[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 33.080638] random: sshd: uninitialized urandom read (32 bytes read) [ 33.403900] audit: type=1400 audit(1536457196.526:6): avc: denied { map } for pid=5442 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 [ 33.471509] random: sshd: uninitialized urandom read (32 bytes read) [ 34.101102] random: sshd: uninitialized urandom read (32 bytes read) [ 36.321683] random: sshd: uninitialized urandom read (32 bytes read) Warning: Permanently added '10.128.15.230' (ECDSA) to the list of known hosts. [ 41.876699] random: sshd: uninitialized urandom read (32 bytes read) executing program [ 42.003434] audit: type=1400 audit(1536457205.126:7): avc: denied { map } for pid=5457 comm="syz-executor554" path="/root/syz-executor554321655" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 42.039132] FAT-fs (loop0): bogus number of reserved sectors [ 42.045924] FAT-fs (loop0): Can't find a valid FAT filesystem [ 42.077727] FAULT_INJECTION: forcing a failure. [ 42.077727] name failslab, interval 1, probability 0, space 0, times 1 [ 42.089886] CPU: 1 PID: 5458 Comm: syz-executor554 Not tainted 4.19.0-rc2+ #7 [ 42.097174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.106528] Call Trace: [ 42.109187] dump_stack+0x1c4/0x2b4 [ 42.112811] ? dump_stack_print_info.cold.2+0x52/0x52 [ 42.118039] ? lockdep_hardirqs_on+0x421/0x5c0 [ 42.122639] should_fail.cold.4+0xa/0x17 [ 42.126692] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 42.131901] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 42.136994] ? graph_lock+0x170/0x170 [ 42.140783] ? graph_lock+0x170/0x170 [ 42.144583] ? save_stack+0xa9/0xd0 [ 42.148217] ? save_stack+0x43/0xd0 [ 42.151828] ? kasan_kmalloc+0xc7/0xe0 [ 42.155701] ? __kmalloc_track_caller+0x14a/0x750 [ 42.160582] ? kstrdup+0x39/0x70 [ 42.163994] ? find_held_lock+0x36/0x1c0 [ 42.168052] ? __lock_is_held+0xb5/0x140 [ 42.172104] ? ___might_sleep+0x1ed/0x300 [ 42.176241] ? arch_local_save_flags+0x40/0x40 [ 42.180835] ? check_preemption_disabled+0x48/0x200 [ 42.185839] ? check_preemption_disabled+0x48/0x200 [ 42.190850] __should_failslab+0x124/0x180 [ 42.195094] should_failslab+0x9/0x14 [ 42.198889] kmem_cache_alloc+0x2be/0x730 [ 42.203034] getname_kernel+0x54/0x370 [ 42.207023] kern_path+0x1e/0x40 [ 42.210386] ovl_mount_dir_noesc+0x6b/0x190 [ 42.214707] ovl_mount_dir+0x10a/0x1c0 [ 42.218594] ovl_fill_super+0x990/0x40a3 [ 42.222651] ? sget_userns+0x4a5/0xf10 [ 42.226522] ? get_anon_bdev+0xc0/0xc0 [ 42.230403] ? ovl_show_options+0x550/0x550 [ 42.234721] ? free_pages+0x43/0x50 [ 42.238332] ? selinux_sb_copy_data+0x602/0x740 [ 42.242992] ? selinux_capable+0x36/0x40 [ 42.247048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.252619] ? security_capable+0x99/0xc0 [ 42.256760] ? ns_capable_common+0x13f/0x170 [ 42.261156] ? get_anon_bdev+0xc0/0xc0 [ 42.265035] ? ovl_show_options+0x550/0x550 [ 42.269363] mount_nodev+0x6b/0x110 [ 42.272979] ? ovl_show_options+0x550/0x550 [ 42.277284] ? mount_nodev+0x6b/0x110 [ 42.281068] ovl_mount+0x2c/0x40 [ 42.284426] mount_fs+0xae/0x31d [ 42.287783] vfs_kern_mount.part.35+0xdc/0x4f0 [ 42.292401] ? may_umount+0xb0/0xb0 [ 42.296030] ? _raw_read_unlock+0x2c/0x50 [ 42.300164] ? __get_fs_type+0x97/0xc0 [ 42.304044] do_mount+0x581/0x31f0 [ 42.307576] ? copy_mount_string+0x40/0x40 [ 42.311946] ? copy_mount_options+0x5f/0x380 [ 42.316472] ? rcu_read_lock_sched_held+0x108/0x120 [ 42.321500] ? kmem_cache_alloc_trace+0x353/0x750 [ 