BUG: sleeping function called from invalid context at net/core/sock.c:2761 in_atomic(): 1, irqs_disabled(): 0, pid: 6931, name: kworker/0:2 2 locks held by kworker/0:2/6931: #0: ((wq_completion)"%s"name){+.+.}, at: [] __write_once_size include/linux/compiler.h:212 [inline] #0: ((wq_completion)"%s"name){+.+.}, at: [] atomic64_set arch/x86/include/asm/atomic64_64.h:34 [inline] #0: ((wq_completion)"%s"name){+.+.}, at: [] atomic_long_set include/asm-generic/atomic-long.h:57 [inline] #0: ((wq_completion)"%s"name){+.+.}, at: [] set_work_data kernel/workqueue.c:618 [inline] #0: ((wq_completion)"%s"name){+.+.}, at: [] set_work_pool_and_clear_pending kernel/workqueue.c:645 [inline] #0: ((wq_completion)"%s"name){+.+.}, at: [] process_one_work+0xad4/0x1be0 kernel/workqueue.c:2083 #1: ((work_completion)(&squeue->work)){+.+.}, at: [] process_one_work+0xb2f/0x1be0 kernel/workqueue.c:2087 CPU: 0 PID: 6931 Comm: kworker/0:2 Not tainted 4.14.0-next-20171124+ #51 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: pencrypt padata_serial_worker Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 ___might_sleep+0x2b2/0x470 kernel/sched/core.c:6060 __might_sleep+0x95/0x190 kernel/sched/core.c:6013 lock_sock_nested+0x37/0x110 net/core/sock.c:2761 lock_sock include/net/sock.h:1467 [inline] af_alg_async_cb+0x86/0x1a0 crypto/af_alg.c:1039 aead_request_complete include/crypto/internal/aead.h:75 [inline] pcrypt_aead_serial+0x75/0xa0 crypto/pcrypt.c:123 padata_serial_worker+0x476/0x750 kernel/padata.c:348 process_one_work+0xbfd/0x1be0 kernel/workqueue.c:2112 worker_thread+0x223/0x1990 kernel/workqueue.c:2246 kthread+0x37a/0x440 kernel/kthread.c:238 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:437 device gre0 entered promiscuous mode netlink: 11 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 11 bytes leftover after parsing attributes in process `syz-executor5'. QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl Trying to set illegal importance in message Trying to set illegal importance in message SELinux: unrecognized netlink message: protocol=9 nlmsg_type=32 sclass=netlink_audit_socket pig=24050 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=9 nlmsg_type=32 sclass=netlink_audit_socket pig=24057 comm=syz-executor3 SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pig=24100 comm=syz-executor4 tmpfs: Bad mount option q]g4G tmpfs: Bad mount option q]g4G device gre0 entered promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 24203 Comm: syz-executor7 Tainted: G W 4.14.0-next-20171124+ #51 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:425 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 ptlock_alloc+0x24/0x70 mm/memory.c:4673 ptlock_init include/linux/mm.h:1790 [inline] pgtable_page_ctor include/linux/mm.h:1824 [inline] pte_alloc_one+0x59/0x100 arch/x86/mm/pgtable.c:32 do_huge_pmd_anonymous_page+0xc23/0x1b00 mm/huge_memory.c:689 create_huge_pmd mm/memory.c:3816 [inline] __handle_mm_fault+0x1b68/0x3dd0 mm/memory.c:4019 handle_mm_fault+0x38f/0x930 mm/memory.c:4085 __do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1429 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504 page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1088 RIP: 0033:0x401819 RSP: 002b:00007fd8bb079b20 EFLAGS: 00010246 RAX: 0000000020000000 RBX: 0000000000000082 RCX: 0000000000000000 RDX: 18c6884665904eb1 RSI: 0000000000000000 RDI: 