DUID 00:04:15:32:48:1d:3b:73:54:4f:46:a6:7d:b2:d0:ec:1f:b1
forked to background, child pid 3174
[ 27.437563][ T3175] 8021q: adding VLAN 0 to HW filter on device bond0
[ 27.455600][ T3175] eql: remember to turn off Van-Jacobson compression on your slave devices
Starting sshd: OK
syzkaller
Warning: Permanently added '10.128.10.6' (ECDSA) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
syzkaller login: [ 48.271243][ T3593] FAULT_INJECTION: forcing a failure.
[ 48.271243][ T3593] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 48.278182][ T3598] FAULT_INJECTION: forcing a failure.
[ 48.278182][ T3598] name failslab, interval 1, probability 0, space 0, times 1
[ 48.292681][ T3599] FAULT_INJECTION: forcing a failure.
[ 48.292681][ T3599] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 48.299637][ T3600] FAULT_INJECTION: forcing a failure.
executing program
[ 48.299637][ T3600] name failslab, interval 1, probability 0, space 0, times 1
[ 48.311540][ T3601] FAULT_INJECTION: forcing a failure.
[ 48.311540][ T3601] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 48.327277][ T3602] FAULT_INJECTION: forcing a failure.
[ 48.327277][ T3602] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 48.336892][ T3593] CPU: 1 PID: 3593 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 48.358740][ T3593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.368791][ T3593] Call Trace:
[ 48.372064][ T3593]
[ 48.374989][ T3593] dump_stack_lvl+0xcd/0x134
[ 48.379608][ T3593] should_fail.cold+0x5/0xa
[ 48.384114][ T3593] prepare_alloc_pages+0x17b/0x570
[ 48.389235][ T3593] __alloc_pages+0x12f/0x500
[ 48.393832][ T3593] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 48.400622][ T3593] alloc_pages_vma+0xf9/0x770
[ 48.405314][ T3593] wp_page_copy+0x1b7/0x2270
[ 48.409915][ T3593] ? do_page_mkwrite+0x550/0x550
[ 48.414856][ T3593] ? lock_downgrade+0x6e0/0x6e0
[ 48.419711][ T3593] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 48.425433][ T3593] ? vm_normal_page+0x146/0x2a0
[ 48.430301][ T3593] do_wp_page+0x2cb/0x1ae0
[ 48.434733][ T3593] __handle_mm_fault+0x1f31/0x5110
[ 48.439858][ T3593] ? vm_iomap_memory+0x190/0x190
[ 48.444817][ T3593] handle_mm_fault+0x1c8/0x790
[ 48.449592][ T3593] do_user_addr_fault+0x489/0x11c0
[ 48.454718][ T3593] exc_page_fault+0x9e/0x180
[ 48.459315][ T3593] ? asm_exc_page_fault+0x8/0x30
[ 48.464266][ T3593] asm_exc_page_fault+0x1e/0x30
[ 48.469115][ T3593] RIP: 0033:0x7f79f6d0df45
[ 48.473531][ T3593] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 48.493152][ T3593] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 48.499216][ T3593] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 48.507182][ T3593] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 48.515167][ T3593] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 48.523919][ T3593] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 48.531895][ T3593] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 48.539884][ T3593]
[ 48.543175][ T3598] CPU: 0 PID: 3598 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 48.551960][ T3598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.562015][ T3598] Call Trace:
[ 48.565291][ T3598]
[ 48.568222][ T3598] dump_stack_lvl+0xcd/0x134
[ 48.572828][ T3598] should_fail.cold+0x5/0xa
[ 48.577339][ T3598] ? kvmalloc_node+0x3e/0x100
[ 48.582025][ T3598] should_failslab+0x5/0x10
[ 48.586562][ T3598] __kmalloc_node+0x75/0x4a0
[ 48.591166][ T3598] kvmalloc_node+0x3e/0x100
[ 48.595685][ T3598] drm_gem_get_pages+0x14e/0x590
[ 48.600637][ T3598] ? lockdep_hardirqs_on_prepare+0x400/0x400
[ 48.606626][ T3598] ? drm_gem_shmem_get_pages+0x56/0x250
[ 48.612179][ T3598] ? drm_gem_object_lookup+0xc0/0xc0
[ 48.617473][ T3598] ? mutex_lock_io_nested+0x1150/0x1150
[ 48.623037][ T3598] ? find_held_lock+0x2d/0x110
[ 48.627825][ T3598] ? drm_vma_node_is_allowed+0xc4/0x100
[ 48.633388][ T3598] ? lock_downgrade+0x6e0/0x6e0
[ 48.638255][ T3598] drm_gem_shmem_get_pages+0xd6/0x250
[ 48.643640][ T3598] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 48.648862][ T3598] drm_gem_shmem_mmap+0x137/0x2e0
[ 48.653906][ T3598] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 48.659117][ T3598] drm_gem_mmap_obj+0x1b8/0x450
[ 48.663982][ T3598] drm_gem_mmap+0x419/0x770
[ 48.668584][ T3598] ? drm_gem_lock_reservations+0xe00/0xe00
[ 48.674406][ T3598] ? kmem_cache_alloc+0x35b/0x4b0
[ 48.679486][ T3598] mmap_region+0xba5/0x14a0
[ 48.684015][ T3598] ? vm_munmap+0x20/0x20
[ 48.688268][ T3598] ? cap_mmap_addr+0x50/0x300
[ 48.692955][ T3598] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 48.699212][ T3598] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 48.705490][ T3598] ? get_unmapped_area+0x2ae/0x3d0
[ 48.710873][ T3598] do_mmap+0x869/0xfb0
[ 48.714960][ T3598] vm_mmap_pgoff+0x1b7/0x290
[ 48.719571][ T3598] ? randomize_stack_top+0x100/0x100
[ 48.724873][ T3598] ? __fget_files+0x28c/0x470
[ 48.729569][ T3598] ksys_mmap_pgoff+0x40d/0x5a0
[ 48.734346][ T3598] do_syscall_64+0x35/0xb0
[ 48.738770][ T3598] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 48.744672][ T3598] RIP: 0033:0x7f79f6d497b9
[ 48.749095][ T3598] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 48.768707][ T3598] RSP: 002b:00007ffca2f21998 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 48.777125][ T3598] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f79f6d497b9
[ 48.785096][ T3598] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000
[ 48.793079][ T3598] RBP: 00007ffca2f219c0 R08: 0000000000000003 R09: 0000000100004000
[ 48.801064][ T3598] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000004
[ 48.809041][ T3598] R13: 0000000000000000 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 48.817039][ T3598]
