============================= tcp_getsockopt+0x82/0xd0 net/ipv4/tcp.c:3359 sock_common_getsockopt+0x95/0xd0 net/core/sock.c:2934 SYSC_getsockopt net/socket.c:1880 [inline] SyS_getsockopt+0x178/0x340 net/socket.c:1862 WARNING: suspicious RCU usage 4.15.0+ #222 Not tainted do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 ----------------------------- ./include/linux/rcupdate.h:302 Illegal context switch in RCU read-side critical section! other info that might help us debug this: entry_SYSCALL_64_after_hwframe+0x26/0x9b rcu_scheduler_active = 2, debug_locks = 1 RIP: 0033:0x453a59 RSP: 002b:00007fa61b3c1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 00007fa61b3c26d4 RCX: 0000000000453a59 RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000013 1 lock held by syz-executor6/6231: RBP: 000000000071bea0 R08: 0000000020fedffc R09: 0000000000000000 R10: 000000002000d000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000000cc R14: 00000000006f13c0 R15: 0000000000000000 syz-executor3: vmalloc: allocation failure: 40 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) #0: syz-executor3 cpuset= (rcu_read_lock){....}, at: [<000000000af243c7>] __rds_conn_create+0xe46/0x1b50 net/rds/connection.c:218 / stack backtrace: mems_allowed=0 CPU: 0 PID: 6232 Comm: syz-executor3 Not tainted 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 warn_alloc+0x19a/0x2b0 mm/page_alloc.c:3306 __vmalloc_node_range+0x4f0/0x650 mm/vmalloc.c:1775 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags mm/vmalloc.c:1818 [inline] vmalloc+0x45/0x50 mm/vmalloc.c:1840 ip_set_sockfn_get+0x2c1/0xd30 net/netfilter/ipset/ip_set_core.c:1943 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x6a/0xc0 net/netfilter/nf_sockopt.c:122 ip_getsockopt+0x15c/0x220 net/ipv4/ip_sockglue.c:1571 udp_getsockopt+0x45/0x80 net/ipv4/udp.c:2473 ipv6_getsockopt+0xf3/0x2e0 net/ipv6/ipv6_sockglue.c:1356 tcp_getsockopt+0x82/0xd0 net/ipv4/tcp.c:3359 sock_common_getsockopt+0x95/0xd0 net/core/sock.c:2934 SYSC_getsockopt net/socket.c:1880 [inline] SyS_getsockopt+0x178/0x340 net/socket.c:1862 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007fa61b3c1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 00007fa61b3c26d4 RCX: 0000000000453a59 RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000020fedffc R09: 0000000000000000 R10: 000000002000d000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000000cc R14: 00000000006f13c0 R15: 0000000000000000 CPU: 1 PID: 6231 Comm: syz-executor6 Not tainted 4.15.0+ #222 Mem-Info: Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 active_anon:50145 inactive_anon:64 isolated_anon:0 active_file:3490 inactive_file:8326 isolated_file:0 unevictable:0 dirty:6419 writeback:0 unstable:0 slab_reclaimable:7451 slab_unreclaimable:90441 mapped:24138 shmem:70 pagetables:621 bounce:0 free:1441693 free_pcp:344 free_cma:0 lockdep_rcu_suspicious+0x123/0x170 kernel/locking/lockdep.c:4592 Node 0 active_anon:200580kB inactive_anon:256kB active_file:13960kB inactive_file:33304kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:96552kB dirty:25676kB writeback:0kB shmem:280kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 90112kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no rcu_preempt_sleep_check include/linux/rcupdate.h:301 [inline] ___might_sleep+0x385/0x470 kernel/sched/core.c:6093 Node 0 __might_sleep+0x95/0x190 kernel/sched/core.c:6081 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB slab_pre_alloc_hook mm/slab.h:420 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc_trace+0x299/0x740 mm/slab.c:3605 lowmem_reserve[]: kmalloc include/linux/slab.h:512 [inline] kzalloc include/linux/slab.h:701 [inline] rds_loop_conn_alloc+0xc8/0x380 net/rds/loop.c:126 0 2868 6378 __rds_conn_create+0x112f/0x1b50 