====================================================== WARNING: possible circular locking dependency detected 4.14.0-rc7-next-20171102+ #9 Not tainted ------------------------------------------------------ syz-executor0/11222 is trying to acquire lock: (&pipe->mutex/1){+.+.}, at: [] pipe_lock_nested fs/pipe.c:66 [inline] (&pipe->mutex/1){+.+.}, at: [] pipe_lock+0x56/0x70 fs/pipe.c:74 but task is already holding lock: (sb_writers){.+.+}, at: [] file_start_write include/linux/fs.h:2698 [inline] (sb_writers){.+.+}, at: [] do_splice fs/splice.c:1146 [inline] (sb_writers){.+.+}, at: [] SYSC_splice fs/splice.c:1402 [inline] (sb_writers){.+.+}, at: [] SyS_splice+0x1117/0x1630 fs/splice.c:1382 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #5 (sb_writers){.+.+}: rq_lock kernel/sched/sched.h:1746 [inline] __schedule+0x24e/0x2060 kernel/sched/core.c:3309 -> #4 ((completion)&req.done){+.+.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 complete_acquire include/linux/completion.h:39 [inline] __wait_for_common kernel/sched/completion.c:108 [inline] wait_for_common kernel/sched/completion.c:122 [inline] wait_for_completion+0xcb/0x7b0 kernel/sched/completion.c:143 devtmpfs_create_node+0x32b/0x4a0 drivers/base/devtmpfs.c:114 device_add+0x120f/0x1640 drivers/base/core.c:1824 device_register+0x1d/0x20 drivers/base/core.c:1905 tty_register_device_attr+0x422/0x740 drivers/tty/tty_io.c:2955 tty_port_register_device_attr_serdev+0x100/0x140 drivers/tty/tty_port.c:165 uart_add_one_port+0xa7a/0x15b0 drivers/tty/serial/serial_core.c:2797 serial8250_register_8250_port+0xfac/0x1990 drivers/tty/serial/8250/8250_core.c:1051 serial_pnp_probe+0x5e7/0xac0 drivers/tty/serial/8250/8250_pnp.c:483 pnp_device_probe+0x15f/0x250 drivers/pnp/driver.c:108 really_probe drivers/base/dd.c:413 [inline] driver_probe_device+0x677/0xa60 drivers/base/dd.c:558 __driver_attach+0x181/0x1c0 drivers/base/dd.c:792 bus_for_each_dev+0x154/0x1e0 drivers/base/bus.c:313 driver_attach+0x3d/0x50 drivers/base/dd.c:811 bus_add_driver+0x466/0x620 drivers/base/bus.c:669 driver_register+0x1bf/0x3c0 drivers/base/driver.c:168 pnp_register_driver+0x75/0xa0 drivers/pnp/driver.c:271 serial8250_pnp_init+0x15/0x20 drivers/tty/serial/8250/8250_pnp.c:540 serial8250_init+0x8f/0x270 drivers/tty/serial/8250/8250_core.c:1128 do_one_initcall+0x9e/0x330 init/main.c:826 do_initcall_level init/main.c:892 [inline] do_initcalls init/main.c:900 [inline] do_basic_setup init/main.c:918 [inline] kernel_init_freeable+0x469/0x521 init/main.c:1066 kernel_init+0x13/0x172 init/main.c:993 ret_from_fork+0x2a/0x40 arch/x86/entry/entry_64.S:431 -> #3 (&port->mutex){+.+.}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x19d0 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 uart_set_termios+0x8f/0x5b0 drivers/tty/serial/serial_core.c:1429 tty_set_termios+0x6d4/0xa40 drivers/tty/tty_ioctl.c:333 set_termios+0x377/0x6b0 drivers/tty/tty_ioctl.c:413 tty_mode_ioctl+0x9fb/0xb10 drivers/tty/tty_ioctl.c:748 n_tty_ioctl_helper+0x40/0x360 drivers/tty/tty_ioctl.c:939 n_tty_ioctl+0x148/0x2d0 drivers/tty/n_tty.c:2437 tty_ioctl+0x32e/0x15f0 drivers/tty/tty_io.c:2637 vfs_ioctl fs/ioctl.c:45 [inline] do_vfs_ioctl+0x1b1/0x1530 fs/ioctl.c:685 SYSC_ioctl fs/ioctl.c:700 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:691 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #2 (&tty->termios_rwsem){++++}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 down_read+0x96/0x150 kernel/locking/rwsem.c:23 n_tty_write+0x249/0xed0 drivers/tty/n_tty.c:2287 do_tty_write drivers/tty/tty_io.c:948 [inline] tty_write+0x400/0x850 drivers/tty/tty_io.c:1032 redirected_tty_write+0xa1/0xb0 drivers/tty/tty_io.c:1053 __vfs_write+0xef/0x970 fs/read_write.c:479 vfs_write+0x18f/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #1 (&tty->ldisc_sem){++++}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __ldsem_down_read_nested+0xd1/0xa90 drivers/tty/tty_ldsem.c:327 ldsem_down_read+0x37/0x40 drivers/tty/tty_ldsem.c:367 tty_ldisc_ref_wait+0x25/0x80 drivers/tty/tty_ldisc.c:276 tty_read+0xf8/0x250 drivers/tty/tty_io.c:851 do_loop_readv_writev fs/read_write.c:693 [inline] do_iter_read+0x3db/0x5b0 fs/read_write.c:917 vfs_readv+0x121/0x1c0 fs/read_write.c:979 kernel_readv fs/splice.c:361 [inline] default_file_splice_read+0x508/0xae0 fs/splice.c:416 do_splice_to+0x110/0x170 fs/splice.c:880 do_splice fs/splice.c:1173 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x11a8/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0xbe -> #0 (&pipe->mutex/1){+.