[ 48.820121][ T3599] CPU: 1 PID: 3599 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 48.828900][ T3599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 48.838964][ T3599] Call Trace:
[ 48.842244][ T3599]
[ 48.845180][ T3599] dump_stack_lvl+0xcd/0x134
[ 48.849783][ T3599] should_fail.cold+0x5/0xa
[ 48.854301][ T3599] prepare_alloc_pages+0x17b/0x570
[ 48.859429][ T3599] __alloc_pages+0x12f/0x500
[ 48.864032][ T3599] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 48.870827][ T3599] alloc_pages_vma+0xf9/0x770
[ 48.875531][ T3599] wp_page_copy+0x1b7/0x2270
[ 48.880158][ T3599] ? do_page_mkwrite+0x550/0x550
[ 48.885112][ T3599] ? lock_downgrade+0x6e0/0x6e0
[ 48.889971][ T3599] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 48.895704][ T3599] ? vm_normal_page+0x146/0x2a0
[ 48.900575][ T3599] do_wp_page+0x2cb/0x1ae0
[ 48.905005][ T3599] __handle_mm_fault+0x1f31/0x5110
[ 48.910137][ T3599] ? vm_iomap_memory+0x190/0x190
[ 48.915115][ T3599] handle_mm_fault+0x1c8/0x790
[ 48.919907][ T3599] do_user_addr_fault+0x489/0x11c0
[ 48.925042][ T3599] exc_page_fault+0x9e/0x180
[ 48.929645][ T3599] ? asm_exc_page_fault+0x8/0x30
[ 48.934593][ T3599] asm_exc_page_fault+0x1e/0x30
[ 48.939452][ T3599] RIP: 0033:0x7f79f6d0df45
[ 48.943871][ T3599] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 48.963494][ T3599] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 48.969572][ T3599] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 48.977545][ T3599] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 48.985518][ T3599] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 48.993489][ T3599] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 49.001464][ T3599] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 49.009459][ T3599]
[ 49.013382][ T3601] CPU: 1 PID: 3601 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 49.022169][ T3601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.032224][ T3601] Call Trace:
[ 49.035505][ T3601]
[ 49.038437][ T3601] dump_stack_lvl+0xcd/0x134
[ 49.043037][ T3601] should_fail.cold+0x5/0xa
[ 49.047545][ T3601] prepare_alloc_pages+0x17b/0x570
[ 49.052666][ T3601] __alloc_pages+0x12f/0x500
[ 49.057262][ T3601] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 49.064046][ T3601] alloc_pages_vma+0xf9/0x770
[ 49.068732][ T3601] wp_page_copy+0x1b7/0x2270
[ 49.073331][ T3601] ? do_page_mkwrite+0x550/0x550
[ 49.078273][ T3601] ? lock_downgrade+0x6e0/0x6e0
[ 49.083126][ T3601] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 49.088848][ T3601] ? vm_normal_page+0x146/0x2a0
[ 49.093714][ T3601] do_wp_page+0x2cb/0x1ae0
[ 49.098137][ T3601] __handle_mm_fault+0x1f31/0x5110
[ 49.103345][ T3601] ? vm_iomap_memory+0x190/0x190
[ 49.108307][ T3601] handle_mm_fault+0x1c8/0x790
[ 49.113076][ T3601] do_user_addr_fault+0x489/0x11c0
[ 49.118198][ T3601] exc_page_fault+0x9e/0x180
[ 49.122795][ T3601] ? asm_exc_page_fault+0x8/0x30
[ 49.127732][ T3601] asm_exc_page_fault+0x1e/0x30
[ 49.132584][ T3601] RIP: 0033:0x7f79f6d0df45
[ 49.136998][ T3601] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 49.156605][ T3601] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 49.162669][ T3601] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 49.170636][ T3601] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 49.178605][ T3601] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 49.186572][ T3601] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 49.194559][ T3601] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 49.202542][ T3601]
[ 49.205969][ T3600] CPU: 1 PID: 3600 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 49.214745][ T3600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.224798][ T3600] Call Trace:
[ 49.228075][ T3600]
[ 49.231005][ T3600] dump_stack_lvl+0xcd/0x134
[ 49.235617][ T3600] should_fail.cold+0x5/0xa
[ 49.240129][ T3600] ? vm_area_alloc+0x1c/0x110
[ 49.244810][ T3600] should_failslab+0x5/0x10
[ 49.249320][ T3600] kmem_cache_alloc+0x5e/0x4b0
[ 49.254101][ T3600] vm_area_alloc+0x1c/0x110
[ 49.258613][ T3600] mmap_region+0x96e/0x14a0
[ 49.263128][ T3600] ? vm_munmap+0x20/0x20
[ 49.267376][ T3600] ? cap_mmap_addr+0x50/0x300
[ 49.272067][ T3600] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 49.278321][ T3600] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 49.284591][ T3600] ? get_unmapped_area+0x2ae/0x3d0
[ 49.289712][ T3600] do_mmap+0x869/0xfb0
[ 49.293795][ T3600] vm_mmap_pgoff+0x1b7/0x290
[ 49.298406][ T3600] ? randomize_stack_top+0x100/0x100
[ 49.303702][ T3600] ? __fget_files+0x28c/0x470
[ 49.308401][ T3600] ksys_mmap_pgoff+0x40d/0x5a0
[ 49.313177][ T3600] do_syscall_64+0x35/0xb0
[ 49.317600][ T3600] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.323501][ T3600] RIP: 0033:0x7f79f6d497b9
[ 49.327917][ T3600] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 49.347530][ T3600] RSP: 002b:00007ffca2f21998 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 49.355953][ T3600] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f79f6d497b9
[ 49.363963][ T3600] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000
[ 49.371939][ T3600] RBP: 00007ffca2f219c0 R08: 0000000000000003 R09: 0000000100004000
[ 49.379928][ T3600] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000004
[ 49.387907][ T3600] R13: 0000000000000000 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 49.395900][ T3600]
[ 49.398980][ T3602] CPU: 0 PID: 3602 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 49.403861][ T3593] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 49.407756][ T3602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.407772][ T3602] Call Trace:
[ 49.407780][ T3602]
[ 49.407790][ T3602] dump_stack_lvl+0xcd/0x134
[ 49.407825][ T3602] should_fail.cold+0x5/0xa
[ 49.407853][ T3602] prepare_alloc_pages+0x17b/0x570
