possible deadlock in vprintk

Kernel	Title	Repro	Fix bisect	Count	Last	Reported	Patched	Status
android-414	possible deadlock in vprintk_emit			5	2063d	2049d	0/1	auto-closed as invalid on 2019/09/26 04:13
android-414	possible deadlock in vprintk_emit (2)			1	1858d	1858d	0/1	auto-closed as invalid on 2020/02/18 18:06
upstream	possible deadlock in vprintk_emit serial	C		1433	1759d	2358d	0/28	closed as dup on 2018/06/08 07:50
linux-4.14	possible deadlock in vprintk_emit	C	inconclusive	280	1637d	2046d	0/1	upstream: reported C repro on 2019/04/16 05:43

android-414

possible deadlock in vprintk_emit

2063d

2049d

0/1

auto-closed as invalid on 2019/09/26 04:13

android-414

possible deadlock in vprintk_emit (2)

1858d

0/1

auto-closed as invalid on 2020/02/18 18:06

upstream

possible deadlock in vprintk_emit serial

1433

1759d

2358d

0/28

closed as dup on 2018/06/08 07:50

linux-4.14

possible deadlock in vprintk_emit

inconclusive

280

1637d

2046d

0/1

upstream: reported C repro on 2019/04/16 05:43


Created	Duration	User	Repo	Result
2021/10/23 10:00	14m	bisect fix	linux-4.19.y	error job log
2021/09/22 21:49	26m	bisect fix	linux-4.19.y	OK (0) job log log
2021/08/23 18:36	31m	bisect fix	linux-4.19.y	OK (0) job log log
2021/07/24 18:09	26m	bisect fix	linux-4.19.y	OK (0) job log log
2021/06/24 17:45	23m	bisect fix	linux-4.19.y	OK (0) job log log
2021/05/25 12:48	28m	bisect fix	linux-4.19.y	OK (0) job log log
2021/04/25 11:34	28m	bisect fix	linux-4.19.y	OK (0) job log log
2021/03/26 04:41	22m	bisect fix	linux-4.19.y	OK (0) job log log
2021/02/24 03:43	24m	bisect fix	linux-4.19.y	OK (0) job log log
2021/01/24 03:00	24m	bisect fix	linux-4.19.y	OK (0) job log log
2020/12/25 02:27	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/11/25 02:00	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/10/26 01:23	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/09/25 22:54	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/08/26 21:35	28m	bisect fix	linux-4.19.y	OK (0) job log log
2020/07/27 21:09	25m	bisect fix	linux-4.19.y	OK (0) job log log
2020/06/27 20:32	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/05/28 14:39	24m	bisect fix	linux-4.19.y	OK (0) job log log
2020/04/28 13:51	25m	bisect fix	linux-4.19.y	OK (0) job log log
2020/03/29 13:27	23m	bisect fix	linux-4.19.y	OK (0) job log log
2020/02/28 12:25	27m	bisect fix	linux-4.19.y	OK (0) job log log

RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7588 Comm: syz-executor157 Not tainted 4.19.34 #2 ====================================================== WARNING: possible circular locking dependency detected 4.19.34 #2 Not tainted ------------------------------------------------------ syz-executor157/7587 is trying to acquire lock: 00000000a9fa66c1 (console_owner){-...}, at: console_trylock_spinning kernel/printk/printk.c:1662 [inline] 00000000a9fa66c1 (console_owner){-...}, at: vprintk_emit+0x348/0x690 kernel/printk/printk.c:1926 but task is already holding lock: 000000002394c496 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 drivers/tty/pty.c:119 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #2 (&(&port->lock)->rlock){-.-.}: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x95/0xcd kernel/locking/spinlock.c:152 tty_port_tty_get+0x22/0x80 drivers/tty/tty_port.c:288 tty_port_default_wakeup+0x16/0x40 drivers/tty/tty_port.c:47 tty_port_tty_wakeup+0x5d/0x70 drivers/tty/tty_port.c:390 uart_write_wakeup+0x46/0x70 drivers/tty/serial/serial_core.c:103 serial8250_tx_chars+0x4a4/0xb20 drivers/tty/serial/8250/8250_port.c:1806 serial8250_handle_irq.part.0+0x1e2/0x270 drivers/tty/serial/8250/8250_port.c:1879 serial8250_handle_irq drivers/tty/serial/8250/8250_port.c:1865 [inline] serial8250_default_handle_irq+0xc5/0x150 drivers/tty/serial/8250/8250_port.c:1895 serial8250_interrupt+0x102/0x1e0 drivers/tty/serial/8250/8250_core.c:125 __handle_irq_event_percpu+0x146/0x900 kernel/irq/handle.c:149 handle_irq_event_percpu+0x74/0x160 kernel/irq/handle.c:189 handle_irq_event+0xa7/0x134 kernel/irq/handle.c:206 handle_edge_irq+0x264/0x8e0 kernel/irq/chip.c:791 generic_handle_irq_desc include/linux/irqdesc.h:155 [inline] handle_irq+0x252/0x3d8 arch/x86/kernel/irq_64.c:78 do_IRQ+0x99/0x1d0 arch/x86/kernel/irq.c:246 ret_from_intr+0x0/0x1e arch_local_irq_restore arch/x86/include/asm/paravirt.h:788 [inline] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline] _raw_spin_unlock_irqrestore+0x95/0xe0 kernel/locking/spinlock.c:184 spin_unlock_irqrestore include/linux/spinlock.h:384 [inline] uart_write+0x3a9/0x6f0 drivers/tty/serial/serial_core.c:615 process_output_block drivers/tty/n_tty.c:593 [inline] n_tty_write+0x3ff/0x1100 drivers/tty/n_tty.c:2331 do_tty_write drivers/tty/tty_io.c:958 [inline] tty_write+0x45b/0x7a0 drivers/tty/tty_io.c:1042 redirected_tty_write+0xb2/0xc0 drivers/tty/tty_io.c:1063 __vfs_write+0x116/0x820 fs/read_write.c:485 vfs_write+0x20c/0x560 fs/read_write.c:549 ksys_write+0xea/0x1f0 fs/read_write.c:598 __do_sys_write fs/read_write.c:610 [inline] __se_sys_write fs/read_write.c:607 [inline] __x64_sys_write+0x73/0xb0 fs/read_write.c:607 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe -> #1 (&port_lock_key){-.-.}: __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] _raw_spin_lock_irqsave+0x95/0xcd kernel/locking/spinlock.c:152 serial8250_console_write+0x7ed/0xa10 drivers/tty/serial/8250/8250_port.c:3247 univ8250_console_write+0x5f/0x70 drivers/tty/serial/8250/8250_core.c:590 call_console_drivers kernel/printk/printk.c:1729 [inline] console_unlock+0xbbe/0x1080 kernel/printk/printk.c:2410 vprintk_emit+0x238/0x690 kernel/printk/printk.c:1927 vprintk_default+0x28/0x30 kernel/printk/printk.c:1968 vprintk_func+0x7e/0x189 kernel/printk/printk_safe.c:398 printk+0xba/0xed kernel/printk/printk.c:2001 register_console+0x787/0xb90 kernel/printk/printk.c:2725 univ8250_console_init+0x3e/0x4b drivers/tty/serial/8250/8250_core.c:685 console_init+0x4f7/0x761 kernel/printk/printk.c:2811 start_kernel+0x59f/0x8c8 init/main.c:661 x86_64_start_reservations+0x29/0x2b arch/x86/kernel/head64.c:470 x86_64_start_kernel+0x77/0x7b arch/x86/kernel/head64.c:451 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:243 -> #0 (console_owner){-...