1
Unable to handle kernel access to user memory outside uaccess routines at virtual address 000000000000000f
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
user pgtable: 4k pages, 39-bit VAs, pgdp=000000011a585000
[000000000000000f] pgd=080000011f80a003, p4d=080000011f80a003, pud=080000011f80a003, pmd=0000000000000000
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in: pptp(E) l2tp_ppp(E) r8153_ecm(E) cdc_ncm(E) hci_uart(E) btusb(E) pppox(E) bsd_comp(E) ppp_mppe(E) ppp_deflate(E) cdc_eem(E) ax88179_178a(E) aqc111(E) asix(E) cdc_ether(E) btqca(E) hidp(E) btsdio(E) btbcm(E) btintel(E) rfcomm(E) btrtl(E) clk_test(E) ptp(E) tipc_diag(E) ieee802154_socket(E) ieee802154_6lowpan(E) mac802154(E) nhc_hop(E) nhc_udp(E) nhc_routing(E) nhc_fragment(E) nhc_ipv6(E) nhc_dest(E) nhc_mobility(E) ppp_generic(E) regmap_kunit(E) usbnet(E) r8152(E) bluetooth(E) nfc(E) ftdi_sio(E) vcan(E) slcan(E) zram(E) can_bcm(E) can_raw(E) can_gw(E) soc_utils_test(E) platform_test(E) clk_gate_test(E) dev_addr_lists_test(E) kunit_example_test(E) input_test(E) kunit_test(E) time_test(E) hid_uclogic_test(E) lib_test(E) iio_test_format(E) soc_topology_test(E) of_kunit_helpers(E) ext4_inode_test(E) fat_test(E) clk_kunit_helpers(E) cdc_acm(E) vcpu_stall_detector(E) wwan(E) kheaders(E) gnss(E) rtl8150(E) 8021q(E) pps_core(E) libarc4(E) virtio_balloon(E) usbmon(E) pwrseq_core(E) tipc(E)
cctrng(E) macsec(E) ieee802154(E) vmw_vsock_virtio_transport(E) 6lowpan(E) tls(E) l2tp_core(E) slhc(E) gzvm(E) regmap_ram(E) mii(E) rfkill(E) usbserial(E) regmap_raw_ram(E) can_dev(E) zsmalloc(E) can(E) open_dice(E) kunit(E)
CPU: 2 UID: 0 PID: 4577 Comm: syz.8.1528 Tainted: G E 6.12.18-android16-1-maybe-dirty-4k #1 1a4d89424bff5a9a16ff5f65913aeb3550a34f57
Tainted: [E]=UNSIGNED_MODULE
Hardware name: linux,dummy-virt (DT)
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : traverse_mounts proc/self/cwd/common/fs/namei.c:1459 [inline]
pc : handle_mounts proc/self/cwd/common/fs/namei.c:1571 [inline]
pc : step_into+0x60/0x54c proc/self/cwd/common/fs/namei.c:1891
lr : handle_mounts proc/self/cwd/common/fs/namei.c:1560 [inline]
lr : step_into+0x60/0x54c proc/self/cwd/common/fs/namei.c:1891
sp : ffffffc087363aa0
x29: ffffffc087363ac0 x28: ffffff80dae8bd00 x27: fefefefefefefeff
x26: 0000800000000000 x25: ffffff80c184202e x24: ffffffc082faefc8
x23: 000000000000000f x22: 0000000000000013 x21: 000000000000000f
x20: 0000000000000002 x19: ffffffc087363bc0 x18: ffffffc0a2279058
x17: 000000008c623181 x16: 000000008c623181 x15: 0000000000000000
x14: 0000000000000106 x13: ffffffc083bef000 x12: ffffff80dae8c980
x11: 0000000000080000 x10: 0000000000001eea x9 : ffffffc0a584f000
x8 : 0000000000001eeb x7 : ffffffc0802609f4 x6 : 0000000000000000
x5 : 0000000000000001 x4 : 0000000000000001 x3 : 0000000000000000
x2 : 000000000000000f x1 : 0000000000000000 x0 : 0000000000000000
Call trace:
handle_mounts proc/self/cwd/common/fs/namei.c:1560 [inline]
step_into+0x60/0x54c proc/self/cwd/common/fs/namei.c:1891
walk_component proc/self/cwd/common/fs/namei.c:2059 [inline]
link_path_walk+0x38c/0x5cc proc/self/cwd/common/fs/namei.c:2418
path_lookupat+0x54/0x20c proc/self/cwd/common/fs/namei.c:2579
filename_lookup+0xf4/0x25c proc/self/cwd/common/fs/namei.c:2609
user_path_at+0x50/0x13c proc/self/cwd/common/fs/namei.c:3016
__do_sys_pivot_root proc/self/cwd/common/fs/namespace.c:4353 [inline]
__se_sys_pivot_root proc/self/cwd/common/fs/namespace.c:4342 [inline]
__arm64_sys_pivot_root+0x78/0x4c8 proc/self/cwd/common/fs/namespace.c:4342
__invoke_syscall proc/self/cwd/common/arch/arm64/kernel/syscall.c:35 [inline]
invoke_syscall+0x7c/0x17c proc/self/cwd/common/arch/arm64/kernel/syscall.c:49
el0_svc_common+0xb4/0x168 proc/self/cwd/common/arch/arm64/kernel/syscall.c:132
do_el0_svc+0x2c/0x3c proc/self/cwd/common/arch/arm64/kernel/syscall.c:151
el0_svc+0x50/0xac proc/self/cwd/common/arch/arm64/kernel/entry-common.c:715
el0t_64_sync_handler+0x70/0xbc proc/self/cwd/common/arch/arm64/kernel/entry-common.c:733
el0t_64_sync+0x1a8/0x1ac proc/self/cwd/common/arch/arm64/kernel/entry.S:598
Code: a90057e8 97f22a0d 373001f6 97f228f6 (88dffeb5)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: a90057e8 stp x8, x21, [sp]
4: 97f22a0d bl 0xffffffffffc8a838
8: 373001f6 tbnz w22, #6, 0x44
c: 97f228f6 bl 0xffffffffffc8a3e4
* 10: 88dffeb5 ldar w21, [x21] <-- trapping instruction
For immediate assistance, please email our customer support: [email protected]