[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Update UTMP about System Runlevel Changes. [ OK ] Started Load/Save RF Kill Switch Status. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.148' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 40.840030] FAULT_INJECTION: forcing a failure. [ 40.840030] name failslab, interval 1, probability 0, space 0, times 1 [ 40.851410] CPU: 1 PID: 7982 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 40.859283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.868617] Call Trace: [ 40.871191] dump_stack+0x1b2/0x283 [ 40.874799] should_fail.cold+0x10a/0x154 [ 40.878942] should_failslab+0xd6/0x130 [ 40.882900] kmem_cache_alloc_node_trace+0x25a/0x400 [ 40.887983] setup_kmem_cache_node+0x1ed/0x4e0 [ 40.892546] __do_tune_cpucache+0x151/0x200 [ 40.896864] do_tune_cpucache+0x21/0xc0 [ 40.900815] ? calculate_slab_order+0xc4/0x110 [ 40.905375] enable_cpucache+0x3a/0xd0 [ 40.909241] __kmem_cache_create+0x19d/0x240 [ 40.913646] create_cache+0xab/0x1b0 [ 40.917670] kmem_cache_create+0x1bb/0x260 [ 40.921896] ieee80211_mesh_init_sdata+0x547/0x650 [ 40.926809] ieee80211_setup_sdata+0xb29/0xf40 [ 40.931405] ieee80211_if_add+0xce0/0x16b0 [ 40.935644] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 40.940905] ieee80211_add_iface+0x89/0x110 [ 40.950080] ? ieee80211_del_iface+0x20/0x20 [ 40.954481] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 40.959921] nl80211_new_interface+0x44b/0x1360 [ 40.964573] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 40.969660] ? nl80211_notify_iface+0x190/0x190 [ 40.974309] ? nl80211_pre_doit+0x79/0x510 [ 40.978541] genl_family_rcv_msg+0x572/0xb20 [ 40.982980] ? genl_rcv+0x40/0x40 [ 40.986415] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 40.992193] ? trace_hardirqs_on+0x10/0x10 [ 40.996407] ? sock_sendmsg+0xb5/0x100 [ 41.000292] genl_rcv_msg+0xaf/0x140 [ 41.003989] netlink_rcv_skb+0x125/0x390 [ 41.008029] ? genl_family_rcv_msg+0xb20/0xb20 [ 41.012604] ? netlink_ack+0x9a0/0x9a0 [ 41.016468] ? lock_acquire+0x170/0x3f0 [ 41.020439] genl_rcv+0x24/0x40 [ 41.023713] netlink_unicast+0x437/0x610 [ 41.027757] ? netlink_sendskb+0xd0/0xd0 [ 41.031930] ? __check_object_size+0x179/0x22c [ 41.036494] netlink_sendmsg+0x62e/0xb80 [ 41.040538] ? nlmsg_notify+0x170/0x170 [ 41.044491] ? kernel_recvmsg+0x210/0x210 [ 41.048628] ? security_socket_sendmsg+0x83/0xb0 [ 41.053375] ? nlmsg_notify+0x170/0x170 [ 41.057345] sock_sendmsg+0xb5/0x100 [ 41.061041] ___sys_sendmsg+0x6c8/0x800 [ 41.065005] ? get_pid_task+0x91/0x130 [ 41.068872] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 41.073783] ? lock_downgrade+0x740/0x740 [ 41.077923] ? proc_fail_nth_write+0x7b/0x180 [ 41.082427] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.087353] ? fsnotify+0x974/0x11b0 [ 41.091043] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.095952] ? debug_check_no_obj_freed+0x2c0/0x674 [ 41.100948] ? vfs_write+0x35d/0x4d0 [ 41.104638] ? __fdget+0x167/0x1f0 [ 41.108157] ? sockfd_lookup_light+0xb2/0x160 [ 41.112632] __sys_sendmsg+0xa3/0x120 [ 41.116413] ? SyS_shutdown+0x160/0x160 [ 41.120369] ? SyS_read+0x210/0x210 [ 41.123981] SyS_sendmsg+0x27/0x40 [ 41.127514] ? __sys_sendmsg+0x120/0x120 [ 41.131562] do_syscall_64+0x1d5/0x640 [ 41.135435] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 41.140599] RIP: 0033:0x441889 [ 41.143765] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 41.151461] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 41.158705] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 41.165949] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 [ 41.173196] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 41.180440] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 41.189161] enable_cpucache