+.}: check_prevs_add kernel/locking/lockdep.c:2031 [inline] validate_chain kernel/locking/lockdep.c:2473 [inline] __lock_acquire+0x3374/0x4770 kernel/locking/lockdep.c:3500 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x19d0 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 pipe_lock_nested fs/pipe.c:66 [inline] pipe_lock+0x56/0x70 fs/pipe.c:74 iter_file_splice_write+0x264/0xf30 fs/splice.c:699 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x7d5/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0xbe other info that might help us debug this: Chain exists of: &pipe->mutex/1 --> (completion)&req.done --> sb_writers Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(sb_writers); lock((completion)&req.done); lock(sb_writers); lock(&pipe->mutex/1); *** DEADLOCK *** 1 lock held by syz-executor0/11222: #0: (sb_writers){.+.+}, at: [] file_start_write include/linux/fs.h:2698 [inline] #0: (sb_writers){.+.+}, at: [] do_splice fs/splice.c:1146 [inline] #0: (sb_writers){.+.+}, at: [] SYSC_splice fs/splice.c:1402 [inline] #0: (sb_writers){.+.+}, at: [] SyS_splice+0x1117/0x1630 fs/splice.c:1382 stack backtrace: CPU: 0 PID: 11222 Comm: syz-executor0 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 print_circular_bug+0x503/0x710 kernel/locking/lockdep.c:1271 check_prev_add+0x8b1/0x1580 kernel/locking/lockdep.c:1914 check_prevs_add kernel/locking/lockdep.c:2031 [inline] validate_chain kernel/locking/lockdep.c:2473 [inline] __lock_acquire+0x3374/0x4770 kernel/locking/lockdep.c:3500 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:4004 __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x19d0 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 pipe_lock_nested fs/pipe.c:66 [inline] pipe_lock+0x56/0x70 fs/pipe.c:74 iter_file_splice_write+0x264/0xf30 fs/splice.c:699 do_splice_from fs/splice.c:851 [inline] do_splice fs/splice.c:1147 [inline] SYSC_splice fs/splice.c:1402 [inline] SyS_splice+0x7d5/0x1630 fs/splice.c:1382 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fa9fbf11bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 RAX: ffffffffffffffda RBX: 00007fa9fbf126cc RCX: 0000000000447c89 RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000016 RBP: 0000000000000086 R08: 00000000fffffdf8 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fa9fbf129c0 R15: 00007fa9fbf12700 audit: type=1326 audit(1509673987.496:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=11241 comm="syz-executor3" exe="/syz-executor3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0xffff0000 audit: type=1326 audit(1509673987.537:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=kernel pid=11220 comm="syz-executor0" exe="/syz-executor0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x447c89 code=0xffff0000 QAT: Invalid ioctl QAT: Invalid ioctl nla_parse: 3 callbacks suppressed netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 3 bytes leftover after parsing attributes in process `syz-executor5'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 1 CPU: 3 PID: 12126 Comm: syz-executor4 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:982 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1145 [inline] netlink_sendmsg+0xa86/0xe70 net/netlink/af_netlink.c:1837 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 ___sys_sendmsg+0x75b/0x8a0 net/socket.c:2048 __sys_sendmsg+0xe5/0x210 net/socket.c:2082 SYSC_sendmsg net/socket.c:2093 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2089 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f2d6802bbd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f2d6802c6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 0000000020332fc8 RDI: 0000000000000013 RBP: 00007f2d6802ba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007f2d6802b9c8 R15: 00007f2d6802bb38 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 2 PID: 12134 Comm: syz-executor4 