RDX: 1000000000000252 RSI: 00000000200023c0 RDI: 0000000000000005 RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 0000000000000cda R14: 00000000004c9ca0 R15: 0000000000000002 ====================================================== WARNING: possible circular locking dependency detected 4.14.169-syzkaller #0 Not tainted ------------------------------------------------------ syz-executor.1/18351 is trying to acquire lock: (console_owner){-.-.}, at: [] console_trylock_spinning kernel/printk/printk.c:1658 [inline] (console_owner){-.-.}, at: [] vprintk_emit kernel/printk/printk.c:1922 [inline] (console_owner){-.-.}, at: [] vprintk_emit+0x2f1/0x600 kernel/printk/printk.c:1888 but task is already holding lock: (&(&port->lock)->rlock){-.-.}, at: [] pty_write+0xe0/0x1d0 drivers/tty/pty.c:120 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&(&port->lock)->rlock){-.-.}: lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x95/0xcd kernel/locking/spinlock.c:160 tty_port_tty_get+0x22/0x90 drivers/tty/tty_port.c:287 tty_port_default_wakeup+0x16/0x40 drivers/tty/tty_port.c:46 tty_port_tty_wakeup+0x57/0x70 drivers/tty/tty_port.c:389 uart_write_wakeup+0x46/0x70 drivers/tty/serial/serial_core.c:116 serial8250_tx_chars+0x40d/0xa10 drivers/tty/serial/8250/8250_port.c:1810 serial8250_handle_irq.part.0+0x206/0x250 drivers/tty/serial/8250/8250_port.c:1883 serial8250_handle_irq drivers/tty/serial/8250/8250_port.c:1869 [inline] serial8250_default_handle_irq+0xa1/0x120 drivers/tty/serial/8250/8250_port.c:1899 serial8250_interrupt+0xe9/0x1a0 drivers/tty/serial/8250/8250_core.c:129 __handle_irq_event_percpu+0x125/0x7f0 kernel/irq/handle.c:147 handle_irq_event_percpu+0x65/0x130 kernel/irq/handle.c:187 handle_irq_event+0xa7/0x134 kernel/irq/handle.c:204 handle_edge_irq+0x22b/0x840 kernel/irq/chip.c:770 generic_handle_irq_desc include/linux/irqdesc.h:159 [inline] handle_irq+0x39/0x50 arch/x86/kernel/irq_64.c:87 do_IRQ+0x99/0x1d0 arch/x86/kernel/irq.c:230 ret_from_intr+0x0/0x1e arch_local_irq_restore arch/x86/include/asm/paravirt.h:779 [inline] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] _raw_spin_unlock_irqrestore+0x95/0xe0 kernel/locking/spinlock.c:192 spin_unlock_irqrestore include/linux/spinlock.h:372 [inline] uart_write+0x29a/0x4f0 drivers/tty/serial/serial_core.c:625 process_output_block drivers/tty/n_tty.c:595 [inline] n_tty_write+0x38b/0xf20 drivers/tty/n_tty.c:2333 do_tty_write drivers/tty/tty_io.c:959 [inline] tty_write+0x3f6/0x700 drivers/tty/tty_io.c:1043 redirected_tty_write+0xa3/0xb0 drivers/tty/tty_io.c:1064 __vfs_write+0x105/0x6b0 fs/read_write.c:480 vfs_write+0x198/0x500 fs/read_write.c:544 SYSC_write fs/read_write.c:590 [inline] SyS_write+0xfd/0x230 fs/read_write.c:582 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #1 (&port_lock_key){-.-.}: lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x95/0xcd kernel/locking/spinlock.c:160 serial8250_console_write+0x709/0x930 drivers/tty/serial/8250/8250_port.c:3232 univ8250_console_write+0x5f/0x70 drivers/tty/serial/8250/8250_core.c:597 call_console_drivers kernel/printk/printk.c:1725 [inline] console_unlock+0x9ba/0xed0 kernel/printk/printk.c:2397 vprintk_emit kernel/printk/printk.c:1923 [inline] vprintk_emit+0x1f9/0x600 kernel/printk/printk.c:1888 vprintk_default+0x28/0x30 kernel/printk/printk.c:1963 vprintk_func+0x5d/0x159 kernel/printk/printk_safe.c:401 printk+0x9e/0xbc kernel/printk/printk.c:1996 register_console+0x614/0x9e0 kernel/printk/printk.c:2716 univ8250_console_init+0x33/0x3f drivers/tty/serial/8250/8250_core.c:692 console_init+0x4d/0x5d kernel/printk/printk.c:2797 start_kernel+0x43c/0x67d init/main.c:634 x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:399 x86_64_start_kernel+0x77/0x7b arch/x86/kernel/head64.c:380 secondary_startup_64+0xa5/0xb0 arch/x86/kernel/head_64.S:240 -> #0 (console_owner){-.