Warning: Permanently added '10.128.1.127' (ECDSA) to the list of known hosts. [ 27.666618] FAULT_INJECTION: forcing a failure. [ 27.666618] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 27.678968] CPU: 0 PID: 7972 Comm: syz-executor188 Not tainted 4.14.300-syzkaller #0 [ 27.686861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 27.696209] Call Trace: [ 27.698790] dump_stack+0x1b2/0x281 [ 27.702408] should_fail.cold+0x10a/0x149 [ 27.706543] __alloc_pages_nodemask+0x21e/0x2900 [ 27.711290] ? trace_hardirqs_on+0x10/0x10 [ 27.715516] ? unwind_next_frame+0x404/0x17d0 [ 27.720011] ? mark_held_locks+0xa6/0xf0 [ 27.724064] ? __radix_tree_lookup+0x1b5/0x2e0 [ 27.728635] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 27.733457] ? find_get_entry+0x339/0x630 [ 27.737585] ? do_remount_sb+0x150/0x530 [ 27.741621] alloc_pages_current+0x155/0x260 [ 27.746003] do_read_cache_page+0x442/0xc10 [ 27.750299] ? metapage_get_blocks+0x270/0x270 [ 27.754861] __get_metapage+0x499/0x10b0 [ 27.758895] ? release_metapage+0x7b0/0x7b0 [ 27.763190] ? dbMount+0x4d/0x8b0 [ 27.766616] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.772045] ? rcu_read_lock_sched_held+0x16c/0x1d0 [ 27.777032] ? kmem_cache_alloc_trace+0x36c/0x3d0 [ 27.781851] dbMount+0x74/0x8b0 [ 27.785451] jfs_mount_rw+0x222/0x430 [ 27.789224] ? updateSuper+0x670/0x670 [ 27.793199] ? putname+0xcd/0x110 [ 27.796627] jfs_remount+0x47c/0x5a0 [ 27.800317] ? jfs_fill_super+0xab0/0xab0 [ 27.804445] ? shrink_dentry_list+0xac0/0xac0 [ 27.808915] do_remount_sb+0x150/0x530 [ 27.812772] ? jfs_fill_super+0xab0/0xab0 [ 27.816900] ? user_get_super+0x2e0/0x2e0 [ 27.821020] ? security_capable+0x88/0xb0 [ 27.825139] do_mount+0x15f3/0x2a30 [ 27.828756] ? lock_downgrade+0x740/0x740 [ 27.832876] ? copy_mount_string+0x40/0x40 [ 27.837083] ? copy_mount_options+0x1fa/0x2f0 [ 27.841550] ? copy_mnt_ns+0xa30/0xa30 [ 27.845411] SyS_mount+0xa8/0x120 [ 27.848838] ? copy_mnt_ns+0xa30/0xa30 [ 27.852697] do_syscall_64+0x1d5/0x640 [ 27.856559] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 27.867155] ================================================================== [ 27.874609] BUG: KASAN: double-free or invalid-free in 0xea0 [ 27.880397] [ 27.882011] CPU: 0 PID: 7971 Comm: syz-executor188 Not tainted 4.14.300-syzkaller #0 [ 27.889871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 27.899206] Call Trace: [ 27.901774] dump_stack+0x1b2/0x281 [ 27.905382] print_address_description.cold+0x54/0x1d3 [ 27.910630] kasan_report_double_free+0x51/0x80 [ 27.915273] kasan_slab_free+0x16f/0x1a0 [ 27.919309] ? debug_object_active_state+0x236/0x330 [ 27.924388] ? mark_held_locks+0xa6/0xf0 [ 27.928423] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 27.933497] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.938485] ? lock_acquire+0x170/0x3f0 [ 27.942431] ? lock_downgrade+0x740/0x740 [ 27.946554] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 27.951628] ? debug_check_no_obj_freed+0x2c0/0x680 [ 27.956622] ? debug_object_activate+0x490/0x490 [ 27.961359] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 27.966785] ? dbUnmount+0xf2/0x130 [ 27.970385] kfree+0xc9/0x250 [ 27.973467] dbUnmount+0xf2/0x130 [ 27.976902] jfs_umount+0x1cc/0x310 [ 27.980501] jfs_put_super+0x61/0x140 [ 27.984272] ? jfs_quota_off+0x140/0x140 [ 27.988399] generic_shutdown_super+0x144/0x370 [ 27.993062] kill_block_super+0x95/0xe0 [ 27.997027] deactivate_locked_super+0x6c/0xd0 [ 28.001589] deactivate_super+0x7f/0xa0 [ 28.005543] cleanup_mnt+0x186/0x2c0 [ 28.009235] task_work_run+0x11f/0x190 [ 28.013106] exit_to_usermode_loop+0x1ad/0x200 [ 28.017664] do_syscall_64+0x4a3/0x640 [ 28.021527] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.026691] [ 28.028290] Allocated by task 7972: [ 28.031891] kasan_kmalloc+0xeb/0x160 [ 28.035662] kmem_cache_alloc_trace+0x131/0x3d0 [ 28.040303] dbMount+0x4d/0x8b0 [ 28.043551] jfs_mount+0x110/0x380 [ 28.047059] jfs_fill_super+0x52a/0xab0 [ 28.051004] mount_bdev+0x2b3/0x360 [ 28.054600] mount_fs+0x92/0x2a0 [ 28.057946] vfs_kern_mount.part.0+0x5b/0x470 [ 28.062413] do_mount+0xe65/0x2a30 [ 28.065925] SyS_mount+0xa8/0x120 [ 28.069355] do_syscall_64+0x1d5/0x640 [ 28.073214] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.078372] [ 28.079969] Freed by task 7972: [ 28.083219] kasan_slab_free+0xc3/0x1a0 [ 28.087169] kfree+0xc9/0x250 [ 28.090245] dbUnmount+0xf2/0x130 [ 28.093669] jfs_mount_rw+0x1fe/0x430 [ 28.097437] jfs_remount+0x47c/0x5a0 [ 28.101119] do_remount_sb+0x150/0x530 [ 28.104977] do_mount+0x15f3/0x2a30 [ 28.108572] SyS_mount+0xa8/0x120 [ 28.111996] do_syscall_64+0x1d5/0x640 [ 28.115855] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.121016] [ 28.122625] The buggy address belongs to the object at ffff8880b3230e80 [ 28.122625] which belongs to the cache kmalloc-2048 of size 2048 [ 28.135436] The buggy address is located 0 bytes inside of [ 28.135436] 2048-byte region [ffff8880b3230e80, ffff8880b3231680) [ 28.147197] The buggy address belongs to the page: [ 28.152104] page:ffffea0002cc8c00 count:1 mapcount:0 mapping:ffff8880b3230600 index:0x0 compound_mapcount: 0 [ 28.162050] flags: 0xfff00000008100(slab|head) [ 28.166606] raw: 00fff00000008100 ffff8880b3230600 0000000000000000 0000000100000003 [ 28.174461] raw: ffffea0002586020 ffffea0002561ea0 ffff88813fe74c40 0000000000000000 [ 28.182314] page dumped because: kasan: bad access detected [ 28.187993] [ 28.189592] Memory state around the buggy address: [ 28.194492] ffff8880b3230d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.201824] ffff8880b3230e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 28.209157] >ffff8880b3230e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.216485] ^ [ 28.219822] ffff8880b3230f00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.227156] ffff8880b3230f80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 28.234483] ================================================================== [ 28.241900] Disabling lock debugging due to kernel taint [ 28.247407] Kernel panic - not syncing: panic_on_warn set ... [ 28.247407] [ 28.254738] CPU: 0 PID: 7971 Comm: syz-executor188 Tainted: G B 4.14.300-syzkaller #0 [ 28.263800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 [ 28.273124] Call Trace: [ 28.275689] dump_stack+0x1b2/0x281 [ 28.279288] panic+0x1f9/0x42d [ 28.282449] ? add_taint.cold+0x16/0x16 [ 28.286395] ? lock_downgrade+0x740/0x740 [ 28.290514] kasan_end_report+0x43/0x49 [ 28.294459] kasan_report_double_free+0x6d/0x80 [ 28.299328] kasan_slab_free+0x16f/0x1a0 [ 28.303366] ? debug_object_active_state+0x236/0x330 [ 28.308444] ? mark_held_locks+0xa6/0xf0 [ 28.312477] ? _raw_spin_unlock_irqrestore+0x79/0xe0 [ 28.317549] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.322534] ? lock_acquire+0x170/0x3f0 [ 28.326481] ? lock_downgrade+0x740/0x740 [ 28.330599] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 28.335679] ? debug_check_no_obj_freed+0x2c0/0x680 [ 28.340669] ? debug_object_activate+0x490/0x490 [ 28.345395] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 28.350815] ? dbUnmount+0xf2/0x130 [ 28.354419] kfree+0xc9/0x250 [ 28.357503] dbUnmount+0xf2/0x130 [ 28.360927] jfs_umount+0x1cc/0x310 [ 28.364525] jfs_put_super+0x61/0x140 [ 28.368310] ? jfs_quota_off+0x140/0x140 [ 28.372356] generic_shutdown_super+0x144/0x370 [ 28.377001] kill_block_super+0x95/0xe0 [ 28.380954] deactivate_locked_super+0x6c/0xd0 [ 28.385510] deactivate_super+0x7f/0xa0 [ 28.389458] cleanup_mnt+0x186/0x2c0 [ 28.393146] task_work_run+0x11f/0x190 [ 28.397005] exit_to_usermode_loop+0x1ad/0x200 [ 28.402509] do_syscall_64+0x4a3/0x640 [ 28.406371] entry_SYSCALL_64_after_hwframe+0x5e/0xd3 [ 28.411747] Kernel Offset: disabled [ 28.415366] Rebooting in 86400 seconds..