[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... Starting Load/Save RF Kill Switch Status... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 Warning: Permanently added '10.128.1.88' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.982874] FAULT_INJECTION: forcing a failure. [ 27.982874] name failslab, interval 1, probability 0, space 0, times 1 [ 27.994321] CPU: 0 PID: 7968 Comm: syz-executor246 Not tainted 4.14.285-syzkaller #0 [ 28.002196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.011530] Call Trace: [ 28.014111] dump_stack+0x1b2/0x281 [ 28.017741] should_fail.cold+0x10a/0x149 [ 28.021903] should_failslab+0xd6/0x130 [ 28.025870] kmem_cache_alloc_node_trace+0x25a/0x400 [ 28.031054] sbitmap_queue_init_node+0x27f/0x5d0 [ 28.035797] ? kmem_cache_alloc_node_trace+0x383/0x400 [ 28.041055] blk_mq_init_tags+0xf4/0x280 [ 28.045094] blk_mq_alloc_rq_map+0x90/0x220 [ 28.049397] blk_mq_sched_alloc_tags+0xaa/0x240 [ 28.054045] blk_mq_sched_init_hctx+0x5e/0x200 [ 28.058604] blk_mq_realloc_hw_ctxs+0x64e/0xe00 [ 28.063253] ? blk_mq_update_queue_map+0x158/0x1f0 [ 28.068253] blk_mq_update_nr_hw_queues+0x1f3/0x3e0 [ 28.073342] nbd_start_device+0x1d7/0xca0 [ 28.077468] nbd_ioctl+0x3c4/0xac0 [ 28.080984] ? get_pid_task+0x91/0x130 [ 28.084857] ? nbd_disconnect_and_put+0x140/0x140 [ 28.089677] ? lock_downgrade+0x740/0x740 [ 28.093810] ? nbd_disconnect_and_put+0x140/0x140 [ 28.098632] blkdev_ioctl+0x540/0x1830 [ 28.102500] ? proc_fail_nth_write+0x7b/0x180 [ 28.106989] ? blkpg_ioctl+0x8d0/0x8d0 [ 28.110855] ? fsnotify+0x974/0x11b0 [ 28.114549] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.119456] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.124450] block_ioctl+0xd9/0x120 [ 28.128054] ? blkdev_fallocate+0x3a0/0x3a0 [ 28.132438] do_vfs_ioctl+0x75a/0xff0 [ 28.136218] ? ioctl_preallocate+0x1a0/0x1a0 [ 28.140783] ? vfs_write+0x319/0x4d0 [ 28.144474] ? SyS_write+0x14d/0x210 [ 28.148169] ? security_file_ioctl+0x83/0xb0 [ 28.152561] SyS_ioctl+0x7f/0xb0 [ 28.155901] ? do_vfs_ioctl+0xff0/0xff0 [ 28.159850] do_syscall_64+0x1d5/0x640 [ 28.163718] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.168886] RIP: 0033:0x7eff30d38dd9 [ 28.172573] RSP: 002b:00007ffe8409d458 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.180258] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007eff30d38dd9 [ 28.187508] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000007 [ 28.194756] RBP: 00007ffe8409d460 R08: 0000000000000002 R09: 00007eff30003431 [ 28.202016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 28.209263] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.223684] BUG: unable to handle kernel NULL pointer dereference at 0000000000000120 [ 28.231685] IP: blk_mq_map_swqueue+0x253/0x990 [ 28.236246] PGD a9c95067 P4D a9c95067 PUD a9f35067 PMD 0 [ 28.242023] Oops: 0002 [#1] PREEMPT SMP KASAN [ 28.246488] Modules linked in: [ 28.249657] CPU: 1 PID: 7968 Comm: syz-executor246 Not tainted 4.14.285-syzkaller #0 [ 28.257510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.266836] task: ffff88809a1f0340 task.stack: ffff8880915a0000 [ 28.273055] RIP: 0010:blk_mq_map_swqueue+0x253/0x990 [ 28.278128] RSP: 0018:ffff8880915a7a80 EFLAGS: 00010297 [ 28.283482] RAX: ffff88809a1f0340 RBX: ffff8880ae99b0b0 RCX: 1ffff11015d1bfd1 [ 28.290726] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff88cc7d68 [ 28.297969] RBP: 0000000000000001 R08: ffff8880ae8dfe80 R09: 0000000000000000 [ 28.305218] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 28.312470] R13: ffff8882386b0280 R14: 0000000000000000 R15: dffffc0000000000 [ 28.319714] FS: 0000555556b04300(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000 [ 28.327914] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 28.333769] CR2: 0000000000000120 CR3: 00000000a56b1000 CR4: 00000000003406e0 [ 28.341065] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 28.348310] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 28.355556] Call Trace: [ 28.358128] blk_mq_update_nr_hw_queues+0x246/0x3e0 [ 28.363138] nbd_start_device+0x1d7/0xca0 [ 28.367263] nbd_ioctl+0x3c4/0xac0 [ 28.370779] ? get_pid_task+0x91/0x130 [ 28.374658] ? nbd_disconnect_and_put+0x140/0x140 [ 28.379478] ? lock_downgrade+0x740/0x740 [ 28.383605] ? nbd_disconnect_and_put+0x140/0x140 [ 28.388424] blkdev_ioctl+0x540/0x1830 [ 28.392288] ? proc_fail_nth_write+0x7b/0x180 [ 28.396846] ? blkpg_ioctl+0x8d0/0x8d0 [ 28.400707] ? fsnotify+0x974/0x11b0 [ 28.404396] ? proc_tgid_io_accounting+0x7a0/0x7a0 [ 28.409306] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.414299] block_ioctl+0xd9/0x120 [ 28.417898] ? blkdev_fallocate+0x3a0/0x3a0 [ 28.422195] do_vfs_ioctl+0x75a/0xff0 [ 28.425973] ? ioctl_preallocate+0x1a0/0x1a0 [ 28.430356] ? vfs_write+0x319/0x4d0 [ 28.434046] ? SyS_write+0x14d/0x210 [ 28.437736] ? security_file_ioctl+0x83/0xb0 [ 28.442140] SyS_ioctl+0x7f/0xb0 [ 28.445479] ? do_vfs_ioctl+0xff0/0xff0 [ 28.449449] do_syscall_64+0x1d5/0x640 [ 28.453317] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 28.458484] RIP: 0033:0x7eff30d38dd9 [ 28.462170] RSP: 002b:00007ffe8409d458 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 28.469851] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007eff30d38dd9 [ 28.477097] RDX: 0000000000000000 RSI: 000000000000ab03 RDI: 0000000000000007 [ 28.484427] RBP: 00007ffe8409d460 R08: 0000000000000002 R09: 00007eff30003431 [ 28.491675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 28.498927] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 28.506176] Code: 4d 8d 34 c8 4c 89 f1 48 c1 e9 03 42 80 3c 39 00 0f 85 37 05 00 00 83 fd 07 4d 8b 36 0f 87 42 04 00 00 48 89 04 24 e8 6d 3d 4a fe 4d 0f ab a6 20 01 00 00 49 8d be 78 01 00 00 48 8b 04 24 48 [ 28.525246] RIP: blk_mq_map_swqueue+0x253/0x990 RSP: ffff8880915a7a80 [ 28.531793] CR2: 0000000000000120 [ 28.535221] ---[ end trace 076375593567f551 ]--- [ 28.539963] Kernel panic - not syncing: Fatal exception [ 28.545390] Kernel Offset: disabled [ 28.549007] Rebooting in 86400 seconds..