[ 49.422545][ T3598] ==================================================================
[ 49.425358][ T3602] __alloc_pages+0x12f/0x500
[ 49.428709][ T3598] BUG: KASAN: use-after-free in drm_gem_object_release_handle+0xf2/0x110
[ 49.431725][ T3602] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 49.436294][ T3598] Read of size 8 at addr ffff88801c86da28 by task syz-executor195/3598
[ 49.440798][ T3602] alloc_pages_vma+0xf9/0x770
[ 49.445869][ T3598]
[ 49.488814][ T3602] wp_page_copy+0x1b7/0x2270
[ 49.493424][ T3602] ? do_page_mkwrite+0x550/0x550
[ 49.498377][ T3602] ? lock_downgrade+0x6e0/0x6e0
[ 49.503239][ T3602] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 49.508967][ T3602] ? vm_normal_page+0x146/0x2a0
[ 49.513837][ T3602] do_wp_page+0x2cb/0x1ae0
[ 49.518270][ T3602] __handle_mm_fault+0x1f31/0x5110
[ 49.523404][ T3602] ? vm_iomap_memory+0x190/0x190
[ 49.528372][ T3602] handle_mm_fault+0x1c8/0x790
[ 49.533154][ T3602] do_user_addr_fault+0x489/0x11c0
[ 49.538279][ T3602] exc_page_fault+0x9e/0x180
[ 49.542924][ T3602] ? asm_exc_page_fault+0x8/0x30
[ 49.548057][ T3602] asm_exc_page_fault+0x1e/0x30
[ 49.552932][ T3602] RIP: 0033:0x7f79f6d0df45
[ 49.557372][ T3602] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 49.576998][ T3602] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 49.583078][ T3602] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 49.591068][ T3602] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 49.599047][ T3602] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 49.607019][ T3602] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 49.614996][ T3602] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 49.622990][ T3602]
[ 49.626007][ T3598] CPU: 1 PID: 3598 Comm: syz-executor195 Not tainted 5.17.0-rc6-syzkaller #0
[ 49.634778][ T3598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 49.644831][ T3598] Call Trace:
[ 49.648114][ T3598]
[ 49.651044][ T3598] dump_stack_lvl+0xcd/0x134
[ 49.655644][ T3598] print_address_description.constprop.0.cold+0x8d/0x336
[ 49.662679][ T3598] ? drm_gem_object_release_handle+0xf2/0x110
[ 49.668748][ T3598] ? drm_gem_object_release_handle+0xf2/0x110
[ 49.674815][ T3598] kasan_report.cold+0x83/0xdf
[ 49.679588][ T3598] ? drm_gem_object_release_handle+0xf2/0x110
[ 49.685680][ T3598] ? drm_gem_object_handle_put_unlocked+0x390/0x390
[ 49.692272][ T3598] drm_gem_object_release_handle+0xf2/0x110
[ 49.698168][ T3598] ? drm_gem_object_handle_put_unlocked+0x390/0x390
[ 49.704762][ T3598] idr_for_each+0x113/0x220
[ 49.709276][ T3598] ? idr_find+0x50/0x50
[ 49.713443][ T3598] drm_gem_release+0x22/0x30
[ 49.718037][ T3598] drm_file_free.part.0+0x805/0xb80
[ 49.723267][ T3598] ? fsnotify+0x13d0/0x13d0
[ 49.727778][ T3598] drm_close_helper.isra.0+0x17d/0x1f0
[ 49.733245][ T3598] drm_release+0x1e6/0x530
[ 49.737665][ T3598] __fput+0x286/0x9f0
[ 49.741653][ T3598] ? drm_release_noglobal+0x180/0x180
[ 49.747055][ T3598] task_work_run+0xdd/0x1a0
[ 49.751566][ T3598] do_exit+0xb29/0x2a30
[ 49.755729][ T3598] ? lock_downgrade+0x6e0/0x6e0
[ 49.760590][ T3598] ? mm_update_next_owner+0x7a0/0x7a0
[ 49.765980][ T3598] do_group_exit+0xd2/0x2f0
[ 49.770493][ T3598] __x64_sys_exit_group+0x3a/0x50
[ 49.775522][ T3598] do_syscall_64+0x35/0xb0
[ 49.779945][ T3598] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.785863][ T3598] RIP: 0033:0x7f79f6d48449
[ 49.790276][ T3598] Code: Unable to access opcode bytes at RIP 0x7f79f6d4841f.
[ 49.797635][ T3598] RSP: 002b:00007ffca2f21948 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 49.806047][ T3598] RAX: ffffffffffffffda RBX: 00007f79f6dbc3f0 RCX: 00007f79f6d48449
[ 49.814036][ T3598] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 49.822003][ T3598] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000100004000
[ 49.829973][ T3598] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f79f6dbc3f0
[ 49.837942][ T3598] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 49.845925][ T3598]
[ 49.848941][ T3598]
[ 49.851258][ T3598] Allocated by task 3598:
[ 49.855575][ T3598] kasan_save_stack+0x1e/0x40
[ 49.860281][ T3598] __kasan_kmalloc+0xa9/0xd0
[ 49.864873][ T3598] vgem_gem_create_object+0x38/0xb0
[ 49.870074][ T3598] __drm_gem_shmem_create+0x80/0x480
[ 49.875384][ T3598] drm_gem_shmem_dumb_create+0x13c/0x380
[ 49.881065][ T3598] drm_mode_create_dumb+0x26c/0x2f0
[ 49.886268][ T3598] drm_ioctl_kernel+0x27d/0x4e0
[ 49.891117][ T3598] drm_ioctl+0x51e/0x9d0
[ 49.895368][ T3598] __x64_sys_ioctl+0x193/0x200
[ 49.900133][ T3598] do_syscall_64+0x35/0xb0
[ 49.904549][ T3598] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.910444][ T3598]
[ 49.912764][ T3598] Freed by task 3598:
[ 49.916736][ T3598] kasan_save_stack+0x1e/0x40
[ 49.921414][ T3598] kasan_set_track+0x21/0x30
[ 49.926004][ T3598] kasan_set_free_info+0x20/0x30
[ 49.931034][ T3598] ____kasan_slab_free+0x126/0x160
[ 49.936151][ T3598] slab_free_freelist_hook+0x8b/0x1c0
[ 49.941526][ T3598] kfree+0xd0/0x390
[ 49.945333][ T3598] drm_gem_mmap+0x4fc/0x770
[ 49.949841][ T3598] mmap_region+0xba5/0x14a0
[ 49.954344][ T3598] do_mmap+0x869/0xfb0
[ 49.958411][ T3598] vm_mmap_pgoff+0x1b7/0x290
[ 49.963008][ T3598] ksys_mmap_pgoff+0x40d/0x5a0
[ 49.967768][ T3598] do_syscall_64+0x35/0xb0
[ 49.972184][ T3598] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 49.978081][ T3598]
[ 49.980407][ T3598] The buggy address belongs to the object at ffff88801c86d800
[ 49.980407][ T3598] which belongs to the cache kmalloc-1k of size 1024
[ 49.994455][ T3598] The buggy address is located 552 bytes inside of
[ 49.994455][ T3598] 1024-byte region [ffff88801c86d800, ffff88801c86dc00)
[ 50.007813][ T3598] The buggy address belongs to the page:
[ 50.013440][ T3598] page:ffffea0000721a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1c868