00007fd8bb07a608 RBP: 00000000204f7000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000082 R11: 0000000000000000 R12: 00000000006f53c8 R13: 0000000000000013 R14: 00007fd8bb07a6d4 R15: ffffffffffffffff syz-executor7 invoked oom-killer: gfp_mask=0x0(), nodemask=(null), order=0, oom_score_adj=0 syz-executor7 cpuset=/ mems_allowed=0 CPU: 1 PID: 24203 Comm: syz-executor7 Tainted: G W 4.14.0-next-20171124+ #51 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 dump_header+0x28c/0xe1e mm/oom_kill.c:437 oom_kill_process+0x8b9/0x1550 mm/oom_kill.c:863 out_of_memory+0x86d/0x1220 mm/oom_kill.c:1077 pagefault_out_of_memory+0x135/0x152 mm/oom_kill.c:1108 mm_fault_error+0xd6/0x2c0 arch/x86/mm/fault.c:1053 __do_page_fault+0xb4d/0xc90 arch/x86/mm/fault.c:1457 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504 page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1088 RIP: 0033:0x401819 RSP: 002b:00007fd8bb079b20 EFLAGS: 00010246 RAX: 0000000020000000 RBX: 0000000000000082 RCX: 0000000000000000 RDX: 18c6884665904eb1 RSI: 0000000000000000 RDI: 00007fd8bb07a608 RBP: 00000000204f7000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000082 R11: 0000000000000000 R12: 00000000006f53c8 R13: 0000000000000013 R14: 00007fd8bb07a6d4 R15: ffffffffffffffff Mem-Info: active_anon:141786 inactive_anon:47 isolated_anon:0 active_file:4670 inactive_file:9456 isolated_file:0 unevictable:2 dirty:67 writeback:0 unstable:0 slab_reclaimable:8061 slab_unreclaimable:98854 mapped:23071 shmem:511 pagetables:870 bounce:0 free:1342620 free_pcp:435 free_cma:0 Node 0 active_anon:585728kB inactive_anon:196kB active_file:18688kB inactive_file:37860kB unevictable:8kB isolated(anon):0kB isolated(file):0kB mapped:92144kB dirty:392kB writeback:0kB shmem:2052kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 63488kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no Node 0 DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB lowmem_reserve[]: 0 2882 6395 6395 Node 0 DMA32 free:2953236kB min:30384kB low:37980kB high:45576kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2954000kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:756kB local_pcp:656kB free_cma:0kB lowmem_reserve[]: 0 0 3513 3513 Node 0 Normal free:2376256kB min:37032kB low:46288kB high:55544kB active_anon:591736kB inactive_anon:192kB active_file:18688kB inactive_file:37864kB unevictable:8kB writepending:396kB present:4718592kB managed:3597644kB mlocked:0kB kernel_stack:4448kB pagetables:3596kB bounce:0kB free_pcp:1104kB local_pcp:496kB free_cma:0kB lowmem_reserve[]: 0 0 0 0 Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB Node 0 DMA32: 11*4kB (UM) 1*8kB (U) 4*16kB (UM) 3*32kB (UM) 5*64kB (UM) 4*128kB (UM) 4*256kB (M) 4*512kB (UM) 2*1024kB (UM) 3*2048kB (UM) 718*4096kB (M) = 2953236kB Node 0 Normal: 338*4kB (UME) 1312*8kB (UME) 563*16kB (UME) 278*32kB (UME) 910*64kB (UME) 432*128kB (ME) 244*256kB (UM) 127*512kB (UME) 69*1024kB (UM) 29*2048kB (UME) 487*4096kB (UM) = 2395576kB netlink: 2 bytes leftover after parsing attributes in process `syz-executor1'. Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB netlink: 9 bytes leftover after parsing attributes in process `syz-executor0'. 