-.}: check_prev_add kernel/locking/lockdep.c:1901 [inline] check_prevs_add kernel/locking/lockdep.c:2018 [inline] validate_chain kernel/locking/lockdep.c:2460 [inline] __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 console_trylock_spinning kernel/printk/printk.c:1679 [inline] vprintk_emit kernel/printk/printk.c:1922 [inline] vprintk_emit+0x32e/0x600 kernel/printk/printk.c:1888 vprintk_default+0x28/0x30 kernel/printk/printk.c:1963 vprintk_func+0x5d/0x159 kernel/printk/printk_safe.c:401 printk+0x9e/0xbc kernel/printk/printk.c:1996 fail_dump lib/fault-inject.c:44 [inline] should_fail.cold+0xe4/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x71/0x7a0 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:169 [inline] __tty_buffer_request_room+0x1a4/0x500 drivers/tty/tty_buffer.c:267 tty_insert_flip_string_fixed_flag+0x8a/0x1c0 drivers/tty/tty_buffer.c:312 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x113/0x1d0 drivers/tty/pty.c:122 n_tty_write+0x953/0xf20 drivers/tty/n_tty.c:2356 do_tty_write drivers/tty/tty_io.c:959 [inline] tty_write+0x3f6/0x700 drivers/tty/tty_io.c:1043 do_loop_readv_writev fs/read_write.c:698 [inline] do_loop_readv_writev fs/read_write.c:682 [inline] do_iter_write fs/read_write.c:956 [inline] do_iter_write+0x3d3/0x540 fs/read_write.c:935 vfs_writev+0x170/0x2a0 fs/read_write.c:999 do_writev+0x10a/0x2d0 fs/read_write.c:1034 SYSC_writev fs/read_write.c:1107 [inline] SyS_writev+0x28/0x30 fs/read_write.c:1104 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 other info that might help us debug this: Chain exists of: console_owner --> &port_lock_key --> &(&port->lock)->rlock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&(&port->lock)->rlock); lock(&port_lock_key); lock(&(&port->lock)->rlock); lock(console_owner); *** DEADLOCK *** 5 locks held by syz-executor.1/18351: #0: (&tty->ldisc_sem){++++}, at: [] ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:376 #1: (&tty->atomic_write_lock){+.+.}, at: [] tty_write_lock+0x20/0x60 drivers/tty/tty_io.c:885 #2: (&tty->termios_rwsem){++++}, at: [] n_tty_write+0x179/0xf20 drivers/tty/n_tty.c:2316 #3: (&ldata->output_lock){+.+.}, at: [] n_tty_write+0x914/0xf20 drivers/tty/n_tty.c:2355 #4: (&(&port->lock)->rlock){-.-.}, at: [] pty_write+0xe0/0x1d0 drivers/tty/pty.c:120 stack backtrace: CPU: 0 PID: 18351 Comm: syz-executor.1 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1258 check_prev_add kernel/locking/lockdep.c:1901 [inline] check_prevs_add kernel/locking/lockdep.c:2018 [inline] validate_chain kernel/locking/lockdep.c:2460 [inline] __lock_acquire+0x2cb3/0x4620 kernel/locking/lockdep.c:3487 lock_acquire+0x16f/0x430 kernel/locking/lockdep.c:3994 console_trylock_spinning kernel/printk/printk.c:1679 [inline] vprintk_emit kernel/printk/printk.c:1922 [inline] vprintk_emit+0x32e/0x600 kernel/printk/printk.c:1888 vprintk_default+0x28/0x30 kernel/printk/printk.c:1963 vprintk_func+0x5d/0x159 kernel/printk/printk_safe.c:401 printk+0x9e/0xbc kernel/printk/printk.c:1996 