[ 50.023591][ T3598] head:ffffea0000721a00 order:3 compound_mapcount:0 compound_pincount:0
[ 50.031909][ T3598] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[ 50.039891][ T3598] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888010c41dc0
[ 50.048477][ T3598] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[ 50.057051][ T3598] page dumped because: kasan: bad access detected
[ 50.063453][ T3598] page_owner tracks the page as allocated
[ 50.069156][ T3598] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3590, ts 48254505898, free_ts 48178633447
[ 50.087474][ T3598] get_page_from_freelist+0xa72/0x2f50
[ 50.092939][ T3598] __alloc_pages+0x1b2/0x500
[ 50.097530][ T3598] alloc_pages+0x1aa/0x310
[ 50.101967][ T3598] allocate_slab+0x27f/0x3c0
[ 50.106571][ T3598] ___slab_alloc+0xbe1/0x12b0
[ 50.111266][ T3598] __slab_alloc.constprop.0+0x4d/0xa0
[ 50.116643][ T3598] __kmalloc+0x372/0x450
[ 50.120885][ T3598] tomoyo_init_log+0x126e/0x1ee0
[ 50.125830][ T3598] tomoyo_supervisor+0x34d/0xf00
[ 50.130775][ T3598] tomoyo_env_perm+0x17f/0x1f0
[ 50.135554][ T3598] tomoyo_find_next_domain+0x13ce/0x1f80
[ 50.141203][ T3598] tomoyo_bprm_check_security+0x121/0x1a0
[ 50.146931][ T3598] security_bprm_check+0x45/0xa0
[ 50.151873][ T3598] bprm_execve+0x732/0x19b0
[ 50.156386][ T3598] do_execveat_common+0x5e3/0x780
[ 50.161413][ T3598] __x64_sys_execve+0x8f/0xc0
[ 50.166371][ T3598] page last free stack trace:
[ 50.171032][ T3598] free_pcp_prepare+0x374/0x870
[ 50.175883][ T3598] free_unref_page+0x19/0x690
[ 50.180557][ T3598] __unfreeze_partials+0x320/0x340
[ 50.185671][ T3598] qlist_free_all+0x6d/0x160
[ 50.190260][ T3598] kasan_quarantine_reduce+0x180/0x200
[ 50.195728][ T3598] __kasan_slab_alloc+0xa2/0xc0
[ 50.200599][ T3598] kmem_cache_alloc+0x271/0x4b0
[ 50.205464][ T3598] getname_flags.part.0+0x50/0x4f0
[ 50.210580][ T3598] getname_flags+0x9a/0xe0
[ 50.214997][ T3598] user_path_at_empty+0x2b/0x60
[ 50.219848][ T3598] vfs_statx+0x142/0x390
[ 50.224090][ T3598] __do_sys_newfstatat+0x96/0x120
[ 50.229122][ T3598] do_syscall_64+0x35/0xb0
[ 50.233541][ T3598] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 50.239433][ T3598]
[ 50.241753][ T3598] Memory state around the buggy address:
[ 50.247395][ T3598] ffff88801c86d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.255478][ T3598] ffff88801c86d980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.263575][ T3598] >ffff88801c86da00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.271650][ T3598] ^
executing program
[ 50.277019][ T3598] ffff88801c86da80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.285077][ T3598] ffff88801c86db00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 50.293131][ T3598] ==================================================================
[ 50.301191][ T3598] Disabling lock debugging due to kernel taint
[ 50.307604][ T3601] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 50.315150][ T3599] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 50.320639][ T3603] FAULT_INJECTION: forcing a failure.
executing program
executing program
[ 50.320639][ T3603] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 50.324896][ T3602] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 50.338080][ T3603] CPU: 1 PID: 3603 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 50.346615][ T3605] FAULT_INJECTION: forcing a failure.
[ 50.346615][ T3605] name failslab, interval 1, probability 0, space 0, times 0
[ 50.353524][ T3603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.353537][ T3603] Call Trace:
[ 50.353543][ T3603]
[ 50.353550][ T3603] dump_stack_lvl+0xcd/0x134
[ 50.353578][ T3603] should_fail.cold+0x5/0xa
[ 50.367674][ T3604] FAULT_INJECTION: forcing a failure.
[ 50.367674][ T3604] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 50.376190][ T3603] prepare_alloc_pages+0x17b/0x570
[ 50.376219][ T3603] ? unmap_single_vma+0x198/0x310
[ 50.376244][ T3603] __alloc_pages+0x12f/0x500
[ 50.419365][ T3603] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 50.426144][ T3603] ? lock_release+0x522/0x720
[ 50.430830][ T3603] ? debug_check_no_obj_freed+0x20c/0x420
[ 50.436556][ T3603] ? tlb_finish_mmu+0x290/0x8c0
[ 50.441410][ T3603] alloc_pages_vma+0xf9/0x770
[ 50.446105][ T3603] wp_page_copy+0x1b7/0x2270
[ 50.450701][ T3603] ? rcu_read_lock_sched_held+0xd/0x70
[ 50.456164][ T3603] ? lock_release+0x522/0x720
[ 50.460852][ T3603] ? do_page_mkwrite+0x550/0x550
[ 50.465805][ T3603] ? lock_downgrade+0x6e0/0x6e0
[ 50.470672][ T3603] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 50.476400][ T3603] ? vm_normal_page+0x146/0x2a0
[ 50.481253][ T3603] ? __pte_alloc_kernel+0x110/0x110
[ 50.486461][ T3603] do_wp_page+0x2cb/0x1ae0
[ 50.490888][ T3603] __handle_mm_fault+0x1f31/0x5110
[ 50.496008][ T3603] ? vm_iomap_memory+0x190/0x190
[ 50.500948][ T3603] ? lock_release+0x720/0x720
[ 50.505641][ T3603] handle_mm_fault+0x1c8/0x790
[ 50.510421][ T3603] do_user_addr_fault+0x489/0x11c0
[ 50.515538][ T3603] exc_page_fault+0x9e/0x180
[ 50.520131][ T3603] ? asm_exc_page_fault+0x8/0x30
[ 50.525075][ T3603] asm_exc_page_fault+0x1e/0x30
[ 50.529938][ T3603] RIP: 0033:0x7f79f6d0df45
[ 50.534357][ T3603] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 50.553967][ T3603] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 50.560035][ T3603] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 50.568010][ T3603] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 50.575984][ T3603] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 50.583962][ T3603] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 50.591939][ T3603] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 50.599927][ T3603]
[ 50.602952][ T3605] CPU: 0 PID: 3605 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 50.606164][ T3606] FAULT_INJECTION: forcing a failure.
