syzkaller login: [ 240.825915][ T2891] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 240.932194][ T2891] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 241.000308][ T2891] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 250.215710][ T2891] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:60037' (ECDSA) to the list of known hosts. 1970/01/01 00:04:48 fuzzer started 1970/01/01 00:05:02 dialing manager at localhost:46809 1970/01/01 00:05:06 syscalls: 2780 1970/01/01 00:05:06 code coverage: enabled 1970/01/01 00:05:06 comparison tracing: enabled 1970/01/01 00:05:06 extra coverage: enabled 1970/01/01 00:05:06 setuid sandbox: enabled 1970/01/01 00:05:06 namespace sandbox: enabled 1970/01/01 00:05:06 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:05:06 fault injection: enabled 1970/01/01 00:05:06 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:05:06 net packet injection: enabled 1970/01/01 00:05:06 net device setup: enabled 1970/01/01 00:05:06 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:05:06 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:05:06 USB emulation: enabled 1970/01/01 00:05:06 hci packet injection: /dev/vhci does not exist 1970/01/01 00:05:06 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:05:06 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:05:12 fetching corpus: 50, signal 35874/37755 (executing program) 1970/01/01 00:05:15 fetching corpus: 100, signal 50240/53874 (executing program) 1970/01/01 00:05:18 fetching corpus: 150, signal 63503/68814 (executing program) 1970/01/01 00:05:21 fetching corpus: 200, signal 73981/80902 (executing program) 1970/01/01 00:05:23 fetching corpus: 250, signal 82648/91125 (executing program) 1970/01/01 00:05:27 fetching corpus: 300, signal 92030/101939 (executing program) 1970/01/01 00:05:31 fetching corpus: 350, signal 97385/108823 (executing program) 1970/01/01 00:05:34 fetching corpus: 400, signal 101436/114452 (executing program) 1970/01/01 00:05:37 fetching corpus: 450, signal 109522/123884 (executing program) 1970/01/01 00:05:40 fetching corpus: 500, signal 117265/132996 (executing program) 1970/01/01 00:05:42 fetching corpus: 550, signal 123643/140683 (executing program) 1970/01/01 00:05:44 fetching corpus: 600, signal 129124/147483 (executing program) 1970/01/01 00:05:45 fetching corpus: 650, signal 131987/151752 (executing program) 1970/01/01 00:05:47 fetching corpus: 700, signal 137265/158307 (executing program) 1970/01/01 00:05:50 fetching corpus: 750, signal 141943/164220 (executing program) 1970/01/01 00:05:53 fetching corpus: 800, signal 148819/172212 (executing program) 1970/01/01 00:05:55 fetching corpus: 850, signal 153006/177589 (executing program) 1970/01/01 00:05:57 fetching corpus: 900, signal 156517/182332 (executing program) 1970/01/01 00:05:59 fetching corpus: 950, signal 160913/187851 (executing program) 1970/01/01 00:06:02 fetching corpus: 1000, signal 163542/191699 (executing program) 1970/01/01 00:06:03 fetching corpus: 1050, signal 166321/195694 (executing program) 1970/01/01 00:06:05 fetching corpus: 1100, signal 170096/200564 (executing program) 1970/01/01 00:06:07 fetching corpus: 1150, signal 172249/203890 (executing program) 1970/01/01 00:06:09 fetching corpus: 1200, signal 174422/207261 (executing program) 1970/01/01 00:06:11 fetching corpus: 1250, signal 176928/210897 (executing program) 1970/01/01 00:06:15 fetching corpus: 1300, signal 179215/214318 (executing program) 1970/01/01 00:06:17 fetching corpus: 1350, signal 181969/218158 (executing program) 1970/01/01 00:06:21 fetching corpus: 1400, signal 185713/222917 (executing program) 1970/01/01 00:06:23 fetching corpus: 1450, signal 187678/225967 (executing program) 1970/01/01 00:06:24 fetching corpus: 1500, signal 189823/229189 (executing program) 1970/01/01 00:06:28 fetching corpus: 1550, signal 193735/233978 (executing program) 1970/01/01 00:06:31 fetching corpus: 1600, signal 195645/236962 (executing program) 1970/01/01 00:06:33 fetching corpus: 1650, signal 198388/240695 (executing program) 1970/01/01 00:06:36 fetching corpus: 1700, signal 200338/243678 (executing program) 1970/01/01 00:06:39 fetching corpus: 1750, signal 202759/247092 (executing program) 1970/01/01 00:06:42 fetching corpus: 1800, signal 205717/250944 (executing program) 1970/01/01 00:06:43 fetching corpus: 1850, signal 209073/255099 (executing program) 1970/01/01 00:06:45 fetching corpus: 1900, signal 211487/258405 (executing program) 1970/01/01 00:06:48 fetching corpus: 1950, signal 212930/260888 (executing program) 1970/01/01 00:06:52 fetching corpus: 2000, signal 215031/263873 (executing program) 1970/01/01 00:06:55 fetching corpus: 2050, signal 217281/267007 (executing program) 1970/01/01 00:06:57 fetching corpus: 2100, signal 218716/269437 (executing program) 1970/01/01 00:06:58 fetching corpus: 2150, signal 220492/272149 (executing program) 1970/01/01 00:07:00 fetching corpus: 2200, signal 221360/274078 (executing program) 1970/01/01 00:07:03 fetching corpus: 2250, signal 222725/276439 (executing program) 1970/01/01 00:07:04 fetching corpus: 2300, signal 225123/279592 (executing program) 1970/01/01 00:07:06 fetching corpus: 2350, signal 226643/282065 (executing program) 1970/01/01 00:07:09 fetching corpus: 2400, signal 229272/285417 (executing program) 1970/01/01 00:07:12 fetching corpus: 2450, signal 231059/288083 (executing program) 1970/01/01 00:07:14 fetching corpus: 2500, signal 232539/290475 (executing program) 1970/01/01 00:07:16 fetching corpus: 2550, signal 234223/292988 (executing program) 1970/01/01 00:07:18 fetching corpus: 2600, signal 237396/296736 (executing program) 1970/01/01 00:07:21 fetching corpus: 2650, signal 239257/299388 (executing program) 1970/01/01 00:07:23 fetching corpus: 2700, signal 240318/301367 (executing program) 1970/01/01 00:07:25 fetching corpus: 2750, signal 242081/303919 (executing program) 1970/01/01 00:07:27 fetching corpus: 2800, signal 243045/305872 (executing program) 1970/01/01 00:07:30 fetching corpus: 2850, signal 245273/308787 (executing program) 1970/01/01 00:07:32 fetching corpus: 2900, signal 246444/310773 (executing program) 1970/01/01 00:07:34 fetching corpus: 2950, signal 248521/313518 (executing program) 1970/01/01 00:07:36 fetching corpus: 3000, signal 250314/316065 (executing program) 1970/01/01 00:07:39 fetching corpus: 3050, signal 251463/318051 (executing program) 1970/01/01 00:07:41 fetching corpus: 3100, signal 252716/320146 (executing program) 1970/01/01 00:07:42 fetching corpus: 3150, signal 253606/321952 (executing program) 1970/01/01 00:07:45 fetching corpus: 3200, signal 255133/324230 (executing program) 1970/01/01 00:07:47 fetching corpus: 3250, signal 256342/326191 (executing program) 1970/01/01 00:07:49 fetching corpus: 3300, signal 257264/327942 (executing program) 1970/01/01 00:07:52 fetching corpus: 3350, signal 259439/330670 (executing program) 1970/01/01 00:07:53 fetching corpus: 3400, signal 260527/332585 (executing program) 1970/01/01 00:07:55 fetching corpus: 3450, signal 261590/334401 (executing program) 1970/01/01 00:07:57 fetching corpus: 3500, signal 262868/336452 (executing program) 1970/01/01 00:07:59 fetching corpus: 3550, signal 264450/338679 (executing program) 1970/01/01 00:08:02 fetching corpus: 3600, signal 265302/340395 (executing program) 1970/01/01 00:08:04 fetching corpus: 3650, signal 267013/342712 (executing program) 1970/01/01 00:08:06 fetching corpus: 3700, signal 268006/344449 (executing program) 1970/01/01 00:08:09 fetching corpus: 3750, signal 269554/346588 (executing program) 1970/01/01 00:08:11 fetching corpus: 3800, signal 270516/348295 (executing program) 1970/01/01 00:08:14 fetching corpus: 3850, signal 271586/350109 (executing program) 1970/01/01 00:08:16 fetching corpus: 3900, signal 272694/351905 (executing program) 1970/01/01 00:08:18 fetching corpus: 3950, signal 273583/353578 (executing program) 1970/01/01 00:08:20 fetching corpus: 4000, signal 274333/355105 (executing program) 1970/01/01 00:08:22 fetching corpus: 4050, signal 275311/356780 (executing program) 1970/01/01 00:08:26 fetching corpus: 4100, signal 276559/358679 (executing program) 1970/01/01 00:08:28 fetching corpus: 4150, signal 277381/360268 (executing program) 1970/01/01 00:08:30 fetching corpus: 4200, signal 278689/362193 (executing program) 1970/01/01 00:08:32 fetching corpus: 4250, signal 279352/363665 (executing program) 1970/01/01 00:08:34 fetching corpus: 4300, signal 280382/365379 (executing program) 1970/01/01 00:08:36 fetching corpus: 4350, signal 281087/366830 (executing program) 1970/01/01 00:08:39 fetching corpus: 4400, signal 282548/368832 (executing program) 1970/01/01 00:08:41 fetching corpus: 4450, signal 283589/370538 (executing program) 1970/01/01 00:08:44 fetching corpus: 4500, signal 285443/372742 (executing program) 1970/01/01 00:08:47 fetching corpus: 4550, signal 286665/374516 (executing program) 1970/01/01 00:08:49 fetching corpus: 4600, signal 287796/376249 (executing program) 1970/01/01 00:08:51 fetching corpus: 4650, signal 288450/377611 (executing program) 1970/01/01 00:08:53 fetching corpus: 4700, signal 289638/379329 (executing program) 1970/01/01 00:08:56 fetching corpus: 4750, signal 290496/380787 (executing program) 1970/01/01 00:08:57 fetching corpus: 4800, signal 291758/382583 (executing program) 1970/01/01 00:09:00 fetching corpus: 4850, signal 292712/384161 (executing program) 1970/01/01 00:09:03 fetching corpus: 4900, signal 293907/385896 (executing program) 1970/01/01 00:09:06 fetching corpus: 4950, signal 295051/387536 (executing program) 1970/01/01 00:09:09 fetching corpus: 5000, signal 296120/389147 (executing program) 1970/01/01 00:09:11 fetching corpus: 5050, signal 299771/392344 (executing program) 1970/01/01 00:09:13 fetching corpus: 5100, signal 300418/393646 (executing program) 1970/01/01 00:09:14 fetching corpus: 5150, signal 301277/395123 (executing program) 1970/01/01 00:09:17 fetching corpus: 5200, signal 301825/396410 (executing program) 1970/01/01 00:09:19 fetching corpus: 5250, signal 303313/398244 (executing program) 1970/01/01 00:09:22 fetching corpus: 5300, signal 304015/399556 (executing program) 1970/01/01 00:09:24 fetching corpus: 5350, signal 304834/400991 (executing program) 1970/01/01 00:09:27 fetching corpus: 5400, signal 305882/402582 (executing program) 1970/01/01 00:09:30 fetching corpus: 5450, signal 306655/403918 (executing program) 1970/01/01 00:09:33 fetching corpus: 5500, signal 307881/405527 (executing program) 1970/01/01 00:09:35 fetching corpus: 5550, signal 308508/406795 (executing program) 1970/01/01 00:09:37 fetching corpus: 5600, signal 309364/408203 (executing program) 1970/01/01 00:09:39 fetching corpus: 5650, signal 310437/409746 (executing program) 1970/01/01 00:09:41 fetching corpus: 5700, signal 311438/411238 (executing program) 1970/01/01 00:09:43 fetching corpus: 5750, signal 312964/412972 (executing program) 1970/01/01 00:09:45 fetching corpus: 5800, signal 313693/414283 (executing program) 1970/01/01 00:09:48 fetching corpus: 5850, signal 315330/416065 (executing program) 1970/01/01 00:09:50 fetching corpus: 5900, signal 316350/417532 (executing program) 1970/01/01 00:09:51 fetching corpus: 5950, signal 317118/418833 (executing program) 1970/01/01 00:09:53 fetching corpus: 6000, signal 317592/420011 (executing program) 1970/01/01 00:09:56 fetching corpus: 6050, signal 318901/421627 (executing program) 1970/01/01 00:09:59 fetching corpus: 6100, signal 319691/422900 (executing program) 1970/01/01 00:10:02 fetching corpus: 6150, signal 320360/424130 (executing program) 1970/01/01 00:10:04 fetching corpus: 6200, signal 321430/425568 (executing program) 1970/01/01 00:10:10 fetching corpus: 6250, signal 321910/426639 (executing program) 1970/01/01 00:10:13 fetching corpus: 6300, signal 322604/427851 (executing program) 1970/01/01 00:10:16 fetching corpus: 6350, signal 323333/429072 (executing program) 1970/01/01 00:10:18 fetching corpus: 6400, signal 323863/430219 (executing program) 1970/01/01 00:10:21 fetching corpus: 6450, signal 324337/431349 (executing program) 1970/01/01 00:10:24 fetching corpus: 6500, signal 325090/432589 (executing program) 1970/01/01 00:10:28 fetching corpus: 6550, signal 326020/433879 (executing program) 1970/01/01 00:10:31 fetching corpus: 6600, signal 326556/434955 (executing program) 1970/01/01 00:10:34 fetching corpus: 6650, signal 327336/436185 (executing program) 1970/01/01 00:10:36 fetching corpus: 6700, signal 327786/437211 (executing program) 1970/01/01 00:10:39 fetching corpus: 6750, signal 328569/438417 (executing program) 1970/01/01 00:10:41 fetching corpus: 6800, signal 329557/439743 (executing program) 1970/01/01 00:10:43 fetching corpus: 6850, signal 330485/441027 (executing program) 1970/01/01 00:10:46 fetching corpus: 6900, signal 331202/442213 (executing program) 1970/01/01 00:10:48 fetching corpus: 6950, signal 331753/443270 (executing program) 1970/01/01 00:10:49 fetching corpus: 7000, signal 332627/444537 (executing program) 1970/01/01 00:10:51 fetching corpus: 7050, signal 333272/445649 (executing program) 1970/01/01 00:10:53 fetching corpus: 7100, signal 333667/446656 (executing program) 1970/01/01 00:10:55 fetching corpus: 7150, signal 334305/447799 (executing program) 1970/01/01 00:10:58 fetching corpus: 7200, signal 334767/448838 (executing program) 1970/01/01 00:11:00 fetching corpus: 7250, signal 335814/450155 (executing program) 1970/01/01 00:11:03 fetching corpus: 7300, signal 336269/451166 (executing program) 1970/01/01 00:11:06 fetching corpus: 7350, signal 336739/452180 (executing program) 1970/01/01 00:11:07 fetching corpus: 7400, signal 337554/453385 (executing program) 1970/01/01 00:11:09 fetching corpus: 7450, signal 338112/454391 (executing program) 1970/01/01 00:11:12 fetching corpus: 7500, signal 338833/455485 (executing program) 1970/01/01 00:11:14 fetching corpus: 7550, signal 339603/456643 (executing program) 1970/01/01 00:11:17 fetching corpus: 7600, signal 340585/457854 (executing program) 1970/01/01 00:11:19 fetching corpus: 7650, signal 340993/458814 (executing program) 1970/01/01 00:11:21 fetching corpus: 7700, signal 341594/459848 (executing program) 1970/01/01 00:11:24 fetching corpus: 7750, signal 342421/460952 (executing program) 1970/01/01 00:11:25 fetching corpus: 7800, signal 342885/461922 (executing program) 1970/01/01 00:11:27 fetching corpus: 7850, signal 343471/462939 (executing program) 1970/01/01 00:11:30 fetching corpus: 7900, signal 344532/464175 (executing program) 1970/01/01 00:11:32 fetching corpus: 7950, signal 344997/465101 (executing program) 1970/01/01 00:11:35 fetching corpus: 8000, signal 345478/466025 (executing program) 1970/01/01 00:11:40 fetching corpus: 8050, signal 346895/467366 (executing program) 1970/01/01 00:11:43 fetching corpus: 8100, signal 347336/468293 (executing program) 1970/01/01 00:11:45 fetching corpus: 8150, signal 349364/469883 (executing program) 1970/01/01 00:11:47 fetching corpus: 8200, signal 352303/471767 (executing program) 1970/01/01 00:11:49 fetching corpus: 8250, signal 352972/472762 (executing program) 1970/01/01 00:11:51 fetching corpus: 8300, signal 353726/473781 (executing program) 1970/01/01 00:11:53 fetching corpus: 8350, signal 354579/474817 (executing program) 1970/01/01 00:11:56 fetching corpus: 8400, signal 355403/475837 (executing program) 1970/01/01 00:11:59 fetching corpus: 8450, signal 355938/476803 (executing program) 1970/01/01 00:12:02 fetching corpus: 8500, signal 356725/477887 (executing program) 1970/01/01 00:12:05 fetching corpus: 8550, signal 357250/478785 (executing program) 1970/01/01 00:12:07 fetching corpus: 8600, signal 357746/479665 (executing program) 1970/01/01 00:12:10 fetching corpus: 8650, signal 358225/480560 (executing program) 1970/01/01 00:12:12 fetching corpus: 8700, signal 358634/481446 (executing program) 1970/01/01 00:12:14 fetching corpus: 8750, signal 359572/482531 (executing program) 1970/01/01 00:12:16 fetching corpus: 8800, signal 360080/483371 (executing program) 1970/01/01 00:12:18 fetching corpus: 8850, signal 360704/484339 (executing program) 1970/01/01 00:12:20 fetching corpus: 8900, signal 361229/485200 (executing program) 1970/01/01 00:12:22 fetching corpus: 8950, signal 362131/486214 (executing program) 1970/01/01 00:12:24 fetching corpus: 9000, signal 363433/487375 (executing program) 1970/01/01 00:12:26 fetching corpus: 9050, signal 363855/488224 (executing program) 1970/01/01 00:12:28 fetching corpus: 9100, signal 364438/489110 (executing program) 1970/01/01 00:12:30 fetching corpus: 9150, signal 364808/489931 (executing program) 1970/01/01 00:12:32 fetching corpus: 9200, signal 365434/490866 (executing program) 1970/01/01 00:12:34 fetching corpus: 9250, signal 365880/491679 (executing program) 1970/01/01 00:12:37 fetching corpus: 9300, signal 366376/492526 (executing program) 1970/01/01 00:12:39 fetching corpus: 9350, signal 367180/493451 (executing program) 1970/01/01 00:12:41 fetching corpus: 9400, signal 367703/494313 (executing program) 1970/01/01 00:12:43 fetching corpus: 9450, signal 368253/495162 (executing program) 1970/01/01 00:12:45 fetching corpus: 9500, signal 368971/496052 (executing program) 1970/01/01 00:12:47 fetching corpus: 9550, signal 369601/496929 (executing program) 1970/01/01 00:12:50 fetching corpus: 9600, signal 370250/497797 (executing program) 1970/01/01 00:12:54 fetching corpus: 9650, signal 370930/498688 (executing program) 1970/01/01 00:12:56 fetching corpus: 9700, signal 371453/499500 (executing program) 1970/01/01 00:12:59 fetching corpus: 9750, signal 371954/500373 (executing program) 1970/01/01 00:13:00 fetching corpus: 9800, signal 372376/501181 (executing program) 1970/01/01 00:13:02 fetching corpus: 9850, signal 372957/501980 (executing program) 1970/01/01 00:13:04 fetching corpus: 9900, signal 373814/502866 (executing program) 1970/01/01 00:13:06 fetching corpus: 9950, signal 374405/503655 (executing program) 1970/01/01 00:13:08 fetching corpus: 10000, signal 374949/504470 (executing program) 1970/01/01 00:13:10 fetching corpus: 10050, signal 375402/505273 (executing program) 1970/01/01 00:13:14 fetching corpus: 10100, signal 376220/506126 (executing program) 1970/01/01 00:13:16 fetching corpus: 10150, signal 376768/506926 (executing program) 1970/01/01 00:13:18 fetching corpus: 10200, signal 377147/507668 (executing program) 1970/01/01 00:13:20 fetching corpus: 10250, signal 378462/508604 (executing program) 1970/01/01 00:13:22 fetching corpus: 10300, signal 379331/509451 (executing program) 1970/01/01 00:13:24 fetching corpus: 10350, signal 379744/510198 (executing program) 1970/01/01 00:13:27 fetching corpus: 10400, signal 380371/510992 (executing program) 1970/01/01 00:13:30 fetching corpus: 10450, signal 381041/511796 (executing program) 1970/01/01 00:13:33 fetching corpus: 10500, signal 382055/512655 (executing program) 1970/01/01 00:13:36 fetching corpus: 10550, signal 382708/513427 (executing program) 1970/01/01 00:13:38 fetching corpus: 10600, signal 383120/514150 (executing program) 1970/01/01 00:13:40 fetching corpus: 10650, signal 383700/514860 (executing program) 1970/01/01 00:13:42 fetching corpus: 10700, signal 384042/515531 (executing program) 1970/01/01 00:13:44 fetching corpus: 10750, signal 384499/516280 (executing program) 1970/01/01 00:13:45 fetching corpus: 10800, signal 384845/516945 (executing program) 1970/01/01 00:13:47 fetching corpus: 10850, signal 385325/517692 (executing program) 1970/01/01 00:13:48 fetching corpus: 10900, signal 385825/518398 (executing program) 1970/01/01 00:13:51 fetching corpus: 10950, signal 386296/519080 (executing program) 1970/01/01 00:13:54 fetching corpus: 11000, signal 387295/519897 (executing program) 1970/01/01 00:13:56 fetching corpus: 11050, signal 387793/520626 (executing program) 1970/01/01 00:13:59 fetching corpus: 11100, signal 388334/521323 (executing program) 1970/01/01 00:14:01 fetching corpus: 11150, signal 388688/522014 (executing program) 1970/01/01 00:14:03 fetching corpus: 11200, signal 389054/522661 (executing program) 1970/01/01 00:14:06 fetching corpus: 11250, signal 389609/523391 (executing program) 1970/01/01 00:14:09 fetching corpus: 11300, signal 390285/524088 (executing program) 1970/01/01 00:14:12 fetching corpus: 11350, signal 390723/524762 (executing program) 1970/01/01 00:14:15 fetching corpus: 11400, signal 391395/525471 (executing program) 1970/01/01 00:14:17 fetching corpus: 11450, signal 392026/526135 (executing program) 1970/01/01 00:14:19 fetching corpus: 11500, signal 392405/526770 (executing program) 1970/01/01 00:14:21 fetching corpus: 11550, signal 392794/527418 (executing program) 1970/01/01 00:14:23 fetching corpus: 11600, signal 393171/528073 (executing program) 1970/01/01 00:14:25 fetching corpus: 11650, signal 393629/528719 (executing program) 1970/01/01 00:14:27 fetching corpus: 11700, signal 394196/529380 (executing program) 1970/01/01 00:14:29 fetching corpus: 11750, signal 395057/530081 (executing program) 1970/01/01 00:14:31 fetching corpus: 11800, signal 395756/530778 (executing program) 1970/01/01 00:14:34 fetching corpus: 11850, signal 396441/531469 (executing program) 1970/01/01 00:14:37 fetching corpus: 11900, signal 396957/532095 (executing program) 1970/01/01 00:14:39 fetching corpus: 11950, signal 397472/532714 (executing program) 1970/01/01 00:14:41 fetching corpus: 12000, signal 397881/533365 (executing program) 1970/01/01 00:14:42 fetching corpus: 12050, signal 398227/533973 (executing program) 1970/01/01 00:14:45 fetching corpus: 12100, signal 398769/534607 (executing program) 1970/01/01 00:14:48 fetching corpus: 12150, signal 399225/535253 (executing program) 1970/01/01 00:14:50 fetching corpus: 12200, signal 399774/535878 (executing program) 1970/01/01 00:14:52 fetching corpus: 12250, signal 400427/536516 (executing program) 1970/01/01 00:14:54 fetching corpus: 12300, signal 401006/537144 (executing program) 1970/01/01 00:14:57 fetching corpus: 12350, signal 401884/537742 (executing program) 1970/01/01 00:15:00 fetching corpus: 12400, signal 402340/538372 (executing program) 1970/01/01 00:15:01 fetching corpus: 12450, signal 402919/539002 (executing program) 1970/01/01 00:15:03 fetching corpus: 12500, signal 403221/539573 (executing program) 1970/01/01 00:15:05 fetching corpus: 12550, signal 403573/540126 (executing program) 1970/01/01 00:15:07 fetching corpus: 12600, signal 404111/540717 (executing program) 1970/01/01 00:15:09 fetching corpus: 12650, signal 404409/541275 (executing program) 1970/01/01 00:15:11 fetching corpus: 12700, signal 404733/541868 (executing program) 1970/01/01 00:15:13 fetching corpus: 12750, signal 405626/542499 (executing program) 1970/01/01 00:15:15 fetching corpus: 12800, signal 406140/543096 (executing program) 1970/01/01 00:15:17 fetching corpus: 12850, signal 406476/543684 (executing program) 1970/01/01 00:15:21 fetching corpus: 12900, signal 406829/544258 (executing program) 1970/01/01 00:15:23 fetching corpus: 12950, signal 407239/544809 (executing program) 1970/01/01 00:15:25 fetching corpus: 13000, signal 407883/545352 (executing program) 1970/01/01 00:15:27 fetching corpus: 13050, signal 408295/545888 (executing program) 1970/01/01 00:15:30 fetching corpus: 13100, signal 408768/546411 (executing program) 1970/01/01 00:15:32 fetching corpus: 13150, signal 409114/546998 (executing program) 1970/01/01 00:15:34 fetching corpus: 13200, signal 409519/547556 (executing program) 1970/01/01 00:15:39 fetching corpus: 13250, signal 409934/548090 (executing program) 1970/01/01 00:15:42 fetching corpus: 13300, signal 410332/548635 (executing program) 1970/01/01 00:15:45 fetching corpus: 13350, signal 410730/549120 (executing program) 1970/01/01 00:15:48 fetching corpus: 13400, signal 411471/549656 (executing program) 1970/01/01 00:15:51 fetching corpus: 13450, signal 411870/550162 (executing program) 1970/01/01 00:15:54 fetching corpus: 13500, signal 412350/550682 (executing program) 1970/01/01 00:15:56 fetching corpus: 13550, signal 412970/551205 (executing program) 1970/01/01 00:15:58 fetching corpus: 13600, signal 413320/551730 (executing program) 1970/01/01 00:16:00 fetching corpus: 13650, signal 413835/552239 (executing program) 1970/01/01 00:16:02 fetching corpus: 13700, signal 414126/552759 (executing program) 1970/01/01 00:16:04 fetching corpus: 13750, signal 414547/553301 (executing program) 1970/01/01 00:16:06 fetching corpus: 13800, signal 414842/553801 (executing program) 1970/01/01 00:16:08 fetching corpus: 13850, signal 415355/554290 (executing program) 1970/01/01 00:16:11 fetching corpus: 13900, signal 415690/554392 (executing program) 1970/01/01 00:16:13 fetching corpus: 13950, signal 416082/554392 (executing program) 1970/01/01 00:16:15 fetching corpus: 14000, signal 416536/554392 (executing program) 1970/01/01 00:16:18 fetching corpus: 14050, signal 416936/554392 (executing program) 1970/01/01 00:16:20 fetching corpus: 14100, signal 417439/554393 (executing program) 1970/01/01 00:16:22 fetching corpus: 14150, signal 417755/554393 (executing program) 1970/01/01 00:16:24 fetching corpus: 14200, signal 418110/554393 (executing program) 1970/01/01 00:16:27 fetching corpus: 14250, signal 418616/554393 (executing program) 1970/01/01 00:16:30 fetching corpus: 14300, signal 419130/554393 (executing program) 1970/01/01 00:16:32 fetching corpus: 14350, signal 419530/554394 (executing program) 1970/01/01 00:16:34 fetching corpus: 14400, signal 419841/554395 (executing program) 1970/01/01 00:16:36 fetching corpus: 14450, signal 420186/554395 (executing program) 1970/01/01 00:16:39 fetching corpus: 14500, signal 420526/554395 (executing program) 1970/01/01 00:16:40 fetching corpus: 14550, signal 421045/554398 (executing program) 1970/01/01 00:16:43 fetching corpus: 14600, signal 421536/554398 (executing program) 1970/01/01 00:16:45 fetching corpus: 14650, signal 421833/554398 (executing program) 1970/01/01 00:16:46 fetching corpus: 14700, signal 422195/554398 (executing program) 1970/01/01 00:16:48 fetching corpus: 14750, signal 422486/554411 (executing program) 1970/01/01 00:16:50 fetching corpus: 14800, signal 423211/554411 (executing program) 1970/01/01 00:16:52 fetching corpus: 14850, signal 423753/554411 (executing program) 1970/01/01 00:16:54 fetching corpus: 14900, signal 424085/554421 (executing program) 1970/01/01 00:16:56 fetching corpus: 14950, signal 424654/554424 (executing program) 1970/01/01 00:16:58 fetching corpus: 15000, signal 425284/554429 (executing program) 1970/01/01 00:17:01 fetching corpus: 15050, signal 425728/554429 (executing program) 1970/01/01 00:17:05 fetching corpus: 15100, signal 426119/554430 (executing program) 1970/01/01 00:17:09 fetching corpus: 15150, signal 426500/554435 (executing program) 1970/01/01 00:17:11 fetching corpus: 15200, signal 426724/554435 (executing program) 1970/01/01 00:17:13 fetching corpus: 15250, signal 427153/554435 (executing program) 1970/01/01 00:17:15 fetching corpus: 15300, signal 427517/554435 (executing program) 1970/01/01 00:17:18 fetching corpus: 15350, signal 427802/554435 (executing program) 1970/01/01 00:17:20 fetching corpus: 15400, signal 428169/554435 (executing program) 1970/01/01 00:17:22 fetching corpus: 15450, signal 428534/554437 (executing program) 1970/01/01 00:17:26 fetching corpus: 15500, signal 429047/554437 (executing program) 1970/01/01 00:17:28 fetching corpus: 15550, signal 429766/554437 (executing program) 1970/01/01 00:17:30 fetching corpus: 15600, signal 430069/554449 (executing program) 1970/01/01 00:17:32 fetching corpus: 15650, signal 430390/554449 (executing program) 1970/01/01 00:17:35 fetching corpus: 15700, signal 430900/554449 (executing program) 1970/01/01 00:17:37 fetching corpus: 15750, signal 431306/554449 (executing program) 1970/01/01 00:17:39 fetching corpus: 15800, signal 431843/554449 (executing program) 1970/01/01 00:17:42 fetching corpus: 15850, signal 432466/554449 (executing program) 1970/01/01 00:17:44 fetching corpus: 15900, signal 432873/554450 (executing program) 1970/01/01 00:17:46 fetching corpus: 15950, signal 433207/554450 (executing program) 1970/01/01 00:17:48 fetching corpus: 16000, signal 433643/554450 (executing program) 1970/01/01 00:17:50 fetching corpus: 16050, signal 434043/554450 (executing program) 1970/01/01 00:17:53 fetching corpus: 16100, signal 434391/554450 (executing program) 1970/01/01 00:17:56 fetching corpus: 16150, signal 434805/554450 (executing program) 1970/01/01 00:17:58 fetching corpus: 16200, signal 435190/554454 (executing program) 1970/01/01 00:18:00 fetching corpus: 16250, signal 435623/554454 (executing program) 1970/01/01 00:18:01 fetching corpus: 16300, signal 436008/554454 (executing program) 1970/01/01 00:18:04 fetching corpus: 16350, signal 436459/554454 (executing program) 1970/01/01 00:18:06 fetching corpus: 16400, signal 436727/554454 (executing program) 1970/01/01 00:18:08 fetching corpus: 16450, signal 436958/554454 (executing program) 1970/01/01 00:18:10 fetching corpus: 16500, signal 437644/554454 (executing program) 1970/01/01 00:18:12 fetching corpus: 16550, signal 437951/554454 (executing program) 1970/01/01 00:18:15 fetching corpus: 16600, signal 438337/554454 (executing program) 1970/01/01 00:18:18 fetching corpus: 16650, signal 438799/554480 (executing program) 1970/01/01 00:18:21 fetching corpus: 16700, signal 439598/554487 (executing program) 1970/01/01 00:18:22 fetching corpus: 16750, signal 439865/554487 (executing program) 1970/01/01 00:18:25 fetching corpus: 16800, signal 440487/554487 (executing program) 1970/01/01 00:18:29 fetching corpus: 16850, signal 441204/554487 (executing program) 1970/01/01 00:18:31 fetching corpus: 16900, signal 441515/554487 (executing program) 1970/01/01 00:18:33 fetching corpus: 16950, signal 441948/554488 (executing program) 1970/01/01 00:18:36 fetching corpus: 17000, signal 442259/554488 (executing program) 1970/01/01 00:18:38 fetching corpus: 17050, signal 442567/554488 (executing program) 1970/01/01 00:18:39 fetching corpus: 17100, signal 442912/554488 (executing program) 1970/01/01 00:18:42 fetching corpus: 17150, signal 443266/554488 (executing program) 1970/01/01 00:18:44 fetching corpus: 17200, signal 443922/554488 (executing program) 1970/01/01 00:18:47 fetching corpus: 17250, signal 444171/554488 (executing program) 1970/01/01 00:18:49 fetching corpus: 17300, signal 444759/554488 (executing program) 1970/01/01 00:18:51 fetching corpus: 17350, signal 445156/554488 (executing program) 1970/01/01 00:18:53 fetching corpus: 17400, signal 445531/554488 (executing program) 1970/01/01 00:18:57 fetching corpus: 17450, signal 446009/554488 (executing program) 1970/01/01 00:19:00 fetching corpus: 17500, signal 446266/554488 (executing program) 1970/01/01 00:19:03 fetching corpus: 17550, signal 446662/554488 (executing program) 1970/01/01 00:19:06 fetching corpus: 17600, signal 446906/554500 (executing program) 1970/01/01 00:19:08 fetching corpus: 17650, signal 447182/554500 (executing program) 1970/01/01 00:19:12 fetching corpus: 17700, signal 448067/554500 (executing program) 1970/01/01 00:19:14 fetching corpus: 17750, signal 448307/554501 (executing program) 1970/01/01 00:19:16 fetching corpus: 17800, signal 448507/554501 (executing program) 1970/01/01 00:19:18 fetching corpus: 17850, signal 448840/554501 (executing program) 1970/01/01 00:19:21 fetching corpus: 17900, signal 449113/554501 (executing program) 1970/01/01 00:19:23 fetching corpus: 17950, signal 449387/554503 (executing program) 1970/01/01 00:19:25 fetching corpus: 18000, signal 449695/554505 (executing program) 1970/01/01 00:19:28 fetching corpus: 18050, signal 450029/554505 (executing program) 1970/01/01 00:19:30 fetching corpus: 18100, signal 450452/554505 (executing program) 1970/01/01 00:19:35 fetching corpus: 18150, signal 450911/554505 (executing program) 1970/01/01 00:19:38 fetching corpus: 18200, signal 451178/554505 (executing program) 1970/01/01 00:19:40 fetching corpus: 18250, signal 451497/554505 (executing program) 1970/01/01 00:19:42 fetching corpus: 18300, signal 451862/554505 (executing program) 1970/01/01 00:19:44 fetching corpus: 18350, signal 452648/554505 (executing program) 1970/01/01 00:19:46 fetching corpus: 18400, signal 452938/554505 (executing program) 1970/01/01 00:19:48 fetching corpus: 18450, signal 453301/554505 (executing program) 1970/01/01 00:19:50 fetching corpus: 18500, signal 453562/554505 (executing program) 1970/01/01 00:19:53 fetching corpus: 18550, signal 453811/554505 (executing program) 1970/01/01 00:19:55 fetching corpus: 18600, signal 454085/554505 (executing program) 1970/01/01 00:19:58 fetching corpus: 18650, signal 454393/554505 (executing program) 1970/01/01 00:19:58 fetching corpus: 18653, signal 454437/554505 (executing program) 1970/01/01 00:19:58 fetching corpus: 18653, signal 454437/554505 (executing program) 1970/01/01 00:21:36 starting 2 fuzzer processes 00:21:55 executing program 0: ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000000)={0x0, 0x1, 0xffffffffffffffff, 0x101, 0x80000}) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x185c40, 0x0) r1 = pidfd_getfd(r0, r0, 0x0) ioctl$UI_END_FF_UPLOAD(r1, 0x406855c9, &(0x7f0000000080)={0xd, 0x5, {0x52, 0x1, 0x4, {0x0, 0x6}, {0x7, 0x6}, @rumble={0x9d, 0xfff}}, {0x57, 0x2, 0x6, {0xe00, 0x7}, {0xfffb, 0x80}, @const={0x2, {0xfd3f, 0x7, 0x0, 0x8}}}}) read(0xffffffffffffffff, &(0x7f0000000100)=""/30, 0x1e) r2 = openat2(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x440000, 0x8, 0x2}, 0x18) pipe2(&(0x7f0000000740)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80000) getsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000780), &(0x7f00000007c0)=0x4) r5 = syz_open_dev$mouse(&(0x7f0000000800), 0x3, 0x8000) ioctl$sock_inet_SIOCSIFBRDADDR(r5, 0x891a, &(0x7f0000000840)={'netdevsim0\x00', {0x2, 0x0, @loopback}}) r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000880)={0xffffffffffffffff}, 0x4) ioctl$BTRFS_IOC_RM_DEV_V2(r6, 0x5000943a, &(0x7f00000008c0)={{r2}, 0x0, 0xc, @unused=[0x401, 0xfe24, 0x1, 0x2], @subvolid=0x1}) r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000018c0), 0x2, 0x0) fcntl$lock(r7, 0x24, &(0x7f0000001900)={0x2, 0x3, 0x1, 0x4}) ioctl$FIONCLEX(r1, 0x5450) r8 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001940), 0x42041, 0x0) sendmsg$NFT_MSG_GETOBJ(r8, &(0x7f0000001a80)={&(0x7f0000001980)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000001a40)={&(0x7f00000019c0)={0x58, 0x13, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x5}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x58}}, 0x0) ioctl$BTRFS_IOC_SCRUB_PROGRESS(0xffffffffffffffff, 0xc400941d, &(0x7f0000001ac0)={<r9=>0x0, 0xa4, 0x401, 0x1}) ioctl$BTRFS_IOC_SCRUB_PROGRESS(r2, 0xc400941d, &(0x7f0000001ec0)={r9, 0x10001, 0x5}) close_range(r4, r7, 0x0) 00:22:18 executing program 1: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f0000000040)={'syztnl2\x00', <r2=>0x0, 0x29, 0xf7, 0x3, 0x3f, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @local, 0x40, 0x1, 0xfffffffc, 0x80000001}}) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000001c0)={{{@in6=@ipv4={""/10, ""/2, @multicast2}, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6}, 0x0, @in6=@private2}}, &(0x7f00000002c0)=0xe8) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000380)={'ip6_vti0\x00', &(0x7f0000000300)={'syztnl0\x00', <r4=>r3, 0x4, 0x5, 0x39, 0xb, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, 0x7800, 0x8000, 0x2, 0x100}}) r5 = syz_open_dev$vcsa(&(0x7f00000003c0), 0x2c, 0x0) ioctl$MON_IOCG_STATS(r5, 0x80089203, &(0x7f0000000400)) r6 = syz_open_dev$audion(&(0x7f0000000440), 0xffffffffffffd59d, 0x41) ioctl$MON_IOCQ_URB_LEN(r6, 0x9201) r7 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000480), 0x222202, 0x0) r8 = fcntl$getown(0xffffffffffffffff, 0x9) pipe2(&(0x7f0000000500)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x4000) sendmsg$nl_route(r7, &(0x7f00000005c0)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)=@RTM_GETNSID={0x2c, 0x5a, 0x200, 0x70bd26, 0x25dfdbff, {}, [@NETNSA_PID={0x8, 0x2, r8}, @NETNSA_FD={0x8, 0x3, r10}, @NETNSA_FD={0x8, 0x3, r6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x840) r11 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000640), r0) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r7, 0x89fa, &(0x7f0000000700)={'ip6_vti0\x00', &(0x7f0000000680)={'syztnl1\x00', <r12=>r4, 0x2f, 0x5f, 0x0, 0x3ff, 0x2, @local, @private1, 0x8000, 0x7800, 0x9, 0x9}}) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000880)={'gre0\x00', &(0x7f0000000740)={'syztnl0\x00', <r13=>r4, 0x700, 0x10, 0xdba, 0xfff, {{0x3d, 0x4, 0x2, 0x9, 0xf4, 0x66, 0x0, 0x7, 0x29, 0x0, @empty, @multicast1, {[@lsrr={0x83, 0x1b, 0x8e, [@multicast2, @broadcast, @multicast1, @multicast1, @rand_addr=0x64010101, @multicast2]}, @lsrr={0x83, 0x7, 0x1e, [@private=0xa010102]}, @end, @ssrr={0x89, 0x23, 0x7d, [@rand_addr=0x64010100, @remote, @private=0xa010102, @multicast2, @multicast2, @private=0xa010100, @dev={0xac, 0x14, 0x14, 0x22}, @rand_addr=0x64010101]}, @noop, @rr={0x7, 0x7, 0xcc, [@local]}, @cipso={0x86, 0x57, 0xffffffffffffffff, [{0x95acb24b32ad7ee6, 0x6, "e889118d"}, {0x0, 0x4, "589b"}, {0x5, 0xa, "93504d74f1d1914a"}, {0x7, 0x5, "129cbb"}, {0x7, 0xe, "ed9f0dfedf97cb88073d50dd"}, {0x5, 0xe, "59d690415eaec9eb797980f4"}, {0x0, 0x4, "3faa"}, {0x6, 0x8, "872ae9ea798d"}, {0x1, 0x10, "3da0055869984cc71a5affe81666"}]}, @cipso={0x86, 0x39, 0x3, [{0x0, 0xe, "50509f291e29c9efe15872c7"}, {0x0, 0xf, "53e394f7d2d235b4a9f62519cc"}, {0x0, 0xb, "27c8c8344dc9f2560e"}, {0x2, 0xb, "6961ec80f86474c058"}]}]}}}}}) sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000a80)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000a40)={&(0x7f00000008c0)={0x144, r11, 0x4, 0x70bd29, 0x25dfdbfd, {}, [@HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r13}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x144}, 0x1, 0x0, 0x0, 0x440d2}, 0x40000) r14 = syz_open_procfs$userns(r8, &(0x7f0000000e40)) ioctl$BINDER_WRITE_READ(r9, 0xc0306201, &(0x7f0000002200)={0x154, 0x0, &(0x7f0000001080)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000ac0)={@flat=@handle={0x73682a85, 0x1000, 0x1}, @fda={0x66646185, 0x9, 0x2, 0x1d}, @flat=@handle={0x73682a85, 0x1, 0x1}}, &(0x7f0000000b40)={0x0, 0x18, 0x38}}}, @dead_binder_done, @free_buffer, @decrefs={0x40046307, 0x1}, @register_looper, @transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000cc0)={@ptr={0x70742a85, 0x0, &(0x7f0000000b80)=""/231, 0xe7, 0x1, 0x13}, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x1, &(0x7f0000000c80)=""/43, 0x2b, 0x0, 0x1}}, &(0x7f0000000d40)={0x0, 0x28, 0x40}}, 0x40}, @transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000e80)={@fda={0x66646185, 0x7, 0x2, 0x15}, @ptr={0x70742a85, 0x1, &(0x7f0000000d80)=""/178, 0xb2, 0x2, 0x13}, @fd={0x66642a85, 0x0, r14}}, &(0x7f0000000f00)={0x0, 0x20, 0x48}}}, @dead_binder_done, @transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000fc0)={@fd={0x66642a85, 0x0, r5}, @fd={0x66642a85, 0x0, r10}, @ptr={0x70742a85, 0x0, &(0x7f0000000f40)=""/84, 0x54, 0x0, 0x23}}, &(0x7f0000001040)={0x0, 0x18, 0x30}}}, @enter_looper], 0x1000, 0x0, &(0x7f0000001200)="51833ee00b57b280dac95e842353953dfb93a2551421431877906300c1c2fc95ee9323c34cea3767ac883e3cece45607148b4e5b236e7f3c7ba79ed97ad81308e5fe51c250891eb41c4a2956f9cb99a08b935ae9f75e54614cfe09864124526d435af5fce73eadae1e173fc82b877337518b5ec6b6b66db50c2092585c611d43fc13af662be0aaaae50e4ef71186348522208266b7702619abfe52e5f929aa0a2888cbf8013c32ecd1268ad0595df53485015e0d5f48f12841896802a7d4b4f2d6f0d769b57a715438e9125dcfca42a564b0cc2f74ddc4b33713123b963ab3b1f56a583def3fcc0ccf111c4aa63b3453719e53462a2206097a042222bf8053979ef5672b0691985ef9ee0859d288a31e2887763238cbb2ab97ed8e10ab48b0e875cc4963847adbff72158f85132948b8459196eccfc8afcf75e48213627868f9a57ecb7f45cc486df883a10a6cca01cc57e4b135ad88e6af259a101398533235700d72c78419b1cbf81fff8397ce6d73693eddace685f7dfdfd6a37b4ea790d41d4ac24c4d8ebe54fbd8ec65eeffaae490c7e7d37f3cd793b2d04d62c924ab2e13213564decfab4b68d6d4ed24009321bd419cd280ec702ed15799bb468feb5e9fe007439bd6207fe82b30f5cf7d60817f3c43e703176c67dee1df3c585e0de041a69ccfb205be702cc08116d4674a6ad00dc261b0ba0740b05bf465a059ef425a606d70ebed4b5e3c4cc1b41e76839d2c009a3d1cc2f11d8fbabf7d1479b025f97126cc7bb1c17b1deba0591b3c065902c7f8fe0dca48b01f0c070301b881a93046a7588620ea7754d93ad62a114b25c9898ae4efd0b646961edaec152938535096c4bc8c5f08c179831e33672d912dc9126386e8c831295c5c1fc14593645c068c012a971eeca3681d138f5fa4aea55f6ca6e6bbcdca3afb9ab2673d02088fe3e28a385d9ef0f4dedc27472d62c536c26d0a2dc33230f74a725c1612766ed67bb33e83112e9a8e46111fc543b9c73ceafea6befa088c2ca07a838c56ecc05d952fa26fc7aec251752cd9f0c28ce32f01c40d5340d91e696f7ea57b407e7273f29b06c39de3a7d8673b2c4dc2958e7544b96dccb8dd158de8a44f6888d2695a8d04694fb88e162a06a2178f48571f14d6c5a09baa4064f88f2f273694cfeefcc35b04e73edad618c23c56ae3f360bf248838dd27a8d29657b76fbf9577da8e91b31b49075882fb0359e78ad74b94861dac7c8fc883f0aa0ae0894c97c181506fa1276e701c4c8a43eece133eb8e4ca9ed9c79d1f247ed6187ea317507c89d54232bececb2043ac2bd9da51f313fcf5f73941737c1434e158eeef0c09b5f98354435358f4774fe28164af5f4e47fead71559602508080d7965ea8d6d6cd38de487ac4af34cb95d87058cdf728b00d151257c0322ab9f417422c28ea2156ebbf6503729eb23eb248740446cc97bd3a030b58e6e86b00d12783001f673ddaef42d554bfd09a2d95cfdb8189a1fe5e953e996d1eb6c6625f5f40be6de6fed563760bb739553a068b190b81146fb9edf39be0a86bcb5a2451b8774b6a2f6072f786553b5f378bfc6ec65b23c2a1a70db1bd5eab56fd15367a5be6af41c8d2625de41d3019344ae49bb278c4f61af06837218cdf21183b14a75e7b046f0e3eb6d387df095f5fff1ddbe413bc2c15b8753ee67ddae0fdbbd694ad0e1978abb496a921ff63851a496ca05c799ad2158ed2c8d6248a7bc1d57789e5a84360b3b8849dcf0641783f743f5ac7697797aed121b79ed512e9206c016f35922b7f31d749490b433b0b560c19b941f514a09bc05dba57d645b64ec1d53e36ff99d5a7e40e9aa1be4f4127fb44b9c588a4fc63a2da4ebde2cfb09f8122f06fc783ca5f00ca647e9193940b31b28776b20e5d6a1fcd1853825c8c6d52cbfd2210f5e8c877a10522b5a104a5a98491e82c2a003658c95a4bc1fc082ac55d453d50a02a5b3ecda35a9da530527606992ac61818465e4453ab507739d3d8512414a57b386f57ef47f3673d2da4f5e8862372407f43019f66080007d68708d1b4239b837bc19d92f3c0998923f8564ec197f6f5a44ff7491cb6de6be35dae3a16ab4cf2d769e7003328874be8fbde21f1ddc476669f6c9d5f2ca8ddde9763e31573461c9ef82b5af6f9d193d1a440afad8b1f7c7d6255c43f304494be776a40fb0230d410aa41c9d10eab399eaac611c7cf9b9ef923ffe2ac1c07544191b87c2c5014317bd320dbb89728b77ef55b16fb60b8858ae31f1def86d651d5beb535d9d992daf87ec0fb8c8d66f4eb3eac1514612657c28085a1a4108bac897fa68abc24e83b814e11381c3fa081dc92586b2d20beea4228b9d40c4cb7ac6c06c4c565e9d923ff171bb1ca6f5289cc63da636a3fa5c9eae24d4b8b389bc30887c95790fd6edc6fefb5f915cb336f4f627367a81f576e3512df4f40527bf076392ed09ab84748be76b2453d39e6e7a02e3239fc8f60330dd7d21e31c007a864241075707ce23374954640252e36082dddb53fd7293f6222476d5a3174d4b2919d7ae55cbba4881821f8fef63ea3c9aef7e41a9d64ad02f99f8d1aa0059916fb74125ff770130c52a1a88db1b26d7f83c5d1134385d7abd04cf4e87a8daa01d7db06ca4c8d9c27c7523c582932c1d1b7e1c86e77ceee4376c8dc7b5352c31d43ad13da4c040b0c0fb69f1053525fccd474b4604044c9e4af24185fe60eff51215db548cae4a4793952e32e529dd05bb79dc95c4c17f8369e0ee434155ccbeef72f3fd7857b258e925283527e40d9a078b20c6b3fbd277f12b8b90044e7b73b9a14cfc8a4f8bf71b973e07299edf7ac42fc3fc7fb60c06f8f1ccb15e08da120bb787f565ea20a989265c72a1198fd355d6a0c96a8f2bd51768634ac4825360c8f36bf696362bcab33bfea512adb0df8aae7dc4c8d53a148d80f6b15b5c4aa87274d31fab5da57747ce0afc04327418202d996142dcbe6899bcf4f07ba6a803c06e7a8e69689926693fb97fbe24c218bb6287aa4556c0a099a1d267b986dc780592222c370b8a30efdc892bd89fe9c61c809cedba9d7a2f4200f994b3c5ab6916e9cf0e0b0647645b7c00fc0e71eb66e568c64b0b9736a3f6c4870d2a538ffa60a6cd39325eee2f0a55f0a60b17c51a71d93344438bbd2f81f18042772f9ed53101f3cc88027f8a8bd23e0c54fe57993ddf27fece963d3019a7347eccf518a53b307c195a1d484bf86aace957543177d9495dbe996046be58aefb14252bd6c05bd26b1ad9407cf1d413c7f4a677b94757ef29e5778bad0e1be02ff3aa396db7421d9c876f4c49c6fcf9a44984facbc4ab559872e8a261d655c4efed1804adfb5a6235f16810fff6b2ed20f6425f062be19cc27700fc5fbc4bdf145d960b6feb319311dc76ff9e4122b931c2cba3c3776784d3cc0281dbbac9e7ad342b3130587d5ea59b64bbcd3f5a5d89d5afd99ca3a573fa0346688004682bcb87a5e91209e395d46b14e45ab3191a8909a05770ab787d2db5b62142259b981da5dc384999554317d804843b7d2aeae385789c2c6c1d7d47f8d0d5a0c97dcd583d6c43f469af1833b4ac19ded0c548d91aa8a9fad31f17c540dad9a0b22ce6aeee3e231220eacc46d6164bb92fe481e422f833c5dd4b7c981f16abb86e1c5fa4cc4322ea72e9a3ecb4340382c8a55ae859918ab432e7061a1b3d7b5342b7c9aa03525f0cd67c334bfe5c094cebfcb1369007a8d803d2fb2b9f8094e6175e1538e47995c0ce1e4c9258ae2cc613f84985260b46eafa9aaf57d9b1b0142cc1196a8c1e154b35ec3ba47e2aa8f92388d3e3b166a049518517bfe877232467fc4f4d047b58dd5d122001636ce08fea4422aa89ab6801cd6c6b3f19c1d485f454eb81428f7dcf763d9ba965c04052310125c3f544c5fe651af131d1767fb47e7d247e964a23054255ec8b53fe1739fc467eca67ae58a9d9d176643f4be3bcd4954d55036d38a45b7aec51f89ec909ab081c8cb906033e84fa1e108a61d37b3a2064c45b529708f6df3f482121953644415b6cf8cb9abc285211a1ba4a71349c70dad8b44eaa2fef636320743986c74bad63b2025783d7e620daf1e45ea3c8a499f8c65cbbde6833d53d1605e0fd85ba2a260ade5c33dd17be48320ae45b3ae2f3283d306078fe2d183636c626fb7610266663ef86eadaf78b85ae8c218c7e4fe777c1fcb6149ba4b3ba0828f97719d6541d4590638183bff9d5980260cb9ddac9587f41951b5333607d48b5196015a8ad85ad4ce553f437fa1068ace79cfb1b19af59ee27741d7bc3c08d958d44bf0edb06f92d70e7c7abb550f0d2bb7f1ca22712066f50c0618d6ea5e17824a696d5ef1e56f55adee31dd8a8a2071ae1efa44325c168f14f9d94c711f6150e9d50a52404ea3df87e032673273718f7c25fb4119998d93bbf036b4085c54ed42942fae449f5815e497e4f0729a4fa4ed938f3315b52f12569a3c1b266b0073018d2ac267e1abf8f80bcb4b06d5d2cb0986ba21acef24d0147a5c6baaafd660e6724e03cdc82ceba14aae63332517442793e2dd9d069b54e93c0562ad6830b966d777b011e08c9a58e176d9fdf5a89bcdf8e77eb8d02bf252450a20b8c2d462e26de96244f7f8a888016ede3b756fa662d8dd7c11812cc623188e1729e8f9354e1bf83effd60c08f70c6a39383a905b8b1abbb5d290b74864d44dacbb7b35cb34a6960c4d29bb2d8528dcdf8aebfa34ca99aeac17061e6722a5421b8820d62486c13f1ca071b052ef0b5b885f8e26c94c21bcec9a39a3460fec15912ff7a363030bea632dc004731e599d5e1a5c5113191fed7473a4d62b902a4f83c582143c45785410fbe1558f464ee9de0c3f011dbac52f311eada6c5698779cf3f98e7ec2e7ddacfd86c6bde8bd6ff8d75c6548d8420394bb1591d078ea040e4a53a78bfa0ac4eb918cd2c1382579e1301cbbe2ae5e121173c77ac4a70dc2ecabb6e43a86419ab89df56c5ef2023b0feb3d9612a26909d2bf617fdf0387ad2e231a7e7cf5dc3db43d240798b63c281366212bb11fd330a7fbb1f917d52b14795e9baba27cd28700d9a3b96ff60a0c3eb064b91328512533b9441430cd2b86ee4a4164d804625148706fbd473967614f31212ff4ff43882ca024f6427a4b6c7978138e70b153d1f7d5c3d00b1b28a977a903d136b54cd3e5b8394c51089373087ac31de9b7c766edf69e30a8409d207da0de603c25b4fcc866d12607a792f8b5aed7d8feae2c5177f7fb27d2eb5abeebc32a128541219bee469660027dec28b07d9caa3a711b3ce8deb097f019f6390b37ef4ef66433fef647e37df82bdbe72c47e024ecfa810a388f8e870a4463c2725a08e294d2f1e3b58690436da598c8f6bae8a4a579c74946af412f39f4ae6de160758ec1f6340a1784a7d9552c779253eaea2dc11e964f31c6037a9ea5ed99b459b82467810a4a738ddb62df9347ac18caddaae73a06e7498239cf9db0e31969a6a13bcb0592391360823b1f78c148d3edc1b484d6bfc6782901e585b240effffc211847215c0f2f20e13756586003752e5c5f84811fad97b853eb24a395616cb73a66699252b2285e5884a2d295bed9ffae41a8a938a5c7d081d654f75d4a7eae91436dc1cafa1b1a923088d1acb3d1ea3e6042b6ffc8cecb46de91e717c1095542addbcb6ff384232b1251f2beef76645932134de9740eb45d3b715c1979c7ef37f2ff984d751c226afbdea2bcffb56ce987a47baf9ee13c4d4e2c2b1590"}) tee(r7, r9, 0x5e8d1493, 0x1d) [ 1345.481959][ T3079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1345.711739][ T3079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1353.766594][ T3079] device hsr_slave_0 entered promiscuous mode [ 1353.802943][ T3079] device hsr_slave_1 entered promiscuous mode [ 1358.321310][ T3079] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1358.569294][ T3079] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1358.667080][ T3079] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1358.874450][ T3079] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1374.016370][ T3079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1374.992183][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1375.345501][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1384.680304][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1384.743914][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1385.042280][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1385.114003][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1386.353933][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1386.600491][ T3239] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1386.620305][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1386.835472][ T3239] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1388.826032][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1388.904458][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1389.423898][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1389.501630][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1389.831646][ T3079] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1391.004295][ T1935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1391.019847][ T1935] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready [ 1402.215259][ T3239] device hsr_slave_0 entered promiscuous mode [ 1402.394053][ T3239] device hsr_slave_1 entered promiscuous mode [ 1402.455475][ T3239] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 1402.464030][ T3239] Cannot create hsr debugfs directory [ 1407.920670][ T3239] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1408.055592][ T3239] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1408.214314][ T3239] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1408.400992][ T3239] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1409.487133][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1409.545918][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1415.966301][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1416.000486][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1416.191132][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1416.211426][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1416.358702][ T3079] device veth0_vlan entered promiscuous mode [ 1416.993687][ T3079] device veth1_vlan entered promiscuous mode [ 1417.745703][ T3239] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1418.500770][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 1418.586639][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 1418.971393][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1419.043541][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1419.323646][ T3079] device veth0_macvtap entered promiscuous mode [ 1419.545745][ T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1419.686192][ T3079] device veth1_macvtap entered promiscuous mode [ 1420.746357][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1420.829603][ T3195] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1421.191165][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1421.254475][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1421.611203][ T3079] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1421.615210][ T3079] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1421.616940][ T3079] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1421.632194][ T3079] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1424.495771][ T3079] cgroup: cgroup: disabling cgroup2 socket matching due to net_prio or net_cls activation [ 1426.552245][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 1426.600376][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 1426.875283][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 1426.921137][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 1427.225351][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 1427.446700][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 1428.589358][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 1428.672177][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 1429.021691][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 1429.132517][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 1429.456526][ T3239] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 1430.414160][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready [ 1430.435291][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready 00:23:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) sendmmsg$inet6(r1, &(0x7f0000000440)=[{{&(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x7}, 0x1c, &(0x7f0000000080)=[{&(0x7f0000000100)='\'', 0x1}], 0x1}}], 0x1, 0x0) openat$ttynull(0xffffffffffffff9c, 0x0, 0x101200, 0x0) sendto$inet6(r1, &(0x7f0000000000)='!', 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) socket$inet6_sctp(0xa, 0x5, 0x84) 00:23:57 executing program 0: r0 = syz_io_uring_setup(0x6e1, &(0x7f0000000040)={0x0, 0x0, 0x2}, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f00000000c0), &(0x7f0000000100)) io_uring_enter(r0, 0x59c4, 0x1ce7, 0x1, &(0x7f0000000000), 0xfffffffffffffd5f) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) io_uring_enter(r1, 0x1b08, 0xb049, 0x2, &(0x7f0000000140)={[0x8]}, 0x8) syz_io_uring_setup(0x3f9f, &(0x7f0000000180)={0x0, 0xb998, 0x4, 0x3, 0xcb, 0x0, r0}, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000200), &(0x7f0000000240)) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) io_uring_enter(r2, 0x47be, 0x2eec, 0x1, &(0x7f0000000280)={[0x5]}, 0x8) 00:24:02 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1446.016648][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 1446.070989][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 1453.187077][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 1453.213433][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 1453.322157][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 1453.366678][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 1453.474283][ T3239] device veth0_vlan entered promiscuous mode [ 1453.879537][ T3239] device veth1_vlan entered promiscuous mode [ 1454.971237][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 1454.992501][ T3283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 1455.262955][ T3239] device veth0_macvtap entered promiscuous mode [ 1455.303934][ T26] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready [ 1455.505554][ T3239] device veth1_macvtap entered promiscuous mode [ 1456.195223][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 1456.262719][ T3274] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 1456.530738][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 1456.584248][ T938] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 1456.743344][ T3239] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1456.745282][ T3239] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1456.746920][ T3239] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1456.776488][ T3239] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 00:24:19 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:24:19 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:24:23 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:24:25 executing program 0: r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) ioctl$BTRFS_IOC_BALANCE(r0, 0x5000940c, 0x0) sendmsg$TIPC_CMD_GET_NODES(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x0, 0x1, 0x70bd2b, 0x25dfdbfe, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4080000}, 0x20000000) ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0x8004510b, &(0x7f00000001c0)) syz_mount_image$ext4(0x0, &(0x7f0000002780)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000000c0)=@v1={0x0, @adiantum, 0x0, @desc3}) ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000180)={0x8000}) [ 1469.786805][ T3567] syz-executor.0 (pid 3567) is setting deprecated v1 encryption policy; recommend upgrading to v2. 00:24:28 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:24:31 executing program 0: r0 = syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f0000000640)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[]) symlinkat(&(0x7f00000000c0)='.\x00', r0, &(0x7f0000000100)='mnt\x00') lseek(r0, 0x81, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r4=>0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) umount2(&(0x7f0000000180)='mnt\x00', 0x5) bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4}, 0x18) connect$can_j1939(r3, &(0x7f0000000140)={0x1d, r4, 0x0, {0x1}}, 0x18) connect$l2tp(r2, &(0x7f00000001c0)={0x2, 0x0, @broadcast, 0x3}, 0x10) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f00000002c0)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x15, @dev, @private1={0xfc, 0x1, '\x00', 0x1}}}) r5 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@authinfo={0x18}], 0x18}, 0x0) setsockopt$sock_void(r5, 0x1, 0x0, 0x0, 0x0) 00:24:33 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) [ 1476.791440][ T3573] tmpfs: Unknown parameter 'syztnl2' 00:24:37 executing program 0: r0 = syz_mount_image$tmpfs(&(0x7f0000000280), &(0x7f0000000640)='mnt\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[]) symlinkat(&(0x7f00000000c0)='.