fail_dump lib/fault-inject.c:44 [inline] should_fail.cold+0xe4/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] __do_kmalloc mm/slab.c:3718 [inline] __kmalloc+0x71/0x7a0 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:169 [inline] __tty_buffer_request_room+0x1a4/0x500 drivers/tty/tty_buffer.c:267 tty_insert_flip_string_fixed_flag+0x8a/0x1c0 drivers/tty/tty_buffer.c:312 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x113/0x1d0 drivers/tty/pty.c:122 n_tty_write+0x953/0xf20 drivers/tty/n_tty.c:2356 do_tty_write drivers/tty/tty_io.c:959 [inline] tty_write+0x3f6/0x700 drivers/tty/tty_io.c:1043 do_loop_readv_writev fs/read_write.c:698 [inline] do_loop_readv_writev fs/read_write.c:682 [inline] do_iter_write fs/read_write.c:956 [inline] do_iter_write+0x3d3/0x540 fs/read_write.c:935 vfs_writev+0x170/0x2a0 fs/read_write.c:999 do_writev+0x10a/0x2d0 fs/read_write.c:1034 SYSC_writev fs/read_write.c:1107 [inline] SyS_writev+0x28/0x30 fs/read_write.c:1104 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007f6a5fb18c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 00007f6a5fb196d4 RCX: 000000000045b399 RDX: 1000000000000252 RSI: 00000000200023c0 RDI: 0000000000000005 RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 0000000000000cda R14: 00000000004c9ca0 R15: 0000000000000002 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 1 CPU: 1 PID: 18366 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] pte_alloc_one+0x1a/0x100 arch/x86/mm/pgtable.c:30 do_huge_pmd_anonymous_page+0x84f/0x1200 mm/huge_memory.c:701 create_huge_pmd mm/memory.c:3881 [inline] __handle_mm_fault+0x247d/0x33d0 mm/memory.c:4084 handle_mm_fault+0x293/0x7c0 mm/memory.c:4150 __do_page_fault+0x4c1/0xb80 arch/x86/mm/fault.c:1420 do_page_fault+0x71/0x511 arch/x86/mm/fault.c:1495 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:181 RSP: 0018:ffff88805b62f9f8 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 0000000000000590 RCX: 0000000000000590 RDX: 0000000000000590 RSI: 0000000020d7cfcb RDI: ffff88805adfa6f0 RBP: ffff88805b62fa28 R08: ffffed100b5bf590 R09: 0000000000000000 R10: ffffed100b5bf58f R11: ffff88805adfac7f R12: 0000000020d7cfcb R13: ffff88805adfa6f0 R14: 00007ffffffff000 R15: 0000000020d7d55b _copy_from_iter_full+0x196/0x6c0 lib/iov_iter.c:608 copy_from_iter_full include/linux/uio.h:126 [inline] skb_do_copy_data_nocache include/net/sock.h:1886 [inline] skb_add_data_nocache include/net/sock.h:1897 [inline] tcp_sendmsg_locked+0x1371/0x31c0 net/ipv4/tcp.c:1335 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000002 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 1 CPU: 1 PID: 18375 Comm: syz-executor.2 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] pte_alloc_one+0x1a/0x100 arch/x86/mm/pgtable.c:30 do_huge_pmd_anonymous_page+0x84f/0x1200 mm/huge_memory.c:701 create_huge_pmd mm/memory.c:3881 [inline] __handle_mm_fault+0x247d/0x33d0 mm/memory.c:4084 handle_mm_fault+0x293/0x7c0 mm/memory.c:4150 __do_page_fault+0x4c1/0xb80 arch/x86/mm/fault.c:1420 do_page_fault+0x71/0x511 arch/x86/mm/fault.c:1495 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:181 RSP: 0018:ffff8880582079f8 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 0000000000000590 RCX: 0000000000000590 RDX: 0000000000000590 RSI: 0000000020d7cfcb RDI: ffff888085878530 RBP: ffff888058207a28 R08: ffffed1010b0f158 R09: 0000000000000000 R10: ffffed1010b0f157 R11: ffff888085878abf