[ 50.606164][ T3606] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 50.613112][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.613126][ T3605] Call Trace:
[ 50.613132][ T3605]
[ 50.613139][ T3605] dump_stack_lvl+0xcd/0x134
[ 50.613168][ T3605] should_fail.cold+0x5/0xa
[ 50.628303][ T3607] FAULT_INJECTION: forcing a failure.
[ 50.628303][ T3607] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 50.636393][ T3605] ? kvmalloc_node+0x3e/0x100
[ 50.636427][ T3605] should_failslab+0x5/0x10
[ 50.636454][ T3605] __kmalloc_node+0x75/0x4a0
[ 50.678565][ T3605] kvmalloc_node+0x3e/0x100
[ 50.683081][ T3605] drm_gem_get_pages+0x14e/0x590
[ 50.688022][ T3605] ? kmem_cache_alloc+0x271/0x4b0
[ 50.693056][ T3605] ? mmap_region+0x96e/0x14a0
[ 50.697734][ T3605] ? drm_gem_shmem_get_pages+0x56/0x250
[ 50.703290][ T3605] ? drm_gem_object_lookup+0xc0/0xc0
[ 50.708579][ T3605] ? mutex_lock_io_nested+0x1150/0x1150
[ 50.714128][ T3605] ? rcu_read_lock_sched_held+0xd/0x70
[ 50.719591][ T3605] ? lock_acquire+0x442/0x510
[ 50.724273][ T3605] ? rcu_read_lock_sched_held+0xd/0x70
[ 50.729736][ T3605] ? lock_release+0x522/0x720
[ 50.734417][ T3605] ? drm_vma_node_is_allowed+0xc4/0x100
[ 50.739963][ T3605] ? lock_downgrade+0x6e0/0x6e0
[ 50.744840][ T3605] ? lock_release+0x522/0x720
[ 50.749566][ T3605] ? drm_dev_exit+0x1b/0x50
[ 50.754072][ T3605] drm_gem_shmem_get_pages+0xd6/0x250
[ 50.759448][ T3605] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 50.764734][ T3605] drm_gem_shmem_mmap+0x137/0x2e0
[ 50.769773][ T3605] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 50.774975][ T3605] drm_gem_mmap_obj+0x1b8/0x450
[ 50.779832][ T3605] drm_gem_mmap+0x419/0x770
[ 50.784337][ T3605] ? drm_gem_lock_reservations+0xe00/0xe00
[ 50.790140][ T3605] ? kmem_cache_alloc+0x35b/0x4b0
[ 50.795258][ T3605] mmap_region+0xba5/0x14a0
[ 50.799767][ T3605] ? vm_munmap+0x20/0x20
[ 50.804012][ T3605] ? rcu_read_lock_sched_held+0xd/0x70
[ 50.809488][ T3605] ? cap_mmap_addr+0x50/0x300
[ 50.814167][ T3605] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 50.820434][ T3605] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 50.826684][ T3605] ? get_unmapped_area+0x2ae/0x3d0
[ 50.831798][ T3605] do_mmap+0x869/0xfb0
[ 50.835870][ T3605] vm_mmap_pgoff+0x1b7/0x290
[ 50.840464][ T3605] ? randomize_stack_top+0x100/0x100
[ 50.845750][ T3605] ? __fget_files+0x28c/0x470
[ 50.850433][ T3605] ksys_mmap_pgoff+0x40d/0x5a0
[ 50.855196][ T3605] ? syscall_enter_from_user_mode+0x21/0x70
[ 50.861098][ T3605] ? trace_hardirqs_on+0x5b/0x1c0
[ 50.866128][ T3605] do_syscall_64+0x35/0xb0
[ 50.870544][ T3605] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 50.876435][ T3605] RIP: 0033:0x7f79f6d497b9
[ 50.880873][ T3605] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 50.900519][ T3605] RSP: 002b:00007ffca2f21998 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 50.908930][ T3605] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f79f6d497b9
[ 50.917004][ T3605] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000
[ 50.924969][ T3605] RBP: 00007ffca2f219c0 R08: 0000000000000003 R09: 0000000100004000
executing program
executing program
[ 50.932958][ T3605] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000004
[ 50.940946][ T3605] R13: 00007ffca2f219bc R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 50.948923][ T3605]
[ 50.951966][ T3607] CPU: 1 PID: 3607 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 50.962307][ T3607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 50.972357][ T3607] Call Trace:
[ 50.975626][ T3607]
[ 50.978554][ T3607] dump_stack_lvl+0xcd/0x134
[ 50.983147][ T3607] should_fail.cold+0x5/0xa
[ 50.988096][ T3607] prepare_alloc_pages+0x17b/0x570
[ 50.993301][ T3607] ? unmap_single_vma+0x198/0x310
[ 50.998329][ T3607] __alloc_pages+0x12f/0x500
[ 51.002922][ T3607] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 51.009689][ T3607] ? lock_release+0x522/0x720
[ 51.014372][ T3607] ? debug_check_no_obj_freed+0x20c/0x420
[ 51.020096][ T3607] ? tlb_finish_mmu+0x290/0x8c0
[ 51.025038][ T3607] alloc_pages_vma+0xf9/0x770
[ 51.029723][ T3607] wp_page_copy+0x1b7/0x2270
[ 51.034321][ T3607] ? rcu_read_lock_sched_held+0xd/0x70
[ 51.039782][ T3607] ? lock_release+0x522/0x720
[ 51.044460][ T3607] ? do_page_mkwrite+0x550/0x550
[ 51.049403][ T3607] ? lock_downgrade+0x6e0/0x6e0
[ 51.054257][ T3607] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 51.059979][ T3607] ? vm_normal_page+0x146/0x2a0
[ 51.064831][ T3607] ? __pte_alloc_kernel+0x110/0x110
[ 51.070034][ T3607] do_wp_page+0x2cb/0x1ae0
[ 51.074454][ T3607] __handle_mm_fault+0x1f31/0x5110
[ 51.079573][ T3607] ? vm_iomap_memory+0x190/0x190
[ 51.084513][ T3607] ? lock_release+0x720/0x720
[ 51.089202][ T3607] handle_mm_fault+0x1c8/0x790
[ 51.094072][ T3607] do_user_addr_fault+0x489/0x11c0
[ 51.099193][ T3607] exc_page_fault+0x9e/0x180
[ 51.103824][ T3607] ? asm_exc_page_fault+0x8/0x30
[ 51.108796][ T3607] asm_exc_page_fault+0x1e/0x30
[ 51.113646][ T3607] RIP: 0033:0x7f79f6d0df45
[ 51.118057][ T3607] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 51.137660][ T3607] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 51.143727][ T3607] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 51.151702][ T3607] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 51.159676][ T3607] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 51.167648][ T3607] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 51.175616][ T3607] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 51.183594][ T3607]
[ 51.186611][ T3604] CPU: 0 PID: 3604 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 51.196779][ T3604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.204596][ T3603] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 51.206835][ T3604] Call Trace:
[ 51.206843][ T3604]
[ 51.206851][ T3604] dump_stack_lvl+0xcd/0x134
[ 51.225064][ T3604] should_fail.cold+0x5/0xa
[ 51.229580][ T3604] prepare_alloc_pages+0x17b/0x570
[ 51.234705][ T3604] ? unmap_single_vma+0x198/0x310
[ 51.235723][ T3608] FAULT_INJECTION: forcing a failure.
