[ 167.548530] syz-executor1: vmalloc: allocation failure, allocated 0 of 20480 bytes, mode:0x14080c2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 167.614731] syz-executor1 cpuset=/ mems_allowed=0 [ 167.620084] CPU: 0 PID: 15907 Comm: syz-executor1 Not tainted 4.10.0-rc7-next-20170207 #1 [ 167.622115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 167.622115] Call Trace: [ 167.622115] dump_stack+0x2ee/0x3ef [ 167.622115] ? arch_local_irq_restore+0x53/0x53 [ 167.622115] ? console_unlock+0x1000/0x1000 [ 167.622115] ? _raw_spin_unlock_irqrestore+0x144/0x200 [ 167.622115] ? _raw_write_unlock_irqrestore+0x200/0x200 [ 167.622115] ? rwlock_bug.part.2+0x90/0x90 [ 167.622115] ? vprintk_func+0x47/0x90 [ 167.622115] ? printk+0xc8/0xf9 [ 167.622115] ? cpuset_print_current_mems_allowed+0x206/0x3c0 [ 167.622115] ? lock_acquire+0x630/0x630 [ 167.622115] ? pr_cont_kernfs_name+0x173/0x1d0 [ 167.622115] ? vprintk_default+0x28/0x30 [ 167.622115] ? vprintk_func+0x47/0x90 [ 167.622115] ? printk+0xc8/0xf9 [ 167.622115] ? load_image_and_restore+0x134/0x134 [ 167.622115] ? rcu_pm_notify+0xc0/0xc0 [ 167.709615] ? cpuset_print_current_mems_allowed+0x22f/0x3c0 [ 167.711416] ? cpuset_mems_allowed_intersects+0x80/0x80 [ 167.711416] ? cpuset_mems_allowed_intersects+0x80/0x80 [ 167.725160] ? vprintk_func+0x47/0x90 [ 167.725160] warn_alloc+0x21f/0x360 [ 167.725160] ? zone_watermark_ok_safe+0x440/0x440 [ 167.725160] ? rcu_read_lock_sched_held+0x108/0x120 [ 167.743128] ? kmem_cache_alloc_node_trace+0x312/0x690 [ 167.748336] ? kasan_kmalloc+0xaa/0xd0 [ 167.752147] __vmalloc_node_range+0x4e9/0x770 [ 167.756683] ? pcpu_mem_zalloc+0x31/0x90 [ 167.759495] vzalloc+0x5b/0x70 [ 167.759495] ? pcpu_mem_zalloc+0x31/0x90 [ 167.768129] pcpu_mem_zalloc+0x31/0x90 [ 167.771546] pcpu_extend_area_map+0xf2/0x300 [ 167.776081] ? pcpu_populate_chunk+0x900/0x900 [ 167.781583] ? pcpu_need_to_extend+0x27e/0x570 [ 167.781583] ? pcpu_schedule_balance_work.part.16+0x50/0x50 [ 167.781583] ? _raw_read_lock_irqsave+0x180/0x180 [ 167.781583] ? __lock_is_held+0xb6/0x140 [ 167.781583] pcpu_alloc+0x941/0x1290 [ 167.781583] ? __lock_is_held+0xb6/0x140 [ 167.781583] ? pcpu_balance_workfn+0x1c00/0x1c00 [ 167.781583] ? look_up_lock_class+0x6c0/0x6c0 [ 167.817817] ? print_usage_bug+0x440/0x440 [ 167.821226] ? ___might_sleep+0x4c0/0x650 [ 167.825744] ? can_nice.part.96+0x20/0x20 [ 167.830353] ? perf_trace_lock_acquire+0x141/0xa00 [ 167.831682] ? zap_class+0x770/0x770 [ 167.831682] ? unwind_next_frame+0x1f6/0xbf0 [ 167.843079] ? print_usage_bug+0x440/0x440 [ 167.847584] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 167.851915] ? __lock_is_held+0x140/0x140 [ 167.855357] ? rtnl_lock+0x17/0x20 [ 167.855357] ? lock_set_class+0xc00/0xc00 [ 167.864631] ? __save_stack_trace+0x7e/0xd0 [ 167.868067] ? depot_save_stack+0x12c/0x480 [ 167.872576] ? ___might_sleep+0x4c0/0x650 [ 167.877096] ? save_stack_trace+0x16/0x20 [ 167.881577] ? can_nice.part.96+0x20/0x20 [ 167.884984] ? mark_held_locks+0xaf/0x100 [ 167.889503] ? __raw_spin_lock_init+0x1c/0x100 [ 167.894051] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 167.899403] ? mark_held_locks+0x100/0x100 [ 167.903284] ? __lock_is_held+0x140/0x140 [ 167.903284] ? mark_held_locks+0x100/0x100 [ 167.903284] ? lockdep_init_map+0x15e/0x810 [ 167.903284] ? rtnl_lock+0x17/0x20 [ 167.919099] ? __might_sleep+0x95/0x1a0 [ 167.923573] ? rtnl_lock+0x17/0x20 [ 167.926927] ? __mutex_lock+0x172/0x1730 [ 167.931384] ? rtnl_lock+0x17/0x20 [ 167.934724] ? rcu_pm_notify+0xc0/0xc0 [ 167.938066] ? lockdep_count_backward_deps+0x470/0x470 [ 167.943657] ? rcu_read_lock_sched_held+0x108/0x120 [ 167.949190] ? __kmalloc+0x404/0x690 [ 167.952531] ? dql_init+0x12/0x2e0 [ 167.955866] ? kzalloc+0x1e/0x30 [ 167.959232] ? alloc_netdev_mqs+0xb59/0xf40 [ 167.963683] ? lockdep_init_map+0x15e/0x810 [ 167.968184] ? lockdep_init_map+0x15e/0x810 [ 167.972631] ? napi_gro_frags+0xb00/0xb00 [ 167.975961] ? register_lock_class+0x1bf0/0x1bf0 [ 167.981561] ? ipip6_tunnel_bind_dev+0x107/0xaa0 [ 167.986088] ? full_name_hash+0x9b/0xe0 [ 167.986088] ? ipip6_netlink_parms+0x690/0x690 [ 167.986088] ? __dev_get_by_name+0xeb/0x130 [ 167.986088] ? dev_valid_name+0x17a/0x1b0 [ 167.986088] ? dev_get_valid_name+0x10e/0x1a0 [ 167.986088] __alloc_percpu_gfp+0x27/0x30 [ 167.986088] ipip6_tunnel_init+0xd2/0x250 [ 167.986088] ? ipip6_tunnel_bind_dev+0xaa0/0xaa0 [ 167.986088] register_netdevice+0x2f1/0xed0 [ 167.986088] ? netdev_change_features+0xc0/0xc0 [ 167.986088] ? rcu_pm_notify+0xc0/0xc0 [ 167.986088] register_netdev+0x1a/0x30 [ 167.986088] sit_init_net+0x391/0xa10 [ 167.986088] ? ipip6_newlink+0x160/0x160 [ 167.986088] ? ipip6_newlink+0x160/0x160 [ 167.986088] ? kasan_unpoison_shadow+0x35/0x50 [ 167.986088] ? kasan_unpoison_shadow+0x35/0x50 [ 167.986088] ? rcu_read_lock_sched_held+0x108/0x120 [ 167.986088] ? __kmalloc+0x404/0x690 [ 167.986088] ? rtnl_unlock+0xe/0x10 [ 167.986088] ? ops_init+0x172/0x530 [ 167.986088] ? ipip6_newlink+0x160/0x160 [ 167.986088] ops_init+0x10a/0x530 [ 167.986088] ? net_alloc_generic+0x70/0x70 [ 167.986088] ? trace_softirqs_off+0x460/0x460 [ 