INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.10.6' (ECDSA) to the list of known hosts. syzkaller login: [ 107.396616] FAULT_INJECTION: forcing a failure. [ 107.396616] name failslab, interval 1, probability 0, space 0, times 1 [ 107.407988] CPU: 0 PID: 4517 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 107.415080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 107.424415] Call Trace: [ 107.426995] dump_stack+0x1b9/0x294 [ 107.430617] ? dump_stack_print_info.cold.2+0x52/0x52 [ 107.435803] should_fail.cold.4+0xa/0x1a [ 107.439851] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 107.444948] ? lock_downgrade+0x8e0/0x8e0 [ 107.449075] ? lock_downgrade+0x8e0/0x8e0 [ 107.453207] ? debug_check_no_locks_freed+0x310/0x310 [ 107.458383] ? find_held_lock+0x36/0x1c0 [ 107.462434] ? check_same_owner+0x320/0x320 [ 107.466739] ? rcu_note_context_switch+0x710/0x710 [ 107.471745] __should_failslab+0x124/0x180 [ 107.475967] should_failslab+0x9/0x14 [ 107.479749] kmem_cache_alloc_node+0x272/0x780 [ 107.484324] ? rcu_read_lock_sched_held+0x108/0x120 [ 107.489325] ? flush_tlb_func_common.constprop.18+0x891/0xd70 [ 107.495197] copy_process.part.38+0x16bf/0x6ee0 [ 107.499852] ? __lru_cache_add+0x31c/0x440 [ 107.504072] ? __pagevec_lru_add+0x30/0x30 [ 107.508291] ? print_usage_bug+0xc0/0xc0 [ 107.512335] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 107.517508] ? print_usage_bug+0xc0/0xc0 [ 107.521554] ? __cleanup_sighand+0x70/0x70 [ 107.525773] ? page_remove_rmap+0x1f1/0x1250 [ 107.530165] ? graph_lock+0x170/0x170 [ 107.533947] ? page_add_file_rmap+0xe20/0xe20 [ 107.538424] ? mark_held_locks+0xc9/0x160 [ 107.542561] ? page_add_new_anon_rmap+0x3ff/0x850 [ 107.547395] ? find_held_lock+0x36/0x1c0 [ 107.551441] ? lock_downgrade+0x8e0/0x8e0 [ 107.555576] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 107.561105] ? put_page+0x1c1/0x270 [ 107.564714] ? get_page+0x230/0x230 [ 107.568333] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 107.572898] ? pmd_clear_bad+0x150/0x150 [ 107.576939] ? kasan_check_write+0x14/0x20 [ 107.581178] ? do_raw_spin_lock+0xc1/0x200 [ 107.585397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 107.590917] ? wp_page_copy+0xbc7/0x14a0 [ 107.594962] ? do_page_mkwrite+0x500/0x500 [ 107.599179] ? lock_downgrade+0x8e0/0x8e0 [ 107.603314] ? kasan_check_read+0x11/0x20 [ 107.607618] ? do_raw_spin_unlock+0x9e/0x2e0 [ 107.612007] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 107.616574] ? __pte_alloc_kernel+0x2e0/0x2e0 [ 107.621058] ? do_wp_page+0x42d/0x1990 [ 107.624930] ? finish_mkwrite_fault+0x610/0x610 [ 107.629586] ? debug_check_no_locks_freed+0x310/0x310 [ 107.634759] ? find_held_lock+0x36/0x1c0 [ 107.638814] ? lock_acquire+0x1dc/0x520 [ 107.642775] ? lock_release+0xa10/0xa10 [ 107.646736] ? kasan_check_read+0x11/0x20 [ 107.650867] ? do_raw_spin_unlock+0x9e/0x2e0 [ 107.655260] ? kasan_check_write+0x14/0x20 [ 107.659479] ? do_raw_spin_lock+0xc1/0x200 [ 107.663699] ? __handle_mm_fault+0x88c/0x4150 [ 107.668179] ? vm_insert_mixed_mkwrite+0x40/0x40 [ 107.672914] ? graph_lock+0x170/0x170 [ 107.676696] ? to_ratio+0x20/0x20 [ 107.680129] ? graph_lock+0x170/0x170 [ 107.683910] ? find_held_lock+0x36/0x1c0 [ 107.688058] _do_fork+0x291/0x12a0 [ 107.691606] ? fork_idle+0x1a0/0x1a0 [ 107.695300] ? lock_downgrade+0x8e0/0x8e0 [ 107.699448] ? handle_mm_fault+0x8c0/0xc70 [ 107.703683] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 107.709211] ? handle_mm_fault+0x55a/0xc70 [ 107.713430] ? __handle_mm_fault+0x4150/0x4150 [ 107.718003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 107.723536] ? __do_page_fault+0x441/0xe40 [ 107.727765] ? mm_fault_error+0x380/0x380 [ 107.731900] SyS_clone+0x37/0x50 [ 107.735245] ? sys_vfork+0x30/0x30 [ 107.738777] do_syscall_64+0x29e/0x9d0 [ 107.742643] ? vmalloc_sync_all+0x30/0x30 [ 107.746774] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 107.751601] ? syscall_return_slowpath+0x5c0/0x5c0 [ 107.756525] ? syscall_return_slowpath+0x30f/0x5c0 [ 107.761440] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 107.766962] ? retint_user+0x18/0x18 [ 107.770675] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 107.775519] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 107.780689] RIP: 0033:0x440dba [ 107.783860] RSP: 002b:00007ffd890f9000 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 107.791552] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440dba [ 107.798803] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 107.806053] RBP: 00007ffd890f9020 R08: 0000000000000000 R09: 0000000001d80880 [ 107.813300] R10: 0000000001d80b50 R11: 0000000000000246 R12: 0000000000000000 [ 107.820549] R13: 0000000000403320 R14: 0000000000000000 R15: 0000000000000000 [ 107.836203] IPVS: ftp: loaded support on port[0] = 21 [ 107.839785] IPVS: ftp: loaded support on port[0] = 21 [ 107.850505] IPVS: ftp: loaded support on port[0] = 21 [ 107.857397] IPVS: ftp: loaded support on port[0] = 21 [ 107.863197] IPVS: ftp: loaded support on port[0] = 21 [ 107.866784] IPVS: ftp: loaded support on port[0] = 21 [ 107.874202] IPVS: ftp: loaded support on port[0] = 21 [ 107.991316] FAULT_INJECTION: forcing a failure. [ 107.991316] name failslab, interval 1, probability 0, space 0, times 0 [ 108.002902] CPU: 0 PID: 4533 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 108.009896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.011747] FAULT_INJECTION: forcing a failure. [ 108.011747] name failslab, interval 1, probability 0, space 0, times 0 [ 108.019572] Call Trace: [ 108.019596] dump_stack+0x1b9/0x294 [ 108.019607] ? dump_stack_print_info.cold.2+0x52/0x52 [ 108.019616] ? __lock_acquire+0x7f5/0x5130 [ 108.019630] should_fail.cold.4+0xa/0x1a [ 108.019640] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 108.019648] ? lock_downgrade+0x8e0/0x8e0 [ 108.019658] ? graph_lock+0x170/0x170 [ 108.019673] ? find_held_lock+0x36/0x1c0 [ 108.019683] ? __lock_is_held+0xb5/0x140 [ 108.071733] ? check_same_owner+0x320/0x320 [ 108.076036] ? graph_lock+0x170/0x170 [ 108.079833] ? rcu_note_context_switch+0x710/0x710 [ 108.084748] __should_failslab+0x124/0x180 [ 108.088965] should_failslab+0x9/0x14 [ 108.092748] kmem_cache_alloc+0x2af/0x760 [ 108.096874] ? find_held_lock+0x36/0x1c0 [ 108.100920] __d_alloc+0xc1/0xc00 [ 108.104356] ? shrink_dcache_for_umount+0x290/0x290 [ 108.109354] ? graph_lock+0x170/0x170 [ 108.113136] ? kasan_check_read+0x11/0x20 [ 108.117264] ? do_raw_spin_unlock+0x9e/0x2e0 [ 108.121655] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 108.126305] ? find_held_lock+0x36/0x1c0 [ 108.130348] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 108.135868] ? hashlen_string+0x1ea/0x2f0 [ 108.140012] d_alloc+0x8e/0x370 [ 108.143291] ? check_same_owner+0x320/0x320 [ 108.147596] ? current_kernel_time64+0x242/0x2f0 [ 108.152333] ? __d_alloc+0xc00/0xc00 [ 108.156030] d_alloc_name+0xb3/0x110 [ 108.159726] ? down_write+0x87/0x120 [ 108.163433] ? d_alloc+0x370/0x370 [ 108.166954] ? down_read+0x1b0/0x1b0 [ 108.170657] proc_setup_thread_self+0xbe/0x375 [ 108.175223] proc_fill_super+0x26b/0x2f5 [ 108.179266] mount_ns+0x12a/0x1d0 [ 108.182700] ? proc_get_inode+0x670/0x670 [ 108.186838] proc_mount+0x73/0xa0 [ 108.190281] mount_fs+0xae/0x328 [ 108.193632] vfs_kern_mount.part.34+0xd4/0x4d0 [ 108.198199] ? may_umount+0xb0/0xb0 [ 108.201809] ? kasan_check_read+0x11/0x20 [ 108.205949] ? do_raw_spin_unlock+0x9e/0x2e0 [ 108.210337] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 108.214902] ? idr_alloc+0x1a0/0x1a0 [ 108.218599] kern_mount_data+0x50/0xc0 [ 108.222472] pid_ns_prepare_proc+0x1e/0x90 [ 108.226698] alloc_pid+0x8cf/0xa50 [ 108.230218] ? __change_pid+0x410/0x410 [ 108.234173] ? ns_capable_common+0x13f/0x170 [ 108.238568] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 108.244086] ? memset+0x31/0x40 [ 108.247350] ? copy_thread_tls+0x265/0x800 [ 108.251570] copy_process.part.38+0x36bf/0x6ee0 [ 108.256238] ? __lock_acquire+0x7f5/0x5130 [ 108.260478] ? __lock_acquire+0x7f5/0x5130 [ 108.264726] ? __cleanup_sighand+0x70/0x70 [ 108.268964] ? debug_check_no_locks_freed+0x310/0x310 [ 108.274168] ? print_usage_bug+0xc0/0xc0 [ 108.278240] ? print_usage_bug+0xc0/0xc0 [ 108.282286] ? kasan_check_read+0x11/0x20 [ 108.286416] ? __lock_acquire+0x7f5/0x5130 [ 108.290649] ? print_usage_bug+0xc0/0xc0 [ 108.294699] ? debug_check_no_locks_freed+0x310/0x310 [ 108.299872] ? __lock_acquire+0x7f5/0x5130 [ 108.304088] ? lock_downgrade+0x8e0/0x8e0 [ 108.308222] ? print_usage_bug+0xc0/0xc0 [ 108.312265] ? graph_lock+0x170/0x170 [ 108.316052] ? graph_lock+0x170/0x170 [ 108.320008] ? __lock_acquire+0x7f5/0x5130 [ 108.324223] ? find_held_lock+0x36/0x1c0 [ 108.328266] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 108.333784] ? _parse_integer+0x13b/0x190 [ 108.337922] ? graph_lock+0x170/0x170 [ 108.341726] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 108.347244] ? _kstrtoull+0x180/0x230 [ 108.351023] ? _parse_integer+0x190/0x190 [ 108.355152] ? graph_lock+0x170/0x170 [ 108.358948] ? lock_release+0xa10/0xa10 [ 108.362903] ? check_same_owner+0x320/0x320 [ 108.367207] ? find_held_lock+0x36/0x1c0 [ 108.371264] ? lock_downgrade+0x8e0/0x8e0 [ 108.375408] ? kasan_check_read+0x11/0x20 [ 108.379542] ? rcu_is_watching+0x85/0x140 [ 108.383670] ? pid_task+0x10e/0x1e0 [ 108.387289] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 108.392458] ? save_stack+0xa9/0xd0 [ 108.396067] ? graph_lock+0x170/0x170 [ 108.399853] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 108.405371] ? proc_fail_nth_write+0x96/0x1f0 [ 108.409846] ? proc_cwd_link+0x1d0/0x1d0 [ 108.413899] ? kasan_check_read+0x11/0x20 [ 108.418026] ? do_raw_spin_unlock+0x9e/0x2e0 [ 108.422417] ? find_held_lock+0x36/0x1c0 [ 108.426462] _do_fork+0x291/0x12a0 [ 108.430003] ? fork_idle+0x1a0/0x1a0 [ 108.433699] ? __lock_is_held+0xb5/0x140 [ 108.437747] ? __sb_end_write+0xac/0xe0 [ 108.441703] ? vfs_write+0x2a8/0x560 [ 108.445400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 108.450918] ? ksys_write+0x1a6/0x250 [ 108.454702] ? SyS_read+0x30/0x30 [ 108.458138] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 108.462963] SyS_clone+0x37/0x50 [ 108.466310] ? sys_vfork+0x30/0x30 [ 108.469829] do_syscall_64+0x29e/0x9d0 [ 108.473698] ? vmalloc_sync_all+0x30/0x30 [ 108.477827] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 108.482580] ? syscall_return_slowpath+0x5c0/0x5c0 [ 108.487503] ? syscall_return_slowpath+0x30f/0x5c0 [ 108.492417] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 108.497772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 108.502601] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 108.507767] RIP: 0033:0x442639 [ 108.510933] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 108.518622] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 108.525872] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 108.533139] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 108.540389] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 108.547637] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 108.554903] CPU: 1 PID: 4537 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 108.555241] proc_fill_super: can't allocate /proc/thread_self [ 108.561949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 108.561954] Call Trace: [ 108.561972] dump_stack+0x1b9/0x294 [ 108.561982] ? dump_stack_print_info.cold.2+0x52/0x52 [ 108.561998] ? __save_stack_trace+0x7e/0xd0 [ 108.569443] FAULT_INJECTION: forcing a failure. [ 108.569443] name failslab, interval 1, probability 0, space 0, times 0 [ 108.577270] should_fail.cold.4+0xa/0x1a [ 108.577283] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 108.577299] ? save_stack+0x43/0xd0 [ 108.616807] ? kasan_kmalloc+0xc4/0xe0 [ 108.620676] ? kmem_cache_alloc_trace+0x152/0x780 [ 108.625498] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 108.630680] ? __list_lru_init+0x456/0x790 [ 108.635543] ? sget_userns+0x706/0xf20 [ 108.639430] ? graph_lock+0x170/0x170 [ 108.643211] ? kern_mount_data+0x50/0xc0 [ 108.647254] ? pid_ns_prepare_proc+0x1e/0x90 [ 108.651641] ? alloc_pid+0x8cf/0xa50 [ 108.655333] ? copy_process.part.38+0x36bf/0x6ee0 [ 108.660196] ? _do_fork+0x291/0x12a0 [ 108.663898] ? SyS_clone+0x37/0x50 [ 108.667446] ? find_held_lock+0x36/0x1c0 [ 108.671488] ? __lock_is_held+0xb5/0x140 [ 108.675535] ? check_same_owner+0x320/0x320 [ 108.679842] ? rcu_note_context_switch+0x710/0x710 [ 108.684752] __should_failslab+0x124/0x180 [ 108.688970] should_failslab+0x9/0x14 [ 108.692749] kmem_cache_alloc_trace+0x2cb/0x780 [ 108.697397] ? __kmalloc_node+0x33/0x70 [ 108.701352] ? __kmalloc_node+0x33/0x70 [ 108.705309] ? rcu_read_lock_sched_held+0x108/0x120 [ 108.710307] __memcg_init_list_lru_node+0x17d/0x2c0 [ 108.715304] ? kvfree_rcu+0x20/0x20 [ 108.718926] ? __kmalloc_node+0x47/0x70 [ 108.722885] __list_lru_init+0x456/0x790 [ 108.726931] ? list_lru_destroy+0x4c0/0x4c0 [ 108.731241] ? mark_held_locks+0xc9/0x160 [ 108.735371] ? __raw_spin_lock_init+0x1c/0x100 [ 108.739933] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 108.744931] ? lockdep_init_map+0x9/0x10 [ 108.748972] sget_userns+0x706/0xf20 [ 108.752666] ? set_anon_super+0x20/0x20 [ 108.756720] ? get_empty_filp.cold.7+0x3e/0x3e [ 108.761284] ? destroy_unused_super.part.9+0x100/0x100 [ 108.766545] ? __alloc_pages_slowpath+0x2dc0/0x2dc0 [ 108.771545] ? save_stack+0x43/0xd0 [ 108.775155] ? kasan_kmalloc+0xc4/0xe0 [ 108.779023] ? kasan_slab_alloc+0x12/0x20 [ 108.783149] ? kmem_cache_alloc+0x12e/0x760 [ 108.787452] ? copy_process.part.38+0x36bf/0x6ee0 [ 108.792278] ? graph_lock+0x170/0x170 [ 108.796061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 108.801585] mount_ns+0x8f/0x1d0 [ 108.804934] ? proc_get_inode+0x670/0x670 [ 108.809063] proc_mount+0x73/0xa0 [ 108.812510] mount_fs+0xae/0x328 [ 108.815860] vfs_kern_mount.part.34+0xd4/0x4d0 [ 108.820424] ? may_umount+0xb0/0xb0 [ 108.824032] ? kasan_check_read+0x11/0x20 [ 108.828162] ? do_raw_spin_unlock+0x9e/0x2e0 [ 108.832574] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 108.837139] ? idr_alloc+0x1a0/0x1a0 [ 108.840850] kern_mount_data+0x50/0xc0 [ 108.844721] pid_ns_prepare_proc+0x1e/0x90 [ 108.849407] alloc_pid+0x8cf/0xa50 [ 108.852926] ? __change_pid+0x410/0x410 [ 108.856876] ? ns_capable_common+0x13f/0x170 [ 108.861268] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 108.866798] ? memset+0x31/0x40 [ 108.870061] ? copy_thread_tls+0x265/0x800 [ 108.874277] copy_process.part.38+0x36bf/0x6ee0 [ 108.878928] ? __lock_acquire+0x7f5/0x5130 [ 108.883144] ? __lock_acquire+0x7f5/0x5130 [ 108.887368] ? __cleanup_sighand+0x70/0x70 [ 108.891582] ? debug_check_no_locks_freed+0x310/0x310 [ 108.896751] ? print_usage_bug+0xc0/0xc0 [ 108.900792] ? print_usage_bug+0xc0/0xc0 [ 108.904836] ? kasan_check_read+0x11/0x20 [ 108.908966] ? __lock_acquire+0x7f5/0x5130 [ 108.913181] ? print_usage_bug+0xc0/0xc0 [ 108.917229] ? debug_check_no_locks_freed+0x310/0x310 [ 108.922399] ? __lock_acquire+0x7f5/0x5130 [ 108.926615] ? lock_downgrade+0x8e0/0x8e0 [ 108.930752] ? print_usage_bug+0xc0/0xc0 [ 108.934811] ? graph_lock+0x170/0x170 [ 108.938595] ? graph_lock+0x170/0x170 [ 108.942376] ? __lock_acquire+0x7f5/0x5130 [ 108.946592] ? find_held_lock+0x36/0x1c0 [ 108.950632] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 108.956148] ? _parse_integer+0x13b/0x190 [ 108.960275] ? graph_lock+0x170/0x170 [ 108.964054] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 108.969571] ? _kstrtoull+0x180/0x230 [ 108.973353] ? _parse_integer+0x190/0x190 [ 108.977482] ? graph_lock+0x170/0x170 [ 108.981260] ? lock_release+0xa10/0xa10 [ 108.985214] ? check_same_owner+0x320/0x320 [ 108.989527] ? find_held_lock+0x36/0x1c0 [ 108.993580] ? lock_downgrade+0x8e0/0x8e0 [ 108.997711] ? kasan_check_read+0x11/0x20 [ 109.002013] ? rcu_is_watching+0x85/0x140 [ 109.006224] ? pid_task+0x10e/0x1e0 [ 109.010806] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 109.016067] ? save_stack+0xa9/0xd0 [ 109.019679] ? graph_lock+0x170/0x170 [ 109.023465] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 109.028988] ? proc_fail_nth_write+0x96/0x1f0 [ 109.033466] ? proc_cwd_link+0x1d0/0x1d0 [ 109.037597] ? kasan_check_read+0x11/0x20 [ 109.041725] ? do_raw_spin_unlock+0x9e/0x2e0 [ 109.046120] ? find_held_lock+0x36/0x1c0 [ 109.050251] _do_fork+0x291/0x12a0 [ 109.053792] ? fork_idle+0x1a0/0x1a0 [ 109.057488] ? __lock_is_held+0xb5/0x140 [ 109.061554] ? __sb_end_write+0xac/0xe0 [ 109.065512] ? vfs_write+0x2a8/0x560 [ 109.069211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 109.074727] ? ksys_write+0x1a6/0x250 [ 109.078508] ? SyS_read+0x30/0x30 [ 109.081944] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 109.086766] SyS_clone+0x37/0x50 [ 109.090111] ? sys_vfork+0x30/0x30 [ 109.093646] do_syscall_64+0x29e/0x9d0 [ 109.097514] ? vmalloc_sync_all+0x30/0x30 [ 109.101651] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 109.106390] ? syscall_return_slowpath+0x5c0/0x5c0 [ 109.111299] ? syscall_return_slowpath+0x30f/0x5c0 [ 109.116215] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 109.121578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 109.126405] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 109.131662] RIP: 0033:0x442639 [ 109.134832] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 109.142519] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000442639 [ 109.149769] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 109.157031] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000400000000 [ 109.164282] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 109.171534] R13: 0000000000000000 R14: 