================================ WARNING: inconsistent lock state 4.14.226-syzkaller #0 Not tainted -------------------------------- inconsistent {SOFTIRQ-ON-W} -> {IN-SOFTIRQ-W} usage. swapper/1/0 [HC0[0]:SC1[1]:HE1:SE0] takes: (slock-AF_BLUETOOTH-BTPROTO_SCO){+.?.}, at: [] spin_lock include/linux/spinlock.h:317 [inline] (slock-AF_BLUETOOTH-BTPROTO_SCO){+.?.}, at: [] sco_sock_timeout+0x29/0x1c0 net/bluetooth/sco.c:82 {SOFTIRQ-ON-W} state was registered at: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152 spin_lock include/linux/spinlock.h:317 [inline] sco_conn_del+0xbf/0x290 net/bluetooth/sco.c:175 sco_disconn_cfm+0x65/0xa0 net/bluetooth/sco.c:1134 hci_disconn_cfm include/net/bluetooth/hci_core.h:1226 [inline] hci_conn_hash_flush+0x127/0x260 net/bluetooth/hci_conn.c:1393 hci_dev_do_close+0x535/0xca0 net/bluetooth/hci_core.c:1622 hci_unregister_dev+0x17f/0x8c0 net/bluetooth/hci_core.c:3193 vhci_release+0x70/0xe0 drivers/bluetooth/hci_vhci.c:354 __fput+0x25f/0x7a0 fs/file_table.c:210 task_work_run+0x11f/0x190 kernel/task_work.c:113 exit_task_work include/linux/task_work.h:22 [inline] do_exit+0xa44/0x2850 kernel/exit.c:868 do_group_exit+0x100/0x2e0 kernel/exit.c:965 get_signal+0x38d/0x1ca0 kernel/signal.c:2423 do_signal+0x7c/0x1550 arch/x86/kernel/signal.c:814 exit_to_usermode_loop+0x160/0x200 arch/x86/entry/common.c:160 prepare_exit_to_usermode arch/x86/entry/common.c:199 [inline] syscall_return_slowpath arch/x86/entry/common.c:270 [inline] do_syscall_64+0x4a3/0x640 arch/x86/entry/common.c:297 entry_SYSCALL_64_after_hwframe+0x46/0xbb irq event stamp: 20628902 hardirqs last enabled at (20628902): [] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline] hardirqs last enabled at (20628902): [] _raw_spin_unlock_irq+0x24/0x80 kernel/locking/spinlock.c:200 hardirqs last disabled at (20628901): [] __raw_spin_lock_irq include/linux/spinlock_api_smp.h:126 [inline] hardirqs last disabled at (20628901): [] _raw_spin_lock_irq+0x35/0x80 kernel/locking/spinlock.c:168 softirqs last enabled at (20628790): [] irq_enter+0xbd/0xd0 kernel/softirq.c:350 softirqs last disabled at (20628791): [] invoke_softirq kernel/softirq.c:368 [inline] softirqs last disabled at (20628791): [] irq_exit+0x193/0x240 kernel/softirq.c:409 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(slock-AF_BLUETOOTH-BTPROTO_SCO); lock(slock-AF_BLUETOOTH-BTPROTO_SCO); *** DEADLOCK *** 1 lock held by swapper/1/0: #0: (((&sk->sk_timer))#2){+.-.}, at: [] lockdep_copy_map include/linux/lockdep.h:174 [inline] #0: (((&sk->sk_timer))#2){+.-.}, at: [] call_timer_fn+0xb8/0x650 kernel/time/timer.c:1270 stack backtrace: CPU: 1 PID: 0 Comm: swapper/1 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_usage_bug.cold+0x42e/0x570 kernel/locking/lockdep.c:2589 valid_state kernel/locking/lockdep.c:2602 [inline] mark_lock_irq kernel/locking/lockdep.c:2796 [inline] mark_lock+0xb4d/0x1050 kernel/locking/lockdep.c:3194 mark_irqflags kernel/locking/lockdep.c:3072 [inline] __lock_acquire+0xc81/0x3f20 kernel/locking/lockdep.c:3448 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __raw_spin_lock include/linux/spinlock_api_smp.h:142 [inline] _raw_spin_lock+0x2a/0x40 kernel/locking/spinlock.c:152 spin_lock include/linux/spinlock.h:317 [inline] sco_sock_timeout+0x29/0x1c0 net/bluetooth/sco.c:82 call_timer_fn+0x14a/0x650 kernel/time/timer.c:1280 expire_timers+0x232/0x4d0 kernel/time/timer.c:1319 __run_timers kernel/time/timer.c:1637 [inline] run_timer_softirq+0x1d5/0x5a0 kernel/time/timer.c:1650 __do_softirq+0x24d/0x9ff kernel/softirq.c:288 invoke_softirq kernel/softirq.c:368 [inline] irq_exit+0x193/0x240 kernel/softirq.c:409 