entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ============================================ ORIG_RAX: 00000000000000a5 WARNING: possible recursive locking detected RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a 4.14.232-syzkaller #0 Not tainted RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 -------------------------------------------- RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 syz-executor.4/18770 is trying to acquire lock: R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 ( R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 &team->lock){+.+.}, at: [] team_vlan_rx_add_vid+0x38/0x1d0 drivers/net/team/team.c:1889 but task is already holding lock: (&team->lock){+.+.}, at: [] team_add_slave+0x7d/0x1bc0 drivers/net/team/team.c:1967 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&team->lock); lock(&team->lock); *** DEADLOCK *** May be due to missing lock nesting notation 2 locks held by syz-executor.4/18770: #0: (rtnl_mutex){+.+.}, at: [] rtnl_lock net/core/rtnetlink.c:72 [inline] #0: (rtnl_mutex){+.+.}, at: [] rtnetlink_rcv_msg+0x31d/0xb10 net/core/rtnetlink.c:4311 #1: (&team->lock){+.+.}, at: [] team_add_slave+0x7d/0x1bc0 drivers/net/team/team.c:1967 stack backtrace: CPU: 1 PID: 18770 Comm: syz-executor.4 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_deadlock_bug kernel/locking/lockdep.c:1800 [inline] check_deadlock kernel/locking/lockdep.c:1847 [inline] validate_chain kernel/locking/lockdep.c:2448 [inline] __lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0xc4/0x1310 kernel/locking/mutex.c:893 team_vlan_rx_add_vid+0x38/0x1d0 drivers/net/team/team.c:1889 __vlan_vid_add net/8021q/vlan_core.c:219 [inline] vlan_vid_add+0x5ef/0x7d0 net/8021q/vlan_core.c:251 __vlan_vid_add net/8021q/vlan_core.c:219 [inline] vlan_vid_add+0x5ef/0x7d0 net/8021q/vlan_core.c:251 vlan_device_event.cold+0x23/0x28 net/8021q/vlan.c:373 notifier_call_chain+0x108/0x1a0 kernel/notifier.c:93 call_netdevice_notifiers_info net/core/dev.c:1667 [inline] call_netdevice_notifiers net/core/dev.c:1683 [inline] dev_open net/core/dev.c:1407 [inline] dev_open+0xf9/0x110 net/core/dev.c:1395 team_port_add drivers/net/team/team.c:1214 [inline] team_add_slave+0xa00/0x1bc0 drivers/net/team/team.c:1968 do_set_master+0x19e/0x200 net/core/rtnetlink.c:1961 rtnl_newlink+0x136f/0x1860 net/core/rtnetlink.c:2757 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 audit: type=1804 audit(1619616404.694:96): pid=18792 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="ToMToU" comm="syz-executor.1" name="/root/syzkaller-testdir557732774/syzkaller.V8AjsY/307/bus" dev="sda1" ino=14740 res=1 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x4665f9 RSP: 002b:00007f1855ec2188 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000056bf60 RCX: 00000000004665f9 RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 RBP: 00000000004bfce1 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf60 R13: 00007ffc90f35abf R14: 00007f1855ec2300 R15: 0000000000022000 team0: Device macvtap68 failed to register rx_handler device team1 left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18799 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x2bc/0x400 mm/slab.c:3735 memdup_user+0x22/0xa0 mm/util.c:164 strndup_user+0x5b/0xf0 mm/util.c:195 copy_mount_string fs/namespace.c:2783 [inline] SYSC_mount fs/namespace.c:3080 [inline] SyS_mount+0x39/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 x_tables: ip6_tables: SYNPROXY target: used from hooks PREROUTING, but only usable from INPUT/FORWARD device macvtap68 entered promiscuous mode device team1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): macvtap68: link is not ready 8021q: adding VLAN 0 to HW filter on device macvtap68 team0: Device macvtap68 failed to register rx_handler device team1 left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18844 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x29a/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] copy_mount_options+0x59/0x2f0 fs/namespace.c:2758 SYSC_mount fs/namespace.c:3090 [inline] SyS_mount+0x84/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap95 entered promiscuous mode team0: Device macvtap95 failed to register rx_handler FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18865 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 getname_flags+0xc8/0x550 fs/namei.c:138 user_path_at_empty+0x2a/0x50 fs/namei.c:2631 user_path include/linux/namei.h:62 [inline] do_mount+0x118/0x2a00 fs/namespace.c:2819 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap68 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap68 