bridge0: port 2(bridge_slave_1) entered disabled state device bridge_slave_0 left promiscuous mode bridge0: port 1(bridge_slave_0) entered disabled state device batadv0 left promiscuous mode ============================================ WARNING: possible recursive locking detected 4.14.213-syzkaller #0 Not tainted -------------------------------------------- kworker/u4:0/5 is trying to acquire lock: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] netif_addr_lock_nested include/linux/netdevice.h:3699 [inline] (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] dev_uc_sync_multiple+0x10b/0x1c0 net/core/dev_addr_lists.c:574 but task is already holding lock: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] spin_lock_bh include/linux/spinlock.h:322 [inline] (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] netif_addr_lock_bh include/linux/netdevice.h:3704 [inline] (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] dev_uc_unsync net/core/dev_addr_lists.c:597 [inline] (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] dev_uc_unsync+0xa5/0x1c0 net/core/dev_addr_lists.c:592 other info that might help us debug this: Possible unsafe locking scenario: CPU0 ---- lock(&macvlan_netdev_addr_lock_key#2/2); lock(&macvlan_netdev_addr_lock_key#2/2); *** DEADLOCK *** May be due to missing lock nesting notation 7 locks held by kworker/u4:0/5: #0: ("%s""netns"){+.+.}, at: [] process_one_work+0x6b0/0x14a0 kernel/workqueue.c:2087 #1: (net_cleanup_work){+.+.}, at: [] process_one_work+0x6e6/0x14a0 kernel/workqueue.c:2091 #2: (net_mutex){+.+.}, at: [] cleanup_net+0x110/0x840 net/core/net_namespace.c:450 #3: (rtnl_mutex){+.+.}, at: [] rtnl_lock_unregistering net/core/dev.c:8699 [inline] #3: (rtnl_mutex){+.+.}, at: [] default_device_exit_batch+0xd7/0x380 net/core/dev.c:8737 #4: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] spin_lock_bh include/linux/spinlock.h:322 [inline] #4: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] netif_addr_lock_bh include/linux/netdevice.h:3704 [inline] #4: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] dev_uc_unsync net/core/dev_addr_lists.c:597 [inline] #4: (&macvlan_netdev_addr_lock_key#2/2){+...}, at: [] dev_uc_unsync+0xa5/0x1c0 net/core/dev_addr_lists.c:592 #5: (&dev_addr_list_lock_key#2/1){+...}, at: [] netif_addr_lock_nested include/linux/netdevice.h:3699 [inline] #5: (&dev_addr_list_lock_key#2/1){+...}, at: [] dev_uc_unsync net/core/dev_addr_lists.c:598 [inline] #5: (&dev_addr_list_lock_key#2/1){+...}, at: [] dev_uc_unsync+0x127/0x1c0 net/core/dev_addr_lists.c:592 #6: (rcu_read_lock){....}, at: [] team_set_rx_mode+0x0/0x1e0 drivers/net/team/team.c:514 stack backtrace: CPU: 0 PID: 5 Comm: kworker/u4:0 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: netns cleanup_net Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 print_deadlock_bug kernel/locking/lockdep.c:1800 [inline] check_deadlock kernel/locking/lockdep.c:1847 [inline] validate_chain kernel/locking/lockdep.c:2448 [inline] __lock_acquire.cold+0x180/0x97c kernel/locking/lockdep.c:3491 lock_acquire+0x170/0x3f0 kernel/locking/lockdep.c:3998 _raw_spin_lock_nested+0x30/0x40 kernel/locking/spinlock.c:362 netif_addr_lock_nested include/linux/netdevice.h:3699 [inline] dev_uc_sync_multiple+0x10b/0x1c0 net/core/dev_addr_lists.c:574 team_set_rx_mode+0xb8/0x1e0 drivers/net/team/team.c:1781 __dev_set_rx_mode+0x191/0x2a0 net/core/dev.c:6716 dev_uc_unsync net/core/dev_addr_lists.c:600 [inline] dev_uc_unsync+0x16c/0x1c0 net/core/dev_addr_lists.c:592 macvlan_stop+0x10e/0x460 drivers/net/macvlan.c:687 __dev_close_many+0x1a0/0x270 net/core/dev.c:1450 dev_close_many+0x205/0x5f0 net/core/dev.c:1475 rollback_registered_many+0x399/0xba0 net/core/dev.c:7181 unregister_netdevice_many.part.0+0x18/0x2e0 net/core/dev.c:8285 unregister_netdevice_many net/core/dev.c:8284 [inline] default_device_exit_batch+0x2d8/0x380 net/core/dev.c:8746 ops_exit_list+0xf9/0x150 net/core/net_namespace.c:145 cleanup_net+0x3b3/0x840 net/core/net_namespace.c:484 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 device team_slave_0 left promiscuous mode device team_slave_1 left promiscuous mode device veth1_macvtap left promiscuous mode device