last executing test programs: 1h6m19.458521233s ago: executing program 0 (id=854): r0 = syz_open_dev$loop(&(0x7f0000002bc0), 0x7, 0x143080) ioctl$IOC_PR_REGISTER(r0, 0x401870c8, 0x0) 1h6m18.931538845s ago: executing program 0 (id=855): r0 = socket$packet(0x11, 0x2, 0x300) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000ce34000000000000000000850000002f00000095"], &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000280)=r1, 0x4) r2 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, 0x0, 0x0) capset(0x0, 0x0) syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x59}}}}}}}, 0x0) 1h6m18.29164396s ago: executing program 0 (id=857): r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01) ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f00000006c0)=""/116) 1h6m18.080561889s ago: executing program 0 (id=858): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) unshare(0x0) mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0) 1h6m17.842338358s ago: executing program 0 (id=860): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f00000000c0)=0x4d, 0x4) getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000040)=""/18, &(0x7f0000000440)=0xfd3a) 1h6m17.342080118s ago: executing program 0 (id=861): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r3, 0x0, r1}, 0x10) 1h6m17.340277589s ago: executing program 32 (id=861): r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80) r1 = bpf$ITER_CREATE(0xb, &(0x7f00000004c0)={r0}, 0x8) close(r1) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000000)={r1, r3, 0x0, r1}, 0x10) 37.467620095s ago: executing program 2 (id=6184): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000400000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe26}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18) timerfd_gettime(0xffffffffffffffff, 0x0) 35.010095304s ago: executing program 2 (id=6185): bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18) sync() 31.688885977s ago: executing program 2 (id=6187): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x8, 0x248}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x4c, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff}) connect$unix(r2, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x6e) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x18) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000f80)=@newtaction={0x90, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x7c, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x14}]}, {0x4}, {0xc}, {0xc}}}, @m_nat={0x2c, 0x2, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x90}}, 0x0) bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4) r4 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401) ioctl$USBDEVFS_CONTROL(r4, 0xc0185500, &(0x7f00000006c0)={0x2, 0xf, 0x4, 0xff81, 0x3f00, 0x5, 0x0}) socket$nl_netfilter(0x10, 0x3, 0xc) bind$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x4e21, 0xb, @empty}, 0x1c) 30.028076384s ago: executing program 2 (id=6188): bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r2 = userfaultfd(0x80001) r3 = socket(0x10, 0x3, 0x0) write(r3, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x44}) readv(r2, &(0x7f0000002140)=[{&(0x7f00000000c0)=""/4096, 0x1000}], 0x1) bpf$PROG_LOAD(0x5, 0x0, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe2, 0x1}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10) 25.578212463s ago: executing program 2 (id=6191): r0 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$ethtool(0x0, r0) socketpair(0x1, 0x80001, 0x0, 0x0) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x0, 0xff, 0x64, 0x7, 0x0, @dev, @private1={0xfc, 0x1, '\x00', 0x1}, 0x0, 0x8000, 0xfffffffe}}) 24.736819586s ago: executing program 2 (id=6192): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000b40)={&(0x7f0000001040)=ANY=[@ANYBLOB="f00000001e0020000000000000000000ffffffff000000000000000000000000fe8000"/51, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e00000020000000000000000000000000000000032000000"], 