[ 51.235723][ T3608] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 51.239748][ T3604] __alloc_pages+0x12f/0x500
[ 51.239784][ T3604] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 51.264285][ T3604] ? lock_release+0x522/0x720
[ 51.268968][ T3604] ? debug_check_no_obj_freed+0x20c/0x420
[ 51.274700][ T3604] ? tlb_finish_mmu+0x290/0x8c0
[ 51.279572][ T3604] alloc_pages_vma+0xf9/0x770
[ 51.284267][ T3604] wp_page_copy+0x1b7/0x2270
[ 51.288950][ T3604] ? rcu_read_lock_sched_held+0xd/0x70
[ 51.294413][ T3604] ? lock_release+0x522/0x720
[ 51.299095][ T3604] ? do_page_mkwrite+0x550/0x550
[ 51.304035][ T3604] ? lock_downgrade+0x6e0/0x6e0
[ 51.308885][ T3604] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 51.314609][ T3604] ? vm_normal_page+0x146/0x2a0
[ 51.319460][ T3604] ? __pte_alloc_kernel+0x110/0x110
[ 51.324665][ T3604] do_wp_page+0x2cb/0x1ae0
[ 51.329093][ T3604] __handle_mm_fault+0x1f31/0x5110
[ 51.334214][ T3604] ? vm_iomap_memory+0x190/0x190
[ 51.339168][ T3604] ? lock_release+0x720/0x720
[ 51.343874][ T3604] handle_mm_fault+0x1c8/0x790
[ 51.348655][ T3604] do_user_addr_fault+0x489/0x11c0
[ 51.353782][ T3604] exc_page_fault+0x9e/0x180
[ 51.358381][ T3604] ? asm_exc_page_fault+0x8/0x30
[ 51.363332][ T3604] asm_exc_page_fault+0x1e/0x30
[ 51.368194][ T3604] RIP: 0033:0x7f79f6d0df45
[ 51.372618][ T3604] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 51.392234][ T3604] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 51.398308][ T3604] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 51.406283][ T3604] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 51.414262][ T3604] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 51.422236][ T3604] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
executing program
[ 51.430214][ T3604] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 51.438316][ T3604]
[ 51.441337][ T3606] CPU: 1 PID: 3606 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 51.451500][ T3606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.461552][ T3606] Call Trace:
[ 51.464829][ T3606]
[ 51.467757][ T3606] dump_stack_lvl+0xcd/0x134
[ 51.472376][ T3606] should_fail.cold+0x5/0xa
[ 51.476880][ T3606] prepare_alloc_pages+0x17b/0x570
[ 51.482011][ T3606] ? unmap_single_vma+0x198/0x310
[ 51.487058][ T3606] __alloc_pages+0x12f/0x500
[ 51.491647][ T3606] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 51.498434][ T3606] ? lock_release+0x522/0x720
[ 51.503111][ T3606] ? debug_check_no_obj_freed+0x20c/0x420
[ 51.508834][ T3606] ? tlb_finish_mmu+0x290/0x8c0
[ 51.513683][ T3606] alloc_pages_vma+0xf9/0x770
[ 51.518362][ T3606] wp_page_copy+0x1b7/0x2270
[ 51.522950][ T3606] ? rcu_read_lock_sched_held+0xd/0x70
[ 51.528411][ T3606] ? lock_release+0x522/0x720
[ 51.533097][ T3606] ? do_page_mkwrite+0x550/0x550
[ 51.538050][ T3606] ? lock_downgrade+0x6e0/0x6e0
[ 51.542909][ T3606] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 51.548634][ T3606] ? vm_normal_page+0x146/0x2a0
[ 51.553487][ T3606] ? __pte_alloc_kernel+0x110/0x110
[ 51.558689][ T3606] do_wp_page+0x2cb/0x1ae0
[ 51.563123][ T3606] __handle_mm_fault+0x1f31/0x5110
[ 51.568238][ T3606] ? vm_iomap_memory+0x190/0x190
[ 51.573177][ T3606] ? lock_release+0x720/0x720
[ 51.577859][ T3606] handle_mm_fault+0x1c8/0x790
[ 51.582623][ T3606] do_user_addr_fault+0x489/0x11c0
[ 51.587739][ T3606] exc_page_fault+0x9e/0x180
[ 51.592329][ T3606] ? asm_exc_page_fault+0x8/0x30
[ 51.597275][ T3606] asm_exc_page_fault+0x1e/0x30
[ 51.602140][ T3606] RIP: 0033:0x7f79f6d0df45
[ 51.606554][ T3606] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 51.626165][ T3606] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 51.632230][ T3606] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 51.640198][ T3606] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 51.648184][ T3606] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 51.656149][ T3606] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 51.664113][ T3606] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 51.672097][ T3606]
[ 51.676202][ T3605] general protection fault, probably for non-canonical address 0xff23fc274000034f: 0000 [#1] PREEMPT SMP KASAN
[ 51.680379][ T3608] CPU: 1 PID: 3608 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 51.687936][ T3605] KASAN: maybe wild-memory-access in range [0xf920013a00001a78-0xf920013a00001a7f]
[ 51.698075][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.707344][ T3605] CPU: 0 PID: 3605 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 51.717383][ T3608] Call Trace:
[ 51.717395][ T3608]
[ 51.727507][ T3605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 51.730776][ T3608] dump_stack_lvl+0xcd/0x134
[ 51.733691][ T3605] RIP: 0010:__mutex_lock+0xec/0x12f0
[ 51.743730][ T3608] should_fail.cold+0x5/0xa