0000000000001380 R15: 00007ffd890f8278 [ 109.178803] CPU: 0 PID: 4532 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 109.185846] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.191051] FAULT_INJECTION: forcing a failure. [ 109.191051] name failslab, interval 1, probability 0, space 0, times 0 [ 109.195198] Call Trace: [ 109.195216] dump_stack+0x1b9/0x294 [ 109.195227] ? dump_stack_print_info.cold.2+0x52/0x52 [ 109.195245] ? __save_stack_trace+0x7e/0xd0 [ 109.222074] should_fail.cold.4+0xa/0x1a [ 109.226121] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 109.231216] ? save_stack+0x43/0xd0 [ 109.234824] ? kasan_kmalloc+0xc4/0xe0 [ 109.238691] ? kmem_cache_alloc_trace+0x152/0x780 [ 109.243516] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 109.248695] ? __list_lru_init+0x456/0x790 [ 109.252912] ? sget_userns+0x706/0xf20 [ 109.256802] ? graph_lock+0x170/0x170 [ 109.260606] ? kern_mount_data+0x50/0xc0 [ 109.264673] ? pid_ns_prepare_proc+0x1e/0x90 [ 109.269082] ? alloc_pid+0x8cf/0xa50 [ 109.272790] ? copy_process.part.38+0x36bf/0x6ee0 [ 109.277610] ? _do_fork+0x291/0x12a0 [ 109.281321] ? SyS_clone+0x37/0x50 [ 109.284843] ? find_held_lock+0x36/0x1c0 [ 109.288884] ? __lock_is_held+0xb5/0x140 [ 109.292935] ? check_same_owner+0x320/0x320 [ 109.297239] ? rcu_note_context_switch+0x710/0x710 [ 109.302155] __should_failslab+0x124/0x180 [ 109.306377] should_failslab+0x9/0x14 [ 109.310162] kmem_cache_alloc_trace+0x2cb/0x780 [ 109.314812] ? __kmalloc_node+0x33/0x70 [ 109.318767] ? __kmalloc_node+0x33/0x70 [ 109.322734] ? rcu_read_lock_sched_held+0x108/0x120 [ 109.327738] __memcg_init_list_lru_node+0x17d/0x2c0 [ 109.332737] ? kvfree_rcu+0x20/0x20 [ 109.336349] ? __kmalloc_node+0x47/0x70 [ 109.340309] __list_lru_init+0x456/0x790 [ 109.344871] ? list_lru_destroy+0x4c0/0x4c0 [ 109.349173] ? mark_held_locks+0xc9/0x160 [ 109.353303] ? __raw_spin_lock_init+0x1c/0x100 [ 109.358047] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 109.363055] ? lockdep_init_map+0x9/0x10 [ 109.367096] sget_userns+0x706/0xf20 [ 109.370787] ? set_anon_super+0x20/0x20 [ 109.374743] ? get_empty_filp.cold.7+0x3e/0x3e [ 109.379317] ? destroy_unused_super.part.9+0x100/0x100 [ 109.384579] ? __alloc_pages_slowpath+0x2dc0/0x2dc0 [ 109.389592] ? save_stack+0x43/0xd0 [ 109.393201] ? kasan_kmalloc+0xc4/0xe0 [ 109.397068] ? kasan_slab_alloc+0x12/0x20 [ 109.401195] ? kmem_cache_alloc+0x12e/0x760 [ 109.405509] ? copy_process.part.38+0x36bf/0x6ee0 [ 109.410338] ? graph_lock+0x170/0x170 [ 109.414132] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 109.419653] mount_ns+0x8f/0x1d0 [ 109.423027] ? proc_get_inode+0x670/0x670 [ 109.427157] proc_mount+0x73/0xa0 [ 109.430591] mount_fs+0xae/0x328 [ 109.433942] vfs_kern_mount.part.34+0xd4/0x4d0 [ 109.438514] ? may_umount+0xb0/0xb0 [ 109.442131] ? kasan_check_read+0x11/0x20 [ 109.446261] ? do_raw_spin_unlock+0x9e/0x2e0 [ 109.450650] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 109.455232] ? idr_alloc+0x1a0/0x1a0 [ 109.458928] kern_mount_data+0x50/0xc0 [ 109.462809] pid_ns_prepare_proc+0x1e/0x90 [ 109.467024] alloc_pid+0x8cf/0xa50 [ 109.470559] ? __change_pid+0x410/0x410 [ 109.474526] ? ns_capable_common+0x13f/0x170 [ 109.478929] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 109.484554] ? memset+0x31/0x40 [ 109.487848] ? copy_thread_tls+0x265/0x800 [ 109.492089] copy_process.part.38+0x36bf/0x6ee0 [ 109.496764] ? __lock_acquire+0x7f5/0x5130 [ 109.500997] ? __lock_acquire+0x7f5/0x5130 [ 109.505238] ? __cleanup_sighand+0x70/0x70 [ 109.509469] ? debug_check_no_locks_freed+0x310/0x310 [ 109.514651] ? print_usage_bug+0xc0/0xc0 [ 109.518712] ? print_usage_bug+0xc0/0xc0 [ 109.522777] ? kasan_check_read+0x11/0x20 [ 109.526920] ? __lock_acquire+0x7f5/0x5130 [ 109.531150] ? print_usage_bug+0xc0/0xc0 [ 109.535216] ? debug_check_no_locks_freed+0x310/0x310 [ 109.540405] ? __lock_acquire+0x7f5/0x5130 [ 109.544636] ? lock_downgrade+0x8e0/0x8e0 [ 109.548799] ? print_usage_bug+0xc0/0xc0 [ 109.552856] ? graph_lock+0x170/0x170 [ 109.556660] ? graph_lock+0x170/0x170 [ 109.560456] ? __lock_acquire+0x7f5/0x5130 [ 109.564686] ? find_held_lock+0x36/0x1c0 [ 109.568746] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 109.574276] ? _parse_integer+0x13b/0x190 [ 109.578428] ? graph_lock+0x170/0x170 [ 109.582226] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 109.587754] ? _kstrtoull+0x180/0x230 [ 109.591550] ? _parse_integer+0x190/0x190 [ 109.595690] ? graph_lock+0x170/0x170 [ 109.599486] ? lock_release+0xa10/0xa10 [ 109.603455] ? check_same_owner+0x320/0x320 [ 109.607773] ? find_held_lock+0x36/0x1c0 [ 109.611834] ? lock_downgrade+0x8e0/0x8e0 [ 109.615980] ? kasan_check_read+0x11/0x20 [ 109.620121] ? rcu_is_watching+0x85/0x140 [ 109.624347] ? pid_task+0x10e/0x1e0 [ 109.627967] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 109.633153] ? save_stack+0xa9/0xd0 [ 109.636776] ? graph_lock+0x170/0x170 [ 109.640576] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 109.646122] ? proc_fail_nth_write+0x96/0x1f0 [ 109.650611] ? proc_cwd_link+0x1d0/0x1d0 [ 109.654666] ? kasan_check_read+0x11/0x20 [ 109.658811] ? do_raw_spin_unlock+0x9e/0x2e0 [ 109.663213] ? find_held_lock+0x36/0x1c0 [ 109.667270] _do_fork+0x291/0x12a0 [ 109.670809] ? fork_idle+0x1a0/0x1a0 [ 109.674517] ? __lock_is_held+0xb5/0x140 [ 109.678586] ? __sb_end_write+0xac/0xe0 [ 109.682555] ? vfs_write+0x2a8/0x560 [ 109.686269] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 109.691800] ? ksys_write+0x1a6/0x250 [ 109.695598] ? SyS_read+0x30/0x30 [ 109.699048] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 109.703887] SyS_clone+0x37/0x50 [ 109.707244] ? sys_vfork+0x30/0x30 [ 109.710779] do_syscall_64+0x29e/0x9d0 [ 109.715791] ? vmalloc_sync_all+0x30/0x30 [ 109.719935] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 109.724690] ? syscall_return_slowpath+0x5c0/0x5c0 [ 109.729615] ? syscall_return_slowpath+0x30f/0x5c0 [ 109.734547] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 109.739908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 109.744755] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 109.749936] RIP: 0033:0x442639 [ 109.753113] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 109.760817] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 109.768077] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 109.775340] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 109.782615] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 109.789876] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 109.797163] CPU: 1 PID: 4541 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 109.804190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 109.813548] Call Trace: [ 109.816146] dump_stack+0x1b9/0x294 [ 109.817962] FAULT_INJECTION: forcing a failure. [ 109.817962] name failslab, interval 1, probability 0, space 0, times 0 [ 109.819874] ? dump_stack_print_info.cold.2+0x52/0x52 [ 109.819894] ? __save_stack_trace+0x7e/0xd0 [ 109.819917] should_fail.cold.4+0xa/0x1a [ 109.844603] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 109.849700] ? save_stack+0x43/0xd0 [ 109.853315] ? kasan_kmalloc+0xc4/0xe0 [ 109.857193] ? kmem_cache_alloc_trace+0x152/0x780 [ 109.862030] ? __memcg_init_list_lru_node+0x17d/0x2c0 [ 109.867214] ? __list_lru_init+0x456/0x790 [ 109.871460] ? sget_userns+0x6d9/0xf20 [ 109.875343] ? graph_lock+0x170/0x170 [ 109.879137] ? kern_mount_data+0x50/0xc0 [ 109.883190] ? pid_ns_prepare_proc+0x1e/0x90 [ 109.887586] ? alloc_pid+0x8cf/0xa50 [ 109.891294] ? copy_process.part.38+0x36bf/0x6ee0 [ 109.896189] ? _do_fork+0x291/0x12a0 [ 109.899893] ? SyS_clone+0x37/0x50 [ 109.903429] ? find_held_lock+0x36/0x1c0 [ 109.907485] ? __lock_is_held+0xb5/0x140 [ 109.911554] ? check_same_owner+0x320/0x320 [ 109.915871] ? rcu_note_context_switch+0x710/0x710 [ 109.920805] __should_failslab+0x124/0x180 [ 109.925035] should_failslab+0x9/0x14 [ 109.928827] kmem_cache_alloc_trace+0x2cb/0x780 [ 109.933488] ? __kmalloc_node+0x33/0x70 [ 109.937451] ? __kmalloc_node+0x33/0x70 [ 109.941420] ? rcu_read_lock_sched_held+0x108/0x120 [ 109.946442] __memcg_init_list_lru_node+0x17d/0x2c0 [ 109.951455] ? kvfree_rcu+0x20/0x20 [ 109.955075] ? __kmalloc_node+0x47/0x70 [ 109.959048] __list_lru_init+0x456/0x790 [ 109.963105] ? list_lru_destroy+0x4c0/0x4c0 [ 109.967421] ? mark_held_locks+0xc9/0x160 [ 109.971563] ? __raw_spin_lock_init+0x1c/0x100 [ 109.976139] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 109.981146] ? __lockdep_init_map+0x105/0x590 [ 109.985901] ? lockdep_init_map+0x9/0x10 [ 109.989958] sget_userns+0x6d9/0xf20 [ 109.993661] ? set_anon_super+0x20/0x20 [ 109.997631] ? get_empty_filp.cold.7+0x3e/0x3e [ 110.002206] ? destroy_unused_super.part.9+0x100/0x100 [ 110.007487] ? __alloc_pages_slowpath+0x2dc0/0x2dc0 [ 110.012501] ? save_stack+0x43/0xd0 [ 110.016117] ? kasan_kmalloc+0xc4/0xe0 [ 110.019995] ? kasan_slab_alloc+0x12/0x20 [ 110.024133] ? kmem_cache_alloc+0x12e/0x760 [ 110.028450] ? copy_process.part.38+0x36bf/0x6ee0 [ 110.033290] ? graph_lock+0x170/0x170 [ 110.037088] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 110.042625] mount_ns+0x8f/0x1d0 [ 110.045985] ? proc_get_inode+0x670/0x670 [ 110.050138] proc_mount+0x73/0xa0 [ 110.053590] mount_fs+0xae/0x328 [ 110.056953] vfs_kern_mount.part.34+0xd4/0x4d0 [ 110.061532] ? may_umount+0xb0/0xb0 [ 110.065152] ? kasan_check_read+0x11/0x20 [ 110.069296] ? do_raw_spin_unlock+0x9e/0x2e0 [ 110.073697] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 110.078272] ? idr_alloc+0x1a0/0x1a0 [ 110.081981] kern_mount_data+0x50/0xc0 [ 110.085864] pid_ns_prepare_proc+0x1e/0x90 [ 110.090111] alloc_pid+0x8cf/0xa50 [ 110.093647] ? __change_pid+0x410/0x410 [ 110.097613] ? ns_capable_common+0x13f/0x170 [ 110.102021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 110.107553] ? memset+0x31/0x40 [ 110.110826] ? copy_thread_tls+0x265/0x800 [ 110.115057] copy_process.part.38+0x36bf/0x6ee0 [ 110.119719] ? __lock_acquire+0x7f5/0x5130 [ 110.123948] ? __lock_acquire+0x7f5/0x5130 [ 110.128185] ? __cleanup_sighand+0x70/0x70 [ 110.132412] ? debug_check_no_locks_freed+0x310/0x310 [ 110.137595] ? print_usage_bug+0xc0/0xc0 [ 110.141653] ? print_usage_bug+0xc0/0xc0 [ 110.145719] ? kasan_check_read+0x11/0x20 [ 110.149861] ? __lock_acquire+0x7f5/0x5130 [ 110.154093] ? print_usage_bug+0xc0/0xc0 [ 110.158157] ? debug_check_no_locks_freed+0x310/0x310 [ 110.163357] ? __lock_acquire+0x7f5/0x5130 [ 110.167586] ? lock_downgrade+0x8e0/0x8e0 [ 110.171738] ? print_usage_bug+0xc0/0xc0 [ 110.175823] ? graph_lock+0x170/0x170 [ 110.179623] ? graph_lock+0x170/0x170 [ 110.183418] ? __lock_acquire+0x7f5/0x5130 [ 110.187646] ? find_held_lock+0x36/0x1c0 [ 110.191700] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 110.197231] ? _parse_integer+0x13b/0x190 [ 110.201374] ? graph_lock+0x170/0x170 [ 110.205167] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 110.210696] ? _kstrtoull+0x180/0x230 [ 110.214489] ? _parse_integer+0x190/0x190 [ 110.218630] ? graph_lock+0x170/0x170 [ 110.222420] ? lock_release+0xa10/0xa10 [ 110.226388] ? check_same_owner+0x320/0x320 [ 110.230704] ? find_held_lock+0x36/0x1c0 [ 110.234779] ? lock_downgrade+0x8e0/0x8e0 [ 110.238923] ? kasan_check_read+0x11/0x20 [ 110.243062] ? rcu_is_watching+0x85/0x140 [ 110.247203] ? pid_task+0x10e/0x1e0 [ 110.250822] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 110.256006] ? save_stack+0xa9/0xd0 [ 110.259628] ? graph_lock+0x170/0x170 [ 110.263428] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 110.268959] ? proc_fail_nth_write+0x96/0x1f0 [ 110.273445] ? proc_cwd_link+0x1d0/0x1d0 [ 110.277495] ? kasan_check_read+0x11/0x20 [ 110.281635] ? do_raw_spin_unlock+0x9e/0x2e0 [ 110.286035] ? find_held_lock+0x36/0x1c0 [ 110.290094] _do_fork+0x291/0x12a0 [ 110.293628] ? fork_idle+0x1a0/0x1a0 [ 110.297336] ? __lock_is_held+0xb5/0x140 [ 110.301398] ? __sb_end_write+0xac/0xe0 [ 110.305366] ? vfs_write+0x2a8/0x560 [ 110.309078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 110.314609] ? ksys_write+0x1a6/0x250 [ 110.318403] ? SyS_read+0x30/0x30 [ 110.321851] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 110.326694] SyS_clone+0x37/0x50 [ 110.330050] ? sys_vfork+0x30/0x30 [ 110.333585] do_syscall_64+0x29e/0x9d0 [ 110.337464] ? vmalloc_sync_all+0x30/0x30 [ 110.341605] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 110.346354] ? syscall_return_slowpath+0x5c0/0x5c0 [ 110.351279] ? syscall_return_slowpath+0x30f/0x5c0 [ 110.356209] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 110.361568] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 110.366414] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 110.371593] RIP: 0033:0x442639 [ 110.374776] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 110.382476] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 110.389736] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 110.396993] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 110.404256] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 110.411514] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 110.418810] CPU: 0 PID: 4543 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 110.425842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.426688] FAULT_INJECTION: forcing a failure. [ 110.426688] name failslab, interval 1, probability 0, space 0, times 0 [ 110.435194] Call Trace: [ 110.435215] dump_stack+0x1b9/0x294 [ 110.435232] ? dump_stack_print_info.cold.2+0x52/0x52 [ 110.435253] ? debug_check_no_locks_freed+0x310/0x310 [ 110.462932] should_fail.cold.4+0xa/0x1a [ 110.466992] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 110.472198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 110.477730] ? graph_lock+0x170/0x170 [ 110.481523] ? graph_lock+0x170/0x170 [ 110.485315] ? ida_get_new_above+0x490/0xa10 [ 110.489715] ? find_held_lock+0x36/0x1c0 [ 110.493773] ? __lock_is_held+0xb5/0x140 [ 110.497834] ? check_same_owner+0x320/0x320 [ 110.502144] ? lock_downgrade+0x8e0/0x8e0 [ 110.506283] ? __raw_spin_lock_init+0x1c/0x100 [ 110.510863] ? rcu_note_context_switch+0x710/0x710 [ 110.515784] ? find_held_lock+0x36/0x1c0 [ 110.519853] __should_failslab+0x124/0x180 [ 110.524082] should_failslab+0x9/0x14 [ 110.527872] __kmalloc+0x2c8/0x760 [ 110.531402] ? lock_downgrade+0x8e0/0x8e0 [ 110.535544] ? register_shrinker+0x121/0x300 [ 110.539948] register_shrinker+0x121/0x300 [ 110.544175] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 110.548751] ? shrink_slab+0xc0/0xc0 [ 110.552458] ? memcpy+0x45/0x50 [ 110.555735] sget_userns+0xc78/0xf20 [ 110.559439] ? set_anon_super+0x20/0x20 [ 110.563420] ? get_empty_filp.cold.7+0x3e/0x3e [ 110.567998] ? destroy_unused_super.part.9+0x100/0x100 [ 110.573272] ? __alloc_pages_slowpath+0x2dc0/0x2dc0 [ 110.578283] ? save_stack+0x43/0xd0 [ 110.581902] ? kasan_kmalloc+0xc4/0xe0 [ 110.585778] ? kasan_slab_alloc+0x12/0x20 [ 110.589916] ? kmem_cache_alloc+0x12e/0x760 [ 110.594229] ? copy_process.part.38+0x36bf/0x6ee0 [ 110.599074] ? graph_lock+0x170/0x170 [ 110.602873] mount_ns+0x8f/0x1d0 [ 110.606234] ? proc_get_inode+0x670/0x670 [ 110.610381] proc_mount+0x73/0xa0 [ 110.613827] mount_fs+0xae/0x328 [ 110.617194] vfs_kern_mount.part.34+0xd4/0x4d0 [ 110.621768] ? may_umount+0xb0/0xb0 [ 110.625388] ? kasan_check_read+0x11/0x20 [ 110.629528] ? do_raw_spin_unlock+0x9e/0x2e0 [ 110.633927] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 110.638516] ? idr_alloc+0x1a0/0x1a0 [ 110.642226] kern_mount_data+0x50/0xc0 [ 110.646109] pid_ns_prepare_proc+0x1e/0x90 [ 110.650336] alloc_pid+0x8cf/0xa50 [ 110.653876] ? __change_pid+0x410/0x410 [ 110.657844] ? ns_capable_common+0x13f/0x170 [ 110.662249] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 110.667781] ? memset+0x31/0x40 [ 110.671058] ? copy_thread_tls+0x265/0x800 [ 110.675288] copy_process.part.38+0x36bf/0x6ee0 [ 110.679953] ? __lock_acquire+0x7f5/0x5130 [ 110.684181] ? __lock_acquire+0x7f5/0x5130 [ 110.688416] ? __cleanup_sighand+0x70/0x70 [ 110.692643] ? debug_check_no_locks_freed+0x310/0x310 [ 110.697913] ? print_usage_bug+0xc0/0xc0 [ 110.701966] ? print_usage_bug+0xc0/0xc0 [ 110.706028] ? kasan_check_read+0x11/0x20 [ 110.710170] ? __lock_acquire+0x7f5/0x5130 [ 110.714402] ? print_usage_bug+0xc0/0xc0 [ 110.718466] ? debug_check_no_locks_freed+0x310/0x310 [ 110.723651] ? __lock_acquire+0x7f5/0x5130 [ 110.727880] ? lock_downgrade+0x8e0/0x8e0 [ 110.732037] ? print_usage_bug+0xc0/0xc0 [ 110.736095] ? graph_lock+0x170/0x170 [ 110.739895] ? graph_lock+0x170/0x170 [ 110.743692] ? __lock_acquire+0x7f5/0x5130 [ 110.747939] ? find_held_lock+0x36/0x1c0 [ 110.751997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 110.757529] ? _parse_integer+0x13b/0x190 [ 110.761672] ? graph_lock+0x170/0x170 [ 110.765467] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 110.770996] ? _kstrtoull+0x180/0x230 [ 110.774792] ? _parse_integer+0x190/0x190 [ 110.778935] ? graph_lock+0x170/0x170 [ 110.782730] ? lock_release+0xa10/0xa10 [ 110.786700] ? check_same_owner+0x320/0x320 [ 110.791027] ? find_held_lock+0x36/0x1c0 [ 110.795088] ? lock_downgrade+0x8e0/0x8e0 [ 110.799233] ? kasan_check_read+0x11/0x20 [ 110.803375] ? rcu_is_watching+0x85/0x140 [ 110.807515] ? pid_task+0x10e/0x1e0 [ 110.811132] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 110.816315] ? save_stack+0xa9/0xd0 [ 110.819941] ? graph_lock+0x170/0x170 [ 110.823739] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 110.829268] ? proc_fail_nth_write+0x96/0x1f0 [ 110.833755] ? proc_cwd_link+0x1d0/0x1d0 [ 110.837810] ? kasan_check_read+0x11/0x20 [ 110.841948] ? do_raw_spin_unlock+0x9e/0x2e0 [ 110.846354] ? find_held_lock+0x36/0x1c0 [ 