====================================================== WARNING: possible circular locking dependency detected 4.20.0-rc7+ #286 Not tainted ------------------------------------------------------ kworker/1:4/6600 is trying to acquire lock: 000000004d78edd8 (&mdev->req_queue_mutex){+.+.}, at: v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 but task is already holding lock: 000000007bd29c12 ((delayed_fput_work).work){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 ((delayed_fput_work).work){+.+.}: process_one_work+0xc0a/0x1c40 kernel/workqueue.c:2129 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 -> #2 ((wq_completion)"events"){+.+.}: flush_workqueue+0x30a/0x1e10 kernel/workqueue.c:2655 flush_scheduled_work include/linux/workqueue.h:599 [inline] vim2m_stop_streaming+0x7c/0x2c0 drivers/media/platform/vim2m.c:811 __vb2_queue_cancel+0x14f/0xd50 drivers/media/common/videobuf2/videobuf2-core.c:1843 vb2_core_queue_release+0x26/0x80 drivers/media/common/videobuf2/videobuf2-core.c:2255 vb2_queue_release+0x15/0x20 drivers/media/common/videobuf2/videobuf2-v4l2.c:842 v4l2_m2m_ctx_release+0x2a/0x35 drivers/media/v4l2-core/v4l2-mem2mem.c:931 vim2m_release+0xe6/0x150 drivers/media/platform/vim2m.c:977 v4l2_release+0x224/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:456 __fput+0x385/0xa30 fs/file_table.c:278 ____fput+0x15/0x20 fs/file_table.c:309 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x318/0x380 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_32_irqs_on arch/x86/entry/common.c:341 [inline] do_fast_syscall_32+0xcd5/0xfb2 arch/x86/entry/common.c:397 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 -> #1 (&dev->dev_mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 vim2m_release+0xbc/0x150 drivers/media/platform/vim2m.c:976 v4l2_release+0x224/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:456 __fput+0x385/0xa30 fs/file_table.c:278 ____fput+0x15/0x20 fs/file_table.c:309 task_work_run+0x1e8/0x2a0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop+0x318/0x380 arch/x86/entry/common.c:166 prepare_exit_to_usermode arch/x86/entry/common.c:197 [inline] syscall_return_slowpath arch/x86/entry/common.c:268 [inline] do_syscall_64+0x6be/0x820 arch/x86/entry/common.c:293 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #0 (&mdev->req_queue_mutex){+.+.}: lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 __fput+0x385/0xa30 fs/file_table.c:278 delayed_fput+0x55/0x80 fs/file_table.c:304 process_one_work+0xc90/0x1c40 kernel/workqueue.c:2153 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 other info that might help us debug this: Chain exists of: &mdev->req_queue_mutex --> (wq_completion)"events" --> (delayed_fput_work).work Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((delayed_fput_work).work); lock((wq_completion)"events"); lock((delayed_fput_work).work); lock(&mdev->req_queue_mutex); *** DEADLOCK *** 2 locks held by kworker/1:4/6600: #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: __write_once_size include/linux/compiler.h:218 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: arch_atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: atomic64_set include/asm-generic/atomic-instrumented.h:40 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: atomic_long_set include/asm-generic/atomic-long.h:59 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: set_work_data kernel/workqueue.c:617 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: set_work_pool_and_clear_pending kernel/workqueue.c:644 [inline] #0: 0000000055cf5249 ((wq_completion)"events"){+.+.}, at: process_one_work+0xb43/0x1c40 kernel/workqueue.c:2124 #1: 000000007bd29c12 ((delayed_fput_work).work){+.+.