14652 total pagecache pages 0 pages in swap cache Swap cache stats: add 0, delete 0, find 0/0 Free swap = 0kB Total swap = 0kB 1965979 pages RAM 0 pages HighMem/MovableOnly 324091 pages reserved [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1559] 0 1559 5349 594 90112 0 -1000 udevd [ 2802] 0 2802 2493 797 61440 0 0 dhclient [ 2938] 0 2938 30649 798 114688 0 0 rsyslogd [ 2973] 0 2973 4725 485 77824 0 0 cron [ 2999] 0 2999 12490 853 143360 0 -1000 sshd [ 3024] 0 3024 3694 475 73728 0 0 getty [ 3025] 0 3025 3694 468 69632 0 0 getty [ 3026] 0 3026 3694 470 77824 0 0 getty [ 3027] 0 3027 3694 459 77824 0 0 getty [ 3028] 0 3028 3694 471 77824 0 0 getty [ 3029] 0 3029 3649 442 77824 0 0 getty [ 3045] 0 3045 17821 1389 188416 0 0 sshd [ 3047] 0 3047 228957 135041 1552384 0 0 syz-fuzzer [ 3092] 0 3092 7361 230 69632 0 0 syz-executor3 [ 3097] 0 3097 7361 229 65536 0 0 syz-executor5 [ 3100] 0 3100 7361 230 65536 0 0 syz-executor2 [ 3116] 0 3116 5315 520 86016 0 -1000 udevd [ 3289] 0 3289 7361 2272 73728 0 0 syz-executor2 [ 3312] 0 3312 7361 2272 77824 0 0 syz-executor3 [ 3334] 0 3334 7361 2273 77824 0 0 syz-executor5 [20201] 0 20201 7361 230 69632 0 0 syz-executor1 [20225] 0 20225 7361 2274 77824 0 0 syz-executor1 [28732] 0 28732 7361 230 69632 0 0 syz-executor0 [28756] 0 28756 7361 2274 77824 0 0 syz-executor0 [31072] 0 31072 7361 230 65536 0 0 syz-executor7 [31202] 0 31202 7361 2273 73728 0 0 syz-executor7 [ 5338] 0 5338 5348 528 86016 0 -1000 udevd [18970] 0 18970 3694 471 73728 0 0 getty [19492] 0 19492 7361 229 65536 0 0 syz-executor6 [19621] 0 19621 7361 2268 73728 0 0 syz-executor6 [19728] 0 19728 7361 230 61440 0 0 syz-executor4 [19821] 0 19821 7361 2273 69632 0 0 syz-executor4 [24203] 0 24201 11261 2716 77824 0 0 syz-executor7 [24265] 0 24249 11555 4314 94208 0 0 syz-executor2 [24262] 0 24262 11556 2128 77824 0 0 syz-executor0 Out of memory: Kill process 3047 (syz-fuzzer) score 80 or sacrifice child Killed process 3092 (syz-executor3) total-vm:29444kB, anon-rss:60kB, file-rss:860kB, shmem-rss:0kB oom_reaper: reaped process 3092 (syz-executor3), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB nla_parse: 1 callbacks suppressed netlink: 9 bytes leftover after parsing attributes in process `syz-executor0'. device eql entered promiscuous mode device ip6tnl0 entered promiscuous mode netlink: 14 bytes leftover after parsing attributes in process `syz-executor1'. netlink: 14 bytes leftover after parsing attributes in process `syz-executor1'. kvm: vcpu 2: requested 68374 ns lapic timer period limited to 500000 ns kvm: vcpu 2: requested 68374 ns lapic timer period limited to 500000 ns QAT: Invalid ioctl sg_write: data in/out 45116/228 bytes for SCSI command 0x0-- guessing data in; program syz-executor2 not setting count and/or reply_len properly QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl QAT: Invalid ioctl device gre0 entered promiscuous mode device gre0 left promiscuous mode device gre0 entered promiscuous mode xprt_adjust_timeout: rq_timeout = 0! kauditd_printk_skb: 404 callbacks suppressed audit: type=1326 audit(1511606459.108:10401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24591 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 xprt_adjust_timeout: rq_timeout = 0! audit: type=1326 audit(1511606459.245:10402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24591 comm="syz-executor1" exe="/root/syz-executor1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0xffff0000 FAULT_FLAG_ALLOW_RETRY missing 31 CPU: 1 PID: 24654 Comm: syz-executor3 Tainted: G W 4.14.0-next-20171124+ #51 device syz4 left