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3655 __do_kmalloc_node mm/slab.c:3675 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3690 __kmalloc_reserve.isra.40+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:982 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1145 [inline] netlink_sendmsg+0xa86/0xe70 net/netlink/af_netlink.c:1837 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 ___sys_sendmsg+0x75b/0x8a0 net/socket.c:2048 __sys_sendmsg+0xe5/0x210 net/socket.c:2082 SYSC_sendmsg net/socket.c:2093 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2089 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f2d6802bbd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f2d6802c6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 0000000020332fc8 RDI: 0000000000000013 RBP: 00007f2d6802ba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007f2d6802b9c8 R15: 00007f2d6802bb38 ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 12147 Comm: syz-executor4 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:982 [inline] nlmsg_new include/net/netlink.h:510 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2336 netlink_rcv_skb+0x361/0x440 net/netlink/af_netlink.c:2407 genl_rcv+0x28/0x40 net/netlink/genetlink.c:634 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 ___sys_sendmsg+0x75b/0x8a0 net/socket.c:2048 __sys_sendmsg+0xe5/0x210 net/socket.c:2082 SYSC_sendmsg net/socket.c:2093 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2089 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f2d6802bbd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f2d6802c6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 0000000020332fc8 RDI: 0000000000000013 RBP: 00007f2d6802ba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007f2d6802b9c8 R15: 00007f2d6802bb38 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 3 PID: 12159 Comm: syz-executor4 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3655 __do_kmalloc_node mm/slab.c:3675 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3690 __kmalloc_reserve.isra.40+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:982 [inline] nlmsg_new include/net/netlink.h:510 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2336 netlink_rcv_skb+0x361/0x440 net/netlink/af_netlink.c:2407 genl_rcv+0x28/0x40 net/netlink/genetlink.c:634 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 ___sys_sendmsg+0x75b/0x8a0 net/socket.c:2048 __sys_sendmsg+0xe5/0x210 net/socket.c:2082 SYSC_sendmsg net/socket.c:2093 [inline] SyS_sendmsg+0x2d/0x50 net/socket.c:2089 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f2d6802bbd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f2d6802c6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 0000000020332fc8 RDI: 0000000000000013 RBP: 00007f2d6802ba00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007f2d6802b9c8 R15: 00007f2d6802bb38 ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 3 PID: 12410 Comm: syz-executor6 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:982 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1145 [inline] netlink_sendmsg+0xa86/0xe70 net/netlink/af_netlink.c:1837 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x320/0x5e0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x68a/0x970 fs/read_write.c:481 vfs_write+0x18f/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fd9ad206bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fd9ad2076cc RCX: 0000000000447c89 RDX: 0000000000000024 RSI: 0000000020044000 RDI: 0000000000000013 RBP: 0000000000748020 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 R13: 0000000000008ef8 R14: 00000000006ecf98 R15: 0000000000000001 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 12415 Comm: syz-executor6 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3655 __do_kmalloc_node mm/slab.c:3675 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3690 __kmalloc_reserve.isra.40+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:982 [inline] netlink_alloc_large_skb net/netlink/af_netlink.c:1145 [inline] netlink_sendmsg+0xa86/0xe70 net/netlink/af_netlink.c:1837 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x320/0x5e0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x68a/0x970 