failed to register rx_handler device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode CPU: 0 PID: 18888 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] alloc_vfsmnt+0x23/0x7f0 fs/namespace.c:205 vfs_kern_mount.part.0+0x27/0x470 fs/namespace.c:1039 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap68 entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device veth0_to_bond entered promiscuous mode CPU: 1 PID: 18908 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 team0: Device macvtap68 failed to register rx_handler Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x2bc/0x400 mm/slab.c:3735 kstrdup+0x36/0x70 mm/util.c:56 kstrdup_const+0x35/0x60 mm/util.c:77 alloc_vfsmnt+0xe0/0x7f0 fs/namespace.c:214 vfs_kern_mount.part.0+0x27/0x470 fs/namespace.c:1039 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap96 entered promiscuous mode team0: Device macvtap96 failed to register rx_handler netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18946 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 device macvtap68 entered promiscuous mode Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] alloc_vfsmnt+0x23/0x7f0 fs/namespace.c:205 vfs_kern_mount.part.0+0x27/0x470 fs/namespace.c:1039 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 device veth0_to_bond entered promiscuous mode team0: Device macvtap68 failed to register rx_handler SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap68 entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device veth0_to_bond entered promiscuous mode CPU: 1 PID: 18978 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 team0: Device macvtap68 failed to register rx_handler Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] __list_lru_init+0x67/0x710 mm/list_lru.c:539 alloc_super fs/super.c:229 [inline] sget_userns+0x4e4/0xc10 fs/super.c:516 sget+0xd1/0x110 fs/super.c:572 mount_bdev+0xcd/0x360 fs/super.c:1107 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap68 entered promiscuous mode netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'. FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'. CPU: 0 PID: 19013 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2898 [inline] prepare_alloc_pages mm/page_alloc.c:4131 [inline] __alloc_pages_nodemask+0x22c/0x2720 mm/page_alloc.c:4179 alloc_pages_current+0x155/0x260 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] __get_free_pages mm/page_alloc.c:4233 [inline] get_zeroed_page+0x19/0x50 mm/page_alloc.c:4242 alloc_secdata include/linux/security.h:1737 [inline] mount_fs+0x1c7/0x2a0 fs/super.c:1228 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 netlink: 16 bytes leftover after parsing attributes in process `syz-executor.0'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 (unnamed net_device) (uninitialized): option use_carrier: invalid value (255) CPU: 1 PID: 19041 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 getname_kernel+0x4e/0x340 fs/namei.c:218 audit: type=1804 audit(1619616407.344:97): pid=19051 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir557732774/syzkaller.V8AjsY/313/bus" dev="sda1" ino=14750 res=1 kern_path+0x1b/0x40 fs/namei.c:2466 lookup_bdev fs/block_dev.c:2103 [inline] lookup_bdev+0xc6/0x1c0 fs/block_dev.c:2093 blkdev_get_by_path+0x1b/0xa0 fs/block_dev.c:1688 mount_bdev+0x4c/0x360 fs/super.c:1092 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 audit: type=1804 audit(1619616407.344:98): pid=19054 uid=0 auid=4294967295 ses=4294967295 op="invalid_pcr" cause="open_writers" comm="syz-executor.1" name="/root/syzkaller-testdir557732774/syzkaller.V8AjsY/313/bus" dev="sda1" ino=14750 res=1 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap69 entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device veth0_to_bond entered promiscuous mode team0: Device macvtap69 failed to register rx_handler CPU: 0 PID: 19072 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x29a/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] alloc_super fs/super.c:197 [inline] sget_userns+0x102/0xc10 fs/super.c:516 sget+0xd1/0x110 fs/super.c:572 mount_bdev+0xcd/0x360 fs/super.c:1107 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 19089 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2898 [inline] prepare_alloc_pages mm/page_alloc.c:4131 [inline] __alloc_pages_nodemask+0x22c/0x2720 mm/page_alloc.c:4179 __alloc_pages include/linux/gfp.h:484 [inline] __alloc_pages_node include/linux/gfp.h:497 [inline] kmem_getpages mm/slab.c:1419 [inline] cache_grow_begin+0x91/0x700 mm/slab.c:2676 cache_alloc_refill+0x273/0x350 mm/slab.c:3043 ____cache_alloc mm/slab.c:3125 [inline] __do_cache_alloc mm/slab.c:3347 [inline] slab_alloc mm/slab.c:3382 [inline] kmem_cache_alloc+0x333/0x3c0 mm/slab.c:3550 getname_kernel+0x4e/0x340 fs/namei.c:218 kern_path+0x1b/0x40 fs/namei.c:2466 lookup_bdev fs/block_dev.c:2103 [inline] lookup_bdev+0xc6/0x1c0 fs/block_dev.c:2093 blkdev_get_by_path+0x1b/0xa0 fs/block_dev.c:1688 mount_bdev+0x4c/0x360 fs/super.c:1092 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode EXT4-fs (loop5): VFS: Can't find ext4 filesystem FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 19143 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 device macvtap109 entered promiscuous mode Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2898 [inline] prepare_alloc_pages mm/page_alloc.c:4131 [inline] __alloc_pages_nodemask+0x22c/0x2720 mm/page_alloc.c:4179 __alloc_pages include/linux/gfp.h:484 [inline] __alloc_pages_node include/linux/gfp.h:497 [inline] kmem_getpages mm/slab.c:1419 [inline] cache_grow_begin+0x91/0x700 mm/slab.c:2676 cache_alloc_refill+0x273/0x350 mm/slab.c:3043 ____cache_alloc mm/slab.c:3125 [inline] __do_cache_alloc mm/slab.c:3347 [inline] slab_alloc mm/slab.c:3382 [inline] kmem_cache_alloc+0x333/0x3c0 mm/slab.c:3550 getname_kernel+0x4e/0x340 fs/namei.c:218 kern_path+0x1b/0x40 fs/namei.c:2466 device veth0_to_bond entered promiscuous mode lookup_bdev fs/block_dev.c:2103 [inline] lookup_bdev+0xc6/0x1c0 fs/block_dev.c:2093 blkdev_get_by_path+0x1b/0xa0 fs/block_dev.c:1688 mount_bdev+0x4c/0x360 fs/super.c:1092 mount_fs+0x92/0x2a0 fs/super.c:1237 team0: Device macvtap109 failed to register rx_handler vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 EXT4-fs (loop5): VFS: Can't find ext4 filesystem device veth0_to_bond left promiscuous mode device macvtap69 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap69 failed to register rx_handler device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 19175 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] __list_lru_init+0x67/0x710 mm/list_lru.c:539 alloc_super fs/super.c:231 [inline] sget_userns+0x504/0xc10 fs/super.c:516 sget+0xd1/0x110 fs/super.c:572 mount_bdev+0xcd/0x360 fs/super.c:1107 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. Bluetooth: hci5 command 0x0406 tx timeout Bluetooth: hci2 command 0x0406 tx timeout Bluetooth: hci0 command 0x0406 tx timeout Bluetooth: hci1 command 0x0406 tx timeout Bluetooth: hci3 command 0x0406 tx timeout Bluetooth: hci4 command 0x0406 tx timeout netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode CPU: 1 PID: 19219 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 team0: Device macvtap109 failed to register rx_handler should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x29a/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] ext4_fill_super+0x101/0xb280 fs/ext4/super.c:3512 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap69 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap69 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 19262 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x2bc/0x400 mm/slab.c:3735 kstrdup+0x36/0x70 mm/util.c:56 ext4_fill_super+0xc7/0xb280 fs/ext4/super.c:3509 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap69 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap69 failed to register rx_handler device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. CPU: 1 PID: 19302 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x2c1/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] kzalloc include/linux/slab.h:661 [inline] __list_lru_init+0x67/0x710 mm/list_lru.c:539 alloc_super fs/super.c:231 [inline] sget_userns+0x504/0xc10 fs/super.c:516 netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. sget+0xd1/0x110 fs/super.c:572 mount_bdev+0xcd/0x360 fs/super.c:1107 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 netlink: 36 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 8 bytes leftover after parsing attributes in process `syz-executor.4'. netlink: 16 bytes leftover after parsing attributes in process `syz-executor.4'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device macvtap109 entered promiscuous mode CPU: 0 PID: 19328 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 device veth0_to_bond entered promiscuous mode Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc_track_caller+0x2bc/0x400 mm/slab.c:3735 kstrdup+0x36/0x70 mm/util.c:56 team0: Device macvtap109 failed to register rx_handler ext4_fill_super+0xc7/0xb280 fs/ext4/super.c:3509 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 19358 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 