Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.0.136' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.197391] FAULT_INJECTION: forcing a failure. [ 27.197391] name failslab, interval 1, probability 0, space 0, times 1 [ 27.208676] CPU: 1 PID: 7976 Comm: syz-executor110 Not tainted 4.14.281-syzkaller #0 [ 27.216533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.225861] Call Trace: [ 27.228513] dump_stack+0x1b2/0x281 [ 27.232120] should_fail.cold+0x10a/0x149 [ 27.236248] should_failslab+0xd6/0x130 [ 27.240197] kmem_cache_alloc_trace+0x29a/0x3d0 [ 27.244862] drm_vma_node_allow+0x4e/0x2e0 [ 27.249083] drm_gem_handle_create_tail+0x1a1/0x330 [ 27.254429] ? drm_gem_destroy+0xa0/0xa0 [ 27.258470] vgem_gem_dumb_create+0xe8/0x260 [ 27.262856] drm_mode_create_dumb_ioctl+0x221/0x2b0 [ 27.267847] ? __drm_printfn_debug+0x70/0x70 [ 27.272236] drm_ioctl_kernel+0x14c/0x200 [ 27.276363] drm_ioctl+0x42e/0x890 [ 27.279880] ? __drm_printfn_debug+0x70/0x70 [ 27.284263] ? drm_getstats+0x20/0x20 [ 27.288041] ? fsnotify+0x974/0x11b0 [ 27.291733] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 27.296638] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.301633] ? SyS_write+0x1b7/0x210 [ 27.305322] ? drm_getstats+0x20/0x20 [ 27.309096] do_vfs_ioctl+0x75a/0xff0 [ 27.312870] ? lock_acquire+0x170/0x3f0 [ 27.316825] ? ioctl_preallocate+0x1a0/0x1a0 [ 27.321214] ? __fget+0x265/0x3e0 [ 27.324642] ? do_vfs_ioctl+0xff0/0xff0 [ 27.328600] ? security_file_ioctl+0x83/0xb0 [ 27.332981] SyS_ioctl+0x7f/0xb0 [ 27.336324] ? do_vfs_ioctl+0xff0/0xff0 [ 27.340273] do_syscall_64+0x1d5/0x640 [ 27.344141] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.349309] RIP: 0033:0x7f103c1cee79 [ 27.352993] RSP: 002b:00007f103c17c1d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.360682] RAX: ffffffffffffffda RBX: 00007f103c2544c8 RCX: 00007f103c1cee79 [ 27.367931] RDX: 0000000020000180 RSI: 00000000c02064b2 RDI: 0000000000000004 [ 27.375177] RBP: 00007f103c17c1f0 R08: 0000000000000001 R09: 0000000000000000 [ 27.382421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 27.389667] R13: 00007ffefd19de7f R14: 00007f103c17c300 R15: 0000000000022000 [ 27.404048] ------------[ cut here ]------------ [ 27.408817] WARNING: CPU: 0 PID: 7976 at drivers/gpu/drm/drm_gem.c:227 drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.419651] Kernel panic - not syncing: panic_on_warn set ... [ 27.419651] [ 27.426992] CPU: 0 PID: 7976 Comm: syz-executor110 Not tainted 4.14.281-syzkaller #0 [ 27.434864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.444193] Call Trace: [ 27.446762] dump_stack+0x1b2/0x281 [ 27.450364] panic+0x1f9/0x42d [ 27.453535] ? add_taint.cold+0x16/0x16 [ 27.457487] ? drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.463348] ? drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.469207] __warn.cold+0x20/0x44 [ 27.472731] ? ist_end_non_atomic+0x10/0x10 [ 27.477027] ? drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.482889] report_bug+0x208/0x250 [ 27.486493] do_error_trap+0x195/0x2d0 [ 27.490359] ? math_error+0x2d0/0x2d0 [ 27.494136] ? trace_hardirqs_on+0x10/0x10 [ 27.498695] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 27.503894] invalid_op+0x1b/0x40 [ 27.507340] RIP: 0010:drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.513902] RSP: 0018:ffff888098c4fb08 EFLAGS: 00010297 [ 27.519244] RAX: ffff8880b376e640 RBX: ffff8880af0f6700 RCX: 00000000fffffff4 [ 27.526511] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8880b3c04580 [ 27.533755] RBP: ffff8880b3c04580 R08: ffffffff8b9cc5e8 R09: 0000000000000000 [ 27.541000] R10: 0000000000000000 R11: ffff8880b376e640 R12: ffff8880b3c04584 [ 27.548245] R13: ffff8880af0f6700 R14: ffff8880b3c04588 R15: ffff8880b3c04598 [ 27.555608] ? drm_gem_object_handle_put_unlocked+0x211/0x280 [ 27.561482] drm_gem_handle_create_tail+0x2a3/0x330 [ 27.566475] ? drm_gem_destroy+0xa0/0xa0 [ 27.570514] vgem_gem_dumb_create+0xe8/0x260 [ 27.574900] drm_mode_create_dumb_ioctl+0x221/0x2b0 [ 27.579909] ? __drm_printfn_debug+0x70/0x70 [ 27.584310] drm_ioctl_kernel+0x14c/0x200 [ 27.588458] drm_ioctl+0x42e/0x890 [ 27.591992] ? __drm_printfn_debug+0x70/0x70 [ 27.596403] ? drm_getstats+0x20/0x20 [ 27.600199] ? fsnotify+0x974/0x11b0 [ 27.603902] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 27.608828] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.613829] ? SyS_write+0x1b7/0x210 [ 27.617525] ? drm_getstats+0x20/0x20 [ 27.621304] do_vfs_ioctl+0x75a/0xff0 [ 27.625084] ? lock_acquire+0x170/0x3f0 [ 27.629036] ? ioctl_preallocate+0x1a0/0x1a0 [ 27.633530] ? __fget+0x265/0x3e0 [ 27.636965] ? do_vfs_ioctl+0xff0/0xff0 [ 27.640920] ? security_file_ioctl+0x83/0xb0 [ 27.645308] SyS_ioctl+0x7f/0xb0 [ 27.648669] ? do_vfs_ioctl+0xff0/0xff0 [ 27.652649] do_syscall_64+0x1d5/0x640 [ 27.656533] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 27.661725] RIP: 0033:0x7f103c1cee79 [ 27.665417] RSP: 002b:00007f103c17c1d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 27.673108] RAX: ffffffffffffffda RBX: 00007f103c2544c8 RCX: 00007f103c1cee79 [ 27.680360] RDX: 0000000020000180 RSI: 00000000c02064b2 RDI: 0000000000000004 [ 27.687608] RBP: 00007f103c17c1f0 R08: 0000000000000001 R09: 0000000000000000 [ 27.694856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 27.702104] R13: 00007ffefd19de7f R14: 00007f103c17c300 R15: 0000000000022000 [ 27.709662] Kernel Offset: disabled [ 27.713325] Rebooting in 86400 seconds..