[ OK ] Started Update UTMP about System Runlevel Changes. [ 17.834569] random: crng init done [ 17.838363] random: 7 urandom warning(s) missed due to ratelimiting Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 26.316347] IPVS: ftp: loaded support on port[0] = 21 [ 26.761413] can: request_module (can-proto-0) failed. [ 27.742367] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.1.44' (ECDSA) to the list of known hosts. 2021/05/14 21:54:22 parsed 1 programs 2021/05/14 21:54:22 executed programs: 0 [ 34.599965] IPVS: ftp: loaded support on port[0] = 21 [ 34.601987] IPVS: ftp: loaded support on port[0] = 21 [ 34.621080] IPVS: ftp: loaded support on port[0] = 21 [ 34.639077] IPVS: ftp: loaded support on port[0] = 21 [ 34.641601] IPVS: ftp: loaded support on port[0] = 21 [ 34.709573] IPVS: ftp: loaded support on port[0] = 21 [ 34.843898] chnl_net:caif_netlink_parms(): no params data found [ 34.916135] chnl_net:caif_netlink_parms(): no params data found [ 34.965012] chnl_net:caif_netlink_parms(): no params data found [ 34.977051] chnl_net:caif_netlink_parms(): no params data found [ 35.072815] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.080751] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.089264] device bridge_slave_0 entered promiscuous mode [ 35.096246] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.104089] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.112626] device bridge_slave_0 entered promiscuous mode [ 35.144188] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.153442] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.161661] device bridge_slave_1 entered promiscuous mode [ 35.170588] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.177260] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.185414] device bridge_slave_1 entered promiscuous mode [ 35.192412] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.199258] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.206687] device bridge_slave_0 entered promiscuous mode [ 35.218236] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.226132] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.234647] device bridge_slave_1 entered promiscuous mode [ 35.241669] chnl_net:caif_netlink_parms(): no params data found [ 35.285181] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.296583] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.304057] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.312428] device bridge_slave_0 entered promiscuous mode [ 35.328054] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.342734] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 35.351244] chnl_net:caif_netlink_parms(): no params data found [ 35.361486] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.368187] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.376086] device bridge_slave_1 entered promiscuous mode [ 35.394183] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 35.403353] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.415740] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 35.439200] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.483740] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 35.493973] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 35.502870] team0: Port device team_slave_0 added [ 35.508356] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 35.517448] team0: Port device team_slave_0 added [ 35.524271] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.531519] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.539562] device bridge_slave_0 entered promiscuous mode [ 35.546712] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 35.556306] team0: Port device team_slave_0 added [ 35.573908] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 35.582465] team0: Port device team_slave_1 added [ 35.587999] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 35.595588] team0: Port device team_slave_1 added [ 35.601680] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 35.609678] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.616958] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.624647] device bridge_slave_1 entered promiscuous mode [ 35.631343] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 35.639951] team0: Port device team_slave_1 added [ 35.645373] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 35.653662] team0: Port device team_slave_0 added [ 35.664094] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 35.672323] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 35.685181] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 35.696557] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 35.705252] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 35.713460] team0: Port device team_slave_1 added [ 35.718751] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 35.726280] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 35.742095] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.749409] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.756991] device bridge_slave_0 entered promiscuous mode [ 35.769746] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 35.792587] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 35.802941] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 35.812604] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.819914] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.827253] device bridge_slave_1 entered promiscuous mode [ 35.880353] device hsr_slave_0 entered promiscuous mode [ 35.918702] device hsr_slave_1 entered promiscuous mode [ 36.000736] device hsr_slave_0 entered promiscuous mode [ 36.038941] device hsr_slave_1 entered promiscuous mode [ 36.082481] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.149781] device hsr_slave_0 entered promiscuous mode [ 36.168598] device hsr_slave_1 entered promiscuous mode [ 36.251191] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.310886] device hsr_slave_0 entered promiscuous mode [ 36.348359] device hsr_slave_1 entered promiscuous mode [ 36.388533] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.396606] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 36.405244] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.413210] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.420609] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.428596] team0: Port device team_slave_0 added [ 36.433889] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.442900] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.450909] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 36.461929] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.473169] team0: Port device team_slave_1 added [ 36.479103] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.487616] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.505320] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 36.513169] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.531271] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 36.569942] device hsr_slave_0 entered promiscuous mode [ 36.598482] device hsr_slave_1 entered promiscuous mode [ 36.643555] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 36.651819] team0: Port device team_slave_0 added [ 36.658786] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 36.666297] team0: Port device team_slave_1 added [ 36.676560] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_0: link is not ready [ 36.688019] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 36.695394] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.703704] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 36.719379] IPv6: ADDRCONF(NETDEV_UP): bridge_slave_1: link is not ready [ 36.728269] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.792124] device hsr_slave_0 entered promiscuous mode [ 36.828011] device hsr_slave_1 entered promiscuous mode [ 36.870358] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 36.887395] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_0: link is not ready [ 36.912319] IPv6: ADDRCONF(NETDEV_UP): hsr_slave_1: link is not ready [ 36.924301] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.937919] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 36.952094] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.969207] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 36.983132] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.992088] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 37.000809] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.012337] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.023389] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.031312] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.044303] IPv6: ADDRCONF(NETDEV_UP): bridge0: link is not ready [ 37.052600] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 37.063072] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 37.072346] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.081457] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.093506] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 37.101717] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.111549] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.119268] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 37.128619] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.137659] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.144744] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.152950] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.160679] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.171150] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.177894] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.186416] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 37.198467] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 37.207119] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.213728] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.222149] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.231931] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 37.240866] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.248859] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.255637] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.264030] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.275340] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 37.286127] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.296948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 37.305991] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.314364] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.321255] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.329101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 37.337222] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 37.345429] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.353877] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.360698] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.378865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.388245] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 37.396967] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 37.405526] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.414846] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.423067] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 37.431603] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.440062] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.446867] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.455439] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.464047] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.473610] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 37.482676] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 37.491927] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.500203] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.507073] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.515357] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 37.525110] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 37.531855] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 37.540426] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 37.549166] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.556934] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.565683] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 37.576048] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 37.587497] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 37.595786] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 37.604348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 37.613545] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.624373] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.630986] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.640491] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 37.648634] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 37.656655] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 37.668388] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 37.677073] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 37.687167] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 37.694848] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 37.702643] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 37.711677] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 37.719900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 37.727685] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 37.735358] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.746864] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.753641] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.761170] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 37.769887] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 37.779846] IPv6: ADDRCONF(NETDEV_UP): team0: link is not ready [ 