}: lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903 console_trylock_spinning kernel/printk/printk.c:1683 [inline] vprintk_emit+0x385/0x690 kernel/printk/printk.c:1926 vprintk_default+0x28/0x30 kernel/printk/printk.c:1968 vprintk_func+0x7e/0x189 kernel/printk/printk_safe.c:398 printk+0xba/0xed kernel/printk/printk.c:2001 fail_dump lib/fault-inject.c:44 [inline] should_fail+0x6f1/0x85c lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe other info that might help us debug this: Chain exists of: console_owner --> &port_lock_key --> &(&port->lock)->rlock Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(&(&port->lock)->rlock); lock(&port_lock_key); lock(&(&port->lock)->rlock); lock(console_owner); *** DEADLOCK *** 4 locks held by syz-executor157/7587: #0: 000000008b9fa4f5 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x33/0x40 drivers/tty/tty_ldsem.c:363 #1: 00000000a1f57881 (&o_tty->termios_rwsem/1){++++}, at: n_tty_receive_buf_common+0x89/0x2900 drivers/tty/n_tty.c:1703 #2: 00000000f4ef20cd (&ldata->output_lock){+.+.}, at: flush_echoes drivers/tty/n_tty.c:825 [inline] #2: 00000000f4ef20cd (&ldata->output_lock){+.+.}, at: __receive_buf drivers/tty/n_tty.c:1646 [inline] #2: 00000000f4ef20cd (&ldata->output_lock){+.+.}, at: n_tty_receive_buf_common+0xb99/0x2900 drivers/tty/n_tty.c:1740 #3: 000000002394c496 (&(&port->lock)->rlock){-.-.}, at: pty_write+0xff/0x200 drivers/tty/pty.c:119 stack backtrace: CPU: 0 PID: 7587 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 print_circular_bug.isra.0.cold+0x1cc/0x28f kernel/locking/lockdep.c:1221 check_prev_add kernel/locking/lockdep.c:1861 [inline] check_prevs_add kernel/locking/lockdep.c:1974 [inline] validate_chain kernel/locking/lockdep.c:2415 [inline] __lock_acquire+0x2e6d/0x48f0 kernel/locking/lockdep.c:3411 lock_acquire+0x16f/0x3f0 kernel/locking/lockdep.c:3903 console_trylock_spinning kernel/printk/printk.c:1683 [inline] vprintk_emit+0x385/0x690 kernel/printk/printk.c:1926 vprintk_default+0x28/0x30 kernel/printk/printk.c:1968 vprintk_func+0x7e/0x189 kernel/printk/printk_safe.c:398 printk+0xba/0xed kernel/printk/printk.c:2001 fail_dump lib/fault-inject.c:44 [inline] should_fail+0x6f1/0x85c lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7586 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7589 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7591 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7592 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7590 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7593 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7595 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7594 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7596 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7597 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7598 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7599 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7600 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7601 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7602 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7604 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7608 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7605 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7609 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7606 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7610 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7611 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7613 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7612 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7614 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7616 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7615 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7617 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7618 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7619 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7621 