167.986088] setup_net+0x2ed/0x690 [ 167.986088] ? ops_init+0x530/0x530 [ 167.986088] ? rcu_pm_notify+0xc0/0xc0 [ 167.986088] ? kasan_unpoison_shadow+0x35/0x50 [ 167.986088] ? kasan_kmalloc+0xaa/0xd0 [ 167.986088] ? copy_net_ns+0x196/0x530 [ 167.986088] ? rcu_read_lock_sched_held+0x108/0x120 [ 167.986088] ? net_alloc_generic+0x23/0x70 [ 167.986088] copy_net_ns+0x26c/0x530 [ 167.986088] ? cleanup_net+0xa90/0xa90 [ 167.986088] ? do_mount+0x2ec0/0x2ec0 [ 167.986088] ? kmem_cache_alloc+0x3ee/0x680 [ 167.986088] create_new_namespaces+0x409/0x860 [ 167.986088] ? sys_ni_syscall+0x20/0x20 [ 167.986088] ? ns_capable_common+0xcf/0x160 [ 167.986088] unshare_nsproxy_namespaces+0xae/0x1e0 [ 167.986088] SyS_unshare+0x64e/0xfc0 [ 167.986088] ? kcov_ioctl+0x56/0x190 [ 167.986088] ? walk_process_tree+0x400/0x400 [ 167.986088] ? __might_sleep+0x95/0x1a0 [ 167.986088] ? entry_SYSCALL_64_fastpath+0x5/0xc2 [ 167.986088] ? mark_held_locks+0x100/0x100 [ 167.986088] ? selinux_file_ioctl+0x482/0x690 [ 167.986088] ? selinux_capable+0x40/0x40 [ 167.986088] ? trace_hardirqs_on+0xd/0x10 [ 167.986088] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 167.986088] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 167.986088] RIP: 0033:0x44fb29 [ 167.986088] RSP: 002b:00007f2b8be10b58 EFLAGS: 00000212 ORIG_RAX: 0000000000000110 [ 167.986088] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000044fb29 [ 167.986088] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062020200 [ 167.986088] RBP: 0000000062020200 R08: 0000000000000000 R09: 0000000000000000 [ 167.986088] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 167.986088] R13: 0000000000a2fc57 R14: 00007f2b8be119c0 R15: 0000000000000002 [ 168.252946] warn_alloc_show_mem: 1 callbacks suppressed [ 168.258501] Mem-Info: [ 168.262866] active_anon:299366 inactive_anon:32 isolated_anon:0 [ 168.262866] active_file:4477 inactive_file:9667 isolated_file:0 [ 168.262866] unevictable:4 dirty:109 writeback:0 unstable:0 [ 168.262866] slab_reclaimable:9708 slab_unreclaimable:83959 [ 168.262866] mapped:22725 shmem:49 pagetables:1113 bounce:0 [ 168.262866] free:1205619 free_pcp:484 free_cma:0 [ 168.296365] Node 0 active_anon:1197500kB inactive_anon:124kB active_file:17908kB inactive_file:38704kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:90940kB dirty:468kB writeback:0kB shmem:0kB shmem_thp: 0kB shmem_pmdmapped: 235520kB anon_thp: 192kB writeback_tmp:0kB unstable:0kB pages_scanned:0 all_unreclaimable? no [ 168.325975] Node 0 DMA free:15908kB min:160kB low:200kB high:240kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 168.356045] lowmem_reserve[]: 0 2895 6420 6420 [ 168.360732] Node 0 DMA32 free:2966332kB min:30400kB low:38000kB high:45600kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2967152kB mlocked:0kB slab_reclaimable:0kB slab_unreclaimable:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:816kB local_pcp:684kB free_cma:0kB [ 168.392324] lowmem_reserve[]: 0 0 3525 3525 [ 168.396774] Node 0 Normal free:1840336kB min:37016kB low:46268kB high:55520kB active_anon:1197500kB inactive_anon:124kB active_file:17908kB inactive_file:38704kB unevictable:0kB writepending:468kB present:4718592kB managed:3609756kB mlocked:0kB slab_reclaimable:38832kB slab_unreclaimable:335764kB kernel_stack:4672kB pagetables:4468kB bounce:0kB free_pcp:1256kB local_pcp:540kB free_cma:0kB [ 168.431365] lowmem_reserve[]: 0 0 0 0 [ 168.435260] Node 0 DMA: 1*4kB (U) 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15908kB [ 168.449094] Node 0 DMA32: 5*4kB (UM) 3*8kB (UM) 3*16kB (M) 3*32kB (UM) 2*64kB (M) 4*128kB (M) 4*256kB (UM) 2*512kB (UM) 4*1024kB (UM) 3*2048kB (UM) 721*4096kB (M) = 2966332kB [ 168.465133] Node 0 Normal: 1226*4kB (UME) 850*8kB (UME) 461*16kB (UME) 297*32kB (UME) 802*64kB (UME) 100*128kB (UM) 49*256kB (UME) 71*512kB (UME) 41*1024kB (UME) 5*2048kB (UE) 402*4096kB (M) = 1840424kB [ 168.483527] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 168.492158] 14202 total pagecache pages [ 168.496192] 0 pages in swap cache [ 168.499718] Swap cache stats: add 0, delete 0, find 0/0 [ 168.505150] Free swap = 0kB [ 168.508245] Total swap = 0kB [ 168.511323] 1965979 pages RAM [ 168.514489] 0 pages HighMem/MovableOnly [ 168.518539] 317775 pages reserved [ 168.522106] percpu: allocation failed, size=32 align=8 atomic=0, failed to extend area map [ 168.530550] CPU: 0 PID: 15907 Comm: syz-executor1 Not tainted 4.10.0-rc7-next-20170207 #1 [ 168.531522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 168.531522] Call Trace: [ 168.531522] dump_stack+0x2ee/0x3ef [ 168.531522] ? arch_local_irq_restore+0x53/0x53 [ 168.531522] ? vprintk_emit+0x566/0x770 [ 168.531522] ? console_unlock+0x1000/0x1000 [ 168.531522] ? __vunmap+0x251/0x300 [ 168.531522] ? trace_hardirqs_on+0xd/0x10 [ 168.531522] ? __vunmap+0x203/0x300 [ 168.531522] ? vfree+0x55/0xe0 [ 168.531522] ? __vmalloc_node_range+0x519/0x770 [ 168.531522] ? pcpu_mem_zalloc+0x31/0x90 [ 168.531522] ? vzalloc+0x5b/0x70 [ 168.531522] ? pcpu_mem_zalloc+0x31/0x90 [ 168.531522] ? pcpu_mem_zalloc+0x39/0x90 [ 168.531522] ? pcpu_extend_area_map+0x1e2/0x300 [ 168.531522] ? vprintk_default+0x28/0x30 [ 168.531522] ? vprintk_func+0x47/0x90 [ 168.531522] ? printk+0xc8/0xf9 [ 168.531522] ? load_image_and_restore+0x134/0x134 [ 168.531522] ? _raw_read_lock_irqsave+0x180/0x180 [ 168.531522] pcpu_alloc+0x1185/0x1290 [ 168.531522] ? __lock_is_held+0xb6/0x140 [ 168.531522] ? pcpu_balance_workfn+0x1c00/0x1c00 [ 168.531522] ? look_up_lock_class+0x6c0/0x6c0 [ 168.531522] ? print_usage_bug+0x440/0x440 [ 168.531522] ? ___might_sleep+0x4c0/0x650 [ 168.531522] ? can_nice.part.96+0x20/0x20 [ 168.531522] ? perf_trace_lock_acquire+0x141/0xa00 [ 168.531522] ? zap_class+0x770/0x770 [ 168.531522] ? unwind_next_frame+0x1f6/0xbf0 [ 168.531522] ? print_usage_bug+0x440/0x440 [ 168.531522] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 168.531522] ? __lock_is_held+0x140/0x140 [ 168.531522] ? rtnl_lock+0x17/0x20 [ 168.531522] ? lock_set_class+0xc00/0xc00 [ 168.531522] ? __save_stack_trace+0x7e/0xd0 [ 168.531522] ? depot_save_stack+0x12c/0x480 [ 168.531522] ? ___might_sleep+0x4c0/0x650 [ 168.531522] ? save_stack_trace+0x16/0x20 [ 168.531522] ? can_nice.part.96+0x20/0x20 [ 168.531522] ? mark_held_locks+0xaf/0x100 [ 168.531522] ? __raw_spin_lock_init+0x1c/0x100 [ 168.531522] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 168.531522] ? mark_held_locks+0x100/0x100 [ 168.531522] ? __lock_is_held+0x140/0x140 [ 168.531522] ? mark_held_locks+0x100/0x100 [ 168.531522] ? lockdep_init_map+0x15e/0x810 [ 168.531522] ? rtnl_lock+0x17/0x20 [ 168.531522] ? __might_sleep+0x95/0x1a0 [ 168.531522] ? rtnl_lock+0x17/0x20 [ 168.531522] ? __mutex_lock+0x172/0x1730 [ 168.531522] ? rtnl_lock+0x17/0x20 [ 168.531522] ? rcu_pm_notify+0xc0/0xc0 [ 168.531522] ? lockdep_count_backward_deps+0x470/0x470 [ 168.531522] ? rcu_read_lock_sched_held+0x108/0x120 [ 168.531522] ? __kmalloc+0x404/0x690 [ 168.531522] ? dql_init+0x12/0x2e0 [ 168.531522] ? kzalloc+0x1e/0x30 [ 168.531522] ? alloc_netdev_mqs+0xb59/0xf40 [ 168.531522] ? lockdep_init_map+0x15e/0x810 [ 168.531522] ? lockdep_init_map+0x15e/0x810 [ 168.531522] ? napi_gro_frags+0xb00/0xb00 [ 168.531522] ? register_lock_class+0x1bf0/0x1bf0 [ 168.531522] ? ipip6_tunnel_bind_dev+0x107/0xaa0 [ 168.531522] ? full_name_hash+0x9b/0xe0 [ 168.531522] ? ipip6_netlink_parms+0x690/0x690 [ 168.531522] ? __dev_get_by_name+0xeb/0x130 [ 168.531522] ? dev_valid_name+0x17a/0x1b0 [ 168.531522] ? dev_get_valid_name+0x10e/0x1a0 [ 168.531522] __alloc_percpu_gfp+0x27/0x30 [ 168.531522] ipip6_tunnel_init+0xd2/0x250 [ 168.531522] ? ipip6_tunnel_bind_dev+0xaa0/0xaa0 [ 168.531522] register_netdevice+0x2f1/0xed0 [ 168.531522] ? netdev_change_features+0xc0/0xc0 [ 168.531522] ? rcu_pm_notify+0xc0/0xc0 [ 168.531522] register_netdev+0x1a/0x30 [ 168.531522] sit_init_net+0x391/0xa10 [ 168.531522] ? ipip6_newlink+0x160/0x160 [ 168.531522] ? ipip6_newlink+0x160/0x160 [ 168.531522] ? kasan_unpoison_shadow+0x35/0x50 [ 168.531522] ? kasan_unpoison_shadow+0x35/0x50 [ 168.531522] ? rcu_read_lock_sched_held+0x108/0x120 [ 168.531522] ? __kmalloc+0x404/0x690 [ 168.531522] ? rtnl_unlock+0xe/0x10 [ 168.531522] ? ops_init+0x172/0x530 [ 168.531522] ? ipip6_newlink+0x160/0x160 [ 168.531522] ops_init+0x10a/0x530 [ 168.531522] ? net_alloc_generic+0x70/0x70 [ 168.531522] ? trace_softirqs_off+0x460/0x460 [ 168.531522] setup_net+0x2ed/0x690 [ 168.531522] ? ops_init+0x530/0x530 [ 168.531522] ? rcu_pm_notify+0xc0/0xc0 [ 168.531522] ? kasan_unpoison_shadow+0x35/0x50 [ 168.531522] ? kasan_kmalloc+0xaa/0xd0 [ 168.531522] ? copy_net_ns+0x196/0x530 [ 168.531522] ? rcu_read_lock_sched_held+0x108/0x120 [ 168.531522] ? net_alloc_generic+0x23/0x70 [ 168.531522] copy_net_ns+0x26c/0x530 [ 168.531522] ? cleanup_net+0xa90/0xa90 [ 168.531522] ? do_mount+0x2ec0/0x2ec0 [ 168.531522] ? kmem_cache_alloc+0x3ee/0x680 [ 168.531522] create_new_namespaces+0x409/0x860 [ 168.531522] ? sys_ni_syscall+0x20/0x20 [ 168.531522] ? ns_capable_common+0xcf/0x160 [ 168.531522] unshare_nsproxy_namespaces+0xae/0x1e0 [ 168.531522] SyS_unshare+0x64e/0xfc0 [ 168.531522] ? kcov_ioctl+0x56/0x190 [ 168.531522] ? walk_process_tree+0x400/0x400 [ 168.531522] ? __might_sleep+0x95/0x1a0 [ 168.531522] ? entry_SYSCALL_64_fastpath+0x5/0xc2 [ 168.531522] ? mark_held_locks+0x100/0x100 [ 168.531522] ? selinux_file_ioctl+0x482/0x690 [ 168.531522] ? selinux_capable+0x40/0x40 [ 168.531522] ? trace_hardirqs_on+0xd/0x10 [ 168.531522] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 168.531522] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 168.531522] RIP: 0033:0x44fb29 [ 168.531522] RSP: 002b:00007f2b8be10b58 EFLAGS: 00000212 ORIG_RAX: 0000000000000110 [ 168.531522] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000044fb29 [ 168.531522] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062020200 [ 168.531522] RBP: 0000000062020200 R08: 0000000000000000 R09: 0000000000000000 [ 168.531522] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 168.531522] R13: 0000000000a2fc57 R14: 00007f2b8be119c0 R15: 0000000000000002 [ 169.079750] syz-executor2: vmalloc: allocation failure, allocated 0 of 53248 bytes, mode:0x14080c2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 