R12: 0000000020d7cfcb R13: ffff888085878530 R14: 00007ffffffff000 R15: 0000000020d7d55b _copy_from_iter_full+0x196/0x6c0 lib/iov_iter.c:608 copy_from_iter_full include/linux/uio.h:126 [inline] skb_do_copy_data_nocache include/net/sock.h:1886 [inline] skb_add_data_nocache include/net/sock.h:1897 [inline] tcp_sendmsg_locked+0x1371/0x31c0 net/ipv4/tcp.c:1335 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007f13a9e43c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f13a9e446d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000002 audit: type=1400 audit(1580519907.065:256): avc: denied { create } for pid=18437 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1580519907.095:257): avc: denied { write } for pid=18437 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 audit: type=1400 audit(1580519907.095:258): avc: denied { read } for pid=18437 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18441 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2d7/0x780 mm/slab.c:3550 ptlock_alloc+0x20/0x70 mm/memory.c:4741 ptlock_init include/linux/mm.h:1752 [inline] pgtable_page_ctor include/linux/mm.h:1786 [inline] pte_alloc_one+0x60/0x100 arch/x86/mm/pgtable.c:33 do_huge_pmd_anonymous_page+0x84f/0x1200 mm/huge_memory.c:701 create_huge_pmd mm/memory.c:3881 [inline] __handle_mm_fault+0x247d/0x33d0 mm/memory.c:4084 handle_mm_fault+0x293/0x7c0 mm/memory.c:4150 __do_page_fault+0x4c1/0xb80 arch/x86/mm/fault.c:1420 do_page_fault+0x71/0x511 arch/x86/mm/fault.c:1495 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:181 RSP: 0018:ffff8880579779f8 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 0000000000000590 RCX: 0000000000000590 RDX: 0000000000000590 RSI: 0000000020d7cfcb RDI: ffff888058c4a1f0 RBP: ffff888057977a28 R08: ffffed100b1894f0 R09: 0000000000000000 R10: ffffed100b1894ef R11: ffff888058c4a77f R12: 0000000020d7cfcb R13: ffff888058c4a1f0 R14: 00007ffffffff000 R15: 0000000020d7d55b _copy_from_iter_full+0x196/0x6c0 lib/iov_iter.c:608 copy_from_iter_full include/linux/uio.h:126 [inline] skb_do_copy_data_nocache include/net/sock.h:1886 [inline] skb_add_data_nocache include/net/sock.h:1897 [inline] tcp_sendmsg_locked+0x1371/0x31c0 net/ipv4/tcp.c:1335 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000003 CPU: 0 PID: 18442 Comm: syz-executor.2 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x2d7/0x780 mm/slab.c:3550 ptlock_alloc+0x20/0x70 mm/memory.c:4741 ptlock_init include/linux/mm.h:1752 [inline] pgtable_page_ctor include/linux/mm.h:1786 [inline] pte_alloc_one+0x60/0x100 arch/x86/mm/pgtable.c:33 do_huge_pmd_anonymous_page+0x84f/0x1200 mm/huge_memory.c:701 create_huge_pmd mm/memory.c:3881 [inline] __handle_mm_fault+0x247d/0x33d0 mm/memory.c:4084 handle_mm_fault+0x293/0x7c0 mm/memory.c:4150 __do_page_fault+0x4c1/0xb80 arch/x86/mm/fault.c:1420 do_page_fault+0x71/0x511 arch/x86/mm/fault.c:1495 page_fault+0x25/0x50 arch/x86/entry/entry_64.S:1122 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x20 arch/x86/lib/copy_user_64.S:181 RSP: 0018:ffff888051fdf9f8 EFLAGS: 00010206 RAX: 0000000000000000 RBX: 0000000000000590 RCX: 0000000000000590 RDX: 0000000000000590 RSI: 0000000020d7cfcb RDI: ffff888080836cb0 RBP: ffff888051fdfa28 R08: ffffed1010106e48 R09: 0000000000000000 R10: ffffed1010106e47 R11: ffff88808083723f R12: 0000000020d7cfcb R13: ffff888080836cb0 R14: 00007ffffffff000 R15: 0000000020d7d55b _copy_from_iter_full+0x196/0x6c0 