[ 51.748298][ T3605] Code: d0 7c 08 84 d2 0f 85 65 0f 00 00 8b 15 ed 60 03 07 85 d2 75 29 48 8d 7d 60 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 5e 0f 00 00 48 3b 6d 60 0f 85 90 08 00 00 bf 01
[ 51.753562][ T3608] prepare_alloc_pages+0x17b/0x570
[ 51.758041][ T3605] RSP: 0018:ffffc900027ef9c8 EFLAGS: 00010a03
[ 51.777626][ T3608] ? unmap_single_vma+0x198/0x310
[ 51.782715][ T3605]
[ 51.782721][ T3605] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000000000
[ 51.788762][ T3608] __alloc_pages+0x12f/0x500
[ 51.793782][ T3605] RDX: 1f2400274000034f RSI: 00000000ffffffff RDI: f920013a00001a7d
[ 51.796096][ T3608] ? __alloc_pages_slowpath.constprop.0+0x20d0/0x20d0
[ 51.804047][ T3605] RBP: f920013a00001a1d R08: ffffffff8456e3f0 R09: ffffffff8d9423d7
[ 51.808618][ T3608] ? lock_release+0x522/0x720
[ 51.816579][ T3605] R10: ffffffff8456e3d1 R11: 0000000000000000 R12: 0000000000000000
[ 51.823322][ T3608] ? debug_check_no_obj_freed+0x20c/0x420
[ 51.831293][ T3605] R13: dffffc0000000000 R14: 00000000ffff8880 R15: ffff888076acf004
[ 51.835950][ T3608] ? tlb_finish_mmu+0x290/0x8c0
[ 51.843899][ T3605] FS: 0000000000000000(0000) GS:ffff8880b9c00000(0000) knlGS:0000000000000000
[ 51.849599][ T3608] alloc_pages_vma+0xf9/0x770
[ 51.857549][ T3605] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 51.862377][ T3608] wp_page_copy+0x1b7/0x2270
[ 51.871294][ T3605] CR2: 00007f79f6dbd290 CR3: 000000000b88e000 CR4: 00000000003506f0
[ 51.875951][ T3608] ? rcu_read_lock_sched_held+0xd/0x70
[ 51.882516][ T3605] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 51.887085][ T3608] ? lock_release+0x522/0x720
[ 51.895059][ T3605] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 51.900497][ T3608] ? do_page_mkwrite+0x550/0x550
[ 51.908449][ T3605] Call Trace:
[ 51.908456][ T3605]
[ 51.913102][ T3608] ? lock_downgrade+0x6e0/0x6e0
[ 51.921059][ T3605] ? _raw_spin_unlock_irqrestore+0x3d/0x70
[ 51.925976][ T3608] ? __sanitizer_cov_trace_cmp8+0x1d/0x70
[ 51.929243][ T3605] ? debug_check_no_obj_freed+0x20c/0x420
[ 51.932160][ T3608] ? vm_normal_page+0x146/0x2a0
[ 51.936986][ T3605] ? drm_gem_object_handle_put_unlocked+0x90/0x390
[ 51.942768][ T3608] ? __pte_alloc_kernel+0x110/0x110
[ 51.948466][ T3605] ? __sanitizer_cov_trace_const_cmp1+0x22/0x80
[ 51.954169][ T3608] do_wp_page+0x2cb/0x1ae0
[ 51.958997][ T3605] ? kasan_quarantine_put+0xf5/0x210
[ 51.965483][ T3608] __handle_mm_fault+0x1f31/0x5110
[ 51.970654][ T3605] ? mutex_lock_io_nested+0x1150/0x1150
[ 51.976877][ T3608] ? vm_iomap_memory+0x190/0x190
[ 51.981269][ T3605] ? rcu_read_lock_sched_held+0xd/0x70
[ 51.986529][ T3608] ? lock_release+0x720/0x720
[ 51.991615][ T3605] ? lock_release+0x522/0x720
[ 51.997152][ T3608] handle_mm_fault+0x1c8/0x790
[ 52.002058][ T3605] ? drm_gem_object_release_handle+0xdb/0x110
[ 52.007497][ T3608] do_user_addr_fault+0x489/0x11c0
[ 52.012153][ T3605] ? lock_downgrade+0x6e0/0x6e0
[ 52.016833][ T3608] exc_page_fault+0x9e/0x180
[ 52.021577][ T3605] drm_gem_object_handle_put_unlocked+0x90/0x390
[ 52.027617][ T3608] ? asm_exc_page_fault+0x8/0x30
[ 52.032711][ T3605] drm_gem_object_release_handle+0xe3/0x110
[ 52.037538][ T3608] asm_exc_page_fault+0x1e/0x30
[ 52.042107][ T3605] ? drm_gem_object_handle_put_unlocked+0x390/0x390
[ 52.048415][ T3608] RIP: 0033:0x7f79f6d0df45
[ 52.053333][ T3605] idr_for_each+0x113/0x220
[ 52.059204][ T3608] Code: 0a 00 00 74 08 84 c9 0f 85 46 02 00 00 45 31 e4 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 ba 01 00 00 00 85 c0 0f 85 d5 01 00 00 <0f> b1 15 fc ee 0a 00 4c 8b 33 4d 85 f6 75 3b e9 72 01 00 00 0f 1f
[ 52.064030][ T3605] ? idr_find+0x50/0x50
[ 52.070593][ T3608] RSP: 002b:00007ffca2f21950 EFLAGS: 00010246
[ 52.074995][ T3605] ? rwlock_bug.part.0+0x90/0x90
[ 52.079474][ T3608]
[ 52.079479][ T3608] RAX: 0000000000000000 RBX: 00007f79f6dba140 RCX: 0000000000000001
[ 52.099059][ T3605] ? __mutex_unlock_slowpath+0x157/0x5e0
[ 52.103194][ T3608] RDX: 0000000000000001 RSI: 00007f79f6dba140 RDI: 0000000000000000
[ 52.109239][ T3605] drm_gem_release+0x22/0x30
[ 52.114149][ T3608] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000100004000
[ 52.116458][ T3605] drm_file_free.part.0+0x805/0xb80
[ 52.124413][ T3608] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000000
[ 52.130037][ T3605] ? fsnotify+0x13d0/0x13d0
[ 52.137984][ T3608] R13: 0000000000000001 R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 52.142559][ T3605] drm_close_helper.isra.0+0x17d/0x1f0
[ 52.150520][ T3608]
[ 52.155691][ T3605] drm_release+0x1e6/0x530
[ 52.169362][ T3607] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.176089][ T3605] __fput+0x286/0x9f0
[ 52.176121][ T3605] ? drm_release_noglobal+0x180/0x180
[ 52.185889][ T3609] FAULT_INJECTION: forcing a failure.