fs/read_write.c:481 vfs_write+0x18f/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fd9ad206bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fd9ad2076cc RCX: 0000000000447c89 RDX: 0000000000000024 RSI: 0000000020044000 RDI: 0000000000000013 RBP: 00007fd9ad206a00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007fd9ad2069c8 R15: 00007fd9ad206b38 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 12417 Comm: syz-executor6 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 alloc_skb include/linux/skbuff.h:982 [inline] nlmsg_new include/net/netlink.h:510 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2336 netlink_rcv_skb+0x361/0x440 net/netlink/af_netlink.c:2407 genl_rcv+0x28/0x40 net/netlink/genetlink.c:634 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x320/0x5e0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x68a/0x970 fs/read_write.c:481 vfs_write+0x18f/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fd9ad206bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fd9ad2076cc RCX: 0000000000447c89 RDX: 0000000000000024 RSI: 0000000020044000 RDI: 0000000000000013 RBP: 00007fd9ad206a00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007fd9ad2069c8 R15: 00007fd9ad206b38 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 3 PID: 12420 Comm: syz-executor6 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node_trace+0x5a/0x760 mm/slab.c:3655 __do_kmalloc_node mm/slab.c:3675 [inline] __kmalloc_node_track_caller+0x33/0x70 mm/slab.c:3690 __kmalloc_reserve.isra.40+0x41/0xd0 net/core/skbuff.c:137 __alloc_skb+0x13b/0x780 net/core/skbuff.c:205 alloc_skb include/linux/skbuff.h:982 [inline] nlmsg_new include/net/netlink.h:510 [inline] netlink_ack+0x283/0xa10 net/netlink/af_netlink.c:2336 netlink_rcv_skb+0x361/0x440 net/netlink/af_netlink.c:2407 genl_rcv+0x28/0x40 net/netlink/genetlink.c:634 netlink_unicast_kernel net/netlink/af_netlink.c:1273 [inline] netlink_unicast+0x4e8/0x6f0 net/netlink/af_netlink.c:1299 netlink_sendmsg+0xa4a/0xe70 net/netlink/af_netlink.c:1862 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 sock_write_iter+0x320/0x5e0 net/socket.c:911 call_write_iter include/linux/fs.h:1770 [inline] new_sync_write fs/read_write.c:468 [inline] __vfs_write+0x68a/0x970 fs/read_write.c:481 vfs_write+0x18f/0x510 fs/read_write.c:543 SYSC_write fs/read_write.c:588 [inline] SyS_write+0xef/0x220 fs/read_write.c:580 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fd9ad206bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 RAX: ffffffffffffffda RBX: 00007fd9ad2076cc RCX: 0000000000447c89 RDX: 0000000000000024 RSI: 0000000020044000 RDI: 0000000000000013 RBP: 00007fd9ad206a00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007fd9ad2069c8 R15: 00007fd9ad206b38 ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 12531 Comm: syz-executor1 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 dst_alloc+0x11f/0x1a0 net/core/dst.c:107 rt_dst_alloc+0xe9/0x540 net/ipv4/route.c:1496 __mkroute_output net/ipv4/route.c:2238 [inline] ip_route_output_key_hash_rcu+0xa40/0x2c20 net/ipv4/route.c:2466 ip_route_output_key_hash+0x20b/0x370 net/ipv4/route.c:2295 __ip_route_output_key include/net/route.h:125 [inline] ip_route_output_flow+0x26/0xa0 net/ipv4/route.c:2549 udp_sendmsg+0x19b8/0x2cd0 net/ipv4/udp.c:1019 udpv6_sendmsg+0x743/0x3380 net/ipv6/udp.c:1186 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:763 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 SYSC_sendto+0x358/0x5a0 net/socket.c:1749 SyS_sendto+0x40/0x50 net/socket.c:1717 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f55cdc7ebd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f55cdc7f6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 000000002000ffff RDI: 0000000000000013 RBP: 0000000000a5f890 R08: 0000000020006000 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f55cdc7f9c0 R15: 00007f55cdc7f700 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 12548 Comm: syz-executor1 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc_node mm/slab.c:3293 [inline] kmem_cache_alloc_node+0x56/0x760 mm/slab.c:3636 __alloc_skb+0xf1/0x780 net/core/skbuff.c:193 ALSA: seq fatal error: cannot create timer (-19) alloc_skb include/linux/skbuff.h:982 [inline] alloc_skb_with_frags+0x10d/0x750 net/core/skbuff.c:5141 sock_alloc_send_pskb+0x787/0x9b0 net/core/sock.c:2078 sock_alloc_send_skb+0x32/0x40 net/core/sock.c:2095 __ip_append_data.isra.47+0x13d5/0x2550 net/ipv4/ip_output.c:969 ip_make_skb+0x273/0x300 net/ipv4/ip_output.c:1481 udp_sendmsg+0xb55/0x2cd0 net/ipv4/udp.c:1046 udpv6_sendmsg+0x743/0x3380 net/ipv6/udp.c:1186 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:763 sock_sendmsg_nosec net/socket.c:632 [inline] sock_sendmsg+0xca/0x110 net/socket.c:642 SYSC_sendto+0x358/0x5a0 net/socket.c:1749 SyS_sendto+0x40/0x50 net/socket.c:1717 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f55cdc7ebd8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 00007f55cdc7f6cc RCX: 0000000000447c89 RDX: 0000000000000000 RSI: 000000002000ffff RDI: 0000000000000013 RBP: 0000000000a5f890 R08: 0000000020006000 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007f55cdc7f9c0 R15: 00007f55cdc7f700 ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 12764 Comm: syz-executor0 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] __do_kmalloc mm/slab.c:3710 [inline] __kmalloc_track_caller+0x5f/0x760 mm/slab.c:3727 memdup_user+0x2c/0x90 mm/util.c:164 map_lookup_elem+0x28d/0xc20 kernel/bpf/syscall.c:549 SYSC_bpf kernel/bpf/syscall.c:1678 [inline] SyS_bpf+0x5db/0x43d0 kernel/bpf/syscall.c:1652 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fa9fbf11bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 00007fa9fbf126cc RCX: 0000000000447c89 RDX: 0000000000000018 RSI: 000000002054f000 RDI: 0000000000000001 RBP: 0000000000a5f890 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fa9fbf129c0 R15: 00007fa9fbf12700 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 3 PID: 12784 Comm: syz-executor0 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] __do_kmalloc mm/slab.c:3710 [inline] __kmalloc+0x63/0x760 mm/slab.c:3721 kmalloc include/linux/slab.h:504 [inline] map_lookup_elem+0x69b/0xc20 kernel/bpf/syscall.c:565 SYSC_bpf kernel/bpf/syscall.c:1678 [inline] SyS_bpf+0x5db/0x43d0 kernel/bpf/syscall.c:1652 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007fa9fbf11bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 RAX: ffffffffffffffda RBX: 00007fa9fbf126cc RCX: 0000000000447c89 RDX: 0000000000000018 RSI: 000000002054f000 RDI: 0000000000000001 RBP: 0000000000a5f890 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000000000 R14: 00007fa9fbf129c0 R15: 00007fa9fbf12700 ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) nla_parse: 48 callbacks suppressed netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-19) netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-19) netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. RDS: rds_bind could not find a transport for 172.20.4.170, load rds_tcp or rds_rdma? FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 1 PID: 12982 Comm: syz-executor5 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 __build_skb+0x9d/0x450 net/core/skbuff.c:281 __napi_alloc_skb+0x173/0x2c0 net/core/skbuff.c:482 napi_alloc_skb include/linux/skbuff.h:2638 [inline] napi_get_frags+0x61/0x130 net/core/dev.c:5037 tun_napi_alloc_frags drivers/net/tun.c:1294 [inline] tun_get_user+0x1bb7/0x36d0 drivers/net/tun.c:1634 tun_chr_write_iter+0xbf/0x160 drivers/net/tun.c:1797 call_write_iter include/linux/fs.h:1770 [inline] do_iter_readv_writev+0x531/0x7f0 fs/read_write.c:673 do_iter_write+0x15a/0x540 fs/read_write.c:952 vfs_writev+0x18a/0x340 fs/read_write.c:997 do_writev+0xfc/0x2a0 fs/read_write.c:1032 SYSC_writev fs/read_write.c:1105 [inline] SyS_writev+0x27/0x30 fs/read_write.c:1102 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447b50 RSP: 002b:00007ff010dffb10 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 000000000000002a RCX: 0000000000447b50 RDX: 0000000000000001 RSI: 00007ff010dffb80 RDI: 0000000000000012 RBP: 00007ff010dffa00 R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000002a R11: 0000000000000293 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007ff010dff9c8 R15: 00007ff010dffb38 netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 2 PID: 12996 Comm: syz-executor5 