+0xf9/0x620 [ 34.109235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.129820] erofs: root inode @ nid 36 [ 34.129888] RIP: 0033:0x445f0a [ 34.136931] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.141777] FAULT_INJECTION: forcing a failure. [ 34.141777] name failslab, interval 1, probability 0, space 0, times 0 [ 34.155820] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 34.155833] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 34.155841] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 34.155849] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 34.155857] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 34.155864] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 34.222409] CPU: 1 PID: 8116 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 34.227692] BUG: Dentry 0000000020277614{i=0,n=/} still in use (-128) [unmount of erofs loop3] [ 34.230392] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.230397] Call Trace: [ 34.230415] dump_stack+0x1fc/0x2ef [ 34.230433] should_fail.cold+0xa/0xf [ 34.230452] ? setup_fault_attr+0x200/0x200 [ 34.230466] ? lock_acquire+0x170/0x3c0 [ 34.230485] __should_failslab+0x115/0x180 [ 34.230502] should_failslab+0x5/0x10 [ 34.239444] ------------[ cut here ]------------ [ 34.248773] kmem_cache_alloc+0x277/0x370 [ 34.248790] erofs_fill_super+0x10a1/0x12cc [ 34.248811] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 34.251530] WARNING: CPU: 0 PID: 8115 at fs/dcache.c:1518 umount_check.cold+0xf2/0x116 [ 34.254977] ? vsprintf+0x30/0x30 [ 34.258795] Kernel panic - not syncing: panic_on_warn set ... [ 34.258795] [ 34.263101] ? wait_for_completion_io+0x10/0x10 [ 34.317081] ? set_blocksize+0x163/0x3f0 [ 34.321141] mount_bdev+0x2fc/0x3b0 [ 34.324760] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 34.330026] erofs_mount+0x8c/0xc0 [ 34.333555] ? erofs_kill_sb+0x20/0x20 [ 34.337458] ? alloc_pages_current+0x19b/0x2a0 [ 34.342026] ? __lockdep_init_map+0x100/0x5a0 [ 34.346509] mount_fs+0xa3/0x310 [ 34.349871] vfs_kern_mount.part.0+0x68/0x470 [ 34.354359] do_mount+0x113c/0x2f10 [ 34.357995] ? rcu_nmi_exit+0xb3/0x180 [ 34.361872] ? retint_kernel+0x2d/0x2d [ 34.365762] ? copy_mount_string+0x40/0x40 [ 34.369987] ? copy_mount_options+0x1cd/0x380 [ 34.374485] ? audit_kill_trees+0x230/0x230 [ 34.378795] ? copy_mount_options+0x26f/0x380 [ 34.383297] ksys_mount+0xcf/0x130 [ 34.386828] __x64_sys_mount+0xba/0x150 [ 34.390795] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 34.395361] do_syscall_64+0xf9/0x620 [ 34.399158] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.404335] RIP: 0033:0x445f0a [ 34.407517] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.426418] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 34.434112] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 34.441371] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 34.448627] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 34.456020] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 34.463283] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 34.470568] CPU: 0 PID: 8115 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 34.478459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.487809] Call Trace: [ 34.490404] dump_stack+0x1fc/0x2ef [ 34.494032] panic+0x26a/0x50e [ 34.497236] ? __warn_printk+0xf3/0xf3 [ 34.501136] ? umount_check.cold+0xf2/0x116 [ 34.505450] ? __probe_kernel_read+0x130/0x1b0 [ 34.510026] ? __warn.cold+0x5/0x5a [ 34.513637] ? __warn+0xe4/0x200 [ 34.516995] ? umount_check.cold+0xf2/0x116 [ 34.521310] __warn.cold+0x20/0x5a [ 34.524840] ? umount_check.cold+0xf2/0x116 [ 34.529154] report_bug+0x262/0x2b0 [ 34.534944] do_error_trap+0x1d7/0x310 [ 34.538821] ? math_error+0x310/0x310 [ 34.542609] ? __irq_work_queue_local+0x101/0x160 [ 34.547442] ? irq_work_queue+0x29/0x80 [ 34.551407] ? error_entry+0x72/0xd0 [ 34.555113] ? trace_hardirqs_off_caller+0x6e/0x210 [ 34.560118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 34.564957] invalid_op+0x14/0x20 [ 34.568403] RIP: 0010:umount_check.cold+0xf2/0x116 [ 34.573336] Code: f9 4d 89 f1 45 89 e0 48 89 e9 41 55 4c 89 fa 48 89 ee 48 c7 c7 c0 a7 74 88 e8 99 f0 fe ff 48 c7 c7 c0 a6 74 88 e8 8d f0 fe ff <0f> 0b 58 e9 ee 16 b4 f9 e8 2a c3 a3 f9 e9 22 ff ff ff 48 89 df e8 [ 34.592228] RSP: 0018:ffff8880b14c7a98 EFLAGS: 00010286 [ 34.597669] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000 [ 34.604928] RDX: 0000000000000000 RSI: ffffffff814dfd61 RDI: ffffed1016298f45 [ 34.612187] RBP: ffff8880a2e452c0 R08: 0000000000000024 R09: 0000000000000000 [ 34.619464] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000ffffff80 [ 34.626719] R13: ffff8880b006af10 R14: ffffffff893f9a40 R15: 0000000000000000 [ 34.633998] ? vprintk_func+0x81/0x180 [ 34.637880] ? umount_check.cold+0xf2/0x116 [ 34.642196] d_walk+0x196/0x990 [ 34.645470] ? shrink_dcache_parent+0x120/0x120 [ 34.650739] ? debug_check_no_obj_freed+0x201/0x490 [ 34.655750] shrink_dcache_for_umount+0x87/0x330 [ 34.660498] generic_shutdown_super+0x68/0x370 [ 34.665080] kill_block_super+0x97/0xf0 [ 34.669045] deactivate_locked_super+0x94/0x160 [ 34.673702] mount_bdev+0x373/0x3b0 [ 34.677322] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 34.682593] erofs_mount+0x8c/0xc0 [ 34.686127] ? erofs_kill_sb+0x20/0x20 [ 34.689453] BUG: Dentry 0000000090c8f336{i=0,n=/} still in use (-128) [unmount of erofs loop5] [ 34.690008] ? alloc_pages_current+0x19b/0x2a0 [ 34.698883] ------------[ cut here ]------------ [ 34.703399] ? __lockdep_init_map+0x100/0x5a0 [ 34.703412] mount_fs+0xa3/0x310 [ 34.708353] WARNING: CPU: 1 PID: 8116 at fs/dcache.c:1518 umount_check.cold+0xf2/0x116 [ 34.712626] vfs_kern_mount.part.0+0x68/0x470 [ 34.715960] Modules linked in: [ 34.723996] do_mount+0x113c/0x2f10 [ 34.728466] CPU: 1 PID: 8116 Comm: syz-executor194 Not tainted 4.19.201-syzkaller #0 [ 34.731636] ? rcu_nmi_exit+0xb3/0x180 [ 34.735233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.743119] ? retint_kernel+0x2d/0x2d [ 34.747066] RIP: 0010:umount_check.cold+0xf2/0x116 [ 34.756398] ? copy_mount_string+0x40/0x40 [ 34.760259] Code: f9 4d 89 f1 45 89 e0 48 89 e9 41 55 4c 89 fa 48 89 ee 48 c7 c7 c0 a7 74 88 e8 99 f0 fe ff 48 c7 c7 c0 a6 74 88 e8 8d f0 fe ff <0f> 0b 58 e9 ee 16 b4 f9 e8 2a c3 a3 f9 e9 22 ff ff ff 48 89 df e8 [ 34.765166] ? copy_mount_options+0x1cd/0x380 [ 34.769376] RSP: 0018:ffff88809567fa98 EFLAGS: 00010286 [ 34.788364] ? __sanitizer_cov_trace_const_cmp8+0x4/0x20 [ 34.792827] RAX: 0000000000000024 RBX: 0000000000000000 RCX: 0000000000000000 [ 34.798171] ? copy_mount_options+0x26f/0x380 [ 34.803678] RDX: 0000000000000000 RSI: ffffffff814dfd61 RDI: ffffed1012acff45 [ 34.810932] ksys_mount+0xcf/0x130 [ 34.815398] RBP: ffff8880b54e1e40 R08: 0000000000000024 R09: 0000000000000000 [ 34.822650] __x64_sys_mount+0xba/0x150 [ 34.826249] R10: 0000000000000005 R11: 0000000000000000 R12: 00000000ffffff80 [ 