110.850413] _do_fork+0x291/0x12a0 [ 110.853951] ? fork_idle+0x1a0/0x1a0 [ 110.857657] ? __lock_is_held+0xb5/0x140 [ 110.861722] ? __sb_end_write+0xac/0xe0 [ 110.865692] ? vfs_write+0x2a8/0x560 [ 110.869403] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 110.874943] ? ksys_write+0x1a6/0x250 [ 110.878738] ? SyS_read+0x30/0x30 [ 110.882194] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 110.887048] SyS_clone+0x37/0x50 [ 110.890410] ? sys_vfork+0x30/0x30 [ 110.893942] do_syscall_64+0x29e/0x9d0 [ 110.897822] ? vmalloc_sync_all+0x30/0x30 [ 110.901960] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 110.906713] ? syscall_return_slowpath+0x5c0/0x5c0 [ 110.911638] ? syscall_return_slowpath+0x30f/0x5c0 [ 110.916564] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 110.921923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 110.926763] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 110.931945] RIP: 0033:0x442639 [ 110.935122] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 110.942824] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 110.950195] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 110.957454] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 110.964713] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 110.971973] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 110.979254] CPU: 1 PID: 4544 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 110.986280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 110.989935] FAULT_INJECTION: forcing a failure. [ 110.989935] name failslab, interval 1, probability 0, space 0, times 0 [ 110.995630] Call Trace: [ 110.995650] dump_stack+0x1b9/0x294 [ 110.995667] ? dump_stack_print_info.cold.2+0x52/0x52 [ 110.995691] should_fail.cold.4+0xa/0x1a [ 111.022236] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 111.027336] ? check_same_owner+0x320/0x320 [ 111.031655] ? rcu_note_context_switch+0x710/0x710 [ 111.036579] ? graph_lock+0x170/0x170 [ 111.040375] ? __might_sleep+0x95/0x190 [ 111.044346] ? find_held_lock+0x36/0x1c0 [ 111.048402] ? __lock_is_held+0xb5/0x140 [ 111.052467] ? check_same_owner+0x320/0x320 [ 111.056783] ? rcu_note_context_switch+0x710/0x710 [ 111.061708] ? sget_userns+0x96e/0xf20 [ 111.065594] ? set_anon_super+0x20/0x20 [ 111.069567] __should_failslab+0x124/0x180 [ 111.073796] should_failslab+0x9/0x14 [ 111.077590] kmem_cache_alloc+0x2af/0x760 [ 111.081735] ? proc_parse_options+0x2e9/0x3b0 [ 111.086224] ? proc_i_callback+0x30/0x30 [ 111.090280] proc_alloc_inode+0x1b/0x190 [ 111.094332] alloc_inode+0x63/0x190 [ 111.097953] new_inode_pseudo+0x69/0x1a0 [ 111.102004] ? prune_icache_sb+0x1a0/0x1a0 [ 111.106264] proc_get_inode+0x1e/0x670 [ 111.110148] proc_fill_super+0x1fb/0x2f5 [ 111.114203] mount_ns+0x12a/0x1d0 [ 111.117648] ? proc_get_inode+0x670/0x670 [ 111.121795] proc_mount+0x73/0xa0 [ 111.125248] mount_fs+0xae/0x328 [ 111.128615] vfs_kern_mount.part.34+0xd4/0x4d0 [ 111.133192] ? may_umount+0xb0/0xb0 [ 111.136811] ? kasan_check_read+0x11/0x20 [ 111.140956] ? do_raw_spin_unlock+0x9e/0x2e0 [ 111.145362] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 111.150026] ? idr_alloc+0x1a0/0x1a0 [ 111.153737] kern_mount_data+0x50/0xc0 [ 111.157623] pid_ns_prepare_proc+0x1e/0x90 [ 111.161853] alloc_pid+0x8cf/0xa50 [ 111.165389] ? __change_pid+0x410/0x410 [ 111.169355] ? ns_capable_common+0x13f/0x170 [ 111.173762] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 111.179297] ? memset+0x31/0x40 [ 111.182576] ? copy_thread_tls+0x265/0x800 [ 111.186812] copy_process.part.38+0x36bf/0x6ee0 [ 111.191491] ? __lock_acquire+0x7f5/0x5130 [ 111.195738] ? __lock_acquire+0x7f5/0x5130 [ 111.199979] ? __cleanup_sighand+0x70/0x70 [ 111.204209] ? debug_check_no_locks_freed+0x310/0x310 [ 111.209392] ? print_usage_bug+0xc0/0xc0 [ 111.213447] ? print_usage_bug+0xc0/0xc0 [ 111.217512] ? kasan_check_read+0x11/0x20 [ 111.221657] ? __lock_acquire+0x7f5/0x5130 [ 111.225887] ? print_usage_bug+0xc0/0xc0 [ 111.229953] ? debug_check_no_locks_freed+0x310/0x310 [ 111.235140] ? __lock_acquire+0x7f5/0x5130 [ 111.239368] ? lock_downgrade+0x8e0/0x8e0 [ 111.243520] ? print_usage_bug+0xc0/0xc0 [ 111.247575] ? graph_lock+0x170/0x170 [ 111.251378] ? graph_lock+0x170/0x170 [ 111.255172] ? __lock_acquire+0x7f5/0x5130 [ 111.259398] ? find_held_lock+0x36/0x1c0 [ 111.263453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.268982] ? _parse_integer+0x13b/0x190 [ 111.273123] ? graph_lock+0x170/0x170 [ 111.276916] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 111.282444] ? _kstrtoull+0x180/0x230 [ 111.286236] ? _parse_integer+0x190/0x190 [ 111.290379] ? graph_lock+0x170/0x170 [ 111.294170] ? lock_release+0xa10/0xa10 [ 111.298133] ? check_same_owner+0x320/0x320 [ 111.302444] ? find_held_lock+0x36/0x1c0 [ 111.306504] ? lock_downgrade+0x8e0/0x8e0 [ 111.310648] ? kasan_check_read+0x11/0x20 [ 111.314786] ? rcu_is_watching+0x85/0x140 [ 111.318929] ? pid_task+0x10e/0x1e0 [ 111.322548] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 111.327732] ? save_stack+0xa9/0xd0 [ 111.331356] ? graph_lock+0x170/0x170 [ 111.335174] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 111.340712] ? proc_fail_nth_write+0x96/0x1f0 [ 111.345201] ? proc_cwd_link+0x1d0/0x1d0 [ 111.349258] ? kasan_check_read+0x11/0x20 [ 111.353399] ? do_raw_spin_unlock+0x9e/0x2e0 [ 111.357802] ? find_held_lock+0x36/0x1c0 [ 111.361863] _do_fork+0x291/0x12a0 [ 111.365403] ? fork_idle+0x1a0/0x1a0 [ 111.369110] ? __lock_is_held+0xb5/0x140 [ 111.373175] ? __sb_end_write+0xac/0xe0 [ 111.377142] ? vfs_write+0x2a8/0x560 [ 111.380855] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.386383] ? ksys_write+0x1a6/0x250 [ 111.390177] ? SyS_read+0x30/0x30 [ 111.393625] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 111.398463] SyS_clone+0x37/0x50 [ 111.401821] ? sys_vfork+0x30/0x30 [ 111.405354] do_syscall_64+0x29e/0x9d0 [ 111.409233] ? vmalloc_sync_all+0x30/0x30 [ 111.413385] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 111.418139] ? syscall_return_slowpath+0x5c0/0x5c0 [ 111.423064] ? syscall_return_slowpath+0x30f/0x5c0 [ 111.427993] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 111.433353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 111.438195] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 111.443374] RIP: 0033:0x442639 [ 111.446551] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 111.454252] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 111.461513] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 111.468774] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 111.476057] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 111.483317] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 111.490599] CPU: 0 PID: 4547 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 111.490873] proc_fill_super: get root inode failed [ 111.497608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 111.497613] Call Trace: [ 111.497633] dump_stack+0x1b9/0x294 [ 111.497655] ? dump_stack_print_info.cold.2+0x52/0x52 [ 111.516366] FAULT_INJECTION: forcing a failure. [ 111.516366] name failslab, interval 1, probability 0, space 0, times 0 [ 111.518117] should_fail.cold.4+0xa/0x1a [ 111.518136] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 111.518155] ? check_same_owner+0x320/0x320 [ 111.547934] ? rcu_note_context_switch+0x710/0x710 [ 111.552858] ? graph_lock+0x170/0x170 [ 111.556652] ? __might_sleep+0x95/0x190 [ 111.560622] ? find_held_lock+0x36/0x1c0 [ 111.564679] ? __lock_is_held+0xb5/0x140 [ 111.568741] ? check_same_owner+0x320/0x320 [ 111.573060] ? rcu_note_context_switch+0x710/0x710 [ 111.577983] ? sget_userns+0x96e/0xf20 [ 111.581860] ? set_anon_super+0x20/0x20 [ 111.585843] __should_failslab+0x124/0x180 [ 111.590073] should_failslab+0x9/0x14 [ 111.593866] kmem_cache_alloc+0x2af/0x760 [ 111.598010] ? proc_parse_options+0x2e9/0x3b0 [ 111.602500] ? proc_i_callback+0x30/0x30 [ 111.606555] proc_alloc_inode+0x1b/0x190 [ 111.610611] alloc_inode+0x63/0x190 [ 111.614233] new_inode_pseudo+0x69/0x1a0 [ 111.618288] ? prune_icache_sb+0x1a0/0x1a0 [ 111.622529] proc_get_inode+0x1e/0x670 [ 111.626412] proc_fill_super+0x1fb/0x2f5 [ 111.630469] mount_ns+0x12a/0x1d0 [ 111.633915] ? proc_get_inode+0x670/0x670 [ 111.638061] proc_mount+0x73/0xa0 [ 111.641507] mount_fs+0xae/0x328 [ 111.644870] vfs_kern_mount.part.34+0xd4/0x4d0 [ 111.649448] ? may_umount+0xb0/0xb0 [ 111.653066] ? kasan_check_read+0x11/0x20 [ 111.657209] ? do_raw_spin_unlock+0x9e/0x2e0 [ 111.661623] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 111.666200] ? idr_alloc+0x1a0/0x1a0 [ 111.669907] kern_mount_data+0x50/0xc0 [ 111.673791] pid_ns_prepare_proc+0x1e/0x90 [ 111.678025] alloc_pid+0x8cf/0xa50 [ 111.681565] ? __change_pid+0x410/0x410 [ 111.685531] ? ns_capable_common+0x13f/0x170 [ 111.689934] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 