IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready BUG: sleeping function called from invalid context at net/mac80211/sta_info.c:1844 in_atomic(): 0, irqs_disabled(): 0, pid: 12971, name: kworker/u4:11 4 locks held by kworker/u4:11/12971: #0: ("%s"wiphy_name(local->hw.wiphy)){+.+.}, at: [] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2087 #1: ((&sdata->work)){+.+.}, at: [] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2091 #2: (&wdev->mtx){+.+.}, at: [] sdata_lock net/mac80211/ieee80211_i.h:986 [inline] #2: (&wdev->mtx){+.+.}, at: [] ieee80211_ibss_work+0x72/0xc90 net/mac80211/ibss.c:1675 #3: (rcu_read_lock){....}, at: [] sta_info_insert_finish net/mac80211/sta_info.c:553 [inline] #3: (rcu_read_lock){....}, at: [] sta_info_insert_rcu+0x48d/0x1f40 net/mac80211/sta_info.c:634 Preemption disabled at: [] rcu_lockdep_current_cpu_online kernel/rcu/tree.c:1185 [inline] [] rcu_lockdep_current_cpu_online+0x30/0x140 kernel/rcu/tree.c:1177 CPU: 0 PID: 12971 Comm: kworker/u4:11 Not tainted 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: phy34 ieee80211_iface_work Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 ___might_sleep.cold+0x235/0x250 kernel/sched/core.c:6042 sta_info_move_state+0x32/0x930 net/mac80211/sta_info.c:1844 sta_info_free+0x50/0x330 net/mac80211/sta_info.c:260 sta_info_insert_rcu+0x23c/0x1f40 net/mac80211/sta_info.c:640 ieee80211_ibss_finish_sta+0x1db/0x2b0 net/mac80211/ibss.c:601 ieee80211_ibss_work+0x260/0xc90 net/mac80211/ibss.c:1692 ieee80211_iface_work+0x690/0x770 net/mac80211/iface.c:1383 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 Bluetooth: hci4 command 0x041b tx timeout FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop3): Unrecognized mount option "I4qq72" or missing value CPU: 1 PID: 27556 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3a6/0x450 net/ipv4/fib_frontend.c:901 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001e R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue print_req_error: I/O error, dev loop3, sector 0 Buffer I/O error on dev loop3, logical block 0, async page read print_req_error: I/O error, dev loop3, sector 4 Buffer I/O error on dev loop3, logical block 2, async page read print_req_error: I/O error, dev loop3, sector 6 Buffer I/O error on dev loop3, logical block 3, async page read FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 27603 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3a6/0x450 net/ipv4/fib_frontend.c:901 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000001f R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue netlink: 40 bytes leftover after parsing attributes in process `syz-executor.5'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 27642 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x58/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] pskb_expand_head+0x128/0xd30 net/core/skbuff.c:1462 netlink_trim+0x1ae/0x220 net/netlink/af_netlink.c:1269 netlink_broadcast_filtered+0x5d/0x9e0 net/netlink/af_netlink.c:1466 netlink_broadcast net/netlink/af_netlink.c:1511 [inline] nlmsg_multicast include/net/netlink.h:591 [inline] nlmsg_notify+0x126/0x170 net/netlink/af_netlink.c:2476 rtmsg_fib+0x364/0x4c0 net/ipv4/fib_semantics.c:428 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3a6/0x450 net/ipv4/fib_frontend.c:901 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000020 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 overlayfs: missing 'lowerdir' EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue CPU: 0 PID: 27664 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3a6/0x450 net/ipv4/fib_frontend.c:901 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 overlayfs: unrecognized mount option "18446744073709551615v50 s]'|WzQXySd4Qej0 ~3EuRvq8R?8B{3J+j7M^[ɲjF" or missing value RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000021 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c Bluetooth: hci0 command 0x040f tx timeout overlayfs: missing 'lowerdir' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop3): Unrecognized mount option "y̲V"7" or missing value CPU: 1 PID: 27711 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3a6/0x450 net/ipv4/fib_frontend.c:901 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000022 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c Bluetooth: hci4 command 0x040f tx timeout FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 27728 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: jfs: Unrecognized mount option "" or missing value __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] fib_create_info+0x700/0x3e30 net/ipv4/fib_semantics.c:1131 fib_table_insert+0x195/0x1330 net/ipv4/fib_trie.c:1142 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000023 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c BTRFS: device fsid f90cac8b-044b-4fa8-8bee-4b8d3da88dc2 devid 1 transid 7 /dev/loop5 print_req_error: I/O error, dev loop4, sector 0 jfs: Unrecognized mount option "" or missing value EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue BTRFS error (device loop5): superblock checksum mismatch BTRFS error (device loop5): open_ctree failed FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 27776 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] tnode_alloc net/ipv4/fib_trie.c:343 [inline] tnode_new+0x74/0x2a0 net/ipv4/fib_trie.c:390 inflate net/ipv4/fib_trie.c:550 [inline] resize+0x56f/0x1d00 net/ipv4/fib_trie.c:874 trie_rebalance net/ipv4/fib_trie.c:1014 [inline] fib_insert_node net/ipv4/fib_trie.c:1058 [inline] fib_insert_alias+0x9c0/0xc60 net/ipv4/fib_trie.c:1072 fib_table_insert+0x508/0x1330 net/ipv4/fib_trie.c:1268 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000024 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c BTRFS error (device