====================================================== WARNING: possible circular locking dependency detected 4.14.0-next-20171122+ #49 Not tainted ------------------------------------------------------ syz-executor3/5761 is trying to acquire lock: (console_lock){+.+.}, at: [] vcs_write+0x14d/0xca0 drivers/tty/vt/vc_screen.c:397 but task is already holding lock: (&pipe->mutex/1){+.+.}, at: [] pipe_lock_nested fs/pipe.c:67 [inline] (&pipe->mutex/1){+.+.}, at: [] pipe_lock+0x56/0x70 fs/pipe.c:75 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 (&pipe->mutex/1){+.+.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 pipe_lock_nested fs/pipe.c:67 [inline] pipe_lock+0x56/0x70 fs/pipe.c:75 iter_file_splice_write+0x264/0xf30 fs/splice.c:699 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x7d5/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0x96 -> #2 (sb_writers){.+.+}: spin_lock include/linux/spinlock.h:315 [inline] fsnotify_put_mark+0x319/0x740 fs/notify/mark.c:242 -> #1 ((completion)&req.done){+.+.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 complete_acquire include/linux/completion.h:40 [inline] __wait_for_common kernel/sched/completion.c:109 [inline] wait_for_common kernel/sched/completion.c:123 [inline] wait_for_completion+0xcb/0x7b0 kernel/sched/completion.c:144 devtmpfs_create_node+0x32b/0x4a0 drivers/base/devtmpfs.c:115 device_add+0x120f/0x1640 drivers/base/core.c:1824 device_create_groups_vargs+0x1f3/0x250 drivers/base/core.c:2430 device_create_vargs drivers/base/core.c:2470 [inline] device_create+0xda/0x110 drivers/base/core.c:2506 vcs_make_sysfs+0x35/0x60 drivers/tty/vt/vc_screen.c:629 vc_allocate+0x4b7/0x6b0 drivers/tty/vt/vt.c:797 con_install+0x52/0x440 drivers/tty/vt/vt.c:2876 tty_driver_install_tty drivers/tty/tty_io.c:1215 [inline] tty_init_dev+0xf6/0x4a0 drivers/tty/tty_io.c:1315 tty_open_by_driver drivers/tty/tty_io.c:1942 [inline] tty_open+0x608/0xab0 drivers/tty/tty_io.c:1990 chrdev_open+0x257/0x730 fs/char_dev.c:417 do_dentry_open+0x682/0xd70 fs/open.c:752 vfs_open+0x107/0x230 fs/open.c:866 do_last fs/namei.c:3388 [inline] path_openat+0x1157/0x3530 fs/namei.c:3528 do_filp_open+0x25b/0x3b0 fs/namei.c:3563 do_sys_open+0x502/0x6d0 fs/open.c:1059 SYSC_open fs/open.c:1077 [inline] SyS_open+0x2d/0x40 fs/open.c:1072 entry_SYSCALL_64_fastpath+0x1f/0x96 -> #0 (console_lock){+.+.}: check_prevs_add kernel/locking/lockdep.c:2031 [inline] validate_chain kernel/locking/lockdep.c:2473 [inline] __lock_acquire+0x3498/0x47f0 kernel/locking/lockdep.c:3500 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 console_lock+0x4b/0x80 kernel/printk/printk.c:2047 vcs_write+0x14d/0xca0 drivers/tty/vt/vc_screen.c:397 __vfs_write+0xef/0x970 fs/read_write.c:480 __kernel_write+0xfe/0x350 fs/read_write.c:501 write_pipe_buf+0x175/0x220 fs/splice.c:797 splice_from_pipe_feed fs/splice.c:502 [inline] __splice_from_pipe+0x328/0x730 fs/splice.c:626 splice_from_pipe+0x1e9/0x330 fs/splice.c:661 default_file_splice_write+0x40/0x90 fs/splice.c:809 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x7d5/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0x96 other info that might help us debug this: Chain exists of: console_lock --> sb_writers --> &pipe->mutex/1 Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&pipe->mutex/1); lock(sb_writers); lock(&pipe->mutex/1); lock(console_lock); *** DEADLOCK *** 1 lock held by syz-executor3/5761: #0: (&pipe->mutex/1){+.+.}, at: [] pipe_lock_nested fs/pipe.c:67 [inline] #0: (&pipe->mutex/1){+.+.}, at: [] pipe_lock+0x56/0x70 fs/pipe.c:75 stack backtrace: CPU: 0 PID: 5761 Comm: syz-executor3 Not tainted 4.14.0-next-20171122+ #49 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 print_circular_bug+0x42d/0x610 kernel/locking/lockdep.c:1271 check_prev_add+0x666/0x15f0 kernel/locking/lockdep.c:1914 check_prevs_add kernel/locking/lockdep.c:2031 [inline] validate_chain kernel/locking/lockdep.c:2473 [inline] __lock_acquire+0x3498/0x47f0 kernel/locking/lockdep.c:3500 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 console_lock+0x4b/0x80 kernel/printk/printk.c:2047 vcs_write+0x14d/0xca0 drivers/tty/vt/vc_screen.c:397 __vfs_write+0xef/0x970 fs/read_write.c:480 __kernel_write+0xfe/0x350 fs/read_write.c:501 write_pipe_buf+0x175/0x220 fs/splice.c:797 splice_from_pipe_feed fs/splice.c:502 [inline] __splice_from_pipe+0x328/0x730 fs/splice.c:626 splice_from_pipe+0x1e9/0x330 fs/splice.c:661 default_file_splice_write+0x40/0x90 fs/splice.c:809 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x7d5/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452879 RSP: 002b:00007fd742bccbe8 EFLAGS: 00000212 ORIG_RAX: 0000000000000113 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452879 RDX: 0000000000000013 RSI: 0000000000000000 RDI: 0000000000000014 RBP: 0000000000000086 R08: 00000000fffff5fc R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f2cb0 R13: 00000000ffffffff R14: 00007fd742bcd6d4 R15: 0000000000000000 QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor4 (pid 5856) Use of int in maxseg socket option. Use struct sctp_assoc_value instead