111.695463] ? memset+0x31/0x40 [ 111.698737] ? copy_thread_tls+0x265/0x800 [ 111.702972] copy_process.part.38+0x36bf/0x6ee0 [ 111.707636] ? __lock_acquire+0x7f5/0x5130 [ 111.711870] ? __lock_acquire+0x7f5/0x5130 [ 111.716108] ? __cleanup_sighand+0x70/0x70 [ 111.720335] ? debug_check_no_locks_freed+0x310/0x310 [ 111.725519] ? print_usage_bug+0xc0/0xc0 [ 111.729574] ? print_usage_bug+0xc0/0xc0 [ 111.733634] ? kasan_check_read+0x11/0x20 [ 111.737777] ? __lock_acquire+0x7f5/0x5130 [ 111.742006] ? print_usage_bug+0xc0/0xc0 [ 111.746074] ? debug_check_no_locks_freed+0x310/0x310 [ 111.751262] ? __lock_acquire+0x7f5/0x5130 [ 111.755492] ? lock_downgrade+0x8e0/0x8e0 [ 111.759645] ? print_usage_bug+0xc0/0xc0 [ 111.763699] ? graph_lock+0x170/0x170 [ 111.767503] ? graph_lock+0x170/0x170 [ 111.771304] ? __lock_acquire+0x7f5/0x5130 [ 111.775532] ? find_held_lock+0x36/0x1c0 [ 111.779605] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.785137] ? _parse_integer+0x13b/0x190 [ 111.789281] ? graph_lock+0x170/0x170 [ 111.793081] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 111.798613] ? _kstrtoull+0x180/0x230 [ 111.802408] ? _parse_integer+0x190/0x190 [ 111.806549] ? graph_lock+0x170/0x170 [ 111.810345] ? lock_release+0xa10/0xa10 [ 111.814315] ? check_same_owner+0x320/0x320 [ 111.818639] ? find_held_lock+0x36/0x1c0 [ 111.822701] ? lock_downgrade+0x8e0/0x8e0 [ 111.826846] ? kasan_check_read+0x11/0x20 [ 111.830988] ? rcu_is_watching+0x85/0x140 [ 111.835213] ? pid_task+0x10e/0x1e0 [ 111.838835] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 111.844018] ? save_stack+0xa9/0xd0 [ 111.847641] ? graph_lock+0x170/0x170 [ 111.851436] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 111.856966] ? proc_fail_nth_write+0x96/0x1f0 [ 111.861453] ? proc_cwd_link+0x1d0/0x1d0 [ 111.865507] ? kasan_check_read+0x11/0x20 [ 111.869646] ? do_raw_spin_unlock+0x9e/0x2e0 [ 111.874048] ? find_held_lock+0x36/0x1c0 [ 111.878106] _do_fork+0x291/0x12a0 [ 111.881652] ? fork_idle+0x1a0/0x1a0 [ 111.885363] ? __lock_is_held+0xb5/0x140 [ 111.889429] ? __sb_end_write+0xac/0xe0 [ 111.893396] ? vfs_write+0x2a8/0x560 [ 111.897107] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 111.902635] ? ksys_write+0x1a6/0x250 [ 111.906432] ? SyS_read+0x30/0x30 [ 111.909885] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 111.914722] SyS_clone+0x37/0x50 [ 111.918080] ? sys_vfork+0x30/0x30 [ 111.921615] do_syscall_64+0x29e/0x9d0 [ 111.925494] ? vmalloc_sync_all+0x30/0x30 [ 111.929635] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 111.934471] ? syscall_return_slowpath+0x5c0/0x5c0 [ 111.939396] ? syscall_return_slowpath+0x30f/0x5c0 [ 111.944328] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 111.949691] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 111.954533] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 111.959714] RIP: 0033:0x442639 [ 111.962895] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 111.970597] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 111.977866] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 111.985133] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 111.992394] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 111.999656] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 112.006936] CPU: 1 PID: 4549 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 112.007048] proc_fill_super: get root inode failed [ 112.014046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.014052] Call Trace: [ 112.014072] dump_stack+0x1b9/0x294 [ 112.014089] ? dump_stack_print_info.cold.2+0x52/0x52 [ 112.027931] FAULT_INJECTION: forcing a failure. [ 112.027931] name failslab, interval 1, probability 0, space 0, times 0 [ 112.028351] should_fail.cold.4+0xa/0x1a [ 112.028367] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 112.028384] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 112.065195] ? graph_lock+0x170/0x170 [ 112.068989] ? kernel_text_address+0x79/0xf0 [ 112.073389] ? __unwind_start+0x166/0x330 [ 112.077532] ? find_held_lock+0x36/0x1c0 [ 112.081591] ? __lock_is_held+0xb5/0x140 [ 112.085656] ? check_same_owner+0x320/0x320 [ 112.089971] ? debug_check_no_locks_freed+0x310/0x310 [ 112.095153] ? kern_mount_data+0x50/0xc0 [ 112.099208] ? rcu_note_context_switch+0x710/0x710 [ 112.104127] ? _do_fork+0x291/0x12a0 [ 112.107837] ? do_syscall_64+0x29e/0x9d0 [ 112.111892] __should_failslab+0x124/0x180 [ 112.116120] should_failslab+0x9/0x14 [ 112.119910] kmem_cache_alloc+0x2af/0x760 [ 112.124049] ? print_usage_bug+0xc0/0xc0 [ 112.128102] ? graph_lock+0x170/0x170 [ 112.131890] ? __lock_is_held+0xb5/0x140 [ 112.136123] __d_alloc+0xc1/0xc00 [ 112.139575] ? shrink_dcache_for_umount+0x290/0x290 [ 112.144584] ? graph_lock+0x170/0x170 [ 112.148378] ? graph_lock+0x170/0x170 [ 112.152174] ? kasan_check_read+0x11/0x20 [ 112.156314] ? do_raw_spin_unlock+0x9e/0x2e0 [ 112.160714] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 112.165295] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.170822] ? hashlen_string+0x1ea/0x2f0 [ 112.174967] d_alloc+0x8e/0x370 [ 112.178240] ? check_same_owner+0x320/0x320 [ 112.182554] ? __d_alloc+0xc00/0xc00 [ 112.186268] d_alloc_name+0xb3/0x110 [ 112.189975] ? down_write+0x87/0x120 [ 112.193681] ? d_alloc+0x370/0x370 [ 112.197210] ? down_read+0x1b0/0x1b0 [ 112.200924] proc_setup_self+0xbe/0x375 [ 112.204895] proc_fill_super+0x24d/0x2f5 [ 112.208952] mount_ns+0x12a/0x1d0 [ 112.212397] ? proc_get_inode+0x670/0x670 [ 112.216539] proc_mount+0x73/0xa0 [ 112.219985] mount_fs+0xae/0x328 [ 112.223349] vfs_kern_mount.part.34+0xd4/0x4d0 [ 112.227925] ? may_umount+0xb0/0xb0 [ 112.231543] ? kasan_check_read+0x11/0x20 [ 112.235682] ? do_raw_spin_unlock+0x9e/0x2e0 [ 112.240091] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 112.244684] ? idr_alloc+0x1a0/0x1a0 [ 112.248391] kern_mount_data+0x50/0xc0 [ 112.252277] pid_ns_prepare_proc+0x1e/0x90 [ 112.256502] alloc_pid+0x8cf/0xa50 [ 112.260040] ? __change_pid+0x410/0x410 [ 112.264008] ? ns_capable_common+0x13f/0x170 [ 112.268412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.273945] ? memset+0x31/0x40 [ 112.277218] ? copy_thread_tls+0x265/0x800 [ 112.281451] copy_process.part.38+0x36bf/0x6ee0 [ 112.286112] ? __lock_acquire+0x7f5/0x5130 [ 112.290346] ? __lock_acquire+0x7f5/0x5130 [ 112.294581] ? __cleanup_sighand+0x70/0x70 [ 112.298808] ? debug_check_no_locks_freed+0x310/0x310 [ 112.303991] ? print_usage_bug+0xc0/0xc0 [ 112.308047] ? print_usage_bug+0xc0/0xc0 [ 112.312106] ? kasan_check_read+0x11/0x20 [ 112.316246] ? __lock_acquire+0x7f5/0x5130 [ 112.320476] ? print_usage_bug+0xc0/0xc0 [ 112.324540] ? debug_check_no_locks_freed+0x310/0x310 [ 112.329725] ? __lock_acquire+0x7f5/0x5130 [ 112.333953] ? lock_downgrade+0x8e0/0x8e0 [ 112.338106] ? print_usage_bug+0xc0/0xc0 [ 112.342161] ? graph_lock+0x170/0x170 [ 112.345972] ? graph_lock+0x170/0x170 [ 112.349772] ? __lock_acquire+0x7f5/0x5130 [ 112.354002] ? find_held_lock+0x36/0x1c0 [ 112.358059] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.363591] ? _parse_integer+0x13b/0x190 [ 112.367733] ? graph_lock+0x170/0x170 [ 112.371530] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 112.377058] ? _kstrtoull+0x180/0x230 [ 112.380851] ? _parse_integer+0x190/0x190 [ 112.384992] ? graph_lock+0x170/0x170 [ 112.388787] ? lock_release+0xa10/0xa10 [ 112.392753] ? check_same_owner+0x320/0x320 [ 112.397071] ? find_held_lock+0x36/0x1c0 [ 112.401131] ? lock_downgrade+0x8e0/0x8e0 [ 112.405274] ? kasan_check_read+0x11/0x20 [ 112.409502] ? rcu_is_watching+0x85/0x140 [ 112.413648] ? pid_task+0x10e/0x1e0 [ 112.417279] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 112.422473] ? save_stack+0xa9/0xd0 [ 112.426095] ? graph_lock+0x170/0x170 [ 112.429892] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 112.435426] ? proc_fail_nth_write+0x96/0x1f0 [ 112.439921] ? proc_cwd_link+0x1d0/0x1d0 [ 112.443979] ? kasan_check_read+0x11/0x20 [ 112.448123] ? do_raw_spin_unlock+0x9e/0x2e0 [ 112.452524] ? find_held_lock+0x36/0x1c0 [ 112.456584] _do_fork+0x291/0x12a0 [ 112.460122] ? fork_idle+0x1a0/0x1a0 [ 112.463829] ? __lock_is_held+0xb5/0x140 [ 112.467895] ? __sb_end_write+0xac/0xe0 [ 112.471864] ? vfs_write+0x2a8/0x560 [ 112.475577] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.481109] ? ksys_write+0x1a6/0x250 [ 112.484904] ? SyS_read+0x30/0x30 [ 112.488485] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 112.493325] SyS_clone+0x37/0x50 [ 112.496804] ? sys_vfork+0x30/0x30 [ 112.500337] do_syscall_64+0x29e/0x9d0 [ 112.504223] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 112.509173] ? syscall_return_slowpath+0x5c0/0x5c0 [ 112.514093] ? syscall_return_slowpath+0x30f/0x5c0 [ 112.519021] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 112.524382] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 