================================================
WARNING: lock held when returning to user space!
4.18.0+ #197 Not tainted
------------------------------------------------
syz-executor3/13215 is leaving the kernel with locks still held!
1 lock held by syz-executor3/13215:
 #0: 00000000f11fa8df (&fi->mutex){+.+.}, at: fuse_lock_inode+0xaf/0xe0 fs/fuse/inode.c:363
IPVS: length: 4096 != 8
hid (null): unknown global tag 0xd
hid (null): unknown global tag 0xe
hid (null): global environment stack underflow
hid (null): bogus close delimiter
kernel msg: ebtables bug: please report to author: Wrong len argument
IPVS: length: 4096 != 8
hid-generic 0002:0008:0004.0002: unknown main item tag 0x5
hid-generic 0002:0008:0004.0002: unknown global tag 0xd
hid-generic 0002:0008:0004.0002: item 0 1 1 13 parsing failed
kernel msg: ebtables bug: please report to author: Wrong len argument
hid-generic: probe of 0002:0008:0004.0002 failed with error -22
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 1
CPU: 0 PID: 14329 Comm: syz-executor5 Not tainted 4.18.0+ #197
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold.4+0xa/0x11 lib/fault-inject.c:149
 __should_failslab+0x124/0x180 mm/failslab.c:32
 should_failslab+0x9/0x14 mm/slab_common.c:1557
 slab_pre_alloc_hook mm/slab.h:423 [inline]
 slab_alloc mm/slab.c:3378 [inline]
 kmem_cache_alloc+0x2af/0x760 mm/slab.c:3552
 anon_vma_chain_alloc mm/rmap.c:129 [inline]
 __anon_vma_prepare+0xc4/0x720 mm/rmap.c:183
 anon_vma_prepare include/linux/rmap.h:153 [inline]
 do_huge_pmd_anonymous_page+0x12fe/0x1c00 mm/huge_memory.c:675
 create_huge_pmd mm/memory.c:3879 [inline]
 __handle_mm_fault+0x2cbf/0x4360 mm/memory.c:4083
 handle_mm_fault+0x53e/0xc80 mm/memory.c:4149
 __do_page_fault+0x620/0xe50 arch/x86/mm/fault.c:1395
 do_page_fault+0xf6/0x8c0 arch/x86/mm/fault.c:1470
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1161
RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:68
Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 98 13 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
RSP: 0018:ffff88019474fcf8 EFLAGS: 00010293
RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000080
RDX: 0000000000000046 RSI: ffffffff81ac6b13 RDI: 0000000000000282
RBP: ffff88019474fdf0 R08: 1ffff100328e9f7c R09: ffff88019474fa20
R10: ffffed0039c1e498 R11: ffff8801ce0f24c3 R12: 0000000000000004
R13: 0000000020000080 R14: 0000000000000005 R15: dffffc0000000000
 __do_sys_socketpair net/socket.c:1456 [inline]
 __se_sys_socketpair net/socket.c:1453 [inline]
 __x64_sys_socketpair+0x97/0xf0 net/socket.c:1453
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457089
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f56654afc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 00007f56654b06d4 RCX: 0000000000457089
RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000003
R13: 00000000004d60e0 R14: 00000000004c98a3 R15: 0000000000000000
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 0 PID: 14393 Comm: syz-executor5 Not tainted 4.18.0+ #197
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold.4+0xa/0x11 lib/fault-inject.c:149
 __should_failslab+0x124/0x180 mm/failslab.c:32
 should_failslab+0x9/0x14 mm/slab_common.c:1557
 slab_pre_alloc_hook mm/slab.h:423 [inline]
 slab_alloc mm/slab.c:3378 [inline]
 kmem_cache_alloc+0x2af/0x760 mm/slab.c:3552
 anon_vma_alloc mm/rmap.c:82 [inline]
 __anon_vma_prepare+0x3c6/0x720 mm/rmap.c:190
 anon_vma_prepare include/linux/rmap.h:153 [inline]
 do_huge_pmd_anonymous_page+0x12fe/0x1c00 mm/huge_memory.c:675
 create_huge_pmd mm/memory.c:3879 [inline]
 __handle_mm_fault+0x2cbf/0x4360 mm/memory.c:4083
 handle_mm_fault+0x53e/0xc80 mm/memory.c:4149
 __do_page_fault+0x620/0xe50 arch/x86/mm/fault.c:1395
 do_page_fault+0xf6/0x8c0 arch/x86/mm/fault.c:1470
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1161
RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:68
Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 98 13 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
RSP: 0018:ffff88018f4d7cf8 EFLAGS: 00010293
RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000080
RDX: 0000000000000046 RSI: ffffffff81ac6b13 RDI: 0000000000000282
RBP: ffff88018f4d7df0 R08: 1ffff10031e9af7c R09: ffff88018f4d7a20
R10: ffffed0038e2f318 R11: ffff8801c71798c3 R12: 0000000000000004
R13: 0000000020000080 R14: 0000000000000005 R15: dffffc0000000000
 __do_sys_socketpair net/socket.c:1456 [inline]
 __se_sys_socketpair net/socket.c:1453 [inline]
 __x64_sys_socketpair+0x97/0xf0 net/socket.c:1453
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457089
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f56654afc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 00007f56654b06d4 RCX: 0000000000457089
RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000003
R13: 00000000004d60e0 R14: 00000000004c98a3 R15: 0000000000000001
FAULT_INJECTION: forcing a failure.