42.326350] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.331876] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.337400] ? copy_mount_options+0x288/0x380 [ 42.341888] ksys_mount+0x12d/0x140 [ 42.345503] __x64_sys_mount+0xbe/0x150 [ 42.349584] do_syscall_64+0x1b9/0x820 [ 42.353470] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 42.358819] ? syscall_return_slowpath+0x5e0/0x5e0 [ 42.363735] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.368565] ? trace_hardirqs_on_caller+0x310/0x310 [ 42.373689] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 42.378694] ? prepare_exit_to_usermode+0x291/0x3b0 [ 42.383699] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.388532] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.393720] RIP: 0033:0x445119 [ 42.396906] Code: ad ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 42.415794] RSP: 002b:00007ffef77a0948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 executing program [ 42.423587] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445119 [ 42.430844] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 42.438102] RBP: 00007ffef77a0960 R08: 0000000020000100 R09: 00007ffef77f92f4 [ 42.445627] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 42.452884] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 42.460550] overlayfs: failed to resolve './file0': -12 [ 42.477249] FAT-fs (loop0): bogus number of reserved sectors [ 42.483340] FAT-fs (loop0): Can't find a valid FAT filesystem [ 42.524964] FAULT_INJECTION: forcing a failure. [ 42.524964] name failslab, interval 1, probability 0, space 0, times 0 [ 42.537246] CPU: 1 PID: 5463 Comm: syz-executor554 Not tainted 4.19.0-rc2+ #7 [ 42.544538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.553888] Call Trace: [ 42.556474] dump_stack+0x1c4/0x2b4 [ 42.560102] ? dump_stack_print_info.cold.2+0x52/0x52 [ 42.565290] ? mark_held_locks+0x130/0x130 [ 42.569621] ? mark_held_locks+0x130/0x130 [ 42.573849] should_fail.cold.4+0xa/0x17 [ 42.577903] ? flex_array_get_ptr+0x49/0x60 [ 42.582231] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 42.587326] ? context_struct_compute_av+0x1600/0x1600 [ 42.592704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.598245] ? graph_lock+0x170/0x170 [ 42.602054] ? __sanitizer_cov_trace_cmp2+0x18/0x20 [ 42.607060] ? avtab_search_node+0x425/0x550 [ 42.611459] ? graph_lock+0x170/0x170 [ 42.615248] ? print_usage_bug+0xc0/0xc0 [ 42.619295] ? find_held_lock+0x36/0x1c0 [ 42.623348] ? find_held_lock+0x36/0x1c0 [ 42.627406] __should_failslab+0x124/0x180 [ 42.631644] should_failslab+0x9/0x14 [ 42.635444] kmem_cache_alloc+0x47/0x730 [ 42.639502] ? trace_hardirqs_on+0xbd/0x310 [ 42.643827] ? kasan_check_read+0x11/0x20 [ 42.647963] ? avc_compute_av+0x2c5/0x800 [ 42.652156] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 42.657702] avc_alloc_node+0x2a/0x5e0 [ 42.661589] avc_compute_av+0x2d1/0x800 [ 42.665548] ? avc_has_perm+0xe4/0x7e0 [ 42.669439] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.674983] ? avc_alloc_node+0x5e0/0x5e0 [ 42.679119] ? kasan_check_read+0x11/0x20 [ 42.683263] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 42.688577] ? kasan_check_read+0x11/0x20 [ 42.692721] ? rcu_bh_qs+0xc0/0xc0 [ 42.696253] ? rcu_bh_qs+0xc0/0xc0 [ 42.699794] ? rcu_bh_qs+0xc0/0xc0 [ 42.703325] ? unwind_dump+0x190/0x190 [ 42.707206] avc_has_perm+0x3c9/0x7e0 [ 42.710999] ? is_bpf_text_address+0xd3/0x170 [ 42.715490] ? avc_has_perm_noaudit+0x630/0x630 [ 42.720251] ? __kernel_text_address+0xd/0x40 [ 42.724793] ? __save_stack_trace+0x8d/0xf0 [ 42.729131] ? __kasan_slab_free+0x102/0x150 [ 42.733590] ? kasan_slab_free+0xe/0x10 [ 42.737561] ? kfree+0xcf/0x230 [ 42.740834] selinux_sb_statfs+0x203/0x320 [ 42.745059] ? do_syscall_64+0x1b9/0x820 [ 42.749115] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.754557] ? selinux_umount+0x180/0x180 [ 42.758711] ? do_raw_spin_unlock+0x7a/0x2f0 [ 42.763114] ? trace_hardirqs_on+0x310/0x310 [ 42.767529] ? kasan_check_write+0x14/0x20 [ 42.771758] security_sb_statfs+0x4c/0xa0 [ 42.775904] statfs_by_dentry+0xaa/0x210 [ 42.779956] vfs_statfs+0x47/0x2e0 [ 42.783492] ovl_check_namelen.isra.9+0x8b/0x140 [ 42.788239] ? ovl_inode_init_once+0x20/0x20 [ 42.792644] ? ovl_mount_dir+0x12b/0x1c0 [ 42.796698] ovl_fill_super+0xa61/0x40a3 [ 42.800750] ? sget_userns+0x4a5/0xf10 [ 42.804623] ? get_anon_bdev+0xc0/0xc0 [ 42.808507] ? ovl_show_options+0x550/0x550 [ 42.812819] ? free_pages+0x43/0x50 [ 42.816445] ? selinux_sb_copy_data+0x602/0x740 [ 42.821141] ? selinux_capable+0x36/0x40 [ 42.825199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.830730] ? security_capable+0x99/0xc0 [ 42.834874] ? ns_capable_common+0x13f/0x170 [ 42.839288] ? get_anon_bdev+0xc0/0xc0 [ 42.843199] ? ovl_show_options+0x550/0x550 [ 42.847521] mount_nodev+0x6b/0x110 [ 42.851138] ? ovl_show_options+0x550/0x550 [ 42.855455] ? mount_nodev+0x6b/0x110 [ 42.859362] ovl_mount+0x2c/0x40 [ 42.862721] mount_fs+0xae/0x31d [ 42.866080] vfs_kern_mount.part.35+0xdc/0x4f0 [ 42.870664] ? may_umount+0xb0/0xb0 [ 42.874286] ? _raw_read_unlock+0x2c/0x50 [ 42.878434] ? __get_fs_type+0x97/0xc0 [ 42.882432] do_mount+0x581/0x31f0 [ 42.885965] ? copy_mount_string+0x40/0x40 [ 42.890193] ? copy_mount_options+0x5f/0x380 [ 42.894720] ? rcu_read_lock_sched_held+0x108/0x120 [ 42.899727] ? kmem_cache_alloc_trace+0x353/0x750 [ 42.904561] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 42.910088] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 42.915618] ? copy_mount_options+0x288/0x380 [ 42.920115] ksys_mount+0x12d/0x140 [ 42.923732] __x64_sys_mount+0xbe/0x150 [ 42.927715] do_syscall_64+0x1b9/0x820 [ 42.931597] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 42.937145] ? syscall_return_slowpath+0x5e0/0x5e0 [ 42.942064] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.946900] ? trace_hardirqs_on_caller+0x310/0x310 [ 42.951910] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 42.956937] ? prepare_exit_to_usermode+0x291/0x3b0 [ 42.961961] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 42.966805] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.971995] RIP: 0033:0x445119 [ 42.975178] Code: ad ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 42.994197] RSP: 002b:00007ffef77a0948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 43.001903] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445119 [ 43.009162] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 43.016524] RBP: 00007ffef77a0960 R08: 0000000020000100 R09: 00007ffef77f92f4 executing program [ 43.023785] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 43.031162] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 43.039264] overlayfs: workdir and upperdir must be separate subtrees [ 43.057110] FAT-fs (loop0): bogus number of reserved sectors [ 43.063956] FAT-fs (loop0): Can't find a valid FAT filesystem [ 43.104875] FAULT_INJECTION: forcing a failure. [ 43.104875] name failslab, interval 1, probability 0, space 0, times 0 [ 