veth1_vlan left promiscuous mode device veth0_vlan left promiscuous mode team0 (unregistering): Port device macvlan3 removed team0 (unregistering): Port device macvlan2 removed bond1 (unregistering): Releasing backup interface bridge4 bond1 (unregistering): Released all slaves device hsr_slave_1 left promiscuous mode device hsr_slave_0 left promiscuous mode team0 (unregistering): Port device team_slave_1 removed team0 (unregistering): Port device team_slave_0 removed bond0 (unregistering): Releasing backup interface bond_slave_1 bond0 (unregistering): Releasing backup interface bond_slave_0 bond0 (unregistering): Released all slaves IPVS: ftp: loaded support on port[0] = 21 chnl_net:caif_netlink_parms(): no params data found bridge0: port 1(bridge_slave_0) entered blocking state bridge0: port 1(bridge_slave_0) entered disabled state device bridge_slave_0 entered promiscuous mode bridge0: port 2(bridge_slave_1) entered blocking state bridge0: port 2(bridge_slave_1) entered disabled state device bridge_slave_1 entered promiscuous mode bond0: Enslaving bond_slave_0 as an active interface with an up link bond0: Enslaving bond_slave_1 as an active interface with an up link IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready team0: Port device team_slave_0 added IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready team0: Port device team_slave_1 added batman_adv: batadv0: Adding interface: batadv_slave_0 batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active batman_adv: batadv0: Adding interface: batadv_slave_1 batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready device hsr_slave_0 entered promiscuous mode device hsr_slave_1 entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready bridge0: port 2(bridge_slave_1) entered blocking state bridge0: port 2(bridge_slave_1) entered forwarding state bridge0: port 1(bridge_slave_0) entered blocking state bridge0: port 1(bridge_slave_0) entered forwarding state 8021q: adding VLAN 0 to HW filter on device bond0 IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready bridge0: port 1(bridge_slave_0) entered disabled state bridge0: port 2(bridge_slave_1) entered disabled state IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready 8021q: adding VLAN 0 to HW filter on device team0 IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready bridge0: port 1(bridge_slave_0) entered blocking state bridge0: port 1(bridge_slave_0) entered forwarding state hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready bridge0: port 2(bridge_slave_1) entered blocking state bridge0: port 2(bridge_slave_1) entered forwarding state IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready IPv6: ADDRCONF(NETDEV_UP): vxcan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 8021q: adding VLAN 0 to HW filter on device batadv0 IPv6: ADDRCONF(NETDEV_UP): veth0_virt_wifi: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_virt_wifi: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready IPv6: ADDRCONF(NETDEV_UP): veth0_vlan: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): vlan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_vlan: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready device veth0_vlan entered promiscuous mode device veth1_vlan entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): macvlan0: link is not ready IPv6: ADDRCONF(NETDEV_UP): macvlan1: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_macvtap: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_macvtap: link is not ready IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready device veth0_macvtap entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): macvtap0: link is not ready device veth1_macvtap entered promiscuous mode IPv6: ADDRCONF(NETDEV_UP): macsec0: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth0_to_batadv: link is not ready IPv6: ADDRCONF(NETDEV_UP): veth1_to_batadv: link is not ready batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3d) already exists on: batadv_slave_0 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! IPv6: ADDRCONF(NETDEV_UP): batadv_slave_0: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_0 IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_1 batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! IPv6: ADDRCONF(NETDEV_UP): batadv_slave_1: link is not ready batman_adv: batadv0: Interface activated: batadv_slave_1 IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 7535 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x47/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] __add_metainfo+0x8b/0x3f0 net/sched/act_ife.c:288 add_metainfo_and_get_ops net/sched/act_ife.c:319 [inline] use_all_metadata net/sched/act_ife.c:348 [inline] tcf_ife_init+0xdd3/0x11e0 net/sched/act_ife.c:547 tcf_action_init_1+0x51a/0x9e0 net/sched/act_api.c:682 tcf_action_init+0x26d/0x400 net/sched/act_api.c:751 tcf_action_add net/sched/act_api.c:1079 [inline] tc_ctl_action+0x2e3/0x50f net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c tc_dump_action: action bad kind FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 7569 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc_trace+0x47/0x3d0 mm/slab.c:3616 kmalloc include/linux/slab.h:488 [inline] kzalloc include/linux/slab.h:661 [inline] __add_metainfo+0x8b/0x3f0 net/sched/act_ife.c:288 ubi: mtd0 is already attached to ubi0 add_metainfo_and_get_ops net/sched/act_ife.c:319 [inline] use_all_metadata net/sched/act_ife.c:348 [inline] tcf_ife_init+0xdd3/0x11e0 net/sched/act_ife.c:547 tcf_action_init_1+0x51a/0x9e0 net/sched/act_api.c:682 tcf_action_init+0x26d/0x400 net/sched/act_api.c:751 tcf_action_add net/sched/act_api.c:1079 [inline] tc_ctl_action+0x2e3/0x50f net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 7594 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] tcf_add_notify net/sched/act_api.c:1055 [inline] tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x35c/0x50f net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ubi: mtd0 is already attached to ubi0 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 ubi: mtd0 is already attached to ubi0 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c tc_dump_action: action bad kind tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7626 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] tcf_add_notify net/sched/act_api.c:1055 [inline] tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x35c/0x50f net/sched/act_api.c:1131 ubi: mtd0 is already attached to ubi0 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 ubi: mtd0 is already attached to ubi0 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb ubi: mtd0 is already attached to ubi0 RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000007 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c tc_dump_action: action bad kind FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7657 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x28e/0x3c0 mm/slab.c:3550 skb_clone+0x126/0x9a0 net/core/skbuff.c:1282 netlink_trim+0x17a/0x220 net/netlink/af_netlink.c:1262 netlink_broadcast_filtered+0x5d/0x9e0 net/netlink/af_netlink.c:1466 netlink_broadcast+0x35/0x40 net/netlink/af_netlink.c:1511 rtnetlink_send+0x9a/0x100 net/core/rtnetlink.c:630 tcf_add_notify net/sched/act_api.c:1065 [inline] tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x44a/0x50f net/sched/act_api.c:1131 ubi: mtd0 is already attached to ubi0 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 ubi: mtd0 is already attached to ubi0 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 ubi: mtd0 is already attached to ubi0 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 ubi: mtd0 is already attached to ubi0 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 ubi: mtd0 is already attached to ubi0 CPU: 0 PID: 7682 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x58/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] pskb_expand_head+0x128/0xd30 net/core/skbuff.c:1462 netlink_trim+0x1ae/0x220 net/netlink/af_netlink.c:1269 ubi: mtd0 is already attached to ubi0 netlink_broadcast_filtered+0x5d/0x9e0 net/netlink/af_netlink.c:1466 netlink_broadcast+0x35/0x40 net/netlink/af_netlink.c:1511 rtnetlink_send+0x9a/0x100 net/core/rtnetlink.c:630 tcf_add_notify net/sched/act_api.c:1065 [inline] tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x44a/0x50f