\x00', r0, &(0x7f0000000100)='mnt\x00') lseek(r0, 0x81, 0x0) r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = fcntl$dupfd(r1, 0x0, r1) r3 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', <r4=>0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) umount2(&(0x7f0000000180)='mnt\x00', 0x5) bind$can_j1939(r3, &(0x7f0000000100)={0x1d, r4}, 0x18) connect$can_j1939(r3, &(0x7f0000000140)={0x1d, r4, 0x0, {0x1}}, 0x18) connect$l2tp(r2, &(0x7f00000001c0)={0x2, 0x0, @broadcast, 0x3}, 0x10) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000000200)={'ip6_vti0\x00', &(0x7f00000002c0)={'syztnl2\x00', r4, 0x0, 0x0, 0x0, 0x0, 0x15, @dev, @private1={0xfc, 0x1, '\x00', 0x1}}}) r5 = socket$inet_sctp(0x2, 0x1, 0x84) sendmsg$inet_sctp(r5, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@authinfo={0x18}], 0x18}, 0x0) setsockopt$sock_void(r5, 0x1, 0x0, 0x0, 0x0) 00:24:40 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 00:24:43 executing program 0: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000100)=@assoc_value={0x0, 0x8a3}, 0x8) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @empty}, 0xfffffffffffffdc5) sendto$inet(r0, &(0x7f0000001340)="8a", 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e23, @loopback}, 0x10) sendto$inet(r0, &(0x7f0000000040)='<', 0x19ffe, 0x80d00000, 0x0, 0x0) setsockopt$inet_mreqn(r0, 0x0, 0x0, 0x0, 0x0) sendto$inet(r0, &(0x7f0000000200)='g', 0x1, 0x0, 0x0, 0x0) 00:24:49 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 00:24:51 executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) 00:24:59 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) dup3(0xffffffffffffffff, r1, 0x0) 00:25:00 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:25:06 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) dup3(0xffffffffffffffff, r1, 0x0) 00:25:10 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:25:12 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) dup3(0xffffffffffffffff, r1, 0x0) 00:25:18 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:25:19 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:25:22 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:25:26 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:25:27 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:25:30 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:25:33 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) 00:25:34 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:25:38 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:25:39 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) 00:25:41 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:25:46 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:25:46 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) close(r2) 00:25:50 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:25:53 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) close(r2) 00:25:54 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:25:59 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) close(r2) 00:26:00 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:26:05 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:26:06 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(0xffffffffffffffff) 00:26:09 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:26:12 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(0xffffffffffffffff) 00:26:12 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:26:15 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:26:18 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(0xffffffffffffffff) 00:26:19 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:26:23 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:26:24 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:26:26 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r1 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r1, 0xffffffffffffffff, 0x0) 00:26:30 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:26:31 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r1, 0x0) 00:26:33 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r1, 0x0) 00:26:37 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:26:38 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}) sendfile(0xffffffffffffffff, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r1, 0x0) 00:26:41 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:26:44 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:26:46 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:26:48 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:26:52 executing program 1: openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, 0xffffffffffffffff, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, r0, 0x0) 00:26:57 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:27:00 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x0) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:06 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:27:07 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x0) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:11 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:11 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x0) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:16 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:20 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:22 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:28 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, 0x0, 0x2, 0x0) dup3(r3, r1, 0x0) 00:27:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:32 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:27:33 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(0xffffffffffffffff, r1, 0x0) 00:27:37 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:27:40 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(0xffffffffffffffff, r1, 0x0) 00:27:42 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(0xffffffffffffffff, 0x540f, 0xea007) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) 00:27:47 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(0xffffffffffffffff, r1, 0x0) 00:27:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:27:54 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) 00:27:57 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:00 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) 00:28:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:05 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:06 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) sendfile(r1, r0, 0x0, 0x100000001) r2 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r2, 0xffffffffffffffff, 0x0) 00:28:09 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:14 executing program 1: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:14 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(r1) 00:28:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(r1) 00:28:20 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:28:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(r1) 00:28:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(0xffffffffffffffff) 00:28:25 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:28:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(0xffffffffffffffff) 00:28:32 executing program 1: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) 00:28:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(0xffffffffffffffff) 00:28:38 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) dup3(0xffffffffffffffff, r1, 0x0) 00:28:38 executing program 0: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:28:45 executing program 1: lgetxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)=@known='trusted.overlay.origin\x00', &(0x7f00000000c0)=""/15, 0xf) r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) recvmmsg(r0, &(0x7f0000000d80)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmmsg$inet6(r2, &(0x7f0000000dc0)=[{{&(0x7f0000000100)={0xa, 0x4e22, 0x0, @local, 0xc5}, 0x1c, &(0x7f00000006c0)=[{&(0x7f0000000180)="283984080e03ce69315a17ccbdb2d7157f1ad176bcac796414b57fe6fee420f8c5eb", 0x22}, {&(0x7f00000001c0)="96743386bdf4eaaeaf4dad7ff98b2611ed7776c2c5b7853d0287123ce1024a099e34163535a99c64a8589a17a688debf88934920907f96c18725544c7330ca6291d70abe2af6c824dea8766f17c4a8d918e5ccdbae8a2f278c93c4f051336b8391c85d76b212817b3aeac6bb2577e91158d5ef9443e96513", 0x78}, {&(0x7f0000000240)="24391fbe084b33dbb51282cba25293a140c4b7be753f008f5dff9ac99c3dd69f2cda375c9f1806887d64b93667a9a1a0bf01a125069e8b3a5f4fec8c62b43a9905f72186", 0x44}, {&(0x7f00000002c0)="9215922e70ba89b6121be888961dd841dfbd8e11aff4e54f109c4f56d58f48d246bb283ffbb0e272ac9f7c6e5c665be21d", 0x31}, {&(0x7f0000000300)="681e36f3b8b81dd42330fa10ceb9d80aaaacbf2588fcb359cc9dc6b78930d7460391dba0688032b443aedf8a56dccce27daa167e9d9e4140715da38335ff3c898c4689c9b35cda15862b269758fcf7", 0x4f}, {&(0x7f0000000380)="b62901662ef275fef957abdeebbaf32fedfd2aef03968e31e5dd485c3d90ff2f58aada3e7927561147f840ecfee71216d41a6c46391c1c2f431ec5dea360e1acdfb1af", 0x43}, {&(0x7f0000000400)}, {&(0x7f0000000440)="6d85fe0e107162fdb715fe34cfe5377f2f3a297af25e9313bdf887a37857d0ddfca43f331f7810f15be8701ecb4b68385f5a0390812adbef53f7dc82704701c38f236aca7a3bd95a5392eb4bb8ae04978a914ba5c4c487ed02a821596402302bf1f89ddb511a2949374d1f70254b57bb787743d6c3b3ea2cd1e5e63f29a6780517f63e13730e0c26c927285eb559253c7c4a3edec3e9bf16416e12067776217be870f7f637671a8b38a6d623494f742b0cb5901608463e1e9e49cd", 0xbb}, {&(0x7f00000005c0)="32a58bac0e7bdd055463aeefec852a6b0b732cde69d3d569a37c9a7d247a2aa77ba95c9f0d14c2cd01b66be7bc40c330f4455d2d76969a4cba6e6e3213cf18dba4c38c3f555e392168d133fd2234ea621ba3c52baff5d7344f0b73262cc3dda8fe1c4c0ae8b3a919ea27d7ad49bb0efbe9993a735752b49ab3fab7160ee707dda43e28f49eecf694d4c3337831fc417993359e4435ec961c8d6cfb9356a3092eed0527e890e66e60025e8c2f8258b6041b36b36e5d5611b8c4caeaf64fc1962ce9e2f5d8c72f63256825c6d7dc08c52e81", 0xd1}, {&(0x7f0000000500)="896c832e97c338e510b1f5d331661c3ad8508db7ce0f26ddbd69dc06bef4c2a49936f2e84a8d38d822457fb0aa", 0x2d}], 0xa, &(0x7f0000000540)=[@tclass={{0x14, 0x29, 0x43, 0x7ff}}], 0x18}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000780)="4273458419258ac479ecaaa24651c831c2fd5cb5afd7664443e51ab0d8bed9870500386cef916de380540a28fcb120d3787b5c6aff22e1d58422cb0c285544023b1c89375bcd7dd792d3992c15a9e95c734ea4176ae906214d356329c3510f8edb64a84878b3d9729502152671111f42e1d926713e64ca6ece67fd4f2a033720c3030698fecda2738672389831870d3400ba9d52465df9194482fac8258941ae1d3f506283440273bf5614d3fbb087e117dbf3a17ccf21aa1fb35b141b0cff64493cf868485a3e15bb1ca35a", 0xcc}, {&(0x7f0000000880)="f110cd01f703a85d88eb562431c95ffa6bbcf767df9d1415a5d1b74737226c0c31b0ec5f7fea501b3281da58484890d76b22ce8caba99369544f17bd969049ca87e439b258f72832b18ea11509589f7705ae0c3b3b7999967d86b1f721274ee0547076f72fa457acf81c262b2d714b264be02e0b737346610073cdf0f95dfa88e98ee72b04156021e18682bf1f5780b55c8952b877edd38c83bcca59dd546accb9eb7b72bc0b46b490dd7cbe56e9a206659f0f50bd0c8a1f39dd007acc6806a8fbad025864d220", 0xc7}, {&(0x7f0000000980)="84956c8293a2b0f92c6992297aad048d6aafbda5ce875dfa2728040c9d2e2a4a6ca0cfe1f699211b8b32465517821c6135c1431cf8b13d8c3ddae55edd2e0149334d9f9cc5e2fc905403ee8e2036c9847eacc83af84cff92a5884d4efe167331013a9fee268743e51e4ab690a314e61c772a19df757ab961fb95bc0fcffb8e1b26f4c65cbfca741e11c21fdc26c0f6e973b2c6fe2bd1de21e8e58bc83168a6a3636f61fd2e0d", 0xa6}, {&(0x7f0000000a40)="0f2e228ca13931f44970ad21f67c94b514eaf29b", 0x14}, {&(0x7f0000000a80)="ca35924bdfc6cb5dd36c442a9f249bce302505701fb2775ae607684e5418cf69d77a319c2df2d2b923e7614e782934e4e7a4bb070a757ee0fc7a4fdfee5fa35ba90da322ac09e3173639b4324ff7c94740b0aa166bf016ff9d44d47b309cfa3af094720eb55d63c2a270a1b7e510c42d609211e101387bfb42fd71aa208550845f85eb465319744093d5d9b30150b57481cb7f26a9fae3b72da7494b87397a4c7e47d2517ba66a3fe3080c915171d5ca46d4354f75089e1ed9c0c685b24d349a788c4526dedac3f65a63de164de4b7abbe81411524b1da", 0xd7}], 0x5, &(0x7f0000000c00)=[@hoplimit={{0x14, 0x29, 0x34, 0x3b2c}}, @dontfrag={{0x14, 0x29, 0x3e, 0x1}}, @pktinfo={{0x24, 0x29, 0x32, {@loopback}}}, @tclass={{0x14, 0x29, 0x43, 0x8}}, @dstopts={{0xb0, 0x29, 0x37, {0x1d, 0x12, '\x00', [@ra={0x5, 0x2, 0x6}, @generic={0x1, 0x61, "bd7e5cf012ac9561c5db1566aa040f2c636c5d50b23de33a7da5e824608495218101e5d29e8160f8a2807c826248b0538bb9fa71465b0f1516072e5656adec6fee9541eed3714ba36b9daa9597cb423a4e1454317e4b075f082bcbc87968b81531"}, @enc_lim={0x4, 0x1, 0xff}, @pad1, @calipso={0x7, 0x10, {0x2, 0x2, 0x81, 0x8000, [0x5]}}, @enc_lim={0x4, 0x1, 0x3}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0xb}}]}}}], 0x120}}], 0x2, 0x40) sendto$inet6(r0, &(0x7f0000000040)="220dba48", 0xfe81, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @dev, 0x6}, 0x7f) 00:28:46 executing program 0 (fault-call:4 fault-nth:0): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1732.136847][ T3805] FAULT_INJECTION: forcing a failure. [ 1732.136847][ T3805] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 1732.153025][ T3805] CPU: 0 PID: 3805 Comm: syz-executor.0 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1732.156701][ T3805] Hardware name: riscv-virtio,qemu (DT) [ 1732.158424][ T3805] Call Trace: [ 1732.159544][ T3805] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1732.160782][ T3805] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1732.162153][ T3805] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1732.163477][ T3805] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1732.164565][ T3805] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1732.165903][ T3805] [<ffffffe000a3a098>] should_fail_usercopy+0x1e/0x26 [ 1732.167250][ T3805] [<ffffffe000977a38>] _copy_to_user+0x34/0xc0 [ 1732.168773][ T3805] [<ffffffe00045b6ec>] simple_read_from_buffer+0xbe/0x120 [ 1732.170042][ T3805] [<ffffffe00055744e>] proc_fail_nth_read+0x104/0x16e [ 1732.171369][ T3805] [<ffffffe0003fb8aa>] vfs_read+0x108/0x2ac [ 1732.173089][ T3805] [<ffffffe0003fbdbe>] ksys_read+0xb4/0x1b8 [ 1732.174447][ T3805] [<ffffffe0003fbeea>] sys_read+0x28/0x36 [ 1732.175841][ T3805] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:28:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:28:58 executing program 1 (fault-call:2 fault-nth:0): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1742.881255][ T3813] FAULT_INJECTION: forcing a failure. [ 1742.881255][ T3813] name failslab, interval 1, probability 0, space 0, times 1 [ 1742.883454][ T3813] CPU: 1 PID: 3813 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1742.885805][ T3813] Hardware name: riscv-virtio,qemu (DT) [ 1742.886781][ T3813] Call Trace: [ 1742.887909][ T3813] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1742.890022][ T3813] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1742.891359][ T3813] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1742.892651][ T3813] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1742.893879][ T3813] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1742.895913][ T3813] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1742.897649][ T3813] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1742.899573][ T3813] [<ffffffe0003b9476>] kmem_cache_alloc_trace+0x5e/0x2bc [ 1742.900996][ T3813] [<ffffffe00040ec12>] alloc_pipe_info+0xae/0x378 [ 1742.902303][ T3813] [<ffffffe000473310>] splice_direct_to_actor+0x3ae/0x3fa [ 1742.904136][ T3813] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1742.905531][ T3813] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1742.906809][ T3813] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1742.908700][ T3813] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:04 executing program 1 (fault-call:2 fault-nth:1): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:29:05 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r0 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x21000) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000001c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'team_slave_1\x00', <r2=>0x0}) r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f00000001c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r2}) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r6=>0x0}) sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0xfffffffffffffde7, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xffffffffffffff4f}]}]}]}, 0x34}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDPRL(r0, 0x89f5, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000000c0)={'sit0\x00', <r7=>0x0, 0x29, 0x7, 0xb9, 0x6, 0x4, @mcast1, @remote, 0x8000, 0x7, 0x2, 0x7ff}}) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000200)={'ip6gre0\x00', &(0x7f0000000180)={'ip6tnl0\x00', <r8=>0x0, 0x6, 0x7, 0x8, 0x40, 0x1, @local, @mcast2, 0x10, 0x7800, 0x400, 0x1}}) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000240)={'ip6tnl0\x00', <r9=>0x0, 0x29, 0xf1, 0x63, 0xfffff800, 0x4, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast1, 0x700, 0x80, 0x400}}) ioctl$sock_ipv6_tunnel_SIOCDEL6RD(0xffffffffffffffff, 0x89fa, &(0x7f0000000380)={'syztnl1\x00', &(0x7f0000000300)={'syztnl0\x00', <r10=>0x0, 0x4, 0x4, 0x4d, 0x1ff, 0x12, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @mcast2, 0x40, 0x700, 0x7, 0x80000000}}) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)={0x7e8, 0x0, 0x10, 0x70bd2d, 0x25dfdbfb, {}, [{{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x961e}}}]}}, {{0x8}, {0xbc, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x8}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x3ff}}}]}}, {{0x8, 0x1, r2}, {0x218, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x1000}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xd572}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff9}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xeb}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0xffffffff}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r6}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffff7}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0x254, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r7}}}, {0x4c, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x1c, 0x4, [{0xfff, 0x1, 0x3, 0x9}, {0xfff, 0x5, 0x0, 0x5d32}, {0x9, 0x11, 0xff, 0x6}]}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x7ff}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r8}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8}, {0x140, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xce91}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r9}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0xfffffc00}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffffffe}}, {0x8}}}]}}, {{0x8, 0x1, r10}, {0xb8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8}}, {0x8}}}, {0x74, 0x1, @bpf_hash_func={{0x24}, {0x5}, {0x44, 0x4, [{0x8, 0x3, 0x8, 0x7}, {0x6, 0x0, 0x9, 0x6}, {0x3, 0x3, 0x1f, 0x10001}, {0x0, 0x8, 0xa0, 0x9}, {0xcaf, 0x20, 0xff, 0x3}, {0x5, 0x7f, 0x3f, 0x1}, {0x5, 0x5b, 0x4c}, {0x8, 0x9, 0x6, 0x7f}]}}}]}}]}, 0x7e8}}, 0x0) r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r11, 0x400, 0x0) close(r11) [ 1748.669258][ T3817] FAULT_INJECTION: forcing a failure. [ 1748.669258][ T3817] name failslab, interval 1, probability 0, space 0, times 0 [ 1748.671394][ T3817] CPU: 1 PID: 3817 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1748.674028][ T3817] Hardware name: riscv-virtio,qemu (DT) [ 1748.675053][ T3817] Call Trace: [ 1748.675825][ T3817] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1748.677926][ T3817] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1748.680288][ T3817] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1748.681589][ T3817] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1748.682771][ T3817] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1748.684064][ T3817] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1748.685374][ T3817] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1748.686596][ T3817] [<ffffffe0003b8a4c>] __kmalloc+0x6e/0x332 [ 1748.688578][ T3817] [<ffffffe00040ecd6>] alloc_pipe_info+0x172/0x378 [ 1748.690528][ T3817] [<ffffffe000473310>] splice_direct_to_actor+0x3ae/0x3fa [ 1748.691909][ T3817] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1748.693283][ T3817] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1748.694773][ T3817] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1748.696009][ T3817] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:09 executing program 1 (fault-call:2 fault-nth:2): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:29:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1753.162761][ T3823] FAULT_INJECTION: forcing a failure. [ 1753.162761][ T3823] name failslab, interval 1, probability 0, space 0, times 0 [ 1753.165870][ T3823] CPU: 1 PID: 3823 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1753.167606][ T3823] Hardware name: riscv-virtio,qemu (DT) [ 1753.169159][ T3823] Call Trace: [ 1753.170029][ T3823] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1753.171467][ T3823] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1753.172915][ T3823] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1753.174264][ T3823] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1753.175823][ T3823] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1753.177931][ T3823] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1753.179930][ T3823] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1753.182413][ T3823] [<ffffffe0003b8a4c>] __kmalloc+0x6e/0x332 [ 1753.183793][ T3823] [<ffffffe00040ecd6>] alloc_pipe_info+0x172/0x378 [ 1753.185182][ T3823] [<ffffffe000473310>] splice_direct_to_actor+0x3ae/0x3fa [ 1753.186645][ T3823] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1753.188698][ T3823] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1753.190455][ T3823] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1753.191900][ T3823] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:13 executing program 1 (fault-call:2 fault-nth:3): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1757.856145][ T3828] FAULT_INJECTION: forcing a failure. [ 1757.856145][ T3828] name failslab, interval 1, probability 0, space 0, times 0 [ 1757.860760][ T3828] CPU: 1 PID: 3828 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1757.862371][ T3828] Hardware name: riscv-virtio,qemu (DT) [ 1757.863486][ T3828] Call Trace: [ 1757.864828][ T3828] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1757.866272][ T3828] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1757.868011][ T3828] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1757.870290][ T3828] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1757.871785][ T3828] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1757.873474][ T3828] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1757.875717][ T3828] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1757.877118][ T3828] [<ffffffe0003b8a4c>] __kmalloc+0x6e/0x332 [ 1757.879197][ T3828] [<ffffffe000492d92>] __blkdev_direct_IO_simple+0x110/0x4f0 [ 1757.881025][ T3828] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1757.883235][ T3828] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1757.884730][ T3828] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1757.886151][ T3828] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1757.887993][ T3828] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1757.890148][ T3828] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1757.891647][ T3828] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1757.893067][ T3828] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1757.894394][ T3828] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1757.895795][ T3828] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x2a6b00, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$BTRFS_IOC_TREE_SEARCH(r1, 0xd0009411, &(0x7f00000005c0)={{0x0, 0x8, 0x8, 0xa1, 0x40, 0x3, 0x4, 0x7, 0x8, 0x7fff, 0x1ca, 0x8, 0x9e0, 0x4772, 0x8}}) 00:29:18 executing program 1 (fault-call:2 fault-nth:4): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1763.015995][ T3833] FAULT_INJECTION: forcing a failure. [ 1763.015995][ T3833] name failslab, interval 1, probability 0, space 0, times 0 [ 1763.034068][ T3833] CPU: 1 PID: 3833 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1763.036141][ T3833] Hardware name: riscv-virtio,qemu (DT) [ 1763.037731][ T3833] Call Trace: [ 1763.038847][ T3833] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1763.041069][ T3833] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1763.042512][ T3833] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1763.043937][ T3833] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1763.045928][ T3833] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1763.047459][ T3833] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1763.049388][ T3833] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1763.050667][ T3833] [<ffffffe0003b8a4c>] __kmalloc+0x6e/0x332 [ 1763.052041][ T3833] [<ffffffe000492d92>] __blkdev_direct_IO_simple+0x110/0x4f0 [ 1763.054467][ T3833] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1763.056034][ T3833] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1763.057927][ T3833] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1763.060022][ T3833] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1763.061624][ T3833] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1763.063110][ T3833] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1763.064637][ T3833] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1763.066121][ T3833] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1763.067990][ T3833] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1763.069928][ T3833] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) fcntl$setlease(r3, 0x400, 0x0) close(r1) 00:29:24 executing program 1 (fault-call:2 fault-nth:5): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1768.155856][ T3838] FAULT_INJECTION: forcing a failure. [ 1768.155856][ T3838] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 1768.175883][ T3838] CPU: 1 PID: 3838 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1768.177833][ T3838] Hardware name: riscv-virtio,qemu (DT) [ 1768.179243][ T3838] Call Trace: [ 1768.180145][ T3838] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1768.181575][ T3838] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1768.182973][ T3838] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1768.184370][ T3838] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1768.185756][ T3838] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1768.187232][ T3838] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1768.189205][ T3838] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1768.190820][ T3838] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1768.192408][ T3838] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1768.193666][ T3838] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1768.195023][ T3838] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1768.196447][ T3838] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1768.197824][ T3838] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1768.199175][ T3838] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1768.200656][ T3838] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1768.202054][ T3838] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1768.203535][ T3838] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1768.208262][ T3838] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1768.210606][ T3838] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1768.212008][ T3838] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1768.213300][ T3838] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1768.214565][ T3838] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) sendmsg$AUDIT_MAKE_EQUIV(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={0x28, 0x3f7, 0x10, 0x70bd2a, 0x25dfdbfd, {0x7, 0x7, './file0', './file0'}}, 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x4008000) close(r1) fchmod(r1, 0xc0) 00:29:29 executing program 1 (fault-call:2 fault-nth:6): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1773.799910][ T3845] FAULT_INJECTION: forcing a failure. [ 1773.799910][ T3845] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1773.806379][ T3845] CPU: 1 PID: 3845 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1773.810947][ T3845] Hardware name: riscv-virtio,qemu (DT) [ 1773.812655][ T3845] Call Trace: [ 1773.814041][ T3845] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1773.815542][ T3845] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1773.816969][ T3845] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1773.819232][ T3845] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1773.820726][ T3845] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1773.822129][ T3845] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1773.823672][ T3845] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1773.825344][ T3845] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1773.826896][ T3845] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1773.829115][ T3845] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1773.830635][ T3845] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1773.832160][ T3845] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1773.833758][ T3845] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1773.835203][ T3845] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1773.836758][ T3845] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1773.839164][ T3845] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1773.840874][ T3845] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1773.842359][ T3845] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1773.844770][ T3845] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1773.846294][ T3845] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1773.847887][ T3845] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1773.850241][ T3845] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:33 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f0000000000)) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:29:34 executing program 1 (fault-call:2 fault-nth:7): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1778.772764][ T3851] FAULT_INJECTION: forcing a failure. [ 1778.772764][ T3851] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1778.775153][ T3851] CPU: 0 PID: 3851 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1778.777774][ T3851] Hardware name: riscv-virtio,qemu (DT) [ 1778.779373][ T3851] Call Trace: [ 1778.780559][ T3851] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1778.781982][ T3851] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1778.783492][ T3851] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1778.784793][ T3851] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1778.785978][ T3851] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1778.786886][ T3851] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1778.788160][ T3851] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1778.789655][ T3851] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1778.791394][ T3851] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1778.793386][ T3851] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1778.794821][ T3851] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1778.796349][ T3851] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1778.798649][ T3851] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1778.800760][ T3851] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1778.802217][ T3851] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1778.803572][ T3851] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1778.805033][ T3851] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1778.806350][ T3851] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1778.808560][ T3851] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1778.810479][ T3851] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1778.811795][ T3851] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1778.813137][ T3851] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x4) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$TCXONC(r1, 0x540a, 0x1) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) 00:29:40 executing program 1 (fault-call:2 fault-nth:8): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1784.021046][ T3857] FAULT_INJECTION: forcing a failure. [ 1784.021046][ T3857] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1784.043161][ T3857] CPU: 0 PID: 3857 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1784.044555][ T3857] Hardware name: riscv-virtio,qemu (DT) [ 1784.045359][ T3857] Call Trace: [ 1784.046044][ T3857] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1784.047045][ T3857] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1784.048486][ T3857] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1784.049760][ T3857] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1784.051280][ T3857] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1784.052304][ T3857] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1784.053373][ T3857] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1784.055321][ T3857] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1784.056596][ T3857] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1784.057616][ T3857] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1784.059384][ T3857] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1784.060549][ T3857] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1784.061653][ T3857] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1784.062679][ T3857] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1784.063762][ T3857] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1784.064846][ T3857] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1784.065977][ T3857] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1784.066963][ T3857] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1784.069016][ T3857] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1784.070822][ T3857] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1784.071844][ T3857] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1784.072990][ T3857] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:44 executing program 1 (fault-call:2 fault-nth:9): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:29:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$TCXONC(r0, 0x540a, 0x3) [ 1787.659916][ T3862] FAULT_INJECTION: forcing a failure. [ 1787.659916][ T3862] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1787.662130][ T3862] CPU: 0 PID: 3862 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1787.663695][ T3862] Hardware name: riscv-virtio,qemu (DT) [ 1787.664701][ T3862] Call Trace: [ 1787.665522][ T3862] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1787.666958][ T3862] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1787.669299][ T3862] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1787.670685][ T3862] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1787.672138][ T3862] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1787.674422][ T3862] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1787.675978][ T3862] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1787.677755][ T3862] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1787.679959][ T3862] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1787.681346][ T3862] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1787.683060][ T3862] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1787.684598][ T3862] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1787.686689][ T3862] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1787.689270][ T3862] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1787.690855][ T3862] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1787.692316][ T3862] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1787.693882][ T3862] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1787.695277][ T3862] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1787.696827][ T3862] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1787.699273][ T3862] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1787.700776][ T3862] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1787.702290][ T3862] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:48 executing program 1 (fault-call:2 fault-nth:10): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:29:49 executing program 0: openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x41, 0x10) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x260383, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fallocate(r0, 0x5, 0x20, 0x100000001) ioctl$TCSETAW(r2, 0x5407, &(0x7f0000000140)={0x7fff, 0x0, 0x11, 0x4, 0x6, "223ab6dd39a79307"}) close(r2) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f00000000c0)) [ 1792.656677][ T3868] FAULT_INJECTION: forcing a failure. [ 1792.656677][ T3868] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1792.691561][ T3868] CPU: 0 PID: 3868 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1792.693367][ T3868] Hardware name: riscv-virtio,qemu (DT) [ 1792.694347][ T3868] Call Trace: [ 1792.695201][ T3868] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1792.696591][ T3868] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1792.698520][ T3868] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1792.700451][ T3868] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1792.701733][ T3868] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1792.703091][ T3868] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1792.704700][ T3868] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1792.706129][ T3868] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1792.707749][ T3868] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1792.709156][ T3868] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1792.710685][ T3868] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1792.713806][ T3868] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1792.715406][ T3868] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1792.716894][ T3868] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1792.718836][ T3868] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1792.720319][ T3868] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1792.721845][ T3868] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1792.723212][ T3868] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1792.724686][ T3868] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1792.726104][ T3868] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1792.727514][ T3868] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1792.729584][ T3868] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:29:54 executing program 1 (fault-call:2 fault-nth:11): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:29:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000140)={0x100, 0x3, &(0x7f0000000000)=[0x8, 0x8, 0x7], &(0x7f0000000040)=[0xffff, 0x145, 0x1, 0x1], &(0x7f00000000c0)=[0x41, 0x7b42, 0x0, 0x3, 0x1000], &(0x7f0000000100)=[0x6, 0x80000000, 0x5, 0x1ff, 0x6, 0x1, 0x10001], 0x0, 0x1a9a}) close(r1) [ 1798.843589][ T3876] FAULT_INJECTION: forcing a failure. [ 1798.843589][ T3876] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1798.845862][ T3876] CPU: 0 PID: 3876 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1798.847531][ T3876] Hardware name: riscv-virtio,qemu (DT) [ 1798.849204][ T3876] Call Trace: [ 1798.850153][ T3876] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1798.851616][ T3876] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1798.853068][ T3876] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1798.854363][ T3876] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1798.855682][ T3876] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1798.857161][ T3876] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1798.859558][ T3876] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1798.861100][ T3876] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1798.862661][ T3876] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1798.864010][ T3876] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1798.865441][ T3876] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1798.866943][ T3876] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1798.869303][ T3876] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1798.870810][ T3876] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1798.872470][ T3876] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1798.874522][ T3876] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1798.876045][ T3876] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1798.877492][ T3876] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1798.879675][ T3876] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1798.881148][ T3876] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1798.882653][ T3876] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1798.884662][ T3876] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:00 executing program 1 (fault-call:2 fault-nth:12): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:30:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1804.586740][ T3883] FAULT_INJECTION: forcing a failure. [ 1804.586740][ T3883] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1804.631085][ T3883] CPU: 1 PID: 3883 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1804.633221][ T3883] Hardware name: riscv-virtio,qemu (DT) [ 1804.634321][ T3883] Call Trace: [ 1804.635210][ T3883] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1804.636800][ T3883] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1804.639137][ T3883] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1804.641410][ T3883] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1804.642748][ T3883] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1804.644231][ T3883] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1804.645822][ T3883] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1804.647515][ T3883] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1804.649877][ T3883] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1804.651332][ T3883] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1804.652817][ T3883] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1804.654478][ T3883] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1804.656118][ T3883] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1804.657938][ T3883] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1804.660071][ T3883] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1804.661979][ T3883] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1804.663501][ T3883] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1804.665177][ T3883] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1804.667472][ T3883] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1804.669642][ T3883] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1804.671119][ T3883] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1804.672661][ T3883] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:06 executing program 1 (fault-call:2 fault-nth:13): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:30:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000100)={0x0, 0x0, <r1=>0xffffffffffffffff}) fcntl$addseals(r1, 0x409, 0x4) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x600000, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth1\x00'}) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) fcntl$setlease(r3, 0x400, 0x2) close(r2) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r4, 0x400, 0x0) close(r4) openat(r4, &(0x7f0000000040)='./file0\x00', 0x642041, 0x1c8) [ 1810.043894][ T3889] FAULT_INJECTION: forcing a failure. [ 1810.043894][ T3889] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1810.046282][ T3889] CPU: 1 PID: 3889 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1810.048828][ T3889] Hardware name: riscv-virtio,qemu (DT) [ 1810.050546][ T3889] Call Trace: [ 1810.051465][ T3889] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1810.053016][ T3889] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1810.054655][ T3889] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1810.056751][ T3889] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1810.058654][ T3889] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1810.060182][ T3889] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1810.061822][ T3889] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1810.063889][ T3889] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1810.065422][ T3889] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1810.066719][ T3889] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1810.068867][ T3889] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1810.070407][ T3889] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1810.071996][ T3889] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1810.073501][ T3889] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1810.075203][ T3889] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1810.077372][ T3889] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1810.079676][ T3889] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1810.081229][ T3889] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1810.082945][ T3889] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1810.084496][ T3889] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1810.085904][ T3889] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1810.087374][ T3889] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:11 executing program 1 (fault-call:2 fault-nth:14): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:30:13 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1815.622084][ T3895] FAULT_INJECTION: forcing a failure. [ 1815.622084][ T3895] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1815.624243][ T3895] CPU: 0 PID: 3895 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1815.625847][ T3895] Hardware name: riscv-virtio,qemu (DT) [ 1815.626850][ T3895] Call Trace: [ 1815.628205][ T3895] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1815.629798][ T3895] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1815.631408][ T3895] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1815.633273][ T3895] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1815.634627][ T3895] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1815.636017][ T3895] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1815.637570][ T3895] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1815.639800][ T3895] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1815.641302][ T3895] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1815.642586][ T3895] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1815.643919][ T3895] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1815.645364][ T3895] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1815.646833][ T3895] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1815.648937][ T3895] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1815.650575][ T3895] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1815.652156][ T3895] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1815.654216][ T3895] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1815.655588][ T3895] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1815.657122][ T3895] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1815.659100][ T3895] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1815.660589][ T3895] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1815.661908][ T3895] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:17 executing program 1 (fault-call:2 fault-nth:15): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:30:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$KDSKBMODE(0xffffffffffffffff, 0x4b45, &(0x7f0000000000)=0x3) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1821.542367][ T3901] FAULT_INJECTION: forcing a failure. [ 1821.542367][ T3901] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1821.543859][ T3901] CPU: 0 PID: 3901 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1821.544975][ T3901] Hardware name: riscv-virtio,qemu (DT) [ 1821.545615][ T3901] Call Trace: [ 1821.546178][ T3901] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1821.547076][ T3901] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1821.548331][ T3901] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1821.549608][ T3901] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1821.550546][ T3901] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1821.551475][ T3901] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1821.552468][ T3901] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1821.553421][ T3901] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1821.554352][ T3901] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1821.555235][ T3901] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1821.556163][ T3901] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1821.557170][ T3901] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1821.558620][ T3901] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1821.559938][ T3901] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1821.560979][ T3901] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1821.561913][ T3901] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1821.562891][ T3901] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1821.563974][ T3901] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1821.565185][ T3901] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1821.566244][ T3901] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1821.567313][ T3901] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1821.568922][ T3901] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:22 executing program 1 (fault-call:2 fault-nth:16): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:30:24 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) recvmmsg(r1, &(0x7f0000000980)=[{{&(0x7f0000000000)=@nfc_llcp, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/118, 0x76}, {&(0x7f0000000140)=""/99, 0x63}, {&(0x7f00000001c0)=""/179, 0xb3}], 0x3, &(0x7f00000002c0)=""/72, 0x48}, 0x3}, {{&(0x7f0000000340)=@tipc=@name, 0x80, &(0x7f0000000600)=[{&(0x7f00000003c0)=""/122, 0x7a}, {&(0x7f0000000440)=""/27, 0x1b}, {&(0x7f0000000480)=""/239, 0xef}, {&(0x7f00000005c0)=""/47, 0x2f}], 0x4, &(0x7f0000000640)=""/115, 0x73}}, {{&(0x7f00000006c0)=@pppol2tpv3={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000740)=""/164, 0xa4}, {&(0x7f0000000800)=""/68, 0x44}, {&(0x7f0000000880)=""/49, 0x31}], 0x3, &(0x7f0000000900)=""/103, 0x67}, 0x2}], 0x3, 0x40000020, &(0x7f0000000a40)={0x77359400}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r5=>0x0}) sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r5}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0xfffffffffffffde7, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xffffffffffffff4f}]}]}]}, 0x34}}, 0x0) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r8=>0x0}) sendmsg$nl_route(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xc}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000b40)={'ip6gre0\x00', &(0x7f0000000ac0)={'sit0\x00', <r9=>0x0, 0x4, 0x5, 0x5, 0x200, 0xe, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x8000, 0x10, 0x0, 0x7ff}}) sendmsg$nl_route(r2, &(0x7f0000000c40)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b80)=@RTM_DELMDB={0x58, 0x55, 0x200, 0x70bd2c, 0x25dfdbfd, {0x7, r5}, [@MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x0, 0x3, {@ip4=@multicast1}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x1, 0x1, 0x3, {@in6_addr=@loopback}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000044}, 0x4000000) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000cc0)={0xc9, 0x7fffffff, 0x3, 0x0, 0x0, [{{r4}, 0xfdc3}, {{r7}, 0xffffffffffffff7b}, {{r7}, 0x9}]}) setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000c80)={0x1}, 0x4) [ 1826.864160][ T3908] FAULT_INJECTION: forcing a failure. [ 1826.864160][ T3908] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1826.866307][ T3908] CPU: 1 PID: 3908 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1826.868326][ T3908] Hardware name: riscv-virtio,qemu (DT) [ 1826.869804][ T3908] Call Trace: [ 1826.870669][ T3908] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1826.871998][ T3908] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1826.873313][ T3908] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1826.874580][ T3908] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1826.875812][ T3908] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1826.877246][ T3908] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1826.879419][ T3908] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1826.881028][ T3908] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1826.882494][ T3908] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1826.883888][ T3908] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1826.885325][ T3908] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1826.886778][ T3908] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1826.890143][ T3908] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1826.891622][ T3908] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1826.893150][ T3908] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1826.894546][ T3908] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1826.896038][ T3908] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1826.897480][ T3908] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1826.899614][ T3908] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1826.901092][ T3908] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1826.902362][ T3908] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1826.903704][ T3908] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:28 executing program 1 (fault-call:2 fault-nth:17): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1833.652415][ T3923] FAULT_INJECTION: forcing a failure. [ 1833.652415][ T3923] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1833.656130][ T3923] CPU: 1 PID: 3923 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1833.658512][ T3923] Hardware name: riscv-virtio,qemu (DT) [ 1833.660097][ T3923] Call Trace: [ 1833.661141][ T3923] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1833.662599][ T3923] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1833.663983][ T3923] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1833.665327][ T3923] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1833.666604][ T3923] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1833.668721][ T3923] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1833.670389][ T3923] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1833.671932][ T3923] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1833.673545][ T3923] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1833.674855][ T3923] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1833.676331][ T3923] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1833.678614][ T3923] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1833.680264][ T3923] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1833.681777][ T3923] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1833.683338][ T3923] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1833.684910][ T3923] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1833.686511][ T3923] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1833.688406][ T3923] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1833.690043][ T3923] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1833.691522][ T3923] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1833.693418][ T3923] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1833.694860][ T3923] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:33 