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7622 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688 ksys_ioctl+0xab/0xd0 fs/ioctl.c:705 __do_sys_ioctl fs/ioctl.c:712 [inline] __se_sys_ioctl fs/ioctl.c:710 [inline] __x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x441419 Code: e8 8c e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffc99556e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441419 RDX: 0000000020000040 RSI: 0000000000005412 RDI: 0000000000000004 RBP: 00007ffc99556e40 R08: 0000000000000001 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: ffffffffffffffff R13: 0000000000000005 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7620 Comm: syz-executor157 Not tainted 4.19.34 #2 FAULT_INJECTION: forcing a failure. name fail_page_alloc, interval 1, probability 0, space 0, times 0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 1 PID: 7623 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 should_fail_alloc_page mm/page_alloc.c:3078 [inline] prepare_alloc_pages mm/page_alloc.c:4336 [inline] __alloc_pages_nodemask+0x1ee/0x760 mm/page_alloc.c:4383 alloc_pages_current+0x107/0x210 mm/mempolicy.c:2147 alloc_pages include/linux/gfp.h:509 [inline] __get_free_pages+0xc/0x40 mm/page_alloc.c:4433 tlb_next_batch mm/memory.c:204 [inline] __tlb_remove_page_size+0x2ee/0x510 mm/memory.c:306 __tlb_remove_page include/asm-generic/tlb.h:161 [inline] zap_pte_range mm/memory.c:1341 [inline] zap_pmd_range mm/memory.c:1440 [inline] zap_pud_range mm/memory.c:1469 [inline] zap_p4d_range mm/memory.c:1490 [inline] unmap_page_range+0xeee/0x1e70 mm/memory.c:1511 unmap_single_vma+0x19d/0x300 mm/memory.c:1556 unmap_vmas+0xae/0x180 mm/memory.c:1586 exit_mmap+0x2c2/0x530 mm/mmap.c:3092 __mmput kernel/fork.c:1001 [inline] mmput+0x15f/0x4c0 kernel/fork.c:1022 exit_mm kernel/exit.c:546 [inline] do_exit+0x838/0x2fa0 kernel/exit.c:863 do_group_exit+0x135/0x370 kernel/exit.c:979 __do_sys_exit_group kernel/exit.c:990 [inline] __se_sys_exit_group kernel/exit.c:988 [inline] __x64_sys_exit_group+0x44/0x50 kernel/exit.c:988 do_syscall_64+0x103/0x610 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x49/0xbe RIP: 0033:0x440068 Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 RSP: 002b:00007ffc99556de8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440068 RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 RBP: 00000000004bfcd0 R08: 00000000000000e7 R09: ffffffffffffffd0 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00000000006d2180 R14: 0000000000000000 R15: 0000000000000000 CPU: 0 PID: 7624 Comm: syz-executor157 Not tainted 4.19.34 #2 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x172/0x1f0 lib/dump_stack.c:113 fail_dump lib/fault-inject.c:51 [inline] should_fail.cold+0xa/0x1b lib/fault-inject.c:149 __should_failslab+0x121/0x190 mm/failslab.c:32 should_failslab+0x9/0x14 mm/slab_common.c:1557 slab_pre_alloc_hook mm/slab.h:424 [inline] slab_alloc mm/slab.c:3383 [inline] __do_kmalloc mm/slab.c:3725 [inline] __kmalloc+0x71/0x750 mm/slab.c:3736 kmalloc include/linux/slab.h:520 [inline] tty_buffer_alloc drivers/tty/tty_buffer.c:170 [inline] __tty_buffer_request_room+0x1fb/0x5c0 drivers/tty/tty_buffer.c:268 tty_insert_flip_string_fixed_flag+0x93/0x1f0 drivers/tty/tty_buffer.c:313 tty_insert_flip_string include/linux/tty_flip.h:37 [inline] pty_write+0x133/0x200 drivers/tty/pty.c:121 tty_put_char+0x137/0x160 drivers/tty/tty_io.c:2886 __process_echoes+0x5c8/0xa40 drivers/tty/n_tty.c:726 flush_echoes drivers/tty/n_tty.c:827 [inline] __receive_buf drivers/tty/n_tty.c:1646 [inline] n_tty_receive_buf_common+0xbd6/0x2900 drivers/tty/n_tty.c:1740 n_tty_receive_buf+0x31/0x40 drivers/tty/n_tty.c:1769 tiocsti drivers/tty/tty_io.c:2192 [inline] tty_ioctl+0xeb1/0x1530 drivers/tty/tty_io.c:2578 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:501 [inline] do_vfs_ioctl+0xd6e/0x1390 fs/ioctl.c:688