[ 52.185889][ T3609] name failslab, interval 1, probability 0, space 0, times 0
[ 52.189021][ T3605] task_work_run+0xdd/0x1a0
[ 52.189053][ T3605] do_exit+0xb29/0x2a30
[ 52.189078][ T3605] ? lock_downgrade+0x6e0/0x6e0
[ 52.197158][ T3609] CPU: 1 PID: 3609 Comm: syz-executor195 Tainted: G B 5.17.0-rc6-syzkaller #0
[ 52.200478][ T3605] ? mm_update_next_owner+0x7a0/0x7a0
[ 52.205825][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 52.218381][ T3605] do_group_exit+0xd2/0x2f0
[ 52.222859][ T3609] Call Trace:
[ 52.222867][ T3609]
[ 52.226995][ T3605] __x64_sys_exit_group+0x3a/0x50
[ 52.231822][ T3609] dump_stack_lvl+0xcd/0x134
[ 52.241947][ T3605] do_syscall_64+0x35/0xb0
[ 52.247296][ T3609] should_fail.cold+0x5/0xa
[ 52.257330][ T3605] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 52.261815][ T3609] ? kvmalloc_node+0x3e/0x100
[ 52.265078][ T3605] RIP: 0033:0x7f79f6d48449
[ 52.267995][ T3609] should_failslab+0x5/0x10
[ 52.272997][ T3605] Code: Unable to access opcode bytes at RIP 0x7f79f6d4841f.
[ 52.277562][ T3609] __kmalloc_node+0x75/0x4a0
[ 52.281956][ T3605] RSP: 002b:00007ffca2f21948 EFLAGS: 00000246
[ 52.286438][ T3609] kvmalloc_node+0x3e/0x100
[ 52.292303][ T3605] ORIG_RAX: 00000000000000e7
[ 52.296955][ T3609] drm_gem_get_pages+0x14e/0x590
executing program
[ 52.301349][ T3605] RAX: ffffffffffffffda RBX: 00007f79f6dbc3f0 RCX: 00007f79f6d48449
[ 52.305830][ T3609] ? kmem_cache_alloc+0x271/0x4b0
[ 52.313177][ T3605] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
[ 52.317743][ T3609] ? mmap_region+0x96e/0x14a0
[ 52.323787][ T3605] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000100004000
[ 52.328265][ T3609] ? drm_gem_shmem_get_pages+0x56/0x250
[ 52.332917][ T3605] R10: 0000000000000012 R11: 0000000000000246 R12: 00007f79f6dbc3f0
[ 52.337831][ T3609] ? drm_gem_object_lookup+0xc0/0xc0
[ 52.345781][ T3605] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 52.350786][ T3609] ? mutex_lock_io_nested+0x1150/0x1150
[ 52.358743][ T3605]
[ 52.363390][ T3609] ? rcu_read_lock_sched_held+0xd/0x70
[ 52.371359][ T3605] Modules linked in:
[ 52.376881][ T3609] ? lock_acquire+0x442/0x510
[ 52.385493][ T3604] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.390101][ T3609] ? rcu_read_lock_sched_held+0xd/0x70
[ 52.390131][ T3609] ? lock_release+0x522/0x720
[ 52.438568][ T3609] ? drm_vma_node_is_allowed+0xc4/0x100
[ 52.444132][ T3609] ? lock_downgrade+0x6e0/0x6e0
[ 52.448983][ T3609] ? lock_release+0x522/0x720
[ 52.453664][ T3609] ? drm_dev_exit+0x1b/0x50
[ 52.458165][ T3609] drm_gem_shmem_get_pages+0xd6/0x250
[ 52.463534][ T3609] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 52.468819][ T3609] drm_gem_shmem_mmap+0x137/0x2e0
[ 52.473847][ T3609] ? drm_gem_shmem_mmap+0x2e0/0x2e0
[ 52.479043][ T3609] drm_gem_mmap_obj+0x1b8/0x450
[ 52.483896][ T3609] drm_gem_mmap+0x419/0x770
[ 52.488406][ T3609] ? drm_gem_lock_reservations+0xe00/0xe00
[ 52.494236][ T3609] ? kmem_cache_alloc+0x35b/0x4b0
[ 52.499278][ T3609] mmap_region+0xba5/0x14a0
[ 52.503789][ T3609] ? vm_munmap+0x20/0x20
[ 52.508032][ T3609] ? rcu_read_lock_sched_held+0xd/0x70
[ 52.513489][ T3609] ? cap_mmap_addr+0x50/0x300
[ 52.518171][ T3609] ? __sanitizer_cov_trace_const_cmp4+0x1c/0x70
[ 52.524418][ T3609] ? __sanitizer_cov_trace_const_cmp8+0x1d/0x70
[ 52.530657][ T3609] ? get_unmapped_area+0x2ae/0x3d0
[ 52.535763][ T3609] do_mmap+0x869/0xfb0
[ 52.539829][ T3609] vm_mmap_pgoff+0x1b7/0x290
[ 52.544420][ T3609] ? randomize_stack_top+0x100/0x100
[ 52.549790][ T3609] ? __fget_files+0x28c/0x470
[ 52.554720][ T3609] ksys_mmap_pgoff+0x40d/0x5a0
[ 52.559498][ T3609] ? syscall_enter_from_user_mode+0x21/0x70
[ 52.565408][ T3609] ? trace_hardirqs_on+0x5b/0x1c0
[ 52.570440][ T3609] do_syscall_64+0x35/0xb0
[ 52.574856][ T3609] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 52.580745][ T3609] RIP: 0033:0x7f79f6d497b9
[ 52.585153][ T3609] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
[ 52.604752][ T3609] RSP: 002b:00007ffca2f21998 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 52.613177][ T3609] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00007f79f6d497b9
[ 52.621140][ T3609] RDX: 0000000000000000 RSI: 0000000000003000 RDI: 0000000020ffc000
[ 52.629102][ T3609] RBP: 00007ffca2f219c0 R08: 0000000000000003 R09: 0000000100004000
[ 52.637079][ T3609] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000004
[ 52.645044][ T3609] R13: 00007ffca2f219bc R14: 00007ffca2f219e0 R15: 00007ffca2f219d0
[ 52.653011][ T3609]
[ 52.656190][ T3598] Kernel panic - not syncing: panic_on_warn set ...
[ 52.662675][ T3606] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[ 52.662866][ T3598] Kernel Offset: disabled
[ 52.674898][ T3598] Rebooting in 86400 seconds..