QAT: Invalid ioctl QAT: Invalid ioctl sctp: [Deprecated]: syz-executor4 (pid 5856) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead sctp: [Deprecated]: syz-executor4 (pid 5856) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor4 (pid 5879) Use of struct sctp_assoc_value in delayed_ack socket option. Use struct sctp_sack_info instead SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=5950 comm=syz-executor6 SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=5962 comm=syz-executor6 device gre0 entered promiscuous mode device gre0 entered promiscuous mode device gre0 entered promiscuous mode Trying to set illegal importance in message Trying to set illegal importance in message nla_parse: 3 callbacks suppressed netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. kauditd_printk_skb: 388 callbacks suppressed audit: type=1326 audit(1511343108.956:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.956:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.957:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=121 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.957:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.957:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.959:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=9 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.959:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.959:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.960:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=298 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343108.960:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=6151 comm="syz-executor6" exe="/root/syz-executor6" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 sctp: [Deprecated]: syz-executor3 (pid 6234) Use of int in maxseg socket option. Use struct sctp_assoc_value instead sctp: [Deprecated]: syz-executor3 (pid 6265) Use of int in maxseg socket option. Use struct sctp_assoc_value instead kvm_pmu: event creation failed -2 netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. Started in network mode Own node address <128.2424.2694>, network identity 4711 semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. The task syz-executor6 (6310) triggered the difference, watch for misbehavior. device gre0 entered promiscuous mode netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor1'. device eql entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. device lo entered promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. device lo left promiscuous mode netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 17 bytes leftover after parsing attributes in process `syz-executor7'. netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 1 bytes leftover after parsing attributes in process `syz-executor2'. SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6428 comm=syz-executor7 rfkill: input handler disabled Option ' rfkill: input handler enabled Option ' QAT: Invalid ioctl QAT: Invalid ioctl *** Guest State *** CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x000000000000fffa RIP = 0x0000000000000000 RFLAGS=0x00033000 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 DS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811be573 RSP = 0xffff8801cb9574c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f35f9457700 GSBase=ffff8801db500000 TRBase=ffff8801db423140 GDTBase=ffffffffff577000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=00000001db16d000 CR4=00000000001426e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff85140970 EFER = 0x0000000000000d01 PAT = 0x0000000000000000 *** Control State *** PinBased=0000003f CPUBased=b699edfa SecondaryExec=00000042 EntryControls=0000d1ff ExitControls=0023efff ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000000 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffded6b1400d EPT pointer = 0x00000001c15ce01e RDS: rds_bind could not find a transport for 172.20.0.187, load rds_tcp or rds_rdma? device gre0 entered promiscuous mode RDS: rds_bind could not find a transport for 172.20.0.187, load rds_tcp or rds_rdma? kvm_hv_set_msr: 36 callbacks suppressed kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008f data 0x6f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008e data 0x6f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008d data 0x6f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008c data 0x6f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008f data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008e data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008d data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008c data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008b data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x4000008a data 0xbcd9006f kvm [6784]: vcpu0, guest rIP: 0x9115 Hyper-V uhandled wrmsr: 0x40000020 data 0xf6bcd9006f *** Guest State *** CR0: actual=0x0000000080000031, shadow=0x0000000060000010, gh_mask=fffffffffffffff7 CR4: actual=0x0000000000002051, shadow=0x0000000000000000, gh_mask=ffffffffffffe871 