====================================================== WARNING: possible circular locking dependency detected 4.14.177-syzkaller #0 Not tainted ------------------------------------------------------ kworker/u4:3/1672 is trying to acquire lock: (k-sk_lock-AF_INET){+.+.}, at: [] lock_sock include/net/sock.h:1467 [inline] (k-sk_lock-AF_INET){+.+.}, at: [] do_tcp_setsockopt.isra.0+0xfb/0x1c70 net/ipv4/tcp.c:2557 but task is already holding lock: ((&(&cp->cp_send_w)->work)){+.+.}, at: [] process_one_work+0x761/0x1540 kernel/workqueue.c:2091 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 ((&(&cp->cp_send_w)->work)){+.+.}: flush_work+0xae/0x780 kernel/workqueue.c:2889 __cancel_work_timer+0x2d0/0x460 kernel/workqueue.c:2964 rds_tcp_reset_callbacks+0x18d/0x450 net/rds/tcp.c:167 rds_tcp_accept_one+0x618/0x8b0 net/rds/tcp_listen.c:194 netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. rds_tcp_accept_worker+0x4d/0x70 net/rds/tcp.c:407 process_one_work+0x813/0x1540 kernel/workqueue.c:2116 worker_thread+0x5d1/0x1070 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 -> #0 (k-sk_lock-AF_INET){+.+.}: lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 lock_sock_nested+0xb7/0x100 net/core/sock.c:2773 lock_sock include/net/sock.h:1467 [inline] do_tcp_setsockopt.isra.0+0xfb/0x1c70 net/ipv4/tcp.c:2557 tcp_setsockopt+0xa7/0xc0 net/ipv4/tcp.c:2828 kernel_setsockopt+0xfb/0x1b0 net/socket.c:3396 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 rds_tcp_cork net/rds/tcp_send.c:43 [inline] rds_tcp_xmit_path_prepare+0xaf/0xe0 net/rds/tcp_send.c:50 rds_send_xmit+0x1cc/0x1c20 net/rds/send.c:187 rds_send_worker+0x6d/0x240 net/rds/threads.c:189 process_one_work+0x813/0x1540 kernel/workqueue.c:2116 worker_thread+0x5d1/0x1070 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((&(&cp->cp_send_w)->work)); SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 lock(k-sk_lock-AF_INET); lock((&(&cp->cp_send_w)->work)); lock(k-sk_lock-AF_INET); *** DEADLOCK *** 2 locks held by kworker/u4:3/1672: #0: ("%s""krdsd"){+.+.}, at: [] work_static include/linux/workqueue.h:199 [inline] #0: ("%s""krdsd"){+.+.}, at: [] set_work_data kernel/workqueue.c:619 [inline] #0: ("%s""krdsd"){+.+.}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:646 [inline] #0: ("%s""krdsd"){+.+.}, at: [] process_one_work+0x727/0x1540 kernel/workqueue.c:2087 #1: ((&(&cp->cp_send_w)->work)){+.+.}, at: [] process_one_work+0x761/0x1540 kernel/workqueue.c:2091 stack backtrace: SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 CPU: 0 PID: 1672 Comm: kworker/u4:3 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: krdsd rds_send_worker Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 print_circular_bug.isra.0.cold+0x1c4/0x282 kernel/locking/lockdep.c:1258 check_prev_add kernel/locking/lockdep.c:1905 [inline] check_prevs_add kernel/locking/lockdep.c:2022 [inline] validate_chain kernel/locking/lockdep.c:2464 [inline] __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3491 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 lock_sock_nested+0xb7/0x100 net/core/sock.c:2773 lock_sock include/net/sock.h:1467 [inline] do_tcp_setsockopt.isra.0+0xfb/0x1c70 net/ipv4/tcp.c:2557 tcp_setsockopt+0xa7/0xc0 net/ipv4/tcp.c:2828 kernel_setsockopt+0xfb/0x1b0 net/socket.c:3396 rds_tcp_cork net/rds/tcp_send.c:43 [inline] rds_tcp_xmit_path_prepare+0xaf/0xe0 net/rds/tcp_send.c:50 rds_send_xmit+0x1cc/0x1c20 net/rds/send.c:187 rds_send_worker+0x6d/0x240 net/rds/threads.c:189 process_one_work+0x813/0x1540 kernel/workqueue.c:2116 worker_thread+0x5d1/0x1070 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=14958 comm=syz-executor.3 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15117 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x44/0x770 mm/slab.c:3550 __sigqueue_alloc+0x1b8/0x3e0 kernel/signal.c:400 __send_signal+0x194/0x1280 kernel/signal.c:1097 specific_send_sig_info kernel/signal.c:1208 [inline] force_sig_info+0x240/0x340 kernel/signal.c:1260 force_sig_info_fault.constprop.0+0x185/0x260 arch/x86/mm/fault.c:225 __bad_area_nosemaphore+0x1d9/0x2a0 arch/x86/mm/fault.c:940 __do_page_fault+0x859/0xb40 arch/x86/mm/fault.c:1412 page_fault+0x45/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0bc4:0x4d8168 RSP: 24389a58:000000000078bf00 EFLAGS: 00000003 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15139 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2b5/0x770 mm/slab.c:3550 sock_alloc_inode+0x19/0x250 net/socket.c:251 alloc_inode+0x5d/0x170 fs/inode.c:210 new_inode_pseudo+0x14/0xe0 fs/inode.c:899 