169.088456] syz-executor2: vmalloc: allocation failure, allocated 0 of 20480 bytes, mode:0x14080c2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null) [ 169.088556] syz-executor2 cpuset=/ mems_allowed=0 [ 169.088767] CPU: 0 PID: 15931 Comm: syz-executor2 Not tainted 4.10.0-rc7-next-20170207 #1 [ 169.088775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.088781] Call Trace: [ 169.088799] dump_stack+0x2ee/0x3ef [ 169.088820] ? arch_local_irq_restore+0x53/0x53 [ 169.088833] ? console_unlock+0x1000/0x1000 [ 169.088847] ? trace_hardirqs_on+0xd/0x10 [ 169.088864] ? _raw_write_unlock_irqrestore+0x200/0x200 [ 169.088880] ? rwlock_bug.part.2+0x90/0x90 [ 169.088918] ? vprintk_func+0x47/0x90 [ 169.088934] ? printk+0xc8/0xf9 [ 169.088969] ? cpuset_print_current_mems_allowed+0x206/0x3c0 [ 169.088983] ? lock_acquire+0x630/0x630 [ 169.089016] ? pr_cont_kernfs_name+0x173/0x1d0 [ 169.089024] ? vprintk_default+0x28/0x30 [ 169.089024] ? vprintk_func+0x47/0x90 [ 169.089024] ? printk+0xc8/0xf9 [ 169.089024] ? load_image_and_restore+0x134/0x134 [ 169.089024] ? rcu_pm_notify+0xc0/0xc0 [ 169.089024] ? cpuset_print_current_mems_allowed+0x22f/0x3c0 [ 169.089024] ? cpuset_mems_allowed_intersects+0x80/0x80 [ 169.089024] ? cpuset_mems_allowed_intersects+0x80/0x80 [ 169.089024] ? vprintk_func+0x47/0x90 [ 169.089024] warn_alloc+0x21f/0x360 [ 169.089024] ? zone_watermark_ok_safe+0x440/0x440 [ 169.089024] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.089024] ? kmem_cache_alloc_node_trace+0x312/0x690 [ 169.089024] ? kasan_kmalloc+0xaa/0xd0 [ 169.089024] __vmalloc_node_range+0x4e9/0x770 [ 169.089024] ? pcpu_mem_zalloc+0x31/0x90 [ 169.089024] vzalloc+0x5b/0x70 [ 169.089024] ? pcpu_mem_zalloc+0x31/0x90 [ 169.089024] pcpu_mem_zalloc+0x31/0x90 [ 169.089024] pcpu_extend_area_map+0xf2/0x300 [ 169.089024] ? pcpu_populate_chunk+0x900/0x900 [ 169.089024] ? pcpu_need_to_extend+0x27e/0x570 [ 169.089024] ? pcpu_schedule_balance_work.part.16+0x50/0x50 [ 169.089024] ? _raw_read_lock_irqsave+0x180/0x180 [ 169.089024] ? trace_hardirqs_on+0xd/0x10 [ 169.089024] pcpu_alloc+0x941/0x1290 [ 169.089024] ? pcpu_balance_workfn+0x1c00/0x1c00 [ 169.089024] ? rmqueue+0xaa1/0x1650 [ 169.089024] ? try_to_wake_up+0x182/0x1350 [ 169.089024] ? rmqueue_pcplist+0xe80/0xe80 [ 169.089024] ? migrate_swap_stop+0xaa0/0xaa0 [ 169.089024] ? lock_set_class+0xc00/0xc00 [ 169.089024] ? __mutex_unlock_slowpath+0x2f1/0xb10 [ 169.089024] ? lock_acquire+0x630/0x630 [ 169.089024] ? lock_acquire+0x630/0x630 [ 169.089024] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? __lock_is_held+0x140/0x140 [ 169.089024] ? debug_mutex_lock_common+0xf0/0xf0 [ 169.089024] ? do_raw_spin_trylock+0x180/0x180 [ 169.089024] ? __lock_is_held+0x140/0x140 [ 169.089024] ? __raw_spin_lock_init+0x1c/0x100 [ 169.089024] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? ___might_sleep+0x4c0/0x650 [ 169.089024] ? can_nice.part.96+0x20/0x20 [ 169.089024] ? _find_next_bit+0x19b/0x210 [ 169.089024] ? kernel_poison_pages+0x1b2/0x3a0 [ 169.089024] ? lockdep_count_backward_deps+0x470/0x470 [ 169.089024] ? unwind_get_return_address+0x18c/0x2b0 [ 169.089024] ? __raw_spin_lock_init+0x1c/0x100 [ 169.089024] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? __unwind_start+0x1cb/0x380 [ 169.089024] ? lockdep_init_map+0x15e/0x810 [ 169.089024] ? lockdep_init_map+0x15e/0x810 [ 169.089024] ? __save_stack_trace+0x7e/0xd0 [ 169.089024] ? register_lock_class+0x1bf0/0x1bf0 [ 169.089024] ? depot_save_stack+0x12c/0x480 [ 169.089024] ? save_stack+0xa3/0xd0 [ 169.089024] __alloc_percpu_gfp+0x27/0x30 [ 169.089024] __percpu_counter_init+0x121/0x3c0 [ 169.089024] ? __percpu_counter_add+0x280/0x280 [ 169.089024] ? __lock_is_held+0x140/0x140 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? rcu_pm_notify+0xc0/0xc0 [ 169.089024] ? register_lock_class+0x1bf0/0x1bf0 [ 169.089024] ? init_timer_key+0x192/0x400 [ 169.089024] ? trace_event_raw_event_timer_start+0x370/0x370 [ 169.089024] ? bdi_init+0x346/0xed0 [ 169.089024] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.089024] fprop_local_init_percpu+0x26/0xa0 [ 169.089024] bdi_init+0x9a2/0xed0 [ 169.089024] ? set_wb_congested+0x40/0x40 [ 169.089024] ? kasan_kmalloc+0xaa/0xd0 [ 169.089024] ? kstrdup+0x39/0x70 [ 169.089024] ? v9fs_session_init+0x109/0x1a00 [ 169.089024] ? v9fs_mount+0x81/0x830 [ 169.089024] ? mount_fs+0x97/0x2e0 [ 169.089024] ? lockdep_init_map+0x15e/0x810 [ 169.089024] ? do_mount+0x426/0x2ec0 [ 169.089024] ? register_lock_class+0x1bf0/0x1bf0 [ 169.089024] ? register_lock_class+0x1bf0/0x1bf0 [ 169.089024] ? __lock_is_held+0x140/0x140 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? unwind_get_return_address+0x18c/0x2b0 [ 169.089024] ? __unwind_start+0x380/0x380 [ 169.089024] ? perf_trace_lock_acquire+0xa00/0xa00 [ 169.089024] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.089024] ? __raw_spin_lock_init+0x2d/0x100 [ 169.089024] ? __init_rwsem+0x118/0x270 [ 169.089024] ? do_raw_write_unlock+0x270/0x270 [ 169.089024] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.089024] ? __kmalloc_track_caller+0x400/0x690 [ 169.089024] bdi_setup_and_register+0x70/0x100 [ 169.089024] v9fs_session_init+0x17b/0x1a00 [ 169.089024] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.089024] ? lock_acquire+0x630/0x630 [ 169.089024] ? trace_softirqs_off+0x460/0x460 [ 169.089024] ? v9fs_inode_init_once+0x30/0x30 [ 169.089024] ? selinux_sb_copy_data+0x493/0x690 [ 169.089024] ? do_raw_spin_trylock+0x180/0x180 [ 169.089024] ? selinux_inode_getsecctx+0x80/0x80 [ 169.089024] ? rcu_pm_notify+0xc0/0xc0 [ 169.089024] ? kasan_unpoison_shadow+0x35/0x50 [ 169.089024] ? kasan_unpoison_shadow+0x35/0x50 [ 169.089024] ? v9fs_mount+0x62/0x830 [ 169.089024] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.089024] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.089024] v9fs_mount+0x81/0x830 [ 169.089024] mount_fs+0x97/0x2e0 [ 169.089024] vfs_kern_mount.part.24+0xc6/0x430 [ 169.089024] ? may_umount+0xb0/0xb0 [ 169.089024] ? _raw_read_unlock+0x22/0x30 [ 169.089024] ? __get_fs_type+0x8a/0xc0 [ 169.089024] do_mount+0x426/0x2ec0 [ 169.089024] ? __lock_is_held+0x140/0x140 [ 169.089024] ? mark_held_locks+0x100/0x100 [ 169.089024] ? get_unused_fd_flags+0x1a0/0x1a0 [ 169.089024] ? copy_mount_string+0x40/0x40 [ 169.089024] ? rcu_pm_notify+0xc0/0xc0 [ 169.089024] ? kasan_unpoison_shadow+0x35/0x50 [ 169.089024] ? copy_mount_options+0x5f/0x310 [ 169.089024] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.089024] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.089024] ? copy_mount_options+0x1f4/0x310 [ 169.089024] SyS_mount+0xab/0x120 [ 169.089024] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.089024] RIP: 0033:0x44fb29 [ 169.089024] RSP: 002b:00007ff345fc0b58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 [ 169.089024] RAX: ffffffffffffffda RBX: 000000002003effa RCX: 000000000044fb29 [ 169.089024] RDX: 0000000020063000 RSI: 000000002003effa RDI: 0000000020037000 [ 169.089024] RBP: 0000000020037000 R08: 0000000020039000 R09: 0000000000000000 [ 169.089024] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 169.089024] R13: 0000000000a2fc57 R14: 00007ff345fc19c0 R15: 000000000000003c [ 169.105496] percpu: allocation failed, size=4 align=4 atomic=0, failed to extend area map [ 169.105507] CPU: 0 PID: 15931 Comm: syz-executor2 Not tainted 4.10.0-rc7-next-20170207 #1 [ 169.105514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.105518] Call Trace: [ 169.105530] dump_stack+0x2ee/0x3ef [ 169.105546] ? arch_local_irq_restore+0x53/0x53 [ 169.105569] ? vprintk_emit+0x566/0x770 [ 169.105594] ? console_unlock+0x1000/0x1000 [ 169.105608] ? __vunmap+0x251/0x300 [ 169.105621] ? trace_hardirqs_on+0xd/0x10 [ 169.105639] ? __vunmap+0x203/0x300 [ 169.105660] ? vfree+0x55/0xe0 [ 169.105675] ? __vmalloc_node_range+0x519/0x770 [ 169.105686] ? pcpu_mem_zalloc+0x31/0x90 [ 169.105719] ? vzalloc+0x5b/0x70 [ 169.105731] ? pcpu_mem_zalloc+0x31/0x90 [ 169.105743] ? pcpu_mem_zalloc+0x39/0x90 [ 169.105755] ? pcpu_extend_area_map+0x1e2/0x300 [ 169.105779] ? vprintk_default+0x28/0x30 [ 169.105791] ? vprintk_func+0x47/0x90 [ 169.105803] ? printk+0xc8/0xf9 [ 169.105815] ? load_image_and_restore+0x134/0x134 [ 169.105823] ? _raw_read_lock_irqsave+0x180/0x180 [ 169.105857] ? trace_hardirqs_on+0xd/0x10 [ 169.105881] pcpu_alloc+0x1185/0x1290 [ 169.105913] ? pcpu_balance_workfn+0x1c00/0x1c00 [ 169.105944] ? rmqueue+0xaa1/0x1650 [ 169.105967] ? try_to_wake_up+0x182/0x1350 [ 169.105989] ? rmqueue_pcplist+0xe80/0xe80 [ 169.106007] ? migrate_swap_stop+0xaa0/0xaa0 [ 169.106041] ? lock_set_class+0xc00/0xc00 [ 169.106041] ? __mutex_unlock_slowpath+0x2f1/0xb10 [ 169.106041] ? lock_acquire+0x630/0x630 [ 169.106041] ? lock_acquire+0x630/0x630 [ 169.106041] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? __lock_is_held+0x140/0x140 [ 169.106041] ? debug_mutex_lock_common+0xf0/0xf0 [ 169.106041] ? do_raw_spin_trylock+0x180/0x180 [ 169.106041] ? __lock_is_held+0x140/0x140 [ 169.106041] ? __raw_spin_lock_init+0x1c/0x100 [ 169.106041] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? ___might_sleep+0x4c0/0x650 [ 169.106041] ? can_nice.part.96+0x20/0x20 [ 169.106041] ? _find_next_bit+0x19b/0x210 [ 169.106041] ? kernel_poison_pages+0x1b2/0x3a0 [ 169.106041] ? lockdep_count_backward_deps+0x470/0x470 [ 169.106041] ? unwind_get_return_address+0x18c/0x2b0 [ 169.106041] ? __raw_spin_lock_init+0x1c/0x100 [ 169.106041] ? trace_hardirqs_on_caller+0x545/0x6f0 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? __unwind_start+0x1cb/0x380 [ 169.106041] ? lockdep_init_map+0x15e/0x810 [ 169.106041] ? lockdep_init_map+0x15e/0x810 [ 169.106041] ? __save_stack_trace+0x7e/0xd0 [ 169.106041] ? register_lock_class+0x1bf0/0x1bf0 [ 169.106041] ? depot_save_stack+0x12c/0x480 [ 169.106041] ? save_stack+0xa3/0xd0 [ 169.106041] __alloc_percpu_gfp+0x27/0x30 [ 169.106041] __percpu_counter_init+0x121/0x3c0 [ 169.106041] ? __percpu_counter_add+0x280/0x280 [ 169.106041] ? __lock_is_held+0x140/0x140 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? rcu_pm_notify+0xc0/0xc0 [ 169.106041] ? register_lock_class+0x1bf0/0x1bf0 [ 169.106041] ? init_timer_key+0x192/0x400 [ 169.106041] ? trace_event_raw_event_timer_start+0x370/0x370 [ 169.106041] ? bdi_init+0x346/0xed0 [ 169.106041] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.106041] fprop_local_init_percpu+0x26/0xa0 [ 169.106041] bdi_init+0x9a2/0xed0 [ 169.106041] ? set_wb_congested+0x40/0x40 [ 169.106041] ? kasan_kmalloc+0xaa/0xd0 [ 169.106041] ? kstrdup+0x39/0x70 [ 169.106041] ? v9fs_session_init+0x109/0x1a00 [ 169.106041] ? v9fs_mount+0x81/0x830 [ 169.106041] ? mount_fs+0x97/0x2e0 [ 169.106041] ? lockdep_init_map+0x15e/0x810 [ 169.106041] ? do_mount+0x426/0x2ec0 [ 169.106041] ? register_lock_class+0x1bf0/0x1bf0 [ 169.106041] ? register_lock_class+0x1bf0/0x1bf0 [ 169.106041] ? __lock_is_held+0x140/0x140 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? unwind_get_return_address+0x18c/0x2b0 [ 169.106041] ? __unwind_start+0x380/0x380 [ 169.106041] ? perf_trace_lock_acquire+0xa00/0xa00 [ 169.106041] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.106041] ? __raw_spin_lock_init+0x2d/0x100 [ 169.106041] ? __init_rwsem+0x118/0x270 [ 169.106041] ? do_raw_write_unlock+0x270/0x270 [ 169.106041] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.106041] ? __kmalloc_track_caller+0x400/0x690 [ 169.106041] bdi_setup_and_register+0x70/0x100 [ 169.106041] v9fs_session_init+0x17b/0x1a00 [ 169.106041] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.106041] ? lock_acquire+0x630/0x630 [ 169.106041] ? trace_softirqs_off+0x460/0x460 [ 169.106041] ? v9fs_inode_init_once+0x30/0x30 [ 169.106041] ? selinux_sb_copy_data+0x493/0x690 [ 169.106041] ? do_raw_spin_trylock+0x180/0x180 [ 169.106041] ? selinux_inode_getsecctx+0x80/0x80 [ 169.106041] ? rcu_pm_notify+0xc0/0xc0 [ 169.106041] ? kasan_unpoison_shadow+0x35/0x50 [ 169.106041] ? kasan_unpoison_shadow+0x35/0x50 [ 169.106041] ? v9fs_mount+0x62/0x830 [ 169.106041] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.106041] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.106041] v9fs_mount+0x81/0x830 [ 169.106041] mount_fs+0x97/0x2e0 [ 169.106041] vfs_kern_mount.part.24+0xc6/0x430 [ 169.106041] ? may_umount+0xb0/0xb0 [ 169.106041] ? _raw_read_unlock+0x22/0x30 [ 169.106041] ? __get_fs_type+0x8a/0xc0 [ 169.106041] do_mount+0x426/0x2ec0 [ 169.106041] ? __lock_is_held+0x140/0x140 [ 169.106041] ? mark_held_locks+0x100/0x100 [ 169.106041] ? get_unused_fd_flags+0x1a0/0x1a0 [ 169.106041] ? copy_mount_string+0x40/0x40 [ 169.106041] ? rcu_pm_notify+0xc0/0xc0 [ 169.106041] ? kasan_unpoison_shadow+0x35/0x50 [ 169.106041] ? copy_mount_options+0x5f/0x310 [ 169.106041] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.106041] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.106041] ? copy_mount_options+0x1f4/0x310 [ 169.106041] SyS_mount+0xab/0x120 [ 169.106041] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.106041] RIP: 0033:0x44fb29 [ 169.106041] RSP: 002b:00007ff345fc0b58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 [ 169.106041] RAX: ffffffffffffffda RBX: 000000002003effa RCX: 000000000044fb29 [ 169.106041] RDX: 0000000020063000 RSI: 000000002003effa RDI: 0000000020037000 [ 169.106041] RBP: 0000000020037000 R08: 0000000020039000 R09: 0000000000000000 [ 169.106041] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 169.106041] R13: 0000000000a2fc57 R14: 00007ff345fc19c0 R15: 000000000000003c [ 169.107786] ================================================================== [ 169.107796] BUG: Double free or freeing an invalid pointer [ 169.107800] Unexpected shadow byte: 0xFB [ 169.107809] CPU: 0 PID: 15931 Comm: syz-executor2 Not tainted 4.10.0-rc7-next-20170207 #1 [ 169.107815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.107818] Call Trace: [ 169.107841] dump_stack+0x2ee/0x3ef [ 169.107856] ? arch_local_irq_restore+0x53/0x53 [ 169.107881] ? vprintk_emit+0x566/0x770 [ 169.107903] ? console_unlock+0x1000/0x1000 [ 169.107917] ? lock_set_class+0xc00/0xc00 [ 169.107926] ? depot_save_stack+0x1c2/0x480 [ 169.107936] ? _raw_read_lock_irqsave+0x180/0x180 [ 169.107949] ? __unwind_start+0x1cb/0x380 [ 169.107969] ? __save_stack_trace+0x7e/0xd0 [ 169.107990] ? check_noncircular+0x20/0x20 [ 169.108001] ? debug_check_no_locks_freed+0x3ea/0x5c0 [ 169.108015] ? bdi_init+0xc07/0xed0 [ 169.108030] ? lockdep_count_backward_deps+0x470/0x470 [ 169.108038] ? save_stack_trace+0x16/0x20 [ 169.108045] ? save_stack+0x43/0xd0 [ 169.108053] ? kasan_slab_free+0x6f/0xb0 [ 169.108059] ? kfree+0xd3/0x250 [ 169.108067] ? bdi_init+0xc07/0xed0 [ 169.108077] ? rwlock_bug.part.2+0x90/0x90 [ 169.108085] ? mount_fs+0x97/0x2e0 [ 169.108094] ? do_mount+0x426/0x2ec0 [ 169.108101] ? SyS_mount+0xab/0x120 [ 169.108109] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.108133] ? vprintk_default+0x28/0x30 [ 169.108144] ? vprintk_func+0x47/0x90 [ 169.108155] ? printk+0xc8/0xf9 [ 169.108165] ? load_image_and_restore+0x134/0x134 [ 169.108204] ? bdi_init+0xbf5/0xed0 [ 169.108214] kasan_object_err+0x1c/0x70 [ 169.108228] kasan_report_double_free+0x44/0x60 [ 169.108242] kasan_slab_free+0x99/0xb0 [ 169.108254] kfree+0xd3/0x250 [ 169.108288] bdi_init+0xbf5/0xed0 [ 169.108310] ? set_wb_congested+0x40/0x40 [ 169.108318] ? kasan_kmalloc+0xaa/0xd0 [ 169.108326] ? kstrdup+0x39/0x70 [ 169.108350] ? v9fs_session_init+0x109/0x1a00 [ 169.108358] ? v9fs_mount+0x81/0x830 [ 169.108367] ? mount_fs+0x97/0x2e0 [ 169.108376] ? lockdep_init_map+0x15e/0x810 [ 169.108385] ? do_mount+0x426/0x2ec0 [ 169.108398] ? register_lock_class+0x1bf0/0x1bf0 [ 169.108414] ? register_lock_class+0x1bf0/0x1bf0 [ 169.108439] ? __lock_is_held+0x140/0x140 [ 169.108449] ? mark_held_locks+0x100/0x100 [ 169.108465] ? unwind_get_return_address+0x18c/0x2b0 [ 169.108476] ? __unwind_start+0x380/0x380 [ 169.108486] ? perf_trace_lock_acquire+0xa00/0xa00 [ 169.108495] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.108517] ? __raw_spin_lock_init+0x2d/0x100 [ 169.108531] ? __init_rwsem+0x118/0x270 [ 169.108544] ? do_raw_write_unlock+0x270/0x270 [ 169.108563] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.108576] ? __kmalloc_track_caller+0x400/0x690 [ 169.108604] bdi_setup_and_register+0x70/0x100 [ 169.108619] v9fs_session_init+0x17b/0x1a00 [ 169.108629] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.108658] ? lock_acquire+0x630/0x630 [ 169.108670] ? trace_softirqs_off+0x460/0x460 [ 169.108696] ? v9fs_inode_init_once+0x30/0x30 [ 169.108696] ? selinux_sb_copy_data+0x493/0x690 [ 169.108696] ? do_raw_spin_trylock+0x180/0x180 [ 169.108696] ? selinux_inode_getsecctx+0x80/0x80 [ 169.108696] ? rcu_pm_notify+0xc0/0xc0 [ 169.108696] ? kasan_unpoison_shadow+0x35/0x50 [ 169.108696] ? kasan_unpoison_shadow+0x35/0x50 [ 169.108696] ? v9fs_mount+0x62/0x830 [ 169.108696] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.108696] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.108696] v9fs_mount+0x81/0x830 [ 169.108696] mount_fs+0x97/0x2e0 [ 169.108696] vfs_kern_mount.part.24+0xc6/0x430 [ 169.108696] ? may_umount+0xb0/0xb0 [ 169.108696] ? _raw_read_unlock+0x22/0x30 [ 169.108696] ? __get_fs_type+0x8a/0xc0 [ 169.108696] do_mount+0x426/0x2ec0 [ 169.108696] ? __lock_is_held+0x140/0x140 [ 169.108696] ? mark_held_locks+0x100/0x100 [ 169.108696] ? get_unused_fd_flags+0x1a0/0x1a0 [ 169.108696] ? copy_mount_string+0x40/0x40 [ 169.108696] ? rcu_pm_notify+0xc0/0xc0 [ 169.108696] ? kasan_unpoison_shadow+0x35/0x50 [ 169.108696] ? copy_mount_options+0x5f/0x310 [ 169.108696] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.108696] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.108696] ? copy_mount_options+0x1f4/0x310 [ 169.108696] SyS_mount+0xab/0x120 [ 169.108696] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.108696] RIP: 0033:0x44fb29 [ 169.108696] RSP: 002b:00007ff345fc0b58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 [ 169.108696] RAX: ffffffffffffffda RBX: 000000002003effa RCX: 000000000044fb29 [ 169.108696] RDX: 0000000020063000 RSI: 000000002003effa RDI: 0000000020037000 [ 169.108696] RBP: 0000000020037000 R08: 0000000020039000 R09: 0000000000000000 [ 169.108696] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 169.108696] R13: 0000000000a2fc57 R14: 00007ff345fc19c0 R15: 000000000000003c [ 169.109274] Object at ffff8801d1c30340, in cache kmalloc-32 size: 32 [ 169.109274] Allocated: [ 169.109274] PID = 15931 [ 169.109274] [ 169.109274] [<ffffffff812a08a6>] save_stack_trace+0x16/0x20 [ 169.109274] [ 169.109274] [<ffffffff81a378e3>] save_stack+0x43/0xd0 [ 169.109274] [ 169.109274] [<ffffffff81a37b6a>] kasan_kmalloc+0xaa/0xd0 [ 169.109274] [ 169.109274] [<ffffffff81a343fb>] kmem_cache_alloc_trace+0x10b/0x670 [ 169.109274] [ 169.109274] [<ffffffff8193e1d6>] bdi_init+0x346/0xed0 [ 169.109274] [ 169.109274] [<ffffffff8193f5e0>] bdi_setup_and_register+0x70/0x100 [ 169.109274] [ 169.109274] [<ffffffff8209815b>] v9fs_session_init+0x17b/0x1a00 [ 169.109274] [ 169.109274] [<ffffffff82086101>] v9fs_mount+0x81/0x830 [ 169.109274] [ 169.109274] [<ffffffff81a92ff7>] mount_fs+0x97/0x2e0 [ 169.109274] [ 169.109274] [<ffffffff81b0c036>] vfs_kern_mount.part.24+0xc6/0x430 [ 169.109274] [ 169.109274] [<ffffffff81b16c56>] do_mount+0x426/0x2ec0 [ 169.109274] [ 169.109274] [<ffffffff81b1a23b>] SyS_mount+0xab/0x120 [ 169.109274] [ 169.109274] [<ffffffff844ca541>] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.109274] Freed: [ 169.109274] PID = 15931 [ 169.109274] [ 169.109274] [<ffffffff812a08a6>] save_stack_trace+0x16/0x20 [ 169.109274] [ 169.109274] [<ffffffff81a378e3>] save_stack+0x43/0xd0 [ 169.109274] [ 169.109274] [<ffffffff81a381df>] kasan_slab_free+0x6f/0xb0 [ 169.109274] [ 169.109274] [<ffffffff81a360d3>] kfree+0xd3/0x250 [ 169.109274] [ 169.109274] [<ffffffff8193ea97>] bdi_init+0xc07/0xed0 [ 169.109274] [ 169.109274] [<ffffffff8193f5e0>] bdi_setup_and_register+0x70/0x100 [ 169.109274] [ 169.109274] [<ffffffff8209815b>] v9fs_session_init+0x17b/0x1a00 [ 169.109274] [ 169.109274] [<ffffffff82086101>] v9fs_mount+0x81/0x830 [ 169.109274] [ 169.109274] [<ffffffff81a92ff7>] mount_fs+0x97/0x2e0 [ 169.109274] [ 169.109274] [<ffffffff81b0c036>] vfs_kern_mount.part.24+0xc6/0x430 [ 169.109274] [ 169.109274] [<ffffffff81b16c56>] do_mount+0x426/0x2ec0 [ 169.109274] [ 169.109274] [<ffffffff81b1a23b>] SyS_mount+0xab/0x120 [ 169.109274] [ 