lib/iov_iter.c:608 copy_from_iter_full include/linux/uio.h:126 [inline] skb_do_copy_data_nocache include/net/sock.h:1886 [inline] skb_add_data_nocache include/net/sock.h:1897 [inline] tcp_sendmsg_locked+0x1371/0x31c0 net/ipv4/tcp.c:1335 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007f13a9e43c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f13a9e446d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000003 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18475 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] skb_page_frag_refill+0x1ef/0x490 net/core/sock.c:2201 sk_page_frag_refill+0x53/0x1c0 net/core/sock.c:2221 tcp_sendmsg_locked+0x7dc/0x31c0 net/ipv4/tcp.c:1343 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000004 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18515 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x56/0x780 mm/slab.c:3640 __alloc_skb+0x9c/0x500 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] __tcp_send_ack.part.0+0x67/0x5b0 net/ipv4/tcp_output.c:3619 __tcp_send_ack net/ipv4/tcp_output.c:3646 [inline] tcp_send_ack+0x7a/0xa0 net/ipv4/tcp_output.c:3646 __tcp_ack_snd_check+0x107/0x3a0 net/ipv4/tcp_input.c:5145 tcp_ack_snd_check net/ipv4/tcp_input.c:5158 [inline] tcp_rcv_established+0x67e/0x1650 net/ipv4/tcp_input.c:5571 tcp_v4_do_rcv+0x56c/0x7f0 net/ipv4/tcp_ipv4.c:1467 sk_backlog_rcv include/net/sock.h:917 [inline] __release_sock+0x12d/0x350 net/core/sock.c:2264 __sk_flush_backlog+0x28/0x40 net/core/sock.c:2284 sk_flush_backlog include/net/sock.h:1004 [inline] tcp_sendmsg_locked+0x263d/0x31c0 net/ipv4/tcp.c:1296 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000005 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18549 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x5a/0x770 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x3d/0x80 mm/slab.c:3696 __kmalloc_reserve.isra.0+0x40/0xe0 net/core/skbuff.c:137 __alloc_skb+0xcf/0x500 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] __tcp_send_ack.part.0+0x67/0x5b0 net/ipv4/tcp_output.c:3619 __tcp_send_ack net/ipv4/tcp_output.c:3646 [inline] tcp_send_ack+0x7a/0xa0 net/ipv4/tcp_output.c:3646 __tcp_ack_snd_check+0x107/0x3a0 net/ipv4/tcp_input.c:5145 tcp_ack_snd_check net/ipv4/tcp_input.c:5158 [inline] tcp_rcv_established+0x67e/0x1650 net/ipv4/tcp_input.c:5571 tcp_v4_do_rcv+0x56c/0x7f0 net/ipv4/tcp_ipv4.c:1467 sk_backlog_rcv include/net/sock.h:917 [inline] __release_sock+0x12d/0x350 net/core/sock.c:2264 __sk_flush_backlog+0x28/0x40 net/core/sock.c:2284 sk_flush_backlog include/net/sock.h:1004 [inline] tcp_sendmsg_locked+0x263d/0x31c0 net/ipv4/tcp.c:1296 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000006 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18587 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x287/0x780 mm/slab.c:3640 __alloc_skb+0x9c/0x500 net/core/skbuff.c:193 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000007 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18611 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x280/0x770 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x3d/0x80 mm/slab.c:3696 __kmalloc_reserve.isra.0+0x40/0xe0 net/core/skbuff.c:137 __alloc_skb+0xcf/0x500 net/core/skbuff.c:205 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000008 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=18625 comm=syz-executor.2 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=18625 