sock_alloc+0x3c/0x270 net/socket.c:569 __sock_create+0x89/0x620 net/socket.c:1239 sock_create net/socket.c:1315 [inline] SYSC_socket net/socket.c:1345 [inline] SyS_socket+0xd2/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 socket: no more sockets FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15171 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x2db/0x7b0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] sock_alloc_inode+0x5f/0x250 net/socket.c:254 alloc_inode+0x5d/0x170 fs/inode.c:210 new_inode_pseudo+0x14/0xe0 fs/inode.c:899 sock_alloc+0x3c/0x270 net/socket.c:569 __sock_create+0x89/0x620 net/socket.c:1239 sock_create net/socket.c:1315 [inline] SYSC_socket net/socket.c:1345 [inline] SyS_socket+0xd2/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 socket: no more sockets FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15188 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2b5/0x770 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] inode_alloc_security security/selinux/hooks.c:233 [inline] selinux_inode_alloc_security+0xb1/0x2a0 security/selinux/hooks.c:2893 security_inode_alloc+0x8f/0xd0 security/security.c:438 inode_init_always+0x576/0xb20 fs/inode.c:168 alloc_inode+0x7a/0x170 fs/inode.c:217 new_inode_pseudo+0x14/0xe0 fs/inode.c:899 sock_alloc+0x3c/0x270 net/socket.c:569 __sock_create+0x89/0x620 net/socket.c:1239 sock_create net/socket.c:1315 [inline] SYSC_socket net/socket.c:1345 [inline] SyS_socket+0xd2/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. socket: no more sockets FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15213 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2e9/0x7c0 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] sk_prot_alloc+0x164/0x290 net/core/sock.c:1467 sk_alloc+0x36/0xd60 net/core/sock.c:1521 __netlink_create+0x63/0x270 net/netlink/af_netlink.c:611 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'. netlink_create+0x2f0/0x510 net/netlink/af_netlink.c:674 __sock_create+0x2f2/0x620 net/socket.c:1275 sock_create net/socket.c:1315 [inline] SYSC_socket net/socket.c:1345 [inline] SyS_socket+0xd2/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15232 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x2db/0x7b0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] selinux_sk_alloc_security+0x55/0x190 security/selinux/hooks.c:4910 security_sk_alloc+0x76/0xb0 security/security.c:1434 sk_prot_alloc+0x182/0x290 net/core/sock.c:1470 sk_alloc+0x36/0xd60 net/core/sock.c:1521 __netlink_create+0x63/0x270 net/netlink/af_netlink.c:611 netlink_create+0x2f0/0x510 net/netlink/af_netlink.c:674 __sock_create+0x2f2/0x620 net/socket.c:1275 sock_create net/socket.c:1315 [inline] SYSC_socket net/socket.c:1345 [inline] SyS_socket+0xd2/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15247 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2b5/0x770 mm/slab.c:3550 __d_alloc+0x2a/0x9b0 fs/dcache.c:1623 sock_alloc_file+0xc8/0x2e0 net/socket.c:409 sock_map_fd+0x2e/0x70 net/socket.c:439 SYSC_socket net/socket.c:1349 [inline] SyS_socket+0xf0/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15261 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2b5/0x770 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] get_empty_filp+0x86/0x3e0 fs/file_table.c:123 alloc_file+0x23/0x440 fs/file_table.c:164 sock_alloc_file+0x113/0x2e0 net/socket.c:416 sock_map_fd+0x2e/0x70 net/socket.c:439 SYSC_socket net/socket.c:1349 [inline] SyS_socket+0xf0/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15273 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2b5/0x770 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] file_alloc_security security/selinux/hooks.c:368 [inline] selinux_file_alloc_security+0xaf/0x190 security/selinux/hooks.c:3475 security_file_alloc+0x66/0xa0 security/security.c:874 get_empty_filp+0x15c/0x3e0 fs/file_table.c:129 alloc_file+0x23/0x440 fs/file_table.c:164 sock_alloc_file+0x113/0x2e0 net/socket.c:416 sock_map_fd+0x2e/0x70 net/socket.c:439 SYSC_socket net/socket.c:1349 [inline] SyS_socket+0xf0/0x170 net/socket.c:1325 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45f377 RSP: 002b:00007fd7243899c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 000000000045f377 RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 RBP: 000000000078bf00 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000202 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15301 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x288/0x7a0 mm/slab.c:3640 __alloc_skb+0x9a/0x4c0 