37.786713] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.793891] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 37.802311] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.810454] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.817101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.824544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 37.833091] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 37.840982] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 37.850256] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 37.859506] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 37.867170] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 37.874904] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 37.882886] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 37.891651] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 37.901951] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 37.911854] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 37.921816] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 37.931023] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 37.940040] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 37.949060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 37.957658] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.964428] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.971490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 37.980093] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 37.988990] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.995755] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.003396] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.011518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.020394] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.027756] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.036402] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 38.045592] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 38.054919] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.063410] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 38.072571] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 38.080283] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.088103] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.096112] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.104093] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 38.112770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.121616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.130878] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 38.139797] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 38.148520] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.155141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.162211] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.170292] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.179937] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.189157] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 38.198599] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.208139] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 38.215518] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 38.223531] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.231163] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.239755] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 38.248329] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.256602] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.265703] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 38.275493] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 38.286021] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 38.295449] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.304264] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.310912] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.320921] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.328643] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 38.337489] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 38.346260] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.353012] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.360217] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 38.368216] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.376456] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.385034] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.393834] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.403299] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bond: link is not ready [ 38.413618] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 38.422789] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 38.432629] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 38.440796] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 38.448759] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.457505] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.465229] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.474308] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 38.483837] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.492408] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bond: link is not ready [ 38.502130] IPv6: ADDRCONF(NETDEV_UP): veth0_to_team: link is not ready [ 38.510401] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.517851] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 38.525821] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.534039] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.542496] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.550484] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 38.558872] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 38.566741] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 38.576196] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 38.587044] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.594789] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.601296] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.610978] IPv6: ADDRCONF(NETDEV_UP): veth1_to_team: link is not ready [ 38.620771] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.628376] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.634786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.642793] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.651892] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 38.659523] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.667814] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.675416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.683697] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.692135] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 38.700578] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 38.709413] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.717634] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.729107] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 38.738015] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.747413] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.756173] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.768498] IPv6: ADDRCONF(NETDEV_UP): veth0_to_hsr: link is not ready [ 38.780044] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 38.801898] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.811025] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.823935] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 38.833344] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 38.844124] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.852888] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.864110] IPv6: ADDRCONF(NETDEV_UP): veth1_to_hsr: link is not ready [ 38.872796] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 38.884588] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.891030] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.899098] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 38.909559] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.916072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.924988] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 38.933968] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 38.945525] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.963681] IPv6: ADDRCONF(NETDEV_UP): hsr0: link is not ready [ 38.970486] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 38.982840] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 38.995346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.017251] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 39.039104] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.061984] IPv6: ADDRCONF(NETDEV_UP): vxcan1: link is not ready [ 39.074444] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.086508] FAULT_INJECTION: forcing a failure. [ 39.086508] name failslab, interval 1, probability 0, space 0, times 1 [ 39.088978] FAULT_INJECTION: forcing a failure. [ 39.088978] name failslab, interval 1, probability 0, space 0, times 1 [ 39.125245] FAULT_INJECTION: forcing a failure. [ 39.125245] name failslab, interval 1, probability 0, space 0, times 1 [ 39.137598] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.148760] CPU: 1 PID: 6594 Comm: syz-executor.2 Not tainted 4.19.190-syzkaller #0 [ 39.157200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.167461] Call Trace: [ 39.170072] dump_stack+0x123/0x171 [ 39.173796] should_fail.cold.4+0x5/0xa [ 39.178401] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 39.184143] ? lock_downgrade+0x860/0x860 [ 39.188655] ? ___might_sleep+0x16b/0x270 [ 39.193153] __should_failslab+0xba/0xf0 [ 39.197746] should_failslab+0x9/0x20 [ 39.201635] kmem_cache_alloc_node_trace+0x265/0x730 [ 39.207101] __kmalloc_node_track_caller+0x3c/0x70 [ 39.212388] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 39.217140] __alloc_skb+0xd7/0x580 [ 39.220941] ? skb_scrub_packet+0x3c0/0x3c0 [ 39.225448] ? _raw_spin_unlock_irq+0x60/0x80 [ 39.230467] ? finish_task_switch+0x14a/0x6f0 [ 39.235145] ? finish_task_switch+0x11c/0x6f0 [ 39.239917] sk_stream_alloc_skb+0x9e/0x810 [ 39.244567] ? tcp_send_mss+0x1d/0x220 [ 39.248575] do_tcp_sendpages+0x774/0x1d30 [ 39.253057] ? __lock_is_held+0xb5/0x140 [ 39.257627] ? sk_stream_alloc_skb+0x810/0x810 [ 39.262370] ? __local_bh_enable_ip+0x160/0x260 [ 39.267483] ? lock_sock_nested+0xc5/0x100 [ 39.271796] ? lockdep_hardirqs_on+0x421/0x5c0 [ 39.276559] ? __local_bh_enable_ip+0x160/0x260 [ 39.281835] ? kasan_check_read+0x11/0x20 [ 39.285967] tcp_sendpage_locked+0x63/0xa0 [ 39.290533] tcp_sendpage+0x37/0x50 [ 39.294406] inet_sendpage+0x122/0x600 [ 39.298366] ? kernel_sendpage+0xd0/0xd0 [ 39.302413] kernel_sendpage+0x60/0xd0 [ 39.306374] ? pipe_lock+0x4f/0x60 [ 39.310062] sock_sendpage+0x6d/0xd0 [ 39.314123] pipe_to_sendpage+0x212/0x430 [ 39.318271] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.323710] __splice_from_pipe+0x2cb/0x720 [ 39.328012] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.333621] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.338912] splice_from_pipe+0xbb/0x120 [ 39.343056] ? splice_shrink_spd+0xa0/0xa0 [ 39.347366] ? rw_verify_area+0xb8/0x2b0 [ 39.351592] generic_splice_sendpage+0x10/0x20 [ 39.356157] do_splice+0xa25/0x12b0 [ 39.359769] ? opipe_prep.part.13+0x320/0x320 [ 39.364566] ? __fget_light+0x174/0x1e0 [ 39.368791] __x64_sys_splice+0x248/0x300 [ 39.373022] do_syscall_64+0xd0/0x4e0 [ 39.376998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.382356] RIP: 0033:0x461229 [ 39.385714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 39.405119] RSP: 002b:00007fa4ad6f31a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 39.413167] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 39.420524] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 39.428111] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 39.435804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 39.443844] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad6f36bc [ 39.451443] CPU: 0 PID: 6593 Comm: syz-executor.0 Not tainted 4.19.190-syzkaller #0 [ 39.459673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.469384] Call Trace: [ 39.472185] dump_stack+0x123/0x171 [ 39.476015] should_fail.cold.4+0x5/0xa [ 39.480477] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 39.485676] ? lock_downgrade+0x860/0x860 [ 39.490177] ? ___might_sleep+0x16b/0x270 [ 39.494313] __should_failslab+0xba/0xf0 [ 39.500114] should_failslab+0x9/0x20 [ 39.504283] kmem_cache_alloc_node_trace+0x265/0x730 [ 39.509640] __kmalloc_node_track_caller+0x3c/0x70 [ 39.515114] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 39.519946] __alloc_skb+0xd7/0x580 [ 39.523968] ? skb_scrub_packet+0x3c0/0x3c0 [ 39.528633] sk_stream_alloc_skb+0x9e/0x810 [ 39.533320] ? tcp_send_mss+0x1d/0x220 [ 39.537382] do_tcp_sendpages+0x774/0x1d30 [ 39.541595] ? __lock_is_held+0xb5/0x140 [ 39.545731] ? sk_stream_alloc_skb+0x810/0x810 [ 39.550380] ? __local_bh_enable_ip+0x160/0x260 [ 39.555030] ? lock_sock_nested+0xc5/0x100 [ 39.559592] ? lockdep_hardirqs_on+0x421/0x5c0 [ 39.564335] ? __local_bh_enable_ip+0x160/0x260 [ 39.569074] ? kasan_check_read+0x11/0x20 [ 39.573216] tcp_sendpage_locked+0x63/0xa0 [ 39.578441] tcp_sendpage+0x37/0x50 [ 39.582057] inet_sendpage+0x122/0x600 [ 39.586011] ? kernel_sendpage+0xd0/0xd0 [ 39.590052] kernel_sendpage+0x60/0xd0 [ 39.594004] ? pipe_lock+0x4f/0x60 [ 39.597740] sock_sendpage+0x6d/0xd0 [ 39.601629] pipe_to_sendpage+0x212/0x430 [ 39.605786] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.610792] __splice_from_pipe+0x2cb/0x720 [ 39.615100] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.620443] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.625563] splice_from_pipe+0xbb/0x120 [ 39.629669] ? splice_shrink_spd+0xa0/0xa0 [ 39.634047] ? rw_verify_area+0xb8/0x2b0 [ 39.638106] generic_splice_sendpage+0x10/0x20 [ 