Warning: Permanently added '10.128.0.8' (ECDSA) to the list of known hosts. [ ***] A start job is running for dev-ttyS0.device (9s / 1min 30s) [ **] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ *] A start job is running for dev-ttyS0.device (10s / 1min 30s) [ **] A start job is running for dev-ttyS0.device (11s / 1min 30s) [ ***] A start job is running for dev-ttyS0.device (11s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (12s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (12s / 1min 30s) [*** ] A start job is running for dev-ttyS0.device (13s / 1min 30s) [** ] A start job is running for dev-ttyS0.device (13s / 1min 30s) [* ] A start job is running for dev-ttyS0.device (14s / 1min 30s) [** ] A start job is running for dev-ttyS0.device (14s / 1min 30s) [*** ] A start job is running for dev-ttyS0.device (15s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (15s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (16s / 1min 30s) [ ***] A start job is running for dev-ttyS0.device (16s / 1min 30s) [ **] A start job is running for dev-ttyS0.device (17s / 1min 30s) [ *] A start job is running for dev-ttyS0.device (17s / 1min 30s) [ **] A start job is running for dev-ttyS0.device (18s / 1min 30s) [ ***] A start job is running for dev-ttyS0.device (18s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (19s / 1min 30s) [ *** ] A start job is running for dev-ttyS0.device (19s / 1min 30s)[ 24.214215][ T391] ------------[ cut here ]------------ [ 24.219707][ T391] Illegal XDP return value 4294967274, expect packet loss! [ 24.226973][ T391] WARNING: CPU: 1 PID: 391 at net/core/filter.c:6909 bpf_warn_invalid_xdp_action+0x5a/0x60 [ 24.236912][ T391] Modules linked in: [ 24.240783][ T391] CPU: 1 PID: 391 Comm: syz-executor413 Not tainted 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 24.250855][ T391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.260894][ T391] RIP: 0010:bpf_warn_invalid_xdp_action+0x5a/0x60 [ 24.267292][ T391] Code: e8 4b b7 58 fe 83 fb 04 48 c7 c0 8f 48 57 84 48 c7 c6 97 48 57 84 48 0f 47 f0 48 c7 c7 62 48 57 84 89 da 31 c0 e8 16 8f 2f fe <0f> 0b eb bc 66 90 55 48 89 e5 41 57 41 56 41 55 41 54 53 50 4c 89 [ 24.286891][ T391] RSP: 0018:ffff8881c8517728 EFLAGS: 00010246 [ 24.292931][ T391] RAX: 9183339605232b00 RBX: 00000000ffffffea RCX: ffff8881d5385d00 [ 24.300877][ T391] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 24.308819][ T391] RBP: ffff8881c8517730 R08: ffffffff812d0b80 R09: ffffed103b763e9a [ 24.316776][ T391] R10: ffffed103b763e9a R11: 0000000000000000 R12: 00000000ffffffea [ 24.324722][ T391] R13: ffff8881d263c8c0 R14: dffffc0000000000 R15: ffffc90000053000 [ 24.332682][ T391] FS: 0000000000fd5880(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000 [ 24.341596][ T391] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 24.348158][ T391] CR2: 000000002062b000 CR3: 00000001c56c4002 CR4: 00000000001606e0 [ 24.356117][ T391] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 24.364065][ T391] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 24.372009][ T391] Call Trace: [ 24.375279][ T391] tun_xdp_act+0x1b6/0x740 [ 24.379668][ T391] ? __kasan_check_write+0x14/0x20 [ 24.384750][ T391] ? copyin+0x92/0xb0 [ 24.388737][ T391] ? tun_flow_update+0x870/0x870 [ 24.393648][ T391] ? bpf_prog_1afd9d2c87742211+0x1c7/0x1000 [ 24.399511][ T391] tun_get_user+0x1cce/0x3d10 [ 24.404158][ T391] ? tun_do_read+0x1f10/0x1f10 [ 24.408892][ T391] ? netlink_detachskb+0x60/0x60 [ 24.413895][ T391] ? put_pid+0x82/0xe0 [ 24.417936][ T391] ? netlink_sendmsg+0xa28/0xd40 [ 24.422844][ T391] ? __rcu_read_lock+0x50/0x50 [ 24.427581][ T391] ? netlink_getsockopt+0x900/0x900 [ 24.432763][ T391] tun_chr_write_iter+0x134/0x1c0 [ 24.437762][ T391] do_iter_readv_writev+0x5fa/0x890 [ 24.442929][ T391] ? vfs_dedupe_file_range+0xa00/0xa00 [ 24.448361][ T391] ? security_file_permission+0x157/0x350 [ 24.454048][ T391] ? rw_verify_area+0x1c2/0x360 [ 24.458867][ T391] do_iter_write+0x180/0x590 [ 24.463431][ T391] do_writev+0x2cd/0x560 [ 24.467643][ T391] ? do_readv+0x400/0x400 [ 24.471943][ T391] ? __up_read+0x6f/0x1b0 [ 24.476279][ T391] ? __down_read+0x240/0x240 [ 24.480841][ T391] ? __kasan_check_read+0x11/0x20 [ 24.485835][ T391] __x64_sys_writev+0x7d/0x90 [ 24.490481][ T391] do_syscall_64+0xc0/0x100 [ 24.494953][ T391] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.500813][ T391] RIP: 0033:0x442080 [ 24.504691][ T391] Code: 05 48 3d 01 f0 ff ff 0f 83 5d 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 3d 71 8f 29 00 00 75 14 b8 14 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 34 09 fc ff c3 48 83 ec 08 e8 ba 2b 00 00 [ 24.524291][ T391] RSP: 002b:00007ffe8c37f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 24.532674][ T391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442080 [ 24.540617][ T391] RDX: 0000000000000001 RSI: 00007ffe8c37f240 RDI: 00000000000000f0 [ 24.548560][ T391] RBP: 00007ffe8c37f210 R08: 0000000000000000 R09: 00000000bb1414ac [ 24.556501][ T391] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000000 [ 24.564445][ T391] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 24.572396][ T391] ---[ end trace 5f733bd1395d0a3e ]--- [ 24.579404][ T391] BUG: Bad page state in process syz-executor413 pfn:1c8528 [ 24.587000][ T391] page:ffffea0007214a00 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 24.587011][ T391] flags: 0x8000000000010200(slab|head) [*[0[ 24.605184][ T391] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 ;1;31m*[0;3[ 24.614863][ T391] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 1m* ] A st[ 24.624420][ T391] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set art job is runni[ 24.633159][ T391] bad because of flags: 0x200(slab) [ 24.634629][ T394] BUG: Bad page state in process syz-executor413 pfn:1d22a0 [ 24.646758][ T394] page:ffffea000748a800 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 24.655944][ T394] flags: 0x8000000000000000() [ 24.660621][ T394] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 24.669184][ T394] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 24.677742][ T394] page dumped because: nonzero _refcount [ 24.683357][ T394] Modules linked in: [ 24.687233][ T394] CPU: 0 PID: 394 Comm: syz-executor413 Tainted: G W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 24.698652][ T394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 24.708684][ T394] Call Trace: [ 24.711970][ T394] dump_stack+0x1b0/0x228 [ 24.716300][ T394] ? is_module_text_address+0x130/0x130 [ 24.721861][ T394] ? show_regs_print_info+0x18/0x18 [ 24.727042][ T394] bad_page+0x262/0x290 [ 24.731188][ T394] ? _raw_spin_lock+0x170/0x170 [ 24.736022][ T394] ? is_free_buddy_page+0x190/0x190 [ 24.741213][ T394] ? __kasan_check_read+0x11/0x20 [ 24.746217][ T394] ? __zone_watermark_ok+0x9b/0x270 [ 24.751396][ T394] get_page_from_freelist+0x505a/0x57e0 [ 24.756917][ T394] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 24.766697][ T394] ? arch_stack_walk+0x98/0xe0 [ 24.771444][ T394] ? stack_trace_save+0x111/0x1e0 [ 24.776446][ T394] ? __read_once_size_nocheck+0x10/0x10 [ 24.781978][ T394] ? unwind_next_frame+0x415/0x870 [ 24.787066][ T394] ? __alloc_pages_nodemask+0x3010/0x3010 [ 24.792761][ T394] ? unwind_next_frame+0x415/0x870 [ 24.797876][ T394] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 24.803831][ T394] __alloc_pages_nodemask+0x44f/0x3010 [ 24.809438][ T394] ? __kernel_text_address+0x9a/0x110 [ 24.814787][ T394] ? arch_stack_walk+0x98/0xe0 [ 24.819528][ T394] ? stack_trace_save+0x111/0x1e0 [ 24.824529][ T394] ? stack_trace_snprint+0x150/0x150 [ 24.829786][ T394] ? stack_trace_save+0x111/0x1e0 [ 24.834787][ T394] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 24.840309][ T394] ? stack_trace_snprint+0x150/0x150 [ 24.845570][ T394] ? __kasan_kmalloc+0x179/0x1b0 [ 24.850485][ T394] ? __kasan_kmalloc+0x117/0x1b0 [ 24.855426][ T394] ? kasan_slab_alloc+0xe/0x10 [ 24.860191][ T394] ? kmem_cache_alloc+0x120/0x2b0 [ 24.865221][ T394] ? security_inode_alloc+0x36/0x1f0 [ 24.870494][ T394] ? do_syscall_64+0xc0/0x100 [ 24.875158][ T394] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 24.881232][ T394] ? __kasan_kmalloc+0x117/0x1b0 [ 24.886159][ T394] ? kasan_slab_alloc+0xe/0x10 [ 24.890916][ T394] ? sock_alloc_inode+0x1b/0xc0 [ 24.895755][ T394] ? new_inode_pseudo+0x68/0x240 [ 24.900686][ T394] ? __sock_create+0x136/0x7b0 [ 24.905439][ T394] ? __sys_socket+0x115/0x350 [ 24.910104][ T394] ? __x64_sys_socket+0x7a/0x90 [ 24.914950][ T394] alloc_slab_page+0x3f/0x390 [ 24.919620][ T394] new_slab+0x98/0x430 [ 24.923684][ T394] ? _raw_spin_lock+0x170/0x170 [ 24.928526][ T394] ___slab_alloc+0x2e0/0x450 [ 24.933110][ T394] ? sk_prot_alloc+0x11c/0x2f0 [ 24.937854][ T394] ? __should_failslab+0x90/0x160 [ 24.942857][ T394] ? sk_prot_alloc+0x11c/0x2f0 [ 24.947601][ T394] __kmalloc+0x26d/0x310 [ 24.951841][ T394] sk_prot_alloc+0x11c/0x2f0 [ 24.956428][ T394] sk_alloc+0x35/0x300 [ 24.960481][ T394] netlink_create+0x3ce/0x630 [ 24.965142][ T394] ? rtnetlink_rcv+0x20/0x20 [ 24.969719][ T394] __sock_create+0x3c6/0x7b0 [ 24.974291][ T394] __sys_socket+0x115/0x350 [ 24.978780][ T394] ? sock_create_kern+0x50/0x50 [ 24.983621][ T394] ? __kasan_check_read+0x11/0x20 [ 24.988627][ T394] __x64_sys_socket+0x7a/0x90 [ 24.993280][ T394] do_syscall_64+0xc0/0x100 [ 24.997757][ T394] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.003643][ T394] RIP: 0033:0x442189 [ 25.007544][ T394] Code: e8 8c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 25.027142][ T394] RSP: 002b:00007ffe8c37f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 25.035563][ T394] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442189 [ 25.043516][ T394] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000010 [ 25.051467][ T394] RBP: 00007ffe8c37f210 R08: 0000000000000004 R09: 00000000bb1414ac [ 25.059418][ T394] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000600e [ 25.067383][ T394] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 25.075355][ T394] Disabling lock debugging due to kernel taint ng for dev-ttyS0[ 25.082706][ T205] BUG: Bad page state in process systemd-journal pfn:1d20a0 [ 25.090289][ T205] page:ffffea0007482800 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 .device (20s / 1[ 25.091877][ T391] Modules linked in: [ 25.099472][ T205] flags: 0x8000000000000000() min 30s)[ 25.099482][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 25.099490][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 25.099492][ T205] page dumped because: nonzero _refcount [ 25.099494][ T205] Modules linked in: [ 25.099504][ T205] CPU: 1 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 25.099508][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.099511][ T205] Call Trace: [ 25.099525][ T205] dump_stack+0x1b0/0x228 [ 25.099535][ T205] ? is_module_text_address+0x130/0x130 [ 25.099543][ T205] ? show_regs_print_info+0x18/0x18 [ 25.099552][ T205] bad_page+0x262/0x290 [ 25.099561][ T205] ? _raw_spin_lock+0x170/0x170 [ 25.099568][ T205] ? is_free_buddy_page+0x190/0x190 [ 25.099575][ T205] ? __kasan_check_read+0x11/0x20 [ 25.099582][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 25.099589][ T205] get_page_from_freelist+0x505a/0x57e0 [ 25.099601][ T205] ? unwind_next_frame+0x415/0x870 [ 25.099616][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 25.099622][ T205] ? unwind_next_frame+0x415/0x870 [ 25.099630][ T205] ? __rcu_read_lock+0x50/0x50 [ 25.099637][ T205] ? unwind_next_frame+0x415/0x870 [ 25.099643][ T205] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 25.099655][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 25.243512][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 25.248533][ T205] ? __kernel_text_address+0x9a/0x110 [ 25.253880][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 25.259313][ T205] ? stack_trace_save+0x111/0x1e0 [ 25.264322][ T205] ? stack_trace_snprint+0x150/0x150 [ 25.269582][ T205] ? security_cred_free+0xbf/0x100 [ 25.274677][ T205] ? put_cred_rcu+0x1f9/0x250 [ 25.279328][ T205] ? __kasan_slab_free+0x1e2/0x220 [ 25.284412][ T205] ? __kasan_slab_free+0x168/0x220 [ 25.289498][ T205] ? kasan_slab_free+0xe/0x10 [ 25.294168][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 25.299688][ T205] ? do_faccessat+0x682/0x7f0 [ 25.304342][ T205] ? __x64_sys_access+0x5f/0x70 [ 25.309180][ T205] ? do_syscall_64+0xc0/0x100 [ 25.313832][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.319879][ T205] ? __seccomp_filter+0xc57/0x1890 [ 25.324968][ T205] ? kmem_cache_free+0x181/0x7a0 [ 25.329884][ T205] ? __kasan_check_write+0x14/0x20 [ 25.334967][ T205] ? refcount_dec_not_one+0x158/0x1e0 [ 25.340316][ T205] alloc_slab_page+0x3f/0x390 [ 25.344978][ T205] new_slab+0x98/0x430 [ 25.349031][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 25.354983][ T205] ? free_uid+0x6a/0x1e0 [ 25.359201][ T205] ___slab_alloc+0x2e0/0x450 [ 25.363775][ T205] ? kasan_slab_free+0xe/0x10 [ 25.368437][ T205] ? getname_flags+0xba/0x640 [ 25.373090][ T205] ? find_user+0x120/0x120 [ 25.377483][ T205] ? __should_failslab+0x90/0x160 [ 25.382490][ T205] ? getname_flags+0xba/0x640 [ 25.387144][ T205] kmem_cache_alloc+0x203/0x2b0 [ 25.391971][ T205] getname_flags+0xba/0x640 [ 25.396450][ T205] ? __kasan_check_read+0x11/0x20 [ 25.401450][ T205] do_mkdirat+0x8f/0x300 [ 25.405688][ T205] ? do_syscall_64+0x100/0x100 [ 25.410446][ T205] ? vfs_mkdir+0x30/0x30 [ 25.414665][ T205] __x64_sys_mkdir+0x60/0x70 [ 25.419234][ T205] do_syscall_64+0xc0/0x100 [ 25.423717][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.429590][ T205] RIP: 0033:0x7effe019b687 [ 25.433990][ T205] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 25.453590][ T205] RSP: 002b:00007fffdfb79c48 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 25.461984][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b687 [ 25.469935][ T205] RDX: 0000000000000000 RSI: 00000000000001ed RDI: 000055b3631cd8c0 [ 25.477884][ T205] RBP: 00007fffdfb79c80 R08: 000055b361ff93e5 R09: 0000000000000018 [ 25.485832][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 25.493782][ T205] R13: 0000000000000001 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 [ 25.501749][ T391] CPU: 0 PID: 391 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 25.513202][ T391] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.523245][ T391] Call Trace: [ 25.526777][ T391] dump_stack+0x1b0/0x228 [ 25.531081][ T391] ? is_module_text_address+0x130/0x130 [ 25.536600][ T391] ? show_regs_print_info+0x18/0x18 [ 25.541772][ T391] bad_page+0x262/0x290 [ 25.545899][ T391] ? is_free_buddy_page+0x190/0x190 [ 25.551071][ T391] __free_pages_ok+0x759/0xd80 [ 25.555806][ T391] ? __kasan_check_read+0x11/0x20 [ 25.560804][ T391] ? set_pageblock_migratetype+0x150/0x150 [ 25.566584][ T391] free_compound_page+0x67/0x90 [ 25.571421][ T391] __put_page+0xf7/0x120 [ 25.575634][ T391] do_exit+0x1d53/0x26f0 [ 25.579854][ T391] ? mm_update_next_owner+0x5f0/0x5f0 [ 25.585200][ T391] ? do_user_addr_fault+0x6b7/0xb50 [ 25.590371][ T391] do_group_exit+0x153/0x2a0 [ 25.594933][ T391] __do_sys_exit_group+0x17/0x20 [ 25.599842][ T391] __se_sys_exit_group+0x14/0x20 [ 25.604760][ T391] __x64_sys_exit_group+0x3b/0x40 [ 25.609757][ T391] do_syscall_64+0xc0/0x100 [ 25.614237][ T391] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.620107][ T391] RIP: 0033:0x440d38 [ 25.623985][ T391] Code: Bad RIP value. [ 25.628023][ T391] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 25.636404][ T391] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 25.644357][ T391] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 25.652363][ T391] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 25.660318][ T391] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 25.668283][ T391] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [** ] A start job is [ 25.682719][ T395] BUG: Bad page state in process syz-executor413 pfn:1d1eb8 [ 25.690092][ T395] page:ffffea000747ae00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 25.699308][ T395] flags: 0x8000000000000000() [ 25.703971][ T395] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 25.712550][ T395] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 25.721123][ T395] page dumped because: nonzero _refcount [ 25.726736][ T395] Modules linked in: [ 25.730633][ T395] CPU: 0 PID: 395 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 25.742059][ T395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 25.752094][ T395] Call Trace: [ 25.755374][ T395] dump_stack+0x1b0/0x228 [ 25.759692][ T395] ? is_module_text_address+0x130/0x130 [ 25.765227][ T395] ? show_regs_print_info+0x18/0x18 [ 25.770579][ T395] bad_page+0x262/0x290 [ 25.774726][ T395] ? _raw_spin_lock+0x170/0x170 [ 25.779559][ T395] ? is_free_buddy_page+0x190/0x190 [ 25.784783][ T395] ? __kasan_check_read+0x11/0x20 [ 25.789786][ T395] ? __zone_watermark_ok+0x9b/0x270 [ 25.794958][ T395] get_page_from_freelist+0x505a/0x57e0 [ 25.800485][ T395] ? unwind_next_frame+0x415/0x870 [ 25.805583][ T395] ? __rcu_read_lock+0x50/0x50 [ 25.810326][ T395] ? unwind_next_frame+0x415/0x870 [ 25.815552][ T395] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 25.821514][ T395] ? 0xffffffffa0140000 [ 25.825683][ T395] ? is_bpf_text_address+0x2c8/0x2e0 [ 25.830944][ T395] ? stack_trace_save+0x1e0/0x1e0 [ 25.835942][ T395] ? __kernel_text_address+0x9a/0x110 [ 25.841285][ T395] ? unwind_get_return_address+0x4c/0x90 [ 25.846902][ T395] ? arch_stack_walk+0x98/0xe0 [ 25.851650][ T395] ? __alloc_pages_nodemask+0x3010/0x3010 [ 25.857346][ T395] ? stack_trace_save+0x111/0x1e0 [ 25.862347][ T395] __alloc_pages_nodemask+0x44f/0x3010 [ 25.867780][ T395] ? __kasan_slab_free+0x168/0x220 [ 25.872880][ T395] ? skb_release_data+0x536/0x690 [ 25.877881][ T395] ? __kfree_skb+0x134/0x180 [ 25.882464][ T395] ? __kasan_slab_free+0x1e2/0x220 [ 25.887548][ T395] ? __kasan_slab_free+0x168/0x220 [ 25.892634][ T395] ? netlink_sendmsg+0x9a7/0xd40 [ 25.897547][ T395] ? __sys_sendmsg+0x26a/0x350 [ 25.902297][ T395] ? __x64_sys_sendmsg+0x7f/0x90 [ 25.907214][ T395] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.913397][ T395] ? stack_trace_snprint+0x150/0x150 [ 25.918674][ T395] ? rhashtable_jhash2+0x1f1/0x330 [ 25.923764][ T395] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 25.929289][ T395] ? rht_key_hashfn+0x157/0x240 [ 25.934120][ T395] ? deferred_put_nlk_sk+0x200/0x200 [ 25.939382][ T395] ? __alloc_skb+0x109/0x540 [ 25.943949][ T395] ? jhash+0x750/0x750 [ 25.947993][ T395] ? netlink_hash+0xd0/0xd0 [ 25.952472][ T395] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 25.958519][ T395] ? _raw_spin_lock_bh+0xa4/0x180 [ 25.963518][ T395] ? skb_release_data+0x536/0x690 [ 25.968516][ T395] ? __rcu_read_lock+0x50/0x50 [ 25.973255][ T395] skb_page_frag_refill+0x11d/0x3b0 [ 25.979395][ T395] tun_get_user+0x69a/0x3d10 [ 25.983961][ T395] ? tun_do_read+0x1f10/0x1f10 [ 25.988699][ T395] ? netlink_detachskb+0x60/0x60 [ 25.993614][ T395] ? put_pid+0x82/0xe0 [ 25.997659][ T395] ? netlink_sendmsg+0xa28/0xd40 [ 26.002580][ T395] ? __rcu_read_lock+0x50/0x50 [ 26.007327][ T395] ? netlink_getsockopt+0x900/0x900 [ 26.012514][ T395] tun_chr_write_iter+0x134/0x1c0 [ 26.017523][ T395] do_iter_readv_writev+0x5fa/0x890 [ 26.023222][ T395] ? vfs_dedupe_file_range+0xa00/0xa00 [ 26.028659][ T395] ? security_file_permission+0x157/0x350 [ 26.034359][ T395] ? rw_verify_area+0x1c2/0x360 [ 26.039189][ T395] do_iter_write+0x180/0x590 [ 26.043758][ T395] do_writev+0x2cd/0x560 [ 26.047985][ T395] ? do_readv+0x400/0x400 [ 26.052303][ T395] ? __up_read+0x6f/0x1b0 [ 26.056626][ T395] ? __down_read+0x240/0x240 [ 26.061193][ T395] ? __kasan_check_read+0x11/0x20 [ 26.066205][ T395] __x64_sys_writev+0x7d/0x90 [ 26.070873][ T395] do_syscall_64+0xc0/0x100 [ 26.075352][ T395] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.081218][ T395] RIP: 0033:0x442080 [ 26.085103][ T395] Code: 05 48 3d 01 f0 ff ff 0f 83 5d 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 83 3d 71 8f 29 00 00 75 14 b8 14 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 34 09 fc ff c3 48 83 ec 08 e8 ba 2b 00 00 [ 26.104686][ T395] RSP: 002b:00007ffe8c37f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 26.113072][ T395] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442080 [ 26.121017][ T395] RDX: 0000000000000001 RSI: 00007ffe8c37f240 RDI: 00000000000000f0 [ 26.128973][ T395] RBP: 00007ffe8c37f210 R08: 0000000000000000 R09: 00000000bb1414ac [ 26.136933][ T395] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000006022 [ 26.144882][ T395] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 running for dev-[ 26.154254][ T395] BUG: Bad page state in process syz-executor413 pfn:1d1e00 ttyS0.device (21[ 26.161879][ T395] page:ffffea0007478000 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 s / 1min 30s)[ 26.174594][ T395] flags: 0x8000000000010200(slab|head) [ 26.175062][ T396] BUG: Bad page state in process syz-executor413 pfn:1c2cf0 [ 26.180668][ T395] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 26.180678][ T395] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 26.180681][ T395] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 26.180690][ T395] bad because of flags: 0x200(slab) [ 26.189693][ T205] ------------[ cut here ]------------ [ 26.205453][ T395] Modules linked in: [ 26.212934][ T396] page:ffffea00070b3c00 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 26.218277][ T395] CPU: 0 PID: 395 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 26.223617][ T205] virt_to_cache: Object is not a Slab page! [ 26.227312][ T395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.227314][ T395] Call Trace: [ 26.227327][ T395] dump_stack+0x1b0/0x228 [ 26.227342][ T395] ? is_module_text_address+0x130/0x130 [ 26.238354][ T396] flags: 0x8000000000010200(slab|head) [ 26.249815][ T395] ? show_regs_print_info+0x18/0x18 [ 26.249825][ T395] bad_page+0x262/0x290 [ 26.249833][ T395] ? is_free_buddy_page+0x190/0x190 [ 26.249841][ T395] __free_pages_ok+0x759/0xd80 [ 26.249848][ T395] ? __kasan_check_read+0x11/0x20 [ 26.249856][ T395] ? set_pageblock_migratetype+0x150/0x150 [ 26.249863][ T395] free_compound_page+0x67/0x90 [ 26.249877][ T395] __put_page+0xf7/0x120 [ 26.255911][ T396] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 26.265777][ T395] do_exit+0x1d53/0x26f0 [ 26.265788][ T395] ? mm_update_next_owner+0x5f0/0x5f0 [ 26.265798][ T395] ? do_user_addr_fault+0x6b7/0xb50 [ 26.265810][ T395] do_group_exit+0x153/0x2a0 [ 26.269189][ T205] WARNING: CPU: 1 PID: 205 at mm/slab.h:474 kmem_cache_free+0x324/0x7a0 [ 26.273373][ T395] __do_sys_exit_group+0x17/0x20 [ 26.278885][ T205] Modules linked in: [ 26.284327][ T395] __se_sys_exit_group+0x14/0x20 [ 26.289499][ T205] CPU: 1 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 26.293623][ T395] __x64_sys_exit_group+0x3b/0x40 [ 26.298795][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.303531][ T395] do_syscall_64+0xc0/0x100 [ 26.308528][ T205] RIP: 0010:kmem_cache_free+0x324/0x7a0 [ 26.314303][ T395] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.319124][ T205] Code: 23 03 01 48 c7 c7 cf 73 4d 84 48 c7 c6 ef 73 4d 84 31 c0 4c 89 45 b8 e8 5a 7f a9 ff 4c 8b 45 b8 48 ba 00 00 00 00 00 ea ff ff <0f> 0b e9 81 fd ff ff 48 ff c8 48 89 c3 e9 4a fd ff ff 48 ff c8 48 [ 26.323335][ T395] RIP: 0033:0x440d38 [ 26.331885][ T205] RSP: 0018:ffff8881d3e27a90 EFLAGS: 00010246 [ 26.336102][ T395] Code: Bad RIP value. [ 26.341440][ T205] RAX: 0d2af1ca5168c900 RBX: ffffea00070b3d00 RCX: ffff8881d4345d00 [ 26.346604][ T395] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 26.351165][ T205] RDX: ffffea0000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 26.359456][ T395] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 26.364375][ T205] RBP: ffff8881d3e27b10 R08: ffff8881da8e4e00 R09: ffffed103b765de0 [ 26.368238][ T395] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 26.373145][ T205] R10: ffffed103b765de0 R11: 0000000000000000 R12: 8000000000000000 [ 26.384562][ T395] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 26.389559][ T205] R13: ffffffff7fffffff R14: 0000777f80000000 R15: ffff888242cf4400 [ 26.399598][ T395] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 26.404074][ T205] FS: 00007effe0edf8c0(0000) GS:ffff8881dbb00000(0000) knlGS:0000000000000000 [ 26.409585][ T395] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 26.415450][ T205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 26.552282][ T205] CR2: 00007fe62d7d2000 CR3: 00000001d536d006 CR4: 00000000001606e0 [ 26.560233][ T205] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 26.568182][ T205] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 26.576125][ T205] Call Trace: [ 26.579405][ T205] ? terminate_walk+0x354/0x520 [ 26.584230][ T205] filename_parentat+0x6fd/0x840 [ 26.589144][ T205] ? kmem_cache_alloc+0x120/0x2b0 [ 26.594142][ T205] ? getname_flags+0xba/0x640 [ 26.598801][ T205] ? do_mkdirat+0x8f/0x300 [ 26.603195][ T205] ? kern_path_locked+0x550/0x550 [ 26.608193][ T205] ? refcount_dec_not_one+0x158/0x1e0 [ 26.613541][ T205] ? refcount_dec_if_one+0x1a0/0x1a0 [ 26.618811][ T205] ? hashlen_string+0x120/0x120 [ 26.623635][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 26.629590][ T205] ? free_uid+0x6a/0x1e0 [ 26.633809][ T205] filename_create+0xbe/0x6f0 [ 26.638464][ T205] ? kern_path_create+0x40/0x40 [ 26.643293][ T205] do_mkdirat+0xac/0x300 [ 26.647510][ T205] ? do_syscall_64+0x100/0x100 [ 26.652252][ T205] ? vfs_mkdir+0x30/0x30 [ 26.656471][ T205] __x64_sys_mkdir+0x60/0x70 [ 26.661046][ T205] do_syscall_64+0xc0/0x100 [ 26.665530][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.671397][ T205] RIP: 0033:0x7effe019b687 [ 26.675788][ T205] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 26.695364][ T205] RSP: 002b:00007fffdfb79d98 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 26.703750][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b687 [ 26.711722][ T205] RDX: 00007effe0c0ca00 RSI: 00000000000001ed RDI: 000055b3631cd8c0 [ 26.719687][ T205] RBP: 00007fffdfb79dd0 R08: 0000000000000000 R09: 0000000000000000 [ 26.727668][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 26.735618][ T205] R13: 0000000000000000 R14: 00007fffdfb7ccb0 R15: 00007fffdfb7a2c0 [ 26.743588][ T205] ---[ end trace 5f733bd1395d0a3f ]--- [* [ 26.749765][ T396] raw: 0000000000000000 0000000080070007 00000000ffffffff 0000000000000000 ] A start [ 26.759759][ T396] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set job is running f[ 26.768451][ T396] bad because of flags: 0x200(slab) or dev-ttyS0.dev[ 26.773798][ T397] BUG: Bad page state in process syz-executor413 pfn:1d1590 ice (22s / 1min [ 26.784128][ T397] page:ffffea0007456400 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 30s)[ 26.784416][ T396] Modules linked in: [ 26.800325][ T398] BUG: Bad page state in process syz-executor413 pfn:1d17d8 [ 26.800387][ T397] flags: 0x8000000000010200(slab|head) [ 26.808106][ T398] page:ffffea000745f600 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 26.824307][ T396] CPU: 1 PID: 396 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 26.825258][ T397] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 26.835736][ T396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 26.835739][ T396] Call Trace: [ 26.835754][ T396] dump_stack+0x1b0/0x228 [ 26.835764][ T396] ? is_module_text_address+0x130/0x130 [ 26.835772][ T396] ? show_regs_print_info+0x18/0x18 [ 26.835782][ T396] bad_page+0x262/0x290 [ 26.835788][ T396] ? is_free_buddy_page+0x190/0x190 [ 26.835797][ T396] __free_pages_ok+0x759/0xd80 [ 26.835804][ T396] ? __kasan_check_read+0x11/0x20 [ 26.835813][ T396] ? set_pageblock_migratetype+0x150/0x150 [ 26.835822][ T396] free_compound_page+0x67/0x90 [ 26.835831][ T396] __put_page+0xf7/0x120 [ 26.835840][ T396] do_exit+0x1d53/0x26f0 [ 26.835848][ T396] ? mm_update_next_owner+0x5f0/0x5f0 [ 26.835862][ T396] ? do_user_addr_fault+0x6b7/0xb50 [ 26.921493][ T396] do_group_exit+0x153/0x2a0 [ 26.926058][ T396] __do_sys_exit_group+0x17/0x20 [ 26.930967][ T396] __se_sys_exit_group+0x14/0x20 [ 26.935882][ T396] __x64_sys_exit_group+0x3b/0x40 [ 26.940878][ T396] do_syscall_64+0xc0/0x100 [ 26.945365][ T396] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 26.951242][ T396] RIP: 0033:0x440d38 [ 26.955109][ T396] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 [ 26.974704][ T396] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 26.983111][ T396] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 26.991065][ T396] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 26.999015][ T396] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 27.006973][ T396] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 27.014930][ T396] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 27.023446][ T398] flags: 0x8000000000010200(slab|head) [ 27.028960][ T397] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 27.029054][ T398] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 27.037618][ T397] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 27.046233][ T398] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 27.054270][ T397] bad because of flags: 0x200(slab) [ 27.062199][ T398] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 27.067868][ T397] Modules linked in: [ 27.074892][ T398] bad because of flags: 0x200(slab) [ 27.079205][ T397] CPU: 0 PID: 397 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 27.083944][ T398] Modules linked in: [ 27.095292][ T397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.095294][ T397] Call Trace: [ 27.095309][ T397] dump_stack+0x1b0/0x228 [ 27.095319][ T397] ? is_module_text_address+0x130/0x130 [ 27.095330][ T397] ? show_regs_print_info+0x18/0x18 [ 27.095343][ T397] bad_page+0x262/0x290 [ 27.132165][ T397] ? is_free_buddy_page+0x190/0x190 [ 27.137339][ T397] __free_pages_ok+0x759/0xd80 [ 27.142080][ T397] ? __kasan_check_read+0x11/0x20 [ 27.147081][ T397] ? set_pageblock_migratetype+0x150/0x150 [ 27.152863][ T397] free_compound_page+0x67/0x90 [ 27.157690][ T397] __put_page+0xf7/0x120 [ 27.161907][ T397] do_exit+0x1d53/0x26f0 [ 27.166126][ T397] ? mm_update_next_owner+0x5f0/0x5f0 [ 27.171501][ T397] ? do_user_addr_fault+0x6b7/0xb50 [ 27.176689][ T397] do_group_exit+0x153/0x2a0 [ 27.181277][ T397] __do_sys_exit_group+0x17/0x20 [ 27.186205][ T397] __se_sys_exit_group+0x14/0x20 [ 27.191134][ T397] __x64_sys_exit_group+0x3b/0x40 [ 27.196138][ T397] do_syscall_64+0xc0/0x100 [ 27.200636][ T397] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.206596][ T397] RIP: 0033:0x440d38 [ 27.210488][ T397] Code: Bad RIP value. [ 27.214529][ T397] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 27.222912][ T397] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 27.230859][ T397] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 27.238805][ T397] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 27.246751][ T397] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 27.254699][ T397] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 27.262666][ T398] CPU: 1 PID: 398 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 27.274131][ T398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.284171][ T398] Call Trace: [ 27.287443][ T398] dump_stack+0x1b0/0x228 [ 27.291756][ T398] ? is_module_text_address+0x130/0x130 [ 27.297274][ T398] ? show_regs_print_info+0x18/0x18 [ 27.302462][ T398] bad_page+0x262/0x290 [ 27.306628][ T398] ? is_free_buddy_page+0x190/0x190 [ 27.311819][ T398] __free_pages_ok+0x759/0xd80 [ 27.316573][ T398] ? __kasan_check_read+0x11/0x20 [ 27.321572][ T398] ? set_pageblock_migratetype+0x150/0x150 [ 27.327356][ T398] free_compound_page+0x67/0x90 [ 27.332185][ T398] __put_page+0xf7/0x120 [ 27.336404][ T398] do_exit+0x1d53/0x26f0 [ 27.340639][ T398] ? mm_update_next_owner+0x5f0/0x5f0 [ 27.346008][ T398] ? do_user_addr_fault+0x6b7/0xb50 [ 27.351179][ T398] do_group_exit+0x153/0x2a0 [ 27.355755][ T398] __do_sys_exit_group+0x17/0x20 [ 27.360665][ T398] __se_sys_exit_group+0x14/0x20 [ 27.365589][ T398] __x64_sys_exit_group+0x3b/0x40 [ 27.370592][ T398] do_syscall_64+0xc0/0x100 [ 27.375070][ T398] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.380933][ T398] RIP: 0033:0x440d38 [ 27.384813][ T398] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 [ 27.404392][ T398] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 27.412774][ T398] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 27.420721][ T398] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 27.428667][ T398] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 27.436614][ T398] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 27.444559][ T398] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [** ][ 27.455309][ T205] BUG: Bad page state in process systemd-journal pfn:1d1280 [ 27.463267][ T205] page:ffffea000744a000 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 27.472430][ T205] flags: 0x8000000000000000() [ 27.477081][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 27.485639][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 27.494192][ T205] page dumped because: nonzero _refcount [ 27.499796][ T205] Modules linked in: [ 27.503680][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 27.515138][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.525216][ T205] Call Trace: [ 27.528507][ T205] dump_stack+0x1b0/0x228 [ 27.532835][ T205] ? is_module_text_address+0x130/0x130 [ 27.538362][ T205] ? show_regs_print_info+0x18/0x18 [ 27.543536][ T205] bad_page+0x262/0x290 [ 27.547671][ T205] ? _raw_spin_lock+0x170/0x170 [ 27.552500][ T205] ? is_free_buddy_page+0x190/0x190 [ 27.557713][ T205] ? __kasan_check_read+0x11/0x20 [ 27.562747][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 27.567959][ T205] get_page_from_freelist+0x505a/0x57e0 [ 27.573495][ T205] ? __x64_sys_open+0x87/0x90 [ 27.578186][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 27.583736][ T205] ? unwind_next_frame+0x415/0x870 [ 27.588853][ T205] ? __rcu_read_lock+0x50/0x50 [ 27.593589][ T205] ? unwind_next_frame+0x415/0x870 [ 27.598672][ T205] ? 0xffffffffa0140000 [ 27.602796][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 27.608486][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 27.613744][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 27.618780][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 27.624212][ T205] ? stack_trace_snprint+0x150/0x150 [ 27.629472][ T205] ? stack_trace_save+0x111/0x1e0 [ 27.634472][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 27.639989][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 27.644900][ T205] ? kasan_kmalloc+0x9/0x10 [ 27.649377][ T205] ? __kmalloc+0x102/0x310 [ 27.653766][ T205] ? kzalloc+0x26/0x40 [ 27.657809][ T205] ? security_prepare_creds+0x40/0x270 [ 27.663237][ T205] ? prepare_creds+0x295/0x390 [ 27.667972][ T205] ? do_faccessat+0x9d/0x7f0 [ 27.672537][ T205] ? __x64_sys_access+0x5f/0x70 [ 27.677359][ T205] ? do_syscall_64+0xc0/0x100 [ 27.682008][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.688044][ T205] ? __kasan_kmalloc+0x179/0x1b0 [ 27.692954][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 27.697861][ T205] ? kasan_slab_alloc+0xe/0x10 [ 27.702596][ T205] ? kmem_cache_alloc+0x120/0x2b0 [ 27.707602][ T205] ? prepare_creds+0x24/0x390 [ 27.712253][ T205] ? kern_path_locked+0x550/0x550 [ 27.717266][ T205] alloc_slab_page+0x3f/0x390 [ 27.721917][ T205] new_slab+0x98/0x430 [ 27.725969][ T205] ___slab_alloc+0x2e0/0x450 [ 27.730540][ T205] ? __should_failslab+0x90/0x160 [ 27.735535][ T205] ? getname_flags+0xba/0x640 [ 27.740182][ T205] ? kzalloc+0x26/0x40 [ 27.744224][ T205] ? __should_failslab+0x90/0x160 [ 27.749221][ T205] ? getname_flags+0xba/0x640 [ 27.753879][ T205] kmem_cache_alloc+0x203/0x2b0 [ 27.758702][ T205] getname_flags+0xba/0x640 [ 27.763176][ T205] ? __put_user_ns+0x60/0x60 [ 27.767748][ T205] user_path_at_empty+0x2d/0x50 [ 27.772696][ T205] do_faccessat+0x2f3/0x7f0 [ 27.777193][ T205] ? do_syscall_64+0x100/0x100 [ 27.781939][ T205] ? __ia32_sys_fallocate+0x110/0x110 [ 27.787291][ T205] __x64_sys_access+0x5f/0x70 [ 27.791994][ T205] do_syscall_64+0xc0/0x100 [ 27.796475][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 27.802343][ T205] RIP: 0033:0x7effe019b9c7 [ 27.806738][ T205] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 27.826332][ T205] RSP: 002b:00007fffdfb79c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 27.834736][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b9c7 [ 27.842686][ T205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b3620039a3 [ 27.850633][ T205] RBP: 00007fffdfb79dd0 R08: 000055b361ff93e5 R09: 0000000000000018 [ 27.858618][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 27.866569][ T205] R13: 0000000000000000 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 A start job is running for dev-[ 27.876564][ T400] BUG: Bad page state in process syz-executor413 pfn:1d1110 ttyS0.device (23s / 1min 30s)[ 27.886426][ T400] page:ffffea0007444400 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 27.892868][ T401] BUG: Bad page state in process syz-executor413 pfn:1d0c18 [ 27.905768][ T400] flags: 0x8000000000010200(slab|head) [ 27.905994][ T401] page:ffffea0007430600 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 27.922810][ T401] flags: 0x8000000000010200(slab|head) [ 27.923042][ T400] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 27.928278][ T401] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 27.928286][ T401] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 27.928288][ T401] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 27.928297][ T401] bad because of flags: 0x200(slab) [ 27.966923][ T400] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 27.967324][ T205] BUG: Bad page state in process systemd-journal pfn:1d0db8 [ 27.975747][ T400] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 27.982862][ T205] page:ffffea0007436e00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 27.982867][ T205] flags: 0x8000000000000000() [ 27.982878][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 27.982885][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 27.982888][ T205] page dumped