0xf0}}, 0x0) r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) sendmsg$unix(r0, &(0x7f00000000c0)={&(0x7f0000000200)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x4040801}, 0x20008840) setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x7, 0x4) recvmmsg(r0, &(0x7f0000000c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/57, 0x39}, 0x8}], 0x3ffffffffffff2e, 0x1000400000de, 0x0) 9.47920649s ago: executing program 1 (id=6194): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x4b4, 0x7b1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x10, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x40}}}}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000600)={0x24, 0x0, 0x0, &(0x7f0000000540)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x8, '-'}, @global=@item_4={0x3, 0x1, 0x3, "e6fdf4f8"}]}}, 0x0}, 0x0) 9.21063234s ago: executing program 1 (id=6195): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x58, 0x4, 0x5}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaf) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b702000008000000bfa300000000000007030000ffffffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000000000095000000000000006623848adf1dc9a764ab51a064caff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b81ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6b6981978d51514b00dcc4a2748b376358c33c9753beab62bdf27dc04e4cb4bc598affd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b770009524edd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd88345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1757b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c35af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d9900000011000003971b32fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d677d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc37e5aa23bff8cce0600000000000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68f536a03353a55a8a8e176e5d48887d31c8e0f77f2c1e68ec7c01bd5a2028a8fc107007f5f4c67600a6ade3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d9029f071fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2020ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a017ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f6c3652c423ce6ecc1be5d4e8133fc32f68ea86a2df1e7df98a0ae216c405d0ae9eed114ff2d6fe27dfdff1cf9194849c4cc0da9533e5983863e526a7dc0d8728f3b573ca4427bdb44df9341e9b8420e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9467b51d92e0993af4beaf1f3d47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c27c318475802e2c62681bd1a331422a6e47bbd40857d52c4894944fae5c5000000000000000000000000e0c47613e950b6aefeae054fc723f62ac7d13941de11b018f1f48ac50335df91c771729f81929128135b2803562c1171ee00a3f4a31281aa363e087d53d86dd85e3ff979a7e72d16fdd7e1a0f07a1c8e6085d280d760f74975ceb3a5be6cfb4da8e0aeb769b8b75f4aad803ed77d34872eed2711aa40a3b38099dc2752e8ec9b520faf39e416752aa0830206736570f5d41a4df848c9052551cf8dcb1be000000000eb2577188e8e96bd825d462350905d3eb916b397d2a46a64081e85661d7a5a2716cc87cb1976d15d9b6418e94f165911803e43830432226c660f4da67bb7c8ceb3755c07197d8b80b8d16b12c2ec63bebe107aa2350a7ae564bf69a6c52a2da1496016dd66a1c1b112"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0x0, 0x22, 0x0, &(0x7f0000000140)="3d6ee2e04b91ab10143d9abe86dd", 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 7.939410961s ago: executing program 1 (id=6196): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x800001, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000640)={{0x4000, 0xd000, 0xc, 0x7f, 0x2, 0x6, 0x5, 0x42, 0x81, 0x16, 0xfb, 0x1}, {0xeeef0000, 0x4, 0x3, 0x3, 0x2, 0x0, 0xff, 0x6, 0x2, 0x9, 0x0, 0x9a}, {0x4000, 0x6f364f2923427ed4, 0x3, 0x2, 0x5, 0x2, 0xdf, 0xe, 0x80, 0x80, 0x10, 0x9b}, {0x3b388001, 0x2, 0x9, 0x3, 0x5, 0x8, 0x34, 0xad, 0xb, 0x4, 0x1, 0x52}, {0xeeef0000, 0x5000, 0x8, 0x2a, 0x6, 0x10, 0xa, 0x6, 0x5, 0x52, 0x2, 0x7f}, {0xeeee8000, 