43.117069] CPU: 1 PID: 5468 Comm: syz-executor554 Not tainted 4.19.0-rc2+ #7 [ 43.124355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.133723] Call Trace: [ 43.136319] dump_stack+0x1c4/0x2b4 [ 43.139937] ? dump_stack_print_info.cold.2+0x52/0x52 [ 43.145122] should_fail.cold.4+0xa/0x17 [ 43.149187] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 43.154288] ? lock_downgrade+0x900/0x900 [ 43.158443] ? lock_downgrade+0x900/0x900 [ 43.162601] ? graph_lock+0x170/0x170 [ 43.166404] ? kasan_check_read+0x11/0x20 [ 43.170560] ? do_raw_spin_unlock+0xa7/0x2f0 [ 43.174956] ? graph_lock+0x170/0x170 [ 43.178750] ? kasan_check_write+0x14/0x20 [ 43.182976] ? do_raw_spin_lock+0xc1/0x200 [ 43.187335] ? find_held_lock+0x36/0x1c0 [ 43.191388] ? __lock_is_held+0xb5/0x140 [ 43.195463] ? ___might_sleep+0x1ed/0x300 [ 43.199624] ? find_held_lock+0x36/0x1c0 [ 43.203675] ? arch_local_save_flags+0x40/0x40 [ 43.208255] __should_failslab+0x124/0x180 [ 43.212495] should_failslab+0x9/0x14 [ 43.216304] __kmalloc_track_caller+0x2d0/0x750 [ 43.220969] ? do_raw_spin_unlock+0xa7/0x2f0 [ 43.225368] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 43.229973] ? ovl_mount_dir+0x2a/0x1c0 [ 43.233945] kstrdup+0x39/0x70 [ 43.237131] ovl_mount_dir+0x2a/0x1c0 [ 43.240923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 43.246454] ovl_fill_super+0xbc5/0x40a3 [ 43.250508] ? sget_userns+0x4a5/0xf10 [ 43.254443] ? get_anon_bdev+0xc0/0xc0 [ 43.258342] ? ovl_show_options+0x550/0x550 [ 43.262656] ? free_pages+0x43/0x50 [ 43.266272] ? selinux_sb_copy_data+0x602/0x740 [ 43.270937] ? selinux_capable+0x36/0x40 [ 43.275006] ? security_capable+0x99/0xc0 [ 43.279199] ? ns_capable_common+0x13f/0x170 [ 43.283609] ? get_anon_bdev+0xc0/0xc0 [ 43.287492] ? ovl_show_options+0x550/0x550 [ 43.291800] mount_nodev+0x6b/0x110 [ 43.295424] ? ovl_show_options+0x550/0x550 [ 43.299736] ? mount_nodev+0x6b/0x110 [ 43.303530] ovl_mount+0x2c/0x40 [ 43.306893] mount_fs+0xae/0x31d [ 43.310257] vfs_kern_mount.part.35+0xdc/0x4f0 [ 43.314832] ? may_umount+0xb0/0xb0 [ 43.318469] ? _raw_read_unlock+0x2c/0x50 [ 43.322624] ? __get_fs_type+0x97/0xc0 [ 43.326512] do_mount+0x581/0x31f0 [ 43.330043] ? copy_mount_string+0x40/0x40 [ 43.334274] ? copy_mount_options+0x5f/0x380 [ 43.338685] ? rcu_read_lock_sched_held+0x108/0x120 [ 43.343694] ? kmem_cache_alloc_trace+0x353/0x750 [ 43.348532] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 43.354072] ? _copy_from_user+0xdf/0x150 [ 43.358218] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 43.363745] ? copy_mount_options+0x288/0x380 [ 43.368233] ksys_mount+0x12d/0x140 [ 43.371850] __x64_sys_mount+0xbe/0x150 [ 43.375817] do_syscall_64+0x1b9/0x820 [ 43.379861] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 43.385215] ? syscall_return_slowpath+0x5e0/0x5e0 [ 43.390132] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 43.394965] ? trace_hardirqs_on_caller+0x310/0x310 [ 43.399975] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 43.404993] ? prepare_exit_to_usermode+0x291/0x3b0 [ 43.410006] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 43.414901] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 43.420084] RIP: 0033:0x445119 [ 43.423320] Code: ad ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 43.442217] RSP: 002b:00007ffef77a0948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 executing program [ 43.449918] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445119 [ 43.457177] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 