================================================================================ UBSAN: array-index-out-of-bounds in kernel/pid.c:244:15 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xac/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 alloc_pid+0x918/0xaf0 kernel/pid.c:244 copy_process+0x2fd4/0x57c0 kernel/fork.c:2519 kernel_clone+0x12c/0x754 kernel/fork.c:2911 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================ ================================================================================ UBSAN: array-index-out-of-bounds in kernel/pid.c:245:15 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xac/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 alloc_pid+0x93c/0xaf0 kernel/pid.c:245 copy_process+0x2fd4/0x57c0 kernel/fork.c:2519 kernel_clone+0x12c/0x754 kernel/fork.c:2911 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================ ================================================================================ UBSAN: array-index-out-of-bounds in ./include/linux/pid.h:156:20 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x74/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 ns_of_pid include/linux/pid.h:156 [inline] copy_process+0x4d24/0x57c0 kernel/fork.c:2655 kernel_clone+0x12c/0x754 kernel/fork.c:2911 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================ ================================================================================ UBSAN: array-index-out-of-bounds in ./include/linux/pid.h:168:21 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x74/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 is_child_reaper include/linux/pid.h:168 [inline] copy_process+0x49d8/0x57c0 kernel/fork.c:2684 kernel_clone+0x12c/0x754 kernel/fork.c:2911 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================ ================================================================================ UBSAN: array-index-out-of-bounds in ./include/linux/pid.h:156:20 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x74/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 ns_of_pid include/linux/pid.h:156 [inline] copy_process+0x49f8/0x57c0 kernel/fork.c:2685 kernel_clone+0x12c/0x754 kernel/fork.c:2911 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================ ================================================================================ UBSAN: array-index-out-of-bounds in kernel/pid.c:112:19 index 1 is out of range for type 'upid [1]' CPU: 0 PID: 3088 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-04247-g3a8a670eeeaa #0 Hardware name: linux,dummy-virt (DT) Call trace: dump_backtrace+0x9c/0x11c arch/arm64/kernel/stacktrace.c:233 show_stack+0x18/0x24 arch/arm64/kernel/stacktrace.c:240 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xac/0xd4 lib/dump_stack.c:106 dump_stack+0x1c/0x28 lib/dump_stack.c:113 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0xb0/0xe8 lib/ubsan.c:348 put_pid.part.0+0x140/0x14c kernel/pid.c:112 put_pid+0x14/0x24 kernel/pid.c:106 kernel_clone+0x200/0x754 kernel/fork.c:2953 __do_sys_clone+0xa4/0xe0 kernel/fork.c:3054 __se_sys_clone kernel/fork.c:3022 [inline] __arm64_sys_clone+0xa4/0xfc kernel/fork.c:3022 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline] invoke_syscall+0x6c/0x260 arch/arm64/kernel/syscall.c:52 el0_svc_common.constprop.0+0xc4/0x244 arch/arm64/kernel/syscall.c:142 do_el0_svc+0x50/0x124 arch/arm64/kernel/syscall.c:191 el0_svc+0x4c/0x134 arch/arm64/kernel/entry-common.c:647 el0t_64_sync_handler+0xc0/0xc4 arch/arm64/kernel/entry-common.c:665 el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591 ================================================================================