because: nonzero _refcount [ 27.982889][ T205] Modules linked in: [ 27.982910][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 27.990426][ T400] bad because of flags: 0x200(slab) [ 27.999345][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 27.999348][ T205] Call Trace: [ 27.999362][ T205] dump_stack+0x1b0/0x228 [ 27.999372][ T205] ? is_module_text_address+0x130/0x130 [ 27.999380][ T205] ? show_regs_print_info+0x18/0x18 [ 27.999392][ T205] bad_page+0x262/0x290 [ 28.004627][ T400] Modules linked in: [ 28.012614][ T205] ? _raw_spin_lock+0x170/0x170 [ 28.012622][ T205] ? is_free_buddy_page+0x190/0x190 [ 28.012628][ T205] ? __kasan_check_read+0x11/0x20 [ 28.012634][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 28.012641][ T205] get_page_from_freelist+0x505a/0x57e0 [ 28.012654][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 28.021922][ T401] Modules linked in: [ 28.026969][ T205] ? __rcu_read_lock+0x50/0x50 [ 28.123642][ T205] ? unwind_next_frame+0x415/0x870 [ 28.128746][ T205] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 28.134728][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 28.140020][ T205] ? unwind_get_return_address+0x4c/0x90 [ 28.145639][ T205] ? arch_stack_walk+0x98/0xe0 [ 28.150379][ T205] ? stack_trace_save+0x111/0x1e0 [ 28.155379][ T205] ? stack_trace_snprint+0x150/0x150 [ 28.160645][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 28.166337][ T205] ? __kasan_slab_free+0x1e2/0x220 [ 28.171453][ T205] ? __kasan_slab_free+0x168/0x220 [ 28.176559][ T205] ? kasan_slab_free+0xe/0x10 [ 28.181212][ T205] ? filename_parentat+0x6fd/0x840 [ 28.186304][ T205] ? filename_create+0xbe/0x6f0 [ 28.191128][ T205] ? do_mkdirat+0xac/0x300 [ 28.195520][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 28.200987][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 28.206258][ T205] ? security_inode_permission+0xed/0x130 [ 28.211948][ T205] ? link_path_walk+0x13c4/0x1500 [ 28.216945][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 28.222458][ T205] ? kasan_slab_free+0xe/0x10 [ 28.227104][ T205] ? kmem_cache_free+0x181/0x7a0 [ 28.232010][ T205] ? terminate_walk+0x354/0x520 [ 28.236831][ T205] ? filename_parentat+0x6fd/0x840 [ 28.241951][ T205] ? __seccomp_filter+0xc57/0x1890 [ 28.247079][ T205] alloc_slab_page+0x3f/0x390 [ 28.251757][ T205] new_slab+0x98/0x430 [ 28.255800][ T205] ___slab_alloc+0x2e0/0x450 [ 28.260359][ T205] ? getname_flags+0xba/0x640 [ 28.265009][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 28.270972][ T205] ? __should_failslab+0x90/0x160 [ 28.275967][ T205] ? getname_flags+0xba/0x640 [ 28.280615][ T205] kmem_cache_alloc+0x203/0x2b0 [ 28.285438][ T205] getname_flags+0xba/0x640 [ 28.289912][ T205] getname+0x19/0x20 [ 28.293776][ T205] do_sys_open+0x32a/0x7a0 [ 28.298163][ T205] ? __kasan_check_read+0x11/0x20 [ 28.303170][ T205] ? file_open_root+0x440/0x440 [ 28.307993][ T205] __x64_sys_open+0x87/0x90 [ 28.312465][ T205] do_syscall_64+0xc0/0x100 [ 28.316942][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.322814][ T205] RIP: 0033:0x7effe046f840 [ 28.327209][ T205] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 [ 28.346894][ T205] RSP: 002b:00007fffdfb798f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 28.355280][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb79c00 RCX: 00007effe046f840 [ 28.363220][ T205] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 000055b3631d7750 [ 28.371206][ T205] RBP: 000000000000000d R08: 000000000000ffc0 R09: 00000000ffffffff [ 28.379168][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 28.387115][ T205] R13: 000055b3631ca060 R14: 00007fffdfb79bc0 R15: 000055b3631d7570 [ 28.396021][ T400] CPU: 0 PID: 400 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 28.407673][ T400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.417707][ T400] Call Trace: [ 28.420981][ T400] dump_stack+0x1b0/0x228 [ 28.425295][ T400] ? is_module_text_address+0x130/0x130 [ 28.430838][ T400] ? show_regs_print_info+0x18/0x18 [ 28.436018][ T400] bad_page+0x262/0x290 [ 28.440162][ T400] ? is_free_buddy_page+0x190/0x190 [ 28.445352][ T400] __free_pages_ok+0x759/0xd80 [ 28.450091][ T400] ? __kasan_check_read+0x11/0x20 [ 28.455090][ T400] ? set_pageblock_migratetype+0x150/0x150 [ 28.460873][ T400] free_compound_page+0x67/0x90 [ 28.465712][ T400] __put_page+0xf7/0x120 [ 28.469930][ T400] do_exit+0x1d53/0x26f0 [ 28.474150][ T400] ? mm_update_next_owner+0x5f0/0x5f0 [ 28.479501][ T400] ? do_user_addr_fault+0x6b7/0xb50 [ 28.484674][ T400] do_group_exit+0x153/0x2a0 [ 28.489244][ T400] __do_sys_exit_group+0x17/0x20 [ 28.494158][ T400] __se_sys_exit_group+0x14/0x20 [ 28.499071][ T400] __x64_sys_exit_group+0x3b/0x40 [ 28.504072][ T400] do_syscall_64+0xc0/0x100 [ 28.508569][ T400] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.514435][ T400] RIP: 0033:0x440d38 [ 28.518315][ T400] Code: Bad RIP value. [ 28.522366][ T400] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 28.530752][ T400] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 28.538711][ T400] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 28.546669][ T400] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 28.554632][ T400] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 28.562584][ T400] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 28.570542][ T401] CPU: 1 PID: 401 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 28.581995][ T401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [*[0;1;3[ 28.592048][ T401] Call Trace: [ 28.596722][ T401] dump_stack+0x1b0/0x228 1m** [ 28.601090][ T401] ? is_module_text_address+0x130/0x130 ] A start [ 28.608113][ T401] ? show_regs_print_info+0x18/0x18 [ 28.614686][ T401] bad_page+0x262/0x290 job is running f[ 28.618846][ T401] ? is_free_buddy_page+0x190/0x190 or dev-ttyS0.dev[ 28.625407][ T401] __free_pages_ok+0x759/0xd80 ice (24s / 1min [ 28.631542][ T401] ? __kasan_check_read+0x11/0x20 30s)[ 28.637925][ T401] ? set_pageblock_migratetype+0x150/0x150 [ 28.644043][ T401] free_compound_page+0x67/0x90 [ 28.648869][ T401] __put_page+0xf7/0x120 [ 28.653088][ T401] do_exit+0x1d53/0x26f0 [ 28.657305][ T401] ? mm_update_next_owner+0x5f0/0x5f0 [ 28.662738][ T401] ? do_user_addr_fault+0x6b7/0xb50 [ 28.667910][ T401] do_group_exit+0x153/0x2a0 [ 28.672486][ T401] __do_sys_exit_group+0x17/0x20 [ 28.677397][ T401] __se_sys_exit_group+0x14/0x20 [ 28.682308][ T401] __x64_sys_exit_group+0x3b/0x40 [ 28.687303][ T401] do_syscall_64+0xc0/0x100 [ 28.691792][ T401] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 28.697665][ T401] RIP: 0033:0x440d38 [ 28.701542][ T401] Code: Bad RIP value. [ 28.705580][ T401] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 28.713977][ T401] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 28.721935][ T401] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 28.729882][ T401] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 28.737827][ T401] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 28.745883][ T401] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 28.760462][ T404] BUG: Bad page state in process syz-executor413 pfn:1d0728 [ 28.767832][ T404] page:ffffea000741ca00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 28.776992][ T404] flags: 0x8000000000000000() [ 28.781641][ T404] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 28.790193][ T404] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 28.798744][ T404] page dumped because: nonzero _refcount [ 28.804343][ T404] Modules linked in: [ 28.808220][ T404] CPU: 1 PID: 404 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 28.819640][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 28.830021][ T404] Call Trace: [ 28.833291][ T404] dump_stack+0x1b0/0x228 [ 28.837608][ T404] ? is_module_text_address+0x130/0x130 [ 28.843139][ T404] ? show_regs_print_info+0x18/0x18 [ 28.848314][ T404] bad_page+0x262/0x290 [ 28.852449][ T404] ? _raw_spin_lock+0x170/0x170 [ 28.857274][ T404] ? is_free_buddy_page+0x190/0x190 [ 28.862452][ T404] ? __kasan_check_read+0x11/0x20 [ 28.867451][ T404] ? __zone_watermark_ok+0x9b/0x270 [ 28.872627][ T404] get_page_from_freelist+0x505a/0x57e0 [ 28.878150][ T404] ? rt6_sync_up+0x1d0/0x1d0 [ 28.882725][ T404] ? node_free_rcu+0x20/0x20 [ 28.887305][ T404] ? _raw_spin_lock_irqsave+0xda/0x1c0 [ 28.892739][ T404] ? _raw_spin_lock+0x170/0x170 [ 28.897566][ T404] ? _local_bh_enable+0x30/0x30 [ 28.902441][ T404] ? _raw_write_lock_bh+0xa4/0x170 [ 28.907528][ T404] ? _local_bh_enable+0x30/0x30 [ 28.912355][ T404] ? nla_put+0x135/0x1e0 [ 28.916571][ T404] ? inet6_fill_ifla6_attrs+0x13f9/0x2260 [ 28.922260][ T404] ? __alloc_pages_nodemask+0x3010/0x3010 [ 28.927948][ T404] __alloc_pages_nodemask+0x44f/0x3010 [ 28.933380][ T404] ? tun_get_size+0x10/0x10 [ 28.937856][ T404] ? __dev_xdp_query+0xe5/0x190 [ 28.942697][ T404] ? __rcu_read_lock+0x50/0x50 [ 28.947470][ T404] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 28.952986][ T404] ? rtnl_fill_ifinfo+0x37d2/0x3eb0 [ 28.958168][ T404] ? if_nlmsg_size+0x5b0/0x5b0 [ 28.963967][ T404] alloc_slab_page+0x3f/0x390 [ 28.968620][ T404] ? __kasan_kmalloc+0x179/0x1b0 [ 28.973538][ T404] new_slab+0x98/0x430 [ 28.977583][ T404] ? setup_fault_attr+0x2b0/0x2b0 [ 28.982583][ T404] ___slab_alloc+0x2e0/0x450 [ 28.987151][ T404] ? netlink_trim+0x1ad/0x250 [ 28.991803][ T404] ? __should_failslab+0x11a/0x160 [ 28.997018][ T404] ? netlink_trim+0x1ad/0x250 [ 29.001708][ T404] __kmalloc_track_caller+0x26e/0x320 [ 29.007060][ T404] ? __kasan_check_write+0x14/0x20 [ 29.012194][ T404] ? netlink_trim+0x1ad/0x250 [ 29.016846][ T404] pskb_expand_head+0x12a/0x10f0 [ 29.021759][ T404] netlink_trim+0x1ad/0x250 [ 29.026236][ T404] netlink_broadcast_filtered+0x7e/0x10a0 [ 29.031967][ T404] ? rtmsg_ifinfo_build_skb+0xda/0x180 [ 29.037399][ T404] nlmsg_notify+0xb6/0x170 [ 29.041790][ T404] rtmsg_ifinfo+0xe6/0x120 [ 29.046177][ T404] netdev_state_change+0x157/0x200 [ 29.051261][ T404] ? netdev_features_change+0x140/0x140 [ 29.056773][ T404] ? arch_stack_walk+0x98/0xe0 [ 29.061509][ T404] ? __nla_parse+0x41/0x50 [ 29.065910][ T404] do_setlink+0x2c8/0x3a90 [ 29.070299][ T404] ? __kasan_kmalloc+0x179/0x1b0 [ 29.075221][ T404] ? rtnetlink_event+0x1b0/0x1b0 [ 29.080143][ T404] ? __kasan_kmalloc+0x117/0x1b0 [ 29.085149][ T404] ? kasan_kmalloc+0x9/0x10 [ 29.089626][ T404] ? kmem_cache_alloc_trace+0xe2/0x2f0 [ 29.095053][ T404] ? rtnl_newlink+0xff/0x1d50 [ 29.099698][ T404] ? rtnetlink_rcv_msg+0x936/0xc20 [ 29.104787][ T404] ? netlink_rcv_skb+0x1f0/0x460 [ 29.109704][ T404] ? rtnetlink_rcv+0x1c/0x20 [ 29.114278][ T404] ? netlink_unicast+0x87c/0xa20 [ 29.119201][ T404] ? netlink_sendmsg+0x9a7/0xd40 [ 29.124161][ T404] ? ____sys_sendmsg+0x56f/0x860 [ 29.129137][ T404] ? __sys_sendmsg+0x26a/0x350 [ 29.129143][ T404] ? __x64_sys_sendmsg+0x7f/0x90 [ 29.129155][ T404] ? do_syscall_64+0xc0/0x100 [ 29.143460][ T404] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.149515][ T404] ? __nla_validate_parse+0x18fd/0x2010 [ 29.155088][ T404] ? __nla_validate+0x50/0x50 [ 29.159769][ T404] ? generic_exec_single+0x2bc/0x360 [ 29.165061][ T404] ? flush_tlb_all+0x20/0x20 [ 29.169653][ T404] ? _raw_spin_lock+0xa1/0x170 [ 29.174467][ T404] ? smp_call_function_single+0x440/0x440 [ 29.180230][ T404] rtnl_newlink+0x1240/0x1d50 [ 29.184917][ T404] ? default_send_IPI_single+0x76/0x80 [ 29.190388][ T404] ? rtnl_setlink+0x560/0x560 [ 29.195069][ T404] ? __rcu_read_lock+0x50/0x50 [ 29.199827][ T404] ? __read_once_size_nocheck+0x10/0x10 [ 29.205413][ T404] ? __kasan_check_write+0x14/0x20 [ *[[ 29.210523][ T404] ? mutex_lock+0xa6/0x110 [ 29.216327][ T404] ? mutex_trylock+0xb0/0xb0 [ 29.220913][ T404] ? ns_capable+0x8c/0xe0 [ 29.225285][ T404] ? netlink_net_capable+0x124/0x160 [ 29.230617][ T404] ? rtnl_setlink+0x560/0x560 [ 29.235294][ T404] rtnetlink_rcv_msg+0x936/0xc20 0;1;31m*[0;[ 29.240358][ T404] ? is_bpf_text_address+0x2c8/0x2e0 [ 29.247007][ T404] ? __kernel_text_address+0x9a/0x110 [ 29.252369][ T404] ? rtnetlink_bind+0x80/0x80 31m* ] A st[ 29.257034][ T404] ? arch_stack_walk+0x98/0xe0 [ 29.263166][ T404] ? stack_trace_save+0x111/0x1e0 [ 29.268183][ T404] ? stack_trace_snprint+0x150/0x150 art job is runni[ 29.273462][ T404] ? rhashtable_jhash2+0x1f1/0x330 [ 29.279975][ T404] ? jhash+0x750/0x750 [ 29.284035][ T404] ? rht_key_hashfn+0x157/0x240 ng for dev-ttyS0[ 29.288872][ T404] ? deferred_put_nlk_sk+0x200/0x200 [ 29.295532][ T404] ? __alloc_skb+0x109/0x540 [ 29.300122][ T404] ? jhash+0x750/0x750 .device (25s / 1[ 29.304192][ T404] ? netlink_hash+0xd0/0xd0 [ 29.310081][ T404] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.316140][ T404] ? _local_bh_enable+0x30/0x30 min 30s)[ 29.321027][ T404] ? _raw_spin_lock_bh+0xa4/0x180 [ 29.326719][ T404] ? __rcu_read_lock+0x50/0x50 [ 29.331511][ T404] netlink_rcv_skb+0x1f0/0x460 [ 29.336262][ T404] ? rtnetlink_bind+0x80/0x80 [ 29.340912][ T404] ? netlink_ack+0xaa0/0xaa0 [ 29.345472][ T404] ? netlink_autobind+0x1c0/0x1c0 [ 29.350467][ T404] ? __rcu_read_lock+0x50/0x50 [ 29.355202][ T404] ? selinux_vm_enough_memory+0x160/0x160 [ 29.360896][ T404] rtnetlink_rcv+0x1c/0x20 [ 29.365292][ T404] netlink_unicast+0x87c/0xa20 [ 29.370027][ T404] ? netlink_detachskb+0x60/0x60 [ 29.374935][ T404] ? security_netlink_send+0xab/0xc0 [ 29.380191][ T404] netlink_sendmsg+0x9a7/0xd40 [ 29.384976][ T404] ? netlink_getsockopt+0x900/0x900 [ 29.390234][ T404] ? security_socket_sendmsg+0xad/0xc0 [ 29.395674][ T404] ? netlink_getsockopt+0x900/0x900 [ 29.400844][ T404] ____sys_sendmsg+0x56f/0x860 [ 29.405594][ T404] ? __sys_sendmsg_sock+0x2a0/0x2a0 [ 29.410869][ T404] ? __kasan_check_read+0x11/0x20 [ 29.415981][ T404] ? __kasan_check_read+0x11/0x20 [ 29.420988][ T404] ? __fdget+0x156/0x200 [ 29.425209][ T404] __sys_sendmsg+0x26a/0x350 [ 29.429785][ T404] ? ____sys_sendmsg+0x860/0x860 [ 29.434714][ T404] ? finish_fault+0x230/0x230 [ 29.439375][ T404] ? __up_read+0x6f/0x1b0 [ 29.443677][ T404] ? __down_read+0x240/0x240 [ 29.448243][ T404] ? __kasan_check_read+0x11/0x20 [ 29.453243][ T404] __x64_sys_sendmsg+0x7f/0x90 [ 29.457991][ T404] do_syscall_64+0xc0/0x100 [ 29.462467][ T404] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.468335][ T404] RIP: 0033:0x442189 [ 29.472207][ T404] Code: e8 8c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 29.491801][ T404] RSP: 002b:00007ffe8c37f1f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 29.500195][ T404] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442189 [ 29.508150][ T404] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 29.516094][ T404] RBP: 00007ffe8c37f210 R08: 00000000bb1414ac R09: 00000000bb1414ac [ 29.524038][ T404] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000006fad [ 29.531983][ T404] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 29.540749][ T404] syz-executor413 (404) used greatest stack depth: 20624 bytes left [ 29.541214][ T205] BUG: Bad page state in process systemd-journal pfn:1d06e0 [ 29.556148][ T205] page:ffffea000741b800 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 29.565349][ T205] flags: 0x8000000000000000() [ 29.570002][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 29.578556][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 29.587148][ T205] page dumped because: nonzero _refcount [ 29.592748][ T205] Modules linked in: [ 29.596617][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 29.608044][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 29.618074][ T205] Call Trace: [ 29.621342][ T205] dump_stack+0x1b0/0x228 [ 29.625642][ T205] ? is_module_text_address+0x130/0x130 [ 29.631172][ T205] ? show_regs_print_info+0x18/0x18 [ 29.636353][ T205] bad_page+0x262/0x290 [ 29.640492][ T205] ? _raw_spin_lock+0x170/0x170 [ 29.645324][ T205] ? is_free_buddy_page+0x190/0x190 [ 29.650490][ T205] ? __kasan_check_read+0x11/0x20 [ 29.655482][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 29.660664][ T205] get_page_from_freelist+0x505a/0x57e0 [ 29.666255][ T205] ? __x64_sys_open+0x87/0x90 [ 29.670923][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 29.676443][ T205] ? unwind_next_frame+0x415/0x870 [ 29.681540][ T205] ? __rcu_read_lock+0x50/0x50 [ 29.686282][ T205] ? unwind_next_frame+0x415/0x870 [ 29.691401][ T205] ? 0xffffffffa0130000 [ 29.695564][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 29.701260][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 29.706520][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 29.711515][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 29.716945][ T205] ? stack_trace_snprint+0x150/0x150 [ 29.722202][ T205] ? stack_trace_save+0x111/0x1e0 [ 29.727196][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 29.732710][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 29.737627][ T205] ? kasan_kmalloc+0x9/0x10 [ 29.742099][ T205] ? __kmalloc+0x102/0x310 [ 29.746495][ T205] ? kzalloc+0x26/0x40 [ 29.750544][ T205] ? security_prepare_creds+0x40/0x270 [ 29.755973][ T205] ? prepare_creds+0x295/0x390 [ 29.760715][ T205] ? do_faccessat+0x9d/0x7f0 [ 29.765283][ T205] ? __x64_sys_access+0x5f/0x70 [ 29.770107][ T205] ? do_syscall_64+0xc0/0x100 [ 29.774769][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.780806][ T205] ? __kasan_kmalloc+0x179/0x1b0 [ 29.785712][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 29.790619][ T205] ? kasan_slab_alloc+0xe/0x10 [ 29.795351][ T205] ? kmem_cache_alloc+0x120/0x2b0 [ 29.800346][ T205] ? prepare_creds+0x24/0x390 [ 29.804994][ T205] ? kern_path_locked+0x550/0x550 [ 29.809987][ T205] alloc_slab_page+0x3f/0x390 [ 29.814646][ T205] new_slab+0x98/0x430 [ 29.818686][ T205] ___slab_alloc+0x2e0/0x450 [ 29.823256][ T205] ? __should_failslab+0x90/0x160 [ 29.828249][ T205] ? getname_flags+0xba/0x640 [ 29.832895][ T205] ? kzalloc+0x26/0x40 [ 29.836934][ T205] ? __should_failslab+0x90/0x160 [ 29.841937][ T205] ? getname_flags+0xba/0x640 [ 29.846582][ T205] kmem_cache_alloc+0x203/0x2b0 [ 29.851410][ T205] getname_flags+0xba/0x640 [ 29.855883][ T205] ? __put_user_ns+0x60/0x60 [ 29.860450][ T205] user_path_at_empty+0x2d/0x50 [ 29.865272][ T205] do_faccessat+0x2f3/0x7f0 [ 29.869758][ T205] ? do_syscall_64+0x100/0x100 [ 29.874499][ T205] ? __ia32_sys_fallocate+0x110/0x110 [ 29.879847][ T205] __x64_sys_access+0x5f/0x70 [ 29.884502][ T205] do_syscall_64+0xc0/0x100 [ 29.888976][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 29.894863][ T205] RIP: 0033:0x7effe019b9c7 [ 29.899266][ T205] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 29.918849][ T205] RSP: 002b:00007fffdfb79c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 29.927284][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b9c7 [ 29.935233][ T205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b3620039a3 [ 29.943191][ T205] RBP: 00007fffdfb79dd0 R08: 000055b361ff93e5 R09: 0000000000000018 [ 29.951148][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 29.959108][ T205] R13: 0000000000000000 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 [ **[ 29.970921][ T406] BUG: Bad page state in process syz-executor413 pfn:1d06a8 [ 29.980932][ T406] page:ffffea000741aa00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 29.990104][ T406] flags: 0x8000000000000000() [ 29.994756][ T406] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 30.003309][ T406] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 30.011918][ T406] page dumped because: nonzero _refcount [ 30.018497][ T406] Modules linked in: [ 30.022381][ T406] CPU: 0 PID: 406 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 30.033801][ T406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.043829][ T406] Call Trace: [ 30.047098][ T406] dump_stack+0x1b0/0x228 [ 30.051400][ T406] ? is_module_text_address+0x130/0x130 [ 30.056918][ T406] ? show_regs_print_info+0x18/0x18 [ 30.062132][ T406] bad_page+0x262/0x290 [ 30.066263][ T406] ? __kasan_check_write+0x14/0x20 [ 30.071379][ T406] ? is_free_buddy_page+0x190/0x190 [ 30.076561][ T406] get_page_from_freelist+0x2cce/0x57e0 [ 30.082084][ T406] ? arch_stack_walk+0x98/0xe0 [ 30.086827][ T406] ? stack_trace_save+0x111/0x1e0 [ 30.091821][ T406] ? __alloc_pages_nodemask+0x3010/0x3010 [ 30.097509][ T406] ? stack_trace_snprint+0x150/0x150 [ 30.102777][ T406] __alloc_pages_nodemask+0x44f/0x3010 [ 30.108207][ T406] ? bpf_prog_select_runtime+0x6a1/0x990 [ 30.113811][ T406] ? __vmalloc_node_range+0x2b6/0x760 [ 30.119153][ T406] ? kasan_module_alloc+0x73/0xc0 [ 30.124147][ T406] ? module_alloc+0x9a/0xb0 [ 30.128622][ T406] ? bpf_jit_alloc_exec+0x15/0x20 [ 30.133617][ T406] ? bpf_jit_binary_alloc+0xa0/0x1b0 [ 30.138874][ T406] ? bpf_int_jit_compile+0x68f5/0x73e0 [ 30.144301][ T406] ? bpf_prog_select_runtime+0x6a1/0x990 [ 30.149903][ T406] ? __do_sys_bpf+0x8176/0xbd20 [ 30.154726][ T406] ? alloc_vmap_area+0x1aa7/0x1bb0 [ 30.159810][ T406] ? _raw_spin_unlock+0x9/0x20 [ 30.164557][ T406] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 30.170073][ T406] ? __kasan_check_write+0x14/0x20 [ 30.175178][ T406] ? _raw_spin_lock+0xa1/0x170 [ 30.179971][ T406] ? _raw_spin_trylock_bh+0x190/0x190 [ 30.185347][ T406] ? kasan_kmalloc+0x9/0x10 [ 30.189862][ T406] ? kmem_cache_alloc_trace+0xe2/0x2f0 [ 30.195296][ T406] ? _raw_spin_trylock_bh+0x190/0x190 [ 30.200645][ T406] ? __should_failslab+0x90/0x160 [ 30.205647][ T406] ? kasan_kmalloc+0x9/0x10 [ 30.210138][ T406] ? __kmalloc+0x102/0x310 [ 30.214533][ T406] __vmalloc_node_range+0x393/0x760 [ 30.219705][ T406] kasan_module_alloc+0x73/0xc0 [ 30.224533][ T406] ? module_alloc+0x9a/0xb0 [ 30.229014][ T406] module_alloc+0x9a/0xb0 [ 30.233324][ T406] bpf_jit_alloc_exec+0x15/0x20 [ 30.238144][ T406] bpf_jit_binary_alloc+0xa0/0x1b0 [ 30.243228][ T406] ? bpf_int_jit_compile+0x73e0/0x73e0 [ 30.248680][ T406] bpf_int_jit_compile+0x68f5/0x73e0 [ 30.253970][ T406] ? __do_sys_bpf+0x5d15/0xbd20 [ 30.258802][ T406] ? efi_call+0x90/0x90 [ 30.262969][ T406] ? pcpu_alloc_area+0x7eb/0x940 [ 30.267921][ T406] ? find_next_bit+0xd8/0x120 [ 30.272571][ T406] ? cpumask_next+0x11/0x30 [ 30.277050][ T406] ? __should_failslab+0x90/0x160 [ 30.282045][ T406] ? kasan_kmalloc+0x9/0x10 [ 30.286531][ T406] bpf_prog_select_runtime+0x6a1/0x990 [ 30.291959][ T406] ? memset+0x31/0x40 [ 30.295929][ T406] ? bpf_obj_name_cpy+0x9a9/0x1400 [ 30.301022][ T406] __do_sys_bpf+0x8176/0xbd20 [ 30.305673][ T406] ? wp_page_copy+0xd24/0x10e0 [ 30.310408][ T406] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 30.315924][ T406] ? __rcu_read_lock+0x50/0x50 [ 30.320670][ T406] ? __memcg_kmem_charge_memcg+0x340/0x340 [ 30.326447][ T406] ? __bpf_prog_put_rcu+0x350/0x350 [ 30.331625][ T406] ? get_mem_cgroup_from_mm+0x2b2/0x330 [ 30.337148][ T406] ? mem_cgroup_from_task+0x60/0x60 [ 30.342339][ T406] ? __kasan_check_read+0x11/0x20 [ 30.347334][ T406] ? __lru_cache_add+0x1ae/0x200 [ 30.352294][ T406] ? lru_cache_add_active_or_unevictable+0xa6/0x120 [ 30.358876][ T406] ? _raw_spin_unlock+0x9/0x20 [ 30.363636][ T406] ? handle_mm_fault+0xb2f/0x41c0 [ 30.368689][ T406] ? alloc_file+0x84/0x4b0 [ 30.373098][ T406] ? finish_fault+0x230/0x230 [ 30.377775][ T406] ? __kasan_check_write+0x14/0x20 [ 30.382861][ T406] ? __up_read+0x6f/0x1b0 [ 30.387166][ T406] ? __down_read+0x240/0x240 [ 30.391738][ T406] __x64_sys_bpf+0x7a/0x90 [ 30.396132][ T406] do_syscall_64+0xc0/0x100 [ 30.400622][ T406] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.406494][ T406] RIP: 0033:0x442189 [ 30.410366][ T406] Code: e8 8c 07 03 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 [ 30.429946][ T406] RSP: 002b:00007ffe8c37f1f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 30.438364][ T406] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000442189 [ 30.446326][ T406] RDX: 0000000000000070 RSI: 0000000020000180 RDI: 0000000000000005 [ 30.454292][ T406] RBP: 00007ffe8c37f210 R08: 00000000bb1414ac R09: 00000000bb1414ac [ 30.462244][ T406] R10: 0000000000000004 R11: 0000000000000246 R12: 00000000000074f6 [ 30.470201][ T406] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 * ] A start job is running f[ 30.479727][ T205] BUG: Bad page state in process systemd-journal pfn:1d05a8 [ 30.488397][ T205] page:ffffea0007416a00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 or dev-ttyS0.dev[ 30.497597][ T205] flags: 0x8000000000000000() [ 30.503650][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 30.512237][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 30.520793][ T205] page dumped because: nonzero _refcount [ 30.526408][ T205] Modules linked in: [ 30.530279][ T205] CPU: 1 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 30.541721][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.551839][ T205] Call Trace: [ 30.555142][ T205] dump_stack+0x1b0/0x228 [ 30.559494][ T205] ? is_module_text_address+0x130/0x130 [ 30.565013][ T205] ? show_regs_print_info+0x18/0x18 [ 30.570227][ T205] bad_page+0x262/0x290 [ 30.574364][ T205] ? _raw_spin_lock+0x170/0x170 [ 30.579189][ T205] ? is_free_buddy_page+0x190/0x190 [ 30.584361][ T205] ? __kasan_check_read+0x11/0x20 [ 30.589358][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 30.594529][ T205] get_page_from_freelist+0x505a/0x57e0 [ 30.600061][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 30.605592][ T205] ? __rcu_read_lock+0x50/0x50 [ 30.610346][ T205] ? unwind_next_frame+0x415/0x870 [ 30.615431][ T205] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 30.621385][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 30.626653][ T205] ? unwind_get_return_address+0x4c/0x90 [ 30.632268][ T205] ? arch_stack_walk+0x98/0xe0 [ 30.637011][ T205] ? stack_trace_save+0x111/0x1e0 [ 