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 dst_alloc+0x11f/0x1a0 net/core/dst.c:107 rt_dst_alloc+0xe9/0x540 net/ipv4/route.c:1496 __mkroute_output net/ipv4/route.c:2238 [inline] ip_route_output_key_hash_rcu+0xa40/0x2c20 net/ipv4/route.c:2466 ip_route_output_key_hash+0x20b/0x370 net/ipv4/route.c:2295 __ip_route_output_key include/net/route.h:125 [inline] icmp_route_lookup.constprop.25+0xbe2/0x1360 net/ipv4/icmp.c:515 icmp_send+0xf0f/0x19a0 net/ipv4/icmp.c:719 ip_local_deliver_finish+0x52b/0xba0 net/ipv4/ip_input.c:226 NF_HOOK include/linux/netfilter.h:249 [inline] ip_local_deliver+0x1ce/0x6e0 net/ipv4/ip_input.c:257 dst_input include/net/dst.h:465 [inline] ip_rcv_finish+0x887/0x19a0 net/ipv4/ip_input.c:397 NF_HOOK include/linux/netfilter.h:249 [inline] ip_rcv+0xc3f/0x1820 net/ipv4/ip_input.c:493 __netif_receive_skb_core+0x1a3e/0x34b0 net/core/dev.c:4477 __netif_receive_skb+0x2c/0x1b0 net/core/dev.c:4542 netif_receive_skb_internal+0x10b/0x670 net/core/dev.c:4615 napi_frags_finish net/core/dev.c:5056 [inline] napi_gro_frags+0x57b/0xad0 net/core/dev.c:5129 tun_get_user+0x260a/0x36d0 drivers/net/tun.c:1754 tun_chr_write_iter+0xbf/0x160 drivers/net/tun.c:1797 call_write_iter include/linux/fs.h:1770 [inline] do_iter_readv_writev+0x531/0x7f0 fs/read_write.c:673 do_iter_write+0x15a/0x540 fs/read_write.c:952 vfs_writev+0x18a/0x340 fs/read_write.c:997 do_writev+0xfc/0x2a0 fs/read_write.c:1032 SYSC_writev fs/read_write.c:1105 [inline] SyS_writev+0x27/0x30 fs/read_write.c:1102 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447b50 RSP: 002b:00007ff010dffb10 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 RAX: ffffffffffffffda RBX: 000000000000002a RCX: 0000000000447b50 RDX: 0000000000000001 RSI: 00007ff010dffb80 RDI: 0000000000000012 RBP: 00007ff010dffa00 R08: 0000000000000000 R09: 0000000000000000 R10: 000000000000002a R11: 0000000000000293 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007ff010dff9c8 R15: 00007ff010dffb38 netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. ALSA: seq fatal error: cannot create timer (-19) ALSA: seq fatal error: cannot create timer (-19) netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. netlink: 4 bytes leftover after parsing attributes in process `syz-executor6'. QAT: Invalid ioctl QAT: Invalid ioctl FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 0 PID: 13819 Comm: syz-executor2 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 aio_get_req fs/aio.c:1033 [inline] io_submit_one fs/aio.c:1562 [inline] do_io_submit+0x353/0x14f0 fs/aio.c:1682 SYSC_io_submit fs/aio.c:1707 [inline] SyS_io_submit+0x27/0x30 fs/aio.c:1704 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f17be867bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 RAX: ffffffffffffffda RBX: 00007f17be8686cc RCX: 0000000000447c89 RDX: 000000002057f000 RSI: 0000000000000002 RDI: 00007f17be847000 RBP: 00007f17be867a00 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004a96f0 R13: 0000000000000000 R14: 00007f17be8679c8 R15: 00007f17be867b38 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 CPU: 3 PID: 13837 Comm: syz-executor2 Not tainted 4.14.0-rc7-next-20171102+ #9 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Bochs 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:16 [inline] dump_stack+0x194/0x257 lib/dump_stack.c:52 fail_dump lib/fault-inject.c:51 [inline] should_fail+0x8c0/0xa40 lib/fault-inject.c:149 should_failslab+0xec/0x120 mm/failslab.c:31 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3372 [inline] kmem_cache_alloc+0x47/0x760 mm/slab.c:3546 aio_get_req fs/aio.c:1033 [inline] io_submit_one fs/aio.c:1562 [inline] do_io_submit+0x353/0x14f0 fs/aio.c:1682 SYSC_io_submit fs/aio.c:1707 [inline] SyS_io_submit+0x27/0x30 fs/aio.c:1704 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x447c89 RSP: 002b:00007f17be867bd8 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1 RAX: ffffffffffffffda RBX: 00007f17be8686cc RCX: 0000000000447c89 RDX: 000000002057f000 RSI: 0000000000000002 RDI: 00007f17be847000 RBP: 0000000000748020 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff R13: 0000000000002040 R14: 00000000006e60e0 R15: 00007f17be868700 QAT: Invalid ioctl QAT: Invalid ioctl