exiting_irq arch/x86/include/asm/apic.h:638 [inline] smp_apic_timer_interrupt+0x141/0x5e0 arch/x86/kernel/apic/apic.c:1106 apic_timer_interrupt+0x93/0xa0 arch/x86/entry/entry_64.S:793 RIP: 0010:native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:61 RSP: 0018:ffff8880b5477e68 EFLAGS: 00000286 ORIG_RAX: ffffffffffffff10 RAX: 1ffffffff11e125c RBX: dffffc0000000000 RCX: 0000000000000000 RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8880b5468bc4 RBP: ffffffff88f092d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffed1016a8d068 R13: ffff8880b5468340 R14: 0000000000000000 R15: 0000000000000000 arch_safe_halt arch/x86/include/asm/paravirt.h:94 [inline] default_idle+0x47/0x370 arch/x86/kernel/process.c:558 cpuidle_idle_call kernel/sched/idle.c:156 [inline] do_idle+0x250/0x3c0 kernel/sched/idle.c:246 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:351 start_secondary+0x4db/0x670 arch/x86/kernel/smpboot.c:272 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 26561 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] SYSC_memfd_create mm/shmem.c:3738 [inline] SyS_memfd_create+0xbc/0x3c0 mm/shmem.c:3708 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f557ad93f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000466459 RDX: 00007f557ad94000 RSI: 0000000000000000 RDI: 00000000004beb78 RBP: 0000000000000000 R08: 00007f557ad93ff8 R09: ffffffffffffffff R10: 00007f557ad93ffc R11: 0000000000000246 R12: 0000000020000000 R13: 0000000020000080 R14: 0000000000000000 R15: 00000000200005c0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26587 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 __d_alloc+0x2a/0xa20 fs/dcache.c:1623 __shmem_file_setup.part.0+0xcb/0x3c0 mm/shmem.c:4260 __shmem_file_setup mm/shmem.c:4248 [inline] shmem_file_setup mm/shmem.c:4315 [inline] SYSC_memfd_create mm/shmem.c:3768 [inline] SyS_memfd_create+0x1fc/0x3c0 mm/shmem.c:3708 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f557ad93f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000466459 RDX: 00007f557ad94000 RSI: 0000000000000000 RDI: 00000000004beb78 RBP: 0000000000000000 R08: 00007f557ad93ff8 R09: ffffffffffffffff R10: 00007f557ad93ffc R11: 0000000000000246 R12: 0000000020000000 R13: 0000000020000080 R14: 0000000000000000 R15: 00000000200005c0 caif:caif_disconnect_client(): nothing to disconnect FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26594 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 shmem_alloc_inode+0x18/0x40 mm/shmem.c:3888 alloc_inode+0x5d/0x170 fs/inode.c:210 new_inode_pseudo fs/inode.c:899 [inline] new_inode+0x1d/0xf0 fs/inode.c:928 shmem_get_inode+0x8b/0x890 mm/shmem.c:2176 __shmem_file_setup.part.0+0x104/0x3c0 mm/shmem.c:4266 __shmem_file_setup mm/shmem.c:4248 [inline] shmem_file_setup mm/shmem.c:4315 [inline] SYSC_memfd_create mm/shmem.c:3768 [inline] SyS_memfd_create+0x1fc/0x3c0 mm/shmem.c:3708 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f557ad93f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000466459 RDX: 00007f557ad94000 RSI: 0000000000000000 RDI: 00000000004beb78 RBP: 0000000000000000 R08: 00007f557ad93ff8 R09: ffffffffffffffff R10: 00007f557ad93ffc R11: 0000000000000246 R12: 0000000020000000 R13: 0000000020000080 R14: 0000000000000000 R15: 00000000200005c0 caif:caif_disconnect_client(): nothing to disconnect FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26620 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] get_empty_filp+0x86/0x3e0 fs/file_table.c:123 alloc_file+0x23/0x440 fs/file_table.c:164 __shmem_file_setup.part.0+0x198/0x3c0 mm/shmem.c:4278 __shmem_file_setup