device veth0_to_bond entered promiscuous mode Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 team0: Device macvtap109 failed to register rx_handler should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] alloc_buffer_head+0x20/0x110 fs/buffer.c:3429 alloc_page_buffers+0xb3/0x1f0 fs/buffer.c:874 grow_dev_page fs/buffer.c:1025 [inline] grow_buffers fs/buffer.c:1077 [inline] __getblk_slow+0x2d6/0x7a0 fs/buffer.c:1104 __getblk_gfp fs/buffer.c:1383 [inline] __bread_gfp+0x206/0x2e0 fs/buffer.c:1428 sb_bread_unmovable include/linux/buffer_head.h:315 [inline] ext4_fill_super+0x532/0xb280 fs/ext4/super.c:3571 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode EXT4-fs (loop5): VFS: Can't find ext4 filesystem FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 device macvtap69 entered promiscuous mode CPU: 1 PID: 19388 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 device veth0_to_bond entered promiscuous mode Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 team0: Device macvtap69 failed to register rx_handler slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] alloc_buffer_head+0x20/0x110 fs/buffer.c:3429 alloc_page_buffers+0xb3/0x1f0 fs/buffer.c:874 grow_dev_page fs/buffer.c:1025 [inline] grow_buffers fs/buffer.c:1077 [inline] __getblk_slow+0x2d6/0x7a0 fs/buffer.c:1104 __getblk_gfp fs/buffer.c:1383 [inline] __bread_gfp+0x206/0x2e0 fs/buffer.c:1428 sb_bread_unmovable include/linux/buffer_head.h:315 [inline] ext4_fill_super+0x532/0xb280 fs/ext4/super.c:3571 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 EXT4-fs (loop5): VFS: Can't find ext4 filesystem device veth0_to_bond left promiscuous mode device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 19418 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x29a/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] ext4_fill_super+0x1e7/0xb280 fs/ext4/super.c:3537 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device macvtap69 entered promiscuous mode device veth0_to_bond entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 19437 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 team0: Device macvtap69 failed to register rx_handler Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 kmem_cache_zalloc include/linux/slab.h:651 [inline] alloc_buffer_head+0x20/0x110 fs/buffer.c:3429 alloc_page_buffers+0xb3/0x1f0 fs/buffer.c:874 grow_dev_page fs/buffer.c:1025 [inline] grow_buffers fs/buffer.c:1077 [inline] __getblk_slow+0x2d6/0x7a0 fs/buffer.c:1104 __getblk_gfp fs/buffer.c:1383 [inline] __bread_gfp+0x206/0x2e0 fs/buffer.c:1428 sb_bread_unmovable include/linux/buffer_head.h:315 [inline] ext4_fill_super+0x532/0xb280 fs/ext4/super.c:3571 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879 SYSC_mount fs/namespace.c:3095 [inline] SyS_mount+0xa8/0x120 fs/namespace.c:3072 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x467b1a RSP: 002b:00007fe80bcdcfa8 EFLAGS: 00000206 ORIG_RAX: 00000000000000a5 RAX: ffffffffffffffda RBX: 00000000200012c0 RCX: 0000000000467b1a RDX: 0000000020000000 RSI: 0000000020000040 RDI: 00007fe80bcdd000 RBP: 00007fe80bcdd040 R08: 00007fe80bcdd040 R09: 0000000020000000 R10: 0000000000000000 R11: 0000000000000206 R12: 0000000020000000 R13: 0000000020000040 R14: 00007fe80bcdd000 R15: 0000000020001700 device veth0_to_bond left promiscuous mode EXT4-fs (loop5): VFS: Can't find ext4 filesystem device macvtap109 entered promiscuous mode device veth0_to_bond entered promiscuous mode team0: Device macvtap109 failed to register rx_handler device veth0_to_bond left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'. CPU: 1 PID: 19479 Comm: syz-executor.5 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x149 lib/fault-inject.c:149 device macvtap109 entered promiscuous mode should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x40/0x3c0 mm/slab.c:3550 device veth0_to_bond entered promiscuous mode mempool_alloc+0x10e/0x2d0 mm/mempool.c:330 bio_alloc_bioset+0x41b/0x830 block/bio.c:486 team0: Device macvtap109 failed to register rx_handler bio_alloc include/linux/bio.h:422 [inline] submit_bh_wbc+0xf5/0x6f0 fs/buffer.c:3121 submit_bh fs/buffer.c:3153 [inline] __bread_slow fs/buffer.c:1238 [inline] __bread_gfp+0x11c/0x2e0 fs/buffer.c:1431 sb_bread_unmovable include/linux/buffer_head.h:315 [inline] ext4_fill_super+0x532/0xb280 fs/ext4/super.c:3571 mount_bdev+0x2b3/0x360 fs/super.c:1134 mount_fs+0x92/0x2a0 fs/super.c:1237 vfs_kern_mount.part.0+0x5b/0x470 fs/namespace.c:1046 vfs_kern_mount fs/namespace.c:1036 [inline] do_new_mount fs/namespace.c:2549 [inline] do_mount+0xe53/0x2a00 fs/namespace.c:2879