}, at: process_one_work+0xb9a/0x1c40 kernel/workqueue.c:2128 stack backtrace: CPU: 1 PID: 6600 Comm: kworker/1:4 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events delayed_fput Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 print_circular_bug.isra.33.cold.54+0x1bd/0x27d kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2347 [inline] __lock_acquire+0x3360/0x4c20 kernel/locking/lockdep.c:3341 lock_acquire+0x1ed/0x520 kernel/locking/lockdep.c:3844 __mutex_lock_common kernel/locking/mutex.c:925 [inline] __mutex_lock+0x166/0x1700 kernel/locking/mutex.c:1072 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:1087 v4l2_release+0x1d7/0x3a0 drivers/media/v4l2-core/v4l2-dev.c:455 __fput+0x385/0xa30 fs/file_table.c:278 delayed_fput+0x55/0x80 fs/file_table.c:304 process_one_work+0xc90/0x1c40 kernel/workqueue.c:2153 worker_thread+0x17f/0x1390 kernel/workqueue.c:2296 kthread+0x35a/0x440 kernel/kthread.c:246 ret_from_fork+0x3a/0x50 arch/x86/entry/entry_64.S:352 kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' CPU: 1 PID: 26482 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 __should_failslab+0x124/0x180 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1578 slab_pre_alloc_hook mm/slab.h:423 [inline] slab_alloc mm/slab.c:3378 [inline] kmem_cache_alloc_trace+0x2d7/0x750 mm/slab.c:3618 kmalloc include/linux/slab.h:546 [inline] kzalloc include/linux/slab.h:741 [inline] alloc_pipe_info+0x164/0x5d0 fs/pipe.c:633 splice_direct_to_actor+0x786/0x9d0 fs/splice.c:920 do_splice_direct+0x2d4/0x420 fs/splice.c:1066 do_sendfile+0x62a/0xe20 fs/read_write.c:1439 __do_compat_sys_sendfile fs/read_write.c:1521 [inline] __se_compat_sys_sendfile fs/read_write.c:1504 [inline] __ia32_compat_sys_sendfile+0x236/0x2a0 fs/read_write.c:1504 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline] do_fast_syscall_32+0x34d/0xfb2 arch/x86/entry/common.c:397 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 RIP: 0023:0xf7fdda49 Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 002b:00000000f5fb80cc EFLAGS: 00000296 ORIG_RAX: 00000000000000bb RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 26568 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 __should_failslab+0x124/0x180 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1578 slab_pre_alloc_hook mm/slab.h:423 [inline] slab_alloc mm/slab.c:3378 [inline] __do_kmalloc mm/slab.c:3720 [inline] __kmalloc+0x2e0/0x770 mm/slab.c:3731 kmalloc_array include/linux/slab.h:669 [inline] kcalloc include/linux/slab.h:680 [inline] alloc_pipe_info+0x2ce/0x5d0 fs/pipe.c:650 splice_direct_to_actor+0x786/0x9d0 fs/splice.c:920 do_splice_direct+0x2d4/0x420 fs/splice.c:1066 do_sendfile+0x62a/0xe20 fs/read_write.c:1439 __do_compat_sys_sendfile fs/read_write.c:1521 [inline] __se_compat_sys_sendfile fs/read_write.c:1504 [inline] __ia32_compat_sys_sendfile+0x236/0x2a0 fs/read_write.c:1504 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline] do_fast_syscall_32+0x34d/0xfb2 arch/x86/entry/common.c:397 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 RIP: 0023:0xf7fdda49 Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 002b:00000000f5fb80cc EFLAGS: 00000296 ORIG_RAX: 00000000000000bb RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 26587 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 __should_failslab+0x124/0x180 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1578 slab_pre_alloc_hook mm/slab.h:423 [inline] slab_alloc_node mm/slab.c:3299 [inline] kmem_cache_alloc_node_trace+0x270/0x740 mm/slab.c:3661 __do_kmalloc_node mm/slab.c:3683 [inline] __kmalloc_node+0x3c/0x70 mm/slab.c:3691 kmalloc_node include/linux/slab.h:589 [inline] kvmalloc_node+0x65/0xf0 mm/util.c:416 kvmalloc include/linux/mm.h:577 [inline] kvmalloc_array include/linux/mm.h:595 [inline] get_pages_array lib/iov_iter.c:1295 [inline] pipe_get_pages_alloc lib/iov_iter.c:1321 [inline] iov_iter_get_pages_alloc+0x8ac/0x15a0 lib/iov_iter.c:1342 default_file_splice_read+0x1db/0xb20 fs/splice.c:391 do_splice_to+0x12e/0x190 fs/splice.c:880 splice_direct_to_actor+0x31c/0x9d0 fs/splice.c:957 do_splice_direct+0x2d4/0x420 fs/splice.c:1066 do_sendfile+0x62a/0xe20 fs/read_write.c:1439 __do_compat_sys_sendfile fs/read_write.c:1521 [inline] __se_compat_sys_sendfile fs/read_write.c:1504 [inline] __ia32_compat_sys_sendfile+0x236/0x2a0 fs/read_write.c:1504 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline] do_fast_syscall_32+0x34d/0xfb2 arch/x86/entry/common.c:397 entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 RIP: 0023:0xf7fdda49 Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 002b:00000000f5fb80cc EFLAGS: 00000296 ORIG_RAX: 00000000000000bb RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop4' (0000000017e25571): kobject_uevent_env FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' CPU: 1 PID: 26634 