net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000009 R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7709 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x58/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] pskb_expand_head+0x128/0xd30 net/core/skbuff.c:1462 netlink_trim+0x1ae/0x220 net/netlink/af_netlink.c:1269 netlink_unicast+0x94/0x610 net/netlink/af_netlink.c:1303 rtnetlink_send+0xad/0x100 net/core/rtnetlink.c:632 tcf_add_notify net/sched/act_api.c:1065 [inline] tcf_action_add net/sched/act_api.c:1088 [inline] tc_ctl_action+0x44a/0x50f net/sched/act_api.c:1131 rtnetlink_rcv_msg+0x3be/0xb10 net/core/rtnetlink.c:4316 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 ubi: mtd0 is already attached to ubi0 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000a R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 7755 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] netlink_ack+0x216/0x9a0 net/netlink/af_netlink.c:2360 netlink_rcv_skb+0x2c5/0x390 net/netlink/af_netlink.c:2439 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 caif:caif_disconnect_client(): nothing to disconnect __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000b R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c caif:caif_disconnect_client(): nothing to disconnect ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 bridge21: port 1(vlan0) entered disabled state bridge22: port 1(vlan0) entered blocking state bridge22: port 1(vlan0) entered disabled state ubi: mtd0 is already attached to ubi0 device bridge22 entered promiscuous mode device vlan0 entered promiscuous mode vlan0: HSR on top of VLAN is not yet supported in this driver. device bridge22 left promiscuous mode device vlan0 left promiscuous mode FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 bridge22: port 1(vlan0) entered disabled state netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. CPU: 1 PID: 7785 Comm: syz-executor.2 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] nlmsg_new include/net/netlink.h:511 [inline] netlink_ack+0x216/0x9a0 net/netlink/af_netlink.c:2360 netlink_rcv_skb+0x2c5/0x390 net/netlink/af_netlink.c:2439 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 ubi: mtd0 is already attached to ubi0 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 ubi: mtd0 is already attached to ubi0 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007f3427d35c68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000003 RBP: 00007f3427d35ca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000000c R13: 00007ffe1feed70f R14: 00007f3427d369c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'. ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'. ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. tc_dump_action: action bad kind netlink: 80 bytes leftover after parsing attributes in process `syz-executor.2'. ubi: mtd0 is already attached to ubi0 netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'. ubi: mtd0 is already attached to ubi0 tc_ctl_action: received NO action attribs tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 tc_ctl_action: received NO action attribs tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 netlink: 24 bytes leftover after parsing attributes in process `syz-executor.3'. tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 netlink: 84 bytes leftover after parsing attributes in process `syz-executor.2'. tc_ctl_action: received NO action attribs ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind tc_ctl_action: received NO action attribs tc_ctl_action: received NO action attribs ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 tc_dump_action: action bad kind ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 8118 Comm: syz-executor.4 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1159 [inline] netlink_sendmsg+0x901/0xb80 net/netlink/af_netlink.c:1853 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 ubi: mtd0 is already attached to ubi0 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 ubi: mtd0 is already attached to ubi0 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb ubi: mtd0 is already attached to ubi0 RIP: 0033:0x45e219 RSP: 