39.642940] do_splice+0xa25/0x12b0 [ 39.646652] ? opipe_prep.part.13+0x320/0x320 [ 39.651436] ? __fget_light+0x174/0x1e0 [ 39.655701] __x64_sys_splice+0x248/0x300 [ 39.660106] do_syscall_64+0xd0/0x4e0 [ 39.663898] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.669337] RIP: 0033:0x461229 [ 39.672597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 39.692020] RSP: 002b:00007fbc04df01a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 39.700321] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 39.707685] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 39.715114] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 39.722959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 39.730516] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fbc04df06bc [ 39.747606] CPU: 1 PID: 6599 Comm: syz-executor.5 Not tainted 4.19.190-syzkaller #0 [ 39.755790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.765448] Call Trace: [ 39.768045] dump_stack+0x123/0x171 [ 39.771680] should_fail.cold.4+0x5/0xa [ 39.775753] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 39.780947] ? lock_downgrade+0x860/0x860 [ 39.785097] ? ___might_sleep+0x16b/0x270 [ 39.789246] __should_failslab+0xba/0xf0 [ 39.793827] should_failslab+0x9/0x20 [ 39.797631] __kmalloc+0x2dd/0x770 [ 39.801437] ? tls_push_record+0xff/0x1600 [ 39.805811] ? __sk_mem_schedule+0x5f/0xc0 [ 39.810216] tls_push_record+0xff/0x1600 [ 39.814547] tls_sw_sendpage+0x462/0xc00 [ 39.818951] ? tls_sw_sendmsg+0x1010/0x1010 [ 39.823253] ? pipe_lock+0x4f/0x60 [ 39.826787] inet_sendpage+0x122/0x600 [ 39.830756] ? kernel_sendpage+0xd0/0xd0 [ 39.835058] kernel_sendpage+0x60/0xd0 [ 39.839113] ? pipe_lock+0x4f/0x60 [ 39.842646] sock_sendpage+0x6d/0xd0 [ 39.846515] pipe_to_sendpage+0x212/0x430 [ 39.850833] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.855870] ? kasan_check_write+0x14/0x20 [ 39.860260] ? anon_pipe_buf_release+0x149/0x1f0 [ 39.865186] __splice_from_pipe+0x2cb/0x720 [ 39.870204] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.875471] ? generic_pipe_buf_nosteal+0x10/0x10 [ 39.880586] splice_from_pipe+0xbb/0x120 [ 39.884802] ? splice_shrink_spd+0xa0/0xa0 [ 39.889195] ? rw_verify_area+0xb8/0x2b0 [ 39.893582] generic_splice_sendpage+0x10/0x20 [ 39.898652] do_splice+0xa25/0x12b0 [ 39.902467] ? opipe_prep.part.13+0x320/0x320 [ 39.907117] ? __fget_light+0x174/0x1e0 [ 39.911504] __x64_sys_splice+0x248/0x300 [ 39.915992] do_syscall_64+0xd0/0x4e0 [ 39.920156] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 39.925790] RIP: 0033:0x461229 [ 39.929066] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 39.949399] RSP: 002b:00007fb44f9d41a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 39.957174] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 39.964715] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 2021/05/14 21:54:28 executed programs: 6 [ 39.972223] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 39.979992] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 39.987504] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fb44f9d46bc [ 40.050725] FAULT_INJECTION: forcing a failure. [ 40.050725] name failslab, interval 1, probability 0, space 0, times 0 [ 40.066668] FAULT_INJECTION: forcing a failure. [ 40.066668] name failslab, interval 1, probability 0, space 0, times 0 [ 40.074326] FAULT_INJECTION: forcing a failure. [ 40.074326] name failslab, interval 1, probability 0, space 0, times 0 [ 40.078405] FAULT_INJECTION: forcing a failure. [ 40.078405] name failslab, interval 1, probability 0, space 0, times 0 [ 40.106950] FAULT_INJECTION: forcing a failure. [ 40.106950] name failslab, interval 1, probability 0, space 0, times 0 [ 40.119121] CPU: 1 PID: 6611 Comm: syz-executor.4 Not tainted 4.19.190-syzkaller #0 [ 40.127188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.137001] Call Trace: [ 40.139690] dump_stack+0x123/0x171 [ 40.143472] should_fail.cold.4+0x5/0xa [ 40.147783] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 40.153217] ? lock_downgrade+0x860/0x860 [ 40.157594] ? ___might_sleep+0x16b/0x270 [ 40.162044] __should_failslab+0xba/0xf0 [ 40.166359] should_failslab+0x9/0x20 [ 40.170859] __kmalloc+0x2dd/0x770 [ 40.174734] ? tls_push_record+0xff/0x1600 [ 40.179133] ? __sk_mem_schedule+0x5f/0xc0 [ 40.183355] tls_push_record+0xff/0x1600 [ 40.187585] tls_sw_sendpage+0x462/0xc00 [ 40.191632] ? tls_sw_sendmsg+0x1010/0x1010 [ 40.196382] ? pipe_lock+0x4f/0x60 [ 40.200341] inet_sendpage+0x122/0x600 [ 40.204246] ? kernel_sendpage+0xd0/0xd0 [ 40.208481] kernel_sendpage+0x60/0xd0 [ 40.212610] ? pipe_lock+0x4f/0x60 [ 40.216135] sock_sendpage+0x6d/0xd0 [ 40.219830] pipe_to_sendpage+0x212/0x430 [ 40.224132] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.229132] ? kasan_check_write+0x14/0x20 [ 40.233869] ? anon_pipe_buf_release+0x149/0x1f0 [ 40.238927] __splice_from_pipe+0x2cb/0x720 [ 40.243595] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.248772] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.253902] splice_from_pipe+0xbb/0x120 [ 40.258217] ? splice_shrink_spd+0xa0/0xa0 [ 40.262609] ? rw_verify_area+0xb8/0x2b0 [ 40.266742] generic_splice_sendpage+0x10/0x20 [ 40.271659] do_splice+0xa25/0x12b0 [ 40.275560] ? opipe_prep.part.13+0x320/0x320 [ 40.280136] ? __fget_light+0x174/0x1e0 [ 40.284195] __x64_sys_splice+0x248/0x300 [ 40.288596] do_syscall_64+0xd0/0x4e0 [ 40.292377] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.297545] RIP: 0033:0x461229 [ 40.300722] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 40.320306] RSP: 002b:00007fce360ce1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 40.328698] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 40.336295] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 40.344174] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 40.351769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 40.359023] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fce360ce6bc [ 40.372205] CPU: 0 PID: 6614 Comm: syz-executor.0 Not tainted 4.19.190-syzkaller #0 [ 40.380617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.390413] Call Trace: [ 40.393010] dump_stack+0x123/0x171 [ 40.396720] should_fail.cold.4+0x5/0xa [ 40.400686] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 40.406164] ? lock_downgrade+0x860/0x860 [ 40.410339] ? ___might_sleep+0x16b/0x270 [ 40.414769] __should_failslab+0xba/0xf0 [ 40.419118] should_failslab+0x9/0x20 [ 40.423111] __kmalloc+0x2dd/0x770 [ 40.426852] ? tls_push_record+0xff/0x1600 [ 40.431086] ? __sk_mem_schedule+0x5f/0xc0 [ 40.435399] tls_push_record+0xff/0x1600 [ 40.439730] tls_sw_sendpage+0x462/0xc00 [ 40.444063] ? tls_sw_sendmsg+0x1010/0x1010 [ 40.448735] ? pipe_lock+0x4f/0x60 [ 40.452626] inet_sendpage+0x122/0x600 [ 40.456619] ? kernel_sendpage+0xd0/0xd0 [ 40.460853] kernel_sendpage+0x60/0xd0 [ 40.464728] ? pipe_lock+0x4f/0x60 [ 40.468524] sock_sendpage+0x6d/0xd0 [ 40.472432] pipe_to_sendpage+0x212/0x430 [ 40.476938] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.481942] ? kasan_check_write+0x14/0x20 [ 40.486598] ? anon_pipe_buf_release+0x149/0x1f0 [ 40.491617] __splice_from_pipe+0x2cb/0x720 [ 40.496161] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.501616] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.506721] splice_from_pipe+0xbb/0x120 [ 40.511030] ? splice_shrink_spd+0xa0/0xa0 [ 40.515340] ? rw_verify_area+0xb8/0x2b0 [ 40.519592] generic_splice_sendpage+0x10/0x20 [ 40.524220] do_splice+0xa25/0x12b0 [ 40.527833] ? opipe_prep.part.13+0x320/0x320 [ 40.532398] ? __fget_light+0x174/0x1e0 [ 40.536453] __x64_sys_splice+0x248/0x300 [ 40.540769] do_syscall_64+0xd0/0x4e0 [ 40.544817] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.550078] RIP: 0033:0x461229 [ 40.553358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 40.573342] RSP: 002b:00007fbc04e111a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 40.581296] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 40.588958] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 40.596754] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 40.604664] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 40.612532] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fbc04e116bc [ 40.620161] CPU: 1 PID: 6617 Comm: syz-executor.2 Not tainted 4.19.190-syzkaller #0 [ 40.622817] FAULT_INJECTION: forcing a failure. [ 40.622817] name failslab, interval 1, probability 0, space 0, times 0 [ 40.628838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.628842] Call Trace: [ 40.628854] dump_stack+0x123/0x171 [ 40.628863] should_fail.cold.4+0x5/0xa [ 40.628871] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 40.628880] ? lock_downgrade+0x860/0x860 [ 40.671211] ? ___might_sleep+0x16b/0x270 [ 40.675665] __should_failslab+0xba/0xf0 [ 40.679957] should_failslab+0x9/0x20 [ 40.683833] __kmalloc+0x2dd/0x770 [ 40.687750] ? tls_push_record+0xff/0x1600 [ 40.692245] ? __sk_mem_schedule+0x5f/0xc0 [ 40.696559] tls_push_record+0xff/0x1600 [ 40.700997] tls_sw_sendpage+0x462/0xc00 [ 40.705141] ? tls_sw_sendmsg+0x1010/0x1010 [ 40.709973] ? pipe_lock+0x4f/0x60 [ 40.713702] inet_sendpage+0x122/0x600 [ 40.717837] ? kernel_sendpage+0xd0/0xd0 [ 40.721977] kernel_sendpage+0x60/0xd0 [ 40.725865] ? pipe_lock+0x4f/0x60 [ 40.729646] sock_sendpage+0x6d/0xd0 [ 40.733988] pipe_to_sendpage+0x212/0x430 [ 40.738485] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.743743] ? kasan_check_write+0x14/0x20 [ 40.748057] ? anon_pipe_buf_release+0x149/0x1f0 [ 40.753061] __splice_from_pipe+0x2cb/0x720 [ 40.757403] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.762327] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.767326] splice_from_pipe+0xbb/0x120 [ 40.771465] ? splice_shrink_spd+0xa0/0xa0 [ 40.775956] ? rw_verify_area+0xb8/0x2b0 [ 40.780007] generic_splice_sendpage+0x10/0x20 [ 40.785020] do_splice+0xa25/0x12b0 [ 40.788638] ? opipe_prep.part.13+0x320/0x320 [ 40.793215] ? __fget_light+0x174/0x1e0 [ 40.797529] __x64_sys_splice+0x248/0x300 [ 40.801681] do_syscall_64+0xd0/0x4e0 [ 40.805723] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 40.811160] RIP: 0033:0x461229 [ 40.814862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 40.835240] RSP: 002b:00007fa4ad7141a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 40.843815] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 40.851418] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 40.858973] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 40.866763] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 40.874691] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad7146bc [ 40.882428] CPU: 0 PID: 6622 Comm: syz-executor.5 Not tainted 4.19.190-syzkaller #0 [ 40.890401] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 40.901059] Call Trace: [ 40.903934] dump_stack+0x123/0x171 [ 40.907553] should_fail.cold.4+0x5/0xa [ 40.912046] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 40.917144] ? lock_downgrade+0x860/0x860 [ 40.921387] ? ___might_sleep+0x16b/0x270 [ 40.925615] __should_failslab+0xba/0xf0 [ 40.929688] should_failslab+0x9/0x20 [ 40.933694] __kmalloc+0x2dd/0x770 [ 40.937888] ? tls_push_record+0xff/0x1600 [ 40.942213] ? __sk_mem_schedule+0x5f/0xc0 [ 40.946835] tls_push_record+0xff/0x1600 [ 40.951079] tls_sw_sendpage+0x462/0xc00 [ 40.955226] ? tls_sw_sendmsg+0x1010/0x1010 [ 40.959817] ? pipe_lock+0x4f/0x60 [ 40.963434] inet_sendpage+0x122/0x600 [ 40.967416] ? kernel_sendpage+0xd0/0xd0 [ 40.971891] kernel_sendpage+0x60/0xd0 [ 40.975861] ? pipe_lock+0x4f/0x60 [ 40.979680] sock_sendpage+0x6d/0xd0 [ 40.983466] pipe_to_sendpage+0x212/0x430 [ 40.987955] ? generic_pipe_buf_nosteal+0x10/0x10 [ 40.992875] ? kasan_check_write+0x14/0x20 [ 40.997372] ? anon_pipe_buf_release+0x149/0x1f0 [ 41.002426] __splice_from_pipe+0x2cb/0x720 [ 41.006836] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.011924] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.016868] splice_from_pipe+0xbb/0x120 [ 41.021190] ? splice_shrink_spd+0xa0/0xa0 [ 41.025423] ? rw_verify_area+0xb8/0x2b0 [ 41.029607] generic_splice_sendpage+0x10/0x20 [ 41.034186] do_splice+0xa25/0x12b0 [ 41.037809] ? opipe_prep.part.13+0x320/0x320 [ 41.042546] ? __fget_light+0x174/0x1e0 [ 41.046624] __x64_sys_splice+0x248/0x300 [ 41.050758] do_syscall_64+0xd0/0x4e0 [ 41.054803] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.059986] RIP: 0033:0x461229 [ 41.063183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 41.083619] RSP: 002b:00007fb44f9d41a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 41.091624] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 41.099088] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 41.106603] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 41.114473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 41.122004] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fb44f9d46bc [ 41.129972] CPU: 1 PID: 6607 Comm: syz-executor.3 Not tainted 4.19.190-syzkaller #0 [ 41.138061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.148094] Call Trace: [ 41.150724] dump_stack+0x123/0x171 [ 41.154356] should_fail.cold.4+0x5/0xa [ 41.158337] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 41.163447] ? lock_downgrade+0x860/0x860 [ 41.167604] ? ___might_sleep+0x16b/0x270 [ 41.172123] __should_failslab+0xba/0xf0 [ 41.176388] should_failslab+0x9/0x20 [ 41.180937] kmem_cache_alloc_node_trace+0x265/0x730 [ 41.186762] __kmalloc_node_track_caller+0x3c/0x70 [ 41.191697] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 41.196704] __alloc_skb+0xd7/0x580 [ 41.200488] ? skb_scrub_packet+0x3c0/0x3c0 [ 41.204977] ? _raw_spin_unlock_irq+0x60/0x80 [ 41.209548] ? finish_task_switch+0x14a/0x6f0 [ 41.214111] ? finish_task_switch+0x11c/0x6f0 [ 41.218805] sk_stream_alloc_skb+0x9e/0x810 [ 41.223447] ? tcp_send_mss+0x1d/0x220 [ 41.227623] do_tcp_sendpages+0x774/0x1d30 [ 41.231841] ? __lock_is_held+0xb5/0x140 [ 41.235974] ? sk_stream_alloc_skb+0x810/0x810 [ 41.240973] ? __local_bh_enable_ip+0x160/0x260 [ 41.245897] ? lock_sock_nested+0xc5/0x100 [ 41.250320] ? lockdep_hardirqs_on+0x421/0x5c0 [ 41.256050] ? __local_bh_enable_ip+0x160/0x260 [ 41.261485] ? kasan_check_read+0x11/0x20 [ 41.266082] tcp_sendpage_locked+0x63/0xa0 [ 41.270760] tcp_sendpage+0x37/0x50 [ 41.274811] inet_sendpage+0x122/0x600 [ 41.279475] ? kernel_sendpage+0xd0/0xd0 [ 41.283780] kernel_sendpage+0x60/0xd0 [ 41.287735] ? pipe_lock+0x4f/0x60 [ 41.291342] sock_sendpage+0x6d/0xd0 [ 41.295305] pipe_to_sendpage+0x212/0x430 [ 41.299434] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.304365] __splice_from_pipe+0x2cb/0x720 [ 41.308751] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.313586] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.318692] splice_from_pipe+0xbb/0x120 [ 41.322841] ? splice_shrink_spd+0xa0/0xa0 [ 41.327146] ? rw_verify_area+0xb8/0x2b0 [ 41.331381] generic_splice_sendpage+0x10/0x20 [ 41.336295] do_splice+0xa25/0x12b0 [ 41.339905] ? opipe_prep.part.13+0x320/0x320 [ 41.344997] ? __fget_light+0x174/0x1e0 [ 41.348954] __x64_sys_splice+0x248/0x300 [ 41.353085] do_syscall_64+0xd0/0x4e0 [ 41.356953] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.362294] RIP: 0033:0x461229 [ 41.365551] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 41.385560] RSP: 002b:00007fa718de11a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 41.393682] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 41.401199] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 41.408455] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 41.415897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 41.423683] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa718de16bc [ 41.453555] CPU: 1 PID: 6612 Comm: syz-executor.1 Not tainted 4.19.190-syzkaller #0 [ 41.461920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.472062] Call Trace: [ 41.474855] dump_stack+0x123/0x171 [ 41.478678] should_fail.cold.4+0x5/0xa [ 41.483365] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 41.488817] ? lock_downgrade+0x860/0x860 [ 41.493496] ? ___might_sleep+0x16b/0x270 [ 41.497910] __should_failslab+0xba/0xf0 [ 41.501971] should_failslab+0x9/0x20 [ 41.506044] __kmalloc+0x2dd/0x770 [ 41.509872] ? tls_push_record+0xff/0x1600 [ 41.514451] ? __sk_mem_schedule+0x5f/0xc0 [ 41.518928] tls_push_record+0xff/0x1600 [ 41.523160] tls_sw_sendpage+0x462/0xc00 [ 41.527331] ? tls_sw_sendmsg+0x1010/0x1010 [ 41.531895] ? pipe_lock+0x4f/0x60 [ 41.535622] inet_sendpage+0x122/0x600 [ 41.539683] ? kernel_sendpage+0xd0/0xd0 [ 41.543989] kernel_sendpage+0x60/0xd0 [ 41.547969] ? pipe_lock+0x4f/0x60 [ 41.551640] sock_sendpage+0x6d/0xd0 [ 41.555346] pipe_to_sendpage+0x212/0x430 [ 41.559795] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.565145] ? kasan_check_write+0x14/0x20 [ 41.569451] ? anon_pipe_buf_release+0x149/0x1f0 [ 41.574350] __splice_from_pipe+0x2cb/0x720 [ 41.578692] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.583705] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.589395] splice_from_pipe+0xbb/0x120 [ 41.593513] ? splice_shrink_spd+0xa0/0xa0 [ 41.597816] ? rw_verify_area+0xb8/0x2b0 [ 41.602687] generic_splice_sendpage+0x10/0x20 [ 41.607391] do_splice+0xa25/0x12b0 [ 41.611022] ? opipe_prep.part.13+0x320/0x320 [ 41.615682] ? __fget_light+0x174/0x1e0 [ 41.619723] __x64_sys_splice+0x248/0x300 [ 41.624124] do_syscall_64+0xd0/0x4e0 [ 41.628101] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.633370] RIP: 0033:0x461229 [ 41.636569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 41.656858] RSP: 002b:00007f55d96101a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 41.664915] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 41.672349] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 41.679865] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 41.687379] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 41.694856] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d96106bc [ 41.707952] FAULT_INJECTION: forcing a failure. [ 41.707952] name failslab, interval 1, probability 0, space 0, times 0 [ 41.720717] FAULT_INJECTION: forcing a failure. [ 41.720717] name failslab, interval 1, probability 0, space 0, times 0 [ 41.738404] FAULT_INJECTION: forcing a failure. [ 41.738404] name failslab, interval 1, probability 0, space 0, times 0 [ 41.738408] CPU: 0 PID: 6639 Comm: syz-executor.2 Not tainted 4.19.190-syzkaller #0 [ 41.738414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 41.768531] Call Trace: [ 41.771193] dump_stack+0x123/0x171 [ 41.774901] should_fail.cold.4+0x5/0xa [ 41.778946] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 41.784391] ? lock_downgrade+0x860/0x860 [ 41.788620] ? ___might_sleep+0x16b/0x270 [ 41.793123] __should_failslab+0xba/0xf0 [ 41.797263] should_failslab+0x9/0x20 [ 41.801152] kmem_cache_alloc_node_trace+0x265/0x730 [ 41.806599] __kmalloc_node_track_caller+0x3c/0x70 [ 41.811516] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 41.816270] __alloc_skb+0xd7/0x580 [ 41.820060] ? skb_scrub_packet+0x3c0/0x3c0 [ 41.824568] ? _raw_spin_unlock_irq+0x60/0x80 [ 41.829884] ? finish_task_switch+0x14a/0x6f0 [ 41.834627] ? finish_task_switch+0x11c/0x6f0 [ 41.839139] sk_stream_alloc_skb+0x9e/0x810 [ 41.843796] ? tcp_send_mss+0x1d/0x220 [ 41.847669] do_tcp_sendpages+0x774/0x1d30 [ 41.852168] ? __lock_is_held+0xb5/0x140 [ 41.856401] ? sk_stream_alloc_skb+0x810/0x810 [ 41.861229] ? __local_bh_enable_ip+0x160/0x260 [ 41.866077] ? lock_sock_nested+0xc5/0x100 [ 41.870305] ? lockdep_hardirqs_on+0x421/0x5c0 [ 41.874957] ? __local_bh_enable_ip+0x160/0x260 [ 41.879962] ? kasan_check_read+0x11/0x20 [ 41.884198] tcp_sendpage_locked+0x63/0xa0 [ 41.888710] tcp_sendpage+0x37/0x50 [ 41.892702] inet_sendpage+0x122/0x600 [ 41.896767] ? kernel_sendpage+0xd0/0xd0 [ 41.900912] kernel_sendpage+0x60/0xd0 [ 41.905132] ? pipe_lock+0x4f/0x60 [ 41.908659] sock_sendpage+0x6d/0xd0 [ 41.912480] pipe_to_sendpage+0x212/0x430 [ 41.916737] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.921661] __splice_from_pipe+0x2cb/0x720 [ 41.926150] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.931411] ? generic_pipe_buf_nosteal+0x10/0x10 [ 41.937471] splice_from_pipe+0xbb/0x120 [ 41.941869] ? splice_shrink_spd+0xa0/0xa0 [ 41.946561] ? rw_verify_area+0xb8/0x2b0 [ 41.950607] generic_splice_sendpage+0x10/0x20 [ 41.955268] do_splice+0xa25/0x12b0 [ 41.959145] ? opipe_prep.part.13+0x320/0x320 [ 41.964113] ? __fget_light+0x174/0x1e0 [ 41.968165] __x64_sys_splice+0x248/0x300 [ 41.972487] do_syscall_64+0xd0/0x4e0 [ 41.976694] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 41.981960] RIP: 0033:0x461229 [ 41.985239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 42.005408] RSP: 002b:00007fa4ad6d21a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 42.013367] RAX: ffffffffffffffda RBX: 000000000052c050 RCX: 0000000000461229 [ 42.020895] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 42.028525] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 42.035890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 42.043231] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad6d26bc [ 42.050672] CPU: 1 PID: 6640 Comm: syz-executor.5 Not tainted 4.19.190-syzkaller #0 [ 42.059094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.068893] Call Trace: [ 42.071663] dump_stack+0x123/0x171 [ 42.075565] should_fail.cold.4+0x5/0xa [ 42.079821] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 42.085229] ? lock_downgrade+0x860/0x860 [ 42.089844] ? ___might_sleep+0x16b/0x270 [ 42.094000] __should_failslab+0xba/0xf0 [ 42.098402] should_failslab+0x9/0x20 [ 42.102193] kmem_cache_alloc_node_trace+0x265/0x730 [ 42.107692] __kmalloc_node_track_caller+0x3c/0x70 [ 42.113486] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 42.118243] __alloc_skb+0xd7/0x580 [ 42.121863] ? skb_scrub_packet+0x3c0/0x3c0 [ 42.126372] ? _raw_spin_unlock_irq+0x60/0x80 [ 42.130859] ? finish_task_switch+0x14a/0x6f0 [ 42.135684] ? finish_task_switch+0x11c/0x6f0 [ 42.140338] sk_stream_alloc_skb+0x9e/0x810 [ 42.145102] ? tcp_send_mss+0x1d/0x220 [ 42.149252] do_tcp_sendpages+0x774/0x1d30 [ 42.153792] ? __lock_is_held+0xb5/0x140 [ 42.157938] ? sk_stream_alloc_skb+0x810/0x810 [ 42.162768] ? __local_bh_enable_ip+0x160/0x260 [ 42.167940] ? lock_sock_nested+0xc5/0x100 [ 42.172676] ? lockdep_hardirqs_on+0x421/0x5c0 [ 42.177930] ? __local_bh_enable_ip+0x160/0x260 [ 42.183472] ? kasan_check_read+0x11/0x20 [ 42.187700] tcp_sendpage_locked+0x63/0xa0 [ 42.192190] tcp_sendpage+0x37/0x50 [ 42.195906] inet_sendpage+0x122/0x600 [ 42.200331] ? kernel_sendpage+0xd0/0xd0 [ 42.204465] kernel_sendpage+0x60/0xd0 [ 42.208604] ? pipe_lock+0x4f/0x60 [ 42.212237] sock_sendpage+0x6d/0xd0 [ 42.216280] pipe_to_sendpage+0x212/0x430 [ 42.220669] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.225580] __splice_from_pipe+0x2cb/0x720 [ 42.229970] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.235322] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.240351] splice_from_pipe+0xbb/0x120 [ 42.244553] ? splice_shrink_spd+0xa0/0xa0 [ 42.249210] ? rw_verify_area+0xb8/0x2b0 [ 42.253342] generic_splice_sendpage+0x10/0x20 [ 42.258079] do_splice+0xa25/0x12b0 [ 42.261954] ? opipe_prep.part.13+0x320/0x320 [ 42.266822] ? __fget_light+0x174/0x1e0 [ 42.270780] __x64_sys_splice+0x248/0x300 [ 42.275023] do_syscall_64+0xd0/0x4e0 [ 42.278909] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.284093] RIP: 0033:0x461229 [ 42.287455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 42.307598] RSP: 002b:00007fb44f9b31a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 42.315479] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 42.323029] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 42.330738] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 42.338266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 42.345697] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fb44f9b36bc [ 42.366192] CPU: 1 PID: 6632 Comm: syz-executor.4 Not tainted 4.19.190-syzkaller #0 [ 42.374897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.384637] Call Trace: [ 42.387715] dump_stack+0x123/0x171 [ 42.391521] should_fail.cold.4+0x5/0xa [ 42.395575] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 42.400927] ? lock_downgrade+0x860/0x860 [ 42.405840] ? ___might_sleep+0x16b/0x270 [ 42.410195] __should_failslab+0xba/0xf0 [ 42.414244] should_failslab+0x9/0x20 [ 42.418297] kmem_cache_alloc_node_trace+0x265/0x730 [ 42.423669] __kmalloc_node_track_caller+0x3c/0x70 [ 42.428603] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 42.433531] __alloc_skb+0xd7/0x580 [ 42.437576] ? skb_scrub_packet+0x3c0/0x3c0 [ 42.442173] ? kasan_check_write+0x14/0x20 [ 42.446592] ? finish_task_switch+0x1a4/0x6f0 [ 42.451267] sk_stream_alloc_skb+0x9e/0x810 [ 42.455755] ? tcp_send_mss+0x1d/0x220 [ 42.459800] do_tcp_sendpages+0x774/0x1d30 [ 42.464366] ? __lock_is_held+0xb5/0x140 [ 42.468502] ? sk_stream_alloc_skb+0x810/0x810 [ 42.473359] ? __local_bh_enable_ip+0x160/0x260 [ 42.478289] ? lock_sock_nested+0xc5/0x100 [ 42.482968] ? lockdep_hardirqs_on+0x421/0x5c0 [ 42.487805] ? __local_bh_enable_ip+0x160/0x260 [ 42.492547] ? kasan_check_read+0x11/0x20 [ 42.496940] tcp_sendpage_locked+0x63/0xa0 [ 42.501406] tcp_sendpage+0x37/0x50 [ 42.505351] inet_sendpage+0x122/0x600 [ 42.509593] ? kernel_sendpage+0xd0/0xd0 [ 42.513901] kernel_sendpage+0x60/0xd0 [ 42.519707] ? pipe_lock+0x4f/0x60 [ 42.523333] sock_sendpage+0x6d/0xd0 [ 42.527514] pipe_to_sendpage+0x212/0x430 [ 42.531757] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.536796] __splice_from_pipe+0x2cb/0x720 [ 42.541259] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.546397] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.551758] splice_from_pipe+0xbb/0x120 [ 42.555889] ? splice_shrink_spd+0xa0/0xa0 [ 42.560145] ? rw_verify_area+0xb8/0x2b0 [ 42.564385] generic_splice_sendpage+0x10/0x20 [ 42.569296] do_splice+0xa25/0x12b0 [ 42.572999] ? opipe_prep.part.13+0x320/0x320 [ 42.577941] ? __fget_light+0x174/0x1e0 [ 42.581912] __x64_sys_splice+0x248/0x300 [ 42.586398] do_syscall_64+0xd0/0x4e0 [ 42.590498] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.596590] RIP: 0033:0x461229 [ 42.599937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 42.619717] RSP: 002b:00007fce360ad1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 42.627596] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 42.635686] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 42.643497] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 42.650924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 42.658611] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fce360ad6bc [ 42.670670] FAULT_INJECTION: forcing a failure. [ 42.670670] name failslab, interval 1, probability 0, space 0, times 0 [ 42.696080] FAULT_INJECTION: forcing a failure. [ 42.696080] name failslab, interval 1, probability 0, space 0, times 0 [ 42.701747] CPU: 0 PID: 6653 Comm: syz-executor.0 Not tainted 4.19.190-syzkaller #0 [ 42.716219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 42.726902] Call Trace: [ 42.729573] dump_stack+0x123/0x171 [ 42.733207] should_fail.cold.4+0x5/0xa [ 42.737388] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 42.742877] ? lock_downgrade+0x860/0x860 [ 42.747151] ? ___might_sleep+0x16b/0x270 [ 42.751582] __should_failslab+0xba/0xf0 [ 42.755920] should_failslab+0x9/0x20 [ 42.759840] kmem_cache_alloc_node_trace+0x265/0x730 [ 42.765252] __kmalloc_node_track_caller+0x3c/0x70 [ 42.770192] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 42.775149] __alloc_skb+0xd7/0x580 [ 42.778960] ? skb_scrub_packet+0x3c0/0x3c0 [ 42.783522] ? _raw_spin_unlock_irq+0x60/0x80 [ 42.788258] ? finish_task_switch+0x14a/0x6f0 [ 42.793125] ? finish_task_switch+0x11c/0x6f0 [ 42.798038] sk_stream_alloc_skb+0x9e/0x810 [ 42.802687] ? tcp_send_mss+0x1d/0x220 [ 42.807140] do_tcp_sendpages+0x774/0x1d30 [ 42.811441] ? __lock_is_held+0xb5/0x140 [ 42.815613] ? sk_stream_alloc_skb+0x810/0x810 [ 42.820454] ? __local_bh_enable_ip+0x160/0x260 [ 42.825330] ? lock_sock_nested+0xc5/0x100 [ 42.829546] ? lockdep_hardirqs_on+0x421/0x5c0 [ 42.834372] ? __local_bh_enable_ip+0x160/0x260 [ 42.839043] ? kasan_check_read+0x11/0x20 [ 42.843350] tcp_sendpage_locked+0x63/0xa0 [ 42.847827] tcp_sendpage+0x37/0x50 [ 42.852043] inet_sendpage+0x122/0x600 [ 42.856453] ? kernel_sendpage+0xd0/0xd0 [ 42.860584] kernel_sendpage+0x60/0xd0 [ 42.864635] ? pipe_lock+0x4f/0x60 [ 42.868171] sock_sendpage+0x6d/0xd0 [ 42.871952] pipe_to_sendpage+0x212/0x430 [ 42.876342] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.881468] __splice_from_pipe+0x2cb/0x720 [ 42.885778] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.890712] ? generic_pipe_buf_nosteal+0x10/0x10 [ 42.895667] splice_from_pipe+0xbb/0x120 [ 42.899796] ? splice_shrink_spd+0xa0/0xa0 [ 42.904375] ? rw_verify_area+0xb8/0x2b0 [ 42.908793] generic_splice_sendpage+0x10/0x20 [ 42.913443] do_splice+0xa25/0x12b0 [ 42.917390] ? opipe_prep.part.13+0x320/0x320 [ 42.921879] ? __fget_light+0x174/0x1e0 [ 42.926304] __x64_sys_splice+0x248/0x300 [ 42.930526] do_syscall_64+0xd0/0x4e0 [ 42.934399] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 42.940509] RIP: 0033:0x461229 [ 42.944500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 42.964895] RSP: 002b:00007fbc04df01a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 42.972675] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 42.980251] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 42.988089] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 42.995606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 43.003533] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fbc04df06bc [ 43.029676] CPU: 1 PID: 6648 Comm: syz-executor.1 Not tainted 4.19.190-syzkaller #0 [ 43.037868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.048082] Call Trace: [ 43.050848] dump_stack+0x123/0x171 [ 43.054482] should_fail.cold.4+0x5/0xa [ 43.058460] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 43.063651] ? lock_downgrade+0x860/0x860 [ 43.067890] ? ___might_sleep+0x16b/0x270 [ 43.072046] __should_failslab+0xba/0xf0 [ 43.076377] should_failslab+0x9/0x20 [ 43.080450] kmem_cache_alloc_node_trace+0x265/0x730 [ 43.085742] __kmalloc_node_track_caller+0x3c/0x70 [ 43.091031] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 43.096144] __alloc_skb+0xd7/0x580 [ 43.099768] ? skb_scrub_packet+0x3c0/0x3c0 [ 43.104070] ? _raw_spin_unlock_irq+0x60/0x80 [ 43.108812] ? finish_task_switch+0x14a/0x6f0 [ 43.113546] ? finish_task_switch+0x11c/0x6f0 [ 43.118383] sk_stream_alloc_skb+0x9e/0x810 [ 43.122782] ? tcp_send_mss+0x1d/0x220 [ 43.127005] do_tcp_sendpages+0x774/0x1d30 [ 43.131308] ? __lock_is_held+0xb5/0x140 [ 43.135657] ? sk_stream_alloc_skb+0x810/0x810 [ 43.140310] ? __local_bh_enable_ip+0x160/0x260 [ 43.145478] ? lock_sock_nested+0xc5/0x100 [ 43.149777] ? lockdep_hardirqs_on+0x421/0x5c0 [ 43.154596] ? __local_bh_enable_ip+0x160/0x260 [ 43.159507] ? kasan_check_read+0x11/0x20 [ 43.163917] tcp_sendpage_locked+0x63/0xa0 [ 43.168225] tcp_sendpage+0x37/0x50 [ 43.172112] inet_sendpage+0x122/0x600 [ 43.175994] ? kernel_sendpage+0xd0/0xd0 [ 43.180207] kernel_sendpage+0x60/0xd0 [ 43.184513] ? pipe_lock+0x4f/0x60 [ 43.188032] sock_sendpage+0x6d/0xd0 [ 43.191821] pipe_to_sendpage+0x212/0x430 [ 43.195951] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.200863] __splice_from_pipe+0x2cb/0x720 [ 43.205164] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.210328] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.215246] splice_from_pipe+0xbb/0x120 [ 43.219568] ? splice_shrink_spd+0xa0/0xa0 [ 43.224142] ? rw_verify_area+0xb8/0x2b0 [ 43.228551] generic_splice_sendpage+0x10/0x20 [ 43.233112] do_splice+0xa25/0x12b0 [ 43.237185] ? opipe_prep.part.13+0x320/0x320 [ 43.241671] ? __fget_light+0x174/0x1e0 [ 43.245719] __x64_sys_splice+0x248/0x300 [ 43.249935] do_syscall_64+0xd0/0x4e0 [ 43.253805] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 43.258973] RIP: 0033:0x461229 [ 43.262145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 43.282086] RSP: 002b:00007f55d95ef1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 43.290146] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 43.298389] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 43.306001] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 43.313603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 43.321114] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d95ef6bc [ 43.333897] FAULT_INJECTION: forcing a failure. [ 43.333897] name failslab, interval 1, probability 0, space 0, times 0 [ 43.347830] FAULT_INJECTION: forcing a failure. [ 43.347830] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 43.360528] CPU: 0 PID: 6673 Comm: syz-executor.5 Not tainted 4.19.190-syzkaller #0 [ 43.369108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.378638] Call Trace: [ 43.381756] dump_stack+0x123/0x171 [ 43.385461] should_fail.cold.4+0x5/0xa [ 43.389511] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 43.394884] ? mark_held_locks+0x130/0x130 [ 43.399459] __alloc_pages_nodemask+0x1d5/0x710 [ 43.404552] ? __alloc_pages_slowpath+0x25c0/0x25c0 [ 43.410264] cache_grow_begin+0x91/0x8d0 [ 43.414519] ? kmem_cache_alloc_node+0xaa/0x720 [ 43.419256] kmem_cache_alloc_node+0x65b/0x720 [ 43.424059] __alloc_skb+0xa7/0x580 [ 43.427763] ? skb_scrub_packet+0x3c0/0x3c0 [ 43.432392] ? _raw_spin_unlock_irq+0x60/0x80 [ 43.437050] ? finish_task_switch+0x14a/0x6f0 [ 43.441816] ? finish_task_switch+0x11c/0x6f0 [ 43.446556] sk_stream_alloc_skb+0x9e/0x810 [ 43.451465] ? tcp_send_mss+0x1d/0x220 [ 43.455438] do_tcp_sendpages+0x774/0x1d30 [ 43.459921] ? __lock_is_held+0xb5/0x140 [ 43.463987] ? sk_stream_alloc_skb+0x810/0x810 [ 43.469069] ? __local_bh_enable_ip+0x160/0x260 [ 43.474373] ? lock_sock_nested+0xc5/0x100 [ 43.478848] ? lockdep_hardirqs_on+0x421/0x5c0 [ 43.483771] ? __local_bh_enable_ip+0x160/0x260 [ 43.489042] ? kasan_check_read+0x11/0x20 [ 43.493456] tcp_sendpage_locked+0x63/0xa0 [ 43.497952] tcp_sendpage+0x37/0x50 [ 43.501575] inet_sendpage+0x122/0x600 [ 43.505879] ? kernel_sendpage+0xd0/0xd0 [ 43.510757] kernel_sendpage+0x60/0xd0 [ 43.515061] ? pipe_lock+0x4f/0x60 [ 43.518774] sock_sendpage+0x6d/0xd0 [ 43.522742] pipe_to_sendpage+0x212/0x430 [ 43.527423] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.532434] __splice_from_pipe+0x2cb/0x720 [ 43.536843] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.542048] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.547329] splice_from_pipe+0xbb/0x120 [ 43.551371] ? splice_shrink_spd+0xa0/0xa0 [ 43.555592] ? rw_verify_area+0xb8/0x2b0 [ 43.559723] generic_splice_sendpage+0x10/0x20 [ 43.564842] do_splice+0xa25/0x12b0 [ 43.568729] ? opipe_prep.part.13+0x320/0x320 [ 43.573299] ? __fget_light+0x174/0x1e0 [ 43.577350] __x64_sys_splice+0x248/0x300 [ 43.581861] do_syscall_64+0xd0/0x4e0 [ 43.586215] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 43.591837] RIP: 0033:0x461229 [ 43.595185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 43.614578] RSP: 002b:00007fb44f9b31a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 43.622626] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 43.630629] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 43.638406] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 43.645842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 43.653353] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fb44f9b36bc [ 43.663472] FAULT_INJECTION: forcing a failure. [ 43.663472] name failslab, interval 1, probability 0, space 0, times 0 [ 43.688510] CPU: 0 PID: 6674 Comm: syz-executor.4 Not tainted 4.19.190-syzkaller #0 [ 43.696476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 43.706351] Call Trace: [ 43.709166] dump_stack+0x123/0x171 [ 43.712886] should_fail.cold.4+0x5/0xa [ 43.716866] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 43.722128] ? lock_downgrade+0x860/0x860 [ 43.726631] ? ___might_sleep+0x16b/0x270 [ 43.730869] __should_failslab+0xba/0xf0 [ 43.734931] should_failslab+0x9/0x20 [ 43.738737] kmem_cache_alloc_node_trace+0x265/0x730 [ 43.743934] __kmalloc_node_track_caller+0x3c/0x70 [ 43.749162] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 43.754269] __alloc_skb+0xd7/0x580 [ 43.757888] ? skb_scrub_packet+0x3c0/0x3c0 [ 43.762722] ? kasan_check_write+0x14/0x20 [ 43.766953] ? finish_task_switch+0x1a4/0x6f0 [ 43.771613] sk_stream_alloc_skb+0x9e/0x810 [ 43.776270] ? tcp_send_mss+0x1d/0x220 [ 43.780661] do_tcp_sendpages+0x774/0x1d30 [ 43.785269] ? __lock_is_held+0xb5/0x140 [ 43.789494] ? sk_stream_alloc_skb+0x810/0x810 [ 43.794064] ? __local_bh_enable_ip+0x160/0x260 [ 43.799350] ? lock_sock_nested+0xc5/0x100 [ 43.803951] ? lockdep_hardirqs_on+0x421/0x5c0 [ 43.808786] ? __local_bh_enable_ip+0x160/0x260 [ 43.813545] ? kasan_check_read+0x11/0x20 [ 43.817870] tcp_sendpage_locked+0x63/0xa0 [ 43.822237] tcp_sendpage+0x37/0x50 [ 43.825854] inet_sendpage+0x122/0x600 [ 43.830065] ? kernel_sendpage+0xd0/0xd0 [ 43.834301] kernel_sendpage+0x60/0xd0 [ 43.838348] ? pipe_lock+0x4f/0x60 [ 43.841963] sock_sendpage+0x6d/0xd0 [ 43.845999] pipe_to_sendpage+0x212/0x430 [ 43.850430] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.855367] __splice_from_pipe+0x2cb/0x720 [ 43.860476] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.865568] ? generic_pipe_buf_nosteal+0x10/0x10 [ 43.870835] splice_from_pipe+0xbb/0x120 [ 43.875246] ? splice_shrink_spd+0xa0/0xa0 [ 43.880156] ? rw_verify_area+0xb8/0x2b0 [ 43.884306] generic_splice_sendpage+0x10/0x20 [ 43.889315] do_splice+0xa25/0x12b0 [ 43.893205] ? opipe_prep.part.13+0x320/0x320 [ 43.898573] ? __fget_light+0x174/0x1e0 [ 43.902628] __x64_sys_splice+0x248/0x300 [ 43.907044] do_syscall_64+0xd0/0x4e0 [ 43.911077] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 43.916608] RIP: 0033:0x461229 [ 43.920078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 43.941192] RSP: 002b:00007fce360ad1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 43.949083] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 43.956612] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 43.964408] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 43.971840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 43.979376] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fce360ad6bc [ 43.987347] CPU: 1 PID: 6672 Comm: syz-executor.3 Not tainted 4.19.190-syzkaller #0 [ 43.995852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.005950] Call Trace: [ 44.008532] dump_stack+0x123/0x171 [ 44.012260] should_fail.cold.4+0x5/0xa [ 44.016784] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 44.021871] ? lock_downgrade+0x860/0x860 [ 44.026795] ? ___might_sleep+0x16b/0x270 [ 44.031104] __should_failslab+0xba/0xf0 [ 44.035592] should_failslab+0x9/0x20 [ 44.039724] kmem_cache_alloc_node_trace+0x265/0x730 [ 44.044991] __kmalloc_node_track_caller+0x3c/0x70 [ 44.049905] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 44.054645] __alloc_skb+0xd7/0x580 [ 44.058352] ? skb_scrub_packet+0x3c0/0x3c0 [ 44.062665] ? _raw_spin_unlock_irq+0x60/0x80 [ 44.067599] ? finish_task_switch+0x14a/0x6f0 [ 44.072336] ? finish_task_switch+0x11c/0x6f0 [ 44.077287] sk_stream_alloc_skb+0x9e/0x810 [ 44.082158] ? tcp_send_mss+0x1d/0x220 [ 44.086376] do_tcp_sendpages+0x774/0x1d30 [ 44.090680] ? __lock_is_held+0xb5/0x140 [ 44.094822] ? sk_stream_alloc_skb+0x810/0x810 [ 44.099744] ? __local_bh_enable_ip+0x160/0x260 [ 44.104866] ? lock_sock_nested+0xc5/0x100 [ 44.109340] ? lockdep_hardirqs_on+0x421/0x5c0 [ 44.114165] ? __local_bh_enable_ip+0x160/0x260 [ 44.118900] ? kasan_check_read+0x11/0x20 [ 44.123126] tcp_sendpage_locked+0x63/0xa0 [ 44.127561] tcp_sendpage+0x37/0x50 [ 44.131182] inet_sendpage+0x122/0x600 [ 44.135370] ? kernel_sendpage+0xd0/0xd0 [ 44.139507] kernel_sendpage+0x60/0xd0 [ 44.143494] ? pipe_lock+0x4f/0x60 [ 44.147189] sock_sendpage+0x6d/0xd0 [ 44.150883] pipe_to_sendpage+0x212/0x430 [ 44.155273] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.160388] __splice_from_pipe+0x2cb/0x720 [ 44.164776] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.169886] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.175234] splice_from_pipe+0xbb/0x120 [ 44.179589] ? splice_shrink_spd+0xa0/0xa0 [ 44.183984] ? rw_verify_area+0xb8/0x2b0 [ 44.188222] generic_splice_sendpage+0x10/0x20 [ 44.193143] do_splice+0xa25/0x12b0 [ 44.196928] ? opipe_prep.part.13+0x320/0x320 [ 44.201515] ? __fget_light+0x174/0x1e0 [ 44.205818] __x64_sys_splice+0x248/0x300 [ 44.210175] do_syscall_64+0xd0/0x4e0 [ 44.214591] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 44.219939] RIP: 0033:0x461229 [ 44.223325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 44.243081] RSP: 002b:00007fa718de11a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 44.251139] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 44.258765] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 44.266122] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 44.273977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 44.281228] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa718de16bc [ 44.289689] FAULT_INJECTION: forcing a failure. [ 44.289689] name failslab, interval 1, probability 0, space 0, times 0 [ 44.303124] FAULT_INJECTION: forcing a failure. [ 44.303124] name failslab, interval 1, probability 0, space 0, times 0 [ 44.317303] FAULT_INJECTION: forcing a failure. [ 44.317303] name failslab, interval 1, probability 0, space 0, times 0 [ 44.329574] CPU: 0 PID: 6683 Comm: syz-executor.1 Not tainted 4.19.190-syzkaller #0 [ 44.337665] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.347564] Call Trace: [ 44.350366] dump_stack+0x123/0x171 [ 44.353983] should_fail.cold.4+0x5/0xa [ 44.358380] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 44.363833] ? lock_downgrade+0x860/0x860 [ 44.368604] ? ___might_sleep+0x16b/0x270 [ 44.373277] __should_failslab+0xba/0xf0 [ 44.377508] should_failslab+0x9/0x20 [ 44.381685] kmem_cache_alloc_node_trace+0x265/0x730 [ 44.387217] __kmalloc_node_track_caller+0x3c/0x70 [ 44.392583] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 44.397701] __alloc_skb+0xd7/0x580 [ 44.401582] ? skb_scrub_packet+0x3c0/0x3c0 [ 44.406062] ? kasan_check_write+0x14/0x20 [ 44.410936] ? finish_task_switch+0x1a4/0x6f0 [ 44.416163] sk_stream_alloc_skb+0x9e/0x810 [ 44.420562] ? tcp_send_mss+0x1d/0x220 [ 44.424801] do_tcp_sendpages+0x774/0x1d30 [ 44.429107] ? __lock_is_held+0xb5/0x140 [ 44.433426] ? sk_stream_alloc_skb+0x810/0x810 [ 44.438532] ? __local_bh_enable_ip+0x160/0x260 [ 44.443390] ? lock_sock_nested+0xc5/0x100 [ 44.447607] ? lockdep_hardirqs_on+0x421/0x5c0 [ 44.452256] ? __local_bh_enable_ip+0x160/0x260 [ 44.457079] ? kasan_check_read+0x11/0x20 [ 44.461294] tcp_sendpage_locked+0x63/0xa0 [ 44.465694] tcp_sendpage+0x37/0x50 [ 44.469573] inet_sendpage+0x122/0x600 [ 44.473756] ? kernel_sendpage+0xd0/0xd0 [ 44.478076] kernel_sendpage+0x60/0xd0 [ 44.482064] ? pipe_lock+0x4f/0x60 [ 44.485931] sock_sendpage+0x6d/0xd0 [ 44.489803] pipe_to_sendpage+0x212/0x430 [ 44.494107] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.499210] __splice_from_pipe+0x2cb/0x720 [ 44.503599] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.508514] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.513642] splice_from_pipe+0xbb/0x120 [ 44.517774] ? splice_shrink_spd+0xa0/0xa0 [ 44.522347] ? rw_verify_area+0xb8/0x2b0 [ 44.526566] generic_splice_sendpage+0x10/0x20 [ 44.531387] do_splice+0xa25/0x12b0 [ 44.535017] ? opipe_prep.part.13+0x320/0x320 [ 44.539672] ? __fget_light+0x174/0x1e0 [ 44.543989] __x64_sys_splice+0x248/0x300 [ 44.548472] do_syscall_64+0xd0/0x4e0 [ 44.552707] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 44.558148] RIP: 0033:0x461229 [ 44.561494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 44.581941] RSP: 002b:00007f55d95ce1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 44.589890] RAX: ffffffffffffffda RBX: 000000000052c050 RCX: 0000000000461229 [ 44.597230] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 44.604843] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 44.612268] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 44.619705] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d95ce6bc [ 44.630642] CPU: 0 PID: 6661 Comm: syz-executor.2 Not tainted 4.19.190-syzkaller #0 [ 44.639043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.648799] Call Trace: [ 44.651484] dump_stack+0x123/0x171 [ 44.655292] should_fail.cold.4+0x5/0xa [ 44.659340] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 44.664701] ? lock_downgrade+0x860/0x860 [ 44.669116] ? ___might_sleep+0x16b/0x270 [ 44.673518] __should_failslab+0xba/0xf0 [ 44.677940] should_failslab+0x9/0x20 [ 44.681814] kmem_cache_alloc_node_trace+0x265/0x730 [ 44.687080] __kmalloc_node_track_caller+0x3c/0x70 [ 44.692267] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 44.697193] __alloc_skb+0xd7/0x580 [ 44.700980] ? skb_scrub_packet+0x3c0/0x3c0 [ 44.705734] ? _raw_spin_unlock_irq+0x60/0x80 [ 44.710999] ? finish_task_switch+0x14a/0x6f0 [ 44.715668] ? finish_task_switch+0x11c/0x6f0 [ 44.720415] sk_stream_alloc_skb+0x9e/0x810 [ 44.724725] ? tcp_send_mss+0x1d/0x220 [ 44.728690] do_tcp_sendpages+0x774/0x1d30 [ 44.732921] ? __lock_is_held+0xb5/0x140 [ 44.737202] ? sk_stream_alloc_skb+0x810/0x810 [ 44.741856] ? __local_bh_enable_ip+0x160/0x260 [ 44.746901] ? lock_sock_nested+0xc5/0x100 [ 44.751204] ? lockdep_hardirqs_on+0x421/0x5c0 [ 44.756027] ? __local_bh_enable_ip+0x160/0x260 [ 44.760866] ? kasan_check_read+0x11/0x20 [ 44.765175] tcp_sendpage_locked+0x63/0xa0 [ 44.769392] tcp_sendpage+0x37/0x50 [ 44.773444] inet_sendpage+0x122/0x600 [ 44.777728] ? kernel_sendpage+0xd0/0xd0 [ 44.781946] kernel_sendpage+0x60/0xd0 [ 44.786114] ? pipe_lock+0x4f/0x60 [ 44.789853] sock_sendpage+0x6d/0xd0 [ 44.793559] pipe_to_sendpage+0x212/0x430 [ 44.797809] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.802723] __splice_from_pipe+0x2cb/0x720 [ 44.807318] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.812318] ? generic_pipe_buf_nosteal+0x10/0x10 [ 44.817230] splice_from_pipe+0xbb/0x120 [ 44.821882] ? splice_shrink_spd+0xa0/0xa0 [ 44.826191] ? rw_verify_area+0xb8/0x2b0 [ 44.830321] generic_splice_sendpage+0x10/0x20 [ 44.834971] do_splice+0xa25/0x12b0 [ 44.838885] ? opipe_prep.part.13+0x320/0x320 [ 44.843664] ? __fget_light+0x174/0x1e0 [ 44.847713] __x64_sys_splice+0x248/0x300 [ 44.852112] do_syscall_64+0xd0/0x4e0 [ 44.855897] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 44.861069] RIP: 0033:0x461229 [ 44.864320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 44.884728] RSP: 002b:00007fa4ad6d21a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 44.892693] RAX: ffffffffffffffda RBX: 000000000052c050 RCX: 0000000000461229 [ 44.900546] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 44.908214] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 44.916266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 44.923877] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad6d26bc [ 44.939266] CPU: 1 PID: 6682 Comm: syz-executor.0 Not tainted 4.19.190-syzkaller #0 [ 44.947184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 44.956823] Call Trace: [ 44.959413] dump_stack+0x123/0x171 [ 44.963373] should_fail.cold.4+0x5/0xa [ 44.968367] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 44.974458] ? lock_downgrade+0x860/0x860 [ 44.978789] ? ___might_sleep+0x16b/0x270 [ 44.983027] __should_failslab+0xba/0xf0 [ 44.987265] should_failslab+0x9/0x20 [ 44.991154] kmem_cache_alloc_node_trace+0x265/0x730 [ 44.996617] __kmalloc_node_track_caller+0x3c/0x70 [ 45.001721] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 45.006725] __alloc_skb+0xd7/0x580 [ 45.010526] ? skb_scrub_packet+0x3c0/0x3c0 [ 45.015358] ? _raw_spin_unlock_irq+0x60/0x80 [ 45.020026] ? finish_task_switch+0x14a/0x6f0 [ 45.024913] ? finish_task_switch+0x11c/0x6f0 [ 45.029913] sk_stream_alloc_skb+0x9e/0x810 [ 45.034407] ? tcp_send_mss+0x1d/0x220 [ 45.038933] do_tcp_sendpages+0x774/0x1d30 [ 45.043510] ? __lock_is_held+0xb5/0x140 [ 45.047991] ? sk_stream_alloc_skb+0x810/0x810 [ 45.052661] ? __local_bh_enable_ip+0x160/0x260 [ 45.057484] ? lock_sock_nested+0xc5/0x100 [ 45.061784] ? lockdep_hardirqs_on+0x421/0x5c0 [ 45.066520] ? __local_bh_enable_ip+0x160/0x260 [ 45.071353] ? kasan_check_read+0x11/0x20 [ 45.075654] tcp_sendpage_locked+0x63/0xa0 [ 45.080044] tcp_sendpage+0x37/0x50 [ 45.083831] inet_sendpage+0x122/0x600 [ 45.087883] ? kernel_sendpage+0xd0/0xd0 [ 45.091951] kernel_sendpage+0x60/0xd0 [ 45.096428] ? pipe_lock+0x4f/0x60 [ 45.100050] sock_sendpage+0x6d/0xd0 [ 45.103940] pipe_to_sendpage+0x212/0x430 [ 45.108242] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.113839] __splice_from_pipe+0x2cb/0x720 [ 45.118489] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.123403] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.128833] splice_from_pipe+0xbb/0x120 [ 45.132958] ? splice_shrink_spd+0xa0/0xa0 [ 45.137414] ? rw_verify_area+0xb8/0x2b0 [ 45.141457] generic_splice_sendpage+0x10/0x20 [ 45.146523] do_splice+0xa25/0x12b0 [ 45.150396] ? opipe_prep.part.13+0x320/0x320 [ 45.155154] ? __fget_light+0x174/0x1e0 [ 45.159369] __x64_sys_splice+0x248/0x300 [ 45.163937] do_syscall_64+0xd0/0x4e0 [ 45.167892] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 45.173535] RIP: 0033:0x461229 2021/05/14 21:54:33 executed programs: 23 [ 45.176793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 45.196984] RSP: 002b:00007fbc04df01a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 45.204757] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 45.212373] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 45.221034] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 45.228421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 45.236137] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fbc04df06bc [ 45.274126] FAULT_INJECTION: forcing a failure. [ 45.274126] name failslab, interval 1, probability 0, space 0, times 0 [ 45.290463] CPU: 0 PID: 6698 Comm: syz-executor.1 Not tainted 4.19.190-syzkaller #0 [ 45.292104] FAULT_INJECTION: forcing a failure. [ 45.292104] name failslab, interval 1, probability 0, space 0, times 0 [ 45.298838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.298842] Call Trace: [ 45.298855] dump_stack+0x123/0x171 [ 45.298865] should_fail.cold.4+0x5/0xa [ 45.298873] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 45.298879] ? lock_downgrade+0x860/0x860 [ 45.298887] ? ___might_sleep+0x16b/0x270 [ 45.298896] __should_failslab+0xba/0xf0 [ 45.298901] should_failslab+0x9/0x20 [ 45.298907] __kmalloc+0x2dd/0x770 [ 45.298917] ? tls_push_record+0xff/0x1600 [ 45.298923] ? __sk_mem_schedule+0x5f/0xc0 [ 45.298931] tls_push_record+0xff/0x1600 [ 45.298947] tls_sw_sendpage+0x462/0xc00 [ 45.298964] ? tls_sw_sendmsg+0x1010/0x1010 [ 45.298971] ? pipe_lock+0x4f/0x60 [ 45.298983] inet_sendpage+0x122/0x600 [ 45.298993] ? kernel_sendpage+0xd0/0xd0 [ 45.298999] kernel_sendpage+0x60/0xd0 [ 45.299003] ? pipe_lock+0x4f/0x60 [ 45.299011] sock_sendpage+0x6d/0xd0 [ 45.403515] pipe_to_sendpage+0x212/0x430 [ 45.407998] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.413618] ? kasan_check_write+0x14/0x20 [ 45.418044] ? anon_pipe_buf_release+0x149/0x1f0 [ 45.422985] __splice_from_pipe+0x2cb/0x720 [ 45.427478] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.432741] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.437934] splice_from_pipe+0xbb/0x120 [ 45.442176] ? splice_shrink_spd+0xa0/0xa0 [ 45.447082] ? rw_verify_area+0xb8/0x2b0 [ 45.451219] generic_splice_sendpage+0x10/0x20 [ 45.456100] do_splice+0xa25/0x12b0 [ 45.459820] ? opipe_prep.part.13+0x320/0x320 [ 45.464316] ? __fget_light+0x174/0x1e0 [ 45.468277] __x64_sys_splice+0x248/0x300 [ 45.472619] do_syscall_64+0xd0/0x4e0 [ 45.476671] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 45.482229] RIP: 0033:0x461229 [ 45.485826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 45.505629] RSP: 002b:00007f55d96101a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 45.514080] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 45.521684] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 45.529633] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 45.537385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 45.544727] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d96106bc [ 45.557187] CPU: 1 PID: 6692 Comm: syz-executor.4 Not tainted 4.19.190-syzkaller #0 [ 45.565188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.575105] Call Trace: [ 45.577974] dump_stack+0x123/0x171 [ 45.581982] should_fail.cold.4+0x5/0xa [ 45.586055] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 45.591142] ? lock_downgrade+0x860/0x860 [ 45.595443] ? ___might_sleep+0x16b/0x270 [ 45.599576] __should_failslab+0xba/0xf0 [ 45.603796] should_failslab+0x9/0x20 [ 45.607845] kmem_cache_alloc_node_trace+0x265/0x730 [ 45.612935] __kmalloc_node_track_caller+0x3c/0x70 [ 45.617948] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 45.622696] __alloc_skb+0xd7/0x580 [ 45.626392] ? skb_scrub_packet+0x3c0/0x3c0 [ 45.630794] ? _raw_spin_unlock_irq+0x60/0x80 [ 45.635357] ? finish_task_switch+0x14a/0x6f0 [ 45.639946] ? finish_task_switch+0x11c/0x6f0 [ 45.644510] sk_stream_alloc_skb+0x9e/0x810 [ 45.649075] ? tcp_send_mss+0x1d/0x220 [ 45.653308] do_tcp_sendpages+0x774/0x1d30 [ 45.657711] ? __lock_is_held+0xb5/0x140 [ 45.661860] ? sk_stream_alloc_skb+0x810/0x810 [ 45.666778] ? __local_bh_enable_ip+0x160/0x260 [ 45.671707] ? lock_sock_nested+0xc5/0x100 [ 45.676113] ? lockdep_hardirqs_on+0x421/0x5c0 [ 45.680767] ? __local_bh_enable_ip+0x160/0x260 [ 45.685842] ? kasan_check_read+0x11/0x20 [ 45.690245] tcp_sendpage_locked+0x63/0xa0 [ 45.694556] tcp_sendpage+0x37/0x50 [ 45.698165] inet_sendpage+0x122/0x600 [ 45.702293] ? kernel_sendpage+0xd0/0xd0 [ 45.707097] kernel_sendpage+0x60/0xd0 [ 45.711060] ? pipe_lock+0x4f/0x60 [ 45.715046] sock_sendpage+0x6d/0xd0 [ 45.719017] pipe_to_sendpage+0x212/0x430 [ 45.723510] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.728440] __splice_from_pipe+0x2cb/0x720 [ 45.733239] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.738330] ? generic_pipe_buf_nosteal+0x10/0x10 [ 45.743513] splice_from_pipe+0xbb/0x120 [ 45.747918] ? splice_shrink_spd+0xa0/0xa0 [ 45.752270] ? rw_verify_area+0xb8/0x2b0 [ 45.756513] generic_splice_sendpage+0x10/0x20 [ 45.761248] do_splice+0xa25/0x12b0 [ 45.764948] ? opipe_prep.part.13+0x320/0x320 [ 45.769706] ? __fget_light+0x174/0x1e0 [ 45.774482] __x64_sys_splice+0x248/0x300 [ 45.778969] do_syscall_64+0xd0/0x4e0 [ 45.783104] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 45.788362] RIP: 0033:0x461229 [ 45.791931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 45.813647] RSP: 002b:00007fce360ad1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 45.821695] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 45.829409] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 45.836780] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 45.844486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 45.851907] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fce360ad6bc [ 45.870574] ================================================================== [ 45.879367] BUG: KASAN: use-after-free in scatterwalk_copychunks+0x1e1/0x610 [ 45.887265] Read of size 4096 at addr ffff8881e399b000 by task syz-executor.1/6698 [ 45.895657] [ 45.897497] CPU: 0 PID: 6698 Comm: syz-executor.1 Not tainted 4.19.190-syzkaller #0 [ 45.905733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 45.915526] Call Trace: [ 45.918189] dump_stack+0x123/0x171 [ 45.922062] print_address_description.cold.8+0x9/0x1ff [ 45.928223] kasan_report.cold.9+0x242/0x2fe [ 45.932623] ? scatterwalk_copychunks+0x1e1/0x610 [ 45.938380] check_memory_region+0x13e/0x1b0 [ 45.943348] memcpy+0x23/0x50 [ 45.946588] scatterwalk_copychunks+0x1e1/0x610 [ 45.951633] scatterwalk_map_and_copy+0x128/0x190 [ 45.957424] ? __lock_is_held+0xb5/0x140 [ 