112.529222] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 112.534401] RIP: 0033:0x442639 [ 112.537579] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 112.545281] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000442639 [ 112.552540] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 112.559799] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000400000000 [ 112.567059] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 112.574319] R13: 0000000000000000 R14: 0000000000001380 R15: 00007ffd890f8278 [ 112.581607] CPU: 0 PID: 4540 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 112.581860] proc_fill_super: can't allocate /proc/self [ 112.588624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 112.588629] Call Trace: [ 112.588647] dump_stack+0x1b9/0x294 [ 112.588668] ? dump_stack_print_info.cold.2+0x52/0x52 [ 112.609019] ================================================================== [ 112.609464] should_fail.cold.4+0xa/0x1a [ 112.609483] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 112.609500] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 112.614762] BUG: KASAN: use-after-free in alloc_pid+0x9e8/0xa50 [ 112.622097] ? graph_lock+0x170/0x170 [ 112.626131] Read of size 4 at addr ffff8801ad357898 by task syzkaller392486/4543 [ 112.631297] ? kernel_text_address+0x79/0xf0 [ 112.636366] [ 112.642410] ? __unwind_start+0x166/0x330 [ 112.664155] ? find_held_lock+0x36/0x1c0 [ 112.668212] ? __lock_is_held+0xb5/0x140 [ 112.672277] ? check_same_owner+0x320/0x320 [ 112.676589] ? debug_check_no_locks_freed+0x310/0x310 [ 112.681767] ? kern_mount_data+0x50/0xc0 [ 112.685819] ? rcu_note_context_switch+0x710/0x710 [ 112.690734] ? _do_fork+0x291/0x12a0 [ 112.694443] ? do_syscall_64+0x29e/0x9d0 [ 112.698499] __should_failslab+0x124/0x180 [ 112.702726] should_failslab+0x9/0x14 [ 112.706517] kmem_cache_alloc+0x2af/0x760 [ 112.710655] ? print_usage_bug+0xc0/0xc0 [ 112.714703] ? graph_lock+0x170/0x170 [ 112.718489] ? __lock_is_held+0xb5/0x140 [ 112.722545] __d_alloc+0xc1/0xc00 [ 112.725996] ? shrink_dcache_for_umount+0x290/0x290 [ 112.731009] ? graph_lock+0x170/0x170 [ 112.734818] ? graph_lock+0x170/0x170 [ 112.738608] ? kasan_check_read+0x11/0x20 [ 112.742745] ? do_raw_spin_unlock+0x9e/0x2e0 [ 112.747146] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 112.751723] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.757253] ? hashlen_string+0x1ea/0x2f0 [ 112.761399] d_alloc+0x8e/0x370 [ 112.764671] ? check_same_owner+0x320/0x320 [ 112.768984] ? __d_alloc+0xc00/0xc00 [ 112.772693] d_alloc_name+0xb3/0x110 [ 112.776397] ? down_write+0x87/0x120 [ 112.780102] ? d_alloc+0x370/0x370 [ 112.783635] ? down_read+0x1b0/0x1b0 [ 112.787431] proc_setup_self+0xbe/0x375 [ 112.791399] proc_fill_super+0x24d/0x2f5 [ 112.795452] mount_ns+0x12a/0x1d0 [ 112.798894] ? proc_get_inode+0x670/0x670 [ 112.803034] proc_mount+0x73/0xa0 [ 112.806480] mount_fs+0xae/0x328 [ 112.809840] vfs_kern_mount.part.34+0xd4/0x4d0 [ 112.814415] ? may_umount+0xb0/0xb0 [ 112.818031] ? kasan_check_read+0x11/0x20 [ 112.822167] ? do_raw_spin_unlock+0x9e/0x2e0 [ 112.826567] ? do_raw_spin_trylock+0x1b0/0x1b0 [ 112.831139] ? idr_alloc+0x1a0/0x1a0 [ 112.834853] kern_mount_data+0x50/0xc0 [ 112.838729] pid_ns_prepare_proc+0x1e/0x90 [ 112.842961] alloc_pid+0x8cf/0xa50 [ 112.846492] ? __change_pid+0x410/0x410 [ 112.850454] ? ns_capable_common+0x13f/0x170 [ 112.854855] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 112.860384] ? memset+0x31/0x40 [ 112.863654] ? copy_thread_tls+0x265/0x800 [ 112.867884] copy_process.part.38+0x36bf/0x6ee0 [ 112.872544] ? __lock_acquire+0x7f5/0x5130 [ 112.876773] ? __lock_acquire+0x7f5/0x5130 [ 112.881023] ? __cleanup_sighand+0x70/0x70 [ 112.885276] ? debug_check_no_locks_freed+0x310/0x310 [ 112.890460] ? print_usage_bug+0xc0/0xc0 [ 112.894511] ? print_usage_bug+0xc0/0xc0 [ 112.898566] ? kasan_check_read+0x11/0x20 [ 112.902705] ? __lock_acquire+0x7f5/0x5130 [ 112.906930] ? print_usage_bug+0xc0/0xc0 [ 112.910994] ? debug_check_no_locks_freed+0x310/0x310 [ 112.916175] ? __lock_acquire+0x7f5/0x5130 [ 112.920400] ? lock_downgrade+0x8e0/0x8e0 [ 112.924550] ? print_usage_bug+0xc0/0xc0 [ 112.928601] ? graph_lock+0x170/0x170 [ 112.932397] ? graph_lock+0x170/0x170 [ 112.936189] ? __lock_acquire+0x7f5/0x5130 [ 112.940414] ? find_held_lock+0x36/0x1c0 [ 112.944465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 112.949992] ? _parse_integer+0x13b/0x190 [ 112.954130] ? graph_lock+0x170/0x170 [ 112.957920] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 112.963445] ? _kstrtoull+0x180/0x230 [ 112.967239] ? _parse_integer+0x190/0x190 [ 112.971377] ? graph_lock+0x170/0x170 [ 112.975168] ? lock_release+0xa10/0xa10 [ 112.979136] ? check_same_owner+0x320/0x320 [ 112.983449] ? find_held_lock+0x36/0x1c0 [ 112.987508] ? lock_downgrade+0x8e0/0x8e0 [ 112.991650] ? kasan_check_read+0x11/0x20 [ 112.995787] ? rcu_is_watching+0x85/0x140 [ 112.999922] ? pid_task+0x10e/0x1e0 [ 113.003536] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 113.008716] ? save_stack+0xa9/0xd0 [ 113.012333] ? graph_lock+0x170/0x170 [ 113.016128] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 113.021660] ? proc_fail_nth_write+0x96/0x1f0 [ 113.026144] ? proc_cwd_link+0x1d0/0x1d0 [ 113.030192] ? kasan_check_read+0x11/0x20 [ 113.034335] ? do_raw_spin_unlock+0x9e/0x2e0 [ 113.038733] ? find_held_lock+0x36/0x1c0 [ 113.042785] _do_fork+0x291/0x12a0 [ 113.046340] ? fork_idle+0x1a0/0x1a0 [ 113.050047] ? __lock_is_held+0xb5/0x140 [ 113.054109] ? __sb_end_write+0xac/0xe0 [ 113.058075] ? vfs_write+0x2a8/0x560 [ 113.061783] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.067313] ? ksys_write+0x1a6/0x250 [ 113.071104] ? SyS_read+0x30/0x30 [ 113.074550] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 113.079385] SyS_clone+0x37/0x50 [ 113.082742] ? sys_vfork+0x30/0x30 [ 113.086278] do_syscall_64+0x29e/0x9d0 [ 113.090159] ? vmalloc_sync_all+0x30/0x30 [ 113.094300] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 113.099136] ? syscall_return_slowpath+0x5c0/0x5c0 [ 113.104056] ? syscall_return_slowpath+0x30f/0x5c0 [ 113.108982] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 113.114341] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 113.119180] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 113.124357] RIP: 0033:0x442639 [ 113.127534] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 113.135236] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000442639 [ 113.142496] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 113.149754] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000400000000 [ 113.157014] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 113.164275] R13: 0000000000000000 R14: 0000000000001380 R15: 00007ffd890f8278 [ 113.171559] CPU: 1 PID: 4543 Comm: syzkaller392486 Not tainted 4.16.0+ #17 [ 113.172290] proc_fill_super: can't allocate /proc/self [ 113.178580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.178585] Call Trace: [ 113.178603] dump_stack+0x1b9/0x294 [ 113.178620] ? dump_stack_print_info.cold.2+0x52/0x52 [ 113.204528] ? printk+0x9e/0xba [ 113.207794] ? kmsg_dump_rewind_nolock+0xe4/0xe4 [ 113.212536] ? kasan_check_write+0x14/0x20 [ 113.216756] print_address_description+0x6c/0x20b [ 113.221582] ? alloc_pid+0x9e8/0xa50 [ 113.225295] kasan_report.cold.7+0xac/0x2f5 [ 113.229628] __asan_report_load4_noabort+0x14/0x20 [ 113.234541] alloc_pid+0x9e8/0xa50 [ 113.238069] ? __change_pid+0x410/0x410 [ 113.242027] ? ns_capable_common+0x13f/0x170 [ 113.246423] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 113.251947] ? memset+0x31/0x40 [ 113.255214] ? copy_thread_tls+0x265/0x800 [ 113.259439] copy_process.part.38+0x36bf/0x6ee0 [ 113.264179] ? __lock_acquire+0x7f5/0x5130 [ 113.268402] ? __lock_acquire+0x7f5/0x5130 [ 113.272627] ? __cleanup_sighand+0x70/0x70 [ 113.276845] ? debug_check_no_locks_freed+0x310/0x310 [ 113.282019] ? print_usage_bug+0xc0/0xc0 [ 113.286066] ? print_usage_bug+0xc0/0xc0 [ 113.290116] ? kasan_check_read+0x11/0x20 [ 113.294254] ? __lock_acquire+0x7f5/0x5130 [ 113.298475] ? print_usage_bug+0xc0/0xc0 [ 113.302530] ? debug_check_no_locks_freed+0x310/0x310 [ 113.307707] ? __lock_acquire+0x7f5/0x5130 [ 113.311933] ? lock_downgrade+0x8e0/0x8e0 [ 113.316075] ? print_usage_bug+0xc0/0xc0 [ 113.320123] ? graph_lock+0x170/0x170 [ 113.323916] ? graph_lock+0x170/0x170 [ 113.327701] ? __lock_acquire+0x7f5/0x5130 [ 113.331922] ? find_held_lock+0x36/0x1c0 [ 113.335972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.341497] ? _parse_integer+0x13b/0x190 [ 113.345629] ? graph_lock+0x170/0x170 [ 113.349415] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 113.354937] ? _kstrtoull+0x180/0x230 [ 113.358723] ? _parse_integer+0x190/0x190 [ 113.362854] ? graph_lock+0x170/0x170 [ 