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' should_fail_alloc_page mm/page_alloc.c:3068 [inline] prepare_alloc_pages mm/page_alloc.c:4320 [inline] __alloc_pages_nodemask+0x366/0xea0 mm/page_alloc.c:4367 kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' alloc_pages_current+0x10c/0x210 mm/mempolicy.c:2106 alloc_pages include/linux/gfp.h:509 [inline] push_pipe+0x3ff/0x7a0 lib/iov_iter.c:520 __pipe_get_pages lib/iov_iter.c:1217 [inline] pipe_get_pages_alloc lib/iov_iter.c:1324 [inline] iov_iter_get_pages_alloc+0x938/0x15a0 lib/iov_iter.c:1342 kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' default_file_splice_read+0x1db/0xb20 fs/splice.c:391 do_splice_to+0x12e/0x190 fs/splice.c:880 splice_direct_to_actor+0x31c/0x9d0 fs/splice.c:957 do_splice_direct+0x2d4/0x420 fs/splice.c:1066 kobject: 'loop5' (00000000dd997906): kobject_uevent_env do_sendfile+0x62a/0xe20 fs/read_write.c:1439 kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' __do_compat_sys_sendfile fs/read_write.c:1521 [inline] __se_compat_sys_sendfile fs/read_write.c:1504 [inline] __ia32_compat_sys_sendfile+0x236/0x2a0 fs/read_write.c:1504 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline] do_fast_syscall_32+0x34d/0xfb2 arch/x86/entry/common.c:397 kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' RIP: 0023:0xf7fdda49 Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 RSP: 002b:00000000f5fb80cc EFLAGS: 00000296 ORIG_RAX: 00000000000000bb RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (00000000dd997906): kobject_uevent_env CPU: 1 PID: 26676 Comm: syz-executor2 Not tainted 4.20.0-rc7+ #286 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1d3/0x2c6 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold.4+0xa/0x17 lib/fault-inject.c:149 __should_failslab+0x124/0x180 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1578 slab_pre_alloc_hook mm/slab.h:423 [inline] slab_alloc_node mm/slab.c:3299 [inline] kmem_cache_alloc_node_trace+0x270/0x740 mm/slab.c:3661 __do_kmalloc_node mm/slab.c:3683 [inline] __kmalloc_node+0x3c/0x70 mm/slab.c:3691 kmalloc_node include/linux/slab.h:589 [inline] kvmalloc_node+0x65/0xf0 mm/util.c:416 kvmalloc include/linux/mm.h:577 [inline] seq_buf_alloc fs/seq_file.c:32 [inline] seq_read+0x99b/0x1150 fs/seq_file.c:204 do_loop_readv_writev fs/read_write.c:700 [inline] do_iter_read+0x4a3/0x650 fs/read_write.c:924 vfs_readv+0x175/0x1c0 fs/read_write.c:986 kernel_readv fs/splice.c:362 [inline] default_file_splice_read+0x539/0xb20 fs/splice.c:417 do_splice_to+0x12e/0x190 fs/splice.c:880 splice_direct_to_actor+0x31c/0x9d0 fs/splice.c:957 do_splice_direct+0x2d4/0x420 fs/splice.c:1066 do_sendfile+0x62a/0xe20 fs/read_write.c:1439 __do_compat_sys_sendfile fs/read_write.c:1521 [inline] __se_compat_sys_sendfile fs/read_write.c:1504 [inline] __ia32_compat_sys_sendfile+0x236/0x2a0 fs/read_write.c:1504 do_syscall_32_irqs_on arch/x86/entry/common.c:326 [inline] do_fast_syscall_32+0x34d/0xfb2 arch/x86/entry/common.c:397 kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' entry_SYSENTER_compat+0x70/0x7f arch/x86/entry/entry_64_compat.S:139 RIP: 0023:0xf7fdda49 Code: 85 d2 74 02 89 0a 5b 5d c3 8b 04 24 c3 8b 14 24 c3 8b 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 kobject: 'loop5' (00000000dd997906): kobject_uevent_env RSP: 002b:00000000f5fb80cc EFLAGS: 00000296 ORIG_RAX: 00000000000000bb RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000004 RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop2' (00000000ac6516b1): kobject_uevent_env kobject: 'loop2' (00000000ac6516b1): fill_kobj_path: path = '/devices/virtual/block/loop2' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop0' (000000003a72ae63): kobject_uevent_env kobject: 'loop0' (000000003a72ae63): fill_kobj_path: path = '/devices/virtual/block/loop0' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5' kobject: 'loop4' (0000000017e25571): kobject_uevent_env kobject: 'loop4' (0000000017e25571): fill_kobj_path: path = '/devices/virtual/block/loop4' kobject: 'loop3' (00000000025ffd3c): kobject_uevent_env kobject: 'loop3' (00000000025ffd3c): fill_kobj_path: path = '/devices/virtual/block/loop3' kobject: 'loop5' (00000000dd997906): kobject_uevent_env kobject: 'loop5' (00000000dd997906): fill_kobj_path: path = '/devices/virtual/block/loop5'