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1159 [inline] netlink_sendmsg+0x7de/0xbe0 net/netlink/af_netlink.c:1853 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15309 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x292/0x7b0 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve.isra.0+0x35/0xd0 net/core/skbuff.c:137 __alloc_skb+0xca/0x4c0 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1159 [inline] netlink_sendmsg+0x7de/0xbe0 net/netlink/af_netlink.c:1853 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15319 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x44/0x770 mm/slab.c:3550 skb_clone+0x11c/0x310 net/core/skbuff.c:1282 __netlink_deliver_tap_skb net/netlink/af_netlink.c:266 [inline] __netlink_deliver_tap net/netlink/af_netlink.c:291 [inline] netlink_deliver_tap+0x65b/0x860 net/netlink/af_netlink.c:302 netlink_deliver_tap_kernel net/netlink/af_netlink.c:311 [inline] netlink_unicast_kernel net/netlink/af_netlink.c:1286 [inline] netlink_unicast+0x485/0x620 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x733/0xbe0 net/netlink/af_netlink.c:1878 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15346 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x44/0x770 mm/slab.c:3550 skb_clone+0x11c/0x310 net/core/skbuff.c:1282 dev_queue_xmit_nit+0x2c7/0x930 net/core/dev.c:1943 xmit_one net/core/dev.c:3005 [inline] dev_hard_start_xmit+0xa8/0x890 net/core/dev.c:3025 __dev_queue_xmit+0x1d91/0x25c0 net/core/dev.c:3525 __netlink_deliver_tap_skb net/netlink/af_netlink.c:273 [inline] __netlink_deliver_tap net/netlink/af_netlink.c:291 [inline] netlink_deliver_tap+0x604/0x860 net/netlink/af_netlink.c:302 netlink_deliver_tap_kernel net/netlink/af_netlink.c:311 [inline] netlink_unicast_kernel net/netlink/af_netlink.c:1286 [inline] netlink_unicast+0x485/0x620 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x733/0xbe0 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 15376 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x2db/0x7b0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] call_modprobe kernel/kmod.c:80 [inline] __request_module+0x1fe/0x906 kernel/kmod.c:171 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. ctrl_getfamily+0x2cf/0x400 net/netlink/genetlink.c:869 genl_family_rcv_msg+0x57c/0xb30 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x127/0x370 net/netlink/af_netlink.c:2433 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x620 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x733/0xbe0 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15427 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x2e1/0x7b0 mm/slab.c:3735 kstrdup+0x36/0x70 mm/util.c:56 call_modprobe kernel/kmod.c:84 [inline] __request_module+0x21c/0x906 kernel/kmod.c:171 ctrl_getfamily+0x2cf/0x400 net/netlink/genetlink.c:869 genl_family_rcv_msg+0x57c/0xb30 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x127/0x370 net/netlink/af_netlink.c:2433 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x620 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x733/0xbe0 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x416541 RSP: 002b:00007fd7243899c0 EFLAGS: 00000293 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000507bc0 RCX: 0000000000416541 RDX: 0000000000000000 RSI: 00007fd724389a00 RDI: 0000000000000004 RBP: 0000000000000004 R08: 00007fd7243899d0 R09: 000000000078bf00 R10: 0000000000000064 R11: 0000000000000293 R12: 00007fd724389a40 R13: 0000000000000bc4 R14: 00000000004d8168 R15: 00007fd72438a6d4 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 15477 Comm: syz-executor.5 Not tainted 4.14.177-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x13e/0x194 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x14b lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x2db/0x7b0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] call_usermodehelper_setup+0x6f/0x2e0 kernel/umh.c:374 call_modprobe kernel/kmod.c:94 [inline] __request_module+0x317/0x906 kernel/kmod.c:171 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'. ctrl_getfamily+0x2cf/0x400 net/netlink/genetlink.c:869 genl_family_rcv_msg+0x57c/0xb30 net/netlink/genetlink.c:600 genl_rcv_msg+0xaf/0x140 net/netlink/genetlink.c:625 netlink_rcv_skb+0x127/0x370 net/netlink/af_netlink.c:2433 genl_rcv+0x24/0x40 net/netlink/genetlink.c:636 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x620 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x733/0xbe0 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xc5/0x100 net/socket.c:656 ___sys_sendmsg+0x70a/0x840 net/socket.c:2062