mm/shmem.c:4248 [inline] shmem_file_setup mm/shmem.c:4315 [inline] SYSC_memfd_create mm/shmem.c:3768 [inline] SyS_memfd_create+0x1fc/0x3c0 mm/shmem.c:3708 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f557ad93f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000466459 RDX: 00007f557ad94000 RSI: 0000000000000000 RDI: 00000000004beb78 RBP: 0000000000000000 R08: 00007f557ad93ff8 R09: ffffffffffffffff R10: 00007f557ad93ffc R11: 0000000000000246 R12: 0000000020000000 R13: 0000000020000080 R14: 0000000000000000 R15: 00000000200005c0 Bluetooth: hci5 command 0x041b tx timeout FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26633 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x29a/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] aa_alloc_file_ctx security/apparmor/include/file.h:60 [inline] apparmor_file_alloc_security+0x129/0x800 security/apparmor/lsm.c:431 security_file_alloc+0x66/0xa0 security/security.c:874 get_empty_filp+0x15c/0x3e0 fs/file_table.c:129 alloc_file+0x23/0x440 fs/file_table.c:164 __shmem_file_setup.part.0+0x198/0x3c0 mm/shmem.c:4278 __shmem_file_setup mm/shmem.c:4248 [inline] shmem_file_setup mm/shmem.c:4315 [inline] SYSC_memfd_create mm/shmem.c:3768 [inline] SyS_memfd_create+0x1fc/0x3c0 mm/shmem.c:3708 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x466459 RSP: 002b:00007f557ad93f48 EFLAGS: 00000246 ORIG_RAX: 000000000000013f RAX: ffffffffffffffda RBX: 00000000200002c0 RCX: 0000000000466459 RDX: 00007f557ad94000 RSI: 0000000000000000 RDI: 00000000004beb78 RBP: 0000000000000000 R08: 00007f557ad93ff8 R09: ffffffffffffffff R10: 00007f557ad93ffc R11: 0000000000000246 R12: 0000000020000000 R13: 0000000020000080 R14: 0000000000000000 R15: 00000000200005c0 caif:caif_disconnect_client(): nothing to disconnect FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26662 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 getname_flags+0xc8/0x550 fs/namei.c:138 do_sys_open+0x1ce/0x410 fs/open.c:1075 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x419544 RSP: 002b:00007f557ad93ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00000000004afb60 RCX: 0000000000419544 RDX: 0000000000000002 RSI: 00007f557ad94000 RDI: 00000000ffffff9c RBP: 00007f557ad94000 R08: 0000000000000000 R09: ffffffffffffffff R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 R13: 0000000000000004 R14: 00000000200002c0 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 audit: type=1326 audit(1616141498.173:367): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=26681 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x466459 code=0x0 CPU: 1 PID: 26680 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 caif:caif_disconnect_client(): nothing to disconnect fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2898 [inline] prepare_alloc_pages mm/page_alloc.c:4131 [inline] __alloc_pages_nodemask+0x22c/0x2720 mm/page_alloc.c:4179 __alloc_pages include/linux/gfp.h:484 [inline] __alloc_pages_node include/linux/gfp.h:497 [inline] kmem_getpages mm/slab.c:1419 [inline] cache_grow_begin+0x91/0x630 mm/slab.c:2676 cache_alloc_refill+0x273/0x350 mm/slab.c:3043 ____cache_alloc mm/slab.c:3125 [inline] __do_cache_alloc mm/slab.c:3347 [inline] slab_alloc mm/slab.c:3382 [inline] kmem_cache_alloc+0x333/0x3c0 mm/slab.c:3550 getname_flags+0xc8/0x550 fs/namei.c:138 do_sys_open+0x1ce/0x410 fs/open.c:1075 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x419544 RSP: 002b:00007f557ad93ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00000000004afb60 RCX: 0000000000419544 RDX: 0000000000000002 RSI: 00007f557ad94000 RDI: 00000000ffffff9c RBP: 00007f557ad94000 