loop5): superblock checksum mismatch BTRFS error (device loop5): open_ctree failed FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue audit: type=1804 audit(1606109318.585:72): pid=27795 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir725463809/syzkaller.xifYsF/8/bus" dev="sda1" ino=15795 res=1 CPU: 0 PID: 27800 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 fib_table_insert+0x329/0x1330 net/ipv4/fib_trie.c:1255 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 audit: type=1804 audit(1606109318.625:73): pid=27795 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir725463809/syzkaller.xifYsF/8/bus" dev="sda1" ino=15795 res=1 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000025 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c Bluetooth: hci0 command 0x0419 tx timeout EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue audit: type=1804 audit(1606109319.015:74): pid=27840 uid=0 auid=0 ses=4 op="invalid_pcr" cause="open_writers" comm="syz-executor.4" name="/root/syzkaller-testdir725463809/syzkaller.xifYsF/8/bus" dev="sda1" ino=15795 res=1 audit: type=1804 audit(1606109319.035:75): pid=27795 uid=0 auid=0 ses=4 op="invalid_pcr" cause="ToMToU" comm="syz-executor.4" name="/root/syzkaller-testdir725463809/syzkaller.xifYsF/8/bus" dev="sda1" ino=15795 res=1 Bluetooth: hci4 command 0x0419 tx timeout FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue CPU: 0 PID: 27860 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000026 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop3): Unrecognized mount option " 7c٣d'" or missing value CPU: 0 PID: 27912 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] tnode_alloc net/ipv4/fib_trie.c:343 [inline] tnode_new+0x74/0x2a0 net/ipv4/fib_trie.c:390 fib_insert_node net/ipv4/fib_trie.c:1038 [inline] fib_insert_alias+0x74b/0xc60 net/ipv4/fib_trie.c:1072 fib_table_insert+0x508/0x1330 net/ipv4/fib_trie.c:1268 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000027 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 EXT4-fs (loop3): Unrecognized mount option "_" or missing value CPU: 1 PID: 27947 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x47/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] sctp_inetaddr_event+0x348/0x650 net/sctp/protocol.c:801 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000028 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 27969 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] rtmsg_fib+0x1e8/0x4c0 net/ipv4/fib_semantics.c:415 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000029 R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs (loop3): Unrecognized mount option "func=MMAq_CHECK" or missing value EXT4-fs (loop3): Unrecognized mount option "func=MMAq_CHECK" or missing value netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 print_req_error: I/O error, dev loop3, sector 0 CPU: 0 PID: 28014 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Buffer I/O error on dev loop3, logical block 0, async page read Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x58/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] pskb_expand_head+0x128/0xd30 net/core/skbuff.c:1462 print_req_error: I/O error, dev loop3, sector 4 Buffer I/O error on dev loop3, logical block 2, async page read netlink_trim+0x1ae/0x220 net/netlink/af_netlink.c:1269 print_req_error: I/O error, dev loop3, sector 6 netlink_broadcast_filtered+0x5d/0x9e0 net/netlink/af_netlink.c:1466 netlink_broadcast net/netlink/af_netlink.c:1511 [inline] nlmsg_multicast include/net/netlink.h:591 [inline] nlmsg_notify+0x126/0x170 net/netlink/af_netlink.c:2476 rtmsg_fib+0x364/0x4c0 net/ipv4/fib_semantics.c:428 fib_table_insert+0x69c/0x1330 net/ipv4/fib_trie.c:1278 Buffer I/O error on dev loop3, logical block 3, async page read fib_magic+0x328/0x460 net/ipv4/fib_frontend.c:861 fib_add_ifaddr+0x3c7/0x450 net/ipv4/fib_frontend.c:902 fib_inetaddr_event+0x142/0x25f net/ipv4/fib_frontend.c:1166 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002a R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge) EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue netlink: 24 bytes leftover after parsing attributes in process `syz-executor.5'. EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 28036 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x47/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] sctp_inetaddr_event+0x348/0x650 net/sctp/protocol.c:801 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45deb9 RSP: 002b:00007fd9852e9c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000001ee00 RCX: 000000000045deb9 RDX: 0000000020000080 RSI: 0000000000008918 RDI: 0000000000000005 RBP: 00007fd9852e9ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002b R13: 00007fffafd56ccf R14: 00007fd9852ea9c0 R15: 000000000118bf2c EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 28071 Comm: syz-executor.2 Tainted: G W 4.14.208-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x68/0x400 mm/slab.c:3735 kmemdup+0x23/0x50 mm/util.c:118 kmemdup include/linux/string.h:445 [inline] sctp_addr_wq_mgmt+0x381/0x720 net/sctp/protocol.c:765 sctp_inetaddr_event+0x4fc/0x650 net/sctp/protocol.c:808 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 __blocking_notifier_call_chain kernel/notifier.c:317 [inline] __blocking_notifier_call_chain kernel/notifier.c:304 [inline] blocking_notifier_call_chain kernel/notifier.c:328 [inline] blocking_notifier_call_chain+0x79/0x90 kernel/notifier.c:325 __inet_insert_ifa+0x69e/0x8f0 net/ipv4/devinet.c:520 inet_insert_ifa net/ipv4/devinet.c:527 [inline] devinet_ioctl+0xb04/0x1520 net/ipv4/devinet.c:1183 inet_ioctl+0xf6/0x190 net/ipv4/af_inet.c:900 sock_do_ioctl net/socket.c:974 [inline] sock_ioctl+0x2cc/0x4c0 net/socket.c:1071 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684