30.642015][ T205] ? stack_trace_snprint+0x150/0x150 [ 30.647272][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 30.652959][ T205] ? __kasan_slab_free+0x1e2/0x220 [ 30.658043][ T205] ? __kasan_slab_free+0x168/0x220 [ 30.663142][ T205] ? kasan_slab_free+0xe/0x10 [ 30.667793][ T205] ? filename_parentat+0x6fd/0x840 [ 30.672874][ T205] ? filename_create+0xbe/0x6f0 [ 30.677697][ T205] ? do_mkdirat+0xac/0x300 [ 30.682083][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 30.687516][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 30.692771][ T205] ? security_inode_permission+0xed/0x130 [ 30.698464][ T205] ? link_path_walk+0x13c4/0x1500 [ 30.703462][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 30.708977][ T205] ? kasan_slab_free+0xe/0x10 [ 30.713623][ T205] ? kmem_cache_free+0x181/0x7a0 [ 30.718544][ T205] ? terminate_walk+0x354/0x520 [ 30.723364][ T205] ? filename_parentat+0x6fd/0x840 [ 30.728468][ T205] ? __seccomp_filter+0xc57/0x1890 [ 30.733580][ T205] alloc_slab_page+0x3f/0x390 [ 30.738234][ T205] new_slab+0x98/0x430 [ 30.742279][ T205] ___slab_alloc+0x2e0/0x450 [ 30.746848][ T205] ? getname_flags+0xba/0x640 [ 30.751513][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 30.757470][ T205] ? __should_failslab+0x90/0x160 [ 30.762478][ T205] ? getname_flags+0xba/0x640 [ 30.767129][ T205] kmem_cache_alloc+0x203/0x2b0 [ 30.771964][ T205] getname_flags+0xba/0x640 [ 30.776439][ T205] getname+0x19/0x20 [ 30.780306][ T205] do_sys_open+0x32a/0x7a0 [ 30.784695][ T205] ? __kasan_check_read+0x11/0x20 [ 30.789693][ T205] ? file_open_root+0x440/0x440 [ 30.794516][ T205] __x64_sys_open+0x87/0x90 [ 30.798992][ T205] do_syscall_64+0xc0/0x100 [ 30.803466][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 30.809342][ T205] RIP: 0033:0x7effe046f840 [ 30.813741][ T205] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 [ 30.833319][ T205] RSP: 002b:00007fffdfb798f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 30.841702][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb79c00 RCX: 00007effe046f840 [ 30.849648][ T205] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 000055b3631d7860 [ 30.857593][ T205] RBP: 000000000000000d R08: 000000000000ffc0 R09: 00000000ffffffff [ 30.865535][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 30.873489][ T205] R13: 000055b3631ca060 R14: 00007fffdfb79bc0 R15: 000055b3631d7680 ice (25s / 1min 30s)[ 30.887961][ T409] BUG: Bad page state in process syz-executor413 pfn:1d06e8 [ 30.888910][ T205] BUG: Bad page state in process systemd-journal pfn:1c2da8 [ 30.902683][ T205] page:ffffea00070b6a00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 30.911879][ T205] flags: 0x8000000000000000() [ 30.916527][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 30.925081][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 30.933630][ T205] page dumped because: nonzero _refcount [ 30.939229][ T205] Modules linked in: [ 30.943103][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 30.954525][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 30.964564][ T205] Call Trace: [ 30.967849][ T205] dump_stack+0x1b0/0x228 [ 30.972163][ T205] ? is_module_text_address+0x130/0x130 [ 30.977683][ T205] ? show_regs_print_info+0x18/0x18 [ 30.982853][ T205] bad_page+0x262/0x290 [ 30.986987][ T205] ? _raw_spin_lock+0x170/0x170 [ 30.991815][ T205] ? is_free_buddy_page+0x190/0x190 [ 30.996997][ T205] ? __kasan_check_read+0x11/0x20 [ 31.002006][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 31.007237][ T205] get_page_from_freelist+0x505a/0x57e0 [ 31.012767][ T205] ? __x64_sys_open+0x87/0x90 [ 31.017429][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 31.022949][ T205] ? unwind_next_frame+0x415/0x870 [ 31.028034][ T205] ? __rcu_read_lock+0x50/0x50 [ 31.032768][ T205] ? unwind_next_frame+0x415/0x870 [ 31.037852][ T205] ? 0xffffffffa0150000 [ 31.041992][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 31.047682][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 31.052940][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 31.057937][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 31.063370][ T205] ? stack_trace_snprint+0x150/0x150 [ 31.068626][ T205] ? stack_trace_save+0x111/0x1e0 [ 31.073633][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 31.079165][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 31.084077][ T205] ? kasan_kmalloc+0x9/0x10 [ 31.088550][ T205] ? __kmalloc+0x102/0x310 [ 31.092948][ T205] ? kzalloc+0x26/0x40 [ 31.096988][ T205] ? security_prepare_creds+0x40/0x270 [ 31.102468][ T205] ? prepare_creds+0x295/0x390 [ 31.107246][ T205] ? do_faccessat+0x9d/0x7f0 [ 31.111807][ T205] ? __x64_sys_access+0x5f/0x70 [ 31.116630][ T205] ? do_syscall_64+0xc0/0x100 [ 31.121276][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.127310][ T205] ? __kasan_kmalloc+0x179/0x1b0 [ 31.132232][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 31.137138][ T205] ? kasan_slab_alloc+0xe/0x10 [ 31.141875][ T205] ? kmem_cache_alloc+0x120/0x2b0 [ 31.146878][ T205] ? prepare_creds+0x24/0x390 [ 31.151527][ T205] alloc_slab_page+0x3f/0x390 [ 31.156173][ T205] new_slab+0x98/0x430 [ 31.160221][ T205] ? kasan_init_slab_obj+0x24/0x30 [ 31.165302][ T205] ___slab_alloc+0x2e0/0x450 [ 31.169862][ T205] ? __should_failslab+0x90/0x160 [ 31.174851][ T205] ? getname_flags+0xba/0x640 [ 31.179510][ T205] ? kzalloc+0x26/0x40 [ 31.183560][ T205] ? __should_failslab+0x90/0x160 [ 31.188555][ T205] ? getname_flags+0xba/0x640 [ 31.193202][ T205] kmem_cache_alloc+0x203/0x2b0 [ 31.198028][ T205] getname_flags+0xba/0x640 [ 31.202516][ T205] ? __put_user_ns+0x60/0x60 [ 31.207083][ T205] user_path_at_empty+0x2d/0x50 [ 31.211905][ T205] do_faccessat+0x2f3/0x7f0 [ 31.216381][ T205] ? do_syscall_64+0x100/0x100 [ 31.221125][ T205] ? __ia32_sys_fallocate+0x110/0x110 [ 31.226470][ T205] __x64_sys_access+0x5f/0x70 [ 31.231117][ T205] do_syscall_64+0xc0/0x100 [ 31.235593][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.241479][ T205] RIP: 0033:0x7effe019b9c7 [ 31.245868][ T205] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 31.265445][ T205] RSP: 002b:00007fffdfb79c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 31.273833][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b9c7 [ 31.281779][ T205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b3620039a3 [ 31.289728][ T205] RBP: 00007fffdfb79dd0 R08: 000055b361ff93e5 R09: 0000000000000018 [ 31.297670][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 31.305628][ T205] R13: 0000000000000000 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 [ 31.313603][ T205] BUG: Bad page state in process systemd-journal pfn:1d0080 [ 31.320946][ T205] page:ffffea0007402000 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 31.330120][ T205] flags: 0x8000000000000000() [ 31.334769][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 31.343332][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 31.351881][ T205] page dumped because: nonzero _refcount [ 31.357481][ T205] Modules linked in: [ 31.361353][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 31.372778][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 31.382804][ T205] Call Trace: [ 31.386070][ T205] dump_stack+0x1b0/0x228 [ 31.390370][ T205] ? is_module_text_address+0x130/0x130 [ 31.395883][ T205] ? show_regs_print_info+0x18/0x18 [ 31.401051][ T205] bad_page+0x262/0x290 [ 31.405188][ T205] ? _raw_spin_lock+0x170/0x170 [ 31.410007][ T205] ? is_free_buddy_page+0x190/0x190 [ 31.415173][ T205] ? __kasan_check_read+0x11/0x20 [ 31.420171][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 31.425353][ T205] get_page_from_freelist+0x505a/0x57e0 [ 31.430874][ T205] ? __x64_sys_open+0x87/0x90 [ 31.435525][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 31.441038][ T205] ? unwind_next_frame+0x415/0x870 [ 31.446149][ T205] ? __rcu_read_lock+0x50/0x50 [ 31.450886][ T205] ? unwind_next_frame+0x415/0x870 [ 31.455967][ T205] ? 0xffffffffa0150000 [ 31.460092][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 31.465789][ T205] ? is_bpf_text_address+0x2c8/0x2e0 [ 31.471056][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 31.476060][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 31.481492][ T205] ? stack_trace_snprint+0x150/0x150 [ 31.486744][ T205] ? stack_trace_save+0x111/0x1e0 [ 31.491736][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 31.497252][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 31.502155][ T205] ? kasan_kmalloc+0x9/0x10 [ 31.506642][ T205] ? __kmalloc+0x102/0x310 [ 31.511037][ T205] ? kzalloc+0x26/0x40 [ 31.515082][ T205] ? security_prepare_creds+0x40/0x270 [ 31.520513][ T205] ? prepare_creds+0x295/0x390 [ 31.525249][ T205] ? do_faccessat+0x9d/0x7f0 [ 31.529808][ T205] ? __x64_sys_access+0x5f/0x70 [ 31.534629][ T205] ? do_syscall_64+0xc0/0x100 [ 31.539281][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.545329][ T205] ? __kasan_kmalloc+0x179/0x1b0 [ 31.550279][ T205] ? __kasan_kmalloc+0x117/0x1b0 [ 31.555203][ T205] ? kasan_slab_alloc+0xe/0x10 [ 31.559943][ T205] ? kmem_cache_alloc+0x120/0x2b0 [ 31.564990][ T205] ? prepare_creds+0x24/0x390 [ 31.569648][ T205] alloc_slab_page+0x3f/0x390 [ 31.574302][ T205] new_slab+0x98/0x430 [ 31.578384][ T205] ? kasan_init_slab_obj+0x24/0x30 [ 31.583479][ T205] ___slab_alloc+0x2e0/0x450 [ 31.588054][ T205] ? __should_failslab+0x90/0x160 [ 31.593047][ T205] ? getname_flags+0xba/0x640 [ 31.597697][ T205] ? kzalloc+0x26/0x40 [ 31.601736][ T205] ? __should_failslab+0x90/0x160 [ 31.606742][ T205] ? getname_flags+0xba/0x640 [ 31.611394][ T205] kmem_cache_alloc+0x203/0x2b0 [ 31.616216][ T205] getname_flags+0xba/0x640 [ 31.620704][ T205] ? __put_user_ns+0x60/0x60 [ 31.625263][ T205] user_path_at_empty+0x2d/0x50 [ 31.630086][ T205] do_faccessat+0x2f3/0x7f0 [ 31.634568][ T205] ? do_syscall_64+0x100/0x100 [ 31.639303][ T205] ? __ia32_sys_fallocate+0x110/0x110 [ 31.644733][ T205] __x64_sys_access+0x5f/0x70 [ 31.649380][ T205] do_syscall_64+0xc0/0x100 [ 31.653867][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.659735][ T205] RIP: 0033:0x7effe019b9c7 [ 31.664126][ T205] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 31.683704][ T205] RSP: 002b:00007fffdfb79c88 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 31.692090][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b9c7 [ 31.700039][ T205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000055b3620039a3 [ 31.707998][ T205] RBP: 00007fffdfb79dd0 R08: 000055b361ff93e5 R09: 0000000000000018 [ 31.715943][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 31.723892][ T205] R13: 0000000000000000 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 [ *[ 31.732844][ T409] page:ffffea000741ba00 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 *[[ 31.745349][ T409] flags: 0x8000000000010200(slab|head) [ 31.745950][ T205] BUG: Bad page state in process systemd-journal pfn:1d0048 0;31m*] A st[ 31.751800][ T409] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 31.758848][ T205] page:ffffea0007401200 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 31.758853][ T205] flags: 0x8000000000000000() art job is runni[ 31.758861][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 31.758869][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 31.758872][ T205] page dumped because: nonzero _refcount ng for dev-ttyS0[ 31.758874][ T205] Modules linked in: [ 31.758885][ T205] CPU: 1 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 31.758889][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 .device (27s / 1[ 31.758891][ T205] Call Trace: min 30s)[ 31.758904][ T205] dump_stack+0x1b0/0x228 [ 31.758914][ T205] ? is_module_text_address+0x130/0x130 [ 31.758922][ T205] ? show_regs_print_info+0x18/0x18 [ 31.758931][ T205] bad_page+0x262/0x290 [ 31.758940][ T205] ? _raw_spin_lock+0x170/0x170 [ 31.758947][ T205] ? is_free_buddy_page+0x190/0x190 [ 31.758954][ T205] ? __kasan_check_read+0x11/0x20 [ 31.758961][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 31.758968][ T205] get_page_from_freelist+0x505a/0x57e0 [ 31.758979][ T205] ? unwind_next_frame+0x415/0x870 [ 31.758992][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 31.759003][ T205] ? unwind_next_frame+0x415/0x870 [ 31.778537][ T409] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 31.782788][ T205] ? __rcu_read_lock+0x50/0x50 [ 31.782796][ T205] ? unwind_next_frame+0x415/0x870 [ 31.782803][ T205] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 31.782812][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 31.782818][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 31.782826][ T205] ? __kernel_text_address+0x9a/0x110 [ 31.782834][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 31.782842][ T205] ? stack_trace_save+0x111/0x1e0 [ 31.782849][ T205] ? stack_trace_snprint+0x150/0x150 [ 31.782859][ T205] ? security_cred_free+0xbf/0x100 [ 31.782867][ T205] ? put_cred_rcu+0x1f9/0x250 [ 31.782874][ T205] ? __kasan_slab_free+0x1e2/0x220 [ 31.782880][ T205] ? __kasan_slab_free+0x168/0x220 [ 31.782887][ T205] ? kasan_slab_free+0xe/0x10 [ 31.782893][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 31.782901][ T205] ? do_faccessat+0x682/0x7f0 [ 31.782908][ T205] ? __x64_sys_access+0x5f/0x70 [ 31.782915][ T205] ? do_syscall_64+0xc0/0x100 [ 31.782921][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.782929][ T205] ? __seccomp_filter+0xc57/0x1890 [ 31.782942][ T205] ? kmem_cache_free+0x181/0x7a0 [ 31.801413][ T409] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 31.806994][ T205] ? __kasan_check_write+0x14/0x20 [ 31.807005][ T205] ? refcount_dec_not_one+0x158/0x1e0 [ 31.807014][ T205] alloc_slab_page+0x3f/0x390 [ 31.807024][ T205] new_slab+0x98/0x430 [ 31.807032][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 31.807039][ T205] ? free_uid+0x6a/0x1e0 [ 31.807047][ T205] ___slab_alloc+0x2e0/0x450 [ 31.807054][ T205] ? kasan_slab_free+0xe/0x10 [ 31.807060][ T205] ? getname_flags+0xba/0x640 [ 31.807066][ T205] ? find_user+0x120/0x120 [ 31.807073][ T205] ? __should_failslab+0x90/0x160 [ 31.807079][ T205] ? getname_flags+0xba/0x640 [ 31.807087][ T205] kmem_cache_alloc+0x203/0x2b0 [ 31.807093][ T205] getname_flags+0xba/0x640 [ 31.807098][ T205] ? __kasan_check_read+0x11/0x20 [ 31.807105][ T205] do_mkdirat+0x8f/0x300 [ 31.807113][ T205] ? do_syscall_64+0x100/0x100 [ 31.807119][ T205] ? vfs_mkdir+0x30/0x30 [ 31.807130][ T205] __x64_sys_mkdir+0x60/0x70 [ 31.824126][ T409] bad because of flags: 0x200(slab) [ 31.833779][ T205] do_syscall_64+0xc0/0x100 [ 31.833788][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 31.833795][ T205] RIP: 0033:0x7effe019b687 [ 31.833804][ T205] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 31.833807][ T205] RSP: 002b:00007fffdfb79d98 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 31.833814][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b687 [ 31.833818][ T205] RDX: 00007effe0c0ca00 RSI: 00000000000001ed RDI: 000055b3631cd8c0 [ 31.833821][ T205] RBP: 00007fffdfb79dd0 R08: 0000000000000000 R09: 0000000000000000 [ 31.833825][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 31.833829][ T205] R13: 0000000000000000 R14: 00007fffdfb7ccb0 R15: 00007fffdfb7a2c0 [ 31.919395][ T412] BUG: Bad page state in process syz-executor413 pfn:1cfc50 [ 31.930159][ T409] Modules linked in: [ 31.936571][ T412] page:ffffea00073f1400 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 31.951256][ T409] CPU: 0 PID: 409 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 32.234067][ T409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.244096][ T409] Call Trace: [ 32.247365][ T409] dump_stack+0x1b0/0x228 [ 32.251672][ T409] ? is_module_text_address+0x130/0x130 [ 32.257190][ T409] ? show_regs_print_info+0x18/0x18 [ 32.262362][ T409] bad_page+0x262/0x290 [ 32.266488][ T409] ? is_free_buddy_page+0x190/0x190 [ 32.271669][ T409] __free_pages_ok+0x759/0xd80 [ 32.276404][ T409] ? __kasan_check_read+0x11/0x20 [ 32.281400][ T409] ? set_pageblock_migratetype+0x150/0x150 [ 32.287178][ T409] free_compound_page+0x67/0x90 [ 32.292001][ T409] __put_page+0xf7/0x120 [ 32.296231][ T409] do_exit+0x1d53/0x26f0 [ 32.300461][ T409] ? mm_update_next_owner+0x5f0/0x5f0 [ 32.305827][ T409] ? do_user_addr_fault+0x6b7/0xb50 [ 32.311004][ T409] do_group_exit+0x153/0x2a0 [ 32.315572][ T409] __do_sys_exit_group+0x17/0x20 [ 32.320481][ T409] __se_sys_exit_group+0x14/0x20 [ 32.325391][ T409] __x64_sys_exit_group+0x3b/0x40 [ 32.330385][ T409] do_syscall_64+0xc0/0x100 [ 32.334863][ T409] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 32.340729][ T409] RIP: 0033:0x440d38 [ 32.344607][ T409] Code: Bad RIP value. [ 32.348654][ T409] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 32.357044][ T409] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 32.364997][ T409] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 32.372949][ T409] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 32.380894][ T409] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 32.388838][ T409] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 32.397797][ T412] flags: 0x8000000000010200(slab|head) [ *[0[ 32.403816][ T412] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 ;1;31m*] A s[ 32.413787][ T412] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 tart job is runn[ 32.423757][ T412] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set ing for dev-ttyS[ 32.432437][ T412] bad because of flags: 0x200(slab) 0.device (28s / [ 32.438885][ T412] Modules linked in: 1min 30s)[ 32.444364][ T412] CPU: 0 PID: 412 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 32.456337][ T412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.466371][ T412] Call Trace: [ 32.469638][ T412] dump_stack+0x1b0/0x228 [ 32.473945][ T412] ? is_module_text_address+0x130/0x130 [ 32.479481][ T412] ? show_regs_print_info+0x18/0x18 [ 32.484670][ T412] bad_page+0x262/0x290 [ 32.488806][ T412] ? is_free_buddy_page+0x190/0x190 [ 32.493984][ T412] __free_pages_ok+0x759/0xd80 [ 32.498739][ T412] ? __kasan_check_read+0x11/0x20 [ 32.503741][ T412] ? set_pageblock_migratetype+0x150/0x150 [ 32.509540][ T412] free_compound_page+0x67/0x90 [ 32.514373][ T412] __put_page+0xf7/0x120 [ 32.518600][ T412] do_exit+0x1d53/0x26f0 [ 32.522818][ T412] ? mm_update_next_owner+0x5f0/0x5f0 [ 32.528171][ T412] ? do_user_addr_fault+0x6b7/0xb50 [ 32.533360][ T412] do_group_exit+0x153/0x2a0 [ 32.537925][ T412] __do_sys_exit_group+0x17/0x20 [ 32.542834][ T412] __se_sys_exit_group+0x14/0x20 [ 32.547751][ T412] __x64_sys_exit_group+0x3b/0x40 [ 32.552748][ T412] do_syscall_64+0xc0/0x100 [ 32.557224][ T412] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 32.563098][ T412] RIP: 0033:0x440d38 [ 32.566982][ T412] Code: Bad RIP value. [ 32.571028][ T412] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 32.579428][ T412] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 32.587377][ T412] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 32.595326][ T412] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 32.603273][ T412] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 32.611231][ T412] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 32.620578][ T413] BUG: Bad page state in process syz-executor413 pfn:1cf230 [ 32.628319][ T413] page:ffffea00073c8c00 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 32.639532][ T413] flags: 0x8000000000010200(slab|head) [ 32.645182][ T413] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 32.654072][ T413] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 32.654091][ T389] BUG: Bad page state in process syz-executor413 pfn:1d0738 [ 32.662834][ T413] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 32.670000][ T389] page:ffffea000741ce00 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 32.670005][ T389] flags: 0x8000000000000000() [ 32.670018][ T389] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 32.677538][ T413] bad because of flags: 0x200(slab) [ 32.686438][ T389] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 32.686441][ T389] page dumped because: nonzero _refcount [ 32.686443][ T389] Modules linked in: [ 32.686458][ T389] CPU: 1 PID: 389 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 32.691406][ T413] Modules linked in: [ 32.699656][ T389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 32.699660][ T389] Call Trace: [ 32.699673][ T389] dump_stack+0x1b0/0x228 [ 32.699687][ T389] ? is_module_text_address+0x130/0x130 [ 32.761286][ T389] ? show_regs_print_info+0x18/0x18 [ 32.766455][ T389] bad_page+0x262/0x290 [ 32.770587][ T389] ? _raw_spin_lock+0x170/0x170 [ 32.775408][ T389] ? is_free_buddy_page+0x190/0x190 [ 32.780573][ T389] ? __kasan_check_read+0x11/0x20 [ 32.785565][ T389] ? __zone_watermark_ok+0x9b/0x270 [ 32.790738][ T389] get_page_from_freelist+0x505a/0x57e0 [ 32.796256][ T389] ? 0xffffffffa0128000 [ 32.800392][ T389] ? is_bpf_text_address+0x2c8/0x2e0 [ 32.805644][ T389] ? stack_trace_save+0x1e0/0x1e0 [ 32.810638][ T389] ? __kernel_text_address+0x9a/0x110 [ 32.815980][ T389] ? unwind_get_return_address+0x4c/0x90 [ 32.821581][ T389] ? arch_stack_walk+0x98/0xe0 [ 32.826312][ T389] ? stack_trace_save+0x111/0x1e0 [ 32.831302][ T389] ? __alloc_pages_nodemask+0x3010/0x3010 [ 32.836991][ T389] ? stack_trace_snprint+0x150/0x150 [ 32.842516][ T389] __alloc_pages_nodemask+0x44f/0x3010 [ 32.848040][ T389] ? __kasan_kmalloc+0x179/0x1b0 [ 32.852982][ T389] ? kasan_slab_alloc+0xe/0x10 [ 32.857776][ T389] ? kmem_cache_alloc+0x120/0x2b0 [ 32.862770][ T389] ? copy_process+0x59b/0x52d0 [ 32.867522][ T389] ? _do_fork+0x185/0x950 [ 32.871825][ T389] ? __x64_sys_clone+0x247/0x2b0 [ 32.876748][ T389] ? do_syscall_64+0xc0/0x100 [ 32.881395][ T389] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 32.887442][ T389] ? wait_consider_task+0x193f/0x2790 [ 32.892956][ T389] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 32.898479][ T389] ? __kasan_check_write+0x14/0x20 [ 32.903557][ T389] ? copy_process+0x59b/0x52d0 [ 32.908290][ T389] ? kasan_slab_alloc+0xe/0x10 [ 32.913022][ T389] copy_process+0x5eb/0x52d0 [ 32.917593][ T389] ? kernel_wait4+0x380/0x380 [ 32.922249][ T389] ? fork_idle+0x290/0x290 [ 32.926649][ T389] ? put_pid+0x89/0xe0 [ 32.930733][ T389] ? __ia32_sys_waitid+0xd0/0xd0 [ 32.935644][ T389] ? do_nanosleep+0x58b/0x6b0 [ 32.940309][ T389] _do_fork+0x185/0x950 [ 32.944448][ T389] ? dup_mm+0x330/0x330 [ 32.948584][ T389] ? __x64_sys_wait4+0x168/0x1c0 [ 32.953493][ T389] ? do_wait+0x890/0x890 [ 32.957755][ T389] __x64_sys_clone+0x247/0x2b0 [ 32.962527][ T389] ? __ia32_sys_vfork+0x110/0x110 [ 32.967529][ T389] ? syscall_return_slowpath+0x6f/0x500 [ 32.973045][ T389] do_syscall_64+0xc0/0x100 [ 32.977521][ T389] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 32.983382][ T389] RIP: 0033:0x440a8a [ 32.987511][ T389] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 33.007097][ T389] RSP: 002b:00007ffe8c37f1d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 33.015493][ T389] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440a8a [ 33.023439][ T389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 33.031385][ T389] RBP: 00007ffe8c37f1f0 R08: 0000000000000001 R09: 0000000000fd5880 [ 33.039330][ T389] R10: 0000000000fd5b50 R11: 0000000000000246 R12: 0000000000000001 [ 33.047274][ T389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 33.055612][ T413] CPU: 0 PID: 413 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 33.067061][ T413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.077113][ T413] Call Trace: [ 33.080383][ T413] dump_stack+0x1b0/0x228 [ 33.084687][ T413] ? is_module_text_address+0x130/0x130 [ 33.090207][ T413] ? show_regs_print_info+0x18/0x18 [ 33.095395][ T413] bad_page+0x262/0x290 [ 33.099525][ T413] ? is_free_buddy_page+0x190/0x190 [ 33.104700][ T413] __free_pages_ok+0x759/0xd80 [ 33.109438][ T413] ? __kasan_check_read+0x11/0x20 [ 33.114435][ T413] ? set_pageblock_migratetype+0x150/0x150 [ 33.120227][ T413] free_compound_page+0x67/0x90 [ 33.125067][ T413] __put_page+0xf7/0x120 [ 33.129287][ T413] do_exit+0x1d53/0x26f0 [ 33.133510][ T413] ? mm_update_next_owner+0x5f0/0x5f0 [ 33.138859][ T413] ? do_user_addr_fault+0x6b7/0xb50 [ 33.144034][ T413] do_group_exit+0x153/0x2a0 [ 33.148604][ T413] __do_sys_exit_group+0x17/0x20 [ 33.153517][ T413] __se_sys_exit_group+0x14/0x20 [ 33.158428][ T413] __x64_sys_exit_group+0x3b/0x40 [ 33.163425][ T413] do_syscall_64+0xc0/0x100 [ 33.167913][ T413] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 33.173790][ T413] RIP: 0033:0x440d38 [ 33.177667][ T413] Code: Bad RIP value. [ 33.181723][ T413] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 33.190120][ T413] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 33.198075][ T413] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 33.206028][ T413] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 33.213977][ T413] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 33.221925][ T413] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ *] A start job [ 33.232508][ T205] BUG: Bad page state in process systemd-journal pfn:1ced58 [ 33.240720][ T205] page:ffffea00073b5600 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 33.249888][ T205] flags: 0x8000000000000000() [ 33.254554][ T205] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 33.263109][ T205] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 33.274268][ T205] page dumped because: nonzero _refcount [ 33.279869][ T205] Modules linked in: [ 33.283748][ T205] CPU: 1 PID: 205 Comm: systemd-journal Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 33.295164][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.305201][ T205] Call Trace: [ 33.308481][ T205] dump_stack+0x1b0/0x228 [ 33.312786][ T205] ? is_module_text_address+0x130/0x130 [ 33.318303][ T205] ? show_regs_print_info+0x18/0x18 [ 33.323484][ T205] bad_page+0x262/0x290 [ 33.327612][ T205] ? _raw_spin_lock+0x170/0x170 [ 33.332434][ T205] ? is_free_buddy_page+0x190/0x190 [ 33.337614][ T205] ? __kasan_check_read+0x11/0x20 [ 33.342617][ T205] ? __zone_watermark_ok+0x9b/0x270 [ 33.347787][ T205] get_page_from_freelist+0x505a/0x57e0 [ 33.353322][ T205] ? unwind_next_frame+0x415/0x870 [ 33.358416][ T205] ? __read_once_size_nocheck+0x10/0x10 [ 33.363946][ T205] ? unwind_next_frame+0x415/0x870 [ 33.369030][ T205] ? __rcu_read_lock+0x50/0x50 [ 33.373766][ T205] ? unwind_next_frame+0x415/0x870 [ 33.378848][ T205] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 33.384802][ T205] ? __alloc_pages_nodemask+0x3010/0x3010 [ 33.390503][ T205] ? stack_trace_save+0x1e0/0x1e0 [ 33.395504][ T205] ? __kernel_text_address+0x9a/0x110 [ 33.400845][ T205] __alloc_pages_nodemask+0x44f/0x3010 [ 33.406278][ T205] ? stack_trace_save+0x111/0x1e0 [ 33.411273][ T205] ? stack_trace_snprint+0x150/0x150 [ 33.416531][ T205] ? security_cred_free+0xbf/0x100 [ 33.421645][ T205] ? put_cred_rcu+0x1f9/0x250 [ 33.426298][ T205] ? __kasan_slab_free+0x1e2/0x220 [ 33.431381][ T205] ? __kasan_slab_free+0x168/0x220 [ 33.436465][ T205] ? kasan_slab_free+0xe/0x10 [ 33.441118][ T205] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 33.446639][ T205] ? do_faccessat+0x682/0x7f0 [ 33.451290][ T205] ? __x64_sys_access+0x5f/0x70 [ 33.456111][ T205] ? do_syscall_64+0xc0/0x100 [ 33.460759][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 33.466803][ T205] ? __seccomp_filter+0xc57/0x1890 [ 33.471886][ T205] ? kmem_cache_free+0x181/0x7a0 [ 33.476797][ T205] ? __kasan_check_write+0x14/0x20 [ 33.481884][ T205] ? refcount_dec_not_one+0x158/0x1e0 [ 33.487226][ T205] alloc_slab_page+0x3f/0x390 [ 33.491878][ T205] new_slab+0x98/0x430 [ 33.495931][ T205] ? refcount_dec_and_lock_irqsave+0x2d/0xd0 [ 33.501905][ T205] ? free_uid+0x6a/0x1e0 [ 33.506119][ T205] ___slab_alloc+0x2e0/0x450 [ 33.510682][ T205] ? kasan_slab_free+0xe/0x10 [ 33.515328][ T205] ? getname_flags+0xba/0x640 [ 33.519975][ T205] ? find_user+0x120/0x120 [ 33.524364][ T205] ? __should_failslab+0x90/0x160 [ 33.529370][ T205] ? getname_flags+0xba/0x640 [ 33.534039][ T205] kmem_cache_alloc+0x203/0x2b0 [ 33.538879][ T205] getname_flags+0xba/0x640 [ 33.543379][ T205] ? __kasan_check_read+0x11/0x20 [ 33.548378][ T205] do_mkdirat+0x8f/0x300 [ 33.552692][ T205] ? do_syscall_64+0x100/0x100 [ 33.557430][ T205] ? vfs_mkdir+0x30/0x30 [ 33.561659][ T205] __x64_sys_mkdir+0x60/0x70 [ 33.566235][ T205] do_syscall_64+0xc0/0x100 [ 33.570721][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 33.576587][ T205] RIP: 0033:0x7effe019b687 [ 33.586532][ T205] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 33.606110][ T205] RSP: 002b:00007fffdfb79c48 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 33.614536][ T205] RAX: ffffffffffffffda RBX: 00007fffdfb7ccb0 RCX: 00007effe019b687 [ 33.622532][ T205] RDX: 0000000000000000 RSI: 00000000000001ed RDI: 000055b3631cd8c0 [ 33.630497][ T205] RBP: 00007fffdfb79c80 R08: 000055b361ff93e5 R09: 0000000000000018 [ 33.638447][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 33.646398][ T205] R13: 0000000000000001 R14: 000055b3631cd8c0 R15: 00007fffdfb7a2c0 is running for dev-ttyS0.device (29s / 1min 30s)[ 33.660556][ T416] BUG: Bad page state in process syz-executor413 pfn:1ced80 [ 33.667936][ T416] page:ffffea00073b6000 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 33.678924][ T416] flags: 0x8000000000010200(slab|head) [ 33.684794][ T416] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 33.685542][ T389] BUG: Bad page state in process syz-executor413 pfn:1cefd8 [ 33.694637][ T416] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 33.701938][ T389] page:ffffea00073bf600 refcount:-1 mapcount:0 mapping:0000000000000000 index:0x0 [ 33.701943][ T389] flags: 0x8000000000000000() [ 33.701953][ T389] raw: 8000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 33.710539][ T416] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 33.719685][ T389] raw: 0000000000000000 0000000000000000 ffffffffffffffff 0000000000000000 [ 33.719688][ T389] page dumped because: nonzero _refcount [ 33.719690][ T389] Modules linked in: [ 33.719705][ T389] CPU: 0 PID: 389 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 33.724352][ T416] bad because of flags: 0x200(slab) [ 33.732984][ T389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 33.732987][ T389] Call Trace: [ 33.733001][ T389] dump_stack+0x1b0/0x228 [ 33.733014][ T389] ? is_module_text_address+0x130/0x130 [ 33.740272][ T416] Modules linked in: [ 33.748821][ T389] ? show_regs_print_info+0x18/0x18 [ 33.807022][ T389] bad_page+0x262/0x290 [ 33.811151][ T389] ? _raw_spin_lock+0x170/0x170 [ 33.815974][ T389] ? is_free_buddy_page+0x190/0x190 [ 33.821148][ T389] ? __kasan_check_read+0x11/0x20 [ 33.826143][ T389] ? __zone_watermark_ok+0x9b/0x270 [ 33.831308][ T389] get_page_from_freelist+0x505a/0x57e0 [ 33.836828][ T389] ? 0xffffffffa0140000 [ 33.840953][ T389] ? is_bpf_text_address+0x2c8/0x2e0 [ 33.846215][ T389] ? stack_trace_save+0x1e0/0x1e0 [ 33.851216][ T389] ? __kernel_text_address+0x9a/0x110 [ 33.856557][ T389] ? unwind_get_return_address+0x4c/0x90 [ 33.862160][ T389] ? arch_stack_walk+0x98/0xe0 [ 33.866902][ T389] ? stack_trace_save+0x111/0x1e0 [ 33.871900][ T389] ? __alloc_pages_nodemask+0x3010/0x3010 [ 33.877586][ T389] ? stack_trace_snprint+0x150/0x150 [ 33.882841][ T389] __alloc_pages_nodemask+0x44f/0x3010 [ 33.888269][ T389] ? __kasan_kmalloc+0x179/0x1b0 [ 33.893446][ T389] ? kasan_slab_alloc+0xe/0x10 [ 33.898176][ T389] ? kmem_cache_alloc+0x120/0x2b0 [ 33.903208][ T389] ? copy_process+0x59b/0x52d0 [ 33.907954][ T389] ? _do_fork+0x185/0x950 [ 33.912253][ T389] ? __x64_sys_clone+0x247/0x2b0 [ 33.917168][ T389] ? do_syscall_64+0xc0/0x100 [ 33.921815][ T389] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 33.927855][ T389] ? wait_consider_task+0x193f/0x2790 [ 33.933196][ T389] ? gfp_pfmemalloc_allowed+0x140/0x140 [ 33.938724][ T389] ? ___slab_alloc+0xab/0x450 [ 33.943373][ T389] ? copy_process+0x59b/0x52d0 [ 33.948152][ T389] ? __kasan_check_write+0x14/0x20 [ 33.953230][ T389] ? copy_process+0x59b/0x52d0 [ 33.957963][ T389] ? kasan_slab_alloc+0xe/0x10 [ 33.963043][ T389] copy_process+0x5eb/0x52d0 [ 33.967603][ T389] ? kernel_wait4+0x380/0x380 [ 33.972246][ T389] ? fork_idle+0x290/0x290 [ 33.976630][ T389] ? put_pid+0x89/0xe0 [ 33.980666][ T389] ? __ia32_sys_waitid+0xd0/0xd0 [ 33.985606][ T389] ? do_nanosleep+0x58b/0x6b0 [ 33.990427][ T389] _do_fork+0x185/0x950 [ 33.994554][ T389] ? dup_mm+0x330/0x330 [ 33.998679][ T389] ? __x64_sys_wait4+0x168/0x1c0 [ 34.003582][ T389] ? do_wait+0x890/0x890 [ 34.007791][ T389] __x64_sys_clone+0x247/0x2b0 [ 34.012533][ T389] ? __ia32_sys_vfork+0x110/0x110 [ 34.017524][ T389] ? syscall_return_slowpath+0x6f/0x500 [ 34.023051][ T389] do_syscall_64+0xc0/0x100 [ 34.027531][ T389] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 34.033393][ T389] RIP: 0033:0x440a8a [ 34.037261][ T389] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 34.056928][ T389] RSP: 002b:00007ffe8c37f1d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 34.065320][ T389] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440a8a [ 34.073261][ T389] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 34.081202][ T389] RBP: 00007ffe8c37f1f0 R08: 0000000000000001 R09: 0000000000fd5880 [ 34.089153][ T389] R10: 0000000000fd5b50 R11: 0000000000000246 R12: 0000000000000001 [ 34.097094][ T389] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 34.105964][ T416] CPU: 0 PID: 416 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 34.117406][ T416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.127448][ T416] Call Trace: [ 34.130720][ T416] dump_stack+0x1b0/0x228 [ 34.135042][ T416] ? is_module_text_address+0x130/0x130 [ 34.140569][ T416] ? show_regs_print_info+0x18/0x18 [ 34.145746][ T416] bad_page+0x262/0x290 [ 34.149881][ T416] ? is_free_buddy_page+0x190/0x190 [ 34.155054][ T416] __free_pages_ok+0x759/0xd80 [ 34.159795][ T416] ? __kasan_check_read+0x11/0x20 [ 34.164791][ T416] ? set_pageblock_migratetype+0x150/0x150 [ 34.170570][ T416] free_compound_page+0x67/0x90 [ 34.175396][ T416] __put_page+0xf7/0x120 [ 34.179628][ T416] do_exit+0x1d53/0x26f0 [ 34.183873][ T416] ? mm_update_next_owner+0x5f0/0x5f0 [ 34.189229][ T416] ? do_user_addr_fault+0x6b7/0xb50 [ 34.194406][ T416] do_group_exit+0x153/0x2a0 [ 34.198976][ T416] __do_sys_exit_group+0x17/0x20 [ 34.203896][ T416] __se_sys_exit_group+0x14/0x20 [ 34.208817][ T416] __x64_sys_exit_group+0x3b/0x40 [ 34.213817][ T416] do_syscall_64+0xc0/0x100 [ 34.218296][ T416] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 34.224159][ T416] RIP: 0033:0x440d38 [ 34.228035][ T416] Code: Bad RIP value. [ 34.232072][ T416] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 34.240455][ T416] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 34.248462][ T416] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 34.256425][ T416] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 34.264379][ T416] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 34.272327][ T416] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 34.282817][ T418] BUG: Bad page state in process syz-executor413 pfn:1ce8c8 [ 34.292031][ T418] page:ffffea00073a3200 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 34.303044][ T419] BUG: Bad page state in process syz-executor413 pfn:1ceea8 [ 34.303554][ T418] flags: 0x8000000000010200(slab|head) [ 34.316326][ T418] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 34.317368][ T420] BUG: Bad page state in process syz-executor413 pfn:1ceb20 [ 34.332423][ T418] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000 [ 34.333028][ T419] page:ffffea00073baa00 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 34.352035][ T418] page dumped because: PAGE_FLAGS_CHECK_AT_FREE flag(s) set [ 34.352041][ T418] bad because of flags: 0x200(slab) [ 34.352042][ T418] Modules linked in: [ 34.352055][ T418] CPU: 1 PID: 418 Comm: syz-executor413 Tainted: G B W 5.4.28-syzkaller-00758-g8398205ce446 #0 [ 34.352058][ T418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 34.352061][ T418] Call Trace: [ 34.352074][ T418] dump_stack+0x1b0/0x228 [ 34.352084][ T418] ? is_module_text_address+0x130/0x130 [ 34.352091][ T418] ? show_regs_print_info+0x18/0x18 [ 34.352101][ T418] bad_page+0x262/0x290 [ 34.352107][ T418] ? is_free_buddy_page+0x190/0x190 [ 34.352115][ T418] __free_pages_ok+0x759/0xd80 [ 34.352123][ T418] ? __kasan_check_read+0x11/0x20 [ 34.352131][ T418] ? set_pageblock_migratetype+0x150/0x150 [ 34.352139][ T418] free_compound_page+0x67/0x90 [ 34.352149][ T418] __put_page+0xf7/0x120 [ 34.352157][ T418] do_exit+0x1d53/0x26f0 [ 34.352168][ T418] ? mm_update_next_owner+0x5f0/0x5f0 [ 34.352179][ T418] ? do_user_addr_fault+0x6b7/0xb50 [ 34.352187][ T418] do_group_exit+0x153/0x2a0 [ 34.352195][ T418] __do_sys_exit_group+0x17/0x20 [ 34.352206][ T418] __se_sys_exit_group+0x14/0x20 [ 34.472207][ T418] __x64_sys_exit_group+0x3b/0x40 [ 34.477221][ T418] do_syscall_64+0xc0/0x100 [ 34.481713][ T418] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 34.487581][ T418] RIP: 0033:0x440d38 [ 34.491457][ T418] Code: 00 00 be 3c 00 00 00 eb 19 66 0f 1f 84 00 00 00 00 00 48 89 d7 89 f0 0f 05 48 3d 00 f0 ff ff 77 21 f4 48 89 d7 44 89 c0 0f 05 <48> 3d 00 f0 ff ff 76 e0 f7 d8 64 41 89 01 eb d8 0f 1f 84 00 00 00 [ 34.511036][ T418] RSP: 002b:00007ffe8c37f1b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 34.519431][ T418] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000440d38 [ 34.527380][ T418] RDX: 0000000000000000 RSI: 000000000000003c RDI: 0000000000000000 [ 34.535332][ T418] RBP: 00000000004c6b50 R08: 00000000000000e7 R09: ffffffffffffffd0 [ 34.543278][ T418] R10: 00000000bb1414ac R11: 0000000000000246 R12: 0000000000000001 [ 34.551222][ T418] R13: 00000000006d95e0 R14: 0000000000000000 R15: 0000000000000000 [ 34.559775][ T420] page:ffffea00073ac800 refcount:0 mapcount:0 mapping:ffff8881da8e4e00 index:0x0 compound_mapcount: 0 [ 34.564007][ T419] flags: 0x8000000000010200(slab|head) [ 34.570963][ T420] flags: 0x8000000000010200(slab|head) [ 34.578228][ T419] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 34.583266][ T420] raw: 8000000000010200 dead000000000100 dead000000000122 ffff8881da8e4e00 [ 34.592211][ T419] raw: 0000000000000000 0000000000070007 00000000ffffffff 0000000000000000