Crashes (172):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Manager
2019/04/11 21:46	linux-4.19.y	4d552acf3370	13030ef8	.config	console log	report	syz	C	ci2-linux-4-19
2020/01/29 11:54	linux-4.19.y	88d6de67e390	c8e81ce4	.config	console log	report			ci2-linux-4-19
2020/01/28 12:07	linux-4.19.y	88d6de67e390	56cd6c9b	.config	console log	report			ci2-linux-4-19
2020/01/26 23:23	linux-4.19.y	d183c8e2647a	dd56146d	.config	console log	report			ci2-linux-4-19
2020/01/21 01:23	linux-4.19.y	dc4ba5be1bab	8eda0b95	.config	console log	report			ci2-linux-4-19
2020/01/20 17:27	linux-4.19.y	dc4ba5be1bab	c40da18c	.config	console log	report			ci2-linux-4-19
2020/01/19 11:14	linux-4.19.y	dc4ba5be1bab	bc8bc756	.config	console log	report			ci2-linux-4-19
2020/01/16 06:03	linux-4.19.y	db5b9190ff82	f9b69507	.config	console log	report			ci2-linux-4-19
2020/01/15 06:36	linux-4.19.y	db5b9190ff82	fa12bd3c	.config	console log	report			ci2-linux-4-19
2020/01/13 22:03	linux-4.19.y	dcd888983542	99565c1a	.config	console log	report			ci2-linux-4-19
2020/01/13 15:57	linux-4.19.y	dcd888983542	99565c1a	.config	console log	report			ci2-linux-4-19
2020/01/13 10:24	linux-4.19.y	dcd888983542	53faa9fe	.config	console log	report			ci2-linux-4-19
2020/01/12 11:16	linux-4.19.y	cb1f9a169a0e	31290a45	.config	console log	report			ci2-linux-4-19
2020/01/11 08:30	linux-4.19.y	cb1f9a169a0e	4c04afaa	.config	console log	report			ci2-linux-4-19
2020/01/06 12:23	linux-4.19.y	3d40d7117e35	438e1227	.config	console log	report			ci2-linux-4-19
2019/12/29 00:29	linux-4.19.y	672481c2deff	af6b8ef8	.config	console log	report			ci2-linux-4-19
2019/12/27 22:37	linux-4.19.y	672481c2deff	be5c2c81	.config	console log	report			ci2-linux-4-19
2019/12/27 15:25	linux-4.19.y	672481c2deff	be5c2c81	.config	console log	report			ci2-linux-4-19
2019/12/25 20:26	linux-4.19.y	672481c2deff	be5c2c81	.config	console log	report			ci2-linux-4-19
2019/12/23 18:07	linux-4.19.y	672481c2deff	be5c2c81	.config	console log	report			ci2-linux-4-19
2019/12/19 03:59	linux-4.19.y	7d120bf21c05	79b211f7	.config	console log	report			ci2-linux-4-19
2019/12/19 01:04	linux-4.19.y	7d120bf21c05	79b211f7	.config	console log	report			ci2-linux-4-19
2019/12/15 17:56	linux-4.19.y	312017a460d5	eef6e580	.config	console log	report			ci2-linux-4-19
2019/12/15 13:16	linux-4.19.y	312017a460d5	eef6e580	.config	console log	report			ci2-linux-4-19
2019/12/15 08:35	linux-4.19.y	312017a460d5	eef6e580	.config	console log	report			ci2-linux-4-19
2019/12/14 18:36	linux-4.19.y	312017a460d5	eef6e580	.config	console log	report			ci2-linux-4-19
2019/12/14 10:19	linux-4.19.y	312017a460d5	eef6e580	.config	console log	report			ci2-linux-4-19
2019/12/13 12:44	linux-4.19.y	312017a460d5	2a752b7c	.config	console log	report			ci2-linux-4-19
2019/12/12 19:48	linux-4.19.y	fb683b5e3f53	08003f64	.config	console log	report			ci2-linux-4-19
2019/12/09 13:03	linux-4.19.y	fb683b5e3f53	1508f453	.config	console log	report			ci2-linux-4-19
2019/12/08 14:19	linux-4.19.y	fb683b5e3f53	1508f453	.config	console log	report			ci2-linux-4-19
2019/12/07 04:36	linux-4.19.y	fb683b5e3f53	85f26751	.config	console log	report			ci2-linux-4-19
2019/12/04 20:40	linux-4.19.y	174651bdf802	b2088328	.config	console log	report			ci2-linux-4-19
2019/12/02 02:53	linux-4.19.y	174651bdf802	f879db37	.config	console log	report			ci2-linux-4-19
2019/12/02 01:09	linux-4.19.y	174651bdf802	f879db37	.config	console log	report			ci2-linux-4-19
2019/11/30 11:16	linux-4.19.y	14260788bbb9	3a75be00	.config	console log	report			ci2-linux-4-19
2019/11/30 04:04	linux-4.19.y	14260788bbb9	3a75be00	.config	console log	report			ci2-linux-4-19
2019/11/29 22:52	linux-4.19.y	14260788bbb9	4f7e1d0f	.config	console log	report			ci2-linux-4-19
2019/11/27 23:17	linux-4.19.y	14260788bbb9	0d63f89c	.config	console log	report			ci2-linux-4-19
2019/11/27 12:46	linux-4.19.y	14260788bbb9	1048481f	.config	console log	report			ci2-linux-4-19
2019/11/21 02:08	linux-4.19.y	c63ee2939dc1	8098ea0f	.config	console log	report			ci2-linux-4-19
2019/11/18 20:24	linux-4.19.y	c555efaf1402	d5696d51	.config	console log	report			ci2-linux-4-19
2019/11/13 07:55	linux-4.19.y	7d8dbefc22ff	048f2d49	.config	console log	report			ci2-linux-4-19

Crashes (172):

Assets (help?)

2019/04/11 21:46

linux-4.19.y