net/rds/connection.c:227 6378 Node 0 DMA32 free:2939236kB min:30316kB low:37892kB high:45468kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2939944kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:708kB local_pcp:44kB free_cma:0kB lowmem_reserve[]: 0 rds_conn_create_outgoing+0x3f/0x50 net/rds/connection.c:309 0 rds_sendmsg+0xda3/0x2390 net/rds/send.c:1126 3510 3510 Node 0 Normal free:2811628kB min:37100kB low:46372kB high:55644kB active_anon:200580kB inactive_anon:256kB active_file:13960kB inactive_file:33304kB unevictable:0kB writepending:25676kB present:4718592kB managed:3594328kB mlocked:0kB kernel_stack:4128kB pagetables:2484kB bounce:0kB free_pcp:668kB local_pcp:284kB free_cma:0kB lowmem_reserve[]: sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 0 SYSC_sendto+0x361/0x5c0 net/socket.c:1747 0 0 0 Node 0 SyS_sendto+0x40/0x50 net/socket.c:1715 DMA: do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 1*4kB (U) 0*8kB 0*16kB entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 1*32kB RSP: 002b:00007f083eeb4c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f083eeb56d4 RCX: 0000000000453a59 RDX: 000000000000fffa RSI: 00000000204b3fff RDI: 0000000000000013 RBP: 000000000071bea0 R08: 00000000202b4000 R09: 0000000000000010 (U) R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004b9 R14: 00000000006f71f8 R15: 0000000000000000 BUG: sleeping function called from invalid context at mm/slab.h:420 2*64kB (U) in_atomic(): 1, irqs_disabled(): 0, pid: 6231, name: syz-executor6 1*128kB (U) 1 lock held by syz-executor6/6231: 1*256kB #0: (U) 0*512kB 1*1024kB ( (U) 1*2048kB rcu_read_lock (M) ){....} 3*4096kB (M) , at: [<000000000af243c7>] __rds_conn_create+0xe46/0x1b50 net/rds/connection.c:218 = 15908kB CPU: 1 PID: 6231 Comm: syz-executor6 Not tainted 4.15.0+ #222 Node 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 DMA32: ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6128 3*4kB (M) __might_sleep+0x95/0x190 kernel/sched/core.c:6081 3*8kB slab_pre_alloc_hook mm/slab.h:420 [inline] slab_alloc mm/slab.c:3365 [inline] kmem_cache_alloc_trace+0x299/0x740 mm/slab.c:3605 (M) kmalloc include/linux/slab.h:512 [inline] kzalloc include/linux/slab.h:701 [inline] rds_loop_conn_alloc+0xc8/0x380 net/rds/loop.c:126 2*16kB (M) 3*32kB __rds_conn_create+0x112f/0x1b50 net/rds/connection.c:227 (M) 3*64kB (M) 2*128kB (M) 1*256kB rds_conn_create_outgoing+0x3f/0x50 net/rds/connection.c:309 rds_sendmsg+0xda3/0x2390 net/rds/send.c:1126 (M) 3*512kB (M) 2*1024kB (M) 1*2048kB (M) sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 716*4096kB SYSC_sendto+0x361/0x5c0 net/socket.c:1747 (M) = 2939236kB Node 0 Normal: 239*4kB SyS_sendto+0x40/0x50 net/socket.c:1715 (UME) do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 1047*8kB (UME) 1505*16kB (UME) entry_SYSCALL_64_after_hwframe+0x26/0x9b 286*32kB RIP: 0033:0x453a59 RSP: 002b:00007f083eeb4c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f083eeb56d4 RCX: 0000000000453a59 (UME) RDX: 000000000000fffa RSI: 00000000204b3fff RDI: 0000000000000013 RBP: 000000000071bea0 R08: 00000000202b4000 R09: 0000000000000010 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 00000000000004b9 R14: 00000000006f71f8 R15: 0000000000000000 30*64kB (UME) 14*128kB (UME) 6*256kB (UME) 74*512kB (UME) 66*1024kB (UME) 2*2048kB (UM) 648*4096kB (M) = 2811588kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 11885 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965969 pages RAM 0 pages HighMem/MovableOnly 328424 pages reserved Cannot find add_set index 1506 as target Cannot find add_set index 1506 as target FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 6447 Comm: syz-executor2 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3648 kmalloc_node include/linux/slab.h:550 [inline] kzalloc_node include/linux/slab.h:712 [inline] __get_vm_area_node+0xae/0x340 mm/vmalloc.c:1402 __vmalloc_node_range+0xa3/0x650 mm/vmalloc.c:1754 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags mm/vmalloc.c:1818 [inline] vmalloc+0x45/0x50 mm/vmalloc.c:1840 ip_set_sockfn_get+0x2c1/0xd30 net/netfilter/ipset/ip_set_core.c:1943 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x6a/0xc0 net/netfilter/nf_sockopt.c:122 ip_getsockopt+0x15c/0x220 net/ipv4/ip_sockglue.c:1571 udp_getsockopt+0x45/0x80 net/ipv4/udp.c:2473 ipv6_getsockopt+0xf3/0x2e0 net/ipv6/ipv6_sockglue.c:1356 tcp_getsockopt+0x82/0xd0 net/ipv4/tcp.c:3359 sock_common_getsockopt+0x95/0xd0 net/core/sock.c:2934 SYSC_getsockopt net/socket.c:1880 [inline] SyS_getsockopt+0x178/0x340 net/socket.c:1862 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f9b337d4c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 00007f9b337d56d4 RCX: 0000000000453a59 RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000020fedffc R09: 0000000000000000 R10: 000000002000d000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000000cc R14: 00000000006f13c0 R15: 0000000000000000 syz-executor2: vmalloc: allocation failure: 40 bytes, mode:0x14000c0(GFP_KERNEL), nodemask=(null) syz-executor2 cpuset=/ mems_allowed=0 CPU: 1 PID: 6447 Comm: syz-executor2 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 warn_alloc+0x19a/0x2b0 mm/page_alloc.c:3306 __vmalloc_node_range+0x4f0/0x650 mm/vmalloc.c:1775 __vmalloc_node mm/vmalloc.c:1804 [inline] __vmalloc_node_flags mm/vmalloc.c:1818 [inline] vmalloc+0x45/0x50 mm/vmalloc.c:1840 ip_set_sockfn_get+0x2c1/0xd30 net/netfilter/ipset/ip_set_core.c:1943 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline] nf_getsockopt+0x6a/0xc0 net/netfilter/nf_sockopt.c:122 ip_getsockopt+0x15c/0x220 net/ipv4/ip_sockglue.c:1571 udp_getsockopt+0x45/0x80 net/ipv4/udp.c:2473 ipv6_getsockopt+0xf3/0x2e0 net/ipv6/ipv6_sockglue.c:1356 tcp_getsockopt+0x82/0xd0 net/ipv4/tcp.c:3359 sock_common_getsockopt+0x95/0xd0 net/core/sock.c:2934 SYSC_getsockopt net/socket.c:1880 [inline] SyS_getsockopt+0x178/0x340 net/socket.c:1862 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f9b337d4c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 RAX: ffffffffffffffda RBX: 00007f9b337d56d4 RCX: 0000000000453a59 RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000020fedffc R09: 0000000000000000 R10: 000000002000d000 R11: 0000000000000246 R12: 0000000000000014 R13: 00000000000000cc R14: 00000000006f13c0 R15: 0000000000000000 Mem-Info: active_anon:48031 inactive_anon:64 isolated_anon:0 active_file:3490 inactive_file:8326 isolated_file:0 unevictable:0 dirty:6447 writeback:0 unstable:0 slab_reclaimable:7574 slab_unreclaimable:90022 mapped:24127 shmem:70 pagetables:609 bounce:0 free:1444211 free_pcp:453 free_cma:0 Node 0 active_anon:192124kB inactive_anon:256kB active_file:13960kB inactive_file:33304kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:96508kB dirty:25788kB writeback:0kB shmem:280kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 71680kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:164kB low:204kB high:244kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2868 6378 6378 Node 0 DMA32 free:2939236kB min:30316kB low:37892kB high:45468kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129292kB managed:2939944kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:708kB local_pcp:664kB free_cma:0kB lowmem_reserve[]: 0 0 3510 3510 Node 0 Normal free:2821700kB min:37100kB low:46372kB high:55644kB active_anon:192124kB inactive_anon:256kB active_file:13960kB inactive_file:33304kB unevictable:0kB writepending:25836kB present:4718592kB managed:3594328kB mlocked:0kB kernel_stack:3776kB pagetables:2436kB bounce:0kB