[ 61.758786] bridge0: port 1(bridge_slave_0) entered forwarding state [ 62.153703] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.230862] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 62.241036] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready [ 62.277485] 8021q: adding VLAN 0 to HW filter on device team0 [ 62.842114] tipc: TX() has been purged, node left! [ 64.249963] device bridge_slave_1 left promiscuous mode [ 64.255958] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.269097] device bridge_slave_0 left promiscuous mode [ 64.274846] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.552377] team0 (unregistering): Port device team_slave_1 removed [ 65.563155] team0 (unregistering): Port device team_slave_0 removed [ 65.574844] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.591690] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.630721] bond0 (unregistering): Released all slaves Warning: Permanently added '10.128.1.49' (ECDSA) to the list of known hosts. 2020/04/16 22:48:44 parsed 1 programs 2020/04/16 22:48:44 executed programs: 0 [ 70.028001] IPVS: ftp: loaded support on port[0] = 21 [ 70.037770] IPVS: ftp: loaded support on port[0] = 21 [ 70.039497] IPVS: ftp: loaded support on port[0] = 21 [ 70.056761] IPVS: ftp: loaded support on port[0] = 21 [ 70.075719] IPVS: ftp: loaded support on port[0] = 21 [ 70.077179] IPVS: ftp: loaded support on port[0] = 21 [ 70.910698] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.917152] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.928332] device bridge_slave_0 entered promiscuous mode [ 70.948688] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.955185] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.968161] device bridge_slave_0 entered promiscuous mode [ 70.979317] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.985749] bridge0: port 1(bridge_slave_0) entered disabled state [ 70.996920] device bridge_slave_0 entered promiscuous mode [ 71.011401] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.018051] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.026987] device bridge_slave_1 entered promiscuous mode [ 71.040613] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.047052] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.056609] device bridge_slave_1 entered promiscuous mode [ 71.063648] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.070300] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.079028] device bridge_slave_0 entered promiscuous mode [ 71.085755] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.092228] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.099571] device bridge_slave_1 entered promiscuous mode [ 71.107819] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.114348] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.123014] device bridge_slave_0 entered promiscuous mode [ 71.130401] bridge0: port 1(bridge_slave_0) entered blocking state [ 71.136945] bridge0: port 1(bridge_slave_0) entered disabled state [ 71.145384] device bridge_slave_0 entered promiscuous mode [ 71.153453] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.159846] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.168479] device bridge_slave_1 entered promiscuous mode [ 71.178137] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.184556] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.199077] device bridge_slave_1 entered promiscuous mode [ 71.209550] bridge0: port 2(bridge_slave_1) entered blocking state [ 71.215985] bridge0: port 2(bridge_slave_1) entered disabled state [ 71.224291] device bridge_slave_1 entered promiscuous mode [ 71.365753] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.392276] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.418501] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.430803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.440619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.471315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.481244] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.493324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.503727] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.526377] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.545432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 71.560840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.574075] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.585443] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.606701] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.616853] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.629449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 71.656141] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.670454] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.689603] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.718165] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.744422] team0: Port device team_slave_0 added [ 71.761609] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 71.793079] team0: Port device team_slave_1 added [ 71.810274] team0: Port device team_slave_0 added [ 71.822437] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 71.854591] team0: Port device team_slave_0 added [ 71.866912] team0: Port device team_slave_0 added [ 71.883649] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 71.897542] team0: Port device team_slave_1 added [ 71.907401] team0: Port device team_slave_0 added [ 71.921438] team0: Port device team_slave_1 added [ 71.935749] team0: Port device team_slave_1 added [ 71.948959] team0: Port device team_slave_1 added [ 71.963459] team0: Port device team_slave_0 added [ 71.980012] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 71.996660] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.016016] team0: Port device team_slave_1 added [ 72.030568] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.045869] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.061177] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.069588] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.077483] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.090140] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.100146] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.108636] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.132497] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.164236] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.173940] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.182425] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.190246] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 72.198516] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.210149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.221327] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.229856] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.237800] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.249095] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 72.263598] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.272355] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.293551] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.319916] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.328110] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.336111] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.344270] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.352720] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.375408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 72.390329] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 72.413049] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.422043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.441065] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 72.461414] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 72.691282] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.697718] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.704535] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.710960] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.835297] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.842647] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.849473] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.855928] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.891480] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.897892] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.904551] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.910977] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.927206] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.933628] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.940371] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.946843] bridge0: port 1(bridge_slave_0) entered forwarding state [ 72.961787] bridge0: port 2(bridge_slave_1) entered blocking state [ 72.968213] bridge0: port 2(bridge_slave_1) entered forwarding state [ 72.974996] bridge0: port 1(bridge_slave_0) entered blocking state [ 72.981429] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.055660] bridge0: port 2(bridge_slave_1) entered blocking state [ 73.062078] bridge0: port 2(bridge_slave_1) entered forwarding state [ 73.068794] bridge0: port 1(bridge_slave_0) entered blocking state [ 73.075222] bridge0: port 1(bridge_slave_0) entered forwarding state [ 73.536394] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.547172] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.560862] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.573117] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.581782] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 73.589434] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 74.633499] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.757870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.787843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.821870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.876959] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.929526] 8021q: adding VLAN 0 to HW filter on device bond0 [ 74.988730] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 74.999533] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.098722] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 75.113085] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.144056] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 75.155537] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.176788] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.226466] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 75.240978] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.262798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 75.269926] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.312168] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 75.323921] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 75.340041] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.350680] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.406601] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.452557] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.476126] 8021q: adding VLAN 0 to HW filter on device team0 [ 76.360419] FAULT_INJECTION: forcing a failure. [ 76.360419] name failslab, interval 1, probability 0, space 0, times 1 [ 76.371841] CPU: 0 PID: 6174 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 76.379650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.389016] Call Trace: [ 76.391620] dump_stack+0x12f/0x187 [ 76.395271] should_fail.cold.4+0x5/0x17 [ 76.399348] ? fault_create_debugfs_attr+0x150/0x150 [ 76.404469] __should_failslab+0xba/0xf0 [ 76.408544] should_failslab+0x9/0x14 [ 76.412374] kmem_cache_alloc_node_trace+0x267/0x770 [ 76.417504] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 76.422796] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 76.428023] __kmalloc_node_track_caller+0x3c/0x70 [ 76.432971] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 76.437747] __alloc_skb+0xd7/0x570 [ 76.441387] ? netdev_alloc_frag+0xe0/0xe0 [ 76.445633] ? mark_held_locks+0x130/0x130 [ 76.449881] alloc_skb_with_frags+0x75/0x480 [ 76.454307] ? reacquire_held_locks+0x21e/0x510 [ 76.458998] sock_alloc_send_pskb+0x5f5/0x790 [ 76.463519] ? _raw_spin_unlock_bh+0x2b/0x30 [ 76.467946] ? sock_def_error_report+0x360/0x360 [ 76.472733] ? trace_hardirqs_on+0x28/0x180 [ 76.477195] ? release_sock+0x122/0x180 [ 76.481186] ? __local_bh_enable_ip+0x161/0x230 [ 76.485870] sock_alloc_send_skb+0x13/0x20 [ 76.486807] FAULT_INJECTION: forcing a failure. [ 76.486807] name failslab, interval 1, probability 0, space 0, times 1 [ 76.490112] dccp_sendmsg+0x25a/0xdb0 [ 76.490122] ? aa_sk_perm+0x182/0x740 [ 76.490130] ? dccp_disconnect+0xb00/0xb00 [ 76.490136] ? aa_af_perm+0x240/0x240 [ 76.490145] ? __kasan_check_write+0x14/0x20 [ 76.490160] inet_sendmsg+0xbd/0xe0 [ 76.490167] ? inet_send_prepare+0x3a0/0x3a0 [ 76.490175] sock_sendmsg+0xdf/0x110 [ 76.490184] ____sys_sendmsg+0x3fe/0xae0 [ 76.490194] ? kernel_sendmsg+0x30/0x30 [ 76.490202] ? mark_lock+0xbf/0x760 [ 76.490210] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 76.550108] ? __kasan_check_read+0x11/0x20 [ 76.554438] ? hlock_class+0x52/0x120 [ 76.558392] ___sys_sendmsg+0xe4/0x160 [ 76.562294] ? sendmsg_copy_msghdr+0x30/0x30 [ 76.566711] ? mark_held_locks+0x130/0x130 [ 76.570956] ? find_held_lock+0x36/0x1d0 [ 76.575023] ? __might_fault+0xf1/0x1b0 [ 76.578994] ? __might_fault+0xc6/0x1b0 [ 76.582960] ? lock_downgrade+0x960/0x960 [ 76.587098] ? lock_release+0x960/0x960 [ 76.591178] ? ___might_sleep+0x13e/0x2b0 [ 76.595328] __sys_sendmmsg+0x160/0x380 [ 76.599294] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 76.603603] ? __kasan_check_write+0x14/0x20 [ 76.608450] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 76.613285] ? rcu_read_lock_any_held+0xcd/0xf0 [ 76.617969] ? __kasan_check_write+0x14/0x20 [ 76.622385] ? fput_many+0x1b/0x130 [ 76.626004] ? fput+0xe/0x10 [ 76.629012] ? ksys_write+0x187/0x220 [ 76.632814] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.637704] ? do_syscall_64+0x21/0x630 [ 76.641682] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 76.647057] __x64_sys_sendmmsg+0x98/0x100 [ 76.651301] do_syscall_64+0xd0/0x630 [ 76.655099] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 76.660394] RIP: 0033:0x455b59 [ 76.663608] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 76.682709] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.690407] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 76.697679] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 76.704943] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 76.712215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 76.719578] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 76.726969] CPU: 1 PID: 6193 Comm: syz-executor5 Not tainted 5.7.0-rc1-syzkaller #0 [ 76.734951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.744495] Call Trace: [ 76.747101] dump_stack+0x12f/0x187 [ 76.750749] should_fail.cold.4+0x5/0x17 [ 76.754835] ? fault_create_debugfs_attr+0x150/0x150 [ 76.760052] __should_failslab+0xba/0xf0 [ 76.764338] should_failslab+0x9/0x14 [ 76.768597] kmem_cache_alloc_node_trace+0x267/0x770 [ 76.774073] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 76.779470] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 76.784770] __kmalloc_node_track_caller+0x3c/0x70 [ 76.788017] FAULT_INJECTION: forcing a failure. [ 76.788017] name failslab, interval 1, probability 0, space 0, times 0 [ 76.789739] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 76.789749] __alloc_skb+0xd7/0x570 [ 76.789757] ? netdev_alloc_frag+0xe0/0xe0 [ 76.789766] ? mark_held_locks+0x130/0x130 [ 76.789778] alloc_skb_with_frags+0x75/0x480 [ 76.789784] ? reacquire_held_locks+0x21e/0x510 [ 76.789798] sock_alloc_send_pskb+0x5f5/0x790 [ 76.789812] ? _raw_spin_unlock_bh+0x2b/0x30 [ 76.789820] ? sock_def_error_report+0x360/0x360 [ 76.789827] ? trace_hardirqs_on+0x28/0x180 [ 76.789833] ? release_sock+0x122/0x180 [ 76.789842] ? __local_bh_enable_ip+0x161/0x230 [ 76.789852] sock_alloc_send_skb+0x13/0x20 [ 76.857841] dccp_sendmsg+0x25a/0xdb0 [ 76.861636] ? aa_sk_perm+0x182/0x740 [ 76.866033] ? dccp_disconnect+0xb00/0xb00 [ 76.870259] ? aa_af_perm+0x240/0x240 [ 76.874065] ? __kasan_check_write+0x14/0x20 [ 76.878519] inet_sendmsg+0xbd/0xe0 [ 76.882303] ? inet_send_prepare+0x3a0/0x3a0 [ 76.886705] sock_sendmsg+0xdf/0x110 [ 76.890527] ____sys_sendmsg+0x3fe/0xae0 [ 76.894598] ? kernel_sendmsg+0x30/0x30 [ 76.898564] ? mark_lock+0xbf/0x760 [ 76.902183] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 76.907468] ? __kasan_check_read+0x11/0x20 [ 76.911793] ? hlock_class+0x52/0x120 [ 76.915591] ___sys_sendmsg+0xe4/0x160 [ 76.919469] ? sendmsg_copy_msghdr+0x30/0x30 [ 76.923872] ? mark_held_locks+0x130/0x130 [ 76.928109] ? find_held_lock+0x36/0x1d0 [ 76.932156] ? __might_fault+0xf1/0x1b0 [ 76.936112] ? __might_fault+0xc6/0x1b0 [ 76.940086] ? lock_downgrade+0x960/0x960 [ 76.944246] ? lock_release+0x960/0x960 [ 76.948210] ? ___might_sleep+0x13e/0x2b0 [ 76.952367] __sys_sendmmsg+0x160/0x380 [ 76.956344] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 76.960681] ? __kasan_check_write+0x14/0x20 [ 76.965081] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 76.969914] ? rcu_read_lock_any_held+0xcd/0xf0 [ 76.974576] ? __kasan_check_write+0x14/0x20 [ 76.978969] ? fput_many+0x1b/0x130 [ 76.982581] ? fput+0xe/0x10 [ 76.985582] ? ksys_write+0x187/0x220 [ 76.989807] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 76.994573] ? do_syscall_64+0x21/0x630 [ 76.998544] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.003909] __x64_sys_sendmmsg+0x98/0x100 [ 77.008154] do_syscall_64+0xd0/0x630 [ 77.011963] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.017163] RIP: 0033:0x455b59 [ 77.020345] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.040106] RSP: 002b:00007f8734fa0c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.047805] RAX: ffffffffffffffda RBX: 00007f8734fa16d4 RCX: 0000000000455b59 [ 77.055073] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 77.062328] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 77.069587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 77.076847] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 77.084238] CPU: 0 PID: 6203 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 77.092145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.101516] Call Trace: [ 77.104118] dump_stack+0x12f/0x187 [ 77.107795] should_fail.cold.4+0x5/0x17 [ 77.111870] ? fault_create_debugfs_attr+0x150/0x150 [ 77.116993] __should_failslab+0xba/0xf0 [ 77.121070] should_failslab+0x9/0x14 [ 77.124920] kmem_cache_alloc_node_trace+0x267/0x770 [ 77.130035] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 77.135319] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 77.140436] __kmalloc_node_track_caller+0x3c/0x70 [ 77.145590] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 77.150360] __alloc_skb+0xd7/0x570 [ 77.154007] ? netdev_alloc_frag+0xe0/0xe0 [ 77.158358] ? mark_held_locks+0x130/0x130 [ 77.162617] alloc_skb_with_frags+0x75/0x480 [ 77.167045] ? reacquire_held_locks+0x21e/0x510 [ 77.171737] sock_alloc_send_pskb+0x5f5/0x790 [ 77.171838] FAULT_INJECTION: forcing a failure. [ 77.171838] name failslab, interval 1, probability 0, space 0, times 0 [ 77.176256] ? _raw_spin_unlock_bh+0x2b/0x30 [ 77.176267] ? sock_def_error_report+0x360/0x360 [ 77.176273] ? trace_hardirqs_on+0x28/0x180 [ 77.176279] ? release_sock+0x122/0x180 [ 77.176288] ? __local_bh_enable_ip+0x161/0x230 [ 77.176299] sock_alloc_send_skb+0x13/0x20 [ 77.214152] dccp_sendmsg+0x25a/0xdb0 [ 77.218028] ? aa_sk_perm+0x182/0x740 [ 77.221824] ? dccp_disconnect+0xb00/0xb00 [ 77.226065] ? aa_af_perm+0x240/0x240 [ 77.230340] ? __kasan_check_write+0x14/0x20 [ 77.234765] inet_sendmsg+0xbd/0xe0 [ 77.238397] ? inet_send_prepare+0x3a0/0x3a0 [ 77.242800] sock_sendmsg+0xdf/0x110 [ 77.246522] ____sys_sendmsg+0x3fe/0xae0 [ 77.250605] ? kernel_sendmsg+0x30/0x30 [ 77.254588] ? mark_lock+0xbf/0x760 [ 77.258209] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 77.263757] ? __kasan_check_read+0x11/0x20 [ 77.268198] ? hlock_class+0x52/0x120 [ 77.272011] ___sys_sendmsg+0xe4/0x160 [ 77.275913] ? sendmsg_copy_msghdr+0x30/0x30 [ 77.280321] ? mark_held_locks+0x130/0x130 [ 77.284545] ? find_held_lock+0x36/0x1d0 [ 77.288636] ? __might_fault+0xf1/0x1b0 [ 77.292750] ? __might_fault+0xc6/0x1b0 [ 77.296721] ? lock_downgrade+0x960/0x960 [ 77.300860] ? lock_release+0x960/0x960 [ 77.304840] ? ___might_sleep+0x13e/0x2b0 [ 77.308990] __sys_sendmmsg+0x160/0x380 [ 77.312965] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 77.317282] ? __kasan_check_write+0x14/0x20 [ 77.321690] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 77.326525] ? rcu_read_lock_any_held+0xcd/0xf0 [ 77.331186] ? __kasan_check_write+0x14/0x20 [ 77.335580] ? fput_many+0x1b/0x130 [ 77.339224] ? fput+0xe/0x10 [ 77.342233] ? ksys_write+0x187/0x220 [ 77.346028] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.350772] ? do_syscall_64+0x21/0x630 [ 77.354732] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.360117] __x64_sys_sendmmsg+0x98/0x100 [ 77.364358] do_syscall_64+0xd0/0x630 [ 77.368155] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.373355] RIP: 0033:0x455b59 [ 77.376537] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.395439] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.403138] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 77.410413] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 77.417711] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 77.425115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 77.432390] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 77.439668] CPU: 1 PID: 6196 Comm: syz-executor3 Not tainted 5.7.0-rc1-syzkaller #0 [ 77.447479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.456960] Call Trace: [ 77.459573] dump_stack+0x12f/0x187 [ 77.463220] should_fail.cold.4+0x5/0x17 [ 77.467297] ? fault_create_debugfs_attr+0x150/0x150 [ 77.472420] __should_failslab+0xba/0xf0 [ 77.476546] should_failslab+0x9/0x14 [ 77.480482] kmem_cache_alloc_node+0x251/0x750 [ 77.485078] ? hlock_class+0x52/0x120 [ 77.488909] ? __lock_acquire+0x1850/0x3b10 [ 77.493344] ? __kasan_check_read+0x11/0x20 [ 77.497800] __alloc_skb+0xa7/0x570 [ 77.501443] ? netdev_alloc_frag+0xe0/0xe0 [ 77.505687] ? mark_held_locks+0x130/0x130 [ 77.509942] alloc_skb_with_frags+0x75/0x480 [ 77.514384] ? reacquire_held_locks+0x21e/0x510 [ 77.519082] sock_alloc_send_pskb+0x5f5/0x790 [ 77.523615] ? _raw_spin_unlock_bh+0x2b/0x30 [ 77.528049] ? sock_def_error_report+0x360/0x360 [ 77.532834] ? trace_hardirqs_on+0x28/0x180 [ 77.537170] ? release_sock+0x122/0x180 [ 77.541157] ? __local_bh_enable_ip+0x161/0x230 [ 77.546003] sock_alloc_send_skb+0x13/0x20 [ 77.550251] dccp_sendmsg+0x25a/0xdb0 [ 77.554074] ? aa_sk_perm+0x182/0x740 [ 77.558031] ? dccp_disconnect+0xb00/0xb00 [ 77.562405] ? aa_af_perm+0x240/0x240 [ 77.566217] ? __kasan_check_write+0x14/0x20 [ 77.570648] inet_sendmsg+0xbd/0xe0 [ 77.571760] FAULT_INJECTION: forcing a failure. [ 77.571760] name failslab, interval 1, probability 0, space 0, times 0 [ 77.574414] ? inet_send_prepare+0x3a0/0x3a0 [ 77.574424] sock_sendmsg+0xdf/0x110 [ 77.574431] ____sys_sendmsg+0x3fe/0xae0 [ 77.574442] ? kernel_sendmsg+0x30/0x30 [ 77.574450] ? mark_lock+0xbf/0x760 [ 77.574458] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 77.574466] ? __kasan_check_read+0x11/0x20 [ 77.574471] ? hlock_class+0x52/0x120 [ 77.574481] ___sys_sendmsg+0xe4/0x160 [ 77.574487] ? sendmsg_copy_msghdr+0x30/0x30 [ 77.574495] ? mark_held_locks+0x130/0x130 [ 77.574505] ? find_held_lock+0x36/0x1d0 [ 77.638779] ? __might_fault+0xf1/0x1b0 [ 77.642755] ? __might_fault+0xc6/0x1b0 [ 77.646731] ? lock_downgrade+0x960/0x960 [ 77.650890] ? lock_release+0x960/0x960 [ 77.654863] ? ___might_sleep+0x13e/0x2b0 [ 77.659009] __sys_sendmmsg+0x160/0x380 [ 77.663001] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 77.667320] ? __kasan_check_write+0x14/0x20 [ 77.671730] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 77.676563] ? rcu_read_lock_any_held+0xcd/0xf0 [ 77.681230] ? __kasan_check_write+0x14/0x20 [ 77.685624] ? fput_many+0x1b/0x130 [ 77.689236] ? fput+0xe/0x10 [ 77.692243] ? ksys_write+0x187/0x220 [ 77.696042] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 77.700803] ? do_syscall_64+0x21/0x630 [ 77.704761] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.710114] __x64_sys_sendmmsg+0x98/0x100 [ 77.714346] do_syscall_64+0xd0/0x630 [ 77.718234] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 77.723412] RIP: 0033:0x455b59 [ 77.726598] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 77.745502] RSP: 002b:00007f8314f31c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 77.753415] RAX: ffffffffffffffda RBX: 00007f8314f326d4 RCX: 0000000000455b59 [ 77.760684] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 77.768236] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 77.775534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 77.782924] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 77.790210] CPU: 0 PID: 6216 Comm: syz-executor2 Not tainted 5.7.0-rc1-syzkaller #0 [ 77.798020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.807485] Call Trace: [ 77.810084] dump_stack+0x12f/0x187 [ 77.813739] should_fail.cold.4+0x5/0x17 [ 77.817821] ? fault_create_debugfs_attr+0x150/0x150 [ 77.822965] __should_failslab+0xba/0xf0 [ 77.827035] should_failslab+0x9/0x14 [ 77.830847] kmem_cache_alloc_node_trace+0x267/0x770 [ 77.836070] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 77.841356] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 77.846481] __kmalloc_node_track_caller+0x3c/0x70 [ 77.851425] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 77.856214] __alloc_skb+0xd7/0x570 [ 77.859857] ? netdev_alloc_frag+0xe0/0xe0 [ 77.864105] ? mark_held_locks+0x130/0x130 [ 77.868358] alloc_skb_with_frags+0x75/0x480 [ 77.872873] ? reacquire_held_locks+0x21e/0x510 [ 77.877577] sock_alloc_send_pskb+0x5f5/0x790 [ 77.882099] ? _raw_spin_unlock_bh+0x2b/0x30 [ 77.886546] ? sock_def_error_report+0x360/0x360 [ 77.891323] ? trace_hardirqs_on+0x28/0x180 [ 77.895661] ? release_sock+0x122/0x180 [ 77.899842] ? __local_bh_enable_ip+0x161/0x230 [ 77.904551] sock_alloc_send_skb+0x13/0x20 [ 77.908797] dccp_sendmsg+0x25a/0xdb0 [ 77.912713] ? aa_sk_perm+0x182/0x740 [ 77.916531] ? dccp_disconnect+0xb00/0xb00 [ 77.920777] ? aa_af_perm+0x240/0x240 [ 77.924595] ? __kasan_check_write+0x14/0x20 [ 77.929028] inet_sendmsg+0xbd/0xe0 [ 77.932671] ? inet_send_prepare+0x3a0/0x3a0 [ 77.937094] sock_sendmsg+0xdf/0x110 [ 77.940827] ____sys_sendmsg+0x3fe/0xae0 [ 77.944905] ? kernel_sendmsg+0x30/0x30 [ 77.948890] ? mark_lock+0xbf/0x760 [ 77.952577] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 77.957875] ? __kasan_check_read+0x11/0x20 [ 77.962225] ? hlock_class+0x52/0x120 [ 77.966048] ___sys_sendmsg+0xe4/0x160 [ 77.969956] ? sendmsg_copy_msghdr+0x30/0x30 [ 77.974393] ? mark_held_locks+0x130/0x130 [ 77.978646] ? find_held_lock+0x36/0x1d0 [ 77.982734] ? __might_fault+0xf1/0x1b0 [ 77.986736] ? __might_fault+0xc6/0x1b0 [ 77.990727] ? lock_downgrade+0x960/0x960 [ 77.994889] ? lock_release+0x960/0x960 [ 77.998884] ? ___might_sleep+0x13e/0x2b0 [ 78.003055] __sys_sendmmsg+0x160/0x380 [ 78.007052] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 78.011391] ? __kasan_check_write+0x14/0x20 2020/04/16 22:48:52 executed programs: 6 [ 78.015839] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 78.020867] ? rcu_read_lock_any_held+0xcd/0xf0 [ 78.025558] ? __kasan_check_write+0x14/0x20 [ 78.031194] ? fput_many+0x1b/0x130 [ 78.035053] ? fput+0xe/0x10 [ 78.037471] FAULT_INJECTION: forcing a failure. [ 78.037471] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 78.038085] ? ksys_write+0x187/0x220 [ 78.053776] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 78.058522] ? do_syscall_64+0x21/0x630 [ 78.062516] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.067879] __x64_sys_sendmmsg+0x98/0x100 [ 78.072176] do_syscall_64+0xd0/0x630 [ 78.075994] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.081179] RIP: 0033:0x455b59 [ 78.084366] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 78.103495] RSP: 002b:00007f22cc5ddc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 78.111200] RAX: ffffffffffffffda RBX: 00007f22cc5de6d4 RCX: 0000000000455b59 [ 78.118462] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 78.125823] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 78.133079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 78.140336] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 78.147608] CPU: 1 PID: 6218 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 78.155327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.164782] Call Trace: [ 78.167383] dump_stack+0x12f/0x187 [ 78.171016] should_fail.cold.4+0x5/0x17 [ 78.175087] ? fault_create_debugfs_attr+0x150/0x150 [ 78.180192] ? _raw_spin_unlock_irq+0x22/0x70 [ 78.184691] ? trace_hardirqs_on+0x28/0x180 [ 78.189018] should_fail_alloc_page+0x50/0x60 [ 78.193515] __alloc_pages_nodemask+0x191/0x840 [ 78.195227] FAULT_INJECTION: forcing a failure. [ 78.195227] name failslab, interval 1, probability 0, space 0, times 0 [ 78.198185] ? __alloc_pages_slowpath.constprop.118+0x2510/0x2510 [ 78.198199] ? fault_create_debugfs_attr+0x150/0x150 [ 78.198210] cache_grow_begin+0x90/0xb30 [ 78.198218] ? trace_hardirqs_off+0x41/0x180 [ 78.198229] kmem_cache_alloc_node_trace+0x68d/0x770 [ 78.234370] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 78.239476] __kmalloc_node_track_caller+0x3c/0x70 [ 78.244398] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 78.249163] __alloc_skb+0xd7/0x570 [ 78.252818] ? netdev_alloc_frag+0xe0/0xe0 [ 78.257055] ? mark_held_locks+0x130/0x130 [ 78.261291] alloc_skb_with_frags+0x75/0x480 [ 78.265685] ? reacquire_held_locks+0x21e/0x510 [ 78.270343] sock_alloc_send_pskb+0x5f5/0x790 [ 78.274831] ? _raw_spin_unlock_bh+0x2b/0x30 [ 78.279226] ? sock_def_error_report+0x360/0x360 [ 78.283964] ? trace_hardirqs_on+0x28/0x180 [ 78.288269] ? release_sock+0x122/0x180 [ 78.292232] ? __local_bh_enable_ip+0x161/0x230 [ 78.296887] sock_alloc_send_skb+0x13/0x20 [ 78.301134] dccp_sendmsg+0x25a/0xdb0 [ 78.304920] ? aa_sk_perm+0x182/0x740 [ 78.308705] ? dccp_disconnect+0xb00/0xb00 [ 78.312923] ? aa_af_perm+0x240/0x240 [ 78.316737] ? __kasan_check_write+0x14/0x20 [ 78.321178] inet_sendmsg+0xbd/0xe0 [ 78.324806] ? inet_send_prepare+0x3a0/0x3a0 [ 78.329208] sock_sendmsg+0xdf/0x110 [ 78.332905] ____sys_sendmsg+0x3fe/0xae0 [ 78.336966] ? kernel_sendmsg+0x30/0x30 [ 78.341382] ? mark_lock+0xbf/0x760 [ 78.344994] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 78.350275] ? __kasan_check_read+0x11/0x20 [ 78.354773] ? hlock_class+0x52/0x120 [ 78.358564] ___sys_sendmsg+0xe4/0x160 [ 78.362441] ? sendmsg_copy_msghdr+0x30/0x30 [ 78.366838] ? mark_held_locks+0x130/0x130 [ 78.371080] ? find_held_lock+0x36/0x1d0 [ 78.375197] ? __might_fault+0xf1/0x1b0 [ 78.379163] ? __might_fault+0xc6/0x1b0 [ 78.383124] ? lock_downgrade+0x960/0x960 [ 78.387262] ? lock_release+0x960/0x960 [ 78.391226] ? ___might_sleep+0x13e/0x2b0 [ 78.395360] __sys_sendmmsg+0x160/0x380 [ 78.399324] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 78.403648] ? __kasan_check_write+0x14/0x20 [ 78.408039] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 78.412867] ? rcu_read_lock_any_held+0xcd/0xf0 [ 78.417524] ? __kasan_check_write+0x14/0x20 [ 78.421915] ? fput_many+0x1b/0x130 [ 78.425527] ? fput+0xe/0x10 [ 78.428529] ? ksys_write+0x187/0x220 [ 78.432313] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 78.437070] ? do_syscall_64+0x21/0x630 [ 78.441041] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.446420] __x64_sys_sendmmsg+0x98/0x100 [ 78.450667] do_syscall_64+0xd0/0x630 [ 78.454610] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.459805] RIP: 0033:0x455b59 [ 78.462990] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 78.481990] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 78.489687] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 78.496942] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 78.504207] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 78.511491] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 78.518783] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 78.526058] CPU: 0 PID: 6234 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 78.533883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.543247] Call Trace: [ 78.545848] dump_stack+0x12f/0x187 [ 78.549503] should_fail.cold.4+0x5/0x17 [ 78.553672] ? fault_create_debugfs_attr+0x150/0x150 [ 78.558802] __should_failslab+0xba/0xf0 [ 78.562878] should_failslab+0x9/0x14 [ 78.566693] kmem_cache_alloc_node+0x251/0x750 [ 78.571316] ? hlock_class+0x52/0x120 [ 78.575706] ? __lock_acquire+0x1850/0x3b10 [ 78.580044] ? __kasan_check_read+0x11/0x20 [ 78.584387] __alloc_skb+0xa7/0x570 [ 78.588027] ? netdev_alloc_frag+0xe0/0xe0 [ 78.591941] FAULT_INJECTION: forcing a failure. [ 78.591941] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 78.592279] ? mark_held_locks+0x130/0x130 [ 78.608465] alloc_skb_with_frags+0x75/0x480 [ 78.612872] ? reacquire_held_locks+0x21e/0x510 [ 78.617542] sock_alloc_send_pskb+0x5f5/0x790 [ 78.622031] ? _raw_spin_unlock_bh+0x2b/0x30 [ 78.626426] ? sock_def_error_report+0x360/0x360 [ 78.631166] ? trace_hardirqs_on+0x28/0x180 [ 78.635474] ? release_sock+0x122/0x180 [ 78.639575] ? __local_bh_enable_ip+0x161/0x230 [ 78.644246] sock_alloc_send_skb+0x13/0x20 [ 78.648474] dccp_sendmsg+0x25a/0xdb0 [ 78.652289] ? aa_sk_perm+0x182/0x740 [ 78.656100] ? dccp_disconnect+0xb00/0xb00 [ 78.660330] ? aa_af_perm+0x240/0x240 [ 78.664142] ? __kasan_check_write+0x14/0x20 [ 78.668558] inet_sendmsg+0xbd/0xe0 [ 78.672198] ? inet_send_prepare+0x3a0/0x3a0 [ 78.676769] sock_sendmsg+0xdf/0x110 [ 78.680512] ____sys_sendmsg+0x3fe/0xae0 [ 78.684572] ? kernel_sendmsg+0x30/0x30 [ 78.688537] ? mark_lock+0xbf/0x760 [ 78.692148] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 78.697545] ? __kasan_check_read+0x11/0x20 [ 78.701977] ? hlock_class+0x52/0x120 [ 78.705779] ___sys_sendmsg+0xe4/0x160 [ 78.709668] ? sendmsg_copy_msghdr+0x30/0x30 [ 78.714080] ? mark_held_locks+0x130/0x130 [ 78.718402] ? find_held_lock+0x36/0x1d0 [ 78.722459] ? __might_fault+0xf1/0x1b0 [ 78.726420] ? __might_fault+0xc6/0x1b0 [ 78.730380] ? lock_downgrade+0x960/0x960 [ 78.734511] ? lock_release+0x960/0x960 [ 78.738821] ? ___might_sleep+0x13e/0x2b0 [ 78.742962] __sys_sendmmsg+0x160/0x380 [ 78.746923] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 78.751231] ? __kasan_check_write+0x14/0x20 [ 78.755621] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 78.760465] ? rcu_read_lock_any_held+0xcd/0xf0 [ 78.765145] ? __kasan_check_write+0x14/0x20 [ 78.769556] ? fput_many+0x1b/0x130 [ 78.773187] ? fput+0xe/0x10 [ 78.776188] ? ksys_write+0x187/0x220 [ 78.780071] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 78.785451] ? do_syscall_64+0x21/0x630 [ 78.789421] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.794901] __x64_sys_sendmmsg+0x98/0x100 [ 78.799129] do_syscall_64+0xd0/0x630 [ 78.802917] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 78.808090] RIP: 0033:0x455b59 [ 78.811293] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 78.830522] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 78.838247] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 78.845679] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 78.852957] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 78.860326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 78.867687] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 78.874999] CPU: 1 PID: 6231 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 78.882831] FAULT_INJECTION: forcing a failure. [ 78.882831] name failslab, interval 1, probability 0, space 0, times 0 [ 78.882902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.903626] Call Trace: [ 78.906212] dump_stack+0x12f/0x187 [ 78.909852] should_fail.cold.4+0x5/0x17 [ 78.914251] ? fault_create_debugfs_attr+0x150/0x150 [ 78.919344] ? mark_held_locks+0x130/0x130 [ 78.923567] ? ____sys_sendmsg+0x3fe/0xae0 [ 78.927784] ? ___sys_sendmsg+0xe4/0x160 [ 78.931934] should_fail_alloc_page+0x50/0x60 [ 78.936434] __alloc_pages_nodemask+0x191/0x840 [ 78.941104] ? __alloc_pages_slowpath.constprop.118+0x2510/0x2510 [ 78.947537] ? lock_release+0x960/0x960 [ 78.951508] ? fault_create_debugfs_attr+0x150/0x150 [ 78.956605] cache_grow_begin+0x90/0xb30 [ 78.960653] ? trace_hardirqs_off+0x41/0x180 [ 78.965062] kmem_cache_alloc_node_trace+0x68d/0x770 [ 78.970163] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 78.975419] __kmalloc_node_track_caller+0x3c/0x70 [ 78.980434] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 78.985178] __alloc_skb+0xd7/0x570 [ 78.988804] ? netdev_alloc_frag+0xe0/0xe0 [ 78.993097] ? mark_held_locks+0x130/0x130 [ 78.997335] alloc_skb_with_frags+0x75/0x480 [ 79.001833] ? reacquire_held_locks+0x21e/0x510 [ 79.006520] sock_alloc_send_pskb+0x5f5/0x790 [ 79.011028] ? _raw_spin_unlock_bh+0x2b/0x30 [ 79.015429] ? sock_def_error_report+0x360/0x360 [ 79.020255] ? trace_hardirqs_on+0x28/0x180 [ 79.024695] ? release_sock+0x122/0x180 [ 79.028702] ? __local_bh_enable_ip+0x161/0x230 [ 79.033390] sock_alloc_send_skb+0x13/0x20 [ 79.037738] dccp_sendmsg+0x25a/0xdb0 [ 79.041541] ? aa_sk_perm+0x182/0x740 [ 79.045339] ? dccp_disconnect+0xb00/0xb00 [ 79.049558] ? aa_af_perm+0x240/0x240 [ 79.053367] ? __kasan_check_write+0x14/0x20 [ 79.057785] inet_sendmsg+0xbd/0xe0 [ 79.061443] ? inet_send_prepare+0x3a0/0x3a0 [ 79.065943] sock_sendmsg+0xdf/0x110 [ 79.069663] ____sys_sendmsg+0x3fe/0xae0 [ 79.073713] ? kernel_sendmsg+0x30/0x30 [ 79.077675] ? mark_lock+0xbf/0x760 [ 79.081300] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 79.086597] ? __kasan_check_read+0x11/0x20 [ 79.091133] ? hlock_class+0x52/0x120 [ 79.094939] ___sys_sendmsg+0xe4/0x160 [ 79.098833] ? sendmsg_copy_msghdr+0x30/0x30 [ 79.103234] ? mark_held_locks+0x130/0x130 [ 79.107556] ? find_held_lock+0x36/0x1d0 [ 79.111627] ? __might_fault+0xf1/0x1b0 [ 79.115870] ? __might_fault+0xc6/0x1b0 [ 79.119865] ? lock_downgrade+0x960/0x960 [ 79.124164] ? lock_release+0x960/0x960 [ 79.129346] ? ___might_sleep+0x13e/0x2b0 [ 79.133503] __sys_sendmmsg+0x160/0x380 [ 79.137468] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 79.141781] ? __kasan_check_write+0x14/0x20 [ 79.146194] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 79.151032] ? rcu_read_lock_any_held+0xcd/0xf0 [ 79.155709] ? __kasan_check_write+0x14/0x20 [ 79.160185] ? fput_many+0x1b/0x130 [ 79.163816] ? fput+0xe/0x10 [ 79.166846] ? ksys_write+0x187/0x220 [ 79.170640] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 79.175484] ? do_syscall_64+0x21/0x630 [ 79.179588] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.184954] __x64_sys_sendmmsg+0x98/0x100 [ 79.189197] do_syscall_64+0xd0/0x630 [ 79.192997] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.198271] RIP: 0033:0x455b59 [ 79.202582] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 79.221748] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 79.229444] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 79.236700] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 79.244388] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 79.251910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 79.259169] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 79.266550] CPU: 0 PID: 6235 Comm: syz-executor3 Not tainted 5.7.0-rc1-syzkaller #0 [ 79.274355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.284131] Call Trace: [ 79.286729] dump_stack+0x12f/0x187 [ 79.290393] should_fail.cold.4+0x5/0x17 [ 79.294562] ? fault_create_debugfs_attr+0x150/0x150 [ 79.299777] __should_failslab+0xba/0xf0 [ 79.303856] should_failslab+0x9/0x14 [ 79.307668] kmem_cache_alloc_node_trace+0x267/0x770 [ 79.313046] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 79.318365] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 79.323575] __kmalloc_node_track_caller+0x3c/0x70 [ 79.330600] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 79.335398] __alloc_skb+0xd7/0x570 [ 79.339305] ? netdev_alloc_frag+0xe0/0xe0 [ 79.343932] ? mark_held_locks+0x130/0x130 [ 79.348283] alloc_skb_with_frags+0x75/0x480 [ 79.352700] ? reacquire_held_locks+0x21e/0x510 [ 79.357394] sock_alloc_send_pskb+0x5f5/0x790 [ 79.361915] ? _raw_spin_unlock_bh+0x2b/0x30 [ 79.366506] ? sock_def_error_report+0x360/0x360 [ 79.371916] ? trace_hardirqs_on+0x28/0x180 [ 79.376610] ? release_sock+0x122/0x180 [ 79.380607] ? __local_bh_enable_ip+0x161/0x230 [ 79.385287] sock_alloc_send_skb+0x13/0x20 [ 79.389611] dccp_sendmsg+0x25a/0xdb0 [ 79.393215] FAULT_INJECTION: forcing a failure. [ 79.393215] name failslab, interval 1, probability 0, space 0, times 0 [ 79.393624] ? aa_sk_perm+0x182/0x740 [ 79.393635] ? dccp_disconnect+0xb00/0xb00 [ 79.393642] ? aa_af_perm+0x240/0x240 [ 79.393651] ? __kasan_check_write+0x14/0x20 [ 79.393668] inet_sendmsg+0xbd/0xe0 [ 79.393674] ? inet_send_prepare+0x3a0/0x3a0 [ 79.393684] sock_sendmsg+0xdf/0x110 [ 79.434560] ____sys_sendmsg+0x3fe/0xae0 [ 79.439586] ? kernel_sendmsg+0x30/0x30 [ 79.444062] ? mark_lock+0xbf/0x760 [ 79.447798] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 79.453356] ? __kasan_check_read+0x11/0x20 [ 79.458992] ? hlock_class+0x52/0x120 [ 79.463068] ___sys_sendmsg+0xe4/0x160 [ 79.467592] ? sendmsg_copy_msghdr+0x30/0x30 [ 79.472443] ? mark_held_locks+0x130/0x130 [ 79.476855] ? find_held_lock+0x36/0x1d0 [ 79.481027] ? __might_fault+0xf1/0x1b0 [ 79.485516] ? __might_fault+0xc6/0x1b0 [ 79.489775] ? lock_downgrade+0x960/0x960 [ 79.494327] ? lock_release+0x960/0x960 [ 79.498294] ? ___might_sleep+0x13e/0x2b0 [ 79.502695] __sys_sendmmsg+0x160/0x380 [ 79.506657] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 79.510993] ? __kasan_check_write+0x14/0x20 [ 79.515956] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 79.521160] ? rcu_read_lock_any_held+0xcd/0xf0 [ 79.526183] ? __kasan_check_write+0x14/0x20 [ 79.530600] ? fput_many+0x1b/0x130 [ 79.534235] ? fput+0xe/0x10 [ 79.537373] ? ksys_write+0x187/0x220 [ 79.541467] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 79.546217] ? do_syscall_64+0x21/0x630 [ 79.550189] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.555562] __x64_sys_sendmmsg+0x98/0x100 [ 79.559784] do_syscall_64+0xd0/0x630 [ 79.563587] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.568769] RIP: 0033:0x455b59 [ 79.571958] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 79.591354] RSP: 002b:00007f8314f31c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 79.599694] RAX: ffffffffffffffda RBX: 00007f8314f326d4 RCX: 0000000000455b59 [ 79.607132] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 79.614400] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 79.621659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 79.629238] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 79.636515] CPU: 1 PID: 6240 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 79.644232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.653596] Call Trace: [ 79.656202] dump_stack+0x12f/0x187 [ 79.659855] should_fail.cold.4+0x5/0x17 [ 79.664027] ? fault_create_debugfs_attr+0x150/0x150 [ 79.669335] __should_failslab+0xba/0xf0 [ 79.673600] should_failslab+0x9/0x14 [ 79.677585] kmem_cache_alloc_node_trace+0x267/0x770 [ 79.682738] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 79.688108] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 79.693472] __kmalloc_node_track_caller+0x3c/0x70 [ 79.698639] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 79.703409] __alloc_skb+0xd7/0x570 [ 79.707056] ? netdev_alloc_frag+0xe0/0xe0 [ 79.712620] ? mark_held_locks+0x130/0x130 [ 79.717321] alloc_skb_with_frags+0x75/0x480 [ 79.722060] ? reacquire_held_locks+0x21e/0x510 [ 79.722942] FAULT_INJECTION: forcing a failure. [ 79.722942] name failslab, interval 1, probability 0, space 0, times 0 [ 79.727086] sock_alloc_send_pskb+0x5f5/0x790 [ 79.727100] ? _raw_spin_unlock_bh+0x2b/0x30 [ 79.727108] ? sock_def_error_report+0x360/0x360 [ 79.727115] ? trace_hardirqs_on+0x28/0x180 [ 79.727121] ? release_sock+0x122/0x180 [ 79.727131] ? __local_bh_enable_ip+0x161/0x230 [ 79.727141] sock_alloc_send_skb+0x13/0x20 [ 79.727148] dccp_sendmsg+0x25a/0xdb0 [ 79.727156] ? aa_sk_perm+0x182/0x740 [ 79.727164] ? dccp_disconnect+0xb00/0xb00 [ 79.784625] ? aa_af_perm+0x240/0x240 [ 79.788435] ? __kasan_check_write+0x14/0x20 [ 79.793462] inet_sendmsg+0xbd/0xe0 [ 79.797180] ? inet_send_prepare+0x3a0/0x3a0 [ 79.801852] sock_sendmsg+0xdf/0x110 [ 79.806010] ____sys_sendmsg+0x3fe/0xae0 [ 79.810437] ? kernel_sendmsg+0x30/0x30 [ 79.814591] ? mark_lock+0xbf/0x760 [ 79.818243] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 79.823691] ? __kasan_check_read+0x11/0x20 [ 79.828125] ? hlock_class+0x52/0x120 [ 79.831937] ___sys_sendmsg+0xe4/0x160 [ 79.836062] ? sendmsg_copy_msghdr+0x30/0x30 [ 79.840463] ? mark_held_locks+0x130/0x130 [ 79.845036] ? find_held_lock+0x36/0x1d0 [ 79.849661] ? __might_fault+0xf1/0x1b0 [ 79.853639] ? __might_fault+0xc6/0x1b0 [ 79.857616] ? lock_downgrade+0x960/0x960 [ 79.862190] ? lock_release+0x960/0x960 [ 79.866545] ? ___might_sleep+0x13e/0x2b0 [ 79.870955] __sys_sendmmsg+0x160/0x380 [ 79.874946] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 79.879828] ? __kasan_check_write+0x14/0x20 [ 79.884317] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 79.889162] ? rcu_read_lock_any_held+0xcd/0xf0 [ 79.894205] ? __kasan_check_write+0x14/0x20 [ 79.899144] ? fput_many+0x1b/0x130 [ 79.903367] ? fput+0xe/0x10 [ 79.906376] ? ksys_write+0x187/0x220 [ 79.910440] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 79.916023] ? do_syscall_64+0x21/0x630 [ 79.921021] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.926641] __x64_sys_sendmmsg+0x98/0x100 [ 79.931218] do_syscall_64+0xd0/0x630 [ 79.935212] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 79.940421] RIP: 0033:0x455b59 [ 79.943728] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 79.963151] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 79.971258] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 79.978526] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 79.985812] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 79.993443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 80.000893] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 80.008264] CPU: 0 PID: 6246 Comm: syz-executor5 Not tainted 5.7.0-rc1-syzkaller #0 [ 80.016137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.026466] Call Trace: [ 80.029328] dump_stack+0x12f/0x187 [ 80.032966] should_fail.cold.4+0x5/0x17 [ 80.037038] ? fault_create_debugfs_attr+0x150/0x150 [ 80.042563] __should_failslab+0xba/0xf0 [ 80.046657] should_failslab+0x9/0x14 [ 80.050600] kmem_cache_alloc_node_trace+0x267/0x770 [ 80.055903] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 80.061577] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 80.067022] __kmalloc_node_track_caller+0x3c/0x70 [ 80.072144] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 80.077263] __alloc_skb+0xd7/0x570 [ 80.081603] ? netdev_alloc_frag+0xe0/0xe0 [ 80.086022] ? mark_held_locks+0x130/0x130 [ 80.090377] alloc_skb_with_frags+0x75/0x480 [ 80.094835] ? reacquire_held_locks+0x21e/0x510 [ 80.099524] sock_alloc_send_pskb+0x5f5/0x790 [ 80.104034] ? _raw_spin_unlock_bh+0x2b/0x30 [ 80.108492] ? sock_def_error_report+0x360/0x360 [ 80.113262] ? trace_hardirqs_on+0x28/0x180 [ 80.117597] ? release_sock+0x122/0x180 [ 80.121585] ? __local_bh_enable_ip+0x161/0x230 [ 80.126375] sock_alloc_send_skb+0x13/0x20 [ 80.130630] dccp_sendmsg+0x25a/0xdb0 [ 80.134793] ? aa_sk_perm+0x182/0x740 [ 80.137697] FAULT_INJECTION: forcing a failure. [ 80.137697] name failslab, interval 1, probability 0, space 0, times 0 [ 80.138607] ? dccp_disconnect+0xb00/0xb00 [ 80.138617] ? aa_af_perm+0x240/0x240 [ 80.138625] ? __kasan_check_write+0x14/0x20 [ 80.138641] inet_sendmsg+0xbd/0xe0 [ 80.138648] ? inet_send_prepare+0x3a0/0x3a0 [ 80.138657] sock_sendmsg+0xdf/0x110 [ 80.138665] ____sys_sendmsg+0x3fe/0xae0 [ 80.138676] ? kernel_sendmsg+0x30/0x30 [ 80.138684] ? mark_lock+0xbf/0x760 [ 80.138696] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 80.138703] ? __kasan_check_read+0x11/0x20 [ 80.138707] ? hlock_class+0x52/0x120 [ 80.138717] ___sys_sendmsg+0xe4/0x160 [ 80.203644] ? sendmsg_copy_msghdr+0x30/0x30 [ 80.208069] ? mark_held_locks+0x130/0x130 [ 80.212313] ? find_held_lock+0x36/0x1d0 [ 80.216383] ? __might_fault+0xf1/0x1b0 [ 80.220348] ? __might_fault+0xc6/0x1b0 [ 80.224332] ? lock_downgrade+0x960/0x960 [ 80.228492] ? lock_release+0x960/0x960 [ 80.232470] ? ___might_sleep+0x13e/0x2b0 [ 80.236619] __sys_sendmmsg+0x160/0x380 [ 80.240595] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 80.244909] ? __kasan_check_write+0x14/0x20 [ 80.249409] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 80.254252] ? rcu_read_lock_any_held+0xcd/0xf0 [ 80.258943] ? __kasan_check_write+0x14/0x20 [ 80.263357] ? fput_many+0x1b/0x130 [ 80.266973] ? fput+0xe/0x10 [ 80.269982] ? ksys_write+0x187/0x220 [ 80.273817] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 80.278573] ? do_syscall_64+0x21/0x630 [ 80.282542] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.287898] __x64_sys_sendmmsg+0x98/0x100 [ 80.292150] do_syscall_64+0xd0/0x630 [ 80.296063] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.301271] RIP: 0033:0x455b59 [ 80.304459] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.323372] RSP: 002b:00007f8734fa0c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 80.331081] RAX: ffffffffffffffda RBX: 00007f8734fa16d4 RCX: 0000000000455b59 [ 80.338433] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 80.346047] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 80.353314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 80.360592] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 80.367868] CPU: 1 PID: 6247 Comm: syz-executor2 Not tainted 5.7.0-rc1-syzkaller #0 [ 80.370642] FAULT_INJECTION: forcing a failure. [ 80.370642] name failslab, interval 1, probability 0, space 0, times 0 [ 80.375760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.375765] Call Trace: [ 80.375781] dump_stack+0x12f/0x187 [ 80.375794] should_fail.cold.4+0x5/0x17 [ 80.375803] ? fault_create_debugfs_attr+0x150/0x150 [ 80.375819] __should_failslab+0xba/0xf0 [ 80.375828] should_failslab+0x9/0x14 [ 80.375836] kmem_cache_alloc_trace+0x4b/0x770 [ 80.375844] ? trace_hardirqs_on+0x28/0x180 [ 80.375860] dccp_ackvec_parsed_add+0x51/0x220 [ 80.433698] ccid2_hc_tx_parse_options+0x5b/0x80 [ 80.438452] dccp_parse_options+0x54a/0x1000 [ 80.442868] ? __local_bh_enable_ip+0x161/0x230 [ 80.447537] dccp_rcv_established+0x23/0x70 [ 80.451864] dccp_v4_do_rcv+0xf4/0x160 [ 80.455742] __release_sock+0x110/0x340 [ 80.459726] release_sock+0x4f/0x180 [ 80.463428] dccp_sendmsg+0x52f/0xdb0 [ 80.467215] ? aa_sk_perm+0x182/0x740 [ 80.471025] ? dccp_disconnect+0xb00/0xb00 [ 80.475245] ? aa_af_perm+0x240/0x240 [ 80.479032] ? __kasan_check_write+0x14/0x20 [ 80.483442] inet_sendmsg+0xbd/0xe0 [ 80.487058] ? inet_send_prepare+0x3a0/0x3a0 [ 80.491450] sock_sendmsg+0xdf/0x110 [ 80.495149] ____sys_sendmsg+0x3fe/0xae0 [ 80.499195] ? kernel_sendmsg+0x30/0x30 [ 80.503173] ? finish_task_switch+0x12a/0x630 [ 80.507659] ___sys_sendmsg+0xe4/0x160 [ 80.511552] ? sendmsg_copy_msghdr+0x30/0x30 [ 80.515964] ? _raw_spin_unlock_irq+0x22/0x70 [ 80.520471] ? trace_hardirqs_on+0x28/0x180 [ 80.524794] ? _raw_spin_unlock_irq+0x22/0x70 [ 80.529287] ? finish_task_switch+0x12a/0x630 [ 80.533783] ? finish_task_switch+0xf3/0x630 [ 80.538206] ? __schedule+0x89d/0x1900 [ 80.542125] ? __sched_text_start+0x8/0x8 [ 80.546284] ? ___might_sleep+0x13e/0x2b0 [ 80.550445] ? __kasan_check_read+0x11/0x20 [ 80.554768] __sys_sendmmsg+0x160/0x380 [ 80.558913] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 80.563227] ? __kasan_check_write+0x14/0x20 [ 80.567734] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 80.572591] ? rcu_read_lock_any_held+0xcd/0xf0 [ 80.577264] ? __kasan_check_write+0x14/0x20 [ 80.581835] ? fput_many+0x1b/0x130 [ 80.585455] ? fput+0xe/0x10 [ 80.588477] ? ksys_write+0x187/0x220 [ 80.592280] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 80.597026] ? do_syscall_64+0x21/0x630 [ 80.601111] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.606468] __x64_sys_sendmmsg+0x98/0x100 [ 80.610865] do_syscall_64+0xd0/0x630 [ 80.614703] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.619893] RIP: 0033:0x455b59 [ 80.623083] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 80.641990] RSP: 002b:00007f22cc5ddc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 80.649688] RAX: ffffffffffffffda RBX: 00007f22cc5de6d4 RCX: 0000000000455b59 [ 80.656944] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 80.664200] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 80.671460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 80.678733] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 80.686050] CPU: 0 PID: 6249 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 80.687037] dccp_parse_options: DCCP(00000000fdb3b9a0): Option 38 (len=1) error=5 [ 80.693889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.693893] Call Trace: [ 80.693908] dump_stack+0x12f/0x187 [ 80.693920] should_fail.cold.4+0x5/0x17 [ 80.693928] ? fault_create_debugfs_attr+0x150/0x150 [ 80.693943] __should_failslab+0xba/0xf0 [ 80.730928] should_failslab+0x9/0x14 [ 80.734776] kmem_cache_alloc_node_trace+0x267/0x770 [ 80.739897] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 80.745208] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 80.750458] __kmalloc_node_track_caller+0x3c/0x70 [ 80.755406] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 80.760242] __alloc_skb+0xd7/0x570 [ 80.763892] ? netdev_alloc_frag+0xe0/0xe0 [ 80.768151] ? mark_held_locks+0x130/0x130 [ 80.772404] alloc_skb_with_frags+0x75/0x480 [ 80.776831] ? reacquire_held_locks+0x21e/0x510 [ 80.781522] sock_alloc_send_pskb+0x5f5/0x790 [ 80.787445] ? _raw_spin_unlock_bh+0x2b/0x30 [ 80.791871] ? sock_def_error_report+0x360/0x360 [ 80.796639] ? trace_hardirqs_on+0x28/0x180 [ 80.801132] ? release_sock+0x122/0x180 [ 80.805134] ? __local_bh_enable_ip+0x161/0x230 [ 80.809822] sock_alloc_send_skb+0x13/0x20 [ 80.814090] dccp_sendmsg+0x25a/0xdb0 [ 80.817903] ? aa_sk_perm+0x182/0x740 [ 80.821728] ? dccp_disconnect+0xb00/0xb00 [ 80.825978] ? aa_af_perm+0x240/0x240 [ 80.829794] ? __kasan_check_write+0x14/0x20 [ 80.834214] inet_sendmsg+0xbd/0xe0 [ 80.837961] ? inet_send_prepare+0x3a0/0x3a0 [ 80.842385] sock_sendmsg+0xdf/0x110 [ 80.846201] ____sys_sendmsg+0x3fe/0xae0 [ 80.850285] ? kernel_sendmsg+0x30/0x30 [ 80.854278] ? mark_lock+0xbf/0x760 [ 80.857912] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 80.863083] FAULT_INJECTION: forcing a failure. [ 80.863083] name failslab, interval 1, probability 0, space 0, times 0 [ 80.863194] ? __kasan_check_read+0x11/0x20 [ 80.863202] ? hlock_class+0x52/0x120 [ 80.863213] ___sys_sendmsg+0xe4/0x160 [ 80.887590] ? sendmsg_copy_msghdr+0x30/0x30 [ 80.892263] ? mark_held_locks+0x130/0x130 [ 80.896521] ? find_held_lock+0x36/0x1d0 [ 80.900578] ? __might_fault+0xf1/0x1b0 [ 80.904543] ? __might_fault+0xc6/0x1b0 [ 80.908507] ? lock_downgrade+0x960/0x960 [ 80.912640] ? lock_release+0x960/0x960 [ 80.916599] ? ___might_sleep+0x13e/0x2b0 [ 80.920745] __sys_sendmmsg+0x160/0x380 [ 80.924711] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 80.929026] ? __kasan_check_write+0x14/0x20 [ 80.933434] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 80.938276] ? rcu_read_lock_any_held+0xcd/0xf0 [ 80.942957] ? __kasan_check_write+0x14/0x20 [ 80.947357] ? fput_many+0x1b/0x130 [ 80.950972] ? fput+0xe/0x10 [ 80.953974] ? ksys_write+0x187/0x220 [ 80.957767] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 80.962521] ? do_syscall_64+0x21/0x630 [ 80.966481] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.971830] __x64_sys_sendmmsg+0x98/0x100 [ 80.976243] do_syscall_64+0xd0/0x630 [ 80.980040] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 80.985307] RIP: 0033:0x455b59 [ 80.988518] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.007416] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 81.015121] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 81.022395] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 81.029656] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 81.036924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 81.044184] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 81.051470] CPU: 1 PID: 6262 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 81.059197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.068734] Call Trace: [ 81.071330] dump_stack+0x12f/0x187 [ 81.074974] should_fail.cold.4+0x5/0x17 [ 81.079055] ? fault_create_debugfs_attr+0x150/0x150 [ 81.084210] __should_failslab+0xba/0xf0 [ 81.088291] should_failslab+0x9/0x14 [ 81.092120] kmem_cache_alloc_node_trace+0x267/0x770 [ 81.097240] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.102790] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 81.107918] __kmalloc_node_track_caller+0x3c/0x70 [ 81.112863] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 81.117634] __alloc_skb+0xd7/0x570 [ 81.121323] ? netdev_alloc_frag+0xe0/0xe0 [ 81.125586] ? mark_held_locks+0x130/0x130 [ 81.129850] alloc_skb_with_frags+0x75/0x480 [ 81.134270] ? reacquire_held_locks+0x21e/0x510 [ 81.138997] sock_alloc_send_pskb+0x5f5/0x790 [ 81.143596] ? _raw_spin_unlock_bh+0x2b/0x30 [ 81.148018] ? sock_def_error_report+0x360/0x360 [ 81.152780] ? trace_hardirqs_on+0x28/0x180 [ 81.157110] ? release_sock+0x122/0x180 [ 81.161097] ? __local_bh_enable_ip+0x161/0x230 [ 81.165779] sock_alloc_send_skb+0x13/0x20 [ 81.170111] dccp_sendmsg+0x25a/0xdb0 [ 81.173946] ? aa_sk_perm+0x182/0x740 [ 81.177760] ? dccp_disconnect+0xb00/0xb00 [ 81.182020] ? aa_af_perm+0x240/0x240 [ 81.185833] ? __kasan_check_write+0x14/0x20 [ 81.190265] inet_sendmsg+0xbd/0xe0 [ 81.193922] ? inet_send_prepare+0x3a0/0x3a0 [ 81.198353] sock_sendmsg+0xdf/0x110 [ 81.202176] ____sys_sendmsg+0x3fe/0xae0 [ 81.206247] ? kernel_sendmsg+0x30/0x30 [ 81.210228] ? mark_lock+0xbf/0x760 [ 81.213855] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.215606] FAULT_INJECTION: forcing a failure. [ 81.215606] name failslab, interval 1, probability 0, space 0, times 0 [ 81.219132] ? __kasan_check_read+0x11/0x20 [ 81.219140] ? hlock_class+0x52/0x120 [ 81.219152] ___sys_sendmsg+0xe4/0x160 [ 81.219160] ? sendmsg_copy_msghdr+0x30/0x30 [ 81.219169] ? mark_held_locks+0x130/0x130 [ 81.219179] ? find_held_lock+0x36/0x1d0 [ 81.219188] ? __might_fault+0xf1/0x1b0 [ 81.219194] ? __might_fault+0xc6/0x1b0 [ 81.219203] ? lock_downgrade+0x960/0x960 [ 81.219209] ? lock_release+0x960/0x960 [ 81.219235] ? ___might_sleep+0x13e/0x2b0 [ 81.275705] __sys_sendmmsg+0x160/0x380 [ 81.279691] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 81.284008] ? __kasan_check_write+0x14/0x20 [ 81.288427] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 81.293256] ? rcu_read_lock_any_held+0xcd/0xf0 [ 81.297917] ? __kasan_check_write+0x14/0x20 [ 81.302323] ? fput_many+0x1b/0x130 [ 81.305941] ? fput+0xe/0x10 [ 81.308949] ? ksys_write+0x187/0x220 [ 81.312743] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 81.317497] ? do_syscall_64+0x21/0x630 [ 81.321457] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 81.326813] __x64_sys_sendmmsg+0x98/0x100 [ 81.331208] do_syscall_64+0xd0/0x630 [ 81.335003] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 81.340201] RIP: 0033:0x455b59 [ 81.343546] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.362461] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 81.370167] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 81.377437] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 81.384712] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 81.391985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 81.399343] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 81.406634] CPU: 0 PID: 6268 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 81.414473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.423844] Call Trace: [ 81.426440] dump_stack+0x12f/0x187 [ 81.430118] should_fail.cold.4+0x5/0x17 [ 81.434211] ? fault_create_debugfs_attr+0x150/0x150 [ 81.439341] __should_failslab+0xba/0xf0 [ 81.443418] should_failslab+0x9/0x14 [ 81.447233] kmem_cache_alloc_node_trace+0x267/0x770 [ 81.452354] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.457637] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 81.462766] __kmalloc_node_track_caller+0x3c/0x70 [ 81.467717] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 81.472521] __alloc_skb+0xd7/0x570 [ 81.476293] ? netdev_alloc_frag+0xe0/0xe0 [ 81.480538] ? mark_held_locks+0x130/0x130 [ 