CR3 = 0x00000000fffbc000 RSP = 0x000000000000fffa RIP = 0x0000000000006dc7 RFLAGS=0x00033000 DR7 = 0x0000000000000400 Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000 CS: sel=0xe332, attr=0x000f3, limit=0x0000ffff, base=0x00000000000e3320 DS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 SS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 ES: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 FS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GS: sel=0x0000, attr=0x000f3, limit=0x0000ffff, base=0x0000000000000000 GDTR: limit=0x0000ffff, base=0x0000000000000000 LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000 IDTR: limit=0x0000ffff, base=0x0000000000000000 TR: sel=0x0000, attr=0x0008b, limit=0x00002088, base=0x0000000000000000 EFER = 0x0000000000000000 PAT = 0x0007040600070406 DebugCtl = 0x0000000000000000 DebugExceptions = 0x0000000000000000 Interruptibility = 00000000 ActivityState = 00000000 *** Host State *** RIP = 0xffffffff811be573 RSP = 0xffff8801c2c274c8 CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040 FSBase=00007f2e540ab700 GSBase=ffff8801db500000 TRBase=ffff8801db523140 GDTBase=ffffffffff576000 IDTBase=ffffffffff57b000 CR0=0000000080050033 CR3=00000001d984e000 CR4=00000000001426e0 Sysenter RSP=0000000000000000 CS:RIP=0010:ffffffff85140970 EFER = 0x0000000000000d01 PAT = 0x0000000000000000 *** Control State *** PinBased=0000003f CPUBased=b699edfa SecondaryExec=00000042 EntryControls=0000d1ff ExitControls=0023efff ExceptionBitmap=ffffbfff PFECmask=00000000 PFECmatch=00000000 VMEntry: intr_info=00000000 errcode=00000000 ilen=00000000 VMExit: intr_info=00000000 errcode=00000000 ilen=00000003 reason=80000021 qualification=0000000000000000 IDTVectoring: info=00000000 errcode=00000000 TSC Offset = 0xffffffde6c63c460 EPT pointer = 0x00000001c331001e Option 'Q9z̧ƒh' to dns_resolver key: bad/missing value Option 'Q9z̧ƒh' to dns_resolver key: bad/missing value SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=6956 comm=syz-executor6 device gre0 entered promiscuous mode device gre0 entered promiscuous mode device syz3 entered promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pig=7251 comm=syz-executor5 device syz3 left promiscuous mode SELinux: unrecognized netlink message: protocol=0 nlmsg_type=11 sclass=netlink_route_socket pig=7251 comm=syz-executor5 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7351 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7351 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7373 comm=syz-executor3 Started in network mode Own node address <128.2424.2694>, network identity 4711 QAT: Invalid ioctl QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7385 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7390 comm=syz-executor3 QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=7385 comm=syz-executor3 QAT: Invalid ioctl kauditd_printk_skb: 158 callbacks suppressed audit: type=1326 audit(1511343115.038:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.066:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=72 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.067:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.067:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.070:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=68 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.070:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.070:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=64 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.070:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.071:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=66 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511343115.071:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=7418 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 QAT: Invalid ioctl QAT: Invalid ioctl Bearer <> rejected, illegal name Bearer <> rejected, illegal name could not allocate digest TFM handle anubis FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 could not allocate digest TFM handle anubis CPU: 0 PID: 7533 Comm: syz-executor2 Not tainted 4.14.0-next-20171122+ #49 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:425 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:981 [inline] tcp_xmit_probe_skb+0x67/0x360 net/ipv4/tcp_output.c:3638 tcp_send_window_probe+0x11d/0x150 net/ipv4/tcp_output.c:3660 do_tcp_setsockopt.isra.38+0x868/0x20b0 net/ipv4/tcp.c:2650 tcp_setsockopt+0xb0/0xd0 net/ipv4/tcp.c:2873 sock_common_setsockopt+0x95/0xd0 net/core/sock.c:2968 SYSC_setsockopt net/socket.c:1851 [inline] SyS_setsockopt+0x189/0x360 net/socket.c:1830 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452879 RSP: 002b:00007ff3d4330be8 EFLAGS: 00000212 ORIG_RAX: 0000000000000036 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452879 RDX: 0000000000000013 RSI: 0000000000000006 RDI: 0000000000000013 RBP: 00007ff3d4330a20 R08: 0000000000000004 R09: 0000000000000000 R10: 0000000020d15000 R11: 0000000000000212 R12: 00000000004b757e R13: 00007ff3d4330b58 R14: 00000000004b758e R15: 0000000000000000