INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.0.58' (ECDSA) to the list of known hosts. syzkaller login: [ 25.865382] IPVS: ftp: loaded support on port[0] = 21 executing program [ 25.892926] IPVS: ftp: loaded support on port[0] = 21 [ 25.911330] FAULT_INJECTION: forcing a failure. [ 25.911330] name failslab, interval 1, probability 0, space 0, times 1 [ 25.919500] IPVS: ftp: loaded support on port[0] = 21 [ 25.922914] CPU: 1 PID: 4437 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 25.935425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.944764] Call Trace: [ 25.947332] dump_stack+0x194/0x24d [ 25.950942] ? arch_local_irq_restore+0x53/0x53 [ 25.955603] should_fail+0x8c0/0xa40 [ 25.959295] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 25.964165] FAULT_INJECTION: forcing a failure. [ 25.964165] name failslab, interval 1, probability 0, space 0, times 1 [ 25.964379] ? __lock_is_held+0xb6/0x140 [ 25.979622] ? mark_held_locks+0xaf/0x100 [ 25.983771] ? __raw_spin_lock_init+0x1c/0x100 [ 25.988336] ? find_held_lock+0x35/0x1d0 [ 25.992380] ? __lock_is_held+0xb6/0x140 [ 25.996439] ? check_same_owner+0x320/0x320 [ 26.000737] ? d_alloc+0x269/0x340 [ 26.004257] ? rcu_note_context_switch+0x710/0x710 [ 26.009161] ? lock_release+0xa40/0xa40 [ 26.013121] should_failslab+0xec/0x120 [ 26.017081] kmem_cache_alloc+0x47/0x760 [ 26.021120] ? d_drop+0x51/0x60 [ 26.024377] ? rpc_i_callback+0x30/0x30 [ 26.028325] rpc_alloc_inode+0x1a/0x20 [ 26.032186] alloc_inode+0x65/0x180 [ 26.035787] new_inode_pseudo+0x69/0x190 [ 26.039832] ? prune_icache_sb+0x1a0/0x1a0 [ 26.044039] ? do_raw_spin_trylock+0x190/0x190 [ 26.048593] ? d_add+0xa70/0xa70 [ 26.051937] new_inode+0x1c/0x40 [ 26.055278] rpc_get_inode+0x20/0x1e0 [ 26.059054] __rpc_create_common+0x5d/0x1d0 [ 26.063354] rpc_populate.constprop.15+0x1ad/0x340 [ 26.068265] rpc_fill_super+0x379/0xae0 [ 26.072216] ? cap_capable+0x1b5/0x230 [ 26.076075] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.081239] ? security_capable+0x8e/0xc0 [ 26.085362] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.090537] ? ns_capable_common+0xcf/0x160 [ 26.094835] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.099996] mount_ns+0xc4/0x190 [ 26.103418] rpc_mount+0x9e/0xd0 [ 26.106847] mount_fs+0x66/0x2d0 [ 26.110191] vfs_kern_mount.part.26+0xc6/0x4a0 [ 26.114750] ? may_umount+0xa0/0xa0 [ 26.118350] ? _raw_read_unlock+0x22/0x30 [ 26.122472] ? __get_fs_type+0x8a/0xc0 [ 26.126339] do_mount+0xea4/0x2bb0 [ 26.129860] ? __might_fault+0x110/0x1d0 [ 26.133899] ? copy_mount_string+0x40/0x40 [ 26.138107] ? check_same_owner+0x320/0x320 [ 26.142405] ? __check_object_size+0x8b/0x530 [ 26.146881] ? __might_sleep+0x95/0x190 [ 26.150836] ? kasan_check_write+0x14/0x20 [ 26.155044] ? _copy_from_user+0x99/0x110 [ 26.159169] ? memdup_user+0x5e/0x90 [ 26.162856] ? copy_mount_options+0x1f7/0x2e0 [ 26.167329] SyS_mount+0xab/0x120 [ 26.170768] ? copy_mnt_ns+0xb30/0xb30 [ 26.174631] do_syscall_64+0x281/0x940 [ 26.178503] ? __do_page_fault+0xc90/0xc90 [ 26.182713] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.187446] ? syscall_return_slowpath+0x550/0x550 [ 26.192352] ? syscall_return_slowpath+0x2ac/0x550 [ 26.197277] ? prepare_exit_to_usermode+0x350/0x350 [ 26.202268] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 26.207619] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.212442] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 26.217606] RIP: 0033:0x442a19 [ 26.220769] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 26.228451] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 26.235695] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 executing program executing program [ 26.242936] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 26.250178] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 26.257419] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 [ 26.264684] CPU: 0 PID: 4439 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 26.265103] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry portmap [ 26.272055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.272059] Call Trace: [ 26.272074] dump_stack+0x194/0x24d [ 26.272082] ? arch_local_irq_restore+0x53/0x53 [ 26.272092] ? finish_task_switch+0x1c1/0x7e0 [ 26.287412] IPVS: ftp: loaded support on port[0] = 21 [ 26.290554] ? finish_task_switch+0x182/0x7e0 [ 26.290573] should_fail+0x8c0/0xa40 [ 26.294732] FAULT_INJECTION: forcing a failure. [ 26.294732] name failslab, interval 1, probability 0, space 0, times 0 [ 26.296760] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 26.296774] ? mark_held_locks+0xaf/0x100 [ 26.296788] ? __sched_text_start+0x8/0x8 [ 26.343673] ? find_held_lock+0x35/0x1d0 [ 26.347801] ? __lock_is_held+0xb6/0x140 [ 26.351848] ? check_same_owner+0x320/0x320 [ 26.356156] should_failslab+0xec/0x120 [ 26.360103] kmem_cache_alloc+0x47/0x760 [ 26.364142] ? d_drop+0x51/0x60 [ 26.367398] ? rpc_i_callback+0x30/0x30 [ 26.371346] rpc_alloc_inode+0x1a/0x20 [ 26.375206] alloc_inode+0x65/0x180 [ 26.378807] new_inode_pseudo+0x69/0x190 [ 26.382840] ? prune_icache_sb+0x1a0/0x1a0 [ 26.387047] ? do_raw_spin_trylock+0x190/0x190 [ 26.391601] ? d_add+0xa70/0xa70 [ 26.394947] new_inode+0x1c/0x40 [ 26.398298] rpc_get_inode+0x20/0x1e0 [ 26.402077] __rpc_create_common+0x5d/0x1d0 [ 