43.464444] RBP: 00007ffef77a0960 R08: 0000000020000100 R09: 00007ffef77f92f4 [ 43.471703] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 43.478958] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 43.498862] FAT-fs (loop0): bogus number of reserved sectors [ 43.505338] FAT-fs (loop0): Can't find a valid FAT filesystem [ 43.545317] FAULT_INJECTION: forcing a failure. [ 43.545317] name failslab, interval 1, probability 0, space 0, times 0 [ 43.556682] CPU: 1 PID: 5473 Comm: syz-executor554 Not tainted 4.19.0-rc2+ #7 [ 43.563960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.573327] Call Trace: [ 43.575923] dump_stack+0x1c4/0x2b4 [ 43.579546] ? dump_stack_print_info.cold.2+0x52/0x52 [ 43.584734] ? __lock_acquire+0x7ec/0x4ec0 [ 43.588959] ? kasan_check_read+0x11/0x20 [ 43.593105] should_fail.cold.4+0xa/0x17 [ 43.597164] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 43.602255] ? mark_held_locks+0x130/0x130 [ 43.606480] ? graph_lock+0x170/0x170 [ 43.610275] ? graph_lock+0x170/0x170 [ 43.614072] ? __lock_acquire+0x7ec/0x4ec0 [ 43.618308] ? find_held_lock+0x36/0x1c0 [ 43.622359] ? print_usage_bug+0xc0/0xc0 [ 43.626411] ? find_held_lock+0x36/0x1c0 [ 43.630479] ? __lock_is_held+0xb5/0x140 [ 43.634546] ? ___might_sleep+0x1ed/0x300 [ 43.638681] ? graph_lock+0x170/0x170 [ 43.642477] ? arch_local_save_flags+0x40/0x40 [ 43.647058] ? print_usage_bug+0xc0/0xc0 [ 43.651114] __should_failslab+0x124/0x180 [ 43.655352] should_failslab+0x9/0x14 [ 43.659143] kmem_cache_alloc+0x2be/0x730 [ 43.663286] alloc_vfsmnt+0xe9/0x990 [ 43.666990] ? m_stop+0x20/0x20 [ 43.670315] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 43.675588] ? kasan_check_read+0x11/0x20 [ 43.679728] ? mark_held_locks+0x130/0x130 [ 43.683950] ? find_held_lock+0x36/0x1c0 [ 43.688024] ? mark_held_locks+0xc7/0x130 [ 43.692179] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 43.697279] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 43.702373] ? lockdep_hardirqs_on+0x421/0x5c0 [ 43.706948] ? trace_hardirqs_on+0xbd/0x310 [ 43.711267] ? kasan_check_read+0x11/0x20 [ 43.715406] ? __percpu_counter_sum+0x135/0x1a0 [ 43.720074] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 43.725527] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 43.730546] clone_mnt+0x124/0x13b0 [ 43.734168] ? kern_mount_data+0xc0/0xc0 [ 43.738292] ? find_held_lock+0x36/0x1c0 [ 43.742427] ? ovl_inuse_trylock+0xae/0xd0 [ 43.746667] ? lock_downgrade+0x900/0x900 [ 43.750811] ? kasan_check_read+0x11/0x20 [ 43.754948] ? do_raw_spin_unlock+0xa7/0x2f0 [ 43.759347] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 43.763920] ? kasan_check_write+0x14/0x20 [ 43.768141] ? do_raw_spin_lock+0xc1/0x200 [ 43.772372] clone_private_mount+0xba/0x100 [ 43.776684] ovl_fill_super+0xb03/0x40a3 [ 43.780736] ? sget_userns+0x4a5/0xf10 [ 43.784624] ? get_anon_bdev+0xc0/0xc0 [ 43.788595] ? ovl_show_options+0x550/0x550 [ 43.792931] ? free_pages+0x43/0x50 [ 43.796563] ? selinux_sb_copy_data+0x602/0x740 [ 43.801238] ? selinux_capable+0x36/0x40 [ 43.805299] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 43.810832] ? security_capable+0x99/0xc0 [ 43.814979] ? ns_capable_common+0x13f/0x170 [ 43.819384] ? get_anon_bdev+0xc0/0xc0 [ 43.823278] ? ovl_show_options+0x550/0x550 [ 43.827665] mount_nodev+0x6b/0x110 [ 43.831448] ? ovl_show_options+0x550/0x550 [ 43.835762] ? mount_nodev+0x6b/0x110 [ 43.839563] ovl_mount+0x2c/0x40 [ 43.842923] mount_fs+0xae/0x31d [ 43.846281] vfs_kern_mount.part.35+0xdc/0x4f0 [ 43.850853] ? may_umount+0xb0/0xb0 [ 43.854486] ? _raw_read_unlock+0x2c/0x50 [ 43.858643] ? __get_fs_type+0x97/0xc0 [ 43.862535] do_mount+0x581/0x31f0 [ 43.866073] ? copy_mount_string+0x40/0x40 [ 43.870302] ? copy_mount_options+0x5f/0x380 [ 43.874701] ? rcu_read_lock_sched_held+0x108/0x120 [ 43.879716] ? kmem_cache_alloc_trace+0x353/0x750 [ 43.884560] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 43.890106] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 43.895640] ? copy_mount_options+0x288/0x380 [ 43.900145] ksys_mount+0x12d/0x140 [ 43.903775] __x64_sys_mount+0xbe/0x150 [ 43.907845] do_syscall_64+0x1b9/0x820 [ 43.911729] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 43.917095] ? syscall_return_slowpath+0x5e0/0x5e0 [ 43.922024] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 43.926866] ? trace_hardirqs_on_caller+0x310/0x310 [ 43.931873] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 43.936880] ? prepare_exit_to_usermode+0x291/0x3b0 [ 43.942022] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 43.946861] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 43.952041] RIP: 0033:0x445119 [ 43.955222] Code: ad ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 43.974122] RSP: 002b:00007ffef77a0948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 43.981841] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445119 [ 43.989115] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 43.996379] RBP: 00007ffef77a0960 R08: 0000000020000100 R09: 00007ffef77f92f4 [ 44.003637] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 44.010892] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 44.018400] overlayfs: failed to clone upperpath [ 44.023246] kasan: CONFIG_KASAN_INLINE enabled [ 44.027825] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 44.035233] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 44.041713] CPU: 1 PID: 5473 Comm: syz-executor554 Not tainted 4.19.0-rc2+ #7 [ 44.048971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.058322] RIP: 0010:ovl_free_fs+0x504/0x690 [ 44.062806] Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 67 01 00 00 49 8b 3c 24 e8 c9 0a 01 00 e9 0c fc [ 44.081798] RSP: 0018:ffff8801b3de7798 EFLAGS: 00010246 [ 44.087145] RAX: dffffc0000000000 RBX: ffff8801d87b7800 RCX: ffffffff828cacaf [ 44.094399] RDX: 0000000000000000 RSI: ffffffff828cb065 RDI: 0000000000000001 [ 44.101669] RBP: ffff8801b3de77f0 R08: ffff8801c44ba680 R09: ffffed003b5e4732 [ 44.108921] R10: ffffed003b5e4732 R11: ffff8801daf23993 R12: 0000000000000000 [ 44.116174] R13: ffff8801d87b7820 R14: fffffffffffffff4 R15: ffff8801d87b7800 [ 44.123530] FS: 000000000207a880(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 44.131742] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.137604] CR2: 00007f14a574e169 CR3: 00000001c5068000 CR4: 00000000001406e0 [ 44.144860] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.152111] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.159370] Call Trace: [ 44.161967] ? mntput+0x74/0xa0 [ 44.165243] ovl_fill_super+0x4f4/0x40a3 [ 44.169304] ? sget_userns+0x4a5/0xf10 [ 44.173190] ? get_anon_bdev+0xc0/0xc0 [ 44.177083] ? ovl_show_options+0x550/0x550 [ 44.181402] ? free_pages+0x43/0x50 [ 44.185022] ? selinux_sb_copy_data+0x602/0x740 [ 44.189678] ? selinux_capable+0x36/0x40 [ 44.193731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 44.199259] ? security_capable+0x99/0xc0 [ 44.203398] ? ns_capable_common+0x13f/0x170 [ 44.207802] ? get_anon_bdev+0xc0/0xc0 [ 44.211680] ? ovl_show_options+0x550/0x550 [ 44.215990] mount_nodev+0x6b/0x110 [ 44.219603] ? ovl_show_options+0x550/0x550 [ 44.223907] ? mount_nodev+0x6b/0x110 [ 44.227705] ovl_mount+0x2c/0x40 [ 44.231061] mount_fs+0xae/0x31d [ 44.234424] vfs_kern_mount.part.35+0xdc/0x4f0 [ 44.239000] ? may_umount+0xb0/0xb0 [ 44.242614] ? _raw_read_unlock+0x2c/0x50 [ 44.246749] ? __get_fs_type+0x97/0xc0 [ 44.250626] do_mount+0x581/0x31f0 [ 44.254257] ? copy_mount_string+0x40/0x40 [ 44.258482] ? copy_mount_options+0x5f/0x380 [ 44.262927] ? rcu_read_lock_sched_held+0x108/0x120 [ 44.267941] ? kmem_cache_alloc_trace+0x353/0x750 [ 44.272884] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 44.278441] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 44.283973] ? copy_mount_options+0x288/0x380 [ 44.288458] ksys_mount+0x12d/0x140 [ 44.292071] __x64_sys_mount+0xbe/0x150 [ 44.296037] do_syscall_64+0x1b9/0x820 [ 44.299928] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 44.305278] ? syscall_return_slowpath+0x5e0/0x5e0 [ 44.310197] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 44.315025] ? trace_hardirqs_on_caller+0x310/0x310 [ 44.320032] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 44.325111] ? prepare_exit_to_usermode+0x291/0x3b0 [ 44.330123] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 44.334956] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 44.340133] RIP: 0033:0x445119 [ 44.343314] Code: ad ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b ce fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 44.362203] RSP: 002b:00007ffef77a0948 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 44.369919] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000445119 [ 44.377181] RDX: 00000000200000c0 RSI: 0000000020000080 RDI: 0000000000000000 [ 44.384440] RBP: 00007ffef77a0960 R08: 0000000020000100 R09: 00007ffef77f92f4 [ 44.391735] R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff [ 44.398993] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 44.406249] Modules linked in: [ 44.409440] Dumping ftrace buffer: [ 44.412958] (ftrace buffer empty) [ 44.416778] ---[ end trace 6b50ff34ce671ab8 ]--- [ 44.421559] RIP: 0010:ovl_free_fs+0x504/0x690 [ 44.426138] Code: 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 78 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 4c 89 e2 48 c1 ea 03 <80> 3c 02 00 0f 85 67 01 00 00 49 8b 3c 24 e8 c9 0a 01 00 e9 0c fc [ 44.445206] RSP: 0018:ffff8801b3de7798 EFLAGS: 00010246 [ 44.450573] RAX: dffffc0000000000 RBX: ffff8801d87b7800 RCX: ffffffff828cacaf [ 44.457868] RDX: 0000000000000000 RSI: ffffffff828cb065 RDI: 0000000000000001 [ 44.465172] RBP: ffff8801b3de77f0 R08: ffff8801c44ba680 R09: ffffed003b5e4732 [ 44.472457] R10: ffffed003b5e4732 R11: ffff8801daf23993 R12: 0000000000000000 [ 44.479790] R13: ffff8801d87b7820 R14: fffffffffffffff4 R15: ffff8801d87b7800 [ 44.487104] FS: 000000000207a880(0000) GS:ffff8801daf00000(0000) knlGS:0000000000000000 [ 44.495381] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 44.501276] CR2: 00007f14a574e169 CR3: 00000001c5068000 CR4: 00000000001406e0 [ 44.508900] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 44.516315] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 44.523610] Kernel panic - not syncing: Fatal exception [ 44.529311] Dumping ftrace buffer: [ 44.532835] (ftrace buffer empty) [ 44.537156] Kernel Offset: disabled [ 44.540779] Rebooting in 86400 seconds..