R08: 0000000000000000 R09: ffffffffffffffff R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 R13: 0000000000000004 R14: 00000000200002c0 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 26696 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] get_empty_filp+0x86/0x3e0 fs/file_table.c:123 path_openat+0x84/0x2970 fs/namei.c:3545 do_filp_open+0x179/0x3c0 fs/namei.c:3603 do_sys_open+0x296/0x410 fs/open.c:1081 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x419544 RSP: 002b:00007f557ad93ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00000000004afb60 RCX: 0000000000419544 RDX: 0000000000000002 RSI: 00007f557ad94000 RDI: 00000000ffffff9c RBP: 00007f557ad94000 R08: 0000000000000000 R09: ffffffffffffffff R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 R13: 0000000000000004 R14: 00000000200002c0 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 26701 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 __d_alloc+0x2a/0xa20 fs/dcache.c:1623 d_alloc+0x46/0x240 fs/dcache.c:1710 d_alloc_parallel+0xd6/0x16b0 fs/dcache.c:2492 lookup_open+0x462/0x1750 fs/namei.c:3154 do_last fs/namei.c:3334 [inline] path_openat+0x14bb/0x2970 fs/namei.c:3569 do_filp_open+0x179/0x3c0 fs/namei.c:3603 do_sys_open+0x296/0x410 fs/open.c:1081 caif:caif_disconnect_client(): nothing to disconnect do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x419544 RSP: 002b:00007f557ad93ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00000000004afb60 RCX: 0000000000419544 RDX: 0000000000000002 RSI: 00007f557ad94000 RDI: 00000000ffffff9c RBP: 00007f557ad94000 R08: 0000000000000000 R09: ffffffffffffffff R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 R13: 0000000000000004 R14: 00000000200002c0 R15: 0000000000000000 audit: type=1326 audit(1616141499.003:368): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=26681 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=231 compat=0 ip=0x466459 code=0x0 caif:caif_disconnect_client(): nothing to disconnect FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26727 Comm: syz-executor.2 Not tainted 4.14.226-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 __d_alloc+0x2a/0xa20 fs/dcache.c:1623 d_alloc+0x46/0x240 fs/dcache.c:1710 d_alloc_parallel+0xd6/0x16b0 fs/dcache.c:2492 lookup_open+0x462/0x1750 fs/namei.c:3154 do_last fs/namei.c:3334 [inline] path_openat+0x14bb/0x2970 fs/namei.c:3569 do_filp_open+0x179/0x3c0 fs/namei.c:3603 do_sys_open+0x296/0x410 fs/open.c:1081 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x419544 RSP: 002b:00007f557ad93ed0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 RAX: ffffffffffffffda RBX: 00000000004afb60 RCX: 0000000000419544 RDX: 0000000000000002 RSI: 00007f557ad94000 RDI: 00000000ffffff9c RBP: 00007f557ad94000 R08: 0000000000000000 R09: ffffffffffffffff R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 R13: 0000000000000004 R14: 00000000200002c0 R15: 0000000000000000 caif:caif_disconnect_client(): nothing to disconnect Bluetooth: hci5 command 0x040f tx timeout caif:caif_disconnect_client(): nothing to disconnect caif:caif_disconnect_client(): nothing to disconnect caif:caif_disconnect_client(): nothing to disconnect Bluetooth: hci5 command 0x0419 tx timeout Bluetooth: hci5 command 0x0407 tx timeout jfs: Unrecognized mount option "gid=TjmLq\WI" or missing value jfs: Unrecognized mount option "gid=TjmLq\WI" or missing value jfs: Unrecognized mount option "gid=TjmLq\WI" or missing value jfs: Unrecognized mount option "gid=TjmLq\WI" or missing value jfs: Unrecognized mount option "gid=TjmLq\WI" or missing value print_req_error: I/O error, dev loop0, sector 0