113.366637] ? lock_release+0xa10/0xa10 [ 113.370595] ? check_same_owner+0x320/0x320 [ 113.374900] ? find_held_lock+0x36/0x1c0 [ 113.378949] ? lock_downgrade+0x8e0/0x8e0 [ 113.383082] ? kasan_check_read+0x11/0x20 [ 113.387216] ? rcu_is_watching+0x85/0x140 [ 113.391346] ? pid_task+0x10e/0x1e0 [ 113.394956] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 113.400132] ? save_stack+0xa9/0xd0 [ 113.403759] ? graph_lock+0x170/0x170 [ 113.407548] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 113.413069] ? proc_fail_nth_write+0x96/0x1f0 [ 113.417549] ? proc_cwd_link+0x1d0/0x1d0 [ 113.421594] ? kasan_check_read+0x11/0x20 [ 113.425733] ? do_raw_spin_unlock+0x9e/0x2e0 [ 113.430125] ? find_held_lock+0x36/0x1c0 [ 113.434170] _do_fork+0x291/0x12a0 [ 113.437698] ? fork_idle+0x1a0/0x1a0 [ 113.441403] ? __lock_is_held+0xb5/0x140 [ 113.445471] ? __sb_end_write+0xac/0xe0 [ 113.449430] ? vfs_write+0x2a8/0x560 [ 113.453133] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.458657] ? ksys_write+0x1a6/0x250 [ 113.462455] ? SyS_read+0x30/0x30 [ 113.465897] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 113.470730] SyS_clone+0x37/0x50 [ 113.474080] ? sys_vfork+0x30/0x30 [ 113.477606] do_syscall_64+0x29e/0x9d0 [ 113.481478] ? vmalloc_sync_all+0x30/0x30 [ 113.485624] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 113.490369] ? syscall_return_slowpath+0x5c0/0x5c0 [ 113.495298] ? syscall_return_slowpath+0x30f/0x5c0 [ 113.500220] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 113.505575] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 113.510407] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 113.515582] RIP: 0033:0x442639 [ 113.518755] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 113.526451] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 113.533710] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 113.540968] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 113.548225] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 113.555481] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 113.562755] [ 113.564367] Allocated by task 4543: [ 113.567984] save_stack+0x43/0xd0 [ 113.571424] kasan_kmalloc+0xc4/0xe0 [ 113.575124] kasan_slab_alloc+0x12/0x20 [ 113.579093] kmem_cache_alloc+0x12e/0x760 [ 113.583227] copy_pid_ns+0x2c3/0xb40 [ 113.586927] create_new_namespaces+0x48a/0x8f0 [ 113.591490] copy_namespaces+0x3f7/0x4c0 [ 113.595535] copy_process.part.38+0x353a/0x6ee0 [ 113.600186] _do_fork+0x291/0x12a0 [ 113.603711] SyS_clone+0x37/0x50 [ 113.607064] do_syscall_64+0x29e/0x9d0 [ 113.610941] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 113.616108] [ 113.617714] Freed by task 4397: [ 113.620982] save_stack+0x43/0xd0 [ 113.624428] __kasan_slab_free+0x11a/0x170 [ 113.628645] kasan_slab_free+0xe/0x10 [ 113.632430] kmem_cache_free+0x86/0x2d0 [ 113.636390] delayed_free_pidns+0xaa/0xe0 [ 113.640521] rcu_process_callbacks+0x941/0x15f0 [ 113.645196] __do_softirq+0x2e0/0xaf5 [ 113.648974] [ 113.650583] The buggy address belongs to the object at ffff8801ad357850 [ 113.650583] which belongs to the cache pid_namespace of size 240 [ 113.663400] The buggy address is located 72 bytes inside of [ 113.663400] 240-byte region [ffff8801ad357850, ffff8801ad357940) [ 113.675171] The buggy address belongs to the page: [ 113.680084] page:ffffea0006b4d5c0 count:1 mapcount:0 mapping:ffff8801ad357000 index:0x0 [ 113.688210] flags: 0x2fffc0000000100(slab) [ 113.692434] raw: 02fffc0000000100 ffff8801ad357000 0000000000000000 000000010000000d [ 113.700389] raw: ffffea0007641de0 ffff8801d47f3248 ffff8801d4f030c0 0000000000000000 [ 113.708250] page dumped because: kasan: bad access detected [ 113.713938] [ 113.715545] Memory state around the buggy address: [ 113.720459] ffff8801ad357780: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 113.727803] ffff8801ad357800: 00 00 fc fc fc fc fc fc fc fc fb fb fb fb fb fb [ 113.735149] >ffff8801ad357880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 113.742487] ^ [ 113.746617] ffff8801ad357900: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 113.753958] ffff8801ad357980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 113.761295] ================================================================== [ 113.768630] Disabling lock debugging due to kernel taint [ 113.774057] Kernel panic - not syncing: panic_on_warn set ... [ 113.774057] [ 113.781406] CPU: 1 PID: 4543 Comm: syzkaller392486 Tainted: G B 4.16.0+ #17 [ 113.789702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 113.799034] Call Trace: [ 113.801609] dump_stack+0x1b9/0x294 [ 113.805219] ? dump_stack_print_info.cold.2+0x52/0x52 [ 113.810394] ? lock_downgrade+0x8e0/0x8e0 [ 113.814522] ? vprintk_default+0x28/0x30 [ 113.818565] ? alloc_pid+0x9c0/0xa50 [ 113.822264] panic+0x22f/0x4de [ 113.825440] ? add_taint.cold.5+0x16/0x16 [ 113.829569] ? add_taint.cold.5+0x5/0x16 [ 113.833613] ? do_raw_spin_unlock+0x9e/0x2e0 [ 113.838088] ? alloc_pid+0x9e8/0xa50 [ 113.841784] kasan_end_report+0x47/0x4f [ 113.845754] kasan_report.cold.7+0xc9/0x2f5 [ 113.850060] __asan_report_load4_noabort+0x14/0x20 [ 113.854969] alloc_pid+0x9e8/0xa50 [ 113.858493] ? __change_pid+0x410/0x410 [ 113.862455] ? ns_capable_common+0x13f/0x170 [ 113.866849] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 113.872370] ? memset+0x31/0x40 [ 113.875634] ? copy_thread_tls+0x265/0x800 [ 113.879855] copy_process.part.38+0x36bf/0x6ee0 [ 113.884508] ? __lock_acquire+0x7f5/0x5130 [ 113.888724] ? __lock_acquire+0x7f5/0x5130 [ 113.892945] ? __cleanup_sighand+0x70/0x70 [ 113.897161] ? debug_check_no_locks_freed+0x310/0x310 [ 113.902331] ? print_usage_bug+0xc0/0xc0 [ 113.906377] ? print_usage_bug+0xc0/0xc0 [ 113.910423] ? kasan_check_read+0x11/0x20 [ 113.914554] ? __lock_acquire+0x7f5/0x5130 [ 113.918771] ? print_usage_bug+0xc0/0xc0 [ 113.922822] ? debug_check_no_locks_freed+0x310/0x310 [ 113.928169] ? __lock_acquire+0x7f5/0x5130 [ 113.932386] ? lock_downgrade+0x8e0/0x8e0 [ 113.937307] ? print_usage_bug+0xc0/0xc0 [ 113.941352] ? graph_lock+0x170/0x170 [ 113.945151] ? graph_lock+0x170/0x170 [ 113.948935] ? __lock_acquire+0x7f5/0x5130 [ 113.953151] ? find_held_lock+0x36/0x1c0 [ 113.957196] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 113.962717] ? _parse_integer+0x13b/0x190 [ 113.966847] ? graph_lock+0x170/0x170 [ 113.970633] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 113.976155] ? _kstrtoull+0x180/0x230 [ 113.980894] ? _parse_integer+0x190/0x190 [ 113.985026] ? graph_lock+0x170/0x170 [ 113.988806] ? lock_release+0xa10/0xa10 [ 113.992764] ? check_same_owner+0x320/0x320 [ 113.997067] ? find_held_lock+0x36/0x1c0 [ 114.001112] ? lock_downgrade+0x8e0/0x8e0 [ 114.005245] ? kasan_check_read+0x11/0x20 [ 114.009374] ? rcu_is_watching+0x85/0x140 [ 114.013504] ? pid_task+0x10e/0x1e0 [ 114.017112] ? rcu_bh_force_quiescent_state+0x20/0x20 [ 114.022284] ? save_stack+0xa9/0xd0 [ 114.025897] ? graph_lock+0x170/0x170 [ 114.029688] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 114.035220] ? proc_fail_nth_write+0x96/0x1f0 [ 114.039701] ? proc_cwd_link+0x1d0/0x1d0 [ 114.043747] ? kasan_check_read+0x11/0x20 [ 114.047877] ? do_raw_spin_unlock+0x9e/0x2e0 [ 114.052281] ? find_held_lock+0x36/0x1c0 [ 114.056325] _do_fork+0x291/0x12a0 [ 114.059849] ? fork_idle+0x1a0/0x1a0 [ 114.063544] ? __lock_is_held+0xb5/0x140 [ 114.067592] ? __sb_end_write+0xac/0xe0 [ 114.071548] ? vfs_write+0x2a8/0x560 [ 114.075250] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 114.080767] ? ksys_write+0x1a6/0x250 [ 114.084551] ? SyS_read+0x30/0x30 [ 114.087990] ? syscall_slow_exit_work+0x4f0/0x4f0 [ 114.092819] SyS_clone+0x37/0x50 [ 114.096168] ? sys_vfork+0x30/0x30 [ 114.099694] do_syscall_64+0x29e/0x9d0 [ 114.103562] ? vmalloc_sync_all+0x30/0x30 [ 114.107695] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 114.112434] ? syscall_return_slowpath+0x5c0/0x5c0 [ 114.117346] ? syscall_return_slowpath+0x30f/0x5c0 [ 114.122264] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 114.127612] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 114.132457] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 114.137629] RIP: 0033:0x442639 [ 114.140799] RSP: 002b:00007ffd890f8138 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 114.148491] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442639 [ 114.155741] RDX: 00000000200008c0 RSI: 0000000020000800 RDI: 000000002000c100 [ 114.162992] RBP: 00007ffd890f8250 R08: 0000000020000940 R09: 0000000000000000 [ 114.170243] R10: 0000000020000900 R11: 0000000000000206 R12: 0000000000000000 [ 114.177495] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd890f8278 [ 115.243220] Shutting down cpus with NMI [ 115.247712] Dumping ftrace buffer: [ 115.251231] (ftrace buffer empty) [ 115.254914] Kernel Offset: disabled [ 115.258517] Rebooting in 86400 seconds..