34.833507] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 34.837452] R13: ffff8880b0114f50 R14: ffffffff893f9a40 R15: 0000000000000000 [ 34.844704] do_syscall_64+0xf9/0x620 [ 34.849258] FS: 0000000002156300(0000) GS:ffff8880ba100000(0000) knlGS:0000000000000000 [ 34.856514] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 34.860284] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 34.868491] RIP: 0033:0x445f0a [ 34.873661] CR2: 00007f33554a2000 CR3: 00000000a5ec1000 CR4: 00000000001406e0 [ 34.879524] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 34.882702] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 34.889949] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 34.908831] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 34.916099] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 34.923789] Call Trace: [ 34.931044] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 34.938399] d_walk+0x196/0x990 [ 34.940965] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 34.948227] ? shrink_dcache_parent+0x120/0x120 [ 34.951476] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 34.958732] ? debug_check_no_obj_freed+0x201/0x490 [ 34.963386] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 34.970765] shrink_dcache_for_umount+0x87/0x330 [ 34.987744] generic_shutdown_super+0x68/0x370 [ 34.992327] kill_block_super+0x97/0xf0 [ 34.996307] deactivate_locked_super+0x94/0x160 [ 35.000967] mount_bdev+0x373/0x3b0 [ 35.004584] ? gb_gbphy_register_driver.cold+0x39/0x39 [ 35.009855] erofs_mount+0x8c/0xc0 [ 35.013390] ? erofs_kill_sb+0x20/0x20 [ 35.017277] ? alloc_pages_current+0x19b/0x2a0 [ 35.021852] ? __lockdep_init_map+0x100/0x5a0 [ 35.026342] mount_fs+0xa3/0x310 [ 35.029707] vfs_kern_mount.part.0+0x68/0x470 [ 35.034244] do_mount+0x113c/0x2f10 [ 35.037954] ? rcu_nmi_exit+0xb3/0x180 [ 35.041839] ? retint_kernel+0x2d/0x2d [ 35.045720] ? copy_mount_string+0x40/0x40 [ 35.049949] ? copy_mount_options+0x1cd/0x380 [ 35.054455] ? audit_kill_trees+0x230/0x230 [ 35.058769] ? copy_mount_options+0x26f/0x380 [ 35.063263] ksys_mount+0xcf/0x130 [ 35.066812] __x64_sys_mount+0xba/0x150 [ 35.070780] ? lockdep_hardirqs_on+0x3a8/0x5c0 [ 35.075350] do_syscall_64+0xf9/0x620 [ 35.079149] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 35.084325] RIP: 0033:0x445f0a [ 35.087509] Code: 48 c7 c2 c0 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff eb d2 e8 a8 00 00 00 0f 1f 84 00 00 00 00 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48 [ 35.106398] RSP: 002b:00007ffe510d3c18 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 35.114099] RAX: ffffffffffffffda RBX: 00007ffe510d3c70 RCX: 0000000000445f0a [ 35.121356] RDX: 0000000020000000 RSI: 0000000020000100 RDI: 00007ffe510d3c30 [ 35.128613] RBP: 00007ffe510d3c30 R08: 00007ffe510d3c70 R09: 0000000000000000 [ 35.135868] R10: 0000000000000000 R11: 0000000000000286 R12: 0000000020000248 [ 35.143125] R13: 0000000000000005 R14: 0000000000000006 R15: 0000000000000003 [ 35.150403] irq event stamp: 2198 [ 35.153848] hardirqs last enabled at (2197): [] trace_hardirqs_on_thunk+0x1a/0x1c [ 35.163111] hardirqs last disabled at (2198): [] trace_hardirqs_off_thunk+0x1a/0x1c [ 35.172461] softirqs last enabled at (2196): [] __do_softirq+0x678/0x980 [ 35.180939] softirqs last disabled at (2185): [] irq_exit+0x215/0x260 [ 35.189065] ---[ end trace 0fe773ca502d0de0 ]--- [ 35.195097] Kernel Offset: disabled [ 35.198871] Rebooting in 86400 seconds..