26.406400] rpc_populate.constprop.15+0x1ad/0x340 [ 26.411313] rpc_fill_super+0x379/0xae0 [ 26.415270] ? cap_capable+0x1b5/0x230 [ 26.419141] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.424311] ? security_capable+0x8e/0xc0 [ 26.428437] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.433602] ? ns_capable_common+0xcf/0x160 [ 26.437902] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.443082] mount_ns+0xc4/0x190 [ 26.446427] rpc_mount+0x9e/0xd0 [ 26.449773] mount_fs+0x66/0x2d0 [ 26.453120] vfs_kern_mount.part.26+0xc6/0x4a0 [ 26.457682] ? may_umount+0xa0/0xa0 [ 26.461288] ? _raw_read_unlock+0x22/0x30 [ 26.465413] ? __get_fs_type+0x8a/0xc0 [ 26.469291] do_mount+0xea4/0x2bb0 [ 26.472812] ? __might_fault+0x110/0x1d0 [ 26.476866] ? copy_mount_string+0x40/0x40 [ 26.481255] ? check_same_owner+0x320/0x320 [ 26.485556] ? __check_object_size+0x8b/0x530 [ 26.490034] ? __might_sleep+0x95/0x190 [ 26.494164] ? kasan_check_write+0x14/0x20 [ 26.499353] ? _copy_from_user+0x99/0x110 [ 26.503495] ? memdup_user+0x5e/0x90 [ 26.507182] ? copy_mount_options+0x1f7/0x2e0 [ 26.511659] SyS_mount+0xab/0x120 [ 26.515094] ? copy_mnt_ns+0xb30/0xb30 [ 26.518973] do_syscall_64+0x281/0x940 [ 26.522852] ? __do_page_fault+0xc90/0xc90 [ 26.527061] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.531807] ? syscall_return_slowpath+0x550/0x550 [ 26.536715] ? syscall_return_slowpath+0x2ac/0x550 [ 26.541623] ? prepare_exit_to_usermode+0x350/0x350 [ 26.546619] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 26.551963] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.556787] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 26.561965] RIP: 0033:0x442a19 [ 26.565129] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 26.572812] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 26.580055] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 26.587310] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 26.594554] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 26.601805] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 [ 26.609953] CPU: 1 PID: 4438 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 26.610121] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry portmap [ 26.617327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.617331] Call Trace: [ 26.617346] dump_stack+0x194/0x24d [ 26.617355] ? arch_local_irq_restore+0x53/0x53 [ 26.617373] should_fail+0x8c0/0xa40 [ 26.626879] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 26.635823] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 26.635834] ? __lock_is_held+0xb6/0x140 [ 26.635843] ? mark_held_locks+0xaf/0x100 [ 26.635850] ? __raw_spin_lock_init+0x1c/0x100 [ 26.635863] ? find_held_lock+0x35/0x1d0 [ 26.641132] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 26.642070] ? __lock_is_held+0xb6/0x140 [ 26.642089] ? check_same_owner+0x320/0x320 [ 26.642099] ? d_alloc+0x269/0x340 [ 26.671428] IPVS: ftp: loaded support on port[0] = 21 [ 26.675701] ? rcu_note_context_switch+0x710/0x710 [ 26.675707] ? lock_release+0xa40/0xa40 [ 26.675722] should_failslab+0xec/0x120 [ 26.716923] kmem_cache_alloc+0x47/0x760 [ 26.720963] ? d_drop+0x51/0x60 [ 26.723193] FAULT_INJECTION: forcing a failure. [ 26.723193] name failslab, interval 1, probability 0, space 0, times 0 [ 26.724218] ? rpc_i_callback+0x30/0x30 [ 26.724226] rpc_alloc_inode+0x1a/0x20 [ 26.724232] alloc_inode+0x65/0x180 [ 26.724239] new_inode_pseudo+0x69/0x190 [ 26.724248] ? prune_icache_sb+0x1a0/0x1a0 [ 26.755094] ? do_raw_spin_trylock+0x190/0x190 [ 26.759735] ? d_add+0xa70/0xa70 [ 26.763083] new_inode+0x1c/0x40 [ 26.766425] rpc_get_inode+0x20/0x1e0 [ 26.770211] __rpc_create_common+0x5d/0x1d0 [ 26.774510] rpc_populate.constprop.15+0x1ad/0x340 [ 26.779423] rpc_fill_super+0x379/0xae0 [ 26.783374] ? cap_capable+0x1b5/0x230 [ 26.787245] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.792412] ? security_capable+0x8e/0xc0 [ 26.796537] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.801699] ? ns_capable_common+0xcf/0x160 [ 26.805995] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 26.811170] mount_ns+0xc4/0x190 [ 26.814527] rpc_mount+0x9e/0xd0 [ 26.817878] mount_fs+0x66/0x2d0 [ 26.821224] vfs_kern_mount.part.26+0xc6/0x4a0 [ 26.825784] ? may_umount+0xa0/0xa0 [ 26.829391] ? _raw_read_unlock+0x22/0x30 [ 26.833515] ? __get_fs_type+0x8a/0xc0 [ 26.837386] do_mount+0xea4/0x2bb0 [ 26.840899] ? __might_fault+0x110/0x1d0 [ 26.845026] ? copy_mount_string+0x40/0x40 [ 26.849235] ? check_same_owner+0x320/0x320 [ 26.853543] ? __check_object_size+0x8b/0x530 [ 26.858021] ? __might_sleep+0x95/0x190 [ 26.861976] ? kasan_check_write+0x14/0x20 [ 26.866187] ? _copy_from_user+0x99/0x110 [ 26.870313] ? memdup_user+0x5e/0x90 [ 26.874089] ? copy_mount_options+0x1f7/0x2e0 [ 26.878584] SyS_mount+0xab/0x120 [ 26.882021] ? copy_mnt_ns+0xb30/0xb30 [ 26.885889] do_syscall_64+0x281/0x940 [ 26.889840] ? __do_page_fault+0xc90/0xc90 [ 26.894066] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 26.899034] ? syscall_return_slowpath+0x550/0x550 [ 26.905330] ? syscall_return_slowpath+0x2ac/0x550 [ 26.910238] ? prepare_exit_to_usermode+0x350/0x350 [ 26.915330] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 26.920672] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 