002b:00007ffa763dac68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007ffa763daca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 00007fff37b3db6f R14: 00007ffa763db9c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 ubi: mtd0 is already attached to ubi0 CPU: 1 PID: 8147 Comm: syz-executor.4 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:980 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1159 [inline] netlink_sendmsg+0x901/0xb80 net/netlink/af_netlink.c:1853 tc_dump_action: action bad kind tc_dump_action: action bad kind sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007ffa763dac68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007ffa763daca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007fff37b3db6f R14: 00007ffa763db9c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 overlayfs: missing 'lowerdir' ubi: mtd0 is already attached to ubi0 CPU: 0 PID: 8173 Comm: syz-executor.4 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc mm/slab.c:3376 [inline] kmem_cache_alloc+0x40/0x3c0 mm/slab.c:3550 skb_clone+0x126/0x9a0 net/core/skbuff.c:1282 __netlink_deliver_tap_skb net/netlink/af_netlink.c:266 [inline] __netlink_deliver_tap net/netlink/af_netlink.c:291 [inline] netlink_deliver_tap+0x655/0x7d0 net/netlink/af_netlink.c:302 netlink_deliver_tap_kernel net/netlink/af_netlink.c:311 [inline] netlink_unicast_kernel net/netlink/af_netlink.c:1286 [inline] netlink_unicast+0x485/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 overlayfs: missing 'lowerdir' sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007ffa763dac68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007ffa763daca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 R13: 00007fff37b3db6f R14: 00007ffa763db9c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 ubi: mtd0 is already attached to ubi0 tc_ctl_action: received NO action attribs tc_ctl_action: received NO action attribs ubi: mtd0 is already attached to ubi0 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 8219 Comm: syz-executor.4 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node+0x263/0x410 mm/slab.c:3640 __alloc_skb+0x5c/0x510 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:980 [inline] netlink_dump+0x21b/0xad0 net/netlink/af_netlink.c:2184 __netlink_dump_start+0x4e2/0x740 net/netlink/af_netlink.c:2300 netlink_dump_start include/linux/netlink.h:217 [inline] rtnetlink_rcv_msg+0x585/0xb10 net/core/rtnetlink.c:4286 netlink_rcv_skb+0x125/0x390 net/netlink/af_netlink.c:2433 netlink_unicast_kernel net/netlink/af_netlink.c:1287 [inline] netlink_unicast+0x437/0x610 net/netlink/af_netlink.c:1313 netlink_sendmsg+0x62e/0xb80 net/netlink/af_netlink.c:1878 sock_sendmsg_nosec net/socket.c:646 [inline] sock_sendmsg+0xb5/0x100 net/socket.c:656 ___sys_sendmsg+0x6c8/0x800 net/socket.c:2062 __sys_sendmsg+0xa3/0x120 net/socket.c:2096 SYSC_sendmsg net/socket.c:2107 [inline] SyS_sendmsg+0x27/0x40 net/socket.c:2103 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb RIP: 0033:0x45e219 RSP: 002b:00007ffa763dac68 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000045e219 RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 RBP: 00007ffa763daca0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003 R13: 00007fff37b3db6f R14: 00007ffa763db9c0 R15: 000000000119bf8c ubi: mtd0 is already attached to ubi0 overlayfs: fs on 'file0' does not support file handles, falling back to index=off. overlayfs: missing 'lowerdir' overlayfs: 'file0' not a directory overlayfs: missing 'lowerdir' FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 ubi: mtd0 is already attached to ubi0 CPU: 1 PID: 8239 Comm: syz-executor.4 Not tainted 4.14.213-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x283 lib/dump_stack.c:58 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0x10a/0x154 lib/fault-inject.c:149 should_failslab+0xd6/0x130 mm/failslab.c:32 slab_pre_alloc_hook mm/slab.h:421 [inline] slab_alloc_node mm/slab.c:3297 [inline] kmem_cache_alloc_node_trace+0x25a/0x400 mm/slab.c:3659 __do_kmalloc_node mm/slab.c:3681 [inline] __kmalloc_node_track_caller+0x38/0x70 mm/slab.c:3696 __kmalloc_reserve net/core/skbuff.c:137 [inline] __alloc_skb+0x96/0x510 net/core/skbuff.c:205