failed for mesh_rmc, error 12 [ 41.194983] kmem_cache_create(mesh_rmc) failed with error -12 [ 41.201338] CPU: 1 PID: 7982 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 41.215827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.225165] Call Trace: [ 41.227850] dump_stack+0x1b2/0x283 [ 41.231468] kmem_cache_create.cold+0x60/0x82 [ 41.235941] ieee80211_mesh_init_sdata+0x547/0x650 [ 41.240860] ieee80211_setup_sdata+0xb29/0xf40 [ 41.245428] ieee80211_if_add+0xce0/0x16b0 [ 41.249654] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 41.254913] ieee80211_add_iface+0x89/0x110 [ 41.259225] ? ieee80211_del_iface+0x20/0x20 [ 41.263624] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 41.269057] nl80211_new_interface+0x44b/0x1360 [ 41.273704] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 41.278790] ? nl80211_notify_iface+0x190/0x190 [ 41.283453] ? nl80211_pre_doit+0x79/0x510 [ 41.287709] genl_family_rcv_msg+0x572/0xb20 [ 41.292113] ? genl_rcv+0x40/0x40 [ 41.295551] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 41.300995] ? trace_hardirqs_on+0x10/0x10 [ 41.305204] ? sock_sendmsg+0xb5/0x100 [ 41.309071] genl_rcv_msg+0xaf/0x140 [ 41.312761] netlink_rcv_skb+0x125/0x390 [ 41.316850] ? genl_family_rcv_msg+0xb20/0xb20 [ 41.321468] ? netlink_ack+0x9a0/0x9a0 [ 41.325334] ? lock_acquire+0x170/0x3f0 [ 41.329299] genl_rcv+0x24/0x40 [ 41.332579] netlink_unicast+0x437/0x610 [ 41.336618] ? netlink_sendskb+0xd0/0xd0 [ 41.340654] ? __check_object_size+0x179/0x22c [ 41.345230] netlink_sendmsg+0x62e/0xb80 [ 41.349278] ? nlmsg_notify+0x170/0x170 [ 41.353235] ? kernel_recvmsg+0x210/0x210 [ 41.357429] ? security_socket_sendmsg+0x83/0xb0 [ 41.362173] ? nlmsg_notify+0x170/0x170 [ 41.366133] sock_sendmsg+0xb5/0x100 [ 41.370000] ___sys_sendmsg+0x6c8/0x800 [ 41.373952] ? get_pid_task+0x91/0x130 [ 41.377930] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 41.382663] ? lock_downgrade+0x740/0x740 [ 41.386802] ? proc_fail_nth_write+0x7b/0x180 [ 41.391274] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.396180] ? fsnotify+0x974/0x11b0 [ 41.399868] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.404786] ? debug_check_no_obj_freed+0x2c0/0x674 [ 41.409880] ? vfs_write+0x35d/0x4d0 [ 41.413565] ? __fdget+0x167/0x1f0 [ 41.417079] ? sockfd_lookup_light+0xb2/0x160 [ 41.421549] __sys_sendmsg+0xa3/0x120 [ 41.425339] ? SyS_shutdown+0x160/0x160 [ 41.429291] ? SyS_read+0x210/0x210 [ 41.432907] SyS_sendmsg+0x27/0x40 [ 41.436423] ? __sys_sendmsg+0x120/0x120 [ 41.440477] do_syscall_64+0x1d5/0x640 [ 41.444364] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 41.449527] RIP: 0033:0x441889 [ 41.452695] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 41.460382] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 41.467641] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 41.474889] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 [ 41.482157] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff executing program [ 41.489417] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 41.530621] FAULT_INJECTION: forcing a failure. [ 41.530621] name failslab, interval 1, probability 0, space 0, times 0 [ 41.541895] CPU: 1 PID: 7990 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 41.549769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.559193] Call Trace: [ 41.561778] dump_stack+0x1b2/0x283 [ 41.565410] should_fail.cold+0x10a/0x154 [ 41.569578] should_failslab+0xd6/0x130 [ 41.573570] kmem_cache_alloc_trace+0x29a/0x3d0 [ 41.578254] ieee80211_mesh_init_sdata+0x129/0x650 [ 41.583163] ieee80211_setup_sdata+0xb29/0xf40 [ 41.587735] ieee80211_if_add+0xce0/0x16b0 [ 41.591950] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 41.597205] ieee80211_add_iface+0x89/0x110 [ 41.601531] ? ieee80211_del_iface+0x20/0x20 [ 41.605928] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 41.611367] nl80211_new_interface+0x44b/0x1360 [ 41.616015] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 41.621211] ? nl80211_notify_iface+0x190/0x190 [ 41.625868] ? nl80211_pre_doit+0x79/0x510 [ 41.630084] genl_family_rcv_msg+0x572/0xb20 [ 41.634486] ? genl_rcv+0x40/0x40 [ 41.637918] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 41.643346] ? trace_hardirqs_on+0x10/0x10 [ 41.647568] ? sock_sendmsg+0xb5/0x100 [ 41.651435] genl_rcv_msg+0xaf/0x140 [ 41.655135] netlink_rcv_skb+0x125/0x390 [ 41.659170] ? genl_family_rcv_msg+0xb20/0xb20 [ 41.663741] ? netlink_ack+0x9a0/0x9a0 [ 41.667609] ? lock_acquire+0x170/0x3f0 [ 41.671577] genl_rcv+0x24/0x40 [ 41.674833] netlink_unicast+0x437/0x610 [ 41.678880] ? netlink_sendskb+0xd0/0xd0 [ 41.682917] ? __check_object_size+0x179/0x22c [ 41.689157] netlink_sendmsg+0x62e/0xb80 [ 41.693224] ? nlmsg_notify+0x170/0x170 [ 41.697177] ? kernel_recvmsg+0x210/0x210 [ 41.701318] ? security_socket_sendmsg+0x83/0xb0 [ 41.706053] ? nlmsg_notify+0x170/0x170 [ 41.710006] sock_sendmsg+0xb5/0x100 [ 41.713699] ___sys_sendmsg+0x6c8/0x800 [ 41.717663] ? get_pid_task+0x91/0x130 [ 41.721532] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 41.726265] ? lock_downgrade+0x740/0x740 [ 41.730397] ? proc_fail_nth_write+0x7b/0x180 [ 41.734993] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.739910] ? fsnotify+0x974/0x11b0 [ 41.743599] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 41.748546] ? debug_check_no_obj_freed+0x2c0/0x674 [ 41.753542] ? vfs_write+0x35d/0x4d0 [ 41.757278] ? __fdget+0x167/0x1f0 [ 41.760797] ? sockfd_lookup_light+0xb2/0x160 [ 41.765291] __sys_sendmsg+0xa3/0x120 [ 41.769114] ? SyS_shutdown+0x160/0x160 [ 41.773114] ? SyS_read+0x210/0x210 [ 41.776749] SyS_sendmsg+0x27/0x40 [ 41.780281] ? __sys_sendmsg+0x120/0x120 [ 41.784322] do_syscall_64+0x1d5/0x640 [ 41.788190] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 41.793355] RIP: 0033:0x441889 [ 41.796520] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 41.804228] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 41.811488] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 41.818735] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 executing program [ 41.826015] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 41.833276] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 41.868005] FAULT_INJECTION: forcing a failure. [ 41.868005] name failslab, interval 1, probability 0, space 0, times 0 [ 41.879567] CPU: 1 PID: 8012 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 41.887465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.896823] Call Trace: [ 41.899397] dump_stack+0x1b2/0x283 [ 41.903049] should_fail.cold+0x10a/0x154 [ 41.907179] should_failslab+0xd6/0x130 [ 41.911137] kmem_cache_alloc_trace+0x29a/0x3d0 [ 41.915786] ieee80211_mesh_init_sdata+0x129/0x650 [ 41.920741] ieee80211_setup_sdata+0xb29/0xf40 [ 41.925345] ieee80211_if_add+0xce0/0x16b0 [ 41.929564] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 41.934832] ieee80211_add_iface+0x89/0x110 [ 41.939174] ? ieee80211_del_iface+0x20/0x20 [ 41.944120] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 41.949551] nl80211_new_interface+0x44b/0x1360 [ 41.954216] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 41.959311] ? nl80211_notify_iface+0x190/0x190 [ 41.963961] ? nl80211_pre_doit+0x79/0x510 [ 41.968190] genl_family_rcv_msg+0x572/0xb20 [ 41.972684] ? genl_rcv+0x40/0x40 [ 41.976130] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 41.981565] ? trace_hardirqs_on+0x10/0x10 [ 41.985796] ? sock_sendmsg+0xb5/0x100 [ 41.989685] genl_rcv_msg+0xaf/0x140 [ 41.993387] netlink_rcv_skb+0x125/0x390 [ 41.997449] ? genl_family_rcv_msg+0xb20/0xb20 [ 42.002010] ? netlink_ack+0x9a0/0x9a0 [ 42.005878] ? lock_acquire+0x170/0x3f0 [ 42.009848] genl_rcv+0x24/0x40 [ 42.013104] netlink_unicast+0x437/0x610 [ 42.017141] ? netlink_sendskb+0xd0/0xd0 [ 42.021267] ? __check_object_size+0x179/0x22c [ 42.025844] netlink_sendmsg+0x62e/0xb80 [ 42.029924] ? nlmsg_notify+0x170/0x170 [ 42.033877] ? kernel_recvmsg+0x210/0x210 [ 42.038002] ? security_socket_sendmsg+0x83/0xb0 [ 42.042736] ? nlmsg_notify+0x170/0x170 [ 42.046687] sock_sendmsg+0xb5/0x100 [ 42.050380] ___sys_sendmsg+0x6c8/0x800 [ 42.054331] ? get_pid_task+0x91/0x130 [ 42.058198] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 42.062933] ? lock_downgrade+0x740/0x740 [ 42.067161] ? proc_fail_nth_write+0x7b/0x180 [ 42.071646] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.076556] ? fsnotify+0x974/0x11b0 [ 42.080249] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.085154] ? debug_check_no_obj_freed+0x2c0/0x674 [ 42.090151] ? vfs_write+0x35d/0x4d0 [ 42.093840] ? __fdget+0x167/0x1f0 [ 42.097358] ? sockfd_lookup_light+0xb2/0x160 [ 42.101847] __sys_sendmsg+0xa3/0x120 [ 42.105627] ? SyS_shutdown+0x160/0x160 [ 42.109587] ? SyS_read+0x210/0x210 [ 42.113210] SyS_sendmsg+0x27/0x40 [ 42.116729] ? __sys_sendmsg+0x120/0x120 [ 42.120782] do_syscall_64+0x1d5/0x640 [ 42.124652] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 42.129821] RIP: 0033:0x441889 executing program [ 42.133012] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.140710] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 42.147970] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 42.155244] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 [ 42.162494] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 42.169742] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 42.196334] FAULT_INJECTION: forcing a failure. [ 42.196334] name failslab, interval 1, probability 0, space 0, times 0 [ 42.208412] CPU: 1 PID: 8021 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 42.216310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.225657] Call Trace: [ 42.228250] dump_stack+0x1b2/0x283 [ 42.231884] should_fail.cold+0x10a/0x154 [ 42.236026] should_failslab+0xd6/0x130 [ 42.239993] kmem_cache_alloc_trace+0x29a/0x3d0 [ 42.244667] ieee80211_mesh_init_sdata+0x129/0x650 [ 42.249603] ieee80211_setup_sdata+0xb29/0xf40 [ 42.254190] ieee80211_if_add+0xce0/0x16b0 [ 42.258440] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 42.263722] ieee80211_add_iface+0x89/0x110 [ 42.268042] ? ieee80211_del_iface+0x20/0x20 [ 42.272444] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 42.277879] nl80211_new_interface+0x44b/0x1360 [ 42.282542] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 42.287651] ? nl80211_notify_iface+0x190/0x190 [ 42.292321] ? nl80211_pre_doit+0x79/0x510 [ 42.296583] genl_family_rcv_msg+0x572/0xb20 [ 42.300994] ? genl_rcv+0x40/0x40 [ 42.304440] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 42.309883] ? trace_hardirqs_on+0x10/0x10 [ 42.314108] ? sock_sendmsg+0xb5/0x100 [ 42.317978] genl_rcv_msg+0xaf/0x140 [ 42.321678] netlink_rcv_skb+0x125/0x390 [ 42.325737] ? genl_family_rcv_msg+0xb20/0xb20 [ 42.330319] ? netlink_ack+0x9a0/0x9a0 [ 42.334203] ? lock_acquire+0x170/0x3f0 [ 42.338182] genl_rcv+0x24/0x40 [ 42.341467] netlink_unicast+0x437/0x610 [ 42.345526] ? netlink_sendskb+0xd0/0xd0 [ 42.349587] ? __check_object_size+0x179/0x22c [ 42.354162] netlink_sendmsg+0x62e/0xb80 [ 42.358205] ? nlmsg_notify+0x170/0x170 [ 42.362168] ? kernel_recvmsg+0x210/0x210 [ 42.366328] ? security_socket_sendmsg+0x83/0xb0 [ 42.371072] ? nlmsg_notify+0x170/0x170 [ 42.375039] sock_sendmsg+0xb5/0x100 [ 42.378735] ___sys_sendmsg+0x6c8/0x800 [ 