81.484789] alloc_skb_with_frags+0x75/0x480 [ 81.489206] ? reacquire_held_locks+0x21e/0x510 [ 81.491126] FAULT_INJECTION: forcing a failure. [ 81.491126] name failslab, interval 1, probability 0, space 0, times 0 [ 81.493995] sock_alloc_send_pskb+0x5f5/0x790 [ 81.494053] ? _raw_spin_unlock_bh+0x2b/0x30 [ 81.494063] ? sock_def_error_report+0x360/0x360 [ 81.494068] ? trace_hardirqs_on+0x28/0x180 [ 81.494072] ? release_sock+0x122/0x180 [ 81.494079] ? __local_bh_enable_ip+0x161/0x230 [ 81.494085] sock_alloc_send_skb+0x13/0x20 [ 81.494091] dccp_sendmsg+0x25a/0xdb0 [ 81.494098] ? aa_sk_perm+0x182/0x740 [ 81.494105] ? dccp_disconnect+0xb00/0xb00 [ 81.494111] ? aa_af_perm+0x240/0x240 [ 81.494117] ? __kasan_check_write+0x14/0x20 [ 81.494160] inet_sendmsg+0xbd/0xe0 [ 81.494167] ? inet_send_prepare+0x3a0/0x3a0 [ 81.494175] sock_sendmsg+0xdf/0x110 [ 81.494184] ____sys_sendmsg+0x3fe/0xae0 [ 81.494195] ? kernel_sendmsg+0x30/0x30 [ 81.494202] ? mark_lock+0xbf/0x760 [ 81.494210] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.494217] ? __kasan_check_read+0x11/0x20 [ 81.494223] ? hlock_class+0x52/0x120 [ 81.494232] ___sys_sendmsg+0xe4/0x160 [ 81.494239] ? sendmsg_copy_msghdr+0x30/0x30 [ 81.494246] ? mark_held_locks+0x130/0x130 [ 81.494254] ? find_held_lock+0x36/0x1d0 [ 81.494262] ? __might_fault+0xf1/0x1b0 [ 81.494269] ? __might_fault+0xc6/0x1b0 [ 81.619107] ? lock_downgrade+0x960/0x960 [ 81.623361] ? lock_release+0x960/0x960 [ 81.627328] ? ___might_sleep+0x13e/0x2b0 [ 81.631467] __sys_sendmmsg+0x160/0x380 [ 81.635456] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 81.639767] ? __kasan_check_write+0x14/0x20 [ 81.644161] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 81.648999] ? rcu_read_lock_any_held+0xcd/0xf0 [ 81.653680] ? __kasan_check_write+0x14/0x20 [ 81.658256] ? fput_many+0x1b/0x130 [ 81.661876] ? fput+0xe/0x10 [ 81.664898] ? ksys_write+0x187/0x220 [ 81.668688] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 81.673441] ? do_syscall_64+0x21/0x630 [ 81.677401] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 81.682768] __x64_sys_sendmmsg+0x98/0x100 [ 81.687028] do_syscall_64+0xd0/0x630 [ 81.690831] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 81.696276] RIP: 0033:0x455b59 [ 81.699463] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 81.718550] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 81.726259] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 81.733734] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 81.741082] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 81.748335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 81.755606] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 81.762901] CPU: 1 PID: 6272 Comm: syz-executor3 Not tainted 5.7.0-rc1-syzkaller #0 [ 81.770989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.780616] Call Trace: [ 81.783302] dump_stack+0x12f/0x187 [ 81.787298] should_fail.cold.4+0x5/0x17 [ 81.791462] ? fault_create_debugfs_attr+0x150/0x150 [ 81.796674] __should_failslab+0xba/0xf0 [ 81.800751] should_failslab+0x9/0x14 [ 81.804566] kmem_cache_alloc_node_trace+0x267/0x770 [ 81.809688] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.814984] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 81.820642] __kmalloc_node_track_caller+0x3c/0x70 [ 81.825788] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 81.831086] __alloc_skb+0xd7/0x570 [ 81.834736] ? netdev_alloc_frag+0xe0/0xe0 [ 81.839248] ? mark_held_locks+0x130/0x130 [ 81.843590] alloc_skb_with_frags+0x75/0x480 [ 81.848104] ? reacquire_held_locks+0x21e/0x510 [ 81.854361] sock_alloc_send_pskb+0x5f5/0x790 [ 81.859946] ? _raw_spin_unlock_bh+0x2b/0x30 [ 81.870859] ? sock_def_error_report+0x360/0x360 [ 81.876426] ? trace_hardirqs_on+0x28/0x180 [ 81.882333] ? release_sock+0x122/0x180 [ 81.890071] ? __local_bh_enable_ip+0x161/0x230 [ 81.896782] sock_alloc_send_skb+0x13/0x20 [ 81.905424] dccp_sendmsg+0x25a/0xdb0 [ 81.910084] ? aa_sk_perm+0x182/0x740 [ 81.914931] ? dccp_disconnect+0xb00/0xb00 [ 81.919258] FAULT_INJECTION: forcing a failure. [ 81.919258] name failslab, interval 1, probability 0, space 0, times 0 [ 81.930737] ? aa_af_perm+0x240/0x240 [ 81.934560] ? __kasan_check_write+0x14/0x20 [ 81.939252] inet_sendmsg+0xbd/0xe0 [ 81.943137] ? inet_send_prepare+0x3a0/0x3a0 [ 81.947630] sock_sendmsg+0xdf/0x110 [ 81.951334] ____sys_sendmsg+0x3fe/0xae0 [ 81.955389] ? kernel_sendmsg+0x30/0x30 [ 81.959637] ? mark_lock+0xbf/0x760 [ 81.963273] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 81.968534] ? __kasan_check_read+0x11/0x20 [ 81.972838] ? hlock_class+0x52/0x120 [ 81.976651] ___sys_sendmsg+0xe4/0x160 [ 81.980589] ? sendmsg_copy_msghdr+0x30/0x30 [ 81.985011] ? mark_held_locks+0x130/0x130 [ 81.989613] ? find_held_lock+0x36/0x1d0 [ 81.993957] ? __might_fault+0xf1/0x1b0 [ 81.997924] ? __might_fault+0xc6/0x1b0 [ 82.001891] ? lock_downgrade+0x960/0x960 [ 82.006033] ? lock_release+0x960/0x960 [ 82.010096] ? ___might_sleep+0x13e/0x2b0 [ 82.014233] __sys_sendmmsg+0x160/0x380 [ 82.018300] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 82.022792] ? __kasan_check_write+0x14/0x20 [ 82.027418] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 82.032273] ? rcu_read_lock_any_held+0xcd/0xf0 [ 82.037200] ? __kasan_check_write+0x14/0x20 [ 82.041681] ? fput_many+0x1b/0x130 [ 82.046608] ? fput+0xe/0x10 [ 82.049614] ? ksys_write+0x187/0x220 [ 82.053564] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.058594] ? do_syscall_64+0x21/0x630 [ 82.062662] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.068025] __x64_sys_sendmmsg+0x98/0x100 [ 82.072439] do_syscall_64+0xd0/0x630 [ 82.076431] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.082430] RIP: 0033:0x455b59 [ 82.085700] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.105217] RSP: 002b:00007f8314f31c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 82.113350] RAX: ffffffffffffffda RBX: 00007f8314f326d4 RCX: 0000000000455b59 [ 82.120706] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 82.128242] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 82.135506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 82.142769] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 82.150591] CPU: 0 PID: 6274 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 82.158540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.168253] Call Trace: [ 82.171086] dump_stack+0x12f/0x187 [ 82.174770] should_fail.cold.4+0x5/0x17 [ 82.178874] ? fault_create_debugfs_attr+0x150/0x150 [ 82.184108] __should_failslab+0xba/0xf0 [ 82.188268] should_failslab+0x9/0x14 [ 82.188966] FAULT_INJECTION: forcing a failure. [ 82.188966] name failslab, interval 1, probability 0, space 0, times 0 [ 82.192101] kmem_cache_alloc_node_trace+0x267/0x770 [ 82.192112] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 82.192117] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 82.192130] __kmalloc_node_track_caller+0x3c/0x70 [ 82.192141] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 82.192151] __alloc_skb+0xd7/0x570 [ 82.192159] ? netdev_alloc_frag+0xe0/0xe0 [ 82.192167] ? mark_held_locks+0x130/0x130 [ 82.192178] alloc_skb_with_frags+0x75/0x480 [ 82.192183] ? reacquire_held_locks+0x21e/0x510 [ 82.192195] sock_alloc_send_pskb+0x5f5/0x790 [ 82.192209] ? _raw_spin_unlock_bh+0x2b/0x30 [ 82.263442] ? sock_def_error_report+0x360/0x360 [ 82.268555] ? trace_hardirqs_on+0x28/0x180 [ 82.274846] ? release_sock+0x122/0x180 [ 82.278816] ? __local_bh_enable_ip+0x161/0x230 [ 82.284187] sock_alloc_send_skb+0x13/0x20 [ 82.288586] dccp_sendmsg+0x25a/0xdb0 [ 82.293415] ? aa_sk_perm+0x182/0x740 [ 82.297315] ? dccp_disconnect+0xb00/0xb00 [ 82.301834] ? aa_af_perm+0x240/0x240 [ 82.305636] ? __kasan_check_write+0x14/0x20 [ 82.310278] inet_sendmsg+0xbd/0xe0 [ 82.313921] ? inet_send_prepare+0x3a0/0x3a0 [ 82.318545] sock_sendmsg+0xdf/0x110 [ 82.322533] ____sys_sendmsg+0x3fe/0xae0 [ 82.326687] ? kernel_sendmsg+0x30/0x30 [ 82.330654] ? mark_lock+0xbf/0x760 [ 82.334273] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 82.339556] ? __kasan_check_read+0x11/0x20 [ 82.343890] ? hlock_class+0x52/0x120 [ 82.348039] ___sys_sendmsg+0xe4/0x160 [ 82.352100] ? sendmsg_copy_msghdr+0x30/0x30 [ 82.356890] ? mark_held_locks+0x130/0x130 [ 82.361504] ? find_held_lock+0x36/0x1d0 [ 82.365558] ? __might_fault+0xf1/0x1b0 [ 82.369522] ? __might_fault+0xc6/0x1b0 [ 82.373497] ? lock_downgrade+0x960/0x960 [ 82.377636] ? lock_release+0x960/0x960 [ 82.382237] ? ___might_sleep+0x13e/0x2b0 [ 82.386415] __sys_sendmmsg+0x160/0x380 [ 82.390555] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 82.394876] ? __kasan_check_write+0x14/0x20 [ 82.399728] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 82.404563] ? rcu_read_lock_any_held+0xcd/0xf0 [ 82.409417] ? __kasan_check_write+0x14/0x20 [ 82.415254] ? fput_many+0x1b/0x130 [ 82.418868] ? fput+0xe/0x10 [ 82.421874] ? ksys_write+0x187/0x220 [ 82.425970] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.430808] ? do_syscall_64+0x21/0x630 [ 82.435048] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.440407] __x64_sys_sendmmsg+0x98/0x100 [ 82.444844] do_syscall_64+0xd0/0x630 [ 82.448900] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.454271] RIP: 0033:0x455b59 [ 82.457451] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.476684] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 82.484827] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 82.492197] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 82.500091] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 82.507455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 82.515080] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 82.522470] CPU: 1 PID: 6285 Comm: syz-executor5 Not tainted 5.7.0-rc1-syzkaller #0 [ 82.531157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.540522] Call Trace: [ 82.544257] dump_stack+0x12f/0x187 [ 82.547938] should_fail.cold.4+0x5/0x17 [ 82.552018] ? fault_create_debugfs_attr+0x150/0x150 [ 82.557184] __should_failslab+0xba/0xf0 [ 82.561387] should_failslab+0x9/0x14 [ 82.565289] kmem_cache_alloc_trace+0x4b/0x770 [ 82.569894] ? trace_hardirqs_on+0x28/0x180 [ 82.574245] dccp_ackvec_parsed_add+0x51/0x220 [ 82.578846] ccid2_hc_tx_parse_options+0x5b/0x80 [ 82.583620] dccp_parse_options+0x54a/0x1000 [ 82.588046] ? __local_bh_enable_ip+0x161/0x230 [ 82.592922] dccp_rcv_established+0x23/0x70 [ 82.597423] dccp_v4_do_rcv+0xf4/0x160 [ 82.601340] __release_sock+0x110/0x340 [ 82.605342] release_sock+0x4f/0x180 [ 82.609173] dccp_sendmsg+0x52f/0xdb0 [ 82.613084] ? aa_sk_perm+0x182/0x740 [ 82.615736] FAULT_INJECTION: forcing a failure. [ 82.615736] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 82.616895] ? dccp_disconnect+0xb00/0xb00 [ 82.633208] ? aa_af_perm+0x240/0x240 [ 82.637030] ? __kasan_check_write+0x14/0x20 [ 82.641441] inet_sendmsg+0xbd/0xe0 [ 82.645058] ? inet_send_prepare+0x3a0/0x3a0 [ 82.649454] sock_sendmsg+0xdf/0x110 [ 82.653171] ____sys_sendmsg+0x3fe/0xae0 [ 82.657225] ? kernel_sendmsg+0x30/0x30 [ 82.661201] ? mark_lock+0xbf/0x760 [ 82.664833] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 82.670117] ? __kasan_check_read+0x11/0x20 [ 82.674455] ? hlock_class+0x52/0x120 [ 82.678368] ___sys_sendmsg+0xe4/0x160 [ 82.682257] ? sendmsg_copy_msghdr+0x30/0x30 [ 82.686671] ? mark_held_locks+0x130/0x130 [ 82.690908] ? find_held_lock+0x36/0x1d0 [ 82.694986] ? __might_fault+0xf1/0x1b0 [ 82.698976] ? __might_fault+0xc6/0x1b0 [ 82.702945] ? lock_downgrade+0x960/0x960 [ 82.707084] ? lock_release+0x960/0x960 [ 82.711070] ? ___might_sleep+0x13e/0x2b0 [ 82.715245] __sys_sendmmsg+0x160/0x380 [ 82.719224] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 82.723547] ? __kasan_check_write+0x14/0x20 [ 82.727947] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 82.732793] ? rcu_read_lock_any_held+0xcd/0xf0 [ 82.737488] ? __kasan_check_write+0x14/0x20 [ 82.741901] ? fput_many+0x1b/0x130 [ 82.745515] ? fput+0xe/0x10 [ 82.748518] ? ksys_write+0x187/0x220 [ 82.752307] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 82.757051] ? do_syscall_64+0x21/0x630 [ 82.761098] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.766481] __x64_sys_sendmmsg+0x98/0x100 [ 82.770820] do_syscall_64+0xd0/0x630 [ 82.774637] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 82.779946] RIP: 0033:0x455b59 [ 82.783183] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 82.802101] RSP: 002b:00007f8734f7fc68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 82.809800] RAX: ffffffffffffffda RBX: 00007f8734f806d4 RCX: 0000000000455b59 [ 82.817084] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 82.824369] RBP: 000000000072bf50 R08: 0000000000000000 R09: 0000000000000000 [ 82.831650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 82.838945] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 82.846231] CPU: 0 PID: 6281 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 82.846381] dccp_parse_options: DCCP(000000008fa0e8c2): Option 38 (len=1) error=5 [ 82.853986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.853991] Call Trace: [ 82.854008] dump_stack+0x12f/0x187 [ 82.854019] should_fail.cold.4+0x5/0x17 [ 82.854027] ? fault_create_debugfs_attr+0x150/0x150 [ 82.854037] ? mark_held_locks+0x130/0x130 [ 82.854044] ? ____sys_sendmsg+0x3fe/0xae0 [ 82.854048] ? ___sys_sendmsg+0xe4/0x160 [ 82.854058] should_fail_alloc_page+0x50/0x60 [ 82.904622] __alloc_pages_nodemask+0x191/0x840 [ 82.909313] ? __alloc_pages_slowpath.constprop.118+0x2510/0x2510 [ 82.915567] ? lock_release+0x960/0x960 [ 82.919564] ? fault_create_debugfs_attr+0x150/0x150 [ 82.924692] cache_grow_begin+0x90/0xb30 [ 82.928769] ? trace_hardirqs_off+0x41/0x180 [ 82.933204] kmem_cache_alloc_node_trace+0x68d/0x770 [ 82.938031] FAULT_INJECTION: forcing a failure. [ 82.938031] name failslab, interval 1, probability 0, space 0, times 0 [ 82.938319] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 82.938334] __kmalloc_node_track_caller+0x3c/0x70 [ 82.938346] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 82.938357] __alloc_skb+0xd7/0x570 [ 82.938365] ? netdev_alloc_frag+0xe0/0xe0 [ 82.938373] ? mark_held_locks+0x130/0x130 [ 82.938384] alloc_skb_with_frags+0x75/0x480 [ 82.981109] ? reacquire_held_locks+0x21e/0x510 [ 82.985793] sock_alloc_send_pskb+0x5f5/0x790 [ 82.990297] ? _raw_spin_unlock_bh+0x2b/0x30 [ 82.994718] ? sock_def_error_report+0x360/0x360 [ 82.999466] ? trace_hardirqs_on+0x28/0x180 [ 83.003784] ? release_sock+0x122/0x180 [ 83.007935] ? __local_bh_enable_ip+0x161/0x230 [ 83.012764] sock_alloc_send_skb+0x13/0x20 [ 83.016993] dccp_sendmsg+0x25a/0xdb0 [ 83.020808] ? aa_sk_perm+0x182/0x740 [ 83.024611] ? dccp_disconnect+0xb00/0xb00 [ 83.028843] ? aa_af_perm+0x240/0x240 [ 83.032652] ? __kasan_check_write+0x14/0x20 [ 83.037061] inet_sendmsg+0xbd/0xe0 [ 83.040674] ? inet_send_prepare+0x3a0/0x3a0 [ 83.045070] sock_sendmsg+0xdf/0x110 [ 83.048788] ____sys_sendmsg+0x3fe/0xae0 [ 83.052833] ? kernel_sendmsg+0x30/0x30 [ 83.056801] ? mark_lock+0xbf/0x760 [ 83.061368] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 83.066653] ? __kasan_check_read+0x11/0x20 [ 83.070980] ? hlock_class+0x52/0x120 [ 83.074766] ___sys_sendmsg+0xe4/0x160 [ 83.078635] ? sendmsg_copy_msghdr+0x30/0x30 [ 83.083032] ? mark_held_locks+0x130/0x130 [ 83.087256] ? find_held_lock+0x36/0x1d0 [ 83.092173] ? __might_fault+0xf1/0x1b0 [ 83.096486] ? __might_fault+0xc6/0x1b0 [ 83.100451] ? lock_downgrade+0x960/0x960 [ 83.104593] ? lock_release+0x960/0x960 [ 83.108554] ? ___might_sleep+0x13e/0x2b0 [ 83.112722] __sys_sendmmsg+0x160/0x380 [ 83.116691] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 83.121065] ? __kasan_check_write+0x14/0x20 [ 83.125474] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 83.130446] ? rcu_read_lock_any_held+0xcd/0xf0 [ 83.135143] ? __kasan_check_write+0x14/0x20 [ 83.139546] ? fput_many+0x1b/0x130 [ 83.143162] ? fput+0xe/0x10 [ 83.146166] ? ksys_write+0x187/0x220 [ 83.149960] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 83.154876] ? do_syscall_64+0x21/0x630 [ 83.158865] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.164240] __x64_sys_sendmmsg+0x98/0x100 [ 83.168742] do_syscall_64+0xd0/0x630 [ 83.172551] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.177738] RIP: 0033:0x455b59 [ 83.180923] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 83.199838] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 83.207537] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 83.214799] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 83.222058] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 83.229345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 83.236623] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 83.243914] CPU: 1 PID: 6291 Comm: syz-executor3 Not tainted 5.7.0-rc1-syzkaller #0 [ 83.251726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.261095] Call Trace: [ 83.263697] dump_stack+0x12f/0x187 [ 83.267346] should_fail.cold.4+0x5/0x17 [ 83.271432] ? fault_create_debugfs_attr+0x150/0x150 [ 83.276554] __should_failslab+0xba/0xf0 [ 83.280636] should_failslab+0x9/0x14 [ 83.284460] kmem_cache_alloc_node_trace+0x267/0x770 [ 83.289579] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 83.295217] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 83.300340] __kmalloc_node_track_caller+0x3c/0x70 [ 83.305637] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 83.310420] __alloc_skb+0xd7/0x570 [ 83.314068] ? netdev_alloc_frag+0xe0/0xe0 [ 83.318408] ? mark_held_locks+0x130/0x130 [ 83.322745] alloc_skb_with_frags+0x75/0x480 [ 83.327254] ? reacquire_held_locks+0x21e/0x510 [ 83.332059] sock_alloc_send_pskb+0x5f5/0x790 [ 83.336581] ? _raw_spin_unlock_bh+0x2b/0x30 [ 83.341014] ? sock_def_error_report+0x360/0x360 [ 83.345782] ? trace_hardirqs_on+0x28/0x180 [ 83.350300] ? release_sock+0x122/0x180 [ 83.354290] ? __local_bh_enable_ip+0x161/0x230 [ 83.355167] FAULT_INJECTION: forcing a failure. [ 83.355167] name failslab, interval 1, probability 0, space 0, times 0 [ 83.358990] sock_alloc_send_skb+0x13/0x20 [ 83.358998] dccp_sendmsg+0x25a/0xdb0 [ 83.359008] ? aa_sk_perm+0x182/0x740 [ 83.359016] ? dccp_disconnect+0xb00/0xb00 [ 83.359022] ? aa_af_perm+0x240/0x240 [ 83.359030] ? __kasan_check_write+0x14/0x20 [ 83.359043] inet_sendmsg+0xbd/0xe0 [ 83.398102] ? inet_send_prepare+0x3a0/0x3a0 [ 83.402502] sock_sendmsg+0xdf/0x110 [ 83.406205] ____sys_sendmsg+0x3fe/0xae0 [ 83.410354] ? kernel_sendmsg+0x30/0x30 [ 83.414342] ? mark_lock+0xbf/0x760 [ 83.417978] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 83.423255] ? __kasan_check_read+0x11/0x20 [ 83.427585] ? hlock_class+0x52/0x120 [ 83.431397] ___sys_sendmsg+0xe4/0x160 [ 83.435296] ? sendmsg_copy_msghdr+0x30/0x30 [ 83.439702] ? mark_held_locks+0x130/0x130 [ 83.443924] ? find_held_lock+0x36/0x1d0 [ 83.448004] ? __might_fault+0xf1/0x1b0 [ 83.451986] ? __might_fault+0xc6/0x1b0 [ 83.455954] ? lock_downgrade+0x960/0x960 [ 83.460087] ? lock_release+0x960/0x960 [ 83.464050] ? ___might_sleep+0x13e/0x2b0 [ 83.468190] __sys_sendmmsg+0x160/0x380 [ 83.472151] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 83.476603] ? __kasan_check_write+0x14/0x20 [ 83.481095] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 83.486025] ? rcu_read_lock_any_held+0xcd/0xf0 [ 83.490692] ? __kasan_check_write+0x14/0x20 [ 83.495098] ? fput_many+0x1b/0x130 [ 83.499057] ? fput+0xe/0x10 [ 83.502058] ? ksys_write+0x187/0x220 [ 83.505849] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 83.510591] ? do_syscall_64+0x21/0x630 [ 83.514574] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.519941] __x64_sys_sendmmsg+0x98/0x100 [ 83.524167] do_syscall_64+0xd0/0x630 [ 83.527959] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.535048] RIP: 0033:0x455b59 [ 83.538267] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 83.557156] RSP: 002b:00007f8314f31c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 83.564891] RAX: ffffffffffffffda RBX: 00007f8314f326d4 RCX: 0000000000455b59 [ 83.572268] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 83.579640] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 2020/04/16 22:48:58 executed programs: 27 [ 83.586944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 83.594251] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 83.601532] CPU: 0 PID: 6299 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 83.609345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.618711] Call Trace: [ 83.621312] dump_stack+0x12f/0x187 [ 83.624959] should_fail.cold.4+0x5/0x17 [ 83.629040] ? fault_create_debugfs_attr+0x150/0x150 [ 83.634168] __should_failslab+0xba/0xf0 [ 83.638419] should_failslab+0x9/0x14 [ 83.642254] kmem_cache_alloc_node+0x251/0x750 [ 83.646851] ? hlock_class+0x52/0x120 [ 83.650667] ? __lock_acquire+0x1850/0x3b10 [ 83.651177] FAULT_INJECTION: forcing a failure. [ 83.651177] name failslab, interval 1, probability 0, space 0, times 0 [ 83.655146] ? __kasan_check_read+0x11/0x20 [ 83.655159] __alloc_skb+0xa7/0x570 [ 83.655167] ? netdev_alloc_frag+0xe0/0xe0 [ 83.655175] ? mark_held_locks+0x130/0x130 [ 83.655185] alloc_skb_with_frags+0x75/0x480 [ 83.655190] ? reacquire_held_locks+0x21e/0x510 [ 83.655201] sock_alloc_send_pskb+0x5f5/0x790 [ 83.655216] ? _raw_spin_unlock_bh+0x2b/0x30 [ 83.655223] ? sock_def_error_report+0x360/0x360 [ 83.655229] ? trace_hardirqs_on+0x28/0x180 [ 83.655234] ? release_sock+0x122/0x180 [ 83.655244] ? __local_bh_enable_ip+0x161/0x230 [ 83.655254] sock_alloc_send_skb+0x13/0x20 [ 83.655265] dccp_sendmsg+0x25a/0xdb0 [ 83.726609] ? aa_sk_perm+0x182/0x740 [ 83.730411] ? dccp_disconnect+0xb00/0xb00 [ 83.734660] ? aa_af_perm+0x240/0x240 [ 83.738453] ? __kasan_check_write+0x14/0x20 [ 83.742858] inet_sendmsg+0xbd/0xe0 [ 83.746469] ? inet_send_prepare+0x3a0/0x3a0 [ 83.750866] sock_sendmsg+0xdf/0x110 [ 83.754584] ____sys_sendmsg+0x3fe/0xae0 [ 83.758677] ? kernel_sendmsg+0x30/0x30 [ 83.762741] ? mark_lock+0xbf/0x760 [ 83.766362] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 83.771841] ? __kasan_check_read+0x11/0x20 [ 83.776265] ? hlock_class+0x52/0x120 [ 83.780263] ___sys_sendmsg+0xe4/0x160 [ 83.784232] ? sendmsg_copy_msghdr+0x30/0x30 [ 83.788731] ? mark_held_locks+0x130/0x130 [ 83.793068] ? find_held_lock+0x36/0x1d0 [ 83.797749] ? __might_fault+0xf1/0x1b0 [ 83.801747] ? __might_fault+0xc6/0x1b0 [ 83.805716] ? lock_downgrade+0x960/0x960 [ 83.809874] ? lock_release+0x960/0x960 [ 83.814045] ? ___might_sleep+0x13e/0x2b0 [ 83.818184] __sys_sendmmsg+0x160/0x380 [ 83.822241] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 83.826583] ? __kasan_check_write+0x14/0x20 [ 83.831424] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 83.836339] ? rcu_read_lock_any_held+0xcd/0xf0 [ 83.841002] ? __kasan_check_write+0x14/0x20 [ 83.845396] ? fput_many+0x1b/0x130 [ 83.849055] ? fput+0xe/0x10 [ 83.852193] ? ksys_write+0x187/0x220 [ 83.856011] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 83.861300] ? do_syscall_64+0x21/0x630 [ 83.865380] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.870862] __x64_sys_sendmmsg+0x98/0x100 [ 83.875290] do_syscall_64+0xd0/0x630 [ 83.879259] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 83.884528] RIP: 0033:0x455b59 [ 83.887721] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 83.906711] RSP: 002b:00007f11e9d73c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 83.915270] RAX: ffffffffffffffda RBX: 00007f11e9d746d4 RCX: 0000000000455b59 [ 83.922537] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 83.929798] RBP: 000000000072bf50 R08: 0000000000000000 R09: 0000000000000000 [ 83.937069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 83.944329] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 83.951617] CPU: 1 PID: 6303 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 83.959431] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.968800] Call Trace: [ 83.971414] dump_stack+0x12f/0x187 [ 83.975052] should_fail.cold.4+0x5/0x17 [ 83.979487] ? fault_create_debugfs_attr+0x150/0x150 [ 83.984604] __should_failslab+0xba/0xf0 [ 83.988674] should_failslab+0x9/0x14 [ 83.992745] kmem_cache_alloc_node_trace+0x267/0x770 [ 83.997871] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 84.003157] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 84.008288] __kmalloc_node_track_caller+0x3c/0x70 [ 84.013347] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 84.018125] __alloc_skb+0xd7/0x570 [ 84.021781] ? netdev_alloc_frag+0xe0/0xe0 [ 84.026029] ? mark_held_locks+0x130/0x130 [ 84.030309] alloc_skb_with_frags+0x75/0x480 [ 84.034743] ? reacquire_held_locks+0x21e/0x510 [ 84.039615] sock_alloc_send_pskb+0x5f5/0x790 [ 84.044123] ? _raw_spin_unlock_bh+0x2b/0x30 [ 84.048539] ? sock_def_error_report+0x360/0x360 [ 84.053300] ? trace_hardirqs_on+0x28/0x180 [ 84.057629] ? release_sock+0x122/0x180 [ 84.061626] ? __local_bh_enable_ip+0x161/0x230 [ 84.066332] sock_alloc_send_skb+0x13/0x20 [ 84.070696] dccp_sendmsg+0x25a/0xdb0 [ 84.074517] ? aa_sk_perm+0x182/0x740 [ 84.078335] ? dccp_disconnect+0xb00/0xb00 [ 84.082948] ? aa_af_perm+0x240/0x240 [ 84.086764] ? __kasan_check_write+0x14/0x20 [ 84.091207] inet_sendmsg+0xbd/0xe0 [ 84.095084] ? inet_send_prepare+0x3a0/0x3a0 [ 84.099520] sock_sendmsg+0xdf/0x110 [ 84.103260] ____sys_sendmsg+0x3fe/0xae0 [ 84.107345] ? kernel_sendmsg+0x30/0x30 [ 84.109121] FAULT_INJECTION: forcing a failure. [ 84.109121] name failslab, interval 1, probability 0, space 0, times 0 [ 84.111340] ? mark_lock+0xbf/0x760 [ 84.111349] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 84.111357] ? __kasan_check_read+0x11/0x20 [ 84.111363] ? hlock_class+0x52/0x120 [ 84.111375] ___sys_sendmsg+0xe4/0x160 [ 84.111382] ? sendmsg_copy_msghdr+0x30/0x30 [ 84.111391] ? mark_held_locks+0x130/0x130 [ 84.111401] ? find_held_lock+0x36/0x1d0 [ 84.111409] ? __might_fault+0xf1/0x1b0 [ 84.111417] ? __might_fault+0xc6/0x1b0 [ 84.164299] ? lock_downgrade+0x960/0x960 [ 84.168482] ? lock_release+0x960/0x960 [ 84.172534] ? ___might_sleep+0x13e/0x2b0 [ 84.176689] __sys_sendmmsg+0x160/0x380 [ 84.180743] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 84.185063] ? __kasan_check_write+0x14/0x20 [ 84.189478] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 84.194311] ? rcu_read_lock_any_held+0xcd/0xf0 [ 84.198991] ? __kasan_check_write+0x14/0x20 [ 84.203394] ? fput_many+0x1b/0x130 [ 84.207011] ? fput+0xe/0x10 [ 84.210038] ? ksys_write+0x187/0x220 [ 84.213834] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 84.218601] ? do_syscall_64+0x21/0x630 [ 84.222872] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.228235] __x64_sys_sendmmsg+0x98/0x100 [ 84.232486] do_syscall_64+0xd0/0x630 [ 84.236291] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.241653] RIP: 0033:0x455b59 [ 84.244834] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 84.263738] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 84.271448] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 84.278983] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 84.286244] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 84.293499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 84.300771] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 84.308077] CPU: 0 PID: 6312 Comm: syz-executor3 Not tainted 5.7.0-rc1-syzkaller #0 [ 84.315888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.325406] Call Trace: [ 84.328009] dump_stack+0x12f/0x187 [ 84.331659] should_fail.cold.4+0x5/0x17 [ 84.335739] ? fault_create_debugfs_attr+0x150/0x150 [ 84.340871] __should_failslab+0xba/0xf0 [ 84.344959] should_failslab+0x9/0x14 [ 84.348775] kmem_cache_alloc_trace+0x4b/0x770 [ 84.353366] ? lock_downgrade+0x960/0x960 [ 84.357542] dccp_ackvec_parsed_add+0x51/0x220 [ 84.362148] ccid2_hc_tx_parse_options+0x5b/0x80 [ 84.367137] dccp_parse_options+0x54a/0x1000 [ 84.371754] ? __local_bh_enable_ip+0x161/0x230 [ 84.373606] FAULT_INJECTION: forcing a failure. [ 84.373606] name failslab, interval 1, probability 0, space 0, times 0 [ 84.376444] dccp_rcv_established+0x23/0x70 [ 84.376452] dccp_v4_do_rcv+0xf4/0x160 [ 84.376464] __release_sock+0x110/0x340 [ 84.376479] release_sock+0x4f/0x180 [ 84.376487] dccp_sendmsg+0x52f/0xdb0 [ 84.376498] ? aa_sk_perm+0x182/0x740 [ 84.376508] ? dccp_disconnect+0xb00/0xb00 [ 84.376515] ? aa_af_perm+0x240/0x240 [ 84.376524] ? __kasan_check_write+0x14/0x20 [ 84.376541] inet_sendmsg+0xbd/0xe0 [ 84.376548] ? inet_send_prepare+0x3a0/0x3a0 [ 84.376555] sock_sendmsg+0xdf/0x110 [ 84.376564] ____sys_sendmsg+0x3fe/0xae0 [ 84.376574] ? kernel_sendmsg+0x30/0x30 [ 84.443503] ? mark_lock+0xbf/0x760 [ 84.447119] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 84.452406] ? __kasan_check_read+0x11/0x20 [ 84.456751] ? hlock_class+0x52/0x120 [ 84.460570] ___sys_sendmsg+0xe4/0x160 [ 84.464563] ? sendmsg_copy_msghdr+0x30/0x30 [ 84.468995] ? mark_held_locks+0x130/0x130 [ 84.473248] ? find_held_lock+0x36/0x1d0 [ 84.477308] ? __might_fault+0xf1/0x1b0 [ 84.481289] ? __might_fault+0xc6/0x1b0 [ 84.485267] ? lock_downgrade+0x960/0x960 [ 84.489410] ? lock_release+0x960/0x960 [ 84.493393] ? ___might_sleep+0x13e/0x2b0 [ 84.497558] __sys_sendmmsg+0x160/0x380 [ 84.501536] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 84.505868] ? __kasan_check_write+0x14/0x20 [ 84.510353] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 84.515316] ? rcu_read_lock_any_held+0xcd/0xf0 [ 84.520117] ? __kasan_check_write+0x14/0x20 [ 84.524527] ? fput_many+0x1b/0x130 [ 84.528143] ? fput+0xe/0x10 [ 84.531158] ? ksys_write+0x187/0x220 [ 84.534971] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 84.539739] ? do_syscall_64+0x21/0x630 [ 84.543744] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.549116] __x64_sys_sendmmsg+0x98/0x100 [ 84.553352] do_syscall_64+0xd0/0x630 [ 84.557147] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.562334] RIP: 0033:0x455b59 [ 84.565518] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 84.584516] RSP: 002b:00007f8314f31c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 84.592229] RAX: ffffffffffffffda RBX: 00007f8314f326d4 RCX: 0000000000455b59 [ 84.599488] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 84.606751] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 84.614008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 84.621278] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 84.628732] CPU: 1 PID: 6316 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 84.629742] dccp_parse_options: DCCP(00000000e9b9d854): Option 38 (len=1) error=5 [ 84.636540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 84.636544] Call Trace: [ 84.636560] dump_stack+0x12f/0x187 [ 84.636572] should_fail.cold.4+0x5/0x17 [ 84.636580] ? fault_create_debugfs_attr+0x150/0x150 [ 84.636594] __should_failslab+0xba/0xf0 [ 84.673006] should_failslab+0x9/0x14 [ 84.676812] kmem_cache_alloc_node_trace+0x267/0x770 [ 84.681952] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 84.687248] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 84.692380] __kmalloc_node_track_caller+0x3c/0x70 [ 84.697341] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 84.702123] __alloc_skb+0xd7/0x570 [ 84.706466] ? netdev_alloc_frag+0xe0/0xe0 [ 84.710710] ? mark_held_locks+0x130/0x130 [ 84.714962] alloc_skb_with_frags+0x75/0x480 [ 84.719558] ? reacquire_held_locks+0x21e/0x510 [ 84.724262] sock_alloc_send_pskb+0x5f5/0x790 [ 84.728774] ? _raw_spin_unlock_bh+0x2b/0x30 [ 84.733203] ? sock_def_error_report+0x360/0x360 [ 84.737980] ? trace_hardirqs_on+0x28/0x180 [ 84.742422] ? release_sock+0x122/0x180 [ 84.746416] ? __local_bh_enable_ip+0x161/0x230 [ 84.751212] sock_alloc_send_skb+0x13/0x20 [ 84.755497] dccp_sendmsg+0x25a/0xdb0 [ 84.759318] ? aa_sk_perm+0x182/0x740 [ 84.763250] ? dccp_disconnect+0xb00/0xb00 [ 84.767628] ? aa_af_perm+0x240/0x240 [ 84.768048] FAULT_INJECTION: forcing a failure. [ 84.768048] name failslab, interval 1, probability 0, space 0, times 0 [ 84.771441] ? __kasan_check_write+0x14/0x20 [ 84.771457] inet_sendmsg+0xbd/0xe0 [ 84.771465] ? inet_send_prepare+0x3a0/0x3a0 [ 84.771473] sock_sendmsg+0xdf/0x110 [ 84.771482] ____sys_sendmsg+0x3fe/0xae0 [ 84.771492] ? kernel_sendmsg+0x30/0x30 [ 84.771500] ? mark_lock+0xbf/0x760 [ 84.771507] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 84.771514] ? __kasan_check_read+0x11/0x20 [ 84.771520] ? hlock_class+0x52/0x120 [ 84.771530] ___sys_sendmsg+0xe4/0x160 [ 84.829103] ? sendmsg_copy_msghdr+0x30/0x30 [ 84.833520] ? mark_held_locks+0x130/0x130 [ 84.837747] ? find_held_lock+0x36/0x1d0 [ 84.841799] ? __might_fault+0xf1/0x1b0 [ 84.845899] ? __might_fault+0xc6/0x1b0 [ 84.849891] ? lock_downgrade+0x960/0x960 [ 84.854119] ? lock_release+0x960/0x960 [ 84.858100] ? ___might_sleep+0x13e/0x2b0 [ 84.862356] __sys_sendmmsg+0x160/0x380 [ 84.866344] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 84.870696] ? __kasan_check_write+0x14/0x20 [ 84.875125] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 84.879962] ? rcu_read_lock_any_held+0xcd/0xf0 [ 84.884641] ? __kasan_check_write+0x14/0x20 [ 84.889038] ? fput_many+0x1b/0x130 [ 84.892677] ? fput+0xe/0x10 [ 84.900030] ? ksys_write+0x187/0x220 [ 84.903916] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 84.908715] ? do_syscall_64+0x21/0x630 [ 84.912858] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.918236] __x64_sys_sendmmsg+0x98/0x100 [ 84.922552] do_syscall_64+0xd0/0x630 [ 84.926352] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 84.931537] RIP: 0033:0x455b59 [ 84.934729] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 84.953655] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 84.961377] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 84.968638] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 84.975895] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 84.983220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 84.990491] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 84.998898] CPU: 0 PID: 6318 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 85.006624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.016536] Call Trace: [ 85.019154] dump_stack+0x12f/0x187 [ 85.022894] should_fail.cold.4+0x5/0x17 [ 85.026971] ? fault_create_debugfs_attr+0x150/0x150 [ 85.032099] __should_failslab+0xba/0xf0 [ 85.036184] should_failslab+0x9/0x14 [ 85.040119] kmem_cache_alloc_node_trace+0x267/0x770 [ 85.045289] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 85.050613] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 85.055742] __kmalloc_node_track_caller+0x3c/0x70 [ 85.060696] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 85.065474] __alloc_skb+0xd7/0x570 [ 85.069183] ? netdev_alloc_frag+0xe0/0xe0 [ 85.073435] ? mark_held_locks+0x130/0x130 [ 85.077690] alloc_skb_with_frags+0x75/0x480 [ 85.082114] ? reacquire_held_locks+0x21e/0x510 [ 85.086815] sock_alloc_send_pskb+0x5f5/0x790 [ 85.091337] ? _raw_spin_unlock_bh+0x2b/0x30 [ 85.096994] ? sock_def_error_report+0x360/0x360 [ 85.101767] ? trace_hardirqs_on+0x28/0x180 [ 85.106108] ? release_sock+0x122/0x180 [ 85.110121] ? __local_bh_enable_ip+0x161/0x230 [ 85.114811] sock_alloc_send_skb+0x13/0x20 [ 85.119059] dccp_sendmsg+0x25a/0xdb0 [ 85.122867] ? aa_sk_perm+0x182/0x740 [ 85.126683] ? dccp_disconnect+0xb00/0xb00 [ 85.130930] ? aa_af_perm+0x240/0x240 [ 85.132221] FAULT_INJECTION: forcing a failure. [ 85.132221] name failslab, interval 1, probability 0, space 0, times 0 [ 85.134734] ? __kasan_check_write+0x14/0x20 [ 85.134750] inet_sendmsg+0xbd/0xe0 [ 85.134756] ? inet_send_prepare+0x3a0/0x3a0 [ 85.134764] sock_sendmsg+0xdf/0x110 [ 85.134775] ____sys_sendmsg+0x3fe/0xae0 [ 85.166324] ? kernel_sendmsg+0x30/0x30 [ 85.170439] ? mark_lock+0xbf/0x760 [ 85.174079] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 85.179373] ? __kasan_check_read+0x11/0x20 [ 85.183863] ? hlock_class+0x52/0x120 [ 85.187829] ___sys_sendmsg+0xe4/0x160 [ 85.191730] ? sendmsg_copy_msghdr+0x30/0x30 [ 85.196150] ? mark_held_locks+0x130/0x130 [ 85.200382] ? find_held_lock+0x36/0x1d0 [ 85.204443] ? __might_fault+0xf1/0x1b0 [ 85.208577] ? __might_fault+0xc6/0x1b0 [ 85.212570] ? lock_downgrade+0x960/0x960 [ 85.216708] ? lock_release+0x960/0x960 [ 85.220670] ? ___might_sleep+0x13e/0x2b0 [ 85.224804] __sys_sendmmsg+0x160/0x380 [ 85.228786] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 85.233123] ? __kasan_check_write+0x14/0x20 [ 85.237528] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 85.242361] ? rcu_read_lock_any_held+0xcd/0xf0 [ 85.247073] ? __kasan_check_write+0x14/0x20 [ 85.251491] ? fput_many+0x1b/0x130 [ 85.256012] ? fput+0xe/0x10 [ 85.259024] ? ksys_write+0x187/0x220 [ 85.262834] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 85.267577] ? do_syscall_64+0x21/0x630 [ 85.271535] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 85.276905] __x64_sys_sendmmsg+0x98/0x100 [ 85.281154] do_syscall_64+0xd0/0x630 [ 85.284978] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 85.290161] RIP: 0033:0x455b59 [ 85.293641] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 85.312638] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 85.321046] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 85.328546] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 85.335936] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 85.343383] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 85.350650] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 85.358024] CPU: 1 PID: 6321 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 85.366026] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.375495] Call Trace: [ 85.378110] dump_stack+0x12f/0x187 [ 85.381758] should_fail.cold.4+0x5/0x17 [ 85.385852] ? fault_create_debugfs_attr+0x150/0x150 [ 85.390986] __should_failslab+0xba/0xf0 [ 85.395078] should_failslab+0x9/0x14 [ 85.397068] FAULT_INJECTION: forcing a failure. [ 85.397068] name failslab, interval 1, probability 0, space 0, times 0 [ 85.398897] kmem_cache_alloc_trace+0x2c3/0x770 [ 85.398906] ? __kasan_check_read+0x11/0x20 [ 85.398914] ? mark_lock+0xbf/0x760 [ 85.398927] dccp_feat_entry_new+0x140/0x360 [ 85.398938] dccp_feat_push_confirm+0x26/0x280 [ 85.398947] dccp_feat_parse_options+0xf99/0x1a30 [ 85.398959] ? dccp_feat_server_ccid_dependencies+0x1f0/0x1f0 [ 85.398970] ? dccp_ackvec_parsed_add+0x115/0x220 [ 85.447583] dccp_parse_options+0x85b/0x1000 [ 85.451988] ? __local_bh_enable_ip+0xb7/0x230 [ 85.456576] dccp_rcv_established+0x23/0x70 [ 85.460905] dccp_v4_do_rcv+0xf4/0x160 [ 85.464791] __release_sock+0x110/0x340 [ 85.468845] release_sock+0x4f/0x180 [ 85.472566] dccp_sendmsg+0x52f/0xdb0 [ 85.476394] ? aa_sk_perm+0x182/0x740 [ 85.480193] ? dccp_disconnect+0xb00/0xb00 [ 85.484430] ? aa_af_perm+0x240/0x240 [ 85.488236] ? __kasan_check_write+0x14/0x20 [ 85.492644] inet_sendmsg+0xbd/0xe0 [ 85.496382] ? inet_send_prepare+0x3a0/0x3a0 [ 85.500795] sock_sendmsg+0xdf/0x110 [ 85.504514] ____sys_sendmsg+0x3fe/0xae0 [ 85.508734] ? kernel_sendmsg+0x30/0x30 [ 85.512720] ? mark_lock+0xbf/0x760 [ 85.516344] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 85.521612] ? __kasan_check_read+0x11/0x20 [ 85.525939] ? hlock_class+0x52/0x120 [ 85.529732] ___sys_sendmsg+0xe4/0x160 [ 85.533638] ? sendmsg_copy_msghdr+0x30/0x30 [ 85.538096] ? mark_held_locks+0x130/0x130 [ 85.542327] ? find_held_lock+0x36/0x1d0 [ 85.546526] ? __might_fault+0xf1/0x1b0 [ 85.550495] ? __might_fault+0xc6/0x1b0 [ 85.554461] ? lock_downgrade+0x960/0x960 [ 85.558597] ? lock_release+0x960/0x960 [ 85.562758] ? ___might_sleep+0x13e/0x2b0 [ 85.567001] __sys_sendmmsg+0x160/0x380 [ 85.570991] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 85.575329] ? __kasan_check_write+0x14/0x20 [ 85.579744] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 85.584683] ? rcu_read_lock_any_held+0xcd/0xf0 [ 85.589368] ? __kasan_check_write+0x14/0x20 [ 85.593920] ? fput_many+0x1b/0x130 [ 85.597545] ? fput+0xe/0x10 [ 85.600555] ? ksys_write+0x187/0x220 [ 85.604358] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 85.609135] ? do_syscall_64+0x21/0x630 [ 85.613229] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 85.618656] __x64_sys_sendmmsg+0x98/0x100 [ 85.623021] do_syscall_64+0xd0/0x630 [ 85.626822] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 85.632004] RIP: 0033:0x455b59 [ 85.635198] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 85.654332] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 85.662043] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 85.669340] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 85.676611] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 85.683883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 85.691231] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 85.698521] CPU: 0 PID: 6331 Comm: syz-executor1 Not tainted 5.7.0-rc1-syzkaller #0 [ 85.699993] dccp_parse_options: DCCP(00000000fb017348): Option 32 (len=7) error=9 [ 85.706451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 85.706456] Call Trace: [ 85.706473] dump_stack+0x12f/0x187 [ 85.706484] should_fail.cold.4+0x5/0x17 [ 85.706492] ? fault_create_debugfs_attr+0x150/0x150 [ 85.706509] __should_failslab+0xba/0xf0 [ 85.742981] should_failslab+0x9/0x14 [ 85.746915] kmem_cache_alloc_node_trace+0x267/0x770 [ 85.752051] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 85.757494] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 85.762615] __kmalloc_node_track_caller+0x3c/0x70 [ 85.767834] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 85.772700] __alloc_skb+0xd7/0x570 [ 85.776359] ? netdev_alloc_frag+0xe0/0xe0 [ 85.780609] ? mark_held_locks+0x130/0x130 [ 85.784931] alloc_skb_with_frags+0x75/0x480 [ 85.789445] ? reacquire_held_locks+0x21e/0x510 [ 85.794136] sock_alloc_send_pskb+0x5f5/0x790 [ 85.798659] ? _raw_spin_unlock_bh+0x2b/0x30 [ 85.803082] ? sock_def_error_report+0x360/0x360 [ 85.807857] ? trace_hardirqs_on+0x28/0x180 [ 85.812202] ? release_sock+0x122/0x180 [ 85.816286] ? __local_bh_enable_ip+0x161/0x230 [ 85.821168] sock_alloc_send_skb+0x13/0x20 [ 85.823753] ================================================================== [ 85.825410] dccp_sendmsg+0x25a/0xdb0 [ 85.825420] ? aa_sk_perm+0x182/0x740 [ 85.832838] BUG: KASAN: use-after-free in ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 85.836629] ? dccp_disconnect+0xb00/0xb00 [ 85.840417] Read of size 1 at addr ffff8881d7ea2482 by task syz-executor4/6321 [ 85.840420] [ 85.847853] ? aa_af_perm+0x240/0x240 [ 85.864843] ? __kasan_check_write+0x14/0x20 [ 85.869245] inet_sendmsg+0xbd/0xe0 [ 85.872877] ? inet_send_prepare+0x3a0/0x3a0 [ 85.877271] sock_sendmsg+0xdf/0x110 [ 85.880985] ____sys_sendmsg+0x3fe/0xae0 [ 85.885068] ? kernel_sendmsg+0x30/0x30 [ 85.889036] ? mark_lock+0xbf/0x760 [ 85.893074] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 85.898458] ? __kasan_check_read+0x11/0x20 [ 85.902771] ? hlock_class+0x52/0x120 [ 85.906567] ___sys_sendmsg+0xe4/0x160 [ 85.910606] ? sendmsg_copy_msghdr+0x30/0x30 [ 85.915031] ? mark_held_locks+0x130/0x130 [ 85.919295] ? find_held_lock+0x36/0x1d0 [ 85.923438] ? __might_fault+0xf1/0x1b0 [ 85.927520] ? __might_fault+0xc6/0x1b0 [ 85.931508] ? lock_downgrade+0x960/0x960 [ 85.935645] ? lock_release+0x960/0x960 [ 85.939792] ? ___might_sleep+0x13e/0x2b0 [ 85.943937] __sys_sendmmsg+0x160/0x380 [ 85.947925] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 85.952251] ? __kasan_check_write+0x14/0x20 [ 85.956657] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 85.961489] ? rcu_read_lock_any_held+0xcd/0xf0 [ 85.966170] ? __kasan_check_write+0x14/0x20 [ 85.970563] ? fput_many+0x1b/0x130 [ 85.974180] ? fput+0xe/0x10 [ 85.977202] ? ksys_write+0x187/0x220 [ 85.981016] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 85.985769] ? do_syscall_64+0x21/0x630 [ 85.989874] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 85.995236] __x64_sys_sendmmsg+0x98/0x100 [ 85.999482] do_syscall_64+0xd0/0x630 [ 86.003300] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 86.008503] RIP: 0033:0x455b59 [ 86.011706] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 86.030617] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 86.038323] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 86.047160] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 86.054437] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 86.061712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 86.068977] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 86.076280] CPU: 1 PID: 6321 Comm: syz-executor4 Not tainted 5.7.0-rc1-syzkaller #0 [ 86.084090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.093455] Call Trace: [ 86.096056] dump_stack+0x12f/0x187 [ 86.099714] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.104828] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.109951] print_address_description.constprop.8+0x3b/0x60 [ 86.115772] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.120890] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.126018] __kasan_report.cold.11+0x37/0x4e [ 86.130524] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.135644] kasan_report+0x38/0x50 [ 86.139286] __asan_report_load1_noabort+0x14/0x20 [ 86.144233] ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 86.149198] dccp_deliver_input_to_ccids+0x1a9/0x220 [ 86.154306] dccp_rcv_established+0x49/0x70 [ 86.158643] dccp_v4_do_rcv+0xf4/0x160 [ 86.162541] __release_sock+0x110/0x340 [ 86.163595] FAULT_INJECTION: forcing a failure. [ 86.163595] name failslab, interval 1, probability 0, space 0, times 0 [ 86.166521] release_sock+0x4f/0x180 [ 86.166530] dccp_sendmsg+0x52f/0xdb0 [ 86.166540] ? aa_sk_perm+0x182/0x740 [ 86.166550] ? dccp_disconnect+0xb00/0xb00 [ 86.166557] ? aa_af_perm+0x240/0x240 [ 86.166565] ? __kasan_check_write+0x14/0x20 [ 86.166580] inet_sendmsg+0xbd/0xe0 [ 86.205108] ? inet_send_prepare+0x3a0/0x3a0 [ 86.209511] sock_sendmsg+0xdf/0x110 [ 86.213227] ____sys_sendmsg+0x3fe/0xae0 [ 86.217285] ? kernel_sendmsg+0x30/0x30 [ 86.221248] ? mark_lock+0xbf/0x760 [ 86.224882] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 86.230151] ? __kasan_check_read+0x11/0x20 [ 86.234457] ? hlock_class+0x52/0x120 [ 86.238334] ___sys_sendmsg+0xe4/0x160 [ 86.242232] ? sendmsg_copy_msghdr+0x30/0x30 [ 86.246635] ? mark_held_locks+0x130/0x130 [ 86.251004] ? find_held_lock+0x36/0x1d0 [ 86.255112] ? __might_fault+0xf1/0x1b0 [ 86.259085] ? __might_fault+0xc6/0x1b0 [ 86.263072] ? lock_downgrade+0x960/0x960 [ 86.267309] ? lock_release+0x960/0x960 [ 86.271292] ? ___might_sleep+0x13e/0x2b0 [ 86.275451] __sys_sendmmsg+0x160/0x380 [ 86.279419] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 86.283747] ? __kasan_check_write+0x14/0x20 [ 86.288277] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 86.293111] ? rcu_read_lock_any_held+0xcd/0xf0 [ 86.297786] ? __kasan_check_write+0x14/0x20 [ 86.302381] ? fput_many+0x1b/0x130 [ 86.305998] ? fput+0xe/0x10 [ 86.309005] ? ksys_write+0x187/0x220 [ 86.312816] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 86.317558] ? do_syscall_64+0x21/0x630 [ 86.321786] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 86.327145] __x64_sys_sendmmsg+0x98/0x100 [ 86.331370] do_syscall_64+0xd0/0x630 [ 86.335159] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 86.340349] RIP: 0033:0x455b59 [ 86.343525] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 86.362424] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 86.370121] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 86.377381] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 86.384648] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 86.391920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 86.399195] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 86.406483] [ 86.406489] CPU: 0 PID: 6344 Comm: syz-executor Not tainted 5.7.0-rc1-syzkaller #0 [ 86.406494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 86.408106] Allocated by task 6321: [ 86.416253] Call Trace: [ 86.427197] save_stack+0x21/0x50 [ 86.431077] dump_stack+0x12f/0x187 [ 86.433655] __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 86.433662] kasan_kmalloc+0x9/0x10 [ 86.437129] should_fail.cold.4+0x5/0x17 [ 86.440746] __kmalloc_node_track_caller+0x4d/0x70 [ 86.440757] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 86.445693] ? fault_create_debugfs_attr+0x150/0x150 [ 86.449292] __alloc_skb+0xd7/0x570 [ 86.449299] dccp_send_ack+0xb3/0x340 [ 86.453490] __should_failslab+0xba/0xf0 [ 86.458420] ccid2_hc_rx_packet_recv+0xf9/0x170 [ 86.458428] dccp_deliver_input_to_ccids+0xcc/0x220 [ 86.463190] should_failslab+0x9/0x14 [ 86.468303] dccp_rcv_established+0x49/0x70 [ 86.468308] dccp_v4_do_rcv+0xf4/0x160 [ 86.471921] kmem_cache_alloc_node_trace+0x267/0x770 [ 86.475698] __sk_receive_skb+0x2b6/0x9e0 [ 86.475702] dccp_v4_rcv+0xc62/0x1da3 [ 86.479772] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 86.484432] ip_protocol_deliver_rcu+0x50b/0x6b0 [ 86.489452] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 86.493269] ip_local_deliver_finish+0x1ee/0x2e0 [ 86.493276] ip_local_deliver+0x306/0x450 [ 86.497621] __kmalloc_node_track_caller+0x3c/0x70 [ 86.501601] ip_rcv_finish+0x171/0x270 [ 86.506694] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 86.510848] ip_rcv+0xcb/0x2f0 [ 86.510857] __netif_receive_skb_one_core+0x132/0x190 [ 86.514668] __alloc_skb+0xd7/0x570 [ 86.519943] __netif_receive_skb+0x1f/0x1b0 [ 86.524680] ? netdev_alloc_frag+0xe0/0xe0 [ 86.529761] process_backlog+0x1f1/0x700 [ 86.529767] net_rx_action+0x42d/0xde0 [ 86.534507] ? mark_held_locks+0x130/0x130 [ 86.538723] __do_softirq+0x248/0x9a6 [ 86.538727] [ 86.543652] alloc_skb_with_frags+0x75/0x480 [ 86.547563] Freed by task 6321: [ 86.552339] ? reacquire_held_locks+0x21e/0x510 [ 86.555513] save_stack+0x21/0x50 [ 86.560714] sock_alloc_send_pskb+0x5f5/0x790 [ 86.564336] __kasan_slab_free+0x11a/0x170 [ 86.564343] kasan_slab_free+0xe/0x10 [ 86.568675] ? _raw_spin_unlock_bh+0x2b/0x30 [ 86.572905] kfree+0xfa/0x290 [ 86.572915] skb_free_head+0x6e/0x90 [ 86.576973] ? sock_def_error_report+0x360/0x360 [ 86.580848] skb_release_data+0x36d/0x6a0 [ 86.580853] skb_release_all+0x3d/0x50 [ 86.585106] ? trace_hardirqs_on+0x28/0x180 [ 86.588890] kfree_skb+0xa9/0x2a0 [ 86.590503] ? release_sock+0x122/0x180 [ 86.594906] dccp_v4_do_rcv+0x10b/0x160 [ 86.594916] __release_sock+0x110/0x340 [ 86.598201] ? __local_bh_enable_ip+0x161/0x230 [ 86.602850] release_sock+0x4f/0x180 [ 86.602857] dccp_sendmsg+0x52f/0xdb0 [ 86.606322] sock_alloc_send_skb+0x13/0x20 [ 86.610812] inet_sendmsg+0xbd/0xe0 [ 86.615318] dccp_sendmsg+0x25a/0xdb0 [ 86.619112] sock_sendmsg+0xdf/0x110 [ 86.623504] ? aa_sk_perm+0x182/0x740 [ 86.626600] ____sys_sendmsg+0x3fe/0xae0 [ 86.626605] ___sys_sendmsg+0xe4/0x160 [ 86.630392] ? dccp_disconnect+0xb00/0xb00 [ 86.635130] __sys_sendmmsg+0x160/0x380 [ 86.639260] ? aa_af_perm+0x240/0x240 [ 86.643128] __x64_sys_sendmmsg+0x98/0x100 [ 86.647429] ? __kasan_check_write+0x14/0x20 [ 86.650869] do_syscall_64+0xd0/0x630 [ 86.650875] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 86.654859] inet_sendmsg+0xbd/0xe0 [ 86.658823] [ 86.658833] The buggy address belongs to the object at ffff8881d7ea2000 [ 86.658833] which belongs to the cache kmalloc-2k of size 2048 [ 86.662813] ? inet_send_prepare+0x3a0/0x3a0 [ 86.667453] The buggy address is located 1154 bytes inside of [ 86.667453] 2048-byte region [ffff8881d7ea2000, ffff8881d7ea2800) [ 86.667456] The buggy address belongs to the page: [ 86.671155] sock_sendmsg+0xdf/0x110 [ 86.674937] page:ffffea00075fa880 refcount:1 mapcount:0 mapping:000000007de8b426 index:0x0 [ 86.679176] ____sys_sendmsg+0x3fe/0xae0 [ 86.682812] flags: 0x2fffc0000000200(slab) [ 86.686613] ? kernel_sendmsg+0x30/0x30 [ 86.690307] raw: 02fffc0000000200 ffffea0007139688 ffffea0006f49708 ffff8881da000e00 [ 86.694114] ? mark_lock+0xbf/0x760 [ 86.698177] raw: 0000000000000000 ffff8881d7ea2000 0000000100000001 0000000000000000 [ 86.702065] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 86.706406] page dumped because: kasan: bad access detected [ 86.706410] [ 86.710370] ? __kasan_check_read+0x11/0x20 [ 86.714143] Memory state around the buggy address: [ 86.714148] ffff8881d7ea2380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.718364] ? hlock_class+0x52/0x120 [ 86.722748] ffff8881d7ea2400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.726542] ___sys_sendmsg+0xe4/0x160 [ 86.731710] >ffff8881d7ea2480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.735321] ? sendmsg_copy_msghdr+0x30/0x30 [ 86.736927] ^ [ 86.736932] ffff8881d7ea2500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.749614] ? mark_held_locks+0x130/0x130 [ 86.754006] ffff8881d7ea2580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 86.767587] ? find_held_lock+0x36/0x1d0 [ 86.772726] ================================================================== [ 86.776735] ? __might_fault+0xf1/0x1b0 [ 86.785225] Disabling lock debugging due to kernel taint [ 86.789370] ? __might_fault+0xc6/0x1b0 [ 86.795996] Kernel panic - not syncing: panic_on_warn set ... [ 86.798080] ? lock_downgrade+0x960/0x960 [ 86.936694] ? lock_release+0x960/0x960 [ 86.940657] ? ___might_sleep+0x13e/0x2b0 [ 86.944822] __sys_sendmmsg+0x160/0x380 [ 86.948781] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 86.953089] ? __kasan_check_write+0x14/0x20 [ 86.957480] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 86.962617] ? rcu_read_lock_any_held+0xcd/0xf0 [ 86.967278] ? __kasan_check_write+0x14/0x20 [ 86.971674] ? fput_many+0x1b/0x130 [ 86.975289] ? fput+0xe/0x10 [ 86.978290] ? ksys_write+0x187/0x220 [ 86.982073] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 86.986840] ? do_syscall_64+0x21/0x630 [ 86.990925] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 86.996296] __x64_sys_sendmmsg+0x98/0x100 [ 87.000785] do_syscall_64+0xd0/0x630 [ 87.004592] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 87.009778] RIP: 0033:0x455b59 [ 87.012955] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.032013] RSP: 002b:00007fe499b21c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 87.039922] RAX: ffffffffffffffda RBX: 00007fe499b226d4 RCX: 0000000000455b59 [ 87.047179] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 87.054438] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 87.061694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 87.068975] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 87.076248] CPU: 1 PID: 6321 Comm: syz-executor4 Tainted: G B 5.7.0-rc1-syzkaller #0 [ 87.085460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.094928] Call Trace: [ 87.097604] dump_stack+0x12f/0x187 [ 87.101239] ? ccid2_hc_tx_packet_recv+0x1e90/0x2235 [ 87.106472] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 87.111603] panic+0x22a/0x4f5 [ 87.114942] ? add_taint.cold.7+0x11/0x11 [ 87.119363] ? do_raw_spin_unlock+0x54/0x260 [ 87.124085] ? do_raw_spin_unlock+0x54/0x260 [ 87.128499] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 87.133615] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 87.135295] FAULT_INJECTION: forcing a failure. [ 87.135295] name failslab, interval 1, probability 0, space 0, times 0 [ 87.138725] end_report+0x51/0x59 [ 87.138730] __kasan_report.cold.11+0xe/0x4e [ 87.138738] ? ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 87.138743] kasan_report+0x38/0x50 [ 87.138747] __asan_report_load1_noabort+0x14/0x20 [ 87.138754] ccid2_hc_tx_packet_recv+0x1f0f/0x2235 [ 87.176296] dccp_deliver_input_to_ccids+0x1a9/0x220 [ 87.181396] dccp_rcv_established+0x49/0x70 [ 87.185734] dccp_v4_do_rcv+0xf4/0x160 [ 87.189652] __release_sock+0x110/0x340 [ 87.193700] release_sock+0x4f/0x180 [ 87.197399] dccp_sendmsg+0x52f/0xdb0 [ 87.201202] ? aa_sk_perm+0x182/0x740 [ 87.204995] ? dccp_disconnect+0xb00/0xb00 [ 87.209237] ? aa_af_perm+0x240/0x240 [ 87.213036] ? __kasan_check_write+0x14/0x20 [ 87.217612] inet_sendmsg+0xbd/0xe0 [ 87.221228] ? inet_send_prepare+0x3a0/0x3a0 [ 87.225711] sock_sendmsg+0xdf/0x110 [ 87.229408] ____sys_sendmsg+0x3fe/0xae0 [ 87.233452] ? kernel_sendmsg+0x30/0x30 [ 87.237432] ? mark_lock+0xbf/0x760 [ 87.241056] ? rcu_read_lock_any_held.part.8+0x50/0x50 [ 87.246354] ? __kasan_check_read+0x11/0x20 [ 87.250686] ? hlock_class+0x52/0x120 [ 87.254505] ___sys_sendmsg+0xe4/0x160 [ 87.258395] ? sendmsg_copy_msghdr+0x30/0x30 [ 87.262810] ? mark_held_locks+0x130/0x130 [ 87.267030] ? find_held_lock+0x36/0x1d0 [ 87.271077] ? __might_fault+0xf1/0x1b0 [ 87.275152] ? __might_fault+0xc6/0x1b0 [ 87.279118] ? lock_downgrade+0x960/0x960 [ 87.283251] ? lock_release+0x960/0x960 [ 87.287214] ? ___might_sleep+0x13e/0x2b0 [ 87.291468] __sys_sendmmsg+0x160/0x380 [ 87.295435] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 87.299743] ? __kasan_check_write+0x14/0x20 [ 87.304241] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 87.309070] ? rcu_read_lock_any_held+0xcd/0xf0 [ 87.313743] ? __kasan_check_write+0x14/0x20 [ 87.318164] ? fput_many+0x1b/0x130 [ 87.321779] ? fput+0xe/0x10 [ 87.324781] ? ksys_write+0x187/0x220 [ 87.328571] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 87.333329] ? do_syscall_64+0x21/0x630 [ 87.337480] ? entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 87.342851] __x64_sys_sendmmsg+0x98/0x100 [ 87.347080] do_syscall_64+0xd0/0x630 [ 87.350885] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 87.356089] RIP: 0033:0x455b59 [ 87.359357] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.378258] RSP: 002b:00007f11e9d94c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 87.385967] RAX: ffffffffffffffda RBX: 00007f11e9d956d4 RCX: 0000000000455b59 [ 87.393622] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 87.400899] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 87.408218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 87.415939] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 87.423356] CPU: 0 PID: 6349 Comm: syz-executor1 Tainted: G B 5.7.0-rc1-syzkaller #0 [ 87.432552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 87.441914] Call Trace: [ 87.444499] dump_stack+0x12f/0x187 [ 87.448134] should_fail.cold.4+0x5/0x17 [ 87.452198] ? fault_create_debugfs_attr+0x150/0x150 [ 87.457299] ? nf_nat_inet_fn+0x26d/0x6f0 [ 87.461461] __should_failslab+0xba/0xf0 [ 87.465518] should_failslab+0x9/0x14 [ 87.469307] kmem_cache_alloc_node_trace+0x267/0x770 [ 87.474485] ? __kasan_kmalloc.constprop.7+0xc1/0xd0 [ 87.481159] __kmalloc_node_track_caller+0x3c/0x70 [ 87.486114] __kmalloc_reserve.isra.49+0x2c/0xc0 [ 87.490962] __alloc_skb+0xd7/0x570 [ 87.494611] ? netdev_alloc_frag+0xe0/0xe0 [ 87.498861] ? __ip_finish_output+0xa80/0xa80 [ 87.503349] ? rcu_read_lock_held_common+0x170/0x170 [ 87.508465] alloc_skb_with_frags+0x75/0x480 [ 87.512881] ? mark_held_locks+0x130/0x130 [ 87.517120] ? mark_held_locks+0x130/0x130 [ 87.521866] ? __skb_checksum+0x7c0/0x7c0 [ 87.526014] sock_alloc_send_pskb+0x5f5/0x790 [ 87.530512] ? lock_downgrade+0x960/0x960 [ 87.534664] ? sock_def_error_report+0x360/0x360 [ 87.539429] ? trace_hardirqs_on+0x28/0x180 [ 87.543849] ? release_sock+0x122/0x180 [ 87.547832] ? __local_bh_enable_ip+0x161/0x230 [ 87.552492] sock_alloc_send_skb+0x13/0x20 [ 87.556730] dccp_sendmsg+0x25a/0xdb0 [ 87.560520] ? aa_sk_perm+0x182/0x740 [ 87.564325] ? dccp_disconnect+0xb00/0xb00 [ 87.568661] ? aa_af_perm+0x240/0x240 [ 87.572486] ? __kasan_check_write+0x14/0x20 [ 87.576906] inet_sendmsg+0xbd/0xe0 [ 87.580519] ? inet_send_prepare+0x3a0/0x3a0 [ 87.584913] sock_sendmsg+0xdf/0x110 [ 87.588614] ____sys_sendmsg+0x3fe/0xae0 [ 87.592664] ? kernel_sendmsg+0x30/0x30 [ 87.596779] ? ksys_dup3+0x320/0x320 [ 87.600499] ___sys_sendmsg+0xe4/0x160 [ 87.604372] ? sendmsg_copy_msghdr+0x30/0x30 [ 87.608769] ? mark_held_locks+0x130/0x130 [ 87.612986] ? __might_fault+0xc6/0x1b0 [ 87.616964] ? ksys_dup3+0x320/0x320 [ 87.620669] ? lock_downgrade+0x960/0x960 [ 87.624801] ? lock_release+0x960/0x960 [ 87.628756] ? ___might_sleep+0x13e/0x2b0 [ 87.632887] __sys_sendmmsg+0x160/0x380 [ 87.636843] ? __ia32_sys_sendmsg+0xb0/0xb0 [ 87.641241] ? lock_downgrade+0x960/0x960 [ 87.645371] ? __kasan_check_write+0x14/0x20 [ 87.649777] ? __mutex_unlock_slowpath+0xe0/0x6a0 [ 87.654600] ? __kasan_check_write+0x14/0x20 [ 87.658988] ? fput_many+0x1b/0x130 [ 87.662599] ? fput+0xe/0x10 [ 87.665596] ? ksys_write+0x187/0x220 [ 87.669383] ? __ia32_sys_read+0xa0/0xa0 [ 87.673948] ? handle_mm_fault+0x2e6/0x7d0 [ 87.678164] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 87.683009] __x64_sys_sendmmsg+0x98/0x100 [ 87.687257] do_syscall_64+0xd0/0x630 [ 87.691047] entry_SYSCALL_64_after_hwframe+0x49/0xb3 [ 87.696218] RIP: 0033:0x455b59 [ 87.699390] Code: 1d ba fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b9 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 87.718628] RSP: 002b:00007f0acc7a1c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 87.726335] RAX: ffffffffffffffda RBX: 00007f0acc7a26d4 RCX: 0000000000455b59 [ 87.733643] RDX: 04000000000001e6 RSI: 0000000020000c00 RDI: 0000000000000005 [ 87.740987] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 87.748243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 87.755492] R13: 000000000000057a R14: 00000000006fc410 R15: 000000000000000d [ 87.763578] Kernel Offset: disabled [ 87.767217] Rebooting in 86400 seconds..