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:30:34 executing program 1 (fault-call:2 fault-nth:18): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1838.037067][ T3929] FAULT_INJECTION: forcing a failure. [ 1838.037067][ T3929] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1838.064834][ T3929] CPU: 1 PID: 3929 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1838.066492][ T3929] Hardware name: riscv-virtio,qemu (DT) [ 1838.067965][ T3929] Call Trace: [ 1838.069223][ T3929] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1838.070718][ T3929] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1838.072100][ T3929] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1838.074103][ T3929] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1838.075439][ T3929] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1838.076954][ T3929] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1838.079044][ T3929] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1838.080584][ T3929] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1838.082060][ T3929] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1838.083401][ T3929] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1838.084822][ T3929] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1838.086303][ T3929] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1838.087916][ T3929] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1838.090323][ T3929] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1838.091877][ T3929] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1838.093442][ T3929] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1838.095682][ T3929] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1838.097135][ T3929] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1838.099269][ T3929] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1838.101298][ T3929] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1838.102776][ T3929] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1838.104241][ T3929] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:38 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = syz_open_dev$dmmidi(&(0x7f0000000000), 0xc9, 0x2c00c0) close(r2) 00:30:39 executing program 1 (fault-call:2 fault-nth:19): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1843.191286][ T3935] FAULT_INJECTION: forcing a failure. [ 1843.191286][ T3935] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1843.194885][ T3935] CPU: 1 PID: 3935 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1843.196573][ T3935] Hardware name: riscv-virtio,qemu (DT) [ 1843.197832][ T3935] Call Trace: [ 1843.198846][ T3935] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1843.200689][ T3935] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1843.202112][ T3935] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1843.203473][ T3935] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1843.204898][ T3935] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1843.207150][ T3935] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1843.209508][ T3935] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1843.211147][ T3935] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1843.212711][ T3935] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 1843.214054][ T3935] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 1843.215457][ T3935] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 1843.217004][ T3935] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 1843.219421][ T3935] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1843.220936][ T3935] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1843.222482][ T3935] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1843.223901][ T3935] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1843.225424][ T3935] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1843.226824][ T3935] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1843.229096][ T3935] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1843.230668][ T3935] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1843.232001][ T3935] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1843.233438][ T3935] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$KDFONTOP_SET_DEF(r0, 0x4b72, &(0x7f0000000000)={0x2, 0x1, 0x15, 0x1, 0x1a0, &(0x7f00000000c0)="d94f267a1a7b713bbb132e3b5cedf9008033f3d3dc35ea4d11d13e1fb798b747b0f634236c77a0d300758fd1da437c9361bcf850f996c8da3fb92c824c8630a839c1c87e9197d189f7c6502a25b7776f5f7efe7d58116d1b2af415a682c0e8a77576fcdf0d790553832897565d6b36955f85e7a4804c6c19d7adb692148e617cc0e03a91808bd38a1382f8aef8a0ddd985fda332091008b670107190785a0cb0624363b29f8ed7c1fa34c30b3a062bda91d17894159ef0fc5109717c5a9f2aef4674650c00f227665ee9d3f8c8a67834f0e9e504ad343dcce99be6a49f1427a229cc660a9c1dc232fcd0540da3b5e79f7a10a5364d2e1862a70c111821fba1406643bd322f93edf90a15efbae0aaf7a45f2045f1505523ee357fcbb4b38cb1913763029cecd570d7b123f1339b1d939906bd94e9648499865853c0cb485a72cc077d57f43f82e1a85a9cc70277d7f20a529a0dc116360257aedb97d06a3f20bedffd0eb769dcd3bcf26bbf98aa3dbc469732c5dce7c0fec771bcebf464173ddd5127fe755a94a328ac3041f4ab23392f77b31ebd2f2e21de1ca33844c2f15e00af075d111da75622c1cce7f65fd3e255c6f5acb5653393d7b37864cabee6ea1bedf8365bca580daac2f9abb272323798e8f3bf620c818070b93b60b6be9832b06f5dcabb3fe5f7c40bc24312bc2f0ed0a69a32333bb4af5ed2ee91f1e1e8e3417c18ffe261b062f5c25931808f37946a277b6190ee92f8f8de96d9c6180e1a247b17b6382f21f794dcb438bba5dbc9dc902ff149b7c3a68d042ef1d3ccf86911f6b88fbfed95e87444746aaed621821e3fedea4b42e01e3fd8ad0e4dad8be8cc597914273d8771bd6add17f4bd633fa0f1d3d1ebec5429e48d308b763161856c3ccb5531538794ff3d018dc637e0aa9f994978f80b226fe2e2d8b38d7bdccc72f03f31af5500b818a46dce5dfb3960bd7fad85b6228bc28016d77369b7477b58cbc2d4b92f6a8616004bcfc136f57c49a1d59cb7a83772e557798bc040d3aef879238440eddf0c94f2b2e958579b71b8ad138fd3cb479c68d57c53bb6cc8e07014094dd2c11375a99395f9cbf70cc37513f4ac148051adb3fe33d68c20ba26dade8c88628215f957e2b28fa26d90420a0d611b636c6ceee030c359d8d0cd7ef2a9f63a8e677af6a35d593c9589b497e3219ceeddee06f78f80558d8ca97761e962fd1f1ade2fda2854c868eff8a53048ec9f6a657d6075a63c3691ca806ef47703f470bdc05c2bda087f642694c4fb8c2ad1b5bab6ed0eed53fdccd620a9adb21cf03eb77bedcbca7faada2b656de61f0dfe0147e5575867f43c3d389d1bf740bb8e64ee92f647b4ecd66f1da7738e128a919ebc7a2e31f8d2ec3f33d974d2cd70a04af64c4b601e16986e36e47a0326ab98e0b36f0ebd28382af6ab4ab59c20"}) ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000040)={0x7, 0x2, 0x1, 0x2, 0x1, "776d8efb6fadaae648be58530fce9eee95e303", 0x5, 0x7}) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000500)={&(0x7f00000004c0)='./file0\x00', r1}, 0x10) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:30:44 executing program 1 (fault-call:2 fault-nth:20): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1849.407181][ T3941] FAULT_INJECTION: forcing a failure. [ 1849.407181][ T3941] name failslab, interval 1, probability 0, space 0, times 0 [ 1849.424052][ T3941] CPU: 0 PID: 3941 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1849.425454][ T3941] Hardware name: riscv-virtio,qemu (DT) [ 1849.426247][ T3941] Call Trace: [ 1849.426851][ T3941] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1849.428318][ T3941] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1849.429740][ T3941] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1849.430742][ T3941] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1849.431649][ T3941] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1849.432714][ T3941] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1849.434009][ T3941] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1849.435016][ T3941] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1849.436096][ T3941] [<ffffffe0008d15b4>] create_task_io_context+0x3c/0x244 [ 1849.437478][ T3941] [<ffffffe0008c57c6>] submit_bio_checks+0xd0a/0x12fc [ 1849.438806][ T3941] [<ffffffe0008c8fe0>] submit_bio_noacct+0x3e/0x818 [ 1849.440037][ T3941] [<ffffffe0008c99bc>] submit_bio+0x202/0x408 [ 1849.441006][ T3941] [<ffffffe000492f58>] __blkdev_direct_IO_simple+0x2d6/0x4f0 [ 1849.442068][ T3941] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 1849.443034][ T3941] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 1849.444124][ T3941] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 1849.445115][ T3941] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 1849.446126][ T3941] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 1849.447065][ T3941] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 1849.448358][ T3941] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1849.449744][ T3941] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1849.450895][ T3941] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1849.452074][ T3941] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$TIOCL_SCROLLCONSOLE(r1, 0x541c, &(0x7f0000000040)={0xd, 0x5f}) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:30:50 executing program 1 (fault-call:2 fault-nth:21): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1854.277308][ T3949] FAULT_INJECTION: forcing a failure. [ 1854.277308][ T3949] name failslab, interval 1, probability 0, space 0, times 0 [ 1854.301431][ T3949] CPU: 1 PID: 3949 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1854.304005][ T3949] Hardware name: riscv-virtio,qemu (DT) [ 1854.305466][ T3949] Call Trace: [ 1854.306277][ T3949] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1854.307942][ T3949] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1854.309687][ T3949] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1854.311363][ T3949] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1854.312852][ T3949] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1854.314590][ T3949] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1854.316055][ T3949] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1854.317811][ T3949] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1854.319767][ T3949] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1854.321163][ T3949] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1854.322898][ T3949] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1854.324427][ T3949] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1854.325871][ T3949] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1854.327419][ T3949] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1854.329269][ T3949] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1854.330615][ T3949] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1854.332112][ T3949] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1854.333799][ T3949] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1854.335134][ T3949] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1854.336602][ T3949] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1854.338651][ T3949] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1854.340248][ T3949] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1854.341928][ T3949] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1854.343469][ T3949] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1854.344993][ T3949] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1854.346644][ T3949] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1854.348676][ T3949] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:30:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) ioctl$TIOCGSOFTCAR(r1, 0x5419, &(0x7f0000000040)) ioctl$TCXONC(r0, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) sendmsg$nl_route(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@ipv6_getnetconf={0x24, 0x52, 0x400, 0x70bd25, 0x25dfdbfe, {}, [@NETCONFA_FORWARDING={0x8, 0x2, 0x200}, @NETCONFA_RP_FILTER={0x8, 0x3, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x40800) 00:30:54 executing program 1 (fault-call:2 fault-nth:22): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1858.212308][ T3953] FAULT_INJECTION: forcing a failure. [ 1858.212308][ T3953] name failslab, interval 1, probability 0, space 0, times 0 [ 1858.214537][ T3953] CPU: 0 PID: 3953 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1858.216208][ T3953] Hardware name: riscv-virtio,qemu (DT) [ 1858.217299][ T3953] Call Trace: [ 1858.218678][ T3953] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1858.220131][ T3953] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1858.223616][ T3953] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1858.225081][ T3953] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1858.226493][ T3953] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1858.228627][ T3953] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1858.230739][ T3953] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1858.232088][ T3953] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1858.233660][ T3953] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1858.234952][ T3953] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1858.236418][ T3953] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1858.238557][ T3953] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1858.240126][ T3953] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1858.242918][ T3953] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1858.244959][ T3953] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1858.246294][ T3953] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1858.251367][ T3953] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1858.255463][ T3953] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1858.256790][ T3953] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1858.258834][ T3953] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1858.260332][ T3953] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1858.261801][ T3953] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1858.263166][ T3953] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1858.264599][ T3953] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1858.265916][ T3953] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1858.267171][ T3953] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1858.269241][ T3953] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:00 executing program 1 (fault-call:2 fault-nth:23): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:31:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transaction_log\x00', 0x0, 0x0) ioctl$TIOCL_GETKMSGREDIRECT(r1, 0x541c, &(0x7f0000000000)) fcntl$setlease(r1, 0x400, 0x0) r2 = perf_event_open$cgroup(&(0x7f0000000080)={0x0, 0x80, 0x2, 0x5, 0x4, 0x1, 0x0, 0x101, 0x2080, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x100000001, 0x2}, 0x200, 0xb7, 0x0, 0x5, 0x800, 0x80000000, 0x4000, 0x0, 0x80000001, 0x0, 0x80000000}, r1, 0x4, r1, 0x8) close_range(0xffffffffffffffff, r2, 0x2) close(r1) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) close(r3) perf_event_open$cgroup(&(0x7f0000000100)={0x2, 0x80, 0x9, 0x5, 0x81, 0xb8, 0x0, 0x7, 0x400, 0x8, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x3, 0x2, @perf_config_ext={0x7fff, 0xfffffffffffffffe}, 0x40, 0x4, 0x3, 0x5, 0xffff, 0x2, 0x7, 0x0, 0x4b3, 0x0, 0x7f}, r3, 0xe, r2, 0x4) [ 1866.136695][ T3957] FAULT_INJECTION: forcing a failure. [ 1866.136695][ T3957] name failslab, interval 1, probability 0, space 0, times 0 [ 1866.183573][ T3957] CPU: 1 PID: 3957 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1866.185383][ T3957] Hardware name: riscv-virtio,qemu (DT) [ 1866.186387][ T3957] Call Trace: [ 1866.187218][ T3957] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1866.189282][ T3957] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1866.190658][ T3957] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1866.192019][ T3957] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1866.193434][ T3957] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1866.194857][ T3957] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1866.196237][ T3957] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1866.197779][ T3957] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1866.199930][ T3957] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1866.201326][ T3957] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1866.202915][ T3957] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1866.205002][ T3957] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1866.206429][ T3957] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1866.208634][ T3957] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1866.210439][ T3957] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1866.211872][ T3957] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1866.213444][ T3957] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1866.215433][ T3957] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1866.216777][ T3957] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1866.218786][ T3957] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1866.220290][ T3957] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1866.221793][ T3957] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1866.223260][ T3957] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1866.225349][ T3957] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1866.226742][ T3957] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1866.228554][ T3957] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1866.230446][ T3957] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:09 executing program 1 (fault-call:2 fault-nth:24): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1874.966899][ T3964] FAULT_INJECTION: forcing a failure. [ 1874.966899][ T3964] name failslab, interval 1, probability 0, space 0, times 0 [ 1875.031253][ T3964] CPU: 0 PID: 3964 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1875.034224][ T3964] Hardware name: riscv-virtio,qemu (DT) [ 1875.035301][ T3964] Call Trace: [ 1875.036195][ T3964] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1875.037777][ T3964] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1875.039840][ T3964] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1875.042735][ T3964] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1875.044802][ T3964] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1875.046376][ T3964] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1875.048487][ T3964] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1875.050536][ T3964] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1875.052128][ T3964] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1875.053596][ T3964] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1875.055036][ T3964] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1875.056583][ T3964] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1875.058680][ T3964] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1875.060285][ T3964] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1875.061687][ T3964] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1875.063091][ T3964] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1875.065220][ T3964] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1875.066663][ T3964] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1875.068709][ T3964] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1875.070301][ T3964] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1875.071932][ T3964] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1875.074090][ T3964] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1875.075596][ T3964] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1875.077134][ T3964] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1875.079116][ T3964] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1875.080602][ T3964] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1875.082067][ T3964] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:15 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) pidfd_getfd(0xffffffffffffffff, r0, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$TCXONC(r1, 0x540f, 0x2) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) 00:31:17 executing program 1 (fault-call:2 fault-nth:25): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1882.838410][ T3969] FAULT_INJECTION: forcing a failure. [ 1882.838410][ T3969] name failslab, interval 1, probability 0, space 0, times 0 [ 1882.840674][ T3969] CPU: 1 PID: 3969 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1882.841795][ T3969] Hardware name: riscv-virtio,qemu (DT) [ 1882.842591][ T3969] Call Trace: [ 1882.843225][ T3969] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1882.844603][ T3969] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1882.845509][ T3969] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1882.846598][ T3969] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1882.847706][ T3969] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1882.849121][ T3969] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1882.850157][ T3969] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1882.851117][ T3969] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1882.852175][ T3969] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1882.853772][ T3969] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1882.855012][ T3969] [<ffffffe0003b9162>] kmem_cache_alloc_node+0x14e/0x404 [ 1882.856145][ T3969] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1882.857472][ T3969] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1882.858768][ T3969] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1882.860152][ T3969] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1882.861424][ T3969] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1882.862545][ T3969] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1882.863464][ T3969] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1882.864457][ T3969] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1882.865537][ T3969] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1882.866536][ T3969] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1882.867600][ T3969] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1882.868898][ T3969] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1882.869967][ T3969] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1882.871047][ T3969] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1882.872044][ T3969] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1882.873101][ T3969] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1882.874068][ T3969] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1882.875031][ T3969] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1882.876012][ T3969] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:24 executing program 0: r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r0, 0x400454d0, 0xffffffffffffffff) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x8) r2 = socket(0x10, 0xa, 0xffffb2f6) r3 = syz_open_dev$amidi(&(0x7f0000000000), 0x9, 0x8001) clock_gettime(0x0, &(0x7f00000000c0)={<r4=>0x0, <r5=>0x0}) ppoll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x5080}, {0xffffffffffffffff, 0x80}, {0xffffffffffffffff, 0x400}, {r0, 0x10}, {r1, 0xac8be5162dee69ee}, {r2, 0x2280}, {r3, 0x204}], 0x7, &(0x7f0000000100)={r4, r5+60000000}, &(0x7f0000000140)={[0x3]}, 0x8) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r6, 0x540f, 0xea007) r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r7, 0x400, 0x0) close(r7) 00:31:24 executing program 1 (fault-call:2 fault-nth:26): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1887.946636][ T3975] FAULT_INJECTION: forcing a failure. [ 1887.946636][ T3975] name failslab, interval 1, probability 0, space 0, times 0 [ 1887.960720][ T3975] CPU: 0 PID: 3975 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1887.962602][ T3975] Hardware name: riscv-virtio,qemu (DT) [ 1887.963663][ T3975] Call Trace: [ 1887.964554][ T3975] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1887.965999][ T3975] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1887.967401][ T3975] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1887.969539][ T3975] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1887.970562][ T3975] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1887.971779][ T3975] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1887.973044][ T3975] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1887.974430][ T3975] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1887.975598][ T3975] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1887.976630][ T3975] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1887.978349][ T3975] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1887.980579][ T3975] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1887.981778][ T3975] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1887.982915][ T3975] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1887.983931][ T3975] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1887.984971][ T3975] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1887.986037][ T3975] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1887.987462][ T3975] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1887.989147][ T3975] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1887.990272][ T3975] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1887.991527][ T3975] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1887.993365][ T3975] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1887.995109][ T3975] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1887.996199][ T3975] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1887.997350][ T3975] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1887.998951][ T3975] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1888.000562][ T3975] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:28 executing program 1 (fault-call:2 fault-nth:27): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:31:29 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1892.563543][ T3979] FAULT_INJECTION: forcing a failure. [ 1892.563543][ T3979] name failslab, interval 1, probability 0, space 0, times 0 [ 1892.565727][ T3979] CPU: 0 PID: 3979 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1892.567319][ T3979] Hardware name: riscv-virtio,qemu (DT) [ 1892.568981][ T3979] Call Trace: [ 1892.569852][ T3979] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1892.571306][ T3979] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1892.572752][ T3979] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1892.574252][ T3979] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1892.575455][ T3979] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1892.576814][ T3979] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1892.578062][ T3979] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1892.579307][ T3979] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1892.581214][ T3979] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1892.582878][ T3979] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1892.584222][ T3979] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1892.585734][ T3979] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1892.587582][ T3979] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1892.589683][ T3979] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1892.590948][ T3979] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1892.592240][ T3979] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1892.594269][ T3979] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1892.595658][ T3979] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1892.596967][ T3979] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1892.598764][ T3979] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1892.600335][ T3979] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1892.601762][ T3979] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1892.603119][ T3979] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1892.604733][ T3979] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1892.606689][ T3979] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1892.608263][ T3979] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1892.609732][ T3979] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:33 executing program 1 (fault-call:2 fault-nth:28): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:31:35 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'macvlan1\x00'}) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) fcntl$setlease(r2, 0x400, 0x0) r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x140c0, 0x0) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3) close(r1) [ 1897.223418][ T3984] FAULT_INJECTION: forcing a failure. [ 1897.223418][ T3984] name failslab, interval 1, probability 0, space 0, times 0 [ 1897.224895][ T3984] CPU: 0 PID: 3984 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1897.225914][ T3984] Hardware name: riscv-virtio,qemu (DT) [ 1897.226585][ T3984] Call Trace: [ 1897.227131][ T3984] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1897.228515][ T3984] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1897.229791][ T3984] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1897.230630][ T3984] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1897.231556][ T3984] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1897.232551][ T3984] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1897.233520][ T3984] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1897.234452][ T3984] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1897.235419][ T3984] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1897.236303][ T3984] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1897.237330][ T3984] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1897.238624][ T3984] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1897.240090][ T3984] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1897.241105][ T3984] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1897.241980][ T3984] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1897.242863][ T3984] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1897.243836][ T3984] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1897.244831][ T3984] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1897.245682][ T3984] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1897.246594][ T3984] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1897.247787][ T3984] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1897.249085][ T3984] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1897.250184][ T3984] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1897.251153][ T3984] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1897.252118][ T3984] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1897.253128][ T3984] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1897.254063][ T3984] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:37 executing program 1 (fault-call:2 fault-nth:29): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1901.776595][ T3990] FAULT_INJECTION: forcing a failure. [ 1901.776595][ T3990] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1901.790051][ T3990] CPU: 1 PID: 3990 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1901.791908][ T3990] Hardware name: riscv-virtio,qemu (DT) [ 1901.792928][ T3990] Call Trace: [ 1901.793766][ T3990] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1901.795200][ T3990] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1901.796566][ T3990] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1901.798397][ T3990] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1901.800208][ T3990] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1901.801667][ T3990] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1901.803106][ T3990] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1901.804694][ T3990] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1901.806783][ T3990] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 1901.808649][ T3990] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 1901.810579][ T3990] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 1901.812069][ T3990] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 1901.813807][ T3990] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1901.815523][ T3990] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1901.816957][ T3990] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1901.818831][ T3990] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1901.820769][ T3990] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1901.822233][ T3990] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1901.823522][ T3990] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1901.824854][ T3990] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1901.826349][ T3990] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1901.828234][ T3990] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1901.830059][ T3990] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1901.831479][ T3990] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1901.833075][ T3990] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1901.835062][ T3990] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1901.836490][ T3990] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1901.838455][ T3990] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1901.840326][ T3990] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1901.841610][ T3990] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1901.842879][ T3990] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x1) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) fcntl$setlease(r2, 0x400, 0x1) ioctl$TCGETS2(r1, 0x802c542a, &(0x7f0000000000)) close(r1) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) close(r3) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r4, 0x400, 0x0) close(r4) ioctl$SOUND_MIXER_WRITE_RECSRC(r4, 0xc0044dff, &(0x7f0000000100)=0x100) openat$incfs(r3, &(0x7f0000000040)='.pending_reads\x00', 0xd03000, 0x3d) 00:31:43 executing program 1 (fault-call:2 fault-nth:30): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1907.586701][ T3997] FAULT_INJECTION: forcing a failure. [ 1907.586701][ T3997] name failslab, interval 1, probability 0, space 0, times 0 [ 1907.595033][ T3997] CPU: 0 PID: 3997 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1907.596245][ T3997] Hardware name: riscv-virtio,qemu (DT) [ 1907.597000][ T3997] Call Trace: [ 1907.597823][ T3997] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1907.599119][ T3997] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1907.600024][ T3997] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1907.600950][ T3997] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1907.601808][ T3997] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1907.602710][ T3997] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1907.603585][ T3997] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1907.604480][ T3997] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1907.605361][ T3997] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1907.606345][ T3997] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1907.607280][ T3997] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 1907.608670][ T3997] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1907.609555][ T3997] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1907.610530][ T3997] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1907.611528][ T3997] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1907.612525][ T3997] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1907.613520][ T3997] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1907.614401][ T3997] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1907.615421][ T3997] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1907.616541][ T3997] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1907.617670][ T3997] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1907.619391][ T3997] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1907.620512][ T3997] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1907.621614][ T3997] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1907.622741][ T3997] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1907.623854][ T3997] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1907.625065][ T3997] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1907.626160][ T3997] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1907.627186][ T3997] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1907.628856][ T3997] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:47 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f00000000c0)="c5b0ee2d540c9f3253c9039cd7aa9931939b816551d7982834e35017dcdb6631a07a4225095b104f3fa0b4e150c62054c2a31d247b9bb4f20e3f3e0d7c1b1056434e543e6920a04685520abf062bf453e3924e834bfe70b0d8c190f1d98e3a998f479babb5db2109c38de9b11ef01b6c4ad4765ba9c39df22d75801d5de4c036409c83d3da6d6f037ec460c4fc9e0f7e326c6e88d3ce17d43f393ce9f7b2d28d12a5acc2e741d1d148c56fccc3aeff80335e0d8953064266c6f5825a55054273c8d37a73c23d490167cdb6382203aaa8c39393b0d638c89992d0f6564f6819f3e6a94aee99f4516ed33e") r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) fstatfs(r2, &(0x7f0000000300)=""/152) close(r2) r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002180), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x2}}, 0x20) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r5, 0x400, 0x0) close(r5) sendmsg$unix(r5, &(0x7f00000004c0)={&(0x7f0000000200)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000440)=[{&(0x7f00000003c0)="1f09466f6a1e89d29d7d39bd85a51077e864f0965a927e887ae03e013bf96f33c0c0b3ad568feea5a59eb1395cab5a1bceb953dbc4370b5aec7705280ee65ed91fdc7192c8e96c34d6f4bc338e", 0x4d}], 0x1, 0x0, 0x0, 0x80}, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x2fc, 0x0, @empty}, {0xa, 0x0, 0x0, @private2}, r4}}, 0x48) write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f00000001c0)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x1}}, 0x10) setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x87, @private=0xa010100, 0x4e20, 0x2, 'wlc\x00', 0x20, 0x3, 0x3b}, {@rand_addr=0x64010100, 0x4e22, 0x1, 0x6, 0x4, 0x6}}, 0x44) 00:31:48 executing program 1 (fault-call:2 fault-nth:31): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1912.980021][ T4004] FAULT_INJECTION: forcing a failure. [ 1912.980021][ T4004] name failslab, interval 1, probability 0, space 0, times 0 [ 1912.983187][ T4004] CPU: 0 PID: 4004 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1912.985677][ T4004] Hardware name: riscv-virtio,qemu (DT) [ 1912.986690][ T4004] Call Trace: [ 1912.987556][ T4004] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1912.989556][ T4004] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1912.991056][ T4004] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1912.992958][ T4004] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1912.994229][ T4004] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1912.995656][ T4004] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1912.996990][ T4004] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1912.998545][ T4004] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1912.999955][ T4004] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1913.001485][ T4004] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1913.003352][ T4004] [<ffffffe0003b9162>] kmem_cache_alloc_node+0x14e/0x404 [ 1913.004888][ T4004] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1913.006906][ T4004] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1913.009173][ T4004] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1913.010970][ T4004] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1913.012458][ T4004] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1913.014887][ T4004] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1913.016425][ T4004] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1913.018300][ T4004] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1913.020378][ T4004] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1913.021956][ T4004] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1913.023395][ T4004] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1913.024915][ T4004] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1913.026393][ T4004] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1913.028286][ T4004] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1913.030330][ T4004] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1913.032536][ T4004] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1913.033962][ T4004] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1913.035258][ T4004] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1913.036688][ T4004] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:53 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) openat$pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x440, 0x0) close(0xffffffffffffffff) openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x8000, 0x0) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) close(r3) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000380), &(0x7f00000003c0)=0x4) 00:31:54 executing program 1 (fault-call:2 fault-nth:32): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1917.760277][ T4010] FAULT_INJECTION: forcing a failure. [ 1917.760277][ T4010] name failslab, interval 1, probability 0, space 0, times 0 [ 1917.810657][ T4010] CPU: 1 PID: 4010 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1917.812656][ T4010] Hardware name: riscv-virtio,qemu (DT) [ 1917.813777][ T4010] Call Trace: [ 1917.814637][ T4010] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1917.816090][ T4010] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1917.817615][ T4010] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1917.819657][ T4010] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1917.821068][ T4010] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1917.822499][ T4010] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1917.823930][ T4010] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1917.825318][ T4010] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1917.826734][ T4010] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1917.829054][ T4010] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1917.830638][ T4010] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 1917.832362][ T4010] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1917.834629][ T4010] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1917.836242][ T4010] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1917.838811][ T4010] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1917.841137][ T4010] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1917.842778][ T4010] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1917.844155][ T4010] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1917.845526][ T4010] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1917.846942][ T4010] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1917.849178][ T4010] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1917.850530][ T4010] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1917.851954][ T4010] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1917.853408][ T4010] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1917.854936][ T4010] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1917.856460][ T4010] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1917.858729][ T4010] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1917.860940][ T4010] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1917.862352][ T4010] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1917.863725][ T4010] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:31:58 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:31:59 executing program 1 (fault-call:2 fault-nth:33): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1922.991748][ T4016] FAULT_INJECTION: forcing a failure. [ 1922.991748][ T4016] name failslab, interval 1, probability 0, space 0, times 0 [ 1922.995310][ T4016] CPU: 1 PID: 4016 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1922.997164][ T4016] Hardware name: riscv-virtio,qemu (DT) [ 1922.998831][ T4016] Call Trace: [ 1922.999970][ T4016] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1923.001511][ T4016] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1923.003284][ T4016] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1923.004761][ T4016] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1923.006100][ T4016] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1923.007979][ T4016] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1923.009394][ T4016] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1923.010927][ T4016] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1923.013407][ T4016] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1923.014791][ T4016] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1923.016708][ T4016] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1923.018764][ T4016] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1923.020332][ T4016] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1923.022056][ T4016] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1923.023513][ T4016] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1923.024984][ T4016] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1923.027028][ T4016] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1923.029243][ T4016] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1923.030637][ T4016] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1923.032365][ T4016] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1923.033931][ T4016] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1923.035453][ T4016] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1923.037451][ T4016] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1923.038985][ T4016] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1923.040569][ T4016] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1923.042428][ T4016] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1923.043852][ T4016] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:03 executing program 1 (fault-call:2 fault-nth:34): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:32:04 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r4=>0x0}) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0xfffffffffffffde7, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xffffffffffffff4f}]}]}]}, 0x34}}, 0x0) ioctl$TCXONC(r1, 0x540a, 0x3) r5 = syz_open_dev$audion(&(0x7f0000000140), 0xaf, 0x200) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000180)={0x0, 0x7}, 0x4) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)=@getqdisc={0x28, 0x26, 0x200, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x2, 0x8}, {0xe, 0xe}, {0xf, 0xb}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000001}, 0x10) [ 1927.736727][ T4021] FAULT_INJECTION: forcing a failure. [ 1927.736727][ T4021] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1927.740482][ T4021] CPU: 0 PID: 4021 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1927.743310][ T4021] Hardware name: riscv-virtio,qemu (DT) [ 1927.744994][ T4021] Call Trace: [ 1927.745868][ T4021] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1927.747409][ T4021] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1927.748996][ T4021] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1927.750367][ T4021] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1927.751724][ T4021] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1927.753341][ T4021] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1927.754889][ T4021] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1927.757099][ T4021] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1927.759535][ T4021] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 1927.761126][ T4021] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 1927.762556][ T4021] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 1927.764075][ T4021] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 1927.765138][ T4021] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1927.766024][ T4021] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1927.767493][ T4021] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1927.772028][ T4021] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1927.774425][ T4021] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1927.776021][ T4021] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1927.779737][ T4021] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1927.781326][ T4021] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1927.782801][ T4021] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1927.784245][ T4021] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1927.786205][ T4021] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1927.787914][ T4021] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1927.789451][ T4021] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1927.790884][ T4021] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1927.792965][ T4021] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1927.794635][ T4021] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1927.796726][ T4021] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1927.798671][ T4021] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1927.800207][ T4021] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:09 executing program 1 (fault-call:2 fault-nth:35): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:32:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1934.395251][ T4031] FAULT_INJECTION: forcing a failure. [ 1934.395251][ T4031] name failslab, interval 1, probability 0, space 0, times 0 [ 1934.399033][ T4031] CPU: 0 PID: 4031 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1934.400783][ T4031] Hardware name: riscv-virtio,qemu (DT) [ 1934.401804][ T4031] Call Trace: [ 1934.402634][ T4031] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1934.403994][ T4031] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1934.405493][ T4031] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1934.406781][ T4031] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1934.408721][ T4031] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1934.410141][ T4031] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1934.411679][ T4031] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1934.413611][ T4031] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1934.415204][ T4031] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1934.416711][ T4031] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1934.418915][ T4031] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1934.420590][ T4031] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1934.422187][ T4031] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1934.424430][ T4031] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1934.425845][ T4031] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1934.427171][ T4031] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1934.429143][ T4031] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1934.431144][ T4031] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1934.432493][ T4031] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1934.434085][ T4031] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1934.435614][ T4031] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1934.437143][ T4031] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1934.439116][ T4031] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1934.440662][ T4031] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1934.441980][ T4031] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1934.443302][ T4031] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1934.444670][ T4031] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:15 executing program 1 (fault-call:2 fault-nth:36): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:32:16 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$VT_RESIZE(0xffffffffffffffff, 0x5609, &(0x7f0000000000)={0x101, 0x4, 0x3}) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 1939.669981][ T4036] FAULT_INJECTION: forcing a failure. [ 1939.669981][ T4036] name failslab, interval 1, probability 0, space 0, times 0 [ 1939.672709][ T4036] CPU: 0 PID: 4036 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1939.674359][ T4036] Hardware name: riscv-virtio,qemu (DT) [ 1939.675370][ T4036] Call Trace: [ 1939.676182][ T4036] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1939.677755][ T4036] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1939.679718][ T4036] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1939.681119][ T4036] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1939.682422][ T4036] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1939.683835][ T4036] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1939.685220][ T4036] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1939.686578][ T4036] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1939.688550][ T4036] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1939.690404][ T4036] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1939.691860][ T4036] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1939.693825][ T4036] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1939.695350][ T4036] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1939.696952][ T4036] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1939.698690][ T4036] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1939.700599][ T4036] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1939.702019][ T4036] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1939.703454][ T4036] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1939.704748][ T4036] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1939.706180][ T4036] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1939.707827][ T4036] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1939.709402][ T4036] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1939.710996][ T4036] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1939.713083][ T4036] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1939.714535][ T4036] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1939.715983][ T4036] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1939.718018][ T4036] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:21 executing program 1 (fault-call:2 fault-nth:37): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1945.232124][ T4042] FAULT_INJECTION: forcing a failure. [ 1945.232124][ T4042] name failslab, interval 1, probability 0, space 0, times 0 [ 1945.240149][ T4042] CPU: 0 PID: 4042 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1945.241997][ T4042] Hardware name: riscv-virtio,qemu (DT) [ 1945.243076][ T4042] Call Trace: [ 1945.244228][ T4042] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1945.245718][ T4042] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1945.247240][ T4042] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1945.249307][ T4042] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1945.250650][ T4042] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1945.252062][ T4042] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1945.254086][ T4042] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1945.255524][ T4042] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1945.257080][ T4042] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1945.259569][ T4042] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1945.261191][ T4042] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1945.262779][ T4042] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1945.264351][ T4042] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1945.266014][ T4042] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1945.267490][ T4042] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1945.269624][ T4042] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1945.271262][ T4042] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1945.273622][ T4042] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1945.275092][ T4042] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1945.276666][ T4042] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1945.279002][ T4042] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1945.280712][ T4042] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1945.282302][ T4042] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1945.283892][ T4042] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1945.285466][ T4042] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1945.287005][ T4042] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1945.289071][ T4042] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:25 executing program 1 (fault-call:2 fault-nth:38): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1950.434467][ T4044] FAULT_INJECTION: forcing a failure. [ 1950.434467][ T4044] name failslab, interval 1, probability 0, space 0, times 0 [ 1950.436632][ T4044] CPU: 1 PID: 4044 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1950.439367][ T4044] Hardware name: riscv-virtio,qemu (DT) [ 1950.441003][ T4044] Call Trace: [ 1950.441832][ T4044] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1950.443218][ T4044] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1950.445061][ T4044] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1950.446875][ T4044] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1950.448762][ T4044] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1950.450217][ T4044] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1950.451548][ T4044] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1950.452935][ T4044] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1950.454284][ T4044] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1950.456059][ T4044] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1950.458272][ T4044] [<ffffffe0003b9162>] kmem_cache_alloc_node+0x14e/0x404 [ 1950.459785][ T4044] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1950.461113][ T4044] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1950.463096][ T4044] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1950.464681][ T4044] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1950.466104][ T4044] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1950.467966][ T4044] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1950.469810][ T4044] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1950.471133][ T4044] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1950.472535][ T4044] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1950.473954][ T4044] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1950.475278][ T4044] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1950.476701][ T4044] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1950.478650][ T4044] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1950.480249][ T4044] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1950.481671][ T4044] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1950.483139][ T4044] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1950.484524][ T4044] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1950.485851][ T4044] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1950.487223][ T4044] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:31 executing program 1 (fault-call:2 fault-nth:39): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1956.623090][ T4047] FAULT_INJECTION: forcing a failure. [ 1956.623090][ T4047] name failslab, interval 1, probability 0, space 0, times 0 [ 1956.625872][ T4047] CPU: 0 PID: 4047 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1956.628666][ T4047] Hardware name: riscv-virtio,qemu (DT) [ 1956.630492][ T4047] Call Trace: [ 1956.631729][ T4047] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1956.633557][ T4047] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1956.635445][ T4047] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1956.637518][ T4047] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1956.639104][ T4047] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1956.640933][ T4047] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1956.642662][ T4047] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1956.644659][ T4047] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1956.646410][ T4047] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1956.648686][ T4047] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1956.651010][ T4047] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1956.652816][ T4047] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1956.654535][ T4047] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1956.656290][ T4047] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1956.658242][ T4047] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1956.659790][ T4047] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1956.661482][ T4047] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1956.663080][ T4047] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1956.665136][ T4047] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1956.666881][ T4047] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1956.668917][ T4047] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1956.670605][ T4047] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1956.672561][ T4047] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1956.674875][ T4047] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1956.676537][ T4047] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1956.678571][ T4047] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1956.680691][ T4047] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:37 executing program 1 (fault-call:2 fault-nth:40): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1961.615101][ T4050] FAULT_INJECTION: forcing a failure. [ 1961.615101][ T4050] name failslab, interval 1, probability 0, space 0, times 0 [ 1961.617386][ T4050] CPU: 1 PID: 4050 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1961.618942][ T4050] Hardware name: riscv-virtio,qemu (DT) [ 1961.619920][ T4050] Call Trace: [ 1961.620796][ T4050] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1961.622131][ T4050] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1961.623405][ T4050] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1961.624643][ T4050] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1961.625817][ T4050] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1961.627115][ T4050] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1961.628517][ T4050] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1961.629822][ T4050] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1961.631181][ T4050] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1961.632888][ T4050] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1961.634321][ T4050] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1961.635792][ T4050] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1961.639368][ T4050] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1961.642957][ T4050] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1961.644292][ T4050] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1961.645564][ T4050] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1961.647455][ T4050] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1961.649450][ T4050] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1961.650679][ T4050] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1961.652020][ T4050] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1961.653473][ T4050] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1961.654860][ T4050] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1961.656190][ T4050] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1961.657837][ T4050] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1961.659764][ T4050] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1961.661071][ T4050] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1961.662479][ T4050] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:41 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x6) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = fcntl$dupfd(r0, 0x0, r0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = socket$netlink(0x10, 0x3, 0x9) bind$netlink(r6, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc) r7 = dup3(r5, r6, 0x0) io_submit(0x0, 0x2, &(0x7f0000000340)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x1, r3, &(0x7f0000000180)="22d9ef18aa9b71ba240fef484ab970a2cbe0bd4515924ee70b94eaeda030346e14bfcb9aae652418dacc98a76bd585a8887080756959f9c82c91f923bc316c902dcac6d1dd74775100815ee0d2074f6e1a99f37e16ca7b0e64866c3ab34c8d4649645ef22250e8b3db90ae875f331d347f42e0222dd4673749299974ef3e2d9d5320effdded5780953be3fa53720bc1eb3fa7a10a9bd6ff245ef4f5dd0b098cac1017f7b6ddc1d83005c30d1ea398b", 0xaf, 0x7, 0x0, 0x2}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7, 0x3, r4, &(0x7f0000000280)="bd0e06ee7e500533d6d3565ce3f95efc6404994768c25b27ef1337341beef652f3633dfd21597d3ffb9ff3fed33db85530f8b50f481ca021808a3e2984640ad0599f6e57cffd47e920c6f2b2bbb98f0dc5a0a9248246b933fd3f42a8e5cd56a16f60258dbe27eff2b717d063c893b92c94e3e0fdff9aaab6aa42af4dab7165c003896fabdb69524797b4b82277", 0x8d, 0x0, 0x0, 0x1, r5}]) ioctl$F2FS_IOC_MOVE_RANGE(r5, 0xc020f509, &(0x7f0000000380)={<r8=>r5, 0x7, 0x4, 0x1ff}) r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), r7) sendmsg$TIPC_NL_BEARER_GET(r8, &(0x7f0000000880)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000840)={&(0x7f00000005c0)=ANY=[@ANYRESOCT, @ANYRES16=r9, @ANYBLOB="04002cbd7000fcdbdf250400000014000380080002000600000008000300040000002c0004801c0007800800040009000000080004000000100008000400000800000900010073797a310000000024000380080002000001000000ffff08000300ffffffff60000480440007800800010000000000080001001800000008000400c9eb000008000200040000000800040000100000080003000010000008000300ff7f000008000200030000000900010073797ac7e80000000900010073797a31000000000c000580070001006962000014000980080002000000010008000200000000004400098008000200030000000800020000000000080002002a0000000800010000800000080001008400000008000200070000000800020008000000080002007f000000a4000680080001000000000045000300affe8158ba64f94280e838a8e6238d82941d909151cdb55df735e3eab88783f37f31684cf98f35c44c61f4e6354a19953def7bd0ac2d0eb1dffefb1828e012564000000050000300fd423acc5b6926be63c55ec46e534e44b00bdef0ff88cebaaaa1610118ffec98025ece453a2958cf7ea76c0354878fad7d2d7100ac03a806453e3cb6eaf96065c88853a8d57fdd36a67451b03c00098008000100030000000800010000000000080002000400000008000200dece0000080001000500000008000200b6040000080001000600"/529], 0x21c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20000000) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x9c, r9, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x30, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xdeda}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000000}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x1}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x3}]}, @TIPC_NLA_MON={0x14, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x5}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x71f5}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x90}, 0x4000) 00:32:42 executing program 1 (fault-call:2 fault-nth:41): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1966.875475][ T4056] FAULT_INJECTION: forcing a failure. [ 1966.875475][ T4056] name failslab, interval 1, probability 0, space 0, times 0 [ 1966.882665][ T4056] CPU: 0 PID: 4056 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1966.884435][ T4056] Hardware name: riscv-virtio,qemu (DT) [ 1966.885401][ T4056] Call Trace: [ 1966.886199][ T4056] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1966.887739][ T4056] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1966.889241][ T4056] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1966.890557][ T4056] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1966.891725][ T4056] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1966.893035][ T4056] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1966.894329][ T4056] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1966.895779][ T4056] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1966.897395][ T4056] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1966.899144][ T4056] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1966.901082][ T4056] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1966.902495][ T4056] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1966.904018][ T4056] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1966.905603][ T4056] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1966.906902][ T4056] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1966.908873][ T4056] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1966.910287][ T4056] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1966.911897][ T4056] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1966.913313][ T4056] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1966.914729][ T4056] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1966.916914][ T4056] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1966.919040][ T4056] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1966.920732][ T4056] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1966.922806][ T4056] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1966.924287][ T4056] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1966.925659][ T4056] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1966.927018][ T4056] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 [ 1969.328633][ C1] hrtimer: interrupt took 2013000 ns 00:32:48 executing program 1 (fault-call:2 fault-nth:42): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:32:48 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = dup3(r0, r0, 0x0) r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x111101, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) r5 = socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6}, 0x20) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, &(0x7f00000015c0)={r6, 0x1000, "650637bea07d857e238c8b61498ed248a7a4d6cc0ace57b768048caa2337ddff512a0592edb0d335887c91b58c5bd45614d7577307b538f99393c48da7b0c48f4a820c581a61bdf28b2e2bc368b6942a7981fd4c333c31b6442e5df6e568a2c433b313df4ecd5ade5566689b5b919854e67fe4f03f62559527507534fb377c3342583da6f67ba3c7439de6db3e255fd322df6068b643ad8066b155fe68b6ccbfbff7a67d0cb997c2a70fca2cb5f83457a3861e6c471e84d9236aa11681aa207ad2386cff10723addd3b7bf40f3baee51468876d798c523ab76a033f22c9cc46fd3537bc801bf3fcb66e2b0c0a78cd036df012f3d92863a8977f1909fbbd883d0dc90bde8f8fde3ad9d711422868fd96e8f4c1bfef330742c7548de14e2ee8934512fb1e7bb286744c2567d90f31a8b47250d95a6eb4a41b9a32751e31e7ac8a62dd1499d40a89bece256ab95beca6ca0995342d84a34781aac1de6630d42cf256be281d339c8d4cd0a8a32c2fb4023d0b90aa722f065a87fb397c263d314a947158bd73a9fa0f4dcf3808b964d0ddd50db2f7ee104efb971e4941783259b3293f2586f41ebfa52d88d3634a24c6f591f89070bbeacecc25759f06bf14fc6a61419f65ab3c0bcdaf87737e6fb7f59747efdf565da93c309303dc73cfee6cb3309c28f8d84effad445d3ef77f310a2d20d53d4980f329c0e3101ea919d6230f3c536963aed1f249704c1ffe0853ed12660848305eb7080f0d0d43652176a0f1869ef8a8328a557a3b7b6676d5b989d0b56cd1d4cd933217236bbf97794f7a065526e09cabc00651d081ab13b8ea40eb7e9b08ec12016bbbfb7d8fd1c864a2cb4d2a7d011e356d0b39ba7387f30f2e08b76c942af8ca2907f3dd2963556f9d93f74fbbe9c95d3c39a31fc454c4ebea76abd1e6cffdef0d89a8870b70e3347119d28d3e8889842c1e245a010578039bac5ac14efa5a27e1cb19607ea2d190bef338dd29de6598c07cb18bec28cc782e81a8d93fee6991516520149ec6be133fb8cb7d63a9b5b56368a4ccd24a27b23469f56e823f744c89c7a3af628ede0a9dc619205f952a5c8ca5eb541cc1646969787964b5502820ba3fdbb6f621562305f4bf999f183155daa5dc487947745d159605ff165621beec8031a58e9599af85d0cdfa949e54d9873edd9186bb91e21c7d745549e465c423bee95f9ab51f66628de94796d76ba1ef9695d28ec1fa216249a431fc2ce0414cafc29e3864d621e7b15dca67b296ab40ad441945026297084206481916588df157d3d584d296bc9874e988f680a3f868bc47dde1b4dccfdb4b2367b16c1d2cdbadc8f63867465c308df318e95c3de6a53eabb213aad28592ec0ed977ac0d7bf34867eaf81255fdb2b2f30186a3986390af24582d583b8ef104b68e6551ca04a10a86fe0e5a7c81655d991ae5864e23e1a7508712bcb3a4f03fcea9910b8fe918b22b8a6acbd660c3daba18da508c23ee59c74f3555e95bca4de49eefecc17d966da9a8bc4925d11046223ee7fea5216c20ed60ad0dd693cca6a60b4425918eaa7a5efc3a9091c4f148c0ddb8f8b6580da3faf94d93190c78c8963187f59e63a0eca3d937b038ab22e8d8acea2eb735cb882b39051e1e5ff2ad2e3f9f2545d8c2740903b0be41ec9d6d78f6e4b4d65edfd1d98ef94dccd798070fe26518920fb46439d7afba297f8b2865a068cf917a2805683c7e2b666464e7fa9733d21666eea91bd515690a60199a3bbac3310939b596682c4fcd0e40746e94e9c1849295ed49262fd9008caca8c381e516eee5f612d55487f3866e082dc02ee8154fbe3fff0b07df29e44d6298390ce87806944055ca4e17b32743f4e26cb3e9f743e1dd890e6e5605e369190485bb5848a5a224e63b3a8be2d40b6a4b05b4b46e6c3b2ee90fc04fff7b086469e5c6f5906e722e3485ce6bbdaef9fb3d6aad863dd1196097e96ae12aa3c61ef138522559b95b69097d251d10ac0d5e3138d7ff030bdd93c60d2da9deaebd9430c097c2ddf40edd0790058fbf42a05e6a01b2c2db4a88fa0dc921643408b42f65715e96c9c0ba71a64a36c8a9a9db9bc93f6a61cd5910ee19fa9390a1444d5e25c2b26249ca8d670432c250d787f002b21fe244c11bcf0a91897bfd0ed67996b55de79b6a758d0b42251717e4a5c067f7cc2b3341241bb1a3dbcb9cff39e29e9610d908444326637eaacd1b7a0c79e05e9702849475728798cdb5362a092506b7d56e3a9d8fa7827cbd668bae41725a1dcb1420aa12aa432f6d3938d66f6570c7d420aa3abc902cd64986e2fca32008a4288f67f120478ad050102937840fbdd5f78387d6ba04f7ba5f28904703ff805ce5d742121b26e1d6b325e166468d1da46367cfedb82d39c4a36dcaa7a5428a4ad6dbdbe86f82b947668c3020411791a73aef6bbb81a296ae08b27f074d052cf7fbb2e68c58246b6e5a236e78e2450e84a1ec4480849edc664523a8bebfa44ffb440251978fa34feb1d36730f29648d603b06c709977a9edc6b08653adbbe01adb5404ca40c85317f7c0cc6c20e255b806d6c9402e29e33b70c1839b8559e478690a80cea6aba150c8a7fe284746c838a8a51c5c59dbf382df0f9f503385999654ccf3fcf302584cba2dd3f8c3aee2b2d9fb02b0f8008cd1883f52cbf44678330e6cc35e9e8fc9f27ee28b0c74a15b831b111076e9560ad551e77c3507b88e22a89d17acbb8979e0628b53e83b02d0416183e2fe7b4300d2d013f18c561a0c8235927c62c18e7164984f36d45b019ac6011dc6c3a6a8db74f15c239df1a4c450c54b11d4cc4e23a7018f9ed12dd5c06655a210c9fe7c13dd89377441a763086376ca0ef406e2864d993fef2476c53d5108306d045a66cbadfe0acf5c5bf77ce9f12fde211929188580ddf4c6deefb13830c5c1a0d6e7e3b8ba634a660ada9ee9afacf39ed13c0b83e5aacb98e05b3c41a38f2f1d767c1ce47cedb576a74872ea36cdf22e1849850b199ee08cb8cdf0ef74cd839b54c4b67b9e2bab1d55ca2d5e748d3015f1b31aca8e410e45691d30da419ff0089004c6b39e50992bd413a645f3435a58ce12d096b0a54a1dc858230c798c47f0a634b144b6ca4537ff60a3adf3a38d83292076f7a564a15782ad268ac43f35282cc35bd6fd067f00065b8bdd4ff79dd8c71f56e175f3f09cdeed8223c9fdc87d741bcac89a8a940f1126db8ec4c9c3327c6c9a7f0fe74dd8a9783d4f99f2c8ea77da7ed08475e969789e69ebbec5eff4fd85fa4116c20cd36dd512ef97e8ea963b4294f911a7cd689731be31f45e2e86231c9ec85af14ad88b5ac2e90873f5fce8bf0370d51f35b793245af081c8a9a817aa7bcdb8e41ea70cf01e769ba33d8ba6c1374bbca0f28d4799e7cc447998c363a7dbae3b6a98cc00ab8334353dcd5f3fd5ef8a8b11dd939f4e9699e5c26d96b431558e5b9c78e1729d4b4fea10a0b434c194afa550f67da261ee78d96d883bf3ff816c7189c309e6e1137da9f6548684b5f2fe36f730959efae134f6889dd4b7f5b6d9b88913f3a262dea6ef606e862fd1f4a8c8f229f7546d102ac1e1a98407eefb2c54ee72cf11e2673d11a6c83f757d3e6b930173a4f3b6fa72e116558a78e93e1720ba4a456b13656b098589959cd9f9eb9e3960fe783226d73aa9bcb6e55eea9589af79fb3e579713d305272c0337f927ffce32f23b94be38b31768fbdf6e0d9cafc544ac7dd1766321efcd030ee25879d887407a9f89d910a579c456b5bf47b729b067d07cf9d11792051a6eab475f961285d1a2a69f9432e028dc9e9b4b58d43457aabdefdb8f392914dfe313d016d27b1113202ae588811cdc3fb8feb9cdae4e85dcae4a935163465c08dc00a97a1f971da719d31440870ad90b46399e7f803f443d9ab3ced422d3e6902ed97da9542952b4e80649a7d2ea49b83d99ff68a54e120ff14f787a89b709d14fb8b932b1f69a257230b5905be19f2af15feb74e4cf3458f5521940bfb2173f814ed4bf3c1e9fbb51a0f6f1b463a65e50b5f3bb6edf8ed53eebfa56efd4032731d2af2785201dbf8b211ae55cdd9737a4999db6090f4da7dc6a79e3582a7c01dfd65d3f9112992fbc4be7bc342911e4cb8809246e3be45bad4fb17971f89010ff994ab9595ff719fe013b2ac575c08b3d8a490fba875d5e5cfd69889da5d524c45d9fbb2ef46a0f3de24acc1102d2bcf78e8e9ecfb69ab82010485b23245a68e57a35058a4f40122447316095dcde1f6c84db58b58a2feaa7c4564875c5d8384a1c29290b921dd8dde84968b9e4417c44602e0c05f1a2332785529892e28afdedff2daf0df54490b2533ef053f63f45c44f3925a43bbaa30c54433239513525aea651eaabdbffcaf6f0334e37474febf67704ad77c532935db37f9de014d12d8d22a99b846108862aabfc2418d07d872e1fcddc7b7392edd06e8957f703a5d6ad22d808490a83f19a9265ecc56e800779c914755f4b5dde9ad0b052c5b9b2a781a581f4c2a89ce3d3df7688b31ab547f55d84df4209d8f25856994efdcb9ded8f7584710f89ba4f9af0bca13cb40dd104336a3b6af338168c0e58adee01d0d5cbdae7077656f61457a9ea58019de8b01ea4c2ed2e3ab6108f1e1949f29af64dcab3e4716a3b5bd291475988289ea276d49575fd5e633cdac7b8788392cec4248f157600881604c25e0c0dd4b56f2143fba7ccdcfd93d2f3da45a4a237afff1c456ec958bcc1e2d3762094cb3d135c7c5f4d26d22aef19997dc5c556221dd87ec4742059d7c97a1a9aa65b51882acd0ec68d8b4fea9770fad6a22685db21a2cd3fe7527fd31599051d86fee438962d96369996bcd77e637944b4d3249edcad01554d885193fe07ae7f90c164b56b17035c7460f0d4507edacfce35665db741e719a58409ff60c86413723bf52c950242862c2c8e805d3096ba13d414cbb8b5eda76172fc4e0322f56173cb8dd7ffe59c5ed4fe56435bb2a36409225b5192ade84a685d1b4c2554b512ca48dfbfb32634d813c39ff9c899b7d0fad0f62efec367d47450a3f1c8727abd11858a85648bbcb31eb346b622ce24d3a66831f90fd707bd31ac562b3ea5f73b0ca63a7e15cf6ba121c77ee3ecac8a98cd680a90154ca7988876316447c8f682c72e7f3a639a1ddef380254a79fda19fec3fee341227bb0df43c98442e27234d1493797c1b67671c790df6bb8db8a55960b938356ebcdc3d87834298d7485a6978020a6ceec8a4795afbff16c5916462fe2ea2798699a5260510e451ddd6a886cbf24d36da3e7007e682007c924d99d29cca32f9d16baf645e357599034fcb291fff99834cc02fb6bcd7d148abe1bdc511c591478aa66641e0c9c1fedf3e8683da92d67607d9a345ce48a0242518ac0bab1946aa5ca0b5a95d84d328b31733a88c9b0caa3bcfc79a3fb0bb9729deff8916bf738b563a56969a25299dad3626cdbdff6acee2c0f5ac7f1fdb91e24e3515545698d57563991f869232ba3ebf3dd2f15691a8328c213d0e86d494a1228faffa4ac04dff882a3255f4083c4f3c5baeadc0f55d56562362dad03a2b17220268f2b6ca297b38acd6e6d1cab79e612fc5ee2bf64c92ea1b29635aad31b171c6202ece2428446c8c1899b4d3c990e02b0bbe50b6cc47955f32b154fa7cc2d7ac4bac50ce6fd9a87e585966551515976a1fd18003c92668a148fb1a0df4fd7c937ffd449e75304d167d3f0d6ad04f5a604d87767bfc5e8d02dba1d19d117cba0d54b840ef8db8eef2"}, &(0x7f0000000040)=0x1008) ioctl$BTRFS_IOC_SNAP_DESTROY(r2, 0x5000940f, &(0x7f00000005c0)={{r1}, "9a6b3b901724a5593167e134c2f6ea7ec7a39128d5a822cfa125c5fe35bad4831481ab7191e98ef8bb100fd2e993af0247d5f822a1823f14b1bb25e02aef3f7bdd5b647178b02d08a7091c67f7ae7e1e465eec427b5d2d3f85e52ffe26ef6cc9af04d10c168127ebb85d7acbc6cf19af3bb3f000bb4c3c71e92783757b03aa26aa48c33ef04c836f0707f2cc3da15fb4e6ecf771bc1886f05bf4e27998d95d517b2ffcc884352240c5e136c64e654989a77507758dcfbb8519fd7072ecf3ecc4e3ca047f365c0ecbbec4af69fe9d59bfd9c6336c688b3922eaf1aeaf377bfd6f41af4ed113ec239927a72224485d28ccf8c49b10f5734c78ec457ceb69573ffec6a6166420eda73bf2adca20b85c81d776ab0deaaa4d01df0917691c2abd0264017de372f36ded609878baf454d0c598a40e761de7535fb7644972d1b797d7570f0a558265fbf1b794b1f64b285a5000f123740c1953c725e0b6243c70dc103a7225543047425b41b2dcdda0ddddf845ddbcb0ce52bb1f19c4bf288a55118b47aa3b559469ca43251f6b59c2743b350147b57724e8e53af9b8ade6fd8829b5e25e6a9005386e76c405a6b5cb6ad237fa7bb9d7a0c10feaf7bc3cf4ffefcebe818790cb2f1885f354fbddab0c550ece0305fdeec026557f4c7eea1f0ede6eb67d3f26c865c0684a093e92eae1cf28b2b0040b695177bbc7b5c591febb2cb11c9be3c80d6f07af2d29443d29b1f0e9071cf4e20693b3106ab6e94256345a2902be80afa14bae57c4361390a15d476256366c612387b4c80e35690f57ee8b0b0cc08bfc5872a04ecf1d2388b1e21fdec7ae71a3093f25b697d4d657512171c531eb6c2cb48c30beadf98dc1ebe7325a5ad7dd044e2ad96911fc6778db135ab1610dc6892d42b8e1b4db29d392121d0513d31da35df716a8dff5e1454b83b2b3b7135dac26f0d416eee202d514deac0747fb404aad0b6266adfcaa35a5dbbbd79be7ff4dc5ed22e9faa3543708bbce097efa347891877b54f7dc7b7f5326100034784cc93cde0da9c4865371b75daf3d239c693698847d4659a5fe210c83bb2d7a2ee001d3ed8799fb8d96fb584d21763ac310ea3e9a3fc2344627b5b016a5dcaeeae7f8623df0c2dc297a99ab55d1b4e9db85b41c09d7e779af27c23fd8d944d198e5ba333774d76236dc8b349f4bb3d70485270d4ee6edc7bc639f731b395edc8e5588072a2dccf18982a178097df29da89679175fd9329db711f6de16a434bf5c54c0774298c7caa974226c30e31f4a051c3da61596189818249ca54aa9f55c23dd7325c3f2086074a7d79074dd03b4a837d2b840439c3bcf99271185babc41ba21957bf44dbea860d987d582b9b41c78a3b01b18a94103bf637dc15dcc5a5029358a0cfa51bf7a1647d441c76146017b2ec3ed25c448a27d333a6e408664208107f93cd0f3f40b5e4cb4ed7755f328f6e8b7a195fd7191b8c98afa481ce0f7c254dc1a562032173024d2c1052473dfb4e8d6b98892700f5b149aa789c3873128014d19dd7221f1b84212a40e018cf5d6a34f0caaf33b8c27c8db476150674fbbcc929614fd13160bf98d516405407bd1705b1cbb3a9882dbcbd8d5d3337fb11d5737c5c6b69e69b147b2542578fa6b2bbe78482b0aa6fc33b9cc10f83befe0d50274af47636536bca1d67ec42871a4cec6e7b24b798adc37cbf8f901390fee21d5eb5fe9fef095c891840e44df15931fbf6fc0545e5fbb0fd8b49a30341ac2e201d1f2d3f95d1c2d92f58fde63df2e6dcd938223a331b45b5b9358f37b19595f2855b4c23bb22aa55348181b47ce6061ccb4059f37a0f0b593f190a84ef0db2743aea5c47ff815e6efd146c9519ada2c3ae56396ab180f92af77f8d20559ec2c7d25b5c63157f662cccbf757c7e7249b5e9ad29724cbc7f0da4f955f3c7cbad5d7763d9344efc92322202868d78b2a5fa60a2dd5d7325a3ec0a9a3f640b32b63cad2990d7d17c1fd74772da7871c5b36d274419cae304d9173868b2e6a4a9251e6f1afbc026cdcd8beed6c5bac13f465fd10c395352a22995c14f1b82305fff956ce11e0176b135ed9440277f4d6b7849bed4a381b9ca7a6bf6f9ab2799f72e7e036b1581b2809303145e47d4f7e20de20a8e688ec927641c9374039d4bf020ce0f356742c03a65b33eb0736f72fc29032e095f75e7782c4cc65cdd3d7898981f648a8525ddf01c93d6974495c6b697fd75fc64e0582b77864b02f1224a1c410b747dfb555252e5767f13f5a1807d51af06b4a790ed4d52a9d3b0c7ebbe7692b949a6bc68b2f2a13a4c7c6eb536472a28c790b3b05d6a793ae1d694448cf4d7e3cc0614e08ee637f1082aec86a20681339835b2b7d8c73d5981b01f12eb9445d84ec51b4be9fe990a317958dba5f2035a0f39ba2f88f93a4b3064ebdc2fbcfc0f89325c1a94c361b26ad78f7f89ed7705572894c789a47df37ae1735f6a5f40fbc60b301d6854def59149413ace4ca305f2861bcfe185bc2fc423d206d30542353cfef49ee224e171748fc68aa788ec9f3933ed0fe093b72542ced4046e551977c91c993e8f43f1348daa9ade96ba848f1b69c06b219efd97ed899a8641e4e6b50c933c0ac22af4a6ef38f92f1520f91a3396b82e70a818aeabfe5ba747166fd6fa42d862c397a2873b656534c1c4836e0993aa2677ce5bd05347015dc2e8bb551313d8a331abd9665f4e6badf23fb8863a0560c66188112f70954b322564ce538ee498c8373ef3fa18f72c8d95355a3f75783767f8690c3df3977d2097434f8acde86e092c2b2b6c5dc6e2648ed5b75cb2669fcf4048af6c4caa4b9ab2301a143ee7f06643998bb5665559f5252dcc784fefd61312416c176e542fe5d3f35b1220fe56428dbf01ab0689de934619551331665257410bbaa2c09001f6eaa72e4970574563b126714b656a3e217fe6aec85c6cae530909bff82e38d224c5c53897ea20eb82fbb49211e6255e92685fd6e1337521f5322637981ae2d6452f45ff084faae97868d65b476f1f6dcea360299de059b8bfdaefd478e418a2eddd59e3f7e88ec978268452227797ecd8045ad63141780430deb93214794060b5ca333b3d04255ac31946fe90336646dbaf7703c5183685861599e8c7bad0d2eb0427fe93e621d0fa5aa9a348ba524ca367b17c071b8198cb6395560d32e20b7f5956b97352c7472eb57839a7973930ed913373b249e1afd93d70f30d75757845996af60b3d6b2bc011bb4bad80c72fc5d7d74d6a5bdb2def3bc80a420ff2560e503228ee559d80e71aa2ce258a400f9be451ac7572151ecf182f29fc3cd8c9a880c0d274c39c8a06a7d7ff41417f63a07178db2b1e05e0dd08b7e45635c83c3197aa9503e03814141a2397bc27d17d8dce0be5284c2caada0c1ffbae163323cc13cce7e2aa79983803dc2462237ee7399861e8ff61a8f9fb07142c3fac021e3eccfb1fe2d47d82c65bc350115d727f85e6c34d6ec3bc53db6b31f5aa9e8f1d8de21f5e0e07e099592db821142d2015a4bf9785f837805848b8b689f69fbbb01f9c23168f2ae424da673d0ba55bae9ffdaf11dcf388c39db8b6c697ba4ce27b56425f96f2a6e2b9e708216b1c04a2030d8ae3aa6b7374c324292de93f44fde7c71927620b42b9d44a0a57245808f256d4d4078eeb44f55cc13fba1f1acfc5eab1cc0e75db6d727b5268a3e4805196ddeec64d391254a9bfac5813ef5d9571554793dc9afc2974487e9c1a52eae0146b725afccdd67a329f552fc4d6584c29d86824ec55557f81805bf08d6b61085464a3a2b285345f48dc9131b3d4429af5a3bd0ec0f9c3105d3bf5afa92602650a94868e93dc5357f662b4ec936b7b0423b7aedbd5db9d09bd34bca1c67954c9fc4dc0ee1bad3e57c0a07448f221052cd00df2fe939f7e8701087ecd0ae8f19e8c83b47a725468072f150383994174f5bc545a30ea5ed128e386b70fa556db2083be1add4624af392c68cf70f0f925fcd79d07357987809d546f2dcddc66939181a14f78953e7d8ceb7547df5064574a1461b03b9d8ae1b29c2412397961b64400a37be54fb0bfcd1d5bb8d36bb16a05c9ec6759cc58668d7069d157a3b17014c5473d2ee146e6d747537436965c62dd3612bbb473db2363fb29aa07edfa50a85bc5bcb9d161d76a9e50a88b2a899849c20ce564852758d0d95f747930f515c20e962525d9fc17c9013a34ad83ff6bdaa14c2c311397bc9b6c1a8cd8744f835c71a185aab10e17b9b48740dcad649f87fdb8618dc60e57b7f008a4506d6444841419a654d792f11780fc1f92e94a84f3acbb40af8a5528d599f570c6e3ba9ef775423b1d7e49229d7cbee1e8f54fe56a3e01a03a2b543c8fd275867792052646127c5caecb71bf00e59d27d447c3065f41a13d729f245961b1b5ec74db05b005da0210c2088103a54044dad8d123ae98bf56e5db8c42579276f453ea4e77b60c08d7674af427dbeb409492ff30d2f67dfc8c506480fc99a0bb916ddb6afe6555241af6c3336f2018c0cc596426f8ca16830d81cb2fbccf59e5f0b94c6faadb3f17a0c322ada78bf28075b788588e9a8727462a01b0d6258c117fc64f007edf7036139718feea11ff2ac13a51aedc8bbd24d9d66200168da94a0087de380e6ce3fc916b24130a5da084814a5824bfff3a37c118774eaab35e4376abb8b8fbaf9f982349d48bddbd2f484ed204325ebec2af142e10f91b52dfd23960a8624a09e1b80effbbe759bbfd2046be8898a731f654057af03e39f8c009646a32bd395182d3061bbfc6f72b8876c54985c65ffb7c5a2432fb20e9a9e72c0744703fbc442256da243c002b7b840b367554d364649da9101ce0c274c5204a6e626f65d474881f4c04f592fe897525f360ce4fb23879c6e456844e2511bc3cd2f5c2c5dd4ccaca0ef2d17bef79dca5aec414fdc9b0a51b7efa9f7b1424fc6c61cd5b49d8a36fde54651b48a7bd6cef95b65cab634c1582f1d81af4125e0d28c4c9284c0f74d772e193b7d3d7811bf9e28ba267d0482ee0d205e04b6bdb270008fa7b5d4a720dd06cf6f2735673b48888143fa814d640dbb4646d7c48691949c5275653b5bb307434bedf1f00c5076723060e0cf1d1f79a198cb5ba3f11abf5d4971becdd2b560ffa5a52833f5179bc18f7437d423d0e4e23b59604ffdcb57df78c2d30554760be9541b144437726a61de039c025268233f7044f903cbb4e0991ae1759f9ba8719f5cee8528185babd7242aa327c33c6295cbe9419fc504b2b02784bc3ffb8028bd7b65f0551ca620117bbd6f66465fc11bfda7f13d381f0d10989029ca3d5c98c72c9feb756ff65910f510e3e3046afec2ec8e607d248690e4d61115b00c8703079c51b7a143b1ec97228e011062607e504acc364a331771cb32efb5d430f6fdfb404a387c76e6bacb7915309e7d199440a6eb7d898e285344ed724ae87951c6472dd53579e3793da7416d622ef62e00a4aa6cef59cba1f17eef14e1c79e5ce99053dafb017ef963d302ccbdbec1763171871a90d368da4f067c1b04f2cd1c53188083173b22f1504500bbe8bff27f674dca63acca713595006b64283da06de8123b2eba94c29db94b81a46be9bf00e8c84e5fd124b419f1f27a4ffe393ff06cc350c858b3584d70064983e9bcf6c1236bec2d748bf48f6695597eb833a96ccd645fbdaaa8f678d27465e5c6701317ed999539c738c7749d4036ec6e2a2b855fbe1145be481576e6c6f1ba0d3838"}) close(r1) [ 1972.566822][ T4063] FAULT_INJECTION: forcing a failure. [ 1972.566822][ T4063] name failslab, interval 1, probability 0, space 0, times 0 [ 1972.576954][ T4063] CPU: 0 PID: 4063 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1972.579949][ T4063] Hardware name: riscv-virtio,qemu (DT) [ 1972.581064][ T4063] Call Trace: [ 1972.581920][ T4063] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1972.583343][ T4063] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1972.584763][ T4063] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1972.586162][ T4063] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1972.588044][ T4063] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1972.590024][ T4063] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1972.591383][ T4063] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1972.592882][ T4063] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1972.594936][ T4063] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1972.596238][ T4063] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1972.598012][ T4063] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1972.599628][ T4063] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1972.601282][ T4063] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1972.603395][ T4063] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1972.605382][ T4063] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1972.607284][ T4063] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1972.609384][ T4063] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1972.611316][ T4063] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1972.612746][ T4063] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1972.614179][ T4063] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1972.615707][ T4063] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1972.617242][ T4063] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1972.619236][ T4063] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1972.620783][ T4063] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1972.622329][ T4063] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1972.624309][ T4063] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1972.625704][ T4063] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:52 executing program 1 (fault-call:2 fault-nth:43): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:32:54 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) close(r1) [ 1976.897310][ T4068] FAULT_INJECTION: forcing a failure. [ 1976.897310][ T4068] name failslab, interval 1, probability 0, space 0, times 0 [ 1976.945218][ T4068] CPU: 1 PID: 4068 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1976.946828][ T4068] Hardware name: riscv-virtio,qemu (DT) [ 1976.948302][ T4068] Call Trace: [ 1976.949481][ T4068] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1976.950854][ T4068] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1976.952206][ T4068] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1976.953546][ T4068] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1976.954785][ T4068] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1976.956141][ T4068] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1976.957543][ T4068] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1976.959489][ T4068] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 1976.960905][ T4068] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 1976.962196][ T4068] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1976.963619][ T4068] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1976.965056][ T4068] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1976.966455][ T4068] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1976.968478][ T4068] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1976.970322][ T4068] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1976.971662][ T4068] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1976.973106][ T4068] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1976.974494][ T4068] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1976.975750][ T4068] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1976.977182][ T4068] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1976.979156][ T4068] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1976.980632][ T4068] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1976.982043][ T4068] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1976.983539][ T4068] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1976.984920][ T4068] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1976.986185][ T4068] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1976.987594][ T4068] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:32:57 executing program 1 (fault-call:2 fault-nth:44): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1981.254457][ T4073] FAULT_INJECTION: forcing a failure. [ 1981.254457][ T4073] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1981.259446][ T4073] CPU: 0 PID: 4073 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1981.261204][ T4073] Hardware name: riscv-virtio,qemu (DT) [ 1981.262197][ T4073] Call Trace: [ 1981.263230][ T4073] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1981.264663][ T4073] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1981.266021][ T4073] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1981.267362][ T4073] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1981.269216][ T4073] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1981.270628][ T4073] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1981.272122][ T4073] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1981.273622][ T4073] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1981.275919][ T4073] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 1981.277388][ T4073] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 1981.279001][ T4073] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 1981.280661][ T4073] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 1981.282260][ T4073] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1981.283998][ T4073] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1981.285499][ T4073] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1981.287121][ T4073] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1981.289150][ T4073] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1981.290609][ T4073] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1981.291896][ T4073] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1981.293183][ T4073] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1981.294932][ T4073] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1981.296475][ T4073] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1981.297911][ T4073] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1981.299881][ T4073] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1981.301490][ T4073] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1981.303036][ T4073] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1981.304955][ T4073] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1981.306450][ T4073] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1981.308308][ T4073] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1981.310154][ T4073] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1981.311510][ T4073] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = fanotify_init(0x40, 0x800) ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f00000000c0)) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) r4 = accept4$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2711, @local}, 0x10, 0x80000) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r4, 0x8008f511, &(0x7f00000001c0)) close(r3) 00:33:02 executing program 1 (fault-call:2 fault-nth:45): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1988.396843][ T4080] FAULT_INJECTION: forcing a failure. [ 1988.396843][ T4080] name failslab, interval 1, probability 0, space 0, times 0 [ 1988.401701][ T4080] CPU: 0 PID: 4080 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1988.404452][ T4080] Hardware name: riscv-virtio,qemu (DT) [ 1988.405502][ T4080] Call Trace: [ 1988.406341][ T4080] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1988.408505][ T4080] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1988.410632][ T4080] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1988.412023][ T4080] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1988.413462][ T4080] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1988.414987][ T4080] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1988.416435][ T4080] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1988.418253][ T4080] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 1988.419856][ T4080] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1988.421388][ T4080] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1988.423530][ T4080] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1988.425148][ T4080] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1988.426646][ T4080] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1988.428994][ T4080] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1988.430433][ T4080] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1988.431961][ T4080] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1988.433988][ T4080] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1988.435600][ T4080] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1988.437548][ T4080] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1988.439663][ T4080] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1988.441227][ T4080] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1988.442671][ T4080] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1988.444137][ T4080] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1988.445694][ T4080] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1988.447119][ T4080] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1988.449027][ T4080] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1988.450490][ T4080] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000000c0)={<r2=>0x0, 0x100000000, 0x0, [0x100000001, 0xd62, 0x9, 0xfff, 0x3273], [0x4, 0x7f, 0xffffffff, 0x0, 0x43, 0x4, 0x2, 0x5, 0x1000, 0x5, 0x1, 0x800000000000000, 0xfffffffffffffff8, 0x5a, 0x1, 0x1f, 0x6, 0xfffffffffffffffc, 0xb6f, 0x7ca, 0x6, 0xe4, 0x8c, 0x1, 0xeb, 0xae74, 0x80, 0x9, 0x1, 0x800, 0x4, 0x4, 0x1, 0x2, 0x3, 0xfc6, 0x0, 0x7, 0x6, 0xf1f, 0x3, 0x7, 0x1000, 0xed, 0x463, 0x1, 0x41d, 0x4ad, 0x5, 0x7, 0x6, 0x9, 0x0, 0x5, 0xd8d, 0x8001, 0x8, 0xffffffffffff25c9, 0x8, 0x8, 0x1f, 0x0, 0x8, 0xdc, 0x7fffffff, 0x1, 0xa03, 0x7fffffff, 0x9, 0x7f, 0x401, 0x1, 0xbc90, 0x0, 0x0, 0x6, 0x3ff, 0xffffffff, 0x1d, 0x200, 0x5, 0x4, 0x80000001, 0x9, 0xffff, 0x7a8, 0xb9f8, 0xfffffffffffffff9, 0x3, 0x10001, 0x100000001, 0x8, 0x80000001, 0x8001, 0x10001, 0x7, 0x3, 0xffffffffffffffff, 0x5, 0xba, 0x100, 0x9, 0x2, 0x7f2, 0x77, 0x18, 0x8001, 0x39, 0x8, 0x100000001, 0x10000000000000, 0x3, 0x6, 0x8, 0x8fb, 0xfffffffffffffffc, 0x9, 0x2, 0x0, 0x4, 0x3f]}) ioctl$BTRFS_IOC_GET_DEV_STATS(r0, 0xc4089434, &(0x7f00000005c0)={<r3=>0x0, 0xc2, 0x1, [0x1, 0x6452, 0x3, 0x1, 0x25b], [0x7088, 0x0, 0xfffffffffffffffe, 0x1, 0x8d8, 0x0, 0xffffffffffffff11, 0x2, 0xfffffffeffffffff, 0x8, 0x3, 0x7, 0x7, 0x2, 0x8616, 0x80, 0x1ff, 0x5, 0x0, 0x7, 0xffffffffffffff8e, 0xb34, 0xcf45, 0xe513, 0x7, 0x1, 0x8000000, 0x7, 0x401, 0x4, 0x4040000000, 0x7fff, 0x3f, 0x7, 0xfffffffffffffc01, 0x400, 0x800, 0x1ff, 0x7ff, 0x800, 0x8, 0x1ff, 0x1000, 0x22, 0x10001, 0x2, 0xee4, 0x8, 0x0, 0x59ff, 0x8a60000000000000, 0x3, 0x1, 0x9, 0x37, 0x0, 0x6, 0x4, 0x4, 0x6, 0x7, 0x3, 0x80000000, 0x0, 0x33d8, 0x101, 0x6, 0x7fff, 0x5, 0x5d, 0x9, 0x31, 0x10000, 0xffffffff, 0xfffffffffffffffa, 0x8, 0x19007771, 0x3f, 0x1ba, 0x9, 0x9, 0x63, 0x6c44, 0x0, 0x5, 0x4c, 0x8, 0x1, 0x7, 0x1, 0x7fff, 0x5, 0xffffffffffffffff, 0x0, 0x2a, 0x3ff, 0x3, 0x7, 0xffffffff80000001, 0x8, 0x7fffffff, 0x8, 0x4, 0x549, 0xb2, 0x8, 0x9, 0x7ff, 0xffffffffffffb84e, 0x100, 0xbfe, 0x7, 0x80000000, 0x4, 0x0, 0x3, 0xfc2, 0x4, 0x2, 0x400, 0x6]}) ioctl$BTRFS_IOC_BALANCE_V2(r0, 0xc4009420, &(0x7f0000000a00)={0x2, 0x1, {0xffffffffffffffe1, @usage=0x7, r2, 0x101, 0x5, 0xe03, 0x8, 0x1, 0x0, @struct={0x9, 0x4}, 0x8, 0x7, [0xfff, 0x3, 0x4, 0x6, 0x101, 0x3]}, {0x80000000, @struct={0x49ab93df, 0x9d}, 0x0, 0x1000, 0x81, 0x9, 0x5, 0x9, 0xb0, @usage=0x1, 0x7, 0x5, [0x2, 0x2, 0x4, 0x8, 0x7, 0x5]}, {0x3, @usage=0x7, r3, 0x8, 0x0, 0xfffffffffffffffe, 0x0, 0x2, 0x8, @usage=0x5, 0x8, 0x6, [0x1000, 0x5d, 0x3, 0x2, 0x6c54, 0x6]}, {0x8, 0x5, 0x7fffffff}}) close(r1) 00:33:09 executing program 1 (fault-call:2 fault-nth:46): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 1992.770631][ T4085] FAULT_INJECTION: forcing a failure. [ 1992.770631][ T4085] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1992.791933][ T4085] CPU: 1 PID: 4085 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1992.793541][ T4085] Hardware name: riscv-virtio,qemu (DT) [ 1992.794393][ T4085] Call Trace: [ 1992.795084][ T4085] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1992.796226][ T4085] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1992.797439][ T4085] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1992.798826][ T4085] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1992.799892][ T4085] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1992.801222][ T4085] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 1992.802906][ T4085] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 1992.804211][ T4085] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 1992.805468][ T4085] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 1992.806630][ T4085] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 1992.808128][ T4085] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 1992.809905][ T4085] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 1992.811174][ T4085] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1992.812252][ T4085] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1992.813435][ T4085] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1992.814615][ T4085] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1992.815874][ T4085] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1992.817611][ T4085] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1992.819118][ T4085] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1992.820342][ T4085] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1992.821593][ T4085] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1992.823217][ T4085] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1992.824365][ T4085] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1992.825613][ T4085] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1992.827126][ T4085] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1992.828722][ T4085] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1992.830276][ T4085] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1992.831589][ T4085] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1992.832874][ T4085] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1992.834284][ T4085] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1992.835482][ T4085] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:13 executing program 1 (fault-call:2 fault-nth:47): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:33:13 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000001740), 0x301000, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f0000001840)={&(0x7f0000001780)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001800)={&(0x7f00000017c0)={0x20, 0x140b, 0x5, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_RES_CM_IDN={0x8, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}, 0x1, 0x0, 0x0, 0x840}, 0x20004800) io_uring_register$IORING_UNREGISTER_EVENTFD(r1, 0x5, 0x0, 0x0) [ 1996.997029][ T4089] FAULT_INJECTION: forcing a failure. [ 1996.997029][ T4089] name failslab, interval 1, probability 0, space 0, times 0 [ 1997.019753][ T4089] CPU: 1 PID: 4089 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 1997.021409][ T4089] Hardware name: riscv-virtio,qemu (DT) [ 1997.022666][ T4089] Call Trace: [ 1997.023663][ T4089] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 1997.024782][ T4089] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 1997.025900][ T4089] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 1997.027164][ T4089] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 1997.028744][ T4089] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 1997.030295][ T4089] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 1997.031491][ T4089] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 1997.032585][ T4089] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 1997.033692][ T4089] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 1997.035429][ T4089] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 1997.036690][ T4089] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 1997.038370][ T4089] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 1997.039894][ T4089] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 1997.041664][ T4089] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 1997.042923][ T4089] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 1997.044717][ T4089] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 1997.046444][ T4089] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 1997.047553][ T4089] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 1997.049146][ T4089] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 1997.050345][ T4089] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 1997.051445][ T4089] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 1997.052524][ T4089] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 1997.054222][ T4089] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 1997.055316][ T4089] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 1997.056601][ T4089] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 1997.058201][ T4089] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 1997.059929][ T4089] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 1997.061489][ T4089] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 1997.062579][ T4089] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 1997.063714][ T4089] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:17 executing program 1 (fault-call:2 fault-nth:48): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:33:18 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r2, 0x540f, 0xea007) ioctl$TCXONC(r2, 0x540a, 0x2) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2001.784315][ T4096] FAULT_INJECTION: forcing a failure. [ 2001.784315][ T4096] name failslab, interval 1, probability 0, space 0, times 0 [ 2001.786799][ T4096] CPU: 0 PID: 4096 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2001.789484][ T4096] Hardware name: riscv-virtio,qemu (DT) [ 2001.791098][ T4096] Call Trace: [ 2001.791985][ T4096] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2001.793542][ T4096] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2001.794943][ T4096] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2001.796210][ T4096] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2001.797879][ T4096] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2001.799821][ T4096] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2001.801208][ T4096] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2001.802623][ T4096] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2001.804136][ T4096] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2001.805512][ T4096] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2001.806955][ T4096] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2001.809324][ T4096] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2001.810849][ T4096] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2001.812363][ T4096] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2001.813741][ T4096] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2001.815068][ T4096] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2001.816500][ T4096] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2001.818606][ T4096] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2001.820679][ T4096] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2001.822090][ T4096] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2001.823544][ T4096] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2001.825062][ T4096] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2001.826430][ T4096] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2001.828492][ T4096] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2001.829956][ T4096] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2001.831304][ T4096] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2001.832704][ T4096] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:23 executing program 1 (fault-call:2 fault-nth:49): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2007.039432][ T4103] FAULT_INJECTION: forcing a failure. [ 2007.039432][ T4103] name failslab, interval 1, probability 0, space 0, times 0 [ 2007.041618][ T4103] CPU: 0 PID: 4103 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2007.043269][ T4103] Hardware name: riscv-virtio,qemu (DT) [ 2007.044307][ T4103] Call Trace: [ 2007.045195][ T4103] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2007.046630][ T4103] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2007.048506][ T4103] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2007.050034][ T4103] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2007.051509][ T4103] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2007.053220][ T4103] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2007.054705][ T4103] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2007.056123][ T4103] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2007.057936][ T4103] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2007.059966][ T4103] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2007.061612][ T4103] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2007.063197][ T4103] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2007.065068][ T4103] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2007.066626][ T4103] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2007.068472][ T4103] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2007.069981][ T4103] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2007.071605][ T4103] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2007.073706][ T4103] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2007.075182][ T4103] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2007.076713][ T4103] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2007.078845][ T4103] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2007.080525][ T4103] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2007.082147][ T4103] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2007.084500][ T4103] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2007.086304][ T4103] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2007.088434][ T4103] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2007.090456][ T4103] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:25 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r3, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'wg2\x00'}) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)={'veth0_macvtap\x00'}) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r4, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r4, 0x400454d0, 0xffffffffffffffff) ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000100)=""/28) r5 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040), 0x410800, 0x0) fcntl$setlease(r5, 0x400, 0x1) close(r1) 00:33:27 executing program 1 (fault-call:2 fault-nth:50): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2011.294988][ T4109] FAULT_INJECTION: forcing a failure. [ 2011.294988][ T4109] name failslab, interval 1, probability 0, space 0, times 0 [ 2011.297197][ T4109] CPU: 0 PID: 4109 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2011.299926][ T4109] Hardware name: riscv-virtio,qemu (DT) [ 2011.301555][ T4109] Call Trace: [ 2011.302422][ T4109] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2011.303852][ T4109] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2011.305243][ T4109] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2011.306557][ T4109] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2011.308345][ T4109] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2011.310605][ T4109] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2011.311954][ T4109] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2011.313311][ T4109] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2011.314965][ T4109] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2011.317025][ T4109] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2011.319250][ T4109] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2011.320888][ T4109] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2011.322389][ T4109] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2011.324751][ T4109] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2011.326206][ T4109] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2011.328203][ T4109] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2011.330385][ T4109] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2011.331828][ T4109] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2011.333248][ T4109] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2011.335380][ T4109] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2011.336890][ T4109] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2011.339104][ T4109] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2011.341065][ T4109] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2011.342576][ T4109] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2011.344032][ T4109] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2011.346144][ T4109] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2011.348114][ T4109] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:30 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x8900, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:33:31 executing program 1 (fault-call:2 fault-nth:51): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2015.633734][ T4114] FAULT_INJECTION: forcing a failure. [ 2015.633734][ T4114] name failslab, interval 1, probability 0, space 0, times 0 [ 2015.636067][ T4114] CPU: 0 PID: 4114 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2015.638775][ T4114] Hardware name: riscv-virtio,qemu (DT) [ 2015.640443][ T4114] Call Trace: [ 2015.641422][ T4114] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2015.643515][ T4114] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2015.644946][ T4114] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2015.646726][ T4114] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2015.648699][ T4114] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2015.650174][ T4114] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2015.651536][ T4114] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2015.652887][ T4114] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2015.654380][ T4114] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2015.655708][ T4114] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2015.657172][ T4114] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2015.659341][ T4114] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2015.660843][ T4114] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2015.662333][ T4114] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2015.663733][ T4114] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2015.665518][ T4114] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2015.667007][ T4114] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2015.668952][ T4114] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2015.670961][ T4114] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2015.672415][ T4114] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2015.673788][ T4114] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2015.675246][ T4114] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2015.676695][ T4114] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2015.678828][ T4114] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2015.680985][ T4114] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2015.682304][ T4114] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2015.683683][ T4114] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:36 executing program 0: r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff) ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000040)=0x3) mkdirat(0xffffffffffffffff, &(0x7f0000000140)='./file0\x00', 0xc0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r1, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) ioctl$KDSKBLED(r1, 0x4b65, 0x0) dup(r1) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r4, 0x400454ca, &(0x7f0000000000)) close_range(0xffffffffffffffff, r3, 0x2) ioctl$TUNSETTXFILTER(r4, 0x400454d0, 0xffffffffffffffff) r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r5, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r5, 0x400454d0, 0xffffffffffffffff) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000100), 0x4) close(0xffffffffffffffff) 00:33:36 executing program 1 (fault-call:2 fault-nth:52): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2022.114002][ T4121] FAULT_INJECTION: forcing a failure. [ 2022.114002][ T4121] name failslab, interval 1, probability 0, space 0, times 0 [ 2022.115603][ T4121] CPU: 0 PID: 4121 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2022.116689][ T4121] Hardware name: riscv-virtio,qemu (DT) [ 2022.117476][ T4121] Call Trace: [ 2022.118183][ T4121] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2022.119404][ T4121] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2022.120847][ T4121] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2022.122065][ T4121] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2022.122943][ T4121] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2022.123862][ T4121] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2022.124821][ T4121] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2022.125717][ T4121] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2022.126634][ T4121] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2022.127663][ T4121] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2022.128985][ T4121] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2022.130011][ T4121] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2022.131002][ T4121] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2022.131945][ T4121] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2022.132877][ T4121] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2022.133763][ T4121] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2022.134776][ T4121] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2022.135682][ T4121] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2022.136570][ T4121] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2022.137626][ T4121] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2022.138936][ T4121] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2022.140165][ T4121] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2022.141307][ T4121] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2022.142234][ T4121] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2022.143196][ T4121] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2022.144128][ T4121] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2022.145103][ T4121] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:43 executing program 1 (fault-call:2 fault-nth:53): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:33:43 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) r3 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r3, 0x400, 0x0) close(r3) mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2000008, 0x12, r0, 0xffe79000) ioctl$FBIOBLANK(r3, 0x4611, 0x2) fcntl$lock(r1, 0x26, &(0x7f0000000040)={0x2, 0x3, 0x0, 0x5, 0xffffffffffffffff}) close(r1) [ 2028.345221][ T4131] FAULT_INJECTION: forcing a failure. [ 2028.345221][ T4131] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2028.360215][ T4131] CPU: 0 PID: 4131 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2028.362783][ T4131] Hardware name: riscv-virtio,qemu (DT) [ 2028.364282][ T4131] Call Trace: [ 2028.365156][ T4131] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2028.367068][ T4131] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2028.368989][ T4131] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2028.370318][ T4131] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2028.371675][ T4131] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2028.373075][ T4131] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2028.374506][ T4131] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2028.376015][ T4131] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2028.377588][ T4131] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 2028.379528][ T4131] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 2028.381014][ T4131] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 2028.382456][ T4131] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 2028.383944][ T4131] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2028.385249][ T4131] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2028.386641][ T4131] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2028.388831][ T4131] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2028.391169][ T4131] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2028.392769][ T4131] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2028.394363][ T4131] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2028.396604][ T4131] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2028.398642][ T4131] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2028.400137][ T4131] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2028.401525][ T4131] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2028.403402][ T4131] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2028.405390][ T4131] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2028.406918][ T4131] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2028.409380][ T4131] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2028.410909][ T4131] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2028.412285][ T4131] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2028.413812][ T4131] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2028.415194][ T4131] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:49 executing program 1 (fault-call:2 fault-nth:54): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:33:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$TCGETS(r0, 0x5401, &(0x7f0000000000)) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x2) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2033.953080][ T4138] FAULT_INJECTION: forcing a failure. [ 2033.953080][ T4138] name failslab, interval 1, probability 0, space 0, times 0 [ 2033.956481][ T4138] CPU: 1 PID: 4138 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2033.959206][ T4138] Hardware name: riscv-virtio,qemu (DT) [ 2033.960811][ T4138] Call Trace: [ 2033.962020][ T4138] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2033.963482][ T4138] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2033.965050][ T4138] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2033.966647][ T4138] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2033.968481][ T4138] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2033.970464][ T4138] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2033.971809][ T4138] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2033.973258][ T4138] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2033.974751][ T4138] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2033.975997][ T4138] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2033.978009][ T4138] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2033.980050][ T4138] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2033.981474][ T4138] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2033.982871][ T4138] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2033.984078][ T4138] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2033.985343][ T4138] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2033.986650][ T4138] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2033.988950][ T4138] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2033.990883][ T4138] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2033.992292][ T4138] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2033.993888][ T4138] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2033.995933][ T4138] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2033.997425][ T4138] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2033.999603][ T4138] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2034.001145][ T4138] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2034.002948][ T4138] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2034.004292][ T4138] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:54 executing program 1 (fault-call:2 fault-nth:55): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:33:55 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f00000000c0)) syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00') [ 2038.283588][ T4144] FAULT_INJECTION: forcing a failure. [ 2038.283588][ T4144] name failslab, interval 1, probability 0, space 0, times 0 [ 2038.321166][ T4144] CPU: 0 PID: 4144 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2038.322903][ T4144] Hardware name: riscv-virtio,qemu (DT) [ 2038.323885][ T4144] Call Trace: [ 2038.324708][ T4144] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2038.326106][ T4144] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2038.327473][ T4144] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2038.329185][ T4144] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2038.330392][ T4144] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2038.331849][ T4144] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2038.333221][ T4144] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2038.334360][ T4144] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2038.335351][ T4144] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2038.336269][ T4144] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2038.337224][ T4144] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2038.339040][ T4144] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2038.340528][ T4144] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2038.342007][ T4144] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2038.343242][ T4144] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2038.344536][ T4144] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2038.345552][ T4144] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2038.346577][ T4144] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2038.347934][ T4144] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2038.349560][ T4144] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2038.351065][ T4144] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2038.352480][ T4144] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2038.353894][ T4144] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2038.355313][ T4144] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2038.356653][ T4144] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2038.358508][ T4144] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2038.360428][ T4144] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:33:58 executing program 1 (fault-call:2 fault-nth:56): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2042.616542][ T4149] FAULT_INJECTION: forcing a failure. [ 2042.616542][ T4149] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2042.622330][ T4149] CPU: 1 PID: 4149 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2042.624258][ T4149] Hardware name: riscv-virtio,qemu (DT) [ 2042.625331][ T4149] Call Trace: [ 2042.626656][ T4149] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2042.629056][ T4149] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2042.630510][ T4149] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2042.631846][ T4149] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2042.633118][ T4149] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2042.634534][ T4149] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2042.636061][ T4149] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2042.637635][ T4149] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2042.639187][ T4149] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2042.640499][ T4149] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2042.641989][ T4149] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2042.644047][ T4149] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2042.645439][ T4149] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2042.646769][ T4149] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2042.648742][ T4149] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2042.650050][ T4149] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2042.651464][ T4149] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2042.653468][ T4149] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2042.654811][ T4149] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2042.656105][ T4149] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2042.657405][ T4149] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2042.659470][ T4149] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:02 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x680800, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCXONC(r2, 0x540a, 0x1) 00:34:03 executing program 1 (fault-call:2 fault-nth:57): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2046.963764][ T4154] FAULT_INJECTION: forcing a failure. [ 2046.963764][ T4154] name failslab, interval 1, probability 0, space 0, times 0 [ 2046.966313][ T4154] CPU: 0 PID: 4154 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2046.967735][ T4154] Hardware name: riscv-virtio,qemu (DT) [ 2046.969105][ T4154] Call Trace: [ 2046.970082][ T4154] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2046.971860][ T4154] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2046.972997][ T4154] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2046.973954][ T4154] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2046.975649][ T4154] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2046.976739][ T4154] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2046.978147][ T4154] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2046.979316][ T4154] [<ffffffe0003b8a4c>] __kmalloc+0x6e/0x332 [ 2046.980355][ T4154] [<ffffffe000492d92>] __blkdev_direct_IO_simple+0x110/0x4f0 [ 2046.981557][ T4154] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2046.982668][ T4154] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2046.983780][ T4154] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2046.984817][ T4154] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2046.985896][ T4154] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2046.986878][ T4154] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2046.988873][ T4154] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2046.990669][ T4154] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2046.991631][ T4154] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2046.992740][ T4154] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:05 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$VT_RESIZE(r0, 0x5609, &(0x7f0000000000)={0x715, 0x3, 0x1}) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:34:07 executing program 1 (fault-call:2 fault-nth:58): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2051.555661][ T4159] FAULT_INJECTION: forcing a failure. [ 2051.555661][ T4159] name failslab, interval 1, probability 0, space 0, times 0 [ 2051.559659][ T4159] CPU: 0 PID: 4159 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2051.561641][ T4159] Hardware name: riscv-virtio,qemu (DT) [ 2051.563229][ T4159] Call Trace: [ 2051.564311][ T4159] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2051.565815][ T4159] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2051.567201][ T4159] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2051.569262][ T4159] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2051.570653][ T4159] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2051.572325][ T4159] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2051.574425][ T4159] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2051.575853][ T4159] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2051.577656][ T4159] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2051.579577][ T4159] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2051.581257][ T4159] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2051.582792][ T4159] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2051.584295][ T4159] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2051.585842][ T4159] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2051.587203][ T4159] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2051.589211][ T4159] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2051.590743][ T4159] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2051.592192][ T4159] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2051.594273][ T4159] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2051.595737][ T4159] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2051.597240][ T4159] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2051.599372][ T4159] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2051.600948][ T4159] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2051.602640][ T4159] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2051.604158][ T4159] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2051.605564][ T4159] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2051.606930][ T4159] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80881, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = socket$rds(0x15, 0x5, 0x0) r3 = memfd_create(&(0x7f0000000000)='/dev/ptmx\x00', 0x6) r4 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r4, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r4, 0x400454d0, 0xffffffffffffffff) dup(r4) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r5, 0x400, 0x0) close(r5) sendto$inet(r1, &(0x7f0000000180)="179d624a7080499828d54b57ea5f65b0896b1b593aeb95e1480b3010e64eccf1514fdc1f4d951669429c7ca6fc19fb978ce689a057ca0e0929ff35605fdafe3830551f47a6cde5bfbad26939861fa68ee4a8ccd26e02370a6c6b73725ec78bf65dbde7f1dfed76809dbca6d038d07fa7703d36e9afb2c038acbf261c4f72187ad9bb658580ea407ff4119b80e2eee43395b7c4bde3c8516db9bf69f2d8d33d0c290d6a0deae75ae01d1588a46c1ed511173403cc67b933266d9ddc28a04c77df8854287fb011359d811df5c2e5bed6", 0xcf, 0x20000000, &(0x7f0000000280)={0x2, 0x4e20, @local}, 0x10) ioctl$GIO_UNIMAP(r5, 0x4b66, &(0x7f0000000140)={0x4, &(0x7f0000000100)=[{}, {}, {}, {}]}) dup3(r2, r3, 0x0) 00:34:11 executing program 1 (fault-call:2 fault-nth:59): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2054.966326][ T4162] FAULT_INJECTION: forcing a failure. [ 2054.966326][ T4162] name failslab, interval 1, probability 0, space 0, times 0 [ 2054.982654][ T4162] CPU: 0 PID: 4162 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2054.984534][ T4162] Hardware name: riscv-virtio,qemu (DT) [ 2054.985587][ T4162] Call Trace: [ 2054.986451][ T4162] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2054.987954][ T4162] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2054.989958][ T4162] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2054.991421][ T4162] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2054.992903][ T4162] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2054.995255][ T4162] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2054.996814][ T4162] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2054.998834][ T4162] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2055.000457][ T4162] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2055.001996][ T4162] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2055.004149][ T4162] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2055.005719][ T4162] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2055.007248][ T4162] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2055.009443][ T4162] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2055.010949][ T4162] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2055.012211][ T4162] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2055.013623][ T4162] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2055.015097][ T4162] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2055.016496][ T4162] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2055.018559][ T4162] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2055.020929][ T4162] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2055.022528][ T4162] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2055.024782][ T4162] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2055.026406][ T4162] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2055.028410][ T4162] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2055.030746][ T4162] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2055.033168][ T4162] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:15 executing program 1 (fault-call:2 fault-nth:60): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2059.311998][ T4167] FAULT_INJECTION: forcing a failure. [ 2059.311998][ T4167] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2059.314071][ T4167] CPU: 1 PID: 4167 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2059.315355][ T4167] Hardware name: riscv-virtio,qemu (DT) [ 2059.316728][ T4167] Call Trace: [ 2059.317841][ T4167] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2059.319618][ T4167] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2059.320658][ T4167] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2059.321889][ T4167] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2059.323102][ T4167] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2059.324503][ T4167] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2059.326072][ T4167] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2059.328005][ T4167] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2059.330008][ T4167] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2059.331741][ T4167] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2059.332966][ T4167] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2059.333927][ T4167] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2059.334920][ T4167] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2059.335841][ T4167] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2059.336847][ T4167] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2059.338076][ T4167] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2059.339340][ T4167] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2059.340274][ T4167] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2059.341513][ T4167] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2059.342395][ T4167] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2059.343395][ T4167] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2059.344328][ T4167] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:34:19 executing program 1 (fault-call:2 fault-nth:61): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2063.004979][ T4173] FAULT_INJECTION: forcing a failure. [ 2063.004979][ T4173] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2063.007139][ T4173] CPU: 0 PID: 4173 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2063.009267][ T4173] Hardware name: riscv-virtio,qemu (DT) [ 2063.010039][ T4173] Call Trace: [ 2063.010620][ T4173] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2063.011757][ T4173] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2063.012963][ T4173] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2063.014861][ T4173] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2063.016149][ T4173] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2063.017776][ T4173] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2063.019667][ T4173] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2063.021150][ T4173] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2063.022806][ T4173] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2063.024660][ T4173] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2063.026083][ T4173] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2063.027654][ T4173] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2063.029847][ T4173] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2063.031334][ T4173] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2063.033417][ T4173] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2063.034913][ T4173] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2063.036459][ T4173] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2063.038315][ T4173] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2063.040355][ T4173] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2063.041743][ T4173] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2063.043019][ T4173] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2063.044852][ T4173] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:23 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:34:23 executing program 1 (fault-call:2 fault-nth:62): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2066.701877][ T4176] FAULT_INJECTION: forcing a failure. [ 2066.701877][ T4176] name failslab, interval 1, probability 0, space 0, times 0 [ 2066.705159][ T4176] CPU: 1 PID: 4176 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2066.707963][ T4176] Hardware name: riscv-virtio,qemu (DT) [ 2066.709084][ T4176] Call Trace: [ 2066.710018][ T4176] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2066.713186][ T4176] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2066.715497][ T4176] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2066.716899][ T4176] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2066.718840][ T4176] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2066.720326][ T4176] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2066.721886][ T4176] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2066.723368][ T4176] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 2066.725242][ T4176] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 2066.726837][ T4176] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 2066.729462][ T4176] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 2066.732004][ T4176] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2066.733390][ T4176] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2066.734813][ T4176] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2066.736268][ T4176] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2066.738197][ T4176] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2066.739774][ T4176] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2066.741116][ T4176] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2066.742431][ T4176] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2066.743868][ T4176] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2066.745374][ T4176] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2066.746777][ T4176] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2066.749176][ T4176] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2066.750761][ T4176] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2066.753018][ T4176] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2066.754610][ T4176] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2066.756764][ T4176] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2066.758870][ T4176] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2066.760290][ T4176] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2066.761700][ T4176] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:27 executing program 1 (fault-call:2 fault-nth:63): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:34:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2071.404891][ T4182] FAULT_INJECTION: forcing a failure. [ 2071.404891][ T4182] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2071.406719][ T4182] CPU: 1 PID: 4182 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2071.409691][ T4182] Hardware name: riscv-virtio,qemu (DT) [ 2071.411429][ T4182] Call Trace: [ 2071.412705][ T4182] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2071.414108][ T4182] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2071.415065][ T4182] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2071.416064][ T4182] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2071.417302][ T4182] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2071.419240][ T4182] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2071.420304][ T4182] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2071.421417][ T4182] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2071.422787][ T4182] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2071.424045][ T4182] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2071.425178][ T4182] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2071.426527][ T4182] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2071.427896][ T4182] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2071.429014][ T4182] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2071.430105][ T4182] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2071.431071][ T4182] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2071.432299][ T4182] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2071.433596][ T4182] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2071.435019][ T4182] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2071.436066][ T4182] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2071.437127][ T4182] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2071.438676][ T4182] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:32 executing program 1 (fault-call:2 fault-nth:64): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:34:33 executing program 0: fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)={0x0, <r0=>0x0}) r1 = getpid() pidfd_open(r1, 0x0) r2 = gettid() pipe2(&(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0) clone3(&(0x7f0000000200)={0x1000, &(0x7f0000000000), &(0x7f0000000040), &(0x7f00000000c0), {0x32}, &(0x7f0000000100)=""/18, 0x12, &(0x7f00000005c0)=""/4096, &(0x7f0000000180)=[0x0, r0, r1, r2], 0x4, {r3}}, 0x58) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r4, 0x540f, 0xea007) r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r5, 0x400, 0x0) close(r5) readv(r5, &(0x7f0000000380)=[{&(0x7f0000000280)=""/238, 0xee}], 0x1) [ 2076.354892][ T4188] FAULT_INJECTION: forcing a failure. [ 2076.354892][ T4188] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2076.395636][ T4188] CPU: 1 PID: 4188 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2076.397907][ T4188] Hardware name: riscv-virtio,qemu (DT) [ 2076.399322][ T4188] Call Trace: [ 2076.400160][ T4188] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2076.401561][ T4188] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2076.402925][ T4188] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2076.404225][ T4188] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2076.405439][ T4188] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2076.406802][ T4188] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2076.408826][ T4188] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2076.410291][ T4188] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2076.411752][ T4188] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2076.413112][ T4188] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2076.415137][ T4188] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2076.416822][ T4188] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2076.418819][ T4188] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2076.420232][ T4188] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2076.421719][ T4188] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2076.423073][ T4188] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2076.424541][ T4188] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2076.425795][ T4188] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2076.427205][ T4188] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2076.429120][ T4188] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2076.430436][ T4188] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2076.431870][ T4188] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:37 executing program 1 (fault-call:2 fault-nth:65): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2081.371121][ T4194] FAULT_INJECTION: forcing a failure. [ 2081.371121][ T4194] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2081.374472][ T4194] CPU: 0 PID: 4194 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2081.376119][ T4194] Hardware name: riscv-virtio,qemu (DT) [ 2081.377588][ T4194] Call Trace: [ 2081.378899][ T4194] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2081.380515][ T4194] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2081.382002][ T4194] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2081.383927][ T4194] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2081.385236][ T4194] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2081.386612][ T4194] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2081.388838][ T4194] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2081.390387][ T4194] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2081.391823][ T4194] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2081.393111][ T4194] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2081.394474][ T4194] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2081.395895][ T4194] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2081.397680][ T4194] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2081.399962][ T4194] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2081.401415][ T4194] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2081.402808][ T4194] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2081.404955][ T4194] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2081.406173][ T4194] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2081.407569][ T4194] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2081.409538][ T4194] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2081.412242][ T4194] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2081.420349][ T4194] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:41 executing program 1 (fault-call:2 fault-nth:66): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:34:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x101040, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2086.023969][ T4199] FAULT_INJECTION: forcing a failure. [ 2086.023969][ T4199] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2086.027234][ T4199] CPU: 1 PID: 4199 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2086.029936][ T4199] Hardware name: riscv-virtio,qemu (DT) [ 2086.031113][ T4199] Call Trace: [ 2086.031986][ T4199] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2086.033718][ T4199] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2086.035169][ T4199] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2086.036713][ T4199] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2086.038448][ T4199] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2086.040448][ T4199] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2086.041949][ T4199] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2086.043341][ T4199] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2086.044778][ T4199] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2086.046239][ T4199] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2086.048046][ T4199] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2086.050128][ T4199] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2086.051644][ T4199] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2086.053118][ T4199] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2086.054661][ T4199] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2086.056815][ T4199] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2086.058946][ T4199] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2086.060320][ T4199] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2086.061793][ T4199] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2086.063226][ T4199] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2086.064536][ T4199] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2086.065858][ T4199] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:47 executing program 1 (fault-call:2 fault-nth:67): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2091.381119][ T4205] FAULT_INJECTION: forcing a failure. [ 2091.381119][ T4205] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2091.383084][ T4205] CPU: 1 PID: 4205 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2091.384755][ T4205] Hardware name: riscv-virtio,qemu (DT) [ 2091.385772][ T4205] Call Trace: [ 2091.386564][ T4205] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2091.389345][ T4205] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2091.390946][ T4205] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2091.392441][ T4205] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2091.393799][ T4205] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2091.395389][ T4205] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2091.397011][ T4205] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2091.399283][ T4205] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2091.400970][ T4205] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2091.402372][ T4205] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2091.403802][ T4205] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2091.405407][ T4205] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2091.407042][ T4205] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2091.409519][ T4205] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2091.411158][ T4205] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2091.412757][ T4205] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2091.414275][ T4205] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2091.415830][ T4205] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2091.417462][ T4205] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2091.418949][ T4205] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2091.420286][ T4205] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2091.421657][ T4205] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:49 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) syz_open_dev$ttys(0xc, 0x2, 0x1) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "ecd9160d3a9107f4", "1ca8d68261206769899e9029ae1805a18e4b1da631bdf29adf953dc811447534", "0dcb0d52", "5441833db1adc676"}, 0x38) 00:34:52 executing program 1 (fault-call:2 fault-nth:68): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2097.091129][ T4212] FAULT_INJECTION: forcing a failure. [ 2097.091129][ T4212] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2097.093408][ T4212] CPU: 1 PID: 4212 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2097.095656][ T4212] Hardware name: riscv-virtio,qemu (DT) [ 2097.097232][ T4212] Call Trace: [ 2097.098439][ T4212] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2097.099924][ T4212] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2097.101382][ T4212] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2097.102760][ T4212] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2097.104106][ T4212] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2097.106088][ T4212] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2097.107699][ T4212] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2097.109360][ T4212] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2097.110879][ T4212] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2097.112200][ T4212] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2097.113561][ T4212] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2097.115061][ T4212] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2097.116615][ T4212] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2097.118125][ T4212] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2097.119600][ T4212] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2097.121604][ T4212] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2097.123109][ T4212] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2097.124444][ T4212] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2097.125905][ T4212] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2097.127396][ T4212] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2097.129359][ T4212] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2097.130749][ T4212] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:34:56 executing program 0: r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) getpeername$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000001c0)=0x14) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'team_slave_1\x00', <r3=>0x0}) r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCADDRT(r4, 0x890b, &(0x7f00000001c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r3}) sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x4c, r0, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x800}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x10000}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4048000}, 0x8051) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r5, 0x540f, 0xea007) r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r5, 0x400, 0x0) fcntl$setlease(r6, 0x400, 0x0) close(r6) ioctl$TIOCCBRK(r5, 0x5428) 00:34:58 executing program 1 (fault-call:2 fault-nth:69): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2102.207004][ T4219] FAULT_INJECTION: forcing a failure. [ 2102.207004][ T4219] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2102.231758][ T4219] CPU: 1 PID: 4219 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2102.233386][ T4219] Hardware name: riscv-virtio,qemu (DT) [ 2102.234340][ T4219] Call Trace: [ 2102.235151][ T4219] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2102.236561][ T4219] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2102.238876][ T4219] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2102.240269][ T4219] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2102.241619][ T4219] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2102.243722][ T4219] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2102.245188][ T4219] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2102.246759][ T4219] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2102.249143][ T4219] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2102.251261][ T4219] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2102.252693][ T4219] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2102.254450][ T4219] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2102.255879][ T4219] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2102.257197][ T4219] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2102.258861][ T4219] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2102.261139][ T4219] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2102.262712][ T4219] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2102.264020][ T4219] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2102.265535][ T4219] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2102.266882][ T4219] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2102.268937][ T4219] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2102.270348][ T4219] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:03 executing program 1 (fault-call:2 fault-nth:70): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:03 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2107.892138][ T4226] FAULT_INJECTION: forcing a failure. [ 2107.892138][ T4226] name failslab, interval 1, probability 0, space 0, times 0 [ 2107.895528][ T4226] CPU: 1 PID: 4226 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2107.897221][ T4226] Hardware name: riscv-virtio,qemu (DT) [ 2107.898802][ T4226] Call Trace: [ 2107.899915][ T4226] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2107.901367][ T4226] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2107.902897][ T4226] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2107.904808][ T4226] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2107.906157][ T4226] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2107.907709][ T4226] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2107.909807][ T4226] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2107.911224][ T4226] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2107.912792][ T4226] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2107.914171][ T4226] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2107.915639][ T4226] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2107.917139][ T4226] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2107.919248][ T4226] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2107.920831][ T4226] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2107.922279][ T4226] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2107.924050][ T4226] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2107.925576][ T4226] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2107.927178][ T4226] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2107.928937][ T4226] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2107.930402][ T4226] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2107.932070][ T4226] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2107.933610][ T4226] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2107.935233][ T4226] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2107.936860][ T4226] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2107.938799][ T4226] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2107.940671][ T4226] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2107.942107][ T4226] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:11 executing program 1 (fault-call:2 fault-nth:71): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0x2) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2117.473126][ T4234] FAULT_INJECTION: forcing a failure. [ 2117.473126][ T4234] name failslab, interval 1, probability 0, space 0, times 0 [ 2117.475143][ T4234] CPU: 0 PID: 4234 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2117.477589][ T4234] Hardware name: riscv-virtio,qemu (DT) [ 2117.478698][ T4234] Call Trace: [ 2117.479638][ T4234] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2117.481004][ T4234] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2117.482135][ T4234] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2117.483262][ T4234] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2117.484606][ T4234] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2117.485770][ T4234] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2117.486884][ T4234] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2117.488100][ T4234] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2117.489606][ T4234] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2117.490683][ T4234] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2117.491869][ T4234] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2117.493106][ T4234] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2117.494306][ T4234] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2117.495521][ T4234] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2117.496596][ T4234] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2117.498113][ T4234] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2117.499310][ T4234] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2117.500551][ T4234] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2117.502121][ T4234] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2117.503316][ T4234] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2117.504578][ T4234] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2117.506400][ T4234] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2117.507964][ T4234] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2117.509306][ T4234] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2117.510461][ T4234] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2117.511539][ T4234] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2117.512674][ T4234] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$cgroup_ro(r1, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) ioctl$TCXONC(r2, 0x540a, 0x3) fcntl$setlease(r1, 0x400, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS64(r1, 0x80984120, &(0x7f00000000c0)) close(r1) 00:35:20 executing program 1 (fault-call:2 fault-nth:72): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2126.232521][ T4241] FAULT_INJECTION: forcing a failure. [ 2126.232521][ T4241] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2126.235053][ T4241] CPU: 1 PID: 4241 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2126.236733][ T4241] Hardware name: riscv-virtio,qemu (DT) [ 2126.238147][ T4241] Call Trace: [ 2126.239277][ T4241] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2126.240740][ T4241] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2126.242217][ T4241] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2126.244024][ T4241] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2126.245474][ T4241] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2126.246874][ T4241] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2126.250606][ T4241] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2126.252108][ T4241] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2126.253623][ T4241] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2126.254904][ T4241] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2126.256311][ T4241] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2126.258421][ T4241] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2126.260618][ T4241] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2126.262071][ T4241] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2126.263660][ T4241] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2126.265076][ T4241] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2126.266672][ T4241] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2126.268624][ T4241] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2126.270634][ T4241] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2126.272082][ T4241] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2126.273508][ T4241] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2126.274900][ T4241] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:28 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$int_in(r0, 0x5421, &(0x7f0000000000)=0x75) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:35:29 executing program 1 (fault-call:2 fault-nth:73): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2132.942064][ T4247] FAULT_INJECTION: forcing a failure. [ 2132.942064][ T4247] name failslab, interval 1, probability 0, space 0, times 0 [ 2132.944249][ T4247] CPU: 0 PID: 4247 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2132.945916][ T4247] Hardware name: riscv-virtio,qemu (DT) [ 2132.946957][ T4247] Call Trace: [ 2132.948172][ T4247] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2132.949836][ T4247] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2132.951346][ T4247] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2132.952767][ T4247] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2132.954009][ T4247] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2132.955377][ T4247] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2132.956707][ T4247] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2132.958655][ T4247] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2132.960105][ T4247] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2132.961525][ T4247] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2132.963010][ T4247] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2132.964512][ T4247] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2132.966011][ T4247] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2132.967598][ T4247] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2132.969079][ T4247] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2132.971588][ T4247] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2132.973222][ T4247] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2132.974732][ T4247] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2132.976107][ T4247] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2132.977614][ T4247] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2132.979994][ T4247] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2132.981546][ T4247] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2132.982999][ T4247] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2132.984536][ T4247] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2132.986071][ T4247] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2132.987414][ T4247] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2132.988810][ T4247] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:33 executing program 1 (fault-call:2 fault-nth:74): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) ioctl$BTRFS_IOC_LOGICAL_INO_V2(r2, 0xc038943b, &(0x7f0000000040)={0xbb, 0x20, '\x00', 0x0, &(0x7f0000000000)=[0x0, 0x0, 0x0, 0x0]}) [ 2137.351995][ T4251] FAULT_INJECTION: forcing a failure. [ 2137.351995][ T4251] name failslab, interval 1, probability 0, space 0, times 0 [ 2137.374362][ T4251] CPU: 0 PID: 4251 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2137.376183][ T4251] Hardware name: riscv-virtio,qemu (DT) [ 2137.377192][ T4251] Call Trace: [ 2137.378424][ T4251] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2137.379831][ T4251] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2137.381149][ T4251] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2137.382390][ T4251] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2137.383649][ T4251] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2137.385071][ T4251] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2137.386330][ T4251] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2137.388130][ T4251] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2137.390546][ T4251] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2137.391808][ T4251] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2137.393157][ T4251] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2137.394543][ T4251] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2137.395921][ T4251] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2137.397474][ T4251] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2137.399617][ T4251] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2137.400996][ T4251] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2137.402319][ T4251] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2137.403676][ T4251] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2137.404927][ T4251] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2137.406261][ T4251] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2137.408078][ T4251] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2137.410374][ T4251] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2137.412117][ T4251] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2137.416415][ T4251] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2137.418688][ T4251] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2137.420058][ T4251] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2137.421408][ T4251] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:38 executing program 1 (fault-call:2 fault-nth:75): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) ioctl$IOC_PR_RELEASE(r2, 0x401070ca, &(0x7f0000000000)={0x0, 0xff, 0x1}) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2142.440686][ T4258] FAULT_INJECTION: forcing a failure. [ 2142.440686][ T4258] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2142.444006][ T4258] CPU: 0 PID: 4258 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2142.445590][ T4258] Hardware name: riscv-virtio,qemu (DT) [ 2142.446572][ T4258] Call Trace: [ 2142.447466][ T4258] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2142.449548][ T4258] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2142.450909][ T4258] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2142.452200][ T4258] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2142.454016][ T4258] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2142.455403][ T4258] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2142.456911][ T4258] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2142.458967][ T4258] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2142.460643][ T4258] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 2142.462110][ T4258] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 2142.463524][ T4258] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 2142.465008][ T4258] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 2142.466566][ T4258] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2142.468543][ T4258] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2142.470076][ T4258] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2142.471757][ T4258] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2142.473850][ T4258] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2142.475372][ T4258] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2142.476717][ T4258] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2142.478592][ T4258] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2142.480568][ T4258] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2142.482052][ T4258] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2142.483339][ T4258] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2142.484786][ T4258] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2142.486197][ T4258] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2142.487897][ T4258] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2142.489409][ T4258] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2142.490948][ T4258] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2142.492703][ T4258] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2142.494047][ T4258] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2142.495491][ T4258] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:43 executing program 1 (fault-call:2 fault-nth:76): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:44 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10) readv(r2, &(0x7f0000000240)=[{&(0x7f00000000c0)=""/36, 0x24}, {&(0x7f0000000100)=""/4, 0x4}, {&(0x7f0000000140)=""/254, 0xfe}, {&(0x7f00000005c0)=""/4096, 0x1000}], 0x4) [ 2147.065528][ T4264] FAULT_INJECTION: forcing a failure. [ 2147.065528][ T4264] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2147.067378][ T4264] CPU: 1 PID: 4264 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2147.068898][ T4264] Hardware name: riscv-virtio,qemu (DT) [ 2147.070089][ T4264] Call Trace: [ 2147.070862][ T4264] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2147.072157][ T4264] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2147.073473][ T4264] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2147.074541][ T4264] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2147.075819][ T4264] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2147.077211][ T4264] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2147.078567][ T4264] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2147.080008][ T4264] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2147.081209][ T4264] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2147.082142][ T4264] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2147.083585][ T4264] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2147.084794][ T4264] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2147.085997][ T4264] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2147.087022][ T4264] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2147.088490][ T4264] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2147.090343][ T4264] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2147.091909][ T4264] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2147.093253][ T4264] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2147.094827][ T4264] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2147.096939][ T4264] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2147.098782][ T4264] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2147.100344][ T4264] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:48 executing program 1 (fault-call:2 fault-nth:77): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:50 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$TCXONC(r0, 0x540a, 0x2) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(0xffffffffffffffff) ioctl$TCXONC(r0, 0x540a, 0x3) [ 2152.288880][ T4270] FAULT_INJECTION: forcing a failure. [ 2152.288880][ T4270] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2152.290421][ T4270] CPU: 1 PID: 4270 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2152.291501][ T4270] Hardware name: riscv-virtio,qemu (DT) [ 2152.292358][ T4270] Call Trace: [ 2152.293067][ T4270] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2152.293995][ T4270] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2152.294862][ T4270] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2152.295739][ T4270] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2152.296828][ T4270] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2152.298155][ T4270] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2152.299481][ T4270] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2152.300765][ T4270] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2152.301769][ T4270] [<ffffffe00096164e>] push_pipe+0x190/0x33c [ 2152.302650][ T4270] [<ffffffe000969bd6>] iov_iter_get_pages+0x452/0x800 [ 2152.303560][ T4270] [<ffffffe0008bc888>] bio_iov_iter_get_pages+0x130/0x89e [ 2152.304569][ T4270] [<ffffffe000492e4c>] __blkdev_direct_IO_simple+0x1ca/0x4f0 [ 2152.305555][ T4270] [<ffffffe0004941d8>] blkdev_direct_IO+0x99a/0x9fa [ 2152.306484][ T4270] [<ffffffe0002abc4c>] generic_file_read_iter+0x174/0x2e6 [ 2152.307582][ T4270] [<ffffffe00049269e>] blkdev_read_iter+0xa2/0xd2 [ 2152.308780][ T4270] [<ffffffe000473840>] generic_file_splice_read+0x210/0x35a [ 2152.309862][ T4270] [<ffffffe000472f0c>] do_splice_to+0xea/0x140 [ 2152.310746][ T4270] [<ffffffe0004730ae>] splice_direct_to_actor+0x14c/0x3fa [ 2152.311738][ T4270] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2152.312728][ T4270] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2152.313593][ T4270] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2152.314560][ T4270] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:53 executing program 1 (fault-call:2 fault-nth:78): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:35:55 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r0, 0x400, 0x0) close(r0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) ioctl$TCXONC(r2, 0x540a, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r3, 0x540f, 0xea007) ioctl$TCXONC(r3, 0x540f, 0x1) r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) flock(r1, 0x2) fcntl$setlease(r4, 0x400, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000000)='auxv\x00') ioctl$VT_WAITACTIVE(r5, 0x5607) close(r4) [ 2158.032656][ T4276] FAULT_INJECTION: forcing a failure. [ 2158.032656][ T4276] name failslab, interval 1, probability 0, space 0, times 0 [ 2158.034801][ T4276] CPU: 0 PID: 4276 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2158.036895][ T4276] Hardware name: riscv-virtio,qemu (DT) [ 2158.038459][ T4276] Call Trace: [ 2158.039558][ T4276] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2158.041668][ T4276] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2158.043094][ T4276] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2158.044497][ T4276] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2158.045793][ T4276] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2158.047191][ T4276] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2158.049242][ T4276] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2158.050713][ T4276] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2158.052316][ T4276] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2158.054230][ T4276] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2158.055786][ T4276] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2158.057999][ T4276] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2158.060182][ T4276] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2158.061787][ T4276] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2158.063069][ T4276] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2158.064421][ T4276] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2158.065776][ T4276] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2158.067187][ T4276] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2158.069129][ T4276] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2158.070677][ T4276] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2158.072128][ T4276] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2158.073650][ T4276] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2158.075065][ T4276] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2158.076524][ T4276] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2158.078657][ T4276] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2158.080768][ T4276] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2158.082185][ T4276] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:35:58 executing program 1 (fault-call:2 fault-nth:79): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2162.369941][ T4283] FAULT_INJECTION: forcing a failure. [ 2162.369941][ T4283] name failslab, interval 1, probability 0, space 0, times 0 [ 2162.371328][ T4283] CPU: 1 PID: 4283 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2162.372268][ T4283] Hardware name: riscv-virtio,qemu (DT) [ 2162.372897][ T4283] Call Trace: [ 2162.373496][ T4283] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2162.374378][ T4283] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2162.375172][ T4283] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2162.375942][ T4283] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2162.376744][ T4283] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2162.378029][ T4283] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2162.379266][ T4283] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2162.380095][ T4283] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2162.381037][ T4283] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2162.381931][ T4283] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2162.383205][ T4283] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2162.384407][ T4283] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2162.385570][ T4283] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2162.387157][ T4283] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2162.388584][ T4283] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2162.389988][ T4283] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2162.390843][ T4283] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2162.391773][ T4283] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2162.393008][ T4283] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2162.394561][ T4283] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2162.395537][ T4283] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2162.396595][ T4283] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2162.397789][ T4283] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2162.398956][ T4283] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2162.399981][ T4283] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2162.400947][ T4283] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2162.402485][ T4283] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:00 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f00000000c0)) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000040)) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) ioctl$TCXONC(r1, 0x540a, 0x0) ioctl$KIOCSOUND(r2, 0x4b2f, 0x6) fcntl$setlease(r1, 0x400, 0x0) close(r1) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) 00:36:02 executing program 1 (fault-call:2 fault-nth:80): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2166.322267][ T4289] FAULT_INJECTION: forcing a failure. [ 2166.322267][ T4289] name failslab, interval 1, probability 0, space 0, times 0 [ 2166.324586][ T4289] CPU: 1 PID: 4289 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2166.327490][ T4289] Hardware name: riscv-virtio,qemu (DT) [ 2166.329392][ T4289] Call Trace: [ 2166.330806][ T4289] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2166.332350][ T4289] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2166.333946][ T4289] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2166.336155][ T4289] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2166.338120][ T4289] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2166.340507][ T4289] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2166.341960][ T4289] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2166.343401][ T4289] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2166.345020][ T4289] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2166.346404][ T4289] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2166.348365][ T4289] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2166.350786][ T4289] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2166.352996][ T4289] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2166.354634][ T4289] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2166.356192][ T4289] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2166.357912][ T4289] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2166.360018][ T4289] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2166.361541][ T4289] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2166.362910][ T4289] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2166.364425][ T4289] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2166.365911][ T4289] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2166.367539][ T4289] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2166.369962][ T4289] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2166.371541][ T4289] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2166.373031][ T4289] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2166.374412][ T4289] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2166.375819][ T4289] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:06 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r1, 0x400454d0, 0xffffffffffffffff) ioctl$F2FS_IOC_DEFRAGMENT(r1, 0xc010f508, &(0x7f0000000040)={0x5, 0x8001}) ioctl$TCXONC(r0, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r3 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000000), 0x303881, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r0, 0x660c) ioctl$TCXONC(r3, 0x540a, 0x2) fcntl$setlease(r2, 0x400, 0x0) ioctl$GIO_SCRNMAP(r2, 0x4b40, &(0x7f00000000c0)=""/215) close(r2) 00:36:07 executing program 1 (fault-call:2 fault-nth:81): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2171.316267][ T4293] FAULT_INJECTION: forcing a failure. [ 2171.316267][ T4293] name failslab, interval 1, probability 0, space 0, times 0 [ 2171.321659][ T4293] CPU: 1 PID: 4293 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2171.323498][ T4293] Hardware name: riscv-virtio,qemu (DT) [ 2171.325005][ T4293] Call Trace: [ 2171.325932][ T4293] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2171.327403][ T4293] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2171.329263][ T4293] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2171.330644][ T4293] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2171.332034][ T4293] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2171.333522][ T4293] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2171.335164][ T4293] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2171.336589][ T4293] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 2171.338529][ T4293] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 2171.340112][ T4293] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 2171.341612][ T4293] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 2171.343408][ T4293] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2171.345104][ T4293] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2171.346745][ T4293] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2171.348682][ T4293] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2171.350099][ T4293] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2171.351514][ T4293] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2171.352795][ T4293] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2171.354052][ T4293] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2171.355967][ T4293] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2171.357581][ T4293] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2171.359668][ T4293] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2171.361301][ T4293] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2171.363301][ T4293] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2171.364738][ T4293] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2171.366146][ T4293] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2171.367858][ T4293] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2171.369992][ T4293] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2171.371379][ T4293] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2171.373156][ T4293] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:11 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) ioctl$VT_ACTIVATE(r2, 0x5606, 0x6) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:36:12 executing program 1 (fault-call:2 fault-nth:82): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2176.341181][ T4299] FAULT_INJECTION: forcing a failure. [ 2176.341181][ T4299] name failslab, interval 1, probability 0, space 0, times 0 [ 2176.343196][ T4299] CPU: 0 PID: 4299 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2176.345129][ T4299] Hardware name: riscv-virtio,qemu (DT) [ 2176.345922][ T4299] Call Trace: [ 2176.346472][ T4299] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2176.347503][ T4299] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2176.349150][ T4299] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2176.350446][ T4299] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2176.351675][ T4299] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2176.353005][ T4299] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2176.354056][ T4299] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2176.354967][ T4299] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 2176.355924][ T4299] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 2176.357010][ T4299] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 2176.358288][ T4299] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 2176.359722][ T4299] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2176.360671][ T4299] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2176.361611][ T4299] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2176.362685][ T4299] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2176.363676][ T4299] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2176.365060][ T4299] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2176.366087][ T4299] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2176.367048][ T4299] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2176.368235][ T4299] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2176.369300][ T4299] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2176.370159][ T4299] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2176.371060][ T4299] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2176.372022][ T4299] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2176.373018][ T4299] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2176.374060][ T4299] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2176.375045][ T4299] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2176.376144][ T4299] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2176.377460][ T4299] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2176.378844][ T4299] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:16 executing program 1 (fault-call:2 fault-nth:83): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:36:17 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) recvmmsg(r1, &(0x7f0000000300)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/134, 0x86}, {&(0x7f0000000100)=""/124, 0x7c}, {&(0x7f0000000180)=""/245, 0xf5}], 0x3, &(0x7f00000002c0)=""/21, 0x15}, 0x1f}], 0x1, 0x40000000, &(0x7f0000000340)) fcntl$setpipe(r0, 0x407, 0x2) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) [ 2181.259535][ T4304] FAULT_INJECTION: forcing a failure. [ 2181.259535][ T4304] name failslab, interval 1, probability 0, space 0, times 0 [ 2181.261761][ T4304] CPU: 1 PID: 4304 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2181.263373][ T4304] Hardware name: riscv-virtio,qemu (DT) [ 2181.264368][ T4304] Call Trace: [ 2181.265224][ T4304] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2181.266647][ T4304] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2181.268651][ T4304] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2181.270601][ T4304] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2181.271951][ T4304] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2181.273373][ T4304] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2181.274823][ T4304] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2181.276744][ T4304] [<ffffffe0003b8028>] __kmalloc_node_track_caller+0x70/0x378 [ 2181.278959][ T4304] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2181.280835][ T4304] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2181.282269][ T4304] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2181.283797][ T4304] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2181.285356][ T4304] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2181.286825][ T4304] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2181.288642][ T4304] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2181.290549][ T4304] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2181.291976][ T4304] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2181.293385][ T4304] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2181.294667][ T4304] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2181.295971][ T4304] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2181.297509][ T4304] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2181.301048][ T4304] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2181.302432][ T4304] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2181.306180][ T4304] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2181.309914][ T4304] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2181.313561][ T4304] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2181.315560][ T4304] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:21 executing program 1 (fault-call:2 fault-nth:84): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:36:22 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x220040, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x3) fcntl$setlease(0xffffffffffffffff, 0x400, 0x0) close(0xffffffffffffffff) [ 2186.340413][ T4310] FAULT_INJECTION: forcing a failure. [ 2186.340413][ T4310] name failslab, interval 1, probability 0, space 0, times 0 [ 2186.342477][ T4310] CPU: 0 PID: 4310 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2186.344114][ T4310] Hardware name: riscv-virtio,qemu (DT) [ 2186.345456][ T4310] Call Trace: [ 2186.346448][ T4310] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2186.348303][ T4310] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2186.350151][ T4310] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2186.351398][ T4310] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2186.352747][ T4310] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2186.354640][ T4310] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2186.355913][ T4310] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2186.357215][ T4310] [<ffffffe0003b83a0>] __kmalloc_node+0x70/0x386 [ 2186.359061][ T4310] [<ffffffe0003d6c38>] memcg_alloc_page_obj_cgroups+0x42/0xa0 [ 2186.360641][ T4310] [<ffffffe0003b36ee>] memcg_slab_post_alloc_hook+0x88/0x46a [ 2186.362029][ T4310] [<ffffffe0003b815a>] __kmalloc_node_track_caller+0x1a2/0x378 [ 2186.363459][ T4310] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2186.364873][ T4310] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2186.366716][ T4310] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2186.368548][ T4310] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2186.370484][ T4310] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2186.371932][ T4310] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2186.373195][ T4310] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2186.374409][ T4310] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2186.375783][ T4310] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2186.377131][ T4310] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2186.378871][ T4310] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2186.380512][ T4310] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2186.381961][ T4310] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2186.383916][ T4310] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2186.385444][ T4310] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2186.387507][ T4310] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2186.389468][ T4310] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2186.390801][ T4310] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2186.392289][ T4310] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:26 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x24, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_VFINFO_LIST={0x4}]}, 0x24}}, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@ipv6_deladdr={0x2c, 0x15, 0x400, 0x70bd2d, 0x25dfdbfb, {0xa, 0x10, 0x40}, [@IFA_LOCAL={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20048011}, 0x20000085) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r4=>0x0}) sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0xfffffffffffffde7, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xffffffffffffff4f}]}]}]}, 0x34}}, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r7=>0x0}) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@setlink={0x34, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_VFINFO_LIST={0x14, 0x16, 0x0, 0x1, [{0xfffffffffffffde7, 0x1, 0x0, 0x1, [@IFLA_VF_LINK_STATE={0xffffffffffffff4f}]}]}]}, 0x34}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000400)={'syztnl1\x00', &(0x7f0000000380)={'ip6_vti0\x00', <r8=>0x0, 0x29, 0x7, 0x0, 0x9, 0x1b, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7, 0x10, 0x6ea, 0xfff}}) socket$nl_route(0x10, 0x3, 0x0) r9 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r10=>0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002600)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000025c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="38010000550002002bbd7000fddbdf2507000000", @ANYRES32=0x0, @ANYBLOB="20000100", @ANYRES32=0x0, @ANYBLOB="00020400ac1e010100000000000000000000000086dd000020000100", @ANYRESDEC=r2, @ANYBLOB="010201007f00000100000000000000000000000086dd000020000100", @ANYRES32=0x0, @ANYBLOB="01020100ac1414bb0000000000000000000000000800000020000100", @ANYRES32=r4, @ANYBLOB="00030400fc0200000000000000000000000000018edd000020000100", @ANYRES32=r7, @ANYRESHEX, @ANYRES32=r8, @ANYBLOB="040104fe8000000000aa00000000200001c0", @ANYRES32=r4, @ANYBLOB="01010400ac1414bb000000000000000000000000436e000020000100", @ANYRES32=0x0, @ANYBLOB="01030000fe8000000000000000000000000000aa8edd000020000100", @ANYRES32=r10, @ANYBLOB="0102020000000000000000000000ffff64010102080000e6"], 0x138}}, 0x48080) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:36:27 executing program 1 (fault-call:2 fault-nth:85): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2191.781256][ T4316] FAULT_INJECTION: forcing a failure. [ 2191.781256][ T4316] name failslab, interval 1, probability 0, space 0, times 0 [ 2191.783610][ T4316] CPU: 0 PID: 4316 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2191.785276][ T4316] Hardware name: riscv-virtio,qemu (DT) [ 2191.786264][ T4316] Call Trace: [ 2191.787531][ T4316] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2191.789800][ T4316] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2191.791159][ T4316] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2191.792455][ T4316] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2191.793692][ T4316] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2191.795194][ T4316] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2191.796644][ T4316] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2191.798656][ T4316] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2191.800233][ T4316] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2191.801573][ T4316] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2191.803889][ T4316] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2191.805422][ T4316] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2191.807263][ T4316] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2191.809771][ T4316] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2191.811095][ T4316] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2191.812504][ T4316] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2191.814731][ T4316] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2191.816195][ T4316] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2191.817678][ T4316] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2191.819762][ T4316] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2191.821167][ T4316] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2191.822735][ T4316] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2191.825072][ T4316] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2191.826577][ T4316] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2191.828655][ T4316] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2191.830093][ T4316] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2191.831314][ T4316] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:34 executing program 0: openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) ioctl$TCXONC(r0, 0x540f, 0x0) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:36:34 executing program 1 (fault-call:2 fault-nth:86): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2198.670468][ T4330] FAULT_INJECTION: forcing a failure. [ 2198.670468][ T4330] name failslab, interval 1, probability 0, space 0, times 0 [ 2198.673792][ T4330] CPU: 0 PID: 4330 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2198.675264][ T4330] Hardware name: riscv-virtio,qemu (DT) [ 2198.676187][ T4330] Call Trace: [ 2198.677003][ T4330] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2198.679013][ T4330] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2198.680338][ T4330] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2198.681603][ T4330] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2198.682831][ T4330] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2198.684949][ T4330] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2198.686227][ T4330] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2198.687589][ T4330] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2198.689748][ T4330] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2198.691008][ T4330] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2198.692365][ T4330] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2198.693829][ T4330] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2198.695203][ T4330] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2198.697316][ T4330] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2198.699248][ T4330] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2198.700543][ T4330] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2198.701863][ T4330] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2198.703187][ T4330] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2198.704430][ T4330] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2198.705720][ T4330] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2198.707058][ T4330] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2198.709245][ T4330] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2198.710657][ T4330] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2198.712074][ T4330] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2198.714265][ T4330] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2198.715582][ T4330] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2198.717663][ T4330] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:38 executing program 1 (fault-call:2 fault-nth:87): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:36:39 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) preadv(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/11, 0xb}, {&(0x7f00000000c0)=""/111, 0x6f}, {&(0x7f0000000140)=""/160, 0xa0}, {&(0x7f0000000200)=""/235, 0xeb}, {&(0x7f0000000300)=""/153, 0x99}, {&(0x7f00000003c0)=""/176, 0xb0}, {&(0x7f0000000480)=""/107, 0x6b}, {&(0x7f0000000500)=""/120, 0x78}], 0x8, 0x6, 0x1) [ 2202.402787][ T4334] FAULT_INJECTION: forcing a failure. [ 2202.402787][ T4334] name failslab, interval 1, probability 0, space 0, times 0 [ 2202.405014][ T4334] CPU: 1 PID: 4334 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2202.406587][ T4334] Hardware name: riscv-virtio,qemu (DT) [ 2202.407881][ T4334] Call Trace: [ 2202.409118][ T4334] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2202.410571][ T4334] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2202.411905][ T4334] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2202.413436][ T4334] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2202.415461][ T4334] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2202.417038][ T4334] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2202.419199][ T4334] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2202.421260][ T4334] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2202.422778][ T4334] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2202.424207][ T4334] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2202.426478][ T4334] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2202.428837][ T4334] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2202.430389][ T4334] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2202.431932][ T4334] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2202.433411][ T4334] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2202.435279][ T4334] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2202.436898][ T4334] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2202.439257][ T4334] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2202.441377][ T4334] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2202.442811][ T4334] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2202.444297][ T4334] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2202.445793][ T4334] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2202.447264][ T4334] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2202.449620][ T4334] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2202.451078][ T4334] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2202.452453][ T4334] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2202.453926][ T4334] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:42 executing program 1 (fault-call:2 fault-nth:88): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2206.736331][ T4340] FAULT_INJECTION: forcing a failure. [ 2206.736331][ T4340] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2206.753233][ T4340] CPU: 1 PID: 4340 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2206.755133][ T4340] Hardware name: riscv-virtio,qemu (DT) [ 2206.756170][ T4340] Call Trace: [ 2206.757043][ T4340] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2206.759324][ T4340] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2206.760740][ T4340] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2206.762025][ T4340] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2206.763320][ T4340] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2206.764758][ T4340] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2206.766184][ T4340] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2206.767798][ T4340] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2206.769295][ T4340] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 2206.770590][ T4340] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 2206.771924][ T4340] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 2206.773397][ T4340] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 2206.774959][ T4340] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2206.776291][ T4340] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2206.777805][ T4340] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2206.779252][ T4340] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2206.780705][ T4340] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2206.782717][ T4340] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2206.784037][ T4340] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2206.785417][ T4340] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2206.786832][ T4340] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2206.789054][ T4340] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2206.790485][ T4340] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2206.791868][ T4340] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2206.793354][ T4340] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2206.794814][ T4340] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2206.796239][ T4340] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2206.798277][ T4340] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2206.800407][ T4340] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2206.801749][ T4340] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2206.803113][ T4340] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:46 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x9800) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TCXONC(r0, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0) fcntl$setlease(r2, 0x400, 0x0) close(r2) prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r0) 00:36:47 executing program 1 (fault-call:2 fault-nth:89): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2211.595039][ T4346] FAULT_INJECTION: forcing a failure. [ 2211.595039][ T4346] name failslab, interval 1, probability 0, space 0, times 0 [ 2211.601862][ T4346] CPU: 1 PID: 4346 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2211.603398][ T4346] Hardware name: riscv-virtio,qemu (DT) [ 2211.604358][ T4346] Call Trace: [ 2211.605151][ T4346] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2211.606491][ T4346] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2211.608975][ T4346] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2211.610802][ T4346] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2211.612322][ T4346] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2211.614335][ T4346] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2211.616543][ T4346] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2211.618838][ T4346] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2211.620560][ T4346] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2211.622004][ T4346] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2211.623712][ T4346] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2211.625349][ T4346] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2211.626897][ T4346] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2211.629295][ T4346] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2211.630893][ T4346] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2211.632514][ T4346] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2211.634170][ T4346] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2211.636461][ T4346] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2211.638569][ T4346] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2211.640143][ T4346] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2211.641980][ T4346] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2211.644206][ T4346] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2211.645785][ T4346] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2211.647536][ T4346] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2211.649595][ T4346] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2211.651008][ T4346] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2211.652493][ T4346] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:51 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:36:52 executing program 1 (fault-call:2 fault-nth:90): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2216.460490][ T4350] FAULT_INJECTION: forcing a failure. [ 2216.460490][ T4350] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2216.462788][ T4350] CPU: 1 PID: 4350 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2216.464307][ T4350] Hardware name: riscv-virtio,qemu (DT) [ 2216.465311][ T4350] Call Trace: [ 2216.466104][ T4350] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2216.467572][ T4350] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2216.469361][ T4350] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2216.470659][ T4350] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2216.471858][ T4350] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2216.473848][ T4350] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2216.475273][ T4350] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2216.476743][ T4350] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2216.478917][ T4350] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 2216.480442][ T4350] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 2216.481983][ T4350] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 2216.483491][ T4350] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 2216.485181][ T4350] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2216.487213][ T4350] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2216.489389][ T4350] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2216.490996][ T4350] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2216.493157][ T4350] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2216.494653][ T4350] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2216.496003][ T4350] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2216.497460][ T4350] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2216.498891][ T4350] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2216.500221][ T4350] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2216.501524][ T4350] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2216.502909][ T4350] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2216.504307][ T4350] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2216.505753][ T4350] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2216.507166][ T4350] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2216.509412][ T4350] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2216.510836][ T4350] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2216.512256][ T4350] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2216.514414][ T4350] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:36:56 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x7, 0x4, 0x20, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffd}, 0x40) bpf$MAP_CREATE(0x0, &(0x7f0000000080)={0x7, 0x4, 0x20, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x800000}, 0x40) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) 00:36:57 executing program 1 (fault-call:2 fault-nth:91): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2221.763295][ T4356] FAULT_INJECTION: forcing a failure. [ 2221.763295][ T4356] name failslab, interval 1, probability 0, space 0, times 0 [ 2221.765559][ T4356] CPU: 1 PID: 4356 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2221.767229][ T4356] Hardware name: riscv-virtio,qemu (DT) [ 2221.769261][ T4356] Call Trace: [ 2221.770225][ T4356] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2221.771738][ T4356] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2221.773162][ T4356] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2221.774467][ T4356] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2221.775762][ T4356] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2221.777270][ T4356] [<ffffffe0003bf304>] __should_failslab+0x62/0x82 [ 2221.779564][ T4356] [<ffffffe000312bdc>] should_failslab+0xc/0x1c [ 2221.780969][ T4356] [<ffffffe0003b9072>] kmem_cache_alloc_node+0x5e/0x404 [ 2221.782503][ T4356] [<ffffffe0020ff484>] __alloc_skb+0x344/0x3a4 [ 2221.783817][ T4356] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2221.785322][ T4356] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2221.786786][ T4356] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2221.788931][ T4356] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2221.790420][ T4356] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2221.791756][ T4356] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2221.794291][ T4356] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2221.795888][ T4356] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2221.797365][ T4356] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2221.799515][ T4356] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2221.800977][ T4356] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2221.802394][ T4356] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2221.803816][ T4356] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2221.806481][ T4356] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2221.808095][ T4356] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2221.809531][ T4356] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2221.810874][ T4356] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2221.812259][ T4356] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 00:37:01 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r1, 0x400454ca, &(0x7f0000000240)={'netdevsim0\x00'}) ioctl$TUNSETTXFILTER(r1, 0x400454d0, 0xffffffffffffffff) fsetxattr$trusted_overlay_opaque(r1, &(0x7f00000001c0), &(0x7f0000000200), 0x2, 0x3) ioctl$TCXONC(r0, 0x540f, 0xea007) r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454ca, &(0x7f0000000280)={'erspan0\x00'}) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'veth1_to_hsr\x00'}) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/module/rcutree', 0x52a03, 0x20) close_range(r3, r4, 0x0) ioctl$TUNSETTXFILTER(r3, 0x400454d0, 0xffffffffffffffff) fcntl$setlease(r3, 0x400, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x38140, 0x0) close(r0) r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1, 0x3) ioctl$LOOP_CHANGE_FD(r2, 0x4c06, r5) read$hiddev(r2, &(0x7f0000000040)=""/38, 0x26) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) 00:37:02 executing program 1 (fault-call:2 fault-nth:92): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) [ 2227.009387][ T4362] FAULT_INJECTION: forcing a failure. [ 2227.009387][ T4362] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 2227.016520][ T4362] CPU: 1 PID: 4362 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.019558][ T4362] Hardware name: riscv-virtio,qemu (DT) [ 2227.020550][ T4362] Call Trace: [ 2227.021548][ T4362] [<ffffffe000009708>] walk_stackframe+0x0/0x23c [ 2227.022489][ T4362] [<ffffffe002a5dd2a>] dump_backtrace+0x40/0x4e [ 2227.023357][ T4362] [<ffffffe002a5dd5a>] show_stack+0x22/0x2e [ 2227.024206][ T4362] [<ffffffe002a67574>] dump_stack+0x148/0x1d8 [ 2227.025118][ T4362] [<ffffffe000a3a078>] should_fail+0x250/0x252 [ 2227.026106][ T4362] [<ffffffe00036ceac>] should_fail_alloc_page+0x54/0x62 [ 2227.027042][ T4362] [<ffffffe00036ffd0>] __alloc_pages_nodemask+0xf6/0x480 [ 2227.028488][ T4362] [<ffffffe0003a30fa>] alloc_pages_current+0x114/0x234 [ 2227.029804][ T4362] [<ffffffe0003b3d52>] allocate_slab+0x282/0x406 [ 2227.030764][ T4362] [<ffffffe0003b7a54>] ___slab_alloc+0x2fc/0x4d8 [ 2227.031666][ T4362] [<ffffffe0003b7f8e>] __slab_alloc.constprop.0+0xa4/0xce [ 2227.032721][ T4362] [<ffffffe0003b81ac>] __kmalloc_node_track_caller+0x1f4/0x378 [ 2227.034028][ T4362] [<ffffffe0020ff22e>] __alloc_skb+0xee/0x3a4 [ 2227.034905][ T4362] [<ffffffe00210bbb0>] alloc_skb_with_frags+0x78/0x2fc [ 2227.036173][ T4362] [<ffffffe0020eed50>] sock_alloc_send_pskb+0x476/0x498 [ 2227.038237][ T4362] [<ffffffe0026821b0>] unix_dgram_sendmsg+0x232/0xecc [ 2227.040235][ T4362] [<ffffffe002682f02>] unix_seqpacket_sendmsg+0xb8/0x112 [ 2227.041634][ T4362] [<ffffffe0020e4348>] sock_sendmsg+0xa0/0xc4 [ 2227.042550][ T4362] [<ffffffe0020e459e>] kernel_sendmsg+0x40/0x52 [ 2227.043441][ T4362] [<ffffffe0020eb1da>] sock_no_sendpage+0xb2/0xda [ 2227.044883][ T4362] [<ffffffe0020e3e80>] kernel_sendpage.part.0+0x16c/0x21c [ 2227.045974][ T4362] [<ffffffe0020e4e12>] sock_sendpage+0x88/0xc4 [ 2227.046859][ T4362] [<ffffffe0004723be>] pipe_to_sendpage+0xda/0x15e [ 2227.048155][ T4362] [<ffffffe000474a22>] __splice_from_pipe+0x2b2/0x472 [ 2227.049550][ T4362] [<ffffffe000475234>] generic_splice_sendpage+0x7c/0xb0 [ 2227.051598][ T4362] [<ffffffe000473a04>] direct_splice_actor+0x7a/0xb6 [ 2227.052991][ T4362] [<ffffffe000473112>] splice_direct_to_actor+0x1b0/0x3fa [ 2227.054542][ T4362] [<ffffffe000473448>] do_splice_direct+0xec/0x150 [ 2227.055864][ T4362] [<ffffffe0003fb0e8>] do_sendfile+0x592/0x674 [ 2227.056802][ T4362] [<ffffffe0003fcef4>] sys_sendfile64+0x122/0x12e [ 2227.058023][ T4362] [<ffffffe000005578>] ret_from_syscall+0x0/0x2 [ 2227.062928][ C1] ------------[ cut here ]------------ [ 2227.063855][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.065351][ C1] Modules linked in: [ 2227.066585][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Not tainted 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.069860][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.070886][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.071921][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.072881][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c2e60 [ 2227.073734][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.074579][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe00a7c2ea0 [ 2227.075908][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.077119][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.078831][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.080628][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2227.081719][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.082693][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.083668][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f85cb [ 2227.084683][ C1] t5 : ffffffc4014f85cd t6 : ffffffe00a7c2e68 [ 2227.085520][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.086570][ C1] Call Trace: [ 2227.087275][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.089183][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.090263][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.091256][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.092412][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.093475][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.094512][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.095487][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.096608][ C1] [<ffffffe002a675ec>] dump_stack+0x1c0/0x1d8 [ 2227.098280][ C1] irq event stamp: 2768 [ 2227.099314][ C1] hardirqs last enabled at (2767): [<ffffffe002a675b8>] dump_stack+0x18c/0x1d8 [ 2227.101545][ C1] hardirqs last disabled at (2768): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.102723][ C1] softirqs last enabled at (2686): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.104021][ C1] softirqs last disabled at (2657): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.105916][ C1] ---[ end trace 81844a727c8d6587 ]--- [ 2227.110093][ C1] ------------[ cut here ]------------ [ 2227.110879][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.112098][ C1] Modules linked in: [ 2227.112985][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.114088][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.114800][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.115755][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.116761][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c2e60 [ 2227.118103][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.119346][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe00a7c2ea0 [ 2227.120670][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.121819][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.122682][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.123830][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2227.124648][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.125456][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.126280][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f85cb [ 2227.127067][ C1] t5 : ffffffc4014f85cd t6 : ffffffe00a7c2e68 [ 2227.128043][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.129253][ C1] Call Trace: [ 2227.129970][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.130974][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.131965][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.132972][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.133855][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.134757][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.135714][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.136700][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.137890][ C1] [<ffffffe002a675ec>] dump_stack+0x1c0/0x1d8 [ 2227.138957][ C1] irq event stamp: 2768 [ 2227.139768][ C1] hardirqs last enabled at (2767): [<ffffffe002a675b8>] dump_stack+0x18c/0x1d8 [ 2227.140755][ C1] hardirqs last disabled at (2768): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.141789][ C1] softirqs last enabled at (2686): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.142896][ C1] softirqs last disabled at (2657): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.144315][ C1] ---[ end trace 81844a727c8d6588 ]--- [ 2227.147436][ C1] ------------[ cut here ]------------ [ 2227.148488][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.150358][ C1] Modules linked in: [ 2227.151317][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.152507][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.153160][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.153987][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.154846][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c2e60 [ 2227.156232][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.157585][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe00a7c2ea0 [ 2227.158821][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.160088][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.160982][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.161789][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2227.162726][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.164043][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.165155][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f85cb [ 2227.166071][ C1] t5 : ffffffc4014f85cd t6 : ffffffe00a7c2e68 [ 2227.166884][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.168165][ C1] Call Trace: [ 2227.168849][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.170161][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.171134][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.172142][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.173355][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.174693][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.175660][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.176653][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.177815][ C1] [<ffffffe002a675ec>] dump_stack+0x1c0/0x1d8 [ 2227.178989][ C1] irq event stamp: 2768 [ 2227.179805][ C1] hardirqs last enabled at (2767): [<ffffffe002a675b8>] dump_stack+0x18c/0x1d8 [ 2227.181360][ C1] hardirqs last disabled at (2768): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.182376][ C1] softirqs last enabled at (2686): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.183492][ C1] softirqs last disabled at (2657): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.185075][ C1] ---[ end trace 81844a727c8d6589 ]--- [ 2227.290924][ C1] ------------[ cut here ]------------ [ 2227.292174][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.294058][ C1] Modules linked in: [ 2227.295174][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.296991][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.298551][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.300823][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.302122][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3620 [ 2227.303412][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.304856][ C1] t1 : 0000000000000001 t2 : 0000003fffb5b1d7 s0 : ffffffe00a7c3660 [ 2227.306657][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.308802][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.311018][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.312417][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000008 s4 : 0000000000fe4c00 [ 2227.313672][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.314918][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.316139][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000018 [ 2227.317444][ C1] t5 : 00173eed80000000 t6 : 0000000533e62925 [ 2227.319248][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.320661][ C1] Call Trace: [ 2227.321507][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.323026][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.324628][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.326778][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.328892][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.331283][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.332762][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.334165][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.335462][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2227.336860][ C1] irq event stamp: 2896 [ 2227.338176][ C1] hardirqs last enabled at (2895): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2227.340537][ C1] hardirqs last disabled at (2896): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.342049][ C1] softirqs last enabled at (2794): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.343580][ C1] softirqs last disabled at (2769): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.345001][ C1] ---[ end trace 81844a727c8d658a ]--- [ 2227.350883][ C1] ------------[ cut here ]------------ [ 2227.352188][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.355648][ C1] Modules linked in: [ 2227.356850][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.359583][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.360678][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.362623][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.363966][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3620 [ 2227.365295][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.366596][ C1] t1 : 0000000000000001 t2 : 0000003fffb5b1d7 s0 : ffffffe00a7c3660 [ 2227.368327][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.370593][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.372120][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.373416][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2227.374669][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.375881][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.377183][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000018 [ 2227.379267][ C1] t5 : 00173eed80000000 t6 : 0000000533e62925 [ 2227.381006][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.382313][ C1] Call Trace: [ 2227.383118][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.384584][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.385968][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.387310][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.389387][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.390791][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.392172][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.393623][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.394938][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2227.396337][ C1] irq event stamp: 2896 [ 2227.397235][ C1] hardirqs last enabled at (2895): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2227.399784][ C1] hardirqs last disabled at (2896): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.401358][ C1] softirqs last enabled at (2794): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.402910][ C1] softirqs last disabled at (2769): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.404669][ C1] ---[ end trace 81844a727c8d658b ]--- [ 2227.410215][ C1] ------------[ cut here ]------------ [ 2227.411358][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.413245][ C1] Modules linked in: [ 2227.414352][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.415980][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.416960][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.418952][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.420264][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3620 [ 2227.421635][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.422855][ C1] t1 : 0000000000000001 t2 : 0000003fffb5b1d7 s0 : ffffffe00a7c3660 [ 2227.424088][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.425300][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.426539][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.428113][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2227.430893][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.433204][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.434531][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000018 [ 2227.435821][ C1] t5 : 00173eed80000000 t6 : 0000000533e62925 [ 2227.436912][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.439072][ C1] Call Trace: [ 2227.440301][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.441802][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.443249][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.444698][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.446772][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.448979][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.450757][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.452122][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.453489][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2227.454832][ C1] irq event stamp: 2896 [ 2227.455688][ C1] hardirqs last enabled at (2895): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2227.457318][ C1] hardirqs last disabled at (2896): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.460046][ C1] softirqs last enabled at (2794): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.461882][ C1] softirqs last disabled at (2769): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.463398][ C1] ---[ end trace 81844a727c8d658c ]--- [ 2227.568711][ C1] ------------[ cut here ]------------ [ 2227.569924][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.571677][ C1] Modules linked in: [ 2227.572801][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.574346][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.575256][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.576481][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.578169][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34f0 [ 2227.580546][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.582992][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3530 [ 2227.584339][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.587646][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.590946][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.594204][ C1] s2 : ffffffe006d7cd30 s3 : 000000000000000a s4 : 0000000000fe4c00 [ 2227.595488][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.600210][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.602836][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2227.604093][ C1] t5 : ffffffc4014d3e00 t6 : 0000000000040000 [ 2227.605655][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.607600][ C1] Call Trace: [ 2227.608759][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.610253][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.611583][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.612932][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.614304][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.615581][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.617005][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.619010][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.620377][ C1] [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.621812][ C1] irq event stamp: 3156 [ 2227.622668][ C1] hardirqs last enabled at (3155): [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.624259][ C1] hardirqs last disabled at (3156): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.626504][ C1] softirqs last enabled at (2924): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.628923][ C1] softirqs last disabled at (2897): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.631424][ C1] ---[ end trace 81844a727c8d658d ]--- [ 2227.637055][ C1] ------------[ cut here ]------------ [ 2227.638851][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.640824][ C1] Modules linked in: [ 2227.641872][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.643477][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.644437][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.645678][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.646914][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34f0 [ 2227.648970][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.651136][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3530 [ 2227.652438][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.654318][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.655617][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.656906][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2227.659013][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.661127][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.662379][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2227.663602][ C1] t5 : ffffffc4014d3e00 t6 : 0000000000040000 [ 2227.664689][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.666203][ C1] Call Trace: [ 2227.667335][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.669850][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.671385][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.672831][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.674257][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.675580][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.676990][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.678915][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.680605][ C1] [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.681973][ C1] irq event stamp: 3156 [ 2227.682826][ C1] hardirqs last enabled at (3155): [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.685017][ C1] hardirqs last disabled at (3156): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.686533][ C1] softirqs last enabled at (2924): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.689348][ C1] softirqs last disabled at (2897): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.690915][ C1] ---[ end trace 81844a727c8d658e ]--- [ 2227.695913][ C1] ------------[ cut here ]------------ [ 2227.697124][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.700433][ C1] Modules linked in: [ 2227.702107][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.703944][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.705023][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.706305][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.708238][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34f0 [ 2227.710389][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2227.711708][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3530 [ 2227.713717][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.715888][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2227.717285][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.719350][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2227.720874][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.722154][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.723533][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2227.724853][ C1] t5 : ffffffc4014d3e00 t6 : 0000000000040000 [ 2227.725915][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.727262][ C1] Call Trace: [ 2227.728407][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.729946][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.731371][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.732935][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.735074][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.736521][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.738680][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.740760][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.742157][ C1] [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.743646][ C1] irq event stamp: 3156 [ 2227.744985][ C1] hardirqs last enabled at (3155): [<ffffffe0003cfed4>] lock_page_memcg+0x222/0x2c8 [ 2227.746665][ C1] hardirqs last disabled at (3156): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.749176][ C1] softirqs last enabled at (2924): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2227.750922][ C1] softirqs last disabled at (2897): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2227.752478][ C1] ---[ end trace 81844a727c8d658f ]--- [ 2227.858109][ C1] ------------[ cut here ]------------ [ 2227.859518][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.861463][ C1] Modules linked in: [ 2227.862919][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.864684][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.866012][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2227.868477][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.870315][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.871628][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb7c0 [ 2227.872986][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2227.874311][ C1] t1 : 0000000000000001 t2 : 0000000017512cb2 s0 : ffffffe00edcb800 [ 2227.875599][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.876946][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2227.878918][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.881031][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2227.882403][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.883842][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.885988][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40087ce04 [ 2227.887453][ C1] t5 : ffffffc40087ce09 t6 : ffffffe010f52026 [ 2227.889317][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.891140][ C1] Call Trace: [ 2227.892007][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.893551][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.894996][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.896301][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.898137][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.900242][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.901735][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.903323][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.905380][ C1] [<ffffffe0000fdc96>] rcu_is_watching+0x70/0xb6 [ 2227.906748][ C1] irq event stamp: 479482 [ 2227.907934][ C1] hardirqs last enabled at (479481): [<ffffffe0001263ba>] ktime_get_coarse_with_offset+0x15c/0x174 [ 2227.910843][ C1] hardirqs last disabled at (479482): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.912594][ C1] softirqs last enabled at (479462): [<ffffffe0014c990c>] nsim_dev_trap_report_work+0x524/0x5e6 [ 2227.914326][ C1] softirqs last disabled at (479460): [<ffffffe0014c98aa>] nsim_dev_trap_report_work+0x4c2/0x5e6 [ 2227.916008][ C1] ---[ end trace 81844a727c8d6590 ]--- [ 2227.921316][ C1] ------------[ cut here ]------------ [ 2227.922990][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.924972][ C1] Modules linked in: [ 2227.926052][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.928124][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.929691][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2227.931357][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.932682][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.934020][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb7c0 [ 2227.935716][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2227.937059][ C1] t1 : 0000000000000001 t2 : 0000000017512cb2 s0 : ffffffe00edcb800 [ 2227.939030][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2227.940455][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2227.941760][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2227.943050][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2227.944351][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2227.945719][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2227.947023][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40087ce04 [ 2227.949157][ C1] t5 : ffffffc40087ce09 t6 : ffffffe010f52026 [ 2227.951005][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2227.952381][ C1] Call Trace: [ 2227.953280][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2227.955367][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2227.956894][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2227.958970][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2227.960608][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2227.962006][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2227.963398][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2227.964791][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2227.966080][ C1] [<ffffffe0000fdc96>] rcu_is_watching+0x70/0xb6 [ 2227.967518][ C1] irq event stamp: 479482 [ 2227.968778][ C1] hardirqs last enabled at (479481): [<ffffffe0001263ba>] ktime_get_coarse_with_offset+0x15c/0x174 [ 2227.970568][ C1] hardirqs last disabled at (479482): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2227.972146][ C1] softirqs last enabled at (479462): [<ffffffe0014c990c>] nsim_dev_trap_report_work+0x524/0x5e6 [ 2227.974068][ C1] softirqs last disabled at (479460): [<ffffffe0014c98aa>] nsim_dev_trap_report_work+0x4c2/0x5e6 [ 2227.975810][ C1] ---[ end trace 81844a727c8d6591 ]--- [ 2227.980715][ C1] ------------[ cut here ]------------ [ 2227.981961][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2227.983945][ C1] Modules linked in: [ 2227.985356][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2227.987155][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2227.988863][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2227.990638][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2227.991959][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2227.993317][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb7c0 [ 2227.995443][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2227.996833][ C1] t1 : 0000000000000001 t2 : 0000000017512cb2 s0 : ffffffe00edcb800 [ 2227.998881][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.001079][ C1] a2 : 0000000000010002 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2228.002403][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.003689][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2228.005024][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.006313][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.007788][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40087ce04 [ 2228.009816][ C1] t5 : ffffffc40087ce09 t6 : ffffffe010f52026 [ 2228.010940][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.012343][ C1] Call Trace: [ 2228.013193][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.015420][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.017098][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.019148][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.020681][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.022085][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.023686][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.025224][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.026562][ C1] [<ffffffe0000fdc96>] rcu_is_watching+0x70/0xb6 [ 2228.028339][ C1] irq event stamp: 479482 [ 2228.029697][ C1] hardirqs last enabled at (479481): [<ffffffe0001263ba>] ktime_get_coarse_with_offset+0x15c/0x174 [ 2228.031538][ C1] hardirqs last disabled at (479482): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.033156][ C1] softirqs last enabled at (479462): [<ffffffe0014c990c>] nsim_dev_trap_report_work+0x524/0x5e6 [ 2228.034827][ C1] softirqs last disabled at (479460): [<ffffffe0014c98aa>] nsim_dev_trap_report_work+0x4c2/0x5e6 [ 2228.036538][ C1] ---[ end trace 81844a727c8d6592 ]--- [ 2228.142261][ C1] ------------[ cut here ]------------ [ 2228.143596][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.145585][ C1] Modules linked in: [ 2228.146731][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.149603][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.151138][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.152561][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.153886][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957720 [ 2228.155233][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.156594][ C1] t1 : 0000000000000001 t2 : 0000000000010b26 s0 : ffffffe007957760 [ 2228.158507][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.161252][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.162982][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.164351][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2228.165681][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.167473][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.169427][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2228.170781][ C1] t5 : ffffffc4016a7e00 t6 : ffffffe00a6c37f0 [ 2228.171880][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.173198][ C1] Call Trace: [ 2228.174035][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.175471][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.176961][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.178853][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.180289][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.181680][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.183161][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.184601][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.186418][ C1] [<ffffffe000333d9a>] unmap_page_range+0x48c/0xf40 [ 2228.188244][ C1] irq event stamp: 1280 [ 2228.189620][ C1] hardirqs last enabled at (1279): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.191360][ C1] hardirqs last disabled at (1280): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.193182][ C1] softirqs last enabled at (1258): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.194867][ C1] softirqs last disabled at (1247): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.197012][ C1] ---[ end trace 81844a727c8d6593 ]--- [ 2228.202968][ C1] ------------[ cut here ]------------ [ 2228.204216][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.207076][ C1] Modules linked in: [ 2228.208774][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.210583][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.211573][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.212968][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.214388][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957720 [ 2228.216543][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.218580][ C1] t1 : 0000000000000001 t2 : 0000000000010b26 s0 : ffffffe007957760 [ 2228.220729][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.222025][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.223364][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.224744][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2228.226018][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.227295][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.229269][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2228.230598][ C1] t5 : ffffffc4016a7e00 t6 : ffffffe00a6c37f0 [ 2228.231733][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.233172][ C1] Call Trace: [ 2228.234016][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.235486][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.236890][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.238821][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.240278][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.241716][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.243186][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.244569][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.246500][ C1] [<ffffffe000333d9a>] unmap_page_range+0x48c/0xf40 [ 2228.248669][ C1] irq event stamp: 1280 [ 2228.249851][ C1] hardirqs last enabled at (1279): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.251516][ C1] hardirqs last disabled at (1280): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.253152][ C1] softirqs last enabled at (1258): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.254850][ C1] softirqs last disabled at (1247): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.256444][ C1] ---[ end trace 81844a727c8d6594 ]--- [ 2228.262072][ C1] ------------[ cut here ]------------ [ 2228.263402][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.266111][ C1] Modules linked in: [ 2228.267379][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.270064][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.271198][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.272544][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.273932][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957720 [ 2228.275927][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.277246][ C1] t1 : 0000000000000001 t2 : 0000000000010b26 s0 : ffffffe007957760 [ 2228.279096][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.280314][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.281561][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.282753][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2228.284026][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.285943][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.287404][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000040 [ 2228.289323][ C1] t5 : ffffffc4016a7e00 t6 : ffffffe00a6c37f0 [ 2228.290984][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.292327][ C1] Call Trace: [ 2228.293169][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.294627][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.296013][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.297445][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.299448][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.300892][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.302326][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.303867][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.305645][ C1] [<ffffffe000333d9a>] unmap_page_range+0x48c/0xf40 [ 2228.306956][ C1] irq event stamp: 1280 [ 2228.308060][ C1] hardirqs last enabled at (1279): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.309854][ C1] hardirqs last disabled at (1280): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.311449][ C1] softirqs last enabled at (1258): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.313043][ C1] softirqs last disabled at (1247): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.314544][ C1] ---[ end trace 81844a727c8d6595 ]--- [ 2228.419303][ C1] ------------[ cut here ]------------ [ 2228.420645][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.422540][ C1] Modules linked in: [ 2228.423656][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.425336][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.426342][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2228.428608][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.430442][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.431818][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2228.433160][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2228.434402][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2228.435647][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.436970][ C1] a2 : 0000000000010003 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2228.438991][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.440967][ C1] s2 : ffffffe006d7cd30 s3 : 000000000000000a s4 : 0000000000fe4c00 [ 2228.442377][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.443646][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.444940][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2228.446203][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2228.447308][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.449320][ C1] Call Trace: [ 2228.450545][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.452015][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.453402][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.454765][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.456145][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.457551][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.459580][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.461722][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.463069][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2228.464481][ C1] irq event stamp: 479518 [ 2228.465394][ C1] hardirqs last enabled at (479517): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2228.466973][ C1] hardirqs last disabled at (479518): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.469380][ C1] softirqs last enabled at (479514): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.471068][ C1] softirqs last disabled at (479483): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.472664][ C1] ---[ end trace 81844a727c8d6596 ]--- [ 2228.478407][ C1] ------------[ cut here ]------------ [ 2228.480118][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.482084][ C1] Modules linked in: [ 2228.483197][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.484923][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.485931][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2228.487659][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.489499][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.490799][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2228.492115][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2228.493418][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2228.494779][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.496035][ C1] a2 : 0000000000010003 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2228.497436][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.499394][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2228.500766][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.502077][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.503392][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2228.504740][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2228.505847][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.507173][ C1] Call Trace: [ 2228.508408][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.510010][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.511455][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.512848][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.514209][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.515576][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.516989][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.519051][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.520564][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2228.522076][ C1] irq event stamp: 479518 [ 2228.523027][ C1] hardirqs last enabled at (479517): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2228.524678][ C1] hardirqs last disabled at (479518): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.526185][ C1] softirqs last enabled at (479514): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.528202][ C1] softirqs last disabled at (479483): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.530654][ C1] ---[ end trace 81844a727c8d6597 ]--- [ 2228.535116][ C1] ------------[ cut here ]------------ [ 2228.536351][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.539263][ C1] Modules linked in: [ 2228.540933][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.542596][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.543649][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2228.545510][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.546867][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.548685][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2228.550505][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2228.551755][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2228.553152][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.554471][ C1] a2 : 0000000000010003 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2228.555749][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.557020][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2228.559140][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.561223][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.562525][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2228.563829][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2228.564936][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.566244][ C1] Call Trace: [ 2228.567075][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.569081][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.570538][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.571902][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.573343][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.574670][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.576012][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.577382][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.579186][ C1] [<ffffffe002a90210>] debug_smp_processor_id+0x24/0x2e [ 2228.580599][ C1] irq event stamp: 479518 [ 2228.581447][ C1] hardirqs last enabled at (479517): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2228.583017][ C1] hardirqs last disabled at (479518): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.584554][ C1] softirqs last enabled at (479514): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.586063][ C1] softirqs last disabled at (479483): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.587654][ C1] ---[ end trace 81844a727c8d6598 ]--- [ 2228.693299][ C1] ------------[ cut here ]------------ [ 2228.694589][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.696449][ C1] Modules linked in: [ 2228.697662][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.700640][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.701669][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.703009][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.704273][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957550 [ 2228.705563][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.706857][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957590 [ 2228.709676][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.711759][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.713146][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.714397][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2228.715642][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.716958][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.718681][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af73 [ 2228.720737][ C1] t5 : ffffffc400f2af75 t6 : 0000000000040000 [ 2228.722096][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.723720][ C1] Call Trace: [ 2228.724581][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.726081][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.727545][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.729553][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.731055][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.732512][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.733973][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.735409][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.736861][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2228.738761][ C1] irq event stamp: 1322 [ 2228.740079][ C1] hardirqs last enabled at (1321): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.741854][ C1] hardirqs last disabled at (1322): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.743360][ C1] softirqs last enabled at (1308): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.744985][ C1] softirqs last disabled at (1281): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.746516][ C1] ---[ end trace 81844a727c8d6599 ]--- [ 2228.752888][ C1] ------------[ cut here ]------------ [ 2228.754133][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.756005][ C1] Modules linked in: [ 2228.757109][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.759836][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.761275][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.762609][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.763869][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957550 [ 2228.765210][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.766588][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957590 [ 2228.768443][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.770516][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.771846][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.773176][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2228.774453][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.775714][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.777104][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af73 [ 2228.779193][ C1] t5 : ffffffc400f2af75 t6 : 0000000000040000 [ 2228.780748][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.782159][ C1] Call Trace: [ 2228.783010][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.784549][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.785899][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.787292][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.789297][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.790698][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.792447][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.793944][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.795260][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2228.796727][ C1] irq event stamp: 1322 [ 2228.797873][ C1] hardirqs last enabled at (1321): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.800949][ C1] hardirqs last disabled at (1322): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.802550][ C1] softirqs last enabled at (1308): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.804153][ C1] softirqs last disabled at (1281): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.805711][ C1] ---[ end trace 81844a727c8d659a ]--- [ 2228.810869][ C1] ------------[ cut here ]------------ [ 2228.812132][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.814249][ C1] Modules linked in: [ 2228.815396][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.817453][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.819176][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.820854][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.822143][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957550 [ 2228.823471][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2228.824784][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957590 [ 2228.826077][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.827504][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2228.829496][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.832062][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2228.833423][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.834085][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.836893][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af73 [ 2228.839520][ C1] t5 : ffffffc400f2af75 t6 : 0000000000040000 [ 2228.841548][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2228.843146][ C1] Call Trace: [ 2228.843941][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2228.845345][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2228.846770][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2228.848968][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2228.850529][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2228.851957][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2228.853431][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2228.854764][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2228.856074][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2228.857617][ C1] irq event stamp: 1322 [ 2228.858893][ C1] hardirqs last enabled at (1321): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2228.860594][ C1] hardirqs last disabled at (1322): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2228.862159][ C1] softirqs last enabled at (1308): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2228.863730][ C1] softirqs last disabled at (1281): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2228.865248][ C1] ---[ end trace 81844a727c8d659b ]--- [ 2228.969923][ C1] ------------[ cut here ]------------ [ 2228.971494][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2228.973479][ C1] Modules linked in: [ 2228.974613][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2228.976275][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2228.977336][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2228.979623][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2228.981006][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2228.982371][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2228.983993][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2228.985319][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2228.986571][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2228.988316][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2228.990271][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2228.991572][ C1] s2 : ffffffe006d7cd30 s3 : 000000000000000a s4 : 0000000000fe4c00 [ 2228.992916][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2228.994248][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2228.995520][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2228.996836][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2228.998515][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.000693][ C1] Call Trace: [ 2229.001550][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.003025][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.004438][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.005778][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.007209][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.009246][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.011474][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.012854][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.014154][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.015460][ C1] irq event stamp: 479544 [ 2229.016313][ C1] hardirqs last enabled at (479543): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2229.018262][ C1] hardirqs last disabled at (479544): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.020335][ C1] softirqs last enabled at (479540): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.021955][ C1] softirqs last disabled at (479519): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.023429][ C1] ---[ end trace 81844a727c8d659c ]--- [ 2229.028992][ C1] ------------[ cut here ]------------ [ 2229.030194][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.032019][ C1] Modules linked in: [ 2229.033125][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.034727][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.035697][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2229.037277][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.039033][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.040293][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2229.041594][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2229.042892][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2229.044161][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.045400][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2229.047403][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.049414][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.050671][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.051941][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.053201][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2229.054434][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2229.055509][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.056833][ C1] Call Trace: [ 2229.057936][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.060229][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.061682][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.063073][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.064506][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.065772][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.067105][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.070262][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.081336][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.083371][ C1] irq event stamp: 479544 [ 2229.084349][ C1] hardirqs last enabled at (479543): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2229.086098][ C1] hardirqs last disabled at (479544): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.087775][ C1] softirqs last enabled at (479540): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.090137][ C1] softirqs last disabled at (479519): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.091800][ C1] ---[ end trace 81844a727c8d659d ]--- [ 2229.097414][ C1] ------------[ cut here ]------------ [ 2229.098978][ C1] WARNING: CPU: 1 PID: 3867 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.100836][ C1] Modules linked in: [ 2229.101876][ C1] CPU: 1 PID: 3867 Comm: kworker/1:2 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.104322][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.105492][ C1] Workqueue: events_power_efficient wg_ratelimiter_gc_entries [ 2229.107601][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.109418][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.110651][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00edcb770 [ 2229.111919][ C1] gp : ffffffe0045883c0 tp : ffffffe029000000 t0 : 0000000000046000 [ 2229.113156][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00edcb7b0 [ 2229.114369][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.115628][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029000000 [ 2229.116932][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.118929][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.121062][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.122275][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.123522][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4051ed7b2 [ 2229.125502][ C1] t5 : ffffffc4051ed7ba t6 : 0000000000040000 [ 2229.127161][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.129298][ C1] Call Trace: [ 2229.130522][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.132042][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.133437][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.134766][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.136146][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.137716][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.139545][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.140964][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.142218][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.143583][ C1] irq event stamp: 479544 [ 2229.144486][ C1] hardirqs last enabled at (479543): [<ffffffe002a9a6d0>] _raw_spin_unlock_irq+0x2a/0x76 [ 2229.146088][ C1] hardirqs last disabled at (479544): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.147794][ C1] softirqs last enabled at (479540): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.150391][ C1] softirqs last disabled at (479519): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.151865][ C1] ---[ end trace 81844a727c8d659e ]--- [ 2229.257346][ C1] ------------[ cut here ]------------ [ 2229.259006][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.260945][ C1] Modules linked in: [ 2229.262029][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.262487][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.262697][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.266929][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.268722][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34d0 [ 2229.270850][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.272103][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3510 [ 2229.273393][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.274612][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.275869][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.277145][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2229.279162][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.281395][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.282715][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.284056][ C1] t5 : ffffffc4014f8747 t6 : 0000000000040000 [ 2229.285185][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.286534][ C1] Call Trace: [ 2229.287434][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.289332][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.290789][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.292188][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.293632][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.295869][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.297357][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.299261][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.300670][ C1] [<ffffffe0000d2e6e>] lock_release+0x74/0x53c [ 2229.302057][ C1] irq event stamp: 3972 [ 2229.302922][ C1] hardirqs last enabled at (3971): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.305528][ C1] hardirqs last disabled at (3972): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.307208][ C1] softirqs last enabled at (3958): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.309694][ C1] softirqs last disabled at (3949): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.311354][ C1] ---[ end trace 81844a727c8d659f ]--- [ 2229.318039][ C1] ------------[ cut here ]------------ [ 2229.319684][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.321612][ C1] Modules linked in: [ 2229.322714][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.324725][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.326481][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.328506][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.330550][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34d0 [ 2229.332045][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.333457][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3510 [ 2229.335451][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.337640][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.339845][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.341293][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.342568][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.343930][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.345266][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.346606][ C1] t5 : ffffffc4014f8747 t6 : 0000000000040000 [ 2229.348077][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.350163][ C1] Call Trace: [ 2229.351055][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.352556][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.354020][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.355717][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.357608][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.359594][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.361652][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.362990][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.364347][ C1] [<ffffffe0000d2e6e>] lock_release+0x74/0x53c [ 2229.365731][ C1] irq event stamp: 3972 [ 2229.366560][ C1] hardirqs last enabled at (3971): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.368713][ C1] hardirqs last disabled at (3972): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.370788][ C1] softirqs last enabled at (3958): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.372333][ C1] softirqs last disabled at (3949): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.373855][ C1] ---[ end trace 81844a727c8d65a0 ]--- [ 2229.379721][ C1] ------------[ cut here ]------------ [ 2229.380856][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.382674][ C1] Modules linked in: [ 2229.383906][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.385534][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.386478][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.388140][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.389980][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c34d0 [ 2229.391183][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.392356][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe00a7c3510 [ 2229.393600][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.394836][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.396083][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.398359][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.400158][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.402164][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.403407][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.404693][ C1] t5 : ffffffc4014f8747 t6 : 0000000000040000 [ 2229.405768][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.407064][ C1] Call Trace: [ 2229.408237][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.409746][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.411124][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.412486][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.413925][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.415253][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.416599][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.418414][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.420241][ C1] [<ffffffe0000d2e6e>] lock_release+0x74/0x53c [ 2229.421541][ C1] irq event stamp: 3972 [ 2229.422356][ C1] hardirqs last enabled at (3971): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.423956][ C1] hardirqs last disabled at (3972): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.425475][ C1] softirqs last enabled at (3958): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.427034][ C1] softirqs last disabled at (3949): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.429282][ C1] ---[ end trace 81844a727c8d65a1 ]--- [ 2229.535335][ C1] ------------[ cut here ]------------ [ 2229.536570][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.539357][ C1] Modules linked in: [ 2229.540812][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.542360][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.543302][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.544640][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.546099][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957610 [ 2229.547387][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2229.549269][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957650 [ 2229.550486][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.551769][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2229.553670][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.554930][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2229.556122][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.557398][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.559097][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af60 [ 2229.560439][ C1] t5 : ffffffc400f2af65 t6 : 0000000000040000 [ 2229.561444][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.562643][ C1] Call Trace: [ 2229.563402][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.564781][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.566145][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.567510][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.569309][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.570630][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.571936][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.573309][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.574565][ C1] [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.575896][ C1] irq event stamp: 2010 [ 2229.576769][ C1] hardirqs last enabled at (2009): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.579418][ C1] hardirqs last disabled at (2010): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.581863][ C1] softirqs last enabled at (1474): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.583414][ C1] softirqs last disabled at (1323): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.584883][ C1] ---[ end trace 81844a727c8d65a2 ]--- [ 2229.590156][ C1] ------------[ cut here ]------------ [ 2229.591277][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.593164][ C1] Modules linked in: [ 2229.594234][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.595905][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.597028][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.598832][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.600650][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957610 [ 2229.601965][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2229.603248][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957650 [ 2229.604584][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.606260][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2229.608077][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.610507][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2229.612140][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.613358][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.614556][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af60 [ 2229.615993][ C1] t5 : ffffffc400f2af65 t6 : 0000000000040000 [ 2229.617103][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.619110][ C1] Call Trace: [ 2229.620214][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.621635][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.623033][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.624571][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.626763][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.628561][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.630332][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.631623][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.633080][ C1] [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.635083][ C1] irq event stamp: 2010 [ 2229.636102][ C1] hardirqs last enabled at (2009): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.638112][ C1] hardirqs last disabled at (2010): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.640485][ C1] softirqs last enabled at (1474): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.642098][ C1] softirqs last disabled at (1323): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.643597][ C1] ---[ end trace 81844a727c8d65a3 ]--- [ 2229.648622][ C1] ------------[ cut here ]------------ [ 2229.649686][ C1] WARNING: CPU: 1 PID: 4363 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.651474][ C1] Modules linked in: [ 2229.652589][ C1] CPU: 1 PID: 4363 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.654246][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.655448][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.657214][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.658965][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe007957610 [ 2229.660336][ C1] gp : ffffffe0045883c0 tp : ffffffe0290017c0 t0 : 0000000000046000 [ 2229.661610][ C1] t1 : 0000000000000001 t2 : 00000000000f4240 s0 : ffffffe007957650 [ 2229.662836][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.664560][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0290017c0 [ 2229.666753][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.668541][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.670445][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.671783][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.673056][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc400f2af60 [ 2229.674318][ C1] t5 : ffffffc400f2af65 t6 : 0000000000040000 [ 2229.675396][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.676738][ C1] Call Trace: [ 2229.677694][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.679680][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.681112][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.682479][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.683857][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.685238][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.686634][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.688599][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.690670][ C1] [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.692202][ C1] irq event stamp: 2010 [ 2229.693131][ C1] hardirqs last enabled at (2009): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2229.695793][ C1] hardirqs last disabled at (2010): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.699792][ C1] softirqs last enabled at (1474): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.701798][ C1] softirqs last disabled at (1323): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.703541][ C1] ---[ end trace 81844a727c8d65a4 ]--- [ 2229.809466][ C1] ------------[ cut here ]------------ [ 2229.810673][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.812535][ C1] Modules linked in: [ 2229.813633][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.815307][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.816303][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.817837][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.819577][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c33e0 [ 2229.820932][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.822236][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00a7c3420 [ 2229.823776][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.825898][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.827172][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.828998][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2229.830925][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.832469][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.834340][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.835549][ C1] t5 : ffffffc4014f8747 t6 : 4320202000000000 [ 2229.836424][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.837514][ C1] Call Trace: [ 2229.838321][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.839342][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.840351][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.841710][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.843137][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.844581][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.845976][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.847326][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.849227][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.850618][ C1] irq event stamp: 4076 [ 2229.851475][ C1] hardirqs last enabled at (4075): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.853203][ C1] hardirqs last disabled at (4076): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.854735][ C1] softirqs last enabled at (4024): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.856309][ C1] softirqs last disabled at (4015): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.858341][ C1] ---[ end trace 81844a727c8d65a5 ]--- [ 2229.864533][ C1] ------------[ cut here ]------------ [ 2229.865542][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.867416][ C1] Modules linked in: [ 2229.868907][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.870513][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.871438][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.872656][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.873929][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c33e0 [ 2229.875738][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.877532][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00a7c3420 [ 2229.879551][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.880505][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.881371][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.882251][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2229.883109][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.883946][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.884814][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.885642][ C1] t5 : ffffffc4014f8747 t6 : 4320202000000000 [ 2229.886453][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.888032][ C1] Call Trace: [ 2229.889105][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.890172][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.891130][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.892081][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.893051][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.893944][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.894841][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.895703][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.896629][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.897688][ C1] irq event stamp: 4076 [ 2229.898435][ C1] hardirqs last enabled at (4075): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.899692][ C1] hardirqs last disabled at (4076): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.900757][ C1] softirqs last enabled at (4024): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.901815][ C1] softirqs last disabled at (4015): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.902880][ C1] ---[ end trace 81844a727c8d65a6 ]--- [ 2229.906591][ C1] ------------[ cut here ]------------ [ 2229.907385][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2229.908944][ C1] Modules linked in: [ 2229.909769][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2229.910863][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2229.911548][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2229.912461][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2229.913674][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c33e0 [ 2229.915227][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2229.916695][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00a7c3420 [ 2229.918698][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2229.920628][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2229.921934][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2229.923093][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2229.924333][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2229.925847][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2229.927726][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f8745 [ 2229.929753][ C1] t5 : ffffffc4014f8747 t6 : 4320202000000000 [ 2229.930901][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2229.932216][ C1] Call Trace: [ 2229.933140][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2229.935420][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2229.937077][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2229.939203][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2229.940624][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2229.942327][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2229.943768][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2229.945190][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2229.946552][ C1] [<ffffffe0000d38da>] lock_acquire.part.0+0x19a/0x47c [ 2229.948823][ C1] irq event stamp: 4076 [ 2229.950159][ C1] hardirqs last enabled at (4075): [<ffffffe00036e51c>] get_page_from_freelist+0x14d6/0x1782 [ 2229.951900][ C1] hardirqs last disabled at (4076): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2229.953499][ C1] softirqs last enabled at (4024): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2229.955144][ C1] softirqs last disabled at (4015): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2229.956712][ C1] ---[ end trace 81844a727c8d65a7 ]--- [ 2230.062411][ C1] ------------[ cut here ]------------ [ 2230.063819][ C1] WARNING: CPU: 1 PID: 2844 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.066621][ C1] Modules linked in: [ 2230.068192][ C1] CPU: 1 PID: 2844 Comm: syslogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.070973][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.071998][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.073337][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.074572][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00aaa76e0 [ 2230.075890][ C1] gp : ffffffe0045883c0 tp : ffffffe00deec740 t0 : 0000000000046000 [ 2230.077202][ C1] t1 : 0000000000000001 t2 : 0061623978302f61 s0 : ffffffe00aaa7720 [ 2230.079177][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.080586][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deec740 [ 2230.081998][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.084000][ C1] s2 : ffffffe006d7cd30 s3 : 000000000000000a s4 : 0000000000fe4c00 [ 2230.086072][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.088008][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.089747][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401554f5c [ 2230.091028][ C1] t5 : ffffffc401554f5f t6 : 0000000000040000 [ 2230.092097][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.093403][ C1] Call Trace: [ 2230.094238][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.095674][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.097273][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.099138][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.100606][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.101994][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.103438][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.104812][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.106161][ C1] [<ffffffe002685bdc>] unix_destruct_scm+0x12e/0x160 [ 2230.107071][ C1] irq event stamp: 222364 [ 2230.107973][ C1] hardirqs last enabled at (222363): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2230.110213][ C1] hardirqs last disabled at (222364): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.111259][ C1] softirqs last enabled at (222286): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.112253][ C1] softirqs last disabled at (222205): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.113460][ C1] ---[ end trace 81844a727c8d65a8 ]--- [ 2230.117555][ C1] ------------[ cut here ]------------ [ 2230.118406][ C1] WARNING: CPU: 1 PID: 2844 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.119740][ C1] Modules linked in: [ 2230.120691][ C1] CPU: 1 PID: 2844 Comm: syslogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.122108][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.123009][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.124031][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.124930][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00aaa76e0 [ 2230.126131][ C1] gp : ffffffe0045883c0 tp : ffffffe00deec740 t0 : 0000000000046000 [ 2230.127691][ C1] t1 : 0000000000000001 t2 : 0061623978302f61 s0 : ffffffe00aaa7720 [ 2230.129543][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.130490][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deec740 [ 2230.131349][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.132181][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2230.133242][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.134064][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.134905][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401554f5c [ 2230.135745][ C1] t5 : ffffffc401554f5f t6 : 0000000000040000 [ 2230.136614][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.137909][ C1] Call Trace: [ 2230.138583][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.139832][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.140884][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.141795][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.142692][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.143552][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.144786][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.145626][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.146523][ C1] [<ffffffe002685bdc>] unix_destruct_scm+0x12e/0x160 [ 2230.147678][ C1] irq event stamp: 222364 [ 2230.148460][ C1] hardirqs last enabled at (222363): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2230.149981][ C1] hardirqs last disabled at (222364): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.150956][ C1] softirqs last enabled at (222286): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.152174][ C1] softirqs last disabled at (222205): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.153516][ C1] ---[ end trace 81844a727c8d65a9 ]--- [ 2230.158299][ C1] ------------[ cut here ]------------ [ 2230.159531][ C1] WARNING: CPU: 1 PID: 2844 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.161363][ C1] Modules linked in: [ 2230.162375][ C1] CPU: 1 PID: 2844 Comm: syslogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.163942][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.164891][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.166124][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.167398][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00aaa76e0 [ 2230.169374][ C1] gp : ffffffe0045883c0 tp : ffffffe00deec740 t0 : 0000000000046000 [ 2230.170643][ C1] t1 : 0000000000000001 t2 : 0061623978302f61 s0 : ffffffe00aaa7720 [ 2230.171839][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.173094][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deec740 [ 2230.174308][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.175580][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2230.176834][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.178722][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.180645][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401554f5c [ 2230.181965][ C1] t5 : ffffffc401554f5f t6 : 0000000000040000 [ 2230.182998][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.184270][ C1] Call Trace: [ 2230.185106][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.186747][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.188933][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.190997][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.192379][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.193777][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.195287][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.196751][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.198707][ C1] [<ffffffe002685bdc>] unix_destruct_scm+0x12e/0x160 [ 2230.200766][ C1] irq event stamp: 222364 [ 2230.201667][ C1] hardirqs last enabled at (222363): [<ffffffe002a9a784>] _raw_spin_unlock_irqrestore+0x68/0x98 [ 2230.203312][ C1] hardirqs last disabled at (222364): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.204878][ C1] softirqs last enabled at (222286): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.206477][ C1] softirqs last disabled at (222205): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.208863][ C1] ---[ end trace 81844a727c8d65aa ]--- [ 2230.313871][ C1] ------------[ cut here ]------------ [ 2230.314738][ C1] WARNING: CPU: 1 PID: 3079 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.316037][ C1] Modules linked in: [ 2230.317104][ C1] CPU: 1 PID: 3079 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.318972][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.319894][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.320850][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.321718][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe025d57390 [ 2230.322601][ C1] gp : ffffffe0045883c0 tp : ffffffe007e72f80 t0 : 0000000000046000 [ 2230.323894][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe025d573d0 [ 2230.325112][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.326014][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe007e72f80 [ 2230.326883][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.328225][ C1] s2 : ffffffe006d7cd30 s3 : 000000000000000a s4 : 0000000000fe4c00 [ 2230.329524][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.330924][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.331885][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401e237ec [ 2230.332807][ C1] t5 : ffffffc401e237ee t6 : 0000000000000004 [ 2230.333543][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.334421][ C1] Call Trace: [ 2230.334942][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.336342][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.337621][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.338746][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.339781][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.341207][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.342204][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.343362][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.344441][ C1] irq event stamp: 2530632 [ 2230.345053][ C1] hardirqs last enabled at (2530631): [<ffffffe000125fda>] ktime_get_coarse_real_ts64+0x12e/0x13e [ 2230.346266][ C1] hardirqs last disabled at (2530632): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.347345][ C1] softirqs last enabled at (2529266): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.348999][ C1] softirqs last disabled at (2529257): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.350091][ C1] ---[ end trace 81844a727c8d65ab ]--- [ 2230.353502][ C1] ------------[ cut here ]------------ [ 2230.354267][ C1] WARNING: CPU: 1 PID: 3079 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.355480][ C1] Modules linked in: [ 2230.356203][ C1] CPU: 1 PID: 3079 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.357399][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.358394][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.359528][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.360472][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe025d57390 [ 2230.361288][ C1] gp : ffffffe0045883c0 tp : ffffffe007e72f80 t0 : 0000000000046000 [ 2230.362134][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe025d573d0 [ 2230.363043][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.363893][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe007e72f80 [ 2230.364845][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.365710][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2230.366573][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.367464][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.368782][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401e237ec [ 2230.370171][ C1] t5 : ffffffc401e237ee t6 : 0000000000000004 [ 2230.370897][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.371778][ C1] Call Trace: [ 2230.372332][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.373355][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.374298][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.375196][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.376124][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.377085][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.378376][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.379571][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.380543][ C1] irq event stamp: 2530632 [ 2230.381161][ C1] hardirqs last enabled at (2530631): [<ffffffe000125fda>] ktime_get_coarse_real_ts64+0x12e/0x13e [ 2230.382394][ C1] hardirqs last disabled at (2530632): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.383428][ C1] softirqs last enabled at (2529266): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.384646][ C1] softirqs last disabled at (2529257): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.386032][ C1] ---[ end trace 81844a727c8d65ac ]--- [ 2230.389663][ C1] ------------[ cut here ]------------ [ 2230.390433][ C1] WARNING: CPU: 1 PID: 3079 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.391695][ C1] Modules linked in: [ 2230.392540][ C1] CPU: 1 PID: 3079 Comm: syz-executor.0 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.393701][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.394501][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.395583][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.396639][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe025d57390 [ 2230.398187][ C1] gp : ffffffe0045883c0 tp : ffffffe007e72f80 t0 : 0000000000046000 [ 2230.400056][ C1] t1 : 0000000000000001 t2 : 0000000000000000 s0 : ffffffe025d573d0 [ 2230.401222][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.402298][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe007e72f80 [ 2230.403300][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.404297][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2230.405344][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.406342][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.407417][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc401e237ec [ 2230.409242][ C1] t5 : ffffffc401e237ee t6 : 0000000000000004 [ 2230.410690][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.411812][ C1] Call Trace: [ 2230.412485][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.413624][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.414839][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.416809][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.417976][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.419105][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.419978][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.420869][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.421711][ C1] irq event stamp: 2530632 [ 2230.422281][ C1] hardirqs last enabled at (2530631): [<ffffffe000125fda>] ktime_get_coarse_real_ts64+0x12e/0x13e [ 2230.423361][ C1] hardirqs last disabled at (2530632): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.424631][ C1] softirqs last enabled at (2529266): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.425649][ C1] softirqs last disabled at (2529257): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.426763][ C1] ---[ end trace 81844a727c8d65ad ]--- 00:37:08 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) r2 = openat(r1, &(0x7f0000000000)='./file0\x00', 0x800, 0x0) ioctl$KDDISABIO(r2, 0x4b37) fcntl$setlease(r1, 0x400, 0x0) close(r1) [ 2230.530633][ C1] ------------[ cut here ]------------ [ 2230.532153][ C1] WARNING: CPU: 1 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.533539][ C1] Modules linked in: [ 2230.534307][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.535680][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.536552][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.537511][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.538553][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe0057d3b50 [ 2230.539873][ C1] gp : ffffffe0045883c0 tp : ffffffe0057bdf00 t0 : 0000000000046000 [ 2230.540821][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe0057d3b90 [ 2230.541755][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.542624][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0057bdf00 [ 2230.543668][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.544831][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2230.545739][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.546572][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.547476][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40cdae5a9 [ 2230.548771][ C1] t5 : ffffffc40cdae5aa t6 : 0000000000000005 [ 2230.549685][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.550538][ C1] Call Trace: [ 2230.551063][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.552041][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.553178][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.554440][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.555675][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.556677][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.557943][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.559145][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.560470][ C1] [<ffffffe00000575e>] arch_cpu_idle+0x10/0x20 [ 2230.561446][ C1] irq event stamp: 422666 [ 2230.562185][ C1] hardirqs last enabled at (422665): [<ffffffe002a9a1f0>] default_idle_call+0x1e/0xbe [ 2230.563403][ C1] hardirqs last disabled at (422666): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.564889][ C1] softirqs last enabled at (422654): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.566622][ C1] softirqs last disabled at (422647): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.568524][ C1] ---[ end trace 81844a727c8d65ae ]--- [ 2230.572782][ C1] ------------[ cut here ]------------ [ 2230.573568][ C1] WARNING: CPU: 1 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.575157][ C1] Modules linked in: [ 2230.576007][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.577436][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.578807][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.580408][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.581423][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe0057d3b50 [ 2230.582518][ C1] gp : ffffffe0045883c0 tp : ffffffe0057bdf00 t0 : 0000000000046000 [ 2230.583532][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe0057d3b90 [ 2230.584699][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.585727][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0057bdf00 [ 2230.586883][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.588945][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000002 s4 : 0000000000fe4c00 [ 2230.591207][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.592732][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.594037][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40cdae5a9 [ 2230.595224][ C1] t5 : ffffffc40cdae5aa t6 : 0000000000000005 [ 2230.596147][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.597377][ C1] Call Trace: [ 2230.598436][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.599973][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.601292][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.602292][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.603318][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.604663][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.606156][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.607494][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.609211][ C1] [<ffffffe00000575e>] arch_cpu_idle+0x10/0x20 [ 2230.610302][ C1] irq event stamp: 422666 [ 2230.610974][ C1] hardirqs last enabled at (422665): [<ffffffe002a9a1f0>] default_idle_call+0x1e/0xbe [ 2230.612741][ C1] hardirqs last disabled at (422666): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.614127][ C1] softirqs last enabled at (422654): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.615350][ C1] softirqs last disabled at (422647): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.616558][ C1] ---[ end trace 81844a727c8d65af ]--- [ 2230.620362][ C1] ------------[ cut here ]------------ [ 2230.621135][ C1] WARNING: CPU: 1 PID: 0 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.622583][ C1] Modules linked in: [ 2230.624165][ C1] CPU: 1 PID: 0 Comm: swapper/1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.626351][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.627095][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.628540][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.630195][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe0057d3b50 [ 2230.631137][ C1] gp : ffffffe0045883c0 tp : ffffffe0057bdf00 t0 : 0000000000046000 [ 2230.632053][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe0057d3b90 [ 2230.632973][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.633920][ C1] a2 : 0000000000010001 a3 : ffffffe000f439d2 a4 : ffffffe0057bdf00 [ 2230.634857][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.635687][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2230.636630][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.637744][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.639119][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc40cdae5a9 [ 2230.640986][ C1] t5 : ffffffc40cdae5aa t6 : 0000000000000005 [ 2230.641783][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.642826][ C1] Call Trace: [ 2230.643414][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.644616][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.645586][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.646664][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.648499][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.650004][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.651260][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.652357][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.653291][ C1] [<ffffffe00000575e>] arch_cpu_idle+0x10/0x20 [ 2230.654319][ C1] irq event stamp: 422666 [ 2230.654931][ C1] hardirqs last enabled at (422665): [<ffffffe002a9a1f0>] default_idle_call+0x1e/0xbe [ 2230.655965][ C1] hardirqs last disabled at (422666): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.657149][ C1] softirqs last enabled at (422654): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.658998][ C1] softirqs last disabled at (422647): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.660977][ C1] ---[ end trace 81844a727c8d65b0 ]--- [ 2230.766347][ C1] ------------[ cut here ]------------ [ 2230.767892][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.769962][ C1] Modules linked in: [ 2230.771036][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.772683][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.773639][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.774881][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.776245][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3500 [ 2230.778367][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2230.780510][ C1] t1 : 0000000000000001 t2 : 00000000305ed37d s0 : ffffffe00a7c3540 [ 2230.781810][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.783089][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2230.785159][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.786502][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2230.788311][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.790413][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.791702][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f86fc [ 2230.793022][ C1] t5 : ffffffc4014f8701 t6 : ffffffe0261bc026 [ 2230.794096][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.795504][ C1] Call Trace: [ 2230.796425][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.798608][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.800816][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.802275][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.803720][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.805083][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.806445][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.808272][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.810048][ C1] [<ffffffe00037a430>] free_pages_and_swap_cache+0x62/0x252 [ 2230.811572][ C1] irq event stamp: 4260 [ 2230.812457][ C1] hardirqs last enabled at (4259): [<ffffffe00036cbcc>] free_unref_page_list+0x3ba/0x408 [ 2230.814100][ C1] hardirqs last disabled at (4260): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.816127][ C1] softirqs last enabled at (4162): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.818201][ C1] softirqs last disabled at (4147): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.820475][ C1] ---[ end trace 81844a727c8d65b1 ]--- [ 2230.826029][ C1] ------------[ cut here ]------------ [ 2230.827125][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.829803][ C1] Modules linked in: [ 2230.830918][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.832572][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.833545][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.834782][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.836051][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3500 [ 2230.837841][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2230.839779][ C1] t1 : 0000000000000001 t2 : 00000000305ed37d s0 : ffffffe00a7c3540 [ 2230.841100][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.842490][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2230.844314][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.846244][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2230.847551][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.849386][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.851353][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f86fc [ 2230.852820][ C1] t5 : ffffffc4014f8701 t6 : ffffffe0261bc026 [ 2230.853869][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.855098][ C1] Call Trace: [ 2230.855858][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.857369][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.859337][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.861457][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.863007][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.864583][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.865977][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.867417][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.869921][ C1] [<ffffffe00037a430>] free_pages_and_swap_cache+0x62/0x252 [ 2230.871472][ C1] irq event stamp: 4260 [ 2230.872318][ C1] hardirqs last enabled at (4259): [<ffffffe00036cbcc>] free_unref_page_list+0x3ba/0x408 [ 2230.874050][ C1] hardirqs last disabled at (4260): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.875742][ C1] softirqs last enabled at (4162): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.877489][ C1] softirqs last disabled at (4147): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.879652][ C1] ---[ end trace 81844a727c8d65b2 ]--- [ 2230.884553][ C1] ------------[ cut here ]------------ [ 2230.885688][ C1] WARNING: CPU: 1 PID: 4362 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2230.887594][ C1] Modules linked in: [ 2230.889003][ C1] CPU: 1 PID: 4362 Comm: syz-executor.1 Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2230.890607][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2230.891562][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2230.892939][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2230.894900][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00a7c3500 [ 2230.896201][ C1] gp : ffffffe0045883c0 tp : ffffffe029004740 t0 : 0000000000046000 [ 2230.897521][ C1] t1 : 0000000000000001 t2 : 00000000305ed37d s0 : ffffffe00a7c3540 [ 2230.899454][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2230.900706][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe029004740 [ 2230.902034][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2230.903577][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2230.904880][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2230.906089][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2230.907372][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : ffffffc4014f86fc [ 2230.909226][ C1] t5 : ffffffc4014f8701 t6 : ffffffe0261bc026 [ 2230.910975][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2230.912240][ C1] Call Trace: [ 2230.913022][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2230.914449][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2230.916288][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2230.917773][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2230.919788][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2230.921150][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2230.922480][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2230.923770][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2230.925129][ C1] [<ffffffe00037a430>] free_pages_and_swap_cache+0x62/0x252 [ 2230.926534][ C1] irq event stamp: 4260 [ 2230.927345][ C1] hardirqs last enabled at (4259): [<ffffffe00036cbcc>] free_unref_page_list+0x3ba/0x408 [ 2230.928884][ C1] hardirqs last disabled at (4260): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2230.930454][ C1] softirqs last enabled at (4162): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2230.932159][ C1] softirqs last disabled at (4147): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2230.933946][ C1] ---[ end trace 81844a727c8d65b3 ]--- [ 2231.040173][ C1] ------------[ cut here ]------------ [ 2231.041459][ C1] WARNING: CPU: 1 PID: 2848 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2231.043924][ C1] Modules linked in: [ 2231.045110][ C1] CPU: 1 PID: 2848 Comm: klogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2231.046660][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2231.047888][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2231.049644][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2231.050906][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00adab610 [ 2231.052127][ C1] gp : ffffffe0045883c0 tp : ffffffe00deedf00 t0 : 0000000000046000 [ 2231.053341][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00adab650 [ 2231.054519][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2231.055714][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deedf00 [ 2231.056942][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2231.058830][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000009 s4 : 0000000000fe4c00 [ 2231.060716][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2231.061984][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2231.063194][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000003 [ 2231.064457][ C1] t5 : ffffffc4021f0618 t6 : 3143200000000000 [ 2231.065507][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2231.066827][ C1] Call Trace: [ 2231.067748][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2231.069714][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2231.071084][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2231.072458][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2231.074053][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2231.075440][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2231.076787][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2231.078585][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2231.079945][ C1] [<ffffffe0003b2fd2>] __ksize+0x16/0x104 [ 2231.081165][ C1] irq event stamp: 574052 [ 2231.082027][ C1] hardirqs last enabled at (574051): [<ffffffe0000054fc>] skip_context_tracking+0x30/0x68 [ 2231.083990][ C1] hardirqs last disabled at (574052): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2231.085489][ C1] softirqs last enabled at (572622): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2231.087010][ C1] softirqs last disabled at (572613): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2231.089313][ C1] ---[ end trace 81844a727c8d65b4 ]--- [ 2231.094406][ C1] ------------[ cut here ]------------ [ 2231.095518][ C1] WARNING: CPU: 1 PID: 2848 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2231.097431][ C1] Modules linked in: [ 2231.098804][ C1] CPU: 1 PID: 2848 Comm: klogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2231.100362][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2231.101517][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2231.103260][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2231.104614][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00adab610 [ 2231.105784][ C1] gp : ffffffe0045883c0 tp : ffffffe00deedf00 t0 : 0000000000046000 [ 2231.107018][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00adab650 [ 2231.108517][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2231.109920][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deedf00 [ 2231.111587][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2231.112823][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000003 s4 : 0000000000fe4c00 [ 2231.113985][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2231.115243][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2231.116852][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000003 [ 2231.118482][ C1] t5 : ffffffc4021f0618 t6 : 3143200000000000 [ 2231.119917][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2231.121615][ C1] Call Trace: [ 2231.122518][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2231.123843][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2231.125192][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2231.126558][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2231.128330][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2231.130165][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2231.131545][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2231.132839][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2231.134102][ C1] [<ffffffe0003b2fd2>] __ksize+0x16/0x104 [ 2231.135656][ C1] irq event stamp: 574052 [ 2231.136639][ C1] hardirqs last enabled at (574051): [<ffffffe0000054fc>] skip_context_tracking+0x30/0x68 [ 2231.138887][ C1] hardirqs last disabled at (574052): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2231.140977][ C1] softirqs last enabled at (572622): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2231.142526][ C1] softirqs last disabled at (572613): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2231.143910][ C1] ---[ end trace 81844a727c8d65b5 ]--- [ 2231.148254][ C1] ------------[ cut here ]------------ [ 2231.149456][ C1] WARNING: CPU: 1 PID: 2848 at drivers/gpu/drm/vkms/vkms_crtc.c:21 vkms_vblank_simulate+0x23e/0x242 [ 2231.151165][ C1] Modules linked in: [ 2231.152173][ C1] CPU: 1 PID: 2848 Comm: klogd Tainted: G W 5.12.0-rc8-syzkaller-00011-g18a3c5f7abfd #0 [ 2231.153745][ C1] Hardware name: riscv-virtio,qemu (DT) [ 2231.154664][ C1] epc : vkms_vblank_simulate+0x23e/0x242 [ 2231.155889][ C1] ra : vkms_vblank_simulate+0x23e/0x242 [ 2231.157149][ C1] epc : ffffffe000f439d2 ra : ffffffe000f439d2 sp : ffffffe00adab610 [ 2231.158997][ C1] gp : ffffffe0045883c0 tp : ffffffe00deedf00 t0 : 0000000000046000 [ 2231.160754][ C1] t1 : 0000000000000001 t2 : 0000000000000008 s0 : ffffffe00adab650 [ 2231.162028][ C1] s1 : ffffffe006d7de58 a0 : 0000000000000000 a1 : 00000000000f0000 [ 2231.163231][ C1] a2 : 0000000000010000 a3 : ffffffe000f439d2 a4 : ffffffe00deedf00 [ 2231.164465][ C1] a5 : 0000000000000000 a6 : 0000000000f00000 a7 : ffffffe000f437ec [ 2231.165657][ C1] s2 : ffffffe006d7cd30 s3 : 0000000000000004 s4 : 0000000000fe4c00 [ 2231.166896][ C1] s5 : 0000000000001000 s6 : ffffffe066d651c8 s7 : 0000000000000000 [ 2231.168791][ C1] s8 : ffffffe066d65190 s9 : ffffffe006d7de90 s10: ffffffe066d65100 [ 2231.170400][ C1] s11: ffffffe000f43794 t3 : 0a6058cf64080300 t4 : 0000000000000003 [ 2231.171529][ C1] t5 : ffffffc4021f0618 t6 : 3143200000000000 [ 2231.172534][ C1] status: 0000000000000100 badaddr: 0000000000000000 cause: 0000000000000003 [ 2231.173682][ C1] Call Trace: [ 2231.174444][ C1] [<ffffffe000f439d2>] vkms_vblank_simulate+0x23e/0x242 [ 2231.175902][ C1] [<ffffffe0001217ee>] __hrtimer_run_queues+0x4aa/0x9ba [ 2231.177271][ C1] [<ffffffe0001224de>] hrtimer_interrupt+0x1e6/0x50a [ 2231.178661][ C1] [<ffffffe001da1aac>] riscv_timer_interrupt+0x5c/0x6a [ 2231.180177][ C1] [<ffffffe0000ef812>] handle_percpu_devid_irq+0x17e/0x2be [ 2231.182237][ C1] [<ffffffe0000e46fe>] __handle_domain_irq+0x13e/0x1ea [ 2231.183589][ C1] [<ffffffe000a93d8e>] riscv_intc_irq+0x82/0xcc [ 2231.184892][ C1] [<ffffffe000005586>] ret_from_exception+0x0/0x14 [ 2231.186098][ C1] [<ffffffe0003b2fd2>] __ksize+0x16/0x104 [ 2231.187311][ C1] irq event stamp: 574052 [ 2231.188491][ C1] hardirqs last enabled at (574051): [<ffffffe0000054fc>] skip_context_tracking+0x30/0x68 [ 2231.189983][ C1] hardirqs last disabled at (574052): [<ffffffe0000054bc>] _save_context+0x80/0x90 [ 2231.191430][ C1] softirqs last enabled at (572622): [<ffffffe002a9b578>] __do_softirq+0x5e0/0x8c4 [ 2231.192931][ C1] softirqs last disabled at (572613): [<ffffffe00003507e>] irq_exit+0x1a0/0x1b6 [ 2231.194693][ C1] ---[ end trace 81844a727c8d65b6 ]--- 00:37:10 executing program 1 (fault-call:2 fault-nth:93): r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:37:19 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x0) close(r1) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) ioctl$BTRFS_IOC_QGROUP_CREATE(r2, 0x4010942a, &(0x7f0000000000)={0x0, 0x3bb9}) 00:37:22 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000001) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) 00:37:34 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x173202, 0x0) ioctl$TCXONC(r0, 0x540f, 0xea007) r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000000)) fcntl$setlease(r1, 0x400, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETQUEUE(r2, 0x400454ca, &(0x7f0000000000)) ioctl$TUNSETTXFILTER(r2, 0x400454d0, 0xffffffffffffffff) r3 = accept(r1, &(0x7f0000000100)=@sco, &(0x7f0000000040)=0x80) fcntl$dupfd(r2, 0x406, r3) close(r1) 00:37:35 executing program 1: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4080, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}) sendfile(r2, r0, 0x0, 0x100000002) r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) dup3(r3, r1, 0x0) VM DIAGNOSIS: 06:32:56 Registers: info registers vcpu 0 pc ffffffe0000c9c58 mhartid 0000000000000000 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe0003bdef0 sepc ffffffe002a9a752 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe002a8f4ae x2/sp ffffffe0079570e0 x3/gp ffffffe0045883c0 x4/tp ffffffe0290017c0 x5/t0 0000000000046000 x6/t1 0000000000000001 x7/t2 00000000000f4240 x8/s0 ffffffe0079570f0 x9/s1 0000000000001000 x10/a0 0000000000000120 x11/a1 ffffffffffffffff x12/a2 1ffffffc052002f9 x13/a3 ffffffe000100944 x14/a4 0000000000010005 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffffe0000a2f6a x18/s2 ffffffe00458c228 x19/s3 ffffffe00432b2b8 x20/s4 000000000000b8eb x21/s5 ffffffe002e27840 x22/s6 ffffffffffffffff x23/s7 000000000200b4ce x24/s8 ffffffe0050495a8 x25/s9 0000000000000000 x26/s10 000000000000b67e x27/s11 0000000001ed98ce x28/t3 0a6058cf64080300 x29/t4 ffffffc400f2af2a x30/t5 ffffffc400f2af2f x31/t6 0000000000040000 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffe000c1c3ba mhartid 0000000000000001 mstatus 0000000000000180 mip 00000000000000a2 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffe00000542c mepc ffffffe000c1d33a sepc ffffffe000f439d2 mcause 8000000000000003 scause 0000000000000003 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffe000c1c3ba x2/sp ffffffe00a7c2790 x3/gp ffffffe0045883c0 x4/tp ffffffe029004740 x5/t0 ffffffe004ffdbb7 x6/t1 0000000000000001 x7/t2 0000000000000000 x8/s0 ffffffe00a7c27b0 x9/s1 ffffffe005230490 x10/a0 ffffffd00066e005 x11/a1 0000000000000007 x12/a2 1ffffffc00a4609b x13/a3 ffffffe000c1c3ba x14/a4 0000000000000000 x15/a5 ffffffe0052304d8 x16/a6 0000000000f00000 x17/a7 ffffffe000c26c12 x18/s2 0000000000000005 x19/s3 0000000000002710 x20/s4 ffffffe0052304e0 x21/s5 0000000000000020 x22/s6 ffffffe005230728 x23/s7 ffffffe0052304e8 x24/s8 0000000000000001 x25/s9 ffffffe00458c0d0 x26/s10 ffffffe005230718 x27/s11 ffffffe0052304e0 x28/t3 0a6058cf64080300 x29/t4 ffffffc4009ffb74 x30/t5 ffffffc4009ffb77 x31/t6 ffffffe004ffdbb7 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000