42.382694] ? get_pid_task+0x91/0x130 [ 42.386594] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 42.391333] ? lock_downgrade+0x740/0x740 [ 42.395463] ? proc_fail_nth_write+0x7b/0x180 [ 42.399934] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.404871] ? fsnotify+0x974/0x11b0 [ 42.408596] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.413505] ? debug_check_no_obj_freed+0x2c0/0x674 [ 42.418501] ? vfs_write+0x35d/0x4d0 [ 42.422193] ? __fdget+0x167/0x1f0 [ 42.425709] ? sockfd_lookup_light+0xb2/0x160 [ 42.430291] __sys_sendmsg+0xa3/0x120 [ 42.434070] ? SyS_shutdown+0x160/0x160 [ 42.438023] ? SyS_read+0x210/0x210 [ 42.441628] SyS_sendmsg+0x27/0x40 [ 42.445142] ? __sys_sendmsg+0x120/0x120 [ 42.449185] do_syscall_64+0x1d5/0x640 [ 42.453062] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 42.458234] RIP: 0033:0x441889 [ 42.461413] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.469098] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 42.476344] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 42.483621] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 executing program [ 42.490877] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 42.498124] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 42.523277] FAULT_INJECTION: forcing a failure. [ 42.523277] name failslab, interval 1, probability 0, space 0, times 0 [ 42.541756] CPU: 1 PID: 8045 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 42.549690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.559161] Call Trace: [ 42.561857] dump_stack+0x1b2/0x283 [ 42.565513] should_fail.cold+0x10a/0x154 [ 42.569847] ? ieee80211_del_iface+0x12/0x20 [ 42.574236] should_failslab+0xd6/0x130 [ 42.578194] kmem_cache_alloc_node_trace+0x58/0x400 [ 42.583215] __kmalloc_node_track_caller+0x38/0x70 [ 42.588553] pskb_expand_head+0x128/0xd30 [ 42.592697] ? memcpy+0x35/0x50 [ 42.595980] ? nla_put+0xeb/0x120 [ 42.599445] netlink_trim+0x1ae/0x220 [ 42.603253] netlink_broadcast_filtered+0x5d/0x9e0 [ 42.608184] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 42.613473] netlink_broadcast+0x35/0x40 [ 42.617535] nl80211_notify_iface+0x11e/0x190 [ 42.622034] cfg80211_netdev_notifier_call+0xcde/0x1b50 [ 42.627505] ? queue_work_on+0x10d/0x1d0 [ 42.631573] ? __cfg80211_leave+0x3b0/0x3b0 [ 42.635903] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 42.640922] ? queue_work_on+0xf7/0x1d0 [ 42.644895] ? netdevice_event+0x33d/0x620 [ 42.649118] ? update_gid_event_work_handler+0xb0/0xb0 [ 42.654392] ? lock_downgrade+0x740/0x740 [ 42.658538] ? _roce_del_all_netdev_gids+0x30/0x30 [ 42.663473] ? roce_gid_type_mask_support+0xe0/0xe0 [ 42.668491] notifier_call_chain+0x108/0x1a0 [ 42.672930] rollback_registered_many+0x765/0xba0 [ 42.677770] ? netdev_state_change+0xf0/0xf0 [ 42.682180] rollback_registered+0xca/0x170 [ 42.686506] ? rollback_registered_many+0xba0/0xba0 [ 42.691501] ? wait_for_completion_io+0x10/0x10 [ 42.696148] unregister_netdevice_queue+0x1b4/0x360 [ 42.701145] ieee80211_if_remove+0x1fc/0x2b0 [ 42.705532] ieee80211_del_iface+0x12/0x20 [ 42.709759] cfg80211_destroy_ifaces+0xee/0x690 [ 42.714408] nl80211_new_interface+0x7c/0x1360 [ 42.718976] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 42.724062] ? nl80211_notify_iface+0x190/0x190 [ 42.728711] ? nl80211_pre_doit+0x79/0x510 [ 42.732942] genl_family_rcv_msg+0x572/0xb20 [ 42.737330] ? genl_rcv+0x40/0x40 [ 42.740771] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 42.746210] ? trace_hardirqs_on+0x10/0x10 [ 42.750421] ? sock_sendmsg+0xb5/0x100 [ 42.754475] genl_rcv_msg+0xaf/0x140 [ 42.758286] netlink_rcv_skb+0x125/0x390 [ 42.762370] ? genl_family_rcv_msg+0xb20/0xb20 [ 42.766933] ? netlink_ack+0x9a0/0x9a0 [ 42.770799] ? lock_acquire+0x170/0x3f0 [ 42.774754] genl_rcv+0x24/0x40 [ 42.778011] netlink_unicast+0x437/0x610 [ 42.782050] ? netlink_sendskb+0xd0/0xd0 [ 42.786090] ? __check_object_size+0x179/0x22c [ 42.790661] netlink_sendmsg+0x62e/0xb80 [ 42.794700] ? nlmsg_notify+0x170/0x170 [ 42.798653] ? kernel_recvmsg+0x210/0x210 [ 42.802866] ? security_socket_sendmsg+0x83/0xb0 [ 42.807608] ? nlmsg_notify+0x170/0x170 [ 42.811560] sock_sendmsg+0xb5/0x100 [ 42.815266] ___sys_sendmsg+0x6c8/0x800 [ 42.819219] ? get_pid_task+0x91/0x130 [ 42.823082] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 42.827824] ? lock_downgrade+0x740/0x740 [ 42.831952] ? proc_fail_nth_write+0x7b/0x180 [ 42.836427] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.841333] ? fsnotify+0x974/0x11b0 [ 42.845021] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 42.849926] ? debug_check_no_obj_freed+0x2c0/0x674 [ 42.854939] ? vfs_write+0x35d/0x4d0 [ 42.858628] ? __fdget+0x167/0x1f0 [ 42.862156] ? sockfd_lookup_light+0xb2/0x160 [ 42.866635] __sys_sendmsg+0xa3/0x120 [ 42.870431] ? SyS_shutdown+0x160/0x160 [ 42.874386] ? SyS_read+0x210/0x210 [ 42.877990] SyS_sendmsg+0x27/0x40 [ 42.881505] ? __sys_sendmsg+0x120/0x120 [ 42.885543] do_syscall_64+0x1d5/0x640 [ 42.889524] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 42.894699] RIP: 0033:0x441889 [ 42.897880] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 42.905587] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 42.912850] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 42.920096] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 [ 42.927355] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 42.934620] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 executing program [ 42.998656] FAULT_INJECTION: forcing a failure. [ 42.998656] name failslab, interval 1, probability 0, space 0, times 0 [ 43.011410] CPU: 1 PID: 8069 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 43.019306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.028686] Call Trace: [ 43.031273] dump_stack+0x1b2/0x283 [ 43.034911] should_fail.cold+0x10a/0x154 [ 43.039066] should_failslab+0xd6/0x130 [ 43.043037] kmem_cache_alloc_trace+0x29a/0x3d0 [ 43.047684] ieee80211_mesh_init_sdata+0x129/0x650 [ 43.052604] ieee80211_setup_sdata+0xb29/0xf40 [ 43.057191] ieee80211_if_add+0xce0/0x16b0 [ 43.061414] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 43.066670] ieee80211_add_iface+0x89/0x110 [ 43.070975] ? ieee80211_del_iface+0x20/0x20 [ 43.075365] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 43.080793] nl80211_new_interface+0x44b/0x1360 [ 43.085451] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 43.090528] ? nl80211_notify_iface+0x190/0x190 [ 43.095190] ? nl80211_pre_doit+0x79/0x510 [ 43.099402] genl_family_rcv_msg+0x572/0xb20 [ 43.103785] ? genl_rcv+0x40/0x40 [ 43.107224] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 43.112650] ? trace_hardirqs_on+0x10/0x10 [ 43.117911] ? sock_sendmsg+0xb5/0x100 [ 43.121777] genl_rcv_msg+0xaf/0x140 [ 43.125477] netlink_rcv_skb+0x125/0x390 [ 43.129513] ? genl_family_rcv_msg+0xb20/0xb20 [ 43.134069] ? netlink_ack+0x9a0/0x9a0 [ 43.137933] ? lock_acquire+0x170/0x3f0 [ 43.141886] genl_rcv+0x24/0x40 [ 43.145146] netlink_unicast+0x437/0x610 [ 43.149184] ? netlink_sendskb+0xd0/0xd0 [ 43.153221] ? __check_object_size+0x179/0x22c [ 43.157800] netlink_sendmsg+0x62e/0xb80 [ 43.161854] ? nlmsg_notify+0x170/0x170 [ 43.165814] ? kernel_recvmsg+0x210/0x210 [ 43.169938] ? security_socket_sendmsg+0x83/0xb0 [ 43.174668] ? nlmsg_notify+0x170/0x170 [ 43.178634] sock_sendmsg+0xb5/0x100 [ 43.182324] ___sys_sendmsg+0x6c8/0x800 [ 43.186273] ? get_pid_task+0x91/0x130 [ 43.190136] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 43.194880] ? lock_downgrade+0x740/0x740 [ 43.199020] ? proc_fail_nth_write+0x7b/0x180 [ 43.203489] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 43.208404] ? fsnotify+0x974/0x11b0 [ 43.212107] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 43.217010] ? debug_check_no_obj_freed+0x2c0/0x674 [ 43.222123] ? vfs_write+0x35d/0x4d0 [ 43.225810] ? __fdget+0x167/0x1f0 [ 43.229325] ? sockfd_lookup_light+0xb2/0x160 [ 43.233797] __sys_sendmsg+0xa3/0x120 [ 43.237571] ? SyS_shutdown+0x160/0x160 [ 43.241525] ? SyS_read+0x210/0x210 [ 43.245129] SyS_sendmsg+0x27/0x40 [ 43.248645] ? __sys_sendmsg+0x120/0x120 [ 43.252682] do_syscall_64+0x1d5/0x640 [ 43.256546] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 43.261796] RIP: 0033:0x441889 [ 43.264975] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 43.272672] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 43.279928] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 43.287192] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 executing program [ 43.295491] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 43.302750] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 [ 43.329483] FAULT_INJECTION: forcing a failure. [ 43.329483] name failslab, interval 1, probability 0, space 0, times 0 [ 43.341883] CPU: 1 PID: 8091 Comm: syz-executor192 Not tainted 4.14.202-syzkaller #0 [ 43.349785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.359142] Call Trace: [ 43.361761] dump_stack+0x1b2/0x283 [ 43.365393] should_fail.cold+0x10a/0x154 [ 43.369554] should_failslab+0xd6/0x130 [ 43.373534] kmem_cache_alloc_trace+0x47/0x3d0 [ 43.378122] mesh_pathtbl_init+0x46/0x290 [ 43.382273] ieee80211_mesh_init_sdata+0x2b4/0x650 [ 43.387235] ieee80211_setup_sdata+0xb29/0xf40 [ 43.391825] ieee80211_if_add+0xce0/0x16b0 [ 43.396068] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 43.401354] ieee80211_add_iface+0x89/0x110 [ 43.405858] ? ieee80211_del_iface+0x20/0x20 [ 43.410276] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 43.415732] nl80211_new_interface+0x44b/0x1360 [ 43.420415] ? nl80211_prepare_wdev_dump+0x540/0x540 [ 43.425547] ? nl80211_notify_iface+0x190/0x190 [ 43.430224] ? nl80211_pre_doit+0x79/0x510 [ 43.434440] genl_family_rcv_msg+0x572/0xb20 [ 43.438830] ? genl_rcv+0x40/0x40 [ 43.442260] ? __ww_mutex_wakeup_for_backoff+0x210/0x210 [ 43.447819] ? trace_hardirqs_on+0x10/0x10 [ 43.452068] ? sock_sendmsg+0xb5/0x100 [ 43.456116] genl_rcv_msg+0xaf/0x140 [ 43.459864] netlink_rcv_skb+0x125/0x390 [ 43.463942] ? genl_family_rcv_msg+0xb20/0xb20 [ 43.468516] ? netlink_ack+0x9a0/0x9a0 [ 43.472379] ? lock_acquire+0x170/0x3f0 [ 43.476330] genl_rcv+0x24/0x40 [ 43.479586] netlink_unicast+0x437/0x610 [ 43.483623] ? netlink_sendskb+0xd0/0xd0 [ 43.487659] ? __check_object_size+0x179/0x22c [ 43.492228] netlink_sendmsg+0x62e/0xb80 [ 43.496263] ? nlmsg_notify+0x170/0x170 [ 43.500213] ? kernel_recvmsg+0x210/0x210 [ 43.504338] ? security_socket_sendmsg+0x83/0xb0 [ 43.509091] ? nlmsg_notify+0x170/0x170 [ 43.513223] sock_sendmsg+0xb5/0x100 [ 43.516911] ___sys_sendmsg+0x6c8/0x800 [ 43.520863] ? get_pid_task+0x91/0x130 [ 43.524724] ? copy_msghdr_from_user+0x3b0/0x3b0 [ 43.529470] ? lock_downgrade+0x740/0x740 [ 43.533604] ? proc_fail_nth_write+0x7b/0x180 [ 43.538081] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 43.542992] ? fsnotify+0x974/0x11b0 [ 43.546681] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 43.551699] ? debug_check_no_obj_freed+0x2c0/0x674 [ 43.556703] ? vfs_write+0x35d/0x4d0 [ 43.560391] ? __fdget+0x167/0x1f0 [ 43.563908] ? sockfd_lookup_light+0xb2/0x160 [ 43.568395] __sys_sendmsg+0xa3/0x120 [ 43.572179] ? SyS_shutdown+0x160/0x160 [ 43.576133] ? SyS_read+0x210/0x210 [ 43.579734] SyS_sendmsg+0x27/0x40 [ 43.583254] ? __sys_sendmsg+0x120/0x120 [ 43.587289] do_syscall_64+0x1d5/0x640 [ 43.591177] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 43.596355] RIP: 0033:0x441889 [ 43.599536] RSP: 002b:00007ffd3f94cdd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 43.607218] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441889 [ 43.614463] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003 [ 43.621708] RBP: 00007ffd3f94cdf0 R08: 0000000000000002 R09: 0000000000000000 [ 43.628954] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 43.636219] R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 executing program [ 43.655576] BUG: unable to handle kernel NULL pointer dereference at 0000000000000088 [ 43.663581] IP: try_to_grab_pending+0xc3/0x610 [ 43.668156] PGD 0 P4D 0 [ 43.670854] Oops: 0002 [#1] PREEMPT SMP KASAN [ 43.675344] Modules linked in: [ 43.678521] CPU: 1 PID: 23 Comm: kworker/1:1 Not tainted 4.14.202-syzkaller #0 [ 43.685968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.695307] Workqueue: events cfg80211_destroy_iface_wk [ 43.700656] task: ffff8880b55fa600 task.stack: ffff8880b5608000 [ 43.706701] RIP: 0010:try_to_grab_pending+0xc3/0x610 [ 43.711788] RSP: 0018:ffff8880b560f960 EFLAGS: 00010097 [ 43.717125] RAX: ffff8880b55fa600 RBX: 0000000000000088 RCX: 0000000000000000 [ 43.724379] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff8880b55fae4c [ 43.731624] RBP: ffff8880b560f9d0 R08: 0000000000000000 R09: 0000000000000000 [ 43.738969] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 43.746228] R13: 0000000000000297 R14: dffffc0000000011 R15: ffff8880b55fa600 [ 43.753473] FS: 0000000000000000(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 43.761683] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 43.767563] CR2: 0000000000000088 CR3: 0000000008e6a000 CR4: 00000000001406e0 [ 43.774810] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 43.782068] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 43.789310] Call Trace: [ 43.791882] __cancel_work_timer+0x90/0x460 [ 43.796177] ? work_on_cpu_safe+0x70/0x70 [ 43.800312] ? mark_held_locks+0xa6/0xf0 [ 43.804351] ? kfree+0x14a/0x250 [ 43.807692] rhashtable_free_and_destroy+0x26/0x710 [ 43.812699] ? mesh_path_tbl_expire.constprop.0+0x1d0/0x1d0 [ 43.818394] ? mesh_rmc_free+0x186/0x220 [ 43.822431] mesh_pathtbl_unregister+0x42/0xa0 [ 43.826990] ieee80211_teardown_sdata+0x1e2/0x290 [ 43.831808] ? ieee80211_teardown_sdata+0x290/0x290 [ 43.836798] rollback_registered_many+0x83f/0xba0 [ 43.841625] ? netdev_state_change+0xf0/0xf0 [ 43.846035] rollback_registered+0xca/0x170 [ 43.850339] ? rollback_registered_many+0xba0/0xba0 [ 43.855346] ? wait_for_completion_io+0x10/0x10 [ 43.860003] unregister_netdevice_queue+0x1b4/0x360 [ 43.864994] ieee80211_if_remove+0x1fc/0x2b0 [ 43.869376] ieee80211_del_iface+0x12/0x20 [ 43.873586] cfg80211_destroy_ifaces+0xee/0x690 [ 43.878237] cfg80211_destroy_iface_wk+0x1a/0x20 [ 43.882965] process_one_work+0x793/0x14a0 [ 43.887182] ? work_busy+0x320/0x320 [ 43.890972] ? worker_thread+0x158/0xff0 [ 43.895010] ? _raw_spin_unlock_irq+0x24/0x80 [ 43.899492] worker_thread+0x7d3/0xff0 [ 43.903357] ? rescuer_thread+0xc80/0xc80 [ 43.907476] kthread+0x30d/0x420 [ 43.910817] ? kthread_create_on_node+0xd0/0xd0 [ 43.915554] ret_from_fork+0x24/0x30 [ 43.919255] Code: fc ff df 48 89 ea 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 4c 89 6d 00 e8 db 1b 0b 00 45 84 e4 0f 85 71 01 00 00 e8 dd 3e 20 00 48 0f ba 2b 00 72 1a 45 31 e4 e8 cd 3e 20 00 44 89 e0 48 83 [ 43.938351] RIP: try_to_grab_pending+0xc3/0x610 RSP: ffff8880b560f960 [ 43.944908] CR2: 0000000000000088 [ 43.948341] ---[ end trace 860b29d85a4047e3 ]--- [ 43.953076] Kernel panic - not syncing: Fatal exception [ 43.959281] Kernel Offset: disabled [ 43.962889] Rebooting in 86400 seconds..