el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Not tainted 5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 000000000000020b x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b56fec43e56a
x14: 0000000000000054 x13: 0000000000000054 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 000000000000031f x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 00009f138b26a12a
x14: 00000000000003b8 x13: 00000000000003b8 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000287 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 00000000000002ab x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 00000000000002a5 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b490cef89b42
x14: 0000000000000032 x13: 0000000000000032 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000386 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b233433ec4cc
x14: 000000000000002d x13: 000000000000002d x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
__do_kernel_fault: 23551 callbacks suppressed
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 000000000000020e x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : ffff00007fbbc9c8 x4 : 0000000000c0000e x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000387 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000297 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000b1e x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000b45 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000b6c x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 000000000000022d x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : faff00002888a400 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000bba x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000be1 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000c08 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
__do_kernel_fault: 19327 callbacks suppressed
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 000091a6eb35c2b3
x14: 0000000000000080 x13: 0000000000000080 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 0000000000000000 x4 : ffff00007fbbc9c8 x3 : ffff00007fbbf780
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000336 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000aec8f88bb078
x14: 000000000000009b x13: 000000000000009b x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b5e16ff0f032
x14: 00000000000000c2 x13: 00000000000000c2 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 0000000000000000 x4 : ffff00007fbbc9c8 x3 : ffff00007fbbf780
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 00000000000003c2 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b596165424a0
x14: 000000000000004d x13: 000000000000004d x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 000000000000020b x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b67b12b59fe4
x14: 0000000000000107 x13: 0000000000000107 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 0000000000000238 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffc445ebc8
x14: 00000000000002f5 x13: 0000000000000001 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : f6ff000028889800 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
__do_kernel_fault: 41273 callbacks suppressed
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000db7 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : ffff00007fbd09c8 x4 : 0000000000015ff5 x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000dde x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000e05 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000e2c x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000e53 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000e7a x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000ea1 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000ec8 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000eef x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000f16 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
__do_kernel_fault: 46434 callbacks suppressed
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000f3e x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : ffff00007fbbc9c8 x4 : 0000000000015ff5 x3 : 0000000000000001
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000f65 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000f8c x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000fb3 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000000fda x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000001001 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b2e52c284d20
x14: 00000000000000f0 x13: 00000000000000f0 x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : ffff00007fbc3980 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 000000000000104f x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 0000000000000000
x17: 0000000000000000 x16: 0000000000000000 x15: 0000b674391bbbee
x14: 00000000000000ca x13: 00000000000000ca x12: ffff800009e54920
x11: ffff80000a26feb8 x10: 9c6e44e4d2a71ac6 x9 : f99f92357e3a813d
x8 : f3ff000006f9ce38 x7 : ffff00007fbc3980 x6 : 000000400481f92f
x5 : 00000000000f0510 x4 : 0000000000c0000e x3 : 000000000000ffff
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 000000000000109d x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
__do_kernel_fault: 47145 callbacks suppressed
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 00000000000010c5 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 00000000000010ec x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 1 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 1 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000001113 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 000000000000113a x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000001161 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000001188 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 00000000000011af x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 00000000000011d6 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 00000000000011fd x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---
------------[ cut here ]------------
Ignoring spurious kernel translation fault at virtual address 0000000000000034
WARNING: CPU: 0 PID: 32138 at arch/arm64/mm/fault.c:367 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
Modules linked in:
CPU: 0 PID: 32138 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc8-syzkaller-00003-g56e337f2cf13 #0
Hardware name: linux,dummy-virt (DT)
pstate: 60400009 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
lr : __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
sp : ffff80000cd2bab0
x29: ffff80000cd2bab0 x28: f3ff000006f9bf00 x27: 0000000000000000
x26: 0000000000000020 x25: f2ff00002cd3e600 x24: f8ff00000353d680
x23: 0000000096000006 x22: 0000000000000034 x21: 0000000000000025
x20: ffff80000cd2bbd0 x19: 0000000096000006 x18: 00000000fffffffa
x17: 3030207373657264 x16: 6461206c61757472 x15: 697620746120746c
x14: 756166206e6f6974 x13: 0000000000001224 x12: ffff80000cd2b7b0
x11: ffff80000a34bdf0 x10: 00000000ffffe000 x9 : ffff80000a34bdf0
x8 : ffff80000a29bdf0 x7 : ffff80000a34bdf0 x6 : 0000000000000000
x5 : 0000000000000000 x4 : 0000000000015ff5 x3 : 0000000000000000
x2 : 0000000000000000 x1 : 0000000000000000 x0 : f3ff000006f9bf00
Call trace:
 __do_kernel_fault+0x14c/0x1c0 arch/arm64/mm/fault.c:367
 do_page_fault+0x1c0/0x3b0 arch/arm64/mm/fault.c:669
 do_translation_fault+0xb0/0xc0 arch/arm64/mm/fault.c:680
 do_mem_abort+0x44/0x94 arch/arm64/mm/fault.c:813
 el1_abort+0x40/0x60 arch/arm64/kernel/entry-common.c:346
 el1h_64_sync_handler+0xb0/0xd0 arch/arm64/kernel/entry-common.c:397
 el1h_64_sync+0x78/0x7c arch/arm64/kernel/entry.S:579
 __lse_atomic_fetch_add arch/arm64/include/asm/atomic_lse.h:60 [inline]
 __lse_atomic_fetch_sub arch/arm64/include/asm/atomic_lse.h:74 [inline]
 __lse_atomic_sub_return arch/arm64/include/asm/atomic_lse.h:92 [inline]
 arch_atomic_sub_return arch/arm64/include/asm/atomic.h:53 [inline]
 arch_atomic_dec_return include/linux/atomic/atomic-arch-fallback.h:527 [inline]
 arch_atomic_dec_and_test include/linux/atomic/atomic-arch-fallback.h:1105 [inline]
 atomic_dec_and_test include/linux/atomic/atomic-instrumented.h:576 [inline]
 page_ref_dec_and_test include/linux/page_ref.h:210 [inline]
 put_page_testzero include/linux/mm.h:718 [inline]
 __free_pages+0x24/0x100 mm/page_alloc.c:5473
 watch_queue_set_size+0x178/0x1e4 kernel/watch_queue.c:275
 pipe_ioctl+0x70/0x18c fs/pipe.c:632
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:874 [inline]
 __se_sys_ioctl fs/ioctl.c:860 [inline]
 __arm64_sys_ioctl+0xa8/0xec fs/ioctl.c:860
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x48/0x114 arch/arm64/kernel/syscall.c:52
 el0_svc_common.constprop.0+0x44/0xec arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x70/0x90 arch/arm64/kernel/syscall.c:181
 el0_svc+0x20/0x80 arch/arm64/kernel/entry-common.c:603
 el0t_64_sync_handler+0x1a4/0x1b0 arch/arm64/kernel/entry-common.c:621
 el0t_64_sync+0x1ac/0x1b0 arch/arm64/kernel/entry.S:584
---[ end trace 0000000000000000 ]---