free_pcp:1104kB local_pcp:400kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 3*4kB (M) 3*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 2*128kB (M) 1*256kB (M) 3*512kB (M) 2*1024kB (M) 1*2048kB (M) 716*4096kB (M) = 2939236kB Node 0 Normal: 140*4kB (UME) 814*8kB (UME) 1613*16kB (UME) 348*32kB (UME) 35*64kB (UME) 15*128kB (UME) 6*256kB (UME) 74*512kB (UME) 66*1024kB (UME) 4*2048kB (UM) 649*4096kB (M) = 2821680kB Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 11885 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965969 pages RAM 0 pages HighMem/MovableOnly 328424 pages reserved raw_sendmsg: syz-executor1 forgot to set AF_INET. Fix it! kauditd_printk_skb: 6 callbacks suppressed audit: type=1400 audit(1518289672.958:28): avc: denied { connect } for pid=6472 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=6516 comm=syz-executor7 sctp: [Deprecated]: syz-executor6 (pid 6525) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=6531 comm=syz-executor7 sctp: [Deprecated]: syz-executor6 (pid 6525) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead SELinux: unrecognized netlink message: protocol=0 nlmsg_type=256 sclass=netlink_route_socket pig=6566 comm=syz-executor7 nla_parse: 1 callbacks suppressed netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. audit: type=1400 audit(1518289674.384:29): avc: denied { map } for pid=6893 comm="syz-executor0" path="socket:[17723]" dev="sockfs" ino=17723 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=udp_socket permissive=1 netlink: 'syz-executor6': attribute type 1 has an invalid length. audit: type=1400 audit(1518289674.537:30): avc: denied { map_read map_write } for pid=6934 comm="syz-executor6" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1 audit: type=1400 audit(1518289675.432:31): avc: denied { ioctl } for pid=7208 comm="syz-executor6" path="socket:[18055]" dev="sockfs" ino=18055 ioctlcmd=0x89fd scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 l2tp_core: tunl 3: fd 19 wrong protocol, got 1, expected 17 l2tp_core: tunl 3: fd 19 wrong protocol, got 1, expected 17 audit: type=1400 audit(1518289676.052:32): avc: denied { setopt } for pid=7393 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1518289676.290:33): avc: denied { read } for pid=7457 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7544 Comm: syz-executor7 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3629 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:983 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1180 [inline] netlink_sendmsg+0xa86/0xe60 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 sock_write_iter+0x31a/0x5d0 net/socket.c:909 call_write_iter include/linux/fs.h:1781 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f255d730c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f255d7316d4 RCX: 0000000000453a59 RDX: 000000000000001f RSI: 000000002061cfe1 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 0000000000000655 R14: 00000000006f9898 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7566 Comm: syz-executor7 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3648 __do_kmalloc_node mm/slab.c:3668 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3683 __kmalloc_reserve.isra.39+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:983 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1180 [inline] netlink_sendmsg+0xa86/0xe60 net/netlink/af_netlink.c:1872 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 sock_write_iter+0x31a/0x5d0 net/socket.c:909 call_write_iter include/linux/fs.h:1781 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f255d730c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f255d7316d4 RCX: 0000000000453a59 RDX: 000000000000001f RSI: 000000002061cfe1 