45.961899] ? scatterwalk_copychunks+0x610/0x610 [ 45.966923] ? rcu_read_lock_sched_held+0x108/0x120 [ 45.972089] ? __kmalloc+0x5f1/0x770 [ 45.976672] ? gcmaes_encrypt.constprop.15+0x630/0xda0 [ 45.982020] gcmaes_encrypt.constprop.15+0x6d6/0xda0 [ 45.987806] ? tls_sw_sendpage+0x462/0xc00 [ 45.992711] ? inet_sendpage+0x122/0x600 [ 45.997751] ? kernel_sendpage+0x60/0xd0 [ 46.002217] ? sock_sendpage+0x6d/0xd0 [ 46.007062] ? pipe_to_sendpage+0x212/0x430 [ 46.012298] ? __splice_from_pipe+0x2cb/0x720 [ 46.017406] ? gcmaes_crypt_by_sg.constprop.16+0x1490/0x1490 [ 46.023280] ? usleep_range+0x130/0x130 [ 46.027637] ? __lock_is_held+0xb5/0x140 [ 46.032462] ? __lock_is_held+0xb5/0x140 [ 46.037392] generic_gcmaes_encrypt+0xfd/0x150 [ 46.042133] ? generic_gcmaes_encrypt+0xfd/0x150 [ 46.047313] ? helper_rfc4106_encrypt+0x450/0x450 [ 46.052513] ? __kmalloc+0x5f1/0x770 [ 46.056385] gcmaes_wrapper_encrypt+0x109/0x180 [ 46.061785] tls_push_record+0x9ae/0x1600 [ 46.066018] ? sk_stream_kill_queues+0x570/0x570 [ 46.071356] tls_sw_sendpage+0x462/0xc00 [ 46.075488] ? tls_sw_sendmsg+0x1010/0x1010 [ 46.080503] ? pipe_lock+0x4f/0x60 [ 46.084406] inet_sendpage+0x122/0x600 [ 46.088361] ? kernel_sendpage+0xd0/0xd0 [ 46.092602] kernel_sendpage+0x60/0xd0 [ 46.096561] ? pipe_lock+0x4f/0x60 [ 46.100352] sock_sendpage+0x6d/0xd0 [ 46.104510] pipe_to_sendpage+0x212/0x430 [ 46.109259] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.114259] ? kasan_check_write+0x14/0x20 [ 46.118616] ? anon_pipe_buf_release+0x149/0x1f0 [ 46.123482] __splice_from_pipe+0x2cb/0x720 [ 46.127882] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.132804] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.138158] splice_from_pipe+0xbb/0x120 [ 46.142289] ? splice_shrink_spd+0xa0/0xa0 [ 46.146943] ? rw_verify_area+0xb8/0x2b0 [ 46.151185] generic_splice_sendpage+0x10/0x20 [ 46.155927] do_splice+0xa25/0x12b0 [ 46.160022] ? opipe_prep.part.13+0x320/0x320 [ 46.164518] ? __fget_light+0x174/0x1e0 [ 46.168487] __x64_sys_splice+0x248/0x300 [ 46.172631] do_syscall_64+0xd0/0x4e0 [ 46.176415] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 46.182252] RIP: 0033:0x461229 [ 46.185639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 46.205169] RSP: 002b:00007f55d96101a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 46.213050] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 46.220586] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 46.228520] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 46.236150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 46.243573] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d96106bc [ 46.251438] [ 46.253061] Allocated by task 3306: [ 46.256934] save_stack+0x43/0xd0 [ 46.260451] kasan_kmalloc+0xc7/0xe0 [ 46.264242] kmem_cache_alloc_trace+0x152/0x740 [ 46.269123] apparmor_file_alloc_security+0xf7/0x760 [ 46.274466] security_file_alloc+0x3a/0x70 [ 46.278782] __alloc_file+0xbf/0x2f0 [ 46.282487] alloc_empty_file+0x45/0x110 [ 46.286827] path_openat+0x106/0x2c20 [ 46.291197] do_filp_open+0x177/0x250 [ 46.295684] do_sys_open+0x1dc/0x350 [ 46.299896] __x64_sys_open+0x79/0xb0 [ 46.304216] do_syscall_64+0xd0/0x4e0 [ 46.308003] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 46.313603] [ 46.315389] Freed by task 3306: [ 46.318743] save_stack+0x43/0xd0 [ 46.322354] __kasan_slab_free+0x102/0x150 [ 46.326831] kasan_slab_free+0xe/0x10 [ 46.330791] kfree+0xcf/0x220 [ 46.334021] kzfree+0x26/0x30 [ 46.337626] apparmor_file_free_security+0x6c/0x90 [ 46.343142] security_file_free+0x3a/0x70 [ 46.347446] __fput+0x355/0x7f0 [ 46.350799] ____fput+0x9/0x10 [ 46.353975] task_work_run+0x108/0x180 [ 46.358278] exit_to_usermode_loop+0x1a9/0x200 [ 46.362953] do_syscall_64+0x413/0x4e0 [ 46.367100] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 46.372734] [ 46.374344] The buggy address belongs to the object at ffff8881e399b000 [ 46.374344] which belongs to the cache kmalloc-96 of size 96 [ 46.387512] The buggy address is located 0 bytes inside of [ 46.387512] 96-byte region [ffff8881e399b000, ffff8881e399b060) [ 46.399659] The buggy address belongs to the page: [ 46.404933] page:ffffea00078e66c0 count:1 mapcount:0 mapping:ffff8881f64004c0 index:0x0 [ 46.413509] flags: 0x2fffc0000000100(slab) [ 46.418053] raw: 02fffc0000000100 ffffea00078e6508 ffffea00078e6888 ffff8881f64004c0 [ 46.426900] raw: 0000000000000000 ffff8881e399b000 0000000100000020 0000000000000000 [ 46.435122] page dumped because: kasan: bad access detected [ 46.441006] [ 46.442610] Memory state around the buggy address: [ 46.447526] ffff8881e399af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.455128] ffff8881e399af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 46.462471] >ffff8881e399b000: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 46.470513] ^ [ 46.474383] ffff8881e399b080: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 46.482075] ffff8881e399b100: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 46.489695] ================================================================== [ 46.497585] Disabling lock debugging due to kernel taint [ 46.510600] kasan: CONFIG_KASAN_INLINE enabled [ 46.516251] kasan: GPF could be caused by NULL-ptr deref or user memory access [ 46.526579] general protection fault: 0000 [#1] PREEMPT SMP KASAN [ 46.533187] CPU: 0 PID: 6698 Comm: syz-executor.1 Tainted: G B 4.19.190-syzkaller #0 [ 46.542922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.553110] RIP: 0010:scatterwalk_copychunks+0x379/0x610 [ 46.557457] FAULT_INJECTION: forcing a failure. [ 46.557457] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 46.559086] Code: ff ff 48 89 c7 e8 07 34 2a 00 4c 89 f2 48 c1 ea 03 42 80 3c 3a 00 0f 85 a8 01 00 00 48 8d 70 08 49 89 06 48 89 f2 48 c1 ea 03 <42> 0f b6 14 3a 84 d2 74 09 80 fa 03 0f 8e 6b 01 00 00 48 8b 5d d0 [ 46.571598] CPU: 1 PID: 6710 Comm: syz-executor.3 Tainted: G B 4.19.190-syzkaller #0 [ 46.591316] RSP: 0018:ffff8881de197498 EFLAGS: 00010202 [ 46.601379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 46.607203] RAX: 0000000000000000 RBX: ffff8881db4c83ac RCX: 000000000000401d [ 46.617230] Call Trace: [ 46.624689] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff8881db4c83a0 [ 46.627356] dump_stack+0x123/0x171 [ 46.635041] RBP: ffff8881de1974f8 R08: ffffed103b760804 R09: ffffed103b760800 [ 46.638672] should_fail.cold.4+0x5/0xa [ 46.646221] R10: 0000000000000000 R11: ffff8881dbb0401c R12: 0000000000001000 [ 46.650279] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 46.657711] R13: 000000000000001d R14: ffff8881de197538 R15: dffffc0000000000 [ 46.663249] ? mark_held_locks+0x130/0x130 [ 46.670590] FS: 00007f55d9610700(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000 [ 46.675050] __alloc_pages_nodemask+0x1d5/0x710 [ 46.683534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 46.683538] CR2: 00000000200000c0 CR3: 00000001e9ab1002 CR4: 00000000001606f0 [ 46.688464] ? __lock_is_held+0xb5/0x140 [ 46.694359] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 46.701804] ? __alloc_pages_slowpath+0x25c0/0x25c0 [ 46.706220] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 46.706222] Call Trace: [ 46.706234] scatterwalk_map_and_copy+0x128/0x190 [ 46.706238] ? scatterwalk_copychunks+0x610/0x610 [ 46.706246] ? kernel_fpu_end+0xa3/0x130 [ 46.706249] ? kernel_fpu_begin+0x170/0x170 [ 46.706256] gcmaes_encrypt.constprop.15+0x81b/0xda0 [ 46.706261] ? tls_sw_sendpage+0x462/0xc00 [ 46.706266] ? inet_sendpage+0x122/0x600 [ 46.706272] ? kernel_sendpage+0x60/0xd0 [ 46.706275] ? sock_sendpage+0x6d/0xd0 [ 46.706279] ? pipe_to_sendpage+0x212/0x430 [ 46.706282] ? __splice_from_pipe+0x2cb/0x720 [ 46.706288] ? gcmaes_crypt_by_sg.constprop.16+0x1490/0x1490 [ 46.706294] ? usleep_range+0x130/0x130 [ 46.706301] ? __lock_is_held+0xb5/0x140 [ 46.713751] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 46.719203] ? __lock_is_held+0xb5/0x140 [ 46.727048] cache_grow_begin+0x91/0x8d0 [ 46.729846] generic_gcmaes_encrypt+0xfd/0x150 [ 46.734938] ? kmem_cache_alloc_node+0xaa/0x720 [ 46.739845] ? generic_gcmaes_encrypt+0xfd/0x150 [ 46.744008] kmem_cache_alloc_node+0x65b/0x720 [ 46.748388] ? helper_rfc4106_encrypt+0x450/0x450 [ 46.753487] __alloc_skb+0xa7/0x580 [ 46.757966] ? __kmalloc+0x5f1/0x770 [ 46.762291] ? skb_scrub_packet+0x3c0/0x3c0 [ 46.766603] gcmaes_wrapper_encrypt+0x109/0x180 [ 46.770753] ? _raw_spin_unlock_irq+0x60/0x80 [ 46.775313] tls_push_record+0x9ae/0x1600 [ 46.779892] ? finish_task_switch+0x14a/0x6f0 [ 46.785757] ? sk_stream_kill_queues+0x570/0x570 [ 46.789793] ? finish_task_switch+0x11c/0x6f0 [ 46.794100] tls_sw_sendpage+0x462/0xc00 [ 46.799369] sk_stream_alloc_skb+0x9e/0x810 [ 46.803420] ? tls_sw_sendmsg+0x1010/0x1010 [ 46.807799] ? tcp_send_mss+0x1d/0x220 [ 46.812631] ? pipe_lock+0x4f/0x60 [ 46.817629] do_tcp_sendpages+0x774/0x1d30 [ 46.823053] inet_sendpage+0x122/0x600 [ 46.827622] ? __lock_is_held+0xb5/0x140 [ 46.832704] ? kernel_sendpage+0xd0/0xd0 [ 46.836488] ? sk_stream_alloc_skb+0x810/0x810 [ 46.840452] kernel_sendpage+0x60/0xd0 [ 46.844839] ? __local_bh_enable_ip+0x120/0x260 [ 46.849667] ? pipe_lock+0x4f/0x60 [ 46.854412] ? __local_bh_enable_ip+0x160/0x260 [ 46.858807] sock_sendpage+0x6d/0xd0 [ 46.863450] ? kasan_check_read+0x11/0x20 [ 46.868269] pipe_to_sendpage+0x212/0x430 [ 46.873001] tcp_sendpage_locked+0x63/0xa0 [ 46.877158] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.881920] tcp_sendpage+0x37/0x50 [ 46.887195] ? kasan_check_write+0x14/0x20 [ 46.891281] inet_sendpage+0x122/0x600 [ 46.894987] ? anon_pipe_buf_release+0x149/0x1f0 [ 46.899300] ? kernel_sendpage+0xd0/0xd0 [ 46.903440] __splice_from_pipe+0x2cb/0x720 [ 46.907565] kernel_sendpage+0x60/0xd0 [ 46.911711] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.917116] ? pipe_lock+0x4f/0x60 [ 46.921247] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.926015] sock_sendpage+0x6d/0xd0 [ 46.929539] splice_from_pipe+0xbb/0x120 [ 46.935141] pipe_to_sendpage+0x212/0x430 [ 46.938838] ? splice_shrink_spd+0xa0/0xa0 [ 46.942964] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.947089] ? rw_verify_area+0xb8/0x2b0 [ 46.951492] __splice_from_pipe+0x2cb/0x720 [ 46.956841] generic_splice_sendpage+0x10/0x20 [ 46.960537] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.964855] do_splice+0xa25/0x12b0 [ 46.968730] ? generic_pipe_buf_nosteal+0x10/0x10 [ 46.973474] ? opipe_prep.part.13+0x320/0x320 [ 46.977683] splice_from_pipe+0xbb/0x120 [ 46.982078] ? __fget_light+0x174/0x1e0 [ 46.986201] ? splice_shrink_spd+0xa0/0xa0 [ 46.991279] __x64_sys_splice+0x248/0x300 [ 46.995322] ? rw_verify_area+0xb8/0x2b0 [ 47.000504] do_syscall_64+0xd0/0x4e0 [ 47.004552] generic_splice_sendpage+0x10/0x20 [ 47.009057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 47.013539] do_splice+0xa25/0x12b0 [ 47.017854] RIP: 0033:0x461229 [ 47.023042] ? opipe_prep.part.13+0x320/0x320 [ 47.027076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 47.031390] ? __fget_light+0x174/0x1e0 [ 47.036128] RSP: 002b:00007f55d96101a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 47.041121] __x64_sys_splice+0x248/0x300 [ 47.045072] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 47.050159] do_syscall_64+0xd0/0x4e0 [ 47.055002] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.059181] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 47.063560] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 47.068039] RIP: 0033:0x461229 [ 47.072266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 47.076494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 47.080329] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007f55d96106bc [ 47.085059] RSP: 002b:00007fa718de11a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 47.090317] Modules linked in: [ 47.094194] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 47.097895] FAULT_INJECTION: forcing a failure. [ 47.097895] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 47.102183] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.246026] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 47.253550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 47.261072] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa718de16bc [ 47.268798] CPU: 0 PID: 6711 Comm: syz-executor.0 Tainted: G B D 4.19.190-syzkaller #0 [ 47.278930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.288464] Call Trace: [ 47.291033] dump_stack+0x123/0x171 [ 47.294649] should_fail.cold.4+0x5/0xa [ 47.298604] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 47.303687] ? mark_held_locks+0x130/0x130 [ 47.307904] __alloc_pages_nodemask+0x1d5/0x710 [ 47.312559] ? __lock_is_held+0xb5/0x140 [ 47.316755] ? __alloc_pages_slowpath+0x25c0/0x25c0 [ 47.322434] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 47.327873] cache_grow_begin+0x91/0x8d0 [ 47.332089] ? kmem_cache_alloc_node+0xaa/0x720 [ 47.336929] kmem_cache_alloc_node+0x65b/0x720 [ 47.341839] __alloc_skb+0xa7/0x580 [ 47.345624] ? skb_scrub_packet+0x3c0/0x3c0 [ 47.350021] ? _raw_spin_unlock_irq+0x60/0x80 [ 47.354585] ? finish_task_switch+0x14a/0x6f0 [ 47.359148] ? finish_task_switch+0x11c/0x6f0 [ 47.363897] sk_stream_alloc_skb+0x9e/0x810 [ 47.368388] ? tcp_send_mss+0x1d/0x220 [ 47.372283] do_tcp_sendpages+0x774/0x1d30 [ 47.376508] ? __lock_is_held+0xb5/0x140 [ 47.380846] ? sk_stream_alloc_skb+0x810/0x810 [ 47.385766] ? __local_bh_enable_ip+0x120/0x260 [ 47.390411] ? __local_bh_enable_ip+0x160/0x260 [ 47.395309] ? kasan_check_read+0x11/0x20 [ 47.399895] tcp_sendpage_locked+0x63/0xa0 [ 47.404285] tcp_sendpage+0x37/0x50 [ 47.408080] inet_sendpage+0x122/0x600 [ 47.412219] ? kernel_sendpage+0xd0/0xd0 [ 47.416263] kernel_sendpage+0x60/0xd0 [ 47.420405] ? pipe_lock+0x4f/0x60 [ 47.424011] sock_sendpage+0x6d/0xd0 [ 47.427973] pipe_to_sendpage+0x212/0x430 [ 47.432310] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.437328] __splice_from_pipe+0x2cb/0x720 [ 47.441955] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.446849] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.452287] splice_from_pipe+0xbb/0x120 [ 47.456517] ? splice_shrink_spd+0xa0/0xa0 [ 47.461008] ? rw_verify_area+0xb8/0x2b0 [ 47.465243] generic_splice_sendpage+0x10/0x20 [ 47.470164] do_splice+0xa25/0x12b0 [ 47.473953] ? opipe_prep.part.13+0x320/0x320 [ 47.478780] ? __fget_light+0x174/0x1e0 [ 47.482883] __x64_sys_splice+0x248/0x300 [ 47.487099] do_syscall_64+0xd0/0x4e0 [ 47.491058] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 47.496262] RIP: 0033:0x461229 [ 47.499708] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 47.519475] RSP: 002b:00007fbc04df01a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 47.527388] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 47.534898] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.542253] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 47.549868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 47.557457] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fbc04df06bc [ 47.566537] FAULT_INJECTION: forcing a failure. [ 47.566537] name failslab, interval 1, probability 0, space 0, times 0 [ 47.574747] ---[ end trace 9be803e010091cc9 ]--- [ 47.584099] RIP: 0010:scatterwalk_copychunks+0x379/0x610 [ 47.588616] CPU: 0 PID: 6715 Comm: syz-executor.2 Tainted: G B D 4.19.190-syzkaller #0 [ 47.589936] Code: ff ff 48 89 c7 e8 07 34 2a 00 4c 89 f2 48 c1 ea 03 42 80 3c 3a 00 0f 85 a8 01 00 00 48 8d 70 08 49 89 06 48 89 f2 48 c1 ea 03 <42> 0f b6 14 3a 84 d2 74 09 80 fa 03 0f 8e 6b 01 00 00 48 8b 5d d0 [ 47.599344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.599346] Call Trace: [ 47.599359] dump_stack+0x123/0x171 [ 47.599367] should_fail.cold.4+0x5/0xa [ 47.599372] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 47.599378] ? lock_downgrade+0x860/0x860 [ 47.599383] ? set_page_refcounted+0x100/0x100 [ 47.599389] ? ___might_sleep+0x16b/0x270 [ 47.599395] __should_failslab+0xba/0xf0 [ 47.599399] should_failslab+0x9/0x20 [ 47.599404] kmem_cache_alloc_node_trace+0x265/0x730 [ 47.599408] ? kasan_kmalloc+0xc7/0xe0 [ 47.599414] __kmalloc_node_track_caller+0x3c/0x70 [ 47.599423] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 47.599429] __alloc_skb+0xd7/0x580 [ 47.599434] ? skb_scrub_packet+0x3c0/0x3c0 [ 47.599439] ? _raw_spin_unlock_irq+0x60/0x80 [ 47.599443] ? finish_task_switch+0x14a/0x6f0 [ 47.599447] ? finish_task_switch+0x11c/0x6f0 [ 47.599452] ? switch_mm+0x114/0x150 [ 47.599460] sk_stream_alloc_skb+0x9e/0x810 [ 47.599465] ? tcp_send_mss+0x1d/0x220 [ 47.599470] do_tcp_sendpages+0x774/0x1d30 [ 47.599474] ? lock_acquire+0x173/0x3d0 [ 47.599481] ? sk_stream_alloc_skb+0x810/0x810 [ 47.599489] ? do_softirq.part.13+0x10e/0x160 [ 47.621161] RSP: 0018:ffff8881de197498 EFLAGS: 00010202 [ 47.629121] ? lock_sock_nested+0x82/0x100 [ 47.629127] ? __local_bh_enable_ip+0x160/0x260 [ 47.629135] ? kasan_check_read+0x11/0x20 [ 47.629143] tcp_sendpage_locked+0x63/0xa0 [ 47.629147] tcp_sendpage+0x37/0x50 [ 47.629153] inet_sendpage+0x122/0x600 [ 47.629160] ? kernel_sendpage+0xd0/0xd0 [ 47.629163] kernel_sendpage+0x60/0xd0 [ 47.629168] ? pipe_lock+0x4f/0x60 [ 47.629172] sock_sendpage+0x6d/0xd0 [ 47.629177] pipe_to_sendpage+0x212/0x430 [ 47.629183] ? aa_path_link+0x420/0x420 [ 47.629189] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.632324] RAX: 0000000000000000 RBX: ffff8881db4c83ac RCX: 000000000000401d [ 47.635883] ? mark_held_locks+0x130/0x130 [ 47.635891] ? map_files_get_link+0x370/0x370 [ 47.635896] ? __fdget_pos+0xa7/0xd0 [ 47.635901] __splice_from_pipe+0x2cb/0x720 [ 47.635905] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.635910] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.635914] splice_from_pipe+0xbb/0x120 [ 47.635918] ? splice_shrink_spd+0xa0/0xa0 [ 47.635925] ? rw_verify_area+0xb8/0x2b0 [ 47.635929] generic_splice_sendpage+0x10/0x20 [ 47.635932] do_splice+0xa25/0x12b0 [ 47.635939] ? opipe_prep.part.13+0x320/0x320 [ 47.635943] ? __fget_light+0x174/0x1e0 [ 47.635947] __x64_sys_splice+0x248/0x300 [ 47.635954] do_syscall_64+0xd0/0x4e0 [ 47.635962] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 47.640992] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff8881db4c83a0 [ 47.645130] RIP: 0033:0x461229 [ 47.645134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 47.645137] RSP: 002b:00007fa4ad6f31a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 47.645142] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 47.645144] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.645146] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 47.645149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 47.645151] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad6f36bc [ 47.695530] FAULT_INJECTION: forcing a failure. [ 47.695530] name failslab, interval 1, probability 0, space 0, times 0 [ 47.709424] RBP: ffff8881de1974f8 R08: ffffed103b760804 R09: ffffed103b760800 [ 47.730990] CPU: 0 PID: 6704 Comm: syz-executor.5 Tainted: G B D 4.19.190-syzkaller #0 [ 47.732529] R10: 0000000000000000 R11: ffff8881dbb0401c R12: 0000000000001000 [ 47.736433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 47.736435] Call Trace: [ 47.736448] dump_stack+0x123/0x171 [ 47.736455] should_fail.cold.4+0x5/0xa [ 47.736462] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 47.736467] ? lock_downgrade+0x860/0x860 [ 47.736473] ? set_page_refcounted+0x100/0x100 [ 47.736480] ? ___might_sleep+0x16b/0x270 [ 47.741511] R13: 000000000000001d R14: ffff8881de197538 R15: dffffc0000000000 [ 47.747236] __should_failslab+0xba/0xf0 [ 47.747243] should_failslab+0x9/0x20 [ 47.747249] kmem_cache_alloc_node_trace+0x265/0x730 [ 47.747253] ? kasan_kmalloc+0xc7/0xe0 [ 47.747258] __kmalloc_node_track_caller+0x3c/0x70 [ 47.747266] __kmalloc_reserve.isra.39+0x2c/0xc0 [ 47.747272] __alloc_skb+0xd7/0x580 [ 47.747276] ? skb_scrub_packet+0x3c0/0x3c0 [ 47.747281] ? _raw_spin_unlock_irq+0x60/0x80 [ 47.747288] ? finish_task_switch+0x14a/0x6f0 [ 47.747291] ? finish_task_switch+0x11c/0x6f0 [ 47.747299] sk_stream_alloc_skb+0x9e/0x810 [ 47.747303] ? tcp_send_mss+0x1d/0x220 [ 47.747308] do_tcp_sendpages+0x774/0x1d30 [ 47.747312] ? lock_acquire+0x173/0x3d0 [ 47.747319] ? sk_stream_alloc_skb+0x810/0x810 [ 47.747324] ? __local_bh_enable_ip+0x120/0x260 [ 47.747326] ? __local_bh_enable_ip+0x160/0x260 [ 47.747331] ? kasan_check_read+0x11/0x20 [ 47.747336] tcp_sendpage_locked+0x63/0xa0 [ 47.747342] tcp_sendpage+0x37/0x50 [ 47.759554] FS: 00007f55d9610700(0000) GS:ffff8881f6900000(0000) knlGS:0000000000000000 [ 47.760898] inet_sendpage+0x122/0x600 [ 47.760907] ? kernel_sendpage+0xd0/0xd0 [ 47.760912] kernel_sendpage+0x60/0xd0 [ 47.760918] ? pipe_lock+0x4f/0x60 [ 47.760924] sock_sendpage+0x6d/0xd0 [ 47.767057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.769122] pipe_to_sendpage+0x212/0x430 [ 47.769130] ? aa_path_link+0x420/0x420 [ 47.769134] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.769139] ? mark_held_locks+0x130/0x130 [ 47.769146] ? map_files_get_link+0x370/0x370 [ 47.774488] CR2: 00007f7a9f4b7008 CR3: 00000001e9ab1002 CR4: 00000000001606e0 [ 47.777063] ? __fdget_pos+0xa7/0xd0 [ 47.777071] __splice_from_pipe+0x2cb/0x720 [ 47.777076] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.777081] ? generic_pipe_buf_nosteal+0x10/0x10 [ 47.777085] splice_from_pipe+0xbb/0x120 [ 47.777089] ? splice_shrink_spd+0xa0/0xa0 [ 47.781217] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.784787] ? rw_verify_area+0xb8/0x2b0 [ 47.784793] generic_splice_sendpage+0x10/0x20 [ 47.784798] do_splice+0xa25/0x12b0 [ 47.784806] ? opipe_prep.part.13+0x320/0x320 [ 47.784812] ? __fget_light+0x174/0x1e0 [ 47.784816] __x64_sys_splice+0x248/0x300 [ 47.784823] do_syscall_64+0xd0/0x4e0 [ 47.784831] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 47.784835] RIP: 0033:0x461229 [ 47.784840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 47.784842] RSP: 002b:00007fb44f9d41a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 47.784846] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 47.784848] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 47.784850] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 47.784851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 47.784854] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fb44f9d46bc [ 47.819951] FAULT_INJECTION: forcing a failure. [ 47.819951] name failslab, interval 1, probability 0, space 0, times 0 [ 47.828428] FAULT_INJECTION: forcing a failure. [ 47.828428] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 47.834062] CPU: 0 PID: 6725 Comm: syz-executor.2 Tainted: G B D 4.19.190-syzkaller #0 [ 48.379681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.389222] Call Trace: [ 48.392081] dump_stack+0x123/0x171 [ 48.395886] should_fail.cold.4+0x5/0xa [ 48.400103] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 48.405549] ? lock_downgrade+0x860/0x860 [ 48.410050] ? set_page_refcounted+0x100/0x100 [ 48.414882] ? ___might_sleep+0x16b/0x270 [ 48.419658] __should_failslab+0xba/0xf0 [ 48.423876] should_failslab+0x9/0x20 [ 48.427762] __kmalloc+0x2dd/0x770 [ 48.431458] ? tls_push_record+0xff/0x1600 [ 48.436116] ? __sk_mem_schedule+0x5f/0xc0 [ 48.440623] tls_push_record+0xff/0x1600 [ 48.444942] tls_sw_sendpage+0x462/0xc00 [ 48.449071] ? _kstrtoull+0xa0/0x1b0 [ 48.453028] ? tls_sw_sendmsg+0x1010/0x1010 [ 48.457685] inet_sendpage+0x122/0x600 [ 48.461847] ? kernel_sendpage+0xd0/0xd0 [ 48.465892] kernel_sendpage+0x60/0xd0 [ 48.469849] ? pipe_lock+0x4f/0x60 [ 48.473370] sock_sendpage+0x6d/0xd0 [ 48.477281] pipe_to_sendpage+0x212/0x430 [ 48.481498] ? aa_path_link+0x420/0x420 [ 48.485537] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.490558] ? mark_held_locks+0x130/0x130 [ 48.495324] ? kasan_check_write+0x14/0x20 [ 48.499800] ? anon_pipe_buf_release+0x149/0x1f0 [ 48.504629] __splice_from_pipe+0x2cb/0x720 [ 48.509341] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.514711] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.519621] splice_from_pipe+0xbb/0x120 [ 48.523838] ? splice_shrink_spd+0xa0/0xa0 [ 48.528081] ? rw_verify_area+0xb8/0x2b0 [ 48.532226] generic_splice_sendpage+0x10/0x20 [ 48.537457] do_splice+0xa25/0x12b0 [ 48.541713] ? opipe_prep.part.13+0x320/0x320 [ 48.546363] ? __fget_light+0x174/0x1e0 [ 48.550403] __x64_sys_splice+0x248/0x300 [ 48.554665] do_syscall_64+0xd0/0x4e0 [ 48.558573] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 48.564002] RIP: 0033:0x461229 [ 48.567350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 48.587031] RSP: 002b:00007fa4ad7141a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 48.594726] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 0000000000461229 [ 48.602394] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 48.609887] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 48.617400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 48.626135] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fa4ad7146bc [ 48.633949] CPU: 1 PID: 6721 Comm: syz-executor.4 Tainted: G B D 4.19.190-syzkaller #0 [ 48.637844] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 48.643913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 48.643916] Call Trace: [ 48.643928] dump_stack+0x123/0x171 [ 48.643934] should_fail.cold.4+0x5/0xa [ 48.643941] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 48.643946] ? mark_held_locks+0x130/0x130 [ 48.643952] ? kasan_unpoison_shadow+0x35/0x50 [ 48.643959] __alloc_pages_nodemask+0x1d5/0x710 [ 48.643965] ? __alloc_pages_slowpath+0x25c0/0x25c0 [ 48.651562] Kernel panic - not syncing: Fatal exception [ 48.662022] ? fault_create_debugfs_attr+0x1a0/0x1a0 [ 48.708115] cache_grow_begin+0x91/0x8d0 [ 48.712719] ? kmem_cache_alloc_node+0xaa/0x720 [ 48.717912] kmem_cache_alloc_node+0x65b/0x720 [ 48.722487] __alloc_skb+0xa7/0x580 [ 48.726639] ? skb_scrub_packet+0x3c0/0x3c0 [ 48.731035] ? kasan_check_write+0x14/0x20 [ 48.735437] ? finish_task_switch+0x1a4/0x6f0 [ 48.740010] sk_stream_alloc_skb+0x9e/0x810 [ 48.744497] ? tcp_send_mss+0x1d/0x220 [ 48.748463] do_tcp_sendpages+0x774/0x1d30 [ 48.752790] ? lock_acquire+0x173/0x3d0 [ 48.756921] ? sk_stream_alloc_skb+0x810/0x810 [ 48.761578] ? __local_bh_enable_ip+0x120/0x260 [ 48.766498] ? __local_bh_enable_ip+0x160/0x260 [ 48.771147] ? kasan_check_read+0x11/0x20 [ 48.775630] tcp_sendpage_locked+0x63/0xa0 [ 48.779937] tcp_sendpage+0x37/0x50 [ 48.783636] inet_sendpage+0x122/0x600 [ 48.787703] ? kernel_sendpage+0xd0/0xd0 [ 48.792106] kernel_sendpage+0x60/0xd0 [ 48.796333] ? pipe_lock+0x4f/0x60 [ 48.800042] sock_sendpage+0x6d/0xd0 [ 48.803837] pipe_to_sendpage+0x212/0x430 [ 48.808077] ? aa_path_link+0x420/0x420 [ 48.812126] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.817130] ? mark_held_locks+0x130/0x130 [ 48.821530] ? map_files_get_link+0x370/0x370 [ 48.826266] ? __fdget_pos+0xa7/0xd0 [ 48.830059] __splice_from_pipe+0x2cb/0x720 [ 48.834493] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.839463] ? generic_pipe_buf_nosteal+0x10/0x10 [ 48.844652] splice_from_pipe+0xbb/0x120 [ 48.849092] ? splice_shrink_spd+0xa0/0xa0 [ 48.853400] ? rw_verify_area+0xb8/0x2b0 [ 48.857541] generic_splice_sendpage+0x10/0x20 [ 48.862289] do_splice+0xa25/0x12b0 [ 48.866190] ? opipe_prep.part.13+0x320/0x320 [ 48.870781] ? __fget_light+0x174/0x1e0 [ 48.874827] __x64_sys_splice+0x248/0x300 [ 48.879080] do_syscall_64+0xd0/0x4e0 [ 48.883457] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 48.889152] RIP: 0033:0x461229 [ 48.892330] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 [ 48.912394] RSP: 002b:00007fce360ad1a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000113 [ 48.920181] RAX: ffffffffffffffda RBX: 000000000052bfa8 RCX: 0000000000461229 [ 48.927699] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000003 [ 48.938441] RBP: 0000000000000001 R08: 000000011d100000 R09: 0000000000000000 [ 48.945784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 48.953222] R13: 00000000004f8ff8 R14: 00000000004b500d R15: 00007fce360ad6bc [ 48.963682] Kernel Offset: disabled [ 48.967310] Rebooting in 86400 seconds..