promiscuous mode Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:53 handle_userfault+0x12fa/0x24c0 fs/userfaultfd.c:427 do_anonymous_page mm/memory.c:3149 [inline] handle_pte_fault mm/memory.c:3922 [inline] __handle_mm_fault+0x3da6/0x3dd0 mm/memory.c:4048 handle_mm_fault+0x38f/0x930 mm/memory.c:4085 __do_page_fault+0x5c9/0xc90 arch/x86/mm/fault.c:1429 do_page_fault+0xee/0x720 arch/x86/mm/fault.c:1504 page_fault+0x22/0x30 arch/x86/entry/entry_64.S:1088 RIP: 0010:copy_user_generic_unrolled+0xa0/0xc0 arch/x86/lib/copy_user_64.S:75 RSP: 0018:ffff8801c9e879a0 EFLAGS: 00010202 RAX: ffffed003a1a1d00 RBX: 0000000000000001 RCX: 0000000000000001 RDX: 0000000000000001 RSI: ffff8801d0d0ebd0 RDI: 0000000020001fb2 RBP: ffff8801c9e879d0 R08: ffffed003a1a1d7b R09: ffffed003a1a1d7b R10: 0000000000000001 R11: ffffed003a1a1d7a R12: 0000000020001fb2 R13: ffff8801d0d0ebd0 R14: 00007ffffffff000 R15: 0000000020001fb3 copy_to_user include/linux/uaccess.h:155 [inline] rfkill_fop_read+0x3e8/0x720 net/rfkill/core.c:1189 do_loop_readv_writev fs/read_write.c:673 [inline] do_iter_read+0x3db/0x5b0 fs/read_write.c:897 vfs_readv+0x121/0x1c0 fs/read_write.c:959 do_readv+0xfc/0x2a0 fs/read_write.c:992 SYSC_readv fs/read_write.c:1079 [inline] SyS_readv+0x27/0x30 fs/read_write.c:1076 entry_SYSCALL_64_fastpath+0x1f/0x96 RIP: 0033:0x452879 RSP: 002b:00007f5c17067be8 EFLAGS: 00000212 ORIG_RAX: 0000000000000013 RAX: ffffffffffffffda RBX: 0000000000758020 RCX: 0000000000452879 RDX: 0000000000000001 RSI: 0000000020013000 RDI: 0000000000000017 RBP: 0000000000000086 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000212 R12: 00000000006f16d8 R13: 00000000ffffffff R14: 00007f5c170686d4 R15: 0000000000000000 RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or rds_rdma? RDS: rds_bind could not find a transport for 224.0.0.1, load rds_tcp or rds_rdma? audit: type=1326 audit(1511606460.526:10403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 Bearer <> rejected, illegal name audit: type=1326 audit(1511606460.526:10404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511606460.550:10405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=53 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511606460.551:10406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511606460.551:10407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511606460.560:10408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=193 compat=0 ip=0x452879 code=0x7ffc0000 audit: type=1326 audit(1511606460.560:10409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=24860 comm="syz-executor3" exe="/root/syz-executor3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x452879 code=0x7ffc0000 Bearer <> rejected, illegal name sd 0:0:1:0: [sg0] tag#0 FAILED Result: hostbyte=DID_ABORT driverbyte=DRIVER_OK sd 0:0:1:0: [sg0] tag#0 CDB: Test Unit Ready sd 0:0:1:0: [sg0] tag#0 CDB[00]: 00 00 00 00 fc ff 00 00 00 00 00 00 00 94 35 77 sd 0:0:1:0: [sg0] tag#0 CDB[10]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#0 CDB[20]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 sd 0:0:1:0: [sg0] tag#0 CDB[30]: 00 00 00 00 00 00 00 00 00 00 00 00 QAT: Invalid ioctl QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=25194 comm=syz-executor0 QAT: Invalid ioctl SELinux: unrecognized netlink message: protocol=4 nlmsg_type=24 sclass=netlink_tcpdiag_socket pig=25199 comm=syz-executor0 QAT: Invalid ioctl