169.109274] [<ffffffff844ca541>] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.109274] ================================================================== [ 169.109274] Disabling lock debugging due to kernel taint [ 169.109274] Kernel panic - not syncing: panic_on_warn set ... [ 169.109274] [ 169.109274] CPU: 0 PID: 15931 Comm: syz-executor2 Tainted: G B 4.10.0-rc7-next-20170207 #1 [ 169.109274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 169.109274] Call Trace: [ 169.109274] dump_stack+0x2ee/0x3ef [ 169.109274] ? arch_local_irq_restore+0x53/0x53 [ 169.109274] ? vprintk_emit+0x566/0x770 [ 169.109274] ? console_unlock+0x1000/0x1000 [ 169.109274] ? vprintk_emit+0x566/0x770 [ 169.109274] ? kasan_end_report+0x32/0x60 [ 169.109274] ? lock_acquire+0x630/0x630 [ 169.109274] ? console_unlock+0x1000/0x1000 [ 169.109274] ? console_unlock+0x1000/0x1000 [ 169.109274] ? console_unlock+0x1000/0x1000 [ 169.109274] ? check_noncircular+0x20/0x20 [ 169.109274] ? lock_set_class+0xc00/0xc00 [ 169.109274] ? depot_save_stack+0x1c2/0x480 [ 169.109274] ? _raw_read_lock_irqsave+0x180/0x180 [ 169.109274] ? __unwind_start+0x1cb/0x380 [ 169.109274] ? do_raw_spin_trylock+0x180/0x180 [ 169.109274] ? __save_stack_trace+0x7e/0xd0 [ 169.109274] ? check_noncircular+0x20/0x20 [ 169.109274] ? vprintk_default+0x28/0x30 [ 169.109274] ? vprintk_func+0x47/0x90 [ 169.109274] ? printk+0xc8/0xf9 [ 169.109274] ? load_image_and_restore+0x134/0x134 [ 169.109274] ? pointer+0xac0/0xac0 [ 169.109274] ? vprintk_default+0x28/0x30 [ 169.109274] panic+0x1fb/0x412 [ 169.109274] ? percpu_up_read_preempt_enable.constprop.46+0xae/0xae [ 169.109274] ? add_taint+0x40/0x50 [ 169.109274] ? bdi_init+0xbf5/0xed0 [ 169.109274] kasan_end_report+0x5b/0x60 [ 169.109274] kasan_report_double_free+0x4d/0x60 [ 169.109274] kasan_slab_free+0x99/0xb0 [ 169.109274] kfree+0xd3/0x250 [ 169.109274] bdi_init+0xbf5/0xed0 [ 169.109274] ? set_wb_congested+0x40/0x40 [ 169.109274] ? kasan_kmalloc+0xaa/0xd0 [ 169.109274] ? kstrdup+0x39/0x70 [ 169.109274] ? v9fs_session_init+0x109/0x1a00 [ 169.109274] ? v9fs_mount+0x81/0x830 [ 169.109274] ? mount_fs+0x97/0x2e0 [ 169.109274] ? lockdep_init_map+0x15e/0x810 [ 169.109274] ? do_mount+0x426/0x2ec0 [ 169.109274] ? register_lock_class+0x1bf0/0x1bf0 [ 169.109274] ? register_lock_class+0x1bf0/0x1bf0 [ 169.109274] ? __lock_is_held+0x140/0x140 [ 169.109274] ? mark_held_locks+0x100/0x100 [ 169.109274] ? unwind_get_return_address+0x18c/0x2b0 [ 169.109274] ? __unwind_start+0x380/0x380 [ 169.109274] ? perf_trace_lock_acquire+0xa00/0xa00 [ 169.109274] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.109274] ? __raw_spin_lock_init+0x2d/0x100 [ 169.109274] ? __init_rwsem+0x118/0x270 [ 169.109274] ? do_raw_write_unlock+0x270/0x270 [ 169.109274] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.109274] ? __kmalloc_track_caller+0x400/0x690 [ 169.109274] bdi_setup_and_register+0x70/0x100 [ 169.109274] v9fs_session_init+0x17b/0x1a00 [ 169.109274] ? entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.109274] ? lock_acquire+0x630/0x630 [ 169.109274] ? trace_softirqs_off+0x460/0x460 [ 169.109274] ? v9fs_inode_init_once+0x30/0x30 [ 169.109274] ? selinux_sb_copy_data+0x493/0x690 [ 169.109274] ? do_raw_spin_trylock+0x180/0x180 [ 169.109274] ? selinux_inode_getsecctx+0x80/0x80 [ 169.109274] ? rcu_pm_notify+0xc0/0xc0 [ 169.109274] ? kasan_unpoison_shadow+0x35/0x50 [ 169.109274] ? kasan_unpoison_shadow+0x35/0x50 [ 169.109274] ? v9fs_mount+0x62/0x830 [ 169.109274] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.109274] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.109274] v9fs_mount+0x81/0x830 [ 169.109274] mount_fs+0x97/0x2e0 [ 169.109274] vfs_kern_mount.part.24+0xc6/0x430 [ 169.109274] ? may_umount+0xb0/0xb0 [ 169.109274] ? _raw_read_unlock+0x22/0x30 [ 169.109274] ? __get_fs_type+0x8a/0xc0 [ 169.109274] do_mount+0x426/0x2ec0 [ 169.109274] ? __lock_is_held+0x140/0x140 [ 169.109274] ? mark_held_locks+0x100/0x100 [ 169.109274] ? get_unused_fd_flags+0x1a0/0x1a0 [ 169.109274] ? copy_mount_string+0x40/0x40 [ 169.109274] ? rcu_pm_notify+0xc0/0xc0 [ 169.109274] ? kasan_unpoison_shadow+0x35/0x50 [ 169.109274] ? copy_mount_options+0x5f/0x310 [ 169.109274] ? rcu_read_lock_sched_held+0x108/0x120 [ 169.109274] ? kmem_cache_alloc_trace+0x3ea/0x670 [ 169.109274] ? copy_mount_options+0x1f4/0x310 [ 169.109274] SyS_mount+0xab/0x120 [ 169.109274] entry_SYSCALL_64_fastpath+0x1f/0xc2 [ 169.109274] RIP: 0033:0x44fb29 [ 169.109274] RSP: 002b:00007ff345fc0b58 EFLAGS: 00000212 ORIG_RAX: 00000000000000a5 [ 169.109274] RAX: ffffffffffffffda RBX: 000000002003effa RCX: 000000000044fb29 [ 169.109274] RDX: 0000000020063000 RSI: 000000002003effa RDI: 0000000020037000 [ 169.109274] RBP: 0000000020037000 R08: 0000000020039000 R09: 0000000000000000 [ 169.109274] R10: 0000000000000000 R11: 0000000000000212 R12: 0000000000708150 [ 169.109274] R13: 0000000000a2fc57 R14: 00007ff345fc19c0 R15: 000000000000003c [ 169.109274] Dumping ftrace buffer: [ 169.109274] (ftrace buffer empty) [ 169.109274] Kernel Offset: disabled [ 169.109274] Rebooting in 86400 seconds..