name failslab, interval 1, probability 0, space 0, times 0
CPU: 0 PID: 14429 Comm: syz-executor5 Not tainted 4.18.0+ #197
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold.4+0xa/0x11 lib/fault-inject.c:149
 __should_failslab+0x124/0x180 mm/failslab.c:32
 should_failslab+0x9/0x14 mm/slab_common.c:1557
 slab_pre_alloc_hook mm/slab.h:423 [inline]
 slab_alloc mm/slab.c:3378 [inline]
 kmem_cache_alloc+0x2af/0x760 mm/slab.c:3552
 kmem_cache_zalloc include/linux/slab.h:697 [inline]
 alloc_mm_slot mm/khugepaged.c:369 [inline]
 __khugepaged_enter+0xbe/0x5e0 mm/khugepaged.c:425
 khugepaged_enter include/linux/khugepaged.h:54 [inline]
 do_huge_pmd_anonymous_page+0x13b3/0x1c00 mm/huge_memory.c:677
 create_huge_pmd mm/memory.c:3879 [inline]
 __handle_mm_fault+0x2cbf/0x4360 mm/memory.c:4083
 handle_mm_fault+0x53e/0xc80 mm/memory.c:4149
 __do_page_fault+0x620/0xe50 arch/x86/mm/fault.c:1395
 do_page_fault+0xf6/0x8c0 arch/x86/mm/fault.c:1470
 page_fault+0x1e/0x30 arch/x86/entry/entry_64.S:1161
RIP: 0010:__put_user_4+0x1c/0x30 arch/x86/lib/putuser.S:68
Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 98 13 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
RSP: 0018:ffff8801900ffcf8 EFLAGS: 00010293
RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000000020000080
RDX: 0000000000000046 RSI: ffffffff81ac6b13 RDI: 0000000000000282
RBP: ffff8801900ffdf0 R08: 1ffff1003201ff7c R09: 0000000000000000
R10: ffffed0039c1e510 R11: ffff8801ce0f2883 R12: 0000000000000004
R13: 0000000020000080 R14: 0000000000000005 R15: dffffc0000000000
 __do_sys_socketpair net/socket.c:1456 [inline]
 __se_sys_socketpair net/socket.c:1453 [inline]
 __x64_sys_socketpair+0x97/0xf0 net/socket.c:1453
 do_syscall_64+0x1b9/0x820 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x457089
Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007f56654afc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
RAX: ffffffffffffffda RBX: 00007f56654b06d4 RCX: 0000000000457089
RDX: 0000000000000000 RSI: 0000000000000005 RDI: 000000000000001e
RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000003
R13: 00000000004d60e0 R14: 00000000004c98a3 R15: 0000000000000002
FAULT_INJECTION: forcing a failure.
name fail_page_alloc, interval 1, probability 0, space 0, times 1
CPU: 1 PID: 14475 Comm: syz-executor5 Not tainted 4.18.0+ #197
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x2b4 lib/dump_stack.c:113
 fail_dump lib/fault-inject.c:51 [inline]
 should_fail.cold.4+0xa/0x11 lib/fault-inject.c:149