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 0000000000000655 R14: 00000000006f9898 R15: 0000000000000001 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 7625 Comm: syz-executor7 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3629 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:983 [inline] nlmsg_new include/net/netlink.h:511 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2376 netlink_rcv_skb+0x2b4/0x380 net/netlink/af_netlink.c:2448 nfnetlink_rcv+0x200/0x1920 net/netfilter/nfnetlink.c:513 netlink_unicast_kernel net/netlink/af_netlink.c:1308 [inline] netlink_unicast+0x4c4/0x6b0 net/netlink/af_netlink.c:1334 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1897 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 sock_write_iter+0x31a/0x5d0 net/socket.c:909 call_write_iter include/linux/fs.h:1781 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f255d730c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f255d7316d4 RCX: 0000000000453a59 RDX: 000000000000001f RSI: 000000002061cfe1 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 0000000000000655 R14: 00000000006f9898 R15: 0000000000000002 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7648 Comm: syz-executor7 Tainted: G W 4.15.0+ #222 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:422 [inline] slab_alloc_node mm/slab.c:3286 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3648 __do_kmalloc_node mm/slab.c:3668 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3683 __kmalloc_reserve.isra.39+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:983 [inline] nlmsg_new include/net/netlink.h:511 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2376 netlink_rcv_skb+0x2b4/0x380 net/netlink/af_netlink.c:2448 nfnetlink_rcv+0x200/0x1920 net/netfilter/nfnetlink.c:513 netlink_unicast_kernel net/netlink/af_netlink.c:1308 [inline] netlink_unicast+0x4c4/0x6b0 net/netlink/af_netlink.c:1334 netlink_sendmsg+0xa4a/0xe60 net/netlink/af_netlink.c:1897 sock_sendmsg_nosec net/socket.c:630 [inline] sock_sendmsg+0xca/0x110 net/socket.c:640 sock_write_iter+0x31a/0x5d0 net/socket.c:909 call_write_iter include/linux/fs.h:1781 [inline] new_sync_write fs/read_write.c:469 [inline] __vfs_write+0x684/0x970 fs/read_write.c:482 vfs_write+0x189/0x510 fs/read_write.c:544 SYSC_write fs/read_write.c:589 [inline] SyS_write+0xef/0x220 fs/read_write.c:581 do_syscall_64+0x282/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x26/0x9b RIP: 0033:0x453a59 RSP: 002b:00007f255d730c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007f255d7316d4 RCX: 0000000000453a59 RDX: 000000000000001f RSI: 000000002061cfe1 RDI: 0000000000000013 RBP: 000000000071bea0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 0000000000000655 R14: 00000000006f9898 R15: 0000000000000003 audit: type=1400 audit(1518289678.340:34): avc: denied { getopt } for pid=7742 comm="syz-executor1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 nla_parse: 16 callbacks suppressed netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. audit: type=1400 audit(1518289678.902:35): avc: denied { map } for pid=7919 comm="syz-executor7" path="socket:[19828]" dev="sockfs" ino=19828 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1518289678.902:36): avc: denied { read } for pid=7919 comm="syz-executor7" path="socket:[19828]" dev="sockfs" ino=19828 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1518289678.902:37): avc: denied { getattr } for pid=7919 comm="syz-executor7" path="socket:[19828]" dev="sockfs" ino=19828 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 audit: type=1400 audit(1518289678.959:38): avc: denied { accept } for pid=7927 comm="syz-executor0" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1 netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor7'.