comm=syz-executor.2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18664 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x280/0x770 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x3d/0x80 mm/slab.c:3696 __kmalloc_reserve.isra.0+0x40/0xe0 net/core/skbuff.c:137 __alloc_skb+0xcf/0x500 net/core/skbuff.c:205 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 0000000000000009 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18721 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] skb_page_frag_refill+0x1ef/0x490 net/core/sock.c:2201 sk_page_frag_refill+0x53/0x1c0 net/core/sock.c:2221 tcp_sendmsg_locked+0x7dc/0x31c0 net/ipv4/tcp.c:1343 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000a FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18785 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x287/0x780 mm/slab.c:3640 __alloc_skb+0x9c/0x500 net/core/skbuff.c:193 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000b FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18811 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x280/0x770 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x3d/0x80 mm/slab.c:3696 __kmalloc_reserve.isra.0+0x40/0xe0 net/core/skbuff.c:137 __alloc_skb+0xcf/0x500 net/core/skbuff.c:205 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000c FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 18850 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] skb_page_frag_refill+0x1ef/0x490 net/core/sock.c:2201 sk_page_frag_refill+0x53/0x1c0 net/core/sock.c:2221 tcp_sendmsg_locked+0x7dc/0x31c0 net/ipv4/tcp.c:1343 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000d FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18907 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:2891 [inline] prepare_alloc_pages mm/page_alloc.c:4124 [inline] __alloc_pages_nodemask+0x1d6/0x7a0 mm/page_alloc.c:4172 alloc_pages_current+0xec/0x1e0 mm/mempolicy.c:2113 alloc_pages include/linux/gfp.h:520 [inline] skb_page_frag_refill+0x1ef/0x490 net/core/sock.c:2201 sk_page_frag_refill+0x53/0x1c0 net/core/sock.c:2221 tcp_sendmsg_locked+0x7dc/0x31c0 net/ipv4/tcp.c:1343 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000e FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 18963 Comm: syz-executor.0 Not tainted 4.14.169-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x142/0x197 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10f/0x159 lib/fault-inject.c:149 should_failslab+0xdb/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x287/0x780 mm/slab.c:3640 __alloc_skb+0x9c/0x500 net/core/skbuff.c:193 alloc_skb_fclone include/linux/skbuff.h:1022 [inline] sk_stream_alloc_skb+0xb5/0x780 net/ipv4/tcp.c:855 tcp_sendmsg_locked+0xf6b/0x31c0 net/ipv4/tcp.c:1301 tcp_sendmsg+0x30/0x50 net/ipv4/tcp.c:1457 inet_sendmsg+0x122/0x500 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xce/0x110 net/socket.c:656 SYSC_sendto+0x206/0x310 net/socket.c:1763 SyS_sendto+0x40/0x50 net/socket.c:1731 do_syscall_64+0x1e8/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x45b399 RSP: 002b:00007fc1af258c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007fc1af2596d4 RCX: 000000000045b399 RDX: ffffffffffffffef RSI: 0000000020d7cfcb RDI: 0000000000000005 RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000053 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00000000000009d4 R14: 00000000004cb445 R15: 000000000000000f