26.925494] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 26.930656] RIP: 0033:0x442a19 [ 26.933820] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 26.941501] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 26.948754] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 26.955999] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 26.963258] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 26.970620] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 [ 26.978235] CPU: 0 PID: 4442 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 26.978353] net/sunrpc/rpc_pipe.c: __rpc_create_common failed to allocate inode for dentry portmap executing program executing program [ 26.985632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.985636] Call Trace: [ 26.985651] dump_stack+0x194/0x24d [ 26.985660] ? arch_local_irq_restore+0x53/0x53 [ 26.985669] ? find_held_lock+0x35/0x1d0 [ 26.985684] should_fail+0x8c0/0xa40 [ 26.999360] IPVS: ftp: loaded support on port[0] = 21 [ 27.004100] ? __list_lru_init+0x352/0x750 [ 27.004110] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 27.004118] ? trace_hardirqs_off+0x10/0x10 [ 27.008142] FAULT_INJECTION: forcing a failure. [ 27.008142] name failslab, interval 1, probability 0, space 0, times 0 [ 27.010311] ? find_next_zero_bit+0xe3/0x110 [ 27.010321] ? trace_hardirqs_off+0x10/0x10 [ 27.010332] ? find_held_lock+0x35/0x1d0 [ 27.065440] ? __lock_is_held+0xb6/0x140 [ 27.069492] ? check_same_owner+0x320/0x320 [ 27.073787] ? lock_downgrade+0x980/0x980 [ 27.077913] ? rcu_note_context_switch+0x710/0x710 [ 27.082818] ? find_held_lock+0x35/0x1d0 [ 27.086860] should_failslab+0xec/0x120 [ 27.090821] __kmalloc+0x63/0x760 [ 27.094248] ? lock_downgrade+0x980/0x980 [ 27.098374] ? register_shrinker+0x10e/0x2d0 [ 27.102754] ? trace_event_raw_event_module_request+0x320/0x320 [ 27.108805] register_shrinker+0x10e/0x2d0 [ 27.113015] ? __bpf_trace_mm_vmscan_wakeup_kswapd+0x40/0x40 [ 27.118786] ? memcpy+0x45/0x50 [ 27.122067] sget_userns+0xbbf/0xe40 [ 27.125762] ? set_anon_super+0x20/0x20 [ 27.129715] ? put_filp+0x90/0x90 [ 27.133142] ? destroy_unused_super.part.6+0xd0/0xd0 [ 27.138225] ? path_lookupat+0x238/0xba0 [ 27.142350] ? mnt_free_id.isra.21+0x50/0x50 [ 27.146739] ? trace_hardirqs_off+0x10/0x10 [ 27.151057] ? putname+0xee/0x130 [ 27.154505] ? cap_capable+0x1b5/0x230 [ 27.158377] ? security_capable+0x8e/0xc0 [ 27.162588] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.167751] ? ns_capable_common+0xcf/0x160 [ 27.172051] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.177223] mount_ns+0x6d/0x190 [ 27.180578] rpc_mount+0x9e/0xd0 [ 27.183923] mount_fs+0x66/0x2d0 [ 27.187347] vfs_kern_mount.part.26+0xc6/0x4a0 [ 27.191907] ? may_umount+0xa0/0xa0 [ 27.195511] ? _raw_read_unlock+0x22/0x30 [ 27.199633] ? __get_fs_type+0x8a/0xc0 [ 27.203510] do_mount+0xea4/0x2bb0 [ 27.207026] ? __might_fault+0x110/0x1d0 [ 27.211069] ? copy_mount_string+0x40/0x40 [ 27.215289] ? check_same_owner+0x320/0x320 [ 27.219585] ? __check_object_size+0x8b/0x530 [ 27.224060] ? __might_sleep+0x95/0x190 [ 27.228017] ? kasan_check_write+0x14/0x20 [ 27.232228] ? _copy_from_user+0x99/0x110 [ 27.236364] ? memdup_user+0x5e/0x90 [ 27.240057] ? copy_mount_options+0x1f7/0x2e0 [ 27.244536] SyS_mount+0xab/0x120 [ 27.247967] ? copy_mnt_ns+0xb30/0xb30 [ 27.251940] do_syscall_64+0x281/0x940 [ 27.255803] ? __do_page_fault+0xc90/0xc90 [ 27.260014] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 27.264841] ? syscall_return_slowpath+0x550/0x550 [ 27.269757] ? syscall_return_slowpath+0x2ac/0x550 [ 27.274664] ? prepare_exit_to_usermode+0x350/0x350 [ 27.279929] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 27.285270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 27.290093] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 27.295255] RIP: 0033:0x442a19 [ 27.298417] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 27.306535] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 27.313790] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 27.321139] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 27.328394] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 27.335732] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 executing program [ 27.343009] CPU: 1 PID: 4441 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 27.347142] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 27.350408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.350411] Call Trace: [ 27.350425] dump_stack+0x194/0x24d [ 27.350435] ? arch_local_irq_restore+0x53/0x53 [ 27.350445] ? find_held_lock+0x35/0x1d0 [ 27.350460] should_fail+0x8c0/0xa40 [ 27.385685] ? __list_lru_init+0x352/0x750 [ 27.387561] FAULT_INJECTION: forcing a failure. [ 27.387561] name failslab, interval 1, probability 0, space 0, times 0 [ 27.389909] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 27.389917] ? trace_hardirqs_off+0x10/0x10 [ 27.389925] ? find_next_zero_bit+0xe3/0x110 [ 27.389934] ? trace_hardirqs_off+0x10/0x10 [ 27.389949] ? find_held_lock+0x35/0x1d0 [ 27.389960] ? __lock_is_held+0xb6/0x140 [ 27.427322] ? check_same_owner+0x320/0x320 [ 27.431617] ? lock_downgrade+0x980/0x980 [ 27.435831] ? rcu_note_context_switch+0x710/0x710 [ 27.440738] ? find_held_lock+0x35/0x1d0 [ 27.444783] should_failslab+0xec/0x120 [ 27.448731] __kmalloc+0x63/0x760 [ 27.452157] ? lock_downgrade+0x980/0x980 [ 27.456283] ? register_shrinker+0x10e/0x2d0 [ 27.460681] ? trace_event_raw_event_module_request+0x320/0x320 [ 27.466716] register_shrinker+0x10e/0x2d0 [ 27.470928] ? __bpf_trace_mm_vmscan_wakeup_kswapd+0x40/0x40 [ 27.476702] ? memcpy+0x45/0x50 [ 27.479962] sget_userns+0xbbf/0xe40 [ 27.483648] ? set_anon_super+0x20/0x20 [ 27.487600] ? put_filp+0x90/0x90 [ 27.491026] ? destroy_unused_super.part.6+0xd0/0xd0 [ 27.496101] ? path_lookupat+0x238/0xba0 [ 27.500136] ? mnt_free_id.isra.21+0x50/0x50 [ 27.504533] ? trace_hardirqs_off+0x10/0x10 [ 27.508831] ? putname+0xee/0x130 [ 27.512267] ? cap_capable+0x1b5/0x230 [ 27.516240] ? security_capable+0x8e/0xc0 [ 27.520523] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.525687] ? ns_capable_common+0xcf/0x160 [ 27.529985] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.535158] mount_ns+0x6d/0x190 [ 27.538501] rpc_mount+0x9e/0xd0 [ 27.541853] mount_fs+0x66/0x2d0 [ 27.545198] vfs_kern_mount.part.26+0xc6/0x4a0 [ 27.549757] ? may_umount+0xa0/0xa0 [ 27.553357] ? _raw_read_unlock+0x22/0x30 [ 27.557477] ? __get_fs_type+0x8a/0xc0 [ 27.561341] do_mount+0xea4/0x2bb0 [ 27.564853] ? __might_fault+0x110/0x1d0 [ 27.568894] ? copy_mount_string+0x40/0x40 [ 27.573102] ? check_same_owner+0x320/0x320 [ 27.577398] ? __check_object_size+0x8b/0x530 [ 27.581874] ? __might_sleep+0x95/0x190 [ 27.585830] ? kasan_check_write+0x14/0x20 [ 27.590038] ? _copy_from_user+0x99/0x110 [ 27.594162] ? memdup_user+0x5e/0x90 [ 27.597849] ? copy_mount_options+0x1f7/0x2e0 [ 27.602323] SyS_mount+0xab/0x120 [ 27.605750] ? copy_mnt_ns+0xb30/0xb30 [ 27.609615] do_syscall_64+0x281/0x940 [ 27.613477] ? __do_page_fault+0xc90/0xc90 [ 27.617682] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 27.622413] ? syscall_return_slowpath+0x550/0x550 [ 27.627318] ? syscall_return_slowpath+0x2ac/0x550 [ 27.632221] ? prepare_exit_to_usermode+0x350/0x350 [ 27.637211] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 27.642562] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 27.647387] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 27.652548] RIP: 0033:0x442a19 [ 27.655712] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 27.663493] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 27.670913] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 27.678158] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 27.685419] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 27.692676] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 executing program [ 27.699943] CPU: 0 PID: 4444 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 27.702753] IPVS: ftp: loaded support on port[0] = 21 [ 27.707314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.707317] Call Trace: [ 27.707332] dump_stack+0x194/0x24d [ 27.707341] ? arch_local_irq_restore+0x53/0x53 [ 27.707350] ? __save_stack_trace+0x7e/0xd0 [ 27.733088] IPVS: ftp: loaded support on port[0] = 21 [ 27.736978] should_fail+0x8c0/0xa40 [ 27.736989] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 27.751037] ? kasan_kmalloc+0xad/0xe0 [ 27.752274] FAULT_INJECTION: forcing a failure. [ 27.752274] name failslab, interval 1, probability 0, space 0, times 0 [ 27.754913] ? kmem_cache_alloc_trace+0x136/0x740 [ 27.754919] ? __memcg_init_list_lru_node+0x169/0x270 [ 27.754923] ? __list_lru_init+0x544/0x750 [ 27.754928] ? sget_userns+0x6b1/0xe40 [ 27.754937] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 27.754941] ? do_mount+0xea4/0x2bb0 [ 27.754950] ? SyS_mount+0xab/0x120 [ 27.798088] ? do_syscall_64+0x281/0x940 [ 27.802134] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 27.807493] ? find_held_lock+0x35/0x1d0 [ 27.811549] ? __lock_is_held+0xb6/0x140 [ 27.815612] ? check_same_owner+0x320/0x320 [ 27.819921] ? rcu_note_context_switch+0x710/0x710 [ 27.824848] should_failslab+0xec/0x120 [ 27.828807] kmem_cache_alloc_trace+0x4b/0x740 [ 27.833370] ? __kmalloc_node+0x33/0x70 [ 27.837327] ? __kmalloc_node+0x33/0x70 [ 27.841285] ? rcu_read_lock_sched_held+0x108/0x120 [ 27.846304] __memcg_init_list_lru_node+0x169/0x270 [ 27.851324] ? list_lru_add+0x7c0/0x7c0 [ 27.855282] ? __kmalloc_node+0x47/0x70 [ 27.859255] __list_lru_init+0x544/0x750 [ 27.863311] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 27.869183] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 27.874193] ? lockdep_init_map+0x9/0x10 [ 27.878240] sget_userns+0x6b1/0xe40 [ 27.881942] ? set_anon_super+0x20/0x20 [ 27.885907] ? put_filp+0x90/0x90 [ 27.889347] ? destroy_unused_super.part.6+0xd0/0xd0 [ 27.894433] ? alloc_vfsmnt+0x762/0x9c0 [ 27.898389] ? path_lookupat+0x238/0xba0 [ 27.902433] ? mnt_free_id.isra.21+0x50/0x50 [ 27.906833] ? trace_hardirqs_off+0x10/0x10 [ 27.911142] ? putname+0xee/0x130 [ 27.914585] ? cap_capable+0x1b5/0x230 [ 27.918465] ? security_capable+0x8e/0xc0 [ 27.922604] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.927779] ? ns_capable_common+0xcf/0x160 [ 27.932088] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 27.937260] mount_ns+0x6d/0x190 [ 27.940620] rpc_mount+0x9e/0xd0 [ 27.943976] mount_fs+0x66/0x2d0 [ 27.947334] vfs_kern_mount.part.26+0xc6/0x4a0 [ 27.951906] ? may_umount+0xa0/0xa0 [ 27.955525] ? _raw_read_unlock+0x22/0x30 [ 27.959657] ? __get_fs_type+0x8a/0xc0 [ 27.963540] do_mount+0xea4/0x2bb0 [ 27.967065] ? __might_fault+0x110/0x1d0 [ 27.971123] ? copy_mount_string+0x40/0x40 [ 27.975343] ? check_same_owner+0x320/0x320 [ 27.979648] ? __check_object_size+0x8b/0x530 [ 27.984138] ? __might_sleep+0x95/0x190 [ 27.988106] ? kasan_check_write+0x14/0x20 [ 27.992324] ? _copy_from_user+0x99/0x110 [ 27.996461] ? memdup_user+0x5e/0x90 [ 28.000156] ? copy_mount_options+0x1f7/0x2e0 [ 28.004641] SyS_mount+0xab/0x120 [ 28.008078] ? copy_mnt_ns+0xb30/0xb30 [ 28.011953] do_syscall_64+0x281/0x940 [ 28.015826] ? __do_page_fault+0xc90/0xc90 [ 28.020046] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.024793] ? syscall_return_slowpath+0x550/0x550 [ 28.029710] ? syscall_return_slowpath+0x2ac/0x550 [ 28.034625] ? prepare_exit_to_usermode+0x350/0x350 [ 28.039628] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 28.044984] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.049826] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.054998] RIP: 0033:0x442a19 [ 28.058176] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 28.065867] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 28.073120] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 28.080371] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 28.087622] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 28.094873] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 executing program [ 28.102158] CPU: 1 PID: 4445 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 28.109520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.118870] Call Trace: [ 28.121461] dump_stack+0x194/0x24d [ 28.125094] ? arch_local_irq_restore+0x53/0x53 [ 28.125671] FAULT_INJECTION: forcing a failure. [ 28.125671] name failslab, interval 1, probability 0, space 0, times 0 [ 28.129751] ? __save_stack_trace+0x7e/0xd0 [ 28.129778] should_fail+0x8c0/0xa40 [ 28.129800] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 28.154032] ? kasan_kmalloc+0xad/0xe0 [ 28.158065] ? kmem_cache_alloc_trace+0x136/0x740 [ 28.162892] ? __memcg_init_list_lru_node+0x169/0x270 [ 28.168063] ? __list_lru_init+0x544/0x750 [ 28.172280] ? sget_userns+0x6b1/0xe40 [ 28.176158] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 28.180895] ? do_mount+0xea4/0x2bb0 [ 28.184590] ? SyS_mount+0xab/0x120 [ 28.188200] ? do_syscall_64+0x281/0x940 [ 28.192243] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.197597] ? find_held_lock+0x35/0x1d0 [ 28.201649] ? __lock_is_held+0xb6/0x140 [ 28.205713] ? check_same_owner+0x320/0x320 [ 28.210026] ? rcu_note_context_switch+0x710/0x710 [ 28.214950] should_failslab+0xec/0x120 [ 28.218910] kmem_cache_alloc_trace+0x4b/0x740 [ 28.223474] ? __kmalloc_node+0x33/0x70 [ 28.227432] ? __kmalloc_node+0x33/0x70 [ 28.231391] ? rcu_read_lock_sched_held+0x108/0x120 [ 28.236401] __memcg_init_list_lru_node+0x169/0x270 [ 28.241410] ? list_lru_add+0x7c0/0x7c0 [ 28.245368] ? __kmalloc_node+0x47/0x70 [ 28.249340] __list_lru_init+0x544/0x750 [ 28.253393] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 28.259264] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.264273] ? lockdep_init_map+0x9/0x10 [ 28.268321] sget_userns+0x6b1/0xe40 [ 28.272017] ? set_anon_super+0x20/0x20 [ 28.275983] ? put_filp+0x90/0x90 [ 28.279422] ? destroy_unused_super.part.6+0xd0/0xd0 [ 28.284509] ? alloc_vfsmnt+0x762/0x9c0 [ 28.288465] ? path_lookupat+0x238/0xba0 [ 28.292509] ? mnt_free_id.isra.21+0x50/0x50 [ 28.296909] ? trace_hardirqs_off+0x10/0x10 [ 28.301219] ? putname+0xee/0x130 [ 28.304664] ? cap_capable+0x1b5/0x230 [ 28.308543] ? security_capable+0x8e/0xc0 [ 28.312680] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 28.317855] ? ns_capable_common+0xcf/0x160 [ 28.322167] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 28.327339] mount_ns+0x6d/0x190 [ 28.330699] rpc_mount+0x9e/0xd0 [ 28.334054] mount_fs+0x66/0x2d0 [ 28.337412] vfs_kern_mount.part.26+0xc6/0x4a0 [ 28.341979] ? may_umount+0xa0/0xa0 [ 28.345589] ? _raw_read_unlock+0x22/0x30 [ 28.349721] ? __get_fs_type+0x8a/0xc0 [ 28.353603] do_mount+0xea4/0x2bb0 [ 28.357126] ? __might_fault+0x110/0x1d0 [ 28.361183] ? copy_mount_string+0x40/0x40 [ 28.365401] ? check_same_owner+0x320/0x320 [ 28.369707] ? __check_object_size+0x8b/0x530 [ 28.374198] ? __might_sleep+0x95/0x190 [ 28.378176] ? kasan_check_write+0x14/0x20 [ 28.382394] ? _copy_from_user+0x99/0x110 [ 28.386533] ? memdup_user+0x5e/0x90 [ 28.390317] ? copy_mount_options+0x1f7/0x2e0 [ 28.394807] SyS_mount+0xab/0x120 [ 28.398246] ? copy_mnt_ns+0xb30/0xb30 [ 28.402121] do_syscall_64+0x281/0x940 [ 28.405992] ? __do_page_fault+0xc90/0xc90 [ 28.410223] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.414967] ? syscall_return_slowpath+0x550/0x550 [ 28.419881] ? syscall_return_slowpath+0x2ac/0x550 [ 28.424803] ? prepare_exit_to_usermode+0x350/0x350 [ 28.429818] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 28.435179] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.440019] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.445192] RIP: 0033:0x442a19 executing program [ 28.448365] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 28.456057] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 28.463319] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 28.470574] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 28.477838] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 28.485093] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 [ 28.492379] CPU: 0 PID: 4447 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 28.497623] FAULT_INJECTION: forcing a failure. [ 28.497623] name failslab, interval 1, probability 0, space 0, times 0 [ 28.499740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.499745] Call Trace: [ 28.499761] dump_stack+0x194/0x24d [ 28.499778] ? arch_local_irq_restore+0x53/0x53 [ 28.531097] ? __save_stack_trace+0x7e/0xd0 [ 28.535419] should_fail+0x8c0/0xa40 [ 28.539123] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 28.544218] ? kasan_kmalloc+0xad/0xe0 [ 28.548084] ? kmem_cache_alloc_trace+0x136/0x740 [ 28.552909] ? __memcg_init_list_lru_node+0x169/0x270 [ 28.558081] ? __list_lru_init+0x544/0x750 [ 28.562307] ? sget_userns+0x6b1/0xe40 [ 28.566180] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 28.570918] ? do_mount+0xea4/0x2bb0 [ 28.574624] ? SyS_mount+0xab/0x120 [ 28.578234] ? do_syscall_64+0x281/0x940 [ 28.582280] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.587637] ? find_held_lock+0x35/0x1d0 [ 28.591690] ? __lock_is_held+0xb6/0x140 [ 28.595755] ? check_same_owner+0x320/0x320 [ 28.600066] ? rcu_note_context_switch+0x710/0x710 [ 28.604991] should_failslab+0xec/0x120 [ 28.608953] kmem_cache_alloc_trace+0x4b/0x740 [ 28.613517] ? __kmalloc_node+0x33/0x70 [ 28.617473] ? __kmalloc_node+0x33/0x70 [ 28.621430] ? rcu_read_lock_sched_held+0x108/0x120 [ 28.626524] __memcg_init_list_lru_node+0x169/0x270 [ 28.631530] ? list_lru_add+0x7c0/0x7c0 [ 28.635486] ? __kmalloc_node+0x47/0x70 [ 28.639459] __list_lru_init+0x544/0x750 [ 28.643513] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 28.649385] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 28.654399] ? lockdep_init_map+0x9/0x10 [ 28.658450] sget_userns+0x6b1/0xe40 [ 28.662150] ? set_anon_super+0x20/0x20 [ 28.666116] ? put_filp+0x90/0x90 [ 28.669557] ? destroy_unused_super.part.6+0xd0/0xd0 [ 28.674647] ? alloc_vfsmnt+0x762/0x9c0 [ 28.678690] ? path_lookupat+0x238/0xba0 [ 28.682737] ? mnt_free_id.isra.21+0x50/0x50 [ 28.687134] ? trace_hardirqs_off+0x10/0x10 [ 28.691445] ? putname+0xee/0x130 [ 28.694888] ? cap_capable+0x1b5/0x230 [ 28.698771] ? security_capable+0x8e/0xc0 [ 28.702910] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 28.708108] ? ns_capable_common+0xcf/0x160 [ 28.712417] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 28.717587] mount_ns+0x6d/0x190 [ 28.720943] rpc_mount+0x9e/0xd0 [ 28.724301] mount_fs+0x66/0x2d0 [ 28.727659] vfs_kern_mount.part.26+0xc6/0x4a0 [ 28.732231] ? may_umount+0xa0/0xa0 [ 28.735843] ? _raw_read_unlock+0x22/0x30 [ 28.739977] ? __get_fs_type+0x8a/0xc0 [ 28.743858] do_mount+0xea4/0x2bb0 [ 28.747377] ? __might_fault+0x110/0x1d0 [ 28.751434] ? copy_mount_string+0x40/0x40 [ 28.755654] ? check_same_owner+0x320/0x320 [ 28.759976] ? __check_object_size+0x8b/0x530 [ 28.764479] ? __might_sleep+0x95/0x190 [ 28.768452] ? kasan_check_write+0x14/0x20 [ 28.772669] ? _copy_from_user+0x99/0x110 [ 28.776805] ? memdup_user+0x5e/0x90 [ 28.780502] ? copy_mount_options+0x1f7/0x2e0 [ 28.784988] SyS_mount+0xab/0x120 [ 28.788424] ? copy_mnt_ns+0xb30/0xb30 [ 28.792318] do_syscall_64+0x281/0x940 [ 28.796188] ? __do_page_fault+0xc90/0xc90 [ 28.800407] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 28.805150] ? syscall_return_slowpath+0x550/0x550 [ 28.810066] ? syscall_return_slowpath+0x2ac/0x550 [ 28.814983] ? prepare_exit_to_usermode+0x350/0x350 [ 28.819984] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 28.825343] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 28.830202] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.835377] RIP: 0033:0x442a19 [ 28.838550] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 28.846242] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 28.853497] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 28.860754] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000300000000 [ 28.868008] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 28.875264] R13: 0000000000000005 R14: 0000000000001380 R15: 00007fffef562b78 [ 28.882553] CPU: 1 PID: 4446 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 28.887525] ------------[ cut here ]------------ [ 28.889914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.889918] Call Trace: [ 28.889934] dump_stack+0x194/0x24d [ 28.889948] ? arch_local_irq_restore+0x53/0x53 [ 28.894702] refcount_t: increment on 0; use-after-free. [ 28.904046] ? __save_stack_trace+0x7e/0xd0 [ 28.904069] should_fail+0x8c0/0xa40 [ 28.904083] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 28.904094] ? kasan_kmalloc+0xad/0xe0 [ 28.906768] WARNING: CPU: 0 PID: 4432 at lib/refcount.c:153 refcount_inc+0x47/0x50 [ 28.910258] ? kmem_cache_alloc_trace+0x136/0x740 [ 28.914897] Kernel panic - not syncing: panic_on_warn set ... [ 28.914897] [ 28.920247] ? __memcg_init_list_lru_node+0x169/0x270 [ 28.962417] ? __list_lru_init+0x544/0x750 [ 28.966636] ? sget_userns+0x6b1/0xe40 [ 28.970510] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 28.975246] ? do_mount+0xea4/0x2bb0 [ 28.978938] ? SyS_mount+0xab/0x120 [ 28.982545] ? do_syscall_64+0x281/0x940 [ 28.986584] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 28.991938] ? find_held_lock+0x35/0x1d0 [ 28.995988] ? __lock_is_held+0xb6/0x140 [ 29.000047] ? check_same_owner+0x320/0x320 [ 29.004354] ? rcu_note_context_switch+0x710/0x710 [ 29.009368] should_failslab+0xec/0x120 [ 29.013343] kmem_cache_alloc_trace+0x4b/0x740 [ 29.017925] __memcg_init_list_lru_node+0x169/0x270 [ 29.022929] ? list_lru_add+0x7c0/0x7c0 [ 29.026884] ? __kmalloc_node+0x47/0x70 [ 29.030850] __list_lru_init+0x544/0x750 [ 29.034900] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 29.040775] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.045787] ? lockdep_init_map+0x9/0x10 [ 29.049835] sget_userns+0x6b1/0xe40 [ 29.053530] ? set_anon_super+0x20/0x20 [ 29.057491] ? put_filp+0x90/0x90 [ 29.060927] ? destroy_unused_super.part.6+0xd0/0xd0 [ 29.066013] ? alloc_vfsmnt+0x762/0x9c0 [ 29.069970] ? path_lookupat+0x238/0xba0 [ 29.074014] ? mnt_free_id.isra.21+0x50/0x50 [ 29.078409] ? trace_hardirqs_off+0x10/0x10 [ 29.082724] ? putname+0xee/0x130 [ 29.086167] ? cap_capable+0x1b5/0x230 [ 29.090044] ? security_capable+0x8e/0xc0 [ 29.094181] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.099354] ? ns_capable_common+0xcf/0x160 [ 29.103662] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.108834] mount_ns+0x6d/0x190 [ 29.112190] rpc_mount+0x9e/0xd0 [ 29.115549] mount_fs+0x66/0x2d0 [ 29.118903] vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.123478] ? may_umount+0xa0/0xa0 [ 29.127085] ? _raw_read_unlock+0x22/0x30 [ 29.131216] ? __get_fs_type+0x8a/0xc0 [ 29.135102] do_mount+0xea4/0x2bb0 [ 29.138622] ? __might_fault+0x110/0x1d0 [ 29.142673] ? copy_mount_string+0x40/0x40 [ 29.146885] ? check_same_owner+0x320/0x320 [ 29.151192] ? __check_object_size+0x8b/0x530 [ 29.155677] ? __might_sleep+0x95/0x190 [ 29.159639] ? kasan_check_write+0x14/0x20 [ 29.163865] ? _copy_from_user+0x99/0x110 [ 29.167998] ? memdup_user+0x5e/0x90 [ 29.171712] ? copy_mount_options+0x1f7/0x2e0 [ 29.176196] SyS_mount+0xab/0x120 [ 29.179630] ? copy_mnt_ns+0xb30/0xb30 [ 29.183501] do_syscall_64+0x281/0x940 [ 29.187367] ? __do_page_fault+0xc90/0xc90 [ 29.191586] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 29.196325] ? syscall_return_slowpath+0x550/0x550 [ 29.201239] ? syscall_return_slowpath+0x2ac/0x550 [ 29.206156] ? prepare_exit_to_usermode+0x350/0x350 [ 29.211162] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.216520] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.221360] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.226532] RIP: 0033:0x442a19 [ 29.229701] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.237393] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 29.244669] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 29.251923] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000300000000 [ 29.259178] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 29.266458] R13: 0000000000000005 R14: 0000000000001380 R15: 00007fffef562b78 [ 29.273742] CPU: 0 PID: 4432 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 29.281110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.290465] Call Trace: [ 29.293058] dump_stack+0x194/0x24d [ 29.296688] ? arch_local_irq_restore+0x53/0x53 [ 29.301361] ? vsnprintf+0x1ed/0x1900 executing program [ 29.305165] panic+0x1e4/0x41c [ 29.308356] ? refcount_error_report+0x214/0x214 [ 29.313106] ? show_regs_print_info+0x18/0x18 [ 29.317600] ? vprintk_emit+0xa5f/0xb90 [ 29.321571] ? __warn+0x1c1/0x200 [ 29.325025] ? refcount_inc+0x47/0x50 [ 29.325596] FAULT_INJECTION: forcing a failure. [ 29.325596] name failslab, interval 1, probability 0, space 0, times 0 [ 29.328811] __warn+0x1dc/0x200 [ 29.328822] ? refcount_inc+0x47/0x50 [ 29.328838] report_bug+0x1f4/0x2b0 [ 29.328856] fixup_bug.part.11+0x37/0x80 [ 29.328868] do_error_trap+0x2d7/0x3e0 [ 29.358574] ? vprintk_default+0x28/0x30 [ 29.362622] ? math_error+0x400/0x400 [ 29.366405] ? printk+0xaa/0xca [ 29.369671] ? show_regs_print_info+0x18/0x18 [ 29.374162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.378998] do_invalid_op+0x1b/0x20 [ 29.382696] invalid_op+0x1b/0x40 [ 29.386132] RIP: 0010:refcount_inc+0x47/0x50 [ 29.390518] RSP: 0018:ffff8801b19af860 EFLAGS: 00010286 [ 29.395863] RAX: dffffc0000000008 RBX: ffff8801b1c20144 RCX: ffffffff815ba4be [ 29.403114] RDX: 0000000000000000 RSI: 1ffff10036335ebc RDI: 1ffff10036335e91 [ 29.410365] RBP: ffff8801b19af868 R08: 0000000000000000 R09: 0000000000000000 [ 29.417615] R10: 0000000000000000 R11: 0000000000000000 R12: ffff8801b19afaf8 [ 29.424865] R13: ffff8801b8af1513 R14: ffff8801b1c20140 R15: ffff8801b8af1501 [ 29.432132] ? vprintk_func+0x5e/0xc0 [ 29.435929] sk_alloc+0x3f9/0x1440 [ 29.439456] ? sock_def_error_report+0x5e0/0x5e0 [ 29.444196] ? __raw_spin_lock_init+0x2d/0x100 [ 29.448765] ? trace_hardirqs_off+0x10/0x10 [ 29.453068] ? do_raw_write_unlock+0x290/0x290 [ 29.457635] ? trace_hardirqs_off+0x10/0x10 [ 29.461937] ? __raw_spin_lock_init+0x1c/0x100 [ 29.466505] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.471518] ? find_held_lock+0x35/0x1d0 [ 29.475581] ? inet_create+0x3fc/0xf50 [ 29.479453] ? lock_downgrade+0x980/0x980 [ 29.483589] ? lock_release+0xa40/0xa40 [ 29.487542] ? lock_downgrade+0x980/0x980 [ 29.491698] inet_create+0x47c/0xf50 [ 29.495404] ? ipip_gro_receive+0xf0/0xf0 [ 29.499539] ? __lock_is_held+0xb6/0x140 [ 29.503601] __sock_create+0x4d4/0x850 [ 29.507478] ? kernel_sock_ip_overhead+0x4c0/0x4c0 [ 29.512403] ? user_path_create+0x40/0x40 [ 29.516545] SyS_socket+0xeb/0x1d0 [ 29.520073] ? move_addr_to_kernel+0x60/0x60 [ 29.524467] ? do_syscall_64+0xb7/0x940 [ 29.528429] ? move_addr_to_kernel+0x60/0x60 [ 29.532822] do_syscall_64+0x281/0x940 [ 29.536692] ? __do_page_fault+0xc90/0xc90 [ 29.540914] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 29.546435] ? syscall_return_slowpath+0x550/0x550 [ 29.551349] ? syscall_return_slowpath+0x2ac/0x550 [ 29.556271] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.561623] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.566458] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.572519] RIP: 0033:0x445497 [ 29.575777] RSP: 002b:00007fffef562a38 EFLAGS: 00000206 ORIG_RAX: 0000000000000029 [ 29.583466] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445497 [ 29.590724] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 29.597974] RBP: 00007fffef562b50 R08: 0000000000000000 R09: 0000000000000001 [ 29.605225] R10: 0000000000000006 R11: 0000000000000206 R12: 0000000000000002 [ 29.612480] R13: 0000000000000002 R14: 0000000000006860 R15: 00007fffef562b78 [ 29.619768] CPU: 1 PID: 4449 Comm: syzkaller721843 Not tainted 4.16.0-rc6+ #40 [ 29.627120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.636452] Call Trace: [ 29.639020] dump_stack+0x194/0x24d [ 29.642631] ? arch_local_irq_restore+0x53/0x53 [ 29.647277] ? __save_stack_trace+0x7e/0xd0 [ 29.651588] should_fail+0x8c0/0xa40 [ 29.655287] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 29.660369] ? kasan_kmalloc+0xad/0xe0 [ 29.664229] ? kmem_cache_alloc_trace+0x136/0x740 [ 29.669050] ? __memcg_init_list_lru_node+0x169/0x270 [ 29.674219] ? __list_lru_init+0x544/0x750 [ 29.678430] ? sget_userns+0x6b1/0xe40 [ 29.682300] ? vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.687032] ? do_mount+0xea4/0x2bb0 [ 29.690719] ? SyS_mount+0xab/0x120 [ 29.694332] ? do_syscall_64+0x281/0x940 [ 29.698382] ? entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.703731] ? find_held_lock+0x35/0x1d0 [ 29.707781] ? __lock_is_held+0xb6/0x140 [ 29.711837] ? check_same_owner+0x320/0x320 [ 29.716139] ? rcu_note_context_switch+0x710/0x710 [ 29.721055] should_failslab+0xec/0x120 [ 29.725008] kmem_cache_alloc_trace+0x4b/0x740 [ 29.729567] ? __kmalloc_node+0x33/0x70 [ 29.733517] ? __kmalloc_node+0x33/0x70 [ 29.737470] ? rcu_read_lock_sched_held+0x108/0x120 [ 29.742470] __memcg_init_list_lru_node+0x169/0x270 [ 29.747471] ? list_lru_add+0x7c0/0x7c0 [ 29.751423] ? __kmalloc_node+0x47/0x70 [ 29.756293] __list_lru_init+0x544/0x750 [ 29.760343] ? memcg_destroy_list_lru_node.isra.7+0x110/0x110 [ 29.766210] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 29.771212] ? lockdep_init_map+0x9/0x10 [ 29.775256] sget_userns+0x6b1/0xe40 [ 29.778947] ? set_anon_super+0x20/0x20 [ 29.782994] ? put_filp+0x90/0x90 [ 29.786428] ? destroy_unused_super.part.6+0xd0/0xd0 [ 29.791507] ? alloc_vfsmnt+0x762/0x9c0 [ 29.795461] ? path_lookupat+0x238/0xba0 [ 29.799501] ? mnt_free_id.isra.21+0x50/0x50 [ 29.803892] ? trace_hardirqs_off+0x10/0x10 [ 29.808194] ? putname+0xee/0x130 [ 29.811630] ? cap_capable+0x1b5/0x230 [ 29.815505] ? security_capable+0x8e/0xc0 [ 29.819637] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.824805] ? ns_capable_common+0xcf/0x160 [ 29.829109] ? rpc_remove_pipe_dir_object+0x6d0/0x6d0 [ 29.834275] mount_ns+0x6d/0x190 [ 29.837626] rpc_mount+0x9e/0xd0 [ 29.840976] mount_fs+0x66/0x2d0 [ 29.844329] vfs_kern_mount.part.26+0xc6/0x4a0 [ 29.848894] ? may_umount+0xa0/0xa0 [ 29.852501] ? _raw_read_unlock+0x22/0x30 [ 29.856626] ? __get_fs_type+0x8a/0xc0 [ 29.860498] do_mount+0xea4/0x2bb0 [ 29.864017] ? __might_fault+0x110/0x1d0 [ 29.868067] ? copy_mount_string+0x40/0x40 [ 29.872284] ? check_same_owner+0x320/0x320 [ 29.877196] ? __check_object_size+0x8b/0x530 [ 29.881681] ? __might_sleep+0x95/0x190 [ 29.885643] ? kasan_check_write+0x14/0x20 [ 29.889856] ? _copy_from_user+0x99/0x110 [ 29.893986] ? memdup_user+0x5e/0x90 [ 29.897678] ? copy_mount_options+0x1f7/0x2e0 [ 29.902174] SyS_mount+0xab/0x120 [ 29.905605] ? copy_mnt_ns+0xb30/0xb30 [ 29.909475] do_syscall_64+0x281/0x940 [ 29.913341] ? __do_page_fault+0xc90/0xc90 [ 29.917553] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 29.922291] ? syscall_return_slowpath+0x550/0x550 [ 29.927201] ? syscall_return_slowpath+0x2ac/0x550 [ 29.932111] ? prepare_exit_to_usermode+0x350/0x350 [ 29.937108] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 29.942457] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 29.947310] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 29.952479] RIP: 0033:0x442a19 [ 29.955647] RSP: 002b:00007fffef562a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 29.963333] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442a19 [ 29.970582] RDX: 0000000020000480 RSI: 0000000020000180 RDI: 0000000020000100 [ 29.977831] RBP: 00007fffef5632e0 R08: 0000000000000000 R09: 0000000000000000 [ 29.985081] R10: 0000000000200000 R11: 0000000000000246 R12: ffffffffffffffff [ 29.992333] R13: 0000000000000005 R14: 0000000000000000 R15: 00007fffef562b78 [ 29.999637] Dumping ftrace buffer: [ 30.003352] (ftrace buffer empty) [ 30.007037] Kernel Offset: disabled [ 30.010640] Rebooting in 86400 seconds..