0xf62821169c11503e, 0x0, 0x4, 0x8, 0x30, 0x8, 0x28, 0x2, 0x2, 0x81, 0x6}, {0x80a0000, 0x100000, 0x8, 0x80, 0xa1, 0x8, 0x4, 0xc, 0x8, 0x2, 0xb, 0xf9}, {0xeeee0000, 0xdddd1000, 0xd, 0x8e, 0x3, 0x6, 0x0, 0xb, 0x3, 0x6, 0x9}, {0x4000, 0x200}, {0xdddd0000, 0x1ff}, 0xa0000010, 0x0, 0xeeef0000, 0x200000, 0xa, 0x4401, 0xdddd1000, [0x27, 0x8, 0x1fc000000, 0x8]}) 7.617509334s ago: executing program 1 (id=6197): bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) write$cgroup_int(0xffffffffffffffff, &(0x7f00000003c0)=0x1000, 0x12) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="480000000203010800000000000000000500000a09000200fffffffe02000000090002000000000a0000000008000340f50000000800010001000028090002ecffffff07"], 0x48}, 0x1, 0x0, 0x0, 0x410}, 0x8000) syz_clone3(&(0x7f00000009c0)={0x105104000, 0x0, 0x0, 0x0, {0x36}, 0x0, 0x0, 0x0, 0x0}, 0x58) r5 = bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 388.830664ms ago: executing program 1 (id=6198): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) 0s ago: executing program 1 (id=6199): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_int(r3, 0x0, 0x96676e7eb14b4b45, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r4 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xfc}}, 0x0) r5 = socket(0x2, 0x3, 0x6) bind$inet(r5, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10) sendto$inet(r5, 0x0, 0x0, 0x48812, &(0x7f0000000000)={0x2, 0x0, @broadcast}, 0x10) kernel console output (not intermixed with test programs): : linux,dummy-virt (DT) [ 2646.837243][T14745] Call trace: [ 2646.837346][T14745] show_stack+0x18/0x24 (C) [ 2646.837609][T14745] dump_stack_lvl+0x78/0x90 [ 2646.837868][T14745] dump_stack+0x18/0x24 [ 2646.838136][T14745] should_fail_ex+0x1dc/0x234 [ 2646.838380][T14745] should_fail+0x14/0x24 [ 2646.838624][T14745] should_fail_usercopy+0x1c/0x28 [ 2646.838882][T14745] _inline_copy_from_user+0x24/0xb0 [ 2646.839121][T14745] copy_msghdr_from_user+0x54/0xcc [ 2646.839394][T14745] ___sys_sendmsg+0x8c/0x100 [ 2646.839571][T14745] __sys_sendmsg+0x98/0xf8 [ 2646.839726][T14745] __arm64_sys_sendmsg+0x24/0x30 [ 2646.839858][T14745] invoke_syscall+0x48/0x110 [ 2646.840017][T14745] el0_svc_common.constprop.0+0x40/0xe0 [ 2646.840175][T14745] do_el0_svc+0x1c/0x28 [ 2646.840358][T14745] el0_svc+0x34/0x10c [ 2646.840540][T14745] el0t_64_sync_handler+0xa0/0xe4 [ 2646.840673][T14745] el0t_64_sync+0x1a4/0x1a8 [ 2649.190928][T14756] input: syz0 as /devices/virtual/input/input39 [ 2658.337336][T14787] fuse: Unknown parameter 'grou00000000000000000000' [ 2662.940235][T14812] fuse: Unknown parameter 'grou00000000000000000000' [ 2663.611344][T14822] fuse: Unknown parameter 'grou00000000000000000000' [ 2666.604977][T14834] fuse: Unknown parameter 'group_i00000000000000000000' [ 2667.839084][T14844] fuse: Unknown parameter 'group_i00000000000000000000' [ 2669.042762][T14858] fuse: Unknown parameter 'group_i00000000000000000000' [ 2669.554147][T14865] FAULT_INJECTION: forcing a failure. [ 2669.554147][T14865] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2669.554720][T14865] CPU: 0 UID: 0 PID: 14865 Comm: syz.1.3926 Not tainted syzkaller #0 PREEMPT [ 2669.555029][T14865] Hardware name: linux,dummy-virt (DT) [ 2669.555161][T14865] Call trace: [ 2669.555282][T14865] show_stack+0x18/0x24 (C) [ 2669.555799][T14865] dump_stack_lvl+0x78/0x90 [ 2669.556096][T14865] dump_stack+0x18/0x24 [ 2669.556401][T14865] should_fail_ex+0x1dc/0x234 [ 2669.556664][T14865] should_fail+0x14/0x24 [ 2669.556920][T14865] should_fail_usercopy+0x1c/0x28 [ 2669.557327][T14865] _inline_copy_from_user+0x24/0xb0 [ 2669.557561][T14865] kvm_arch_vcpu_ioctl+0x2e4/0x8c8 [ 2669.557789][T14865] kvm_vcpu_ioctl+0x53c/0x878 [ 2669.558174][T14865] __arm64_sys_ioctl+0xac/0x104 [ 2669.558457][T14865] invoke_syscall+0x48/0x110 [ 2669.558773][T14865] el0_svc_common.constprop.0+0x40/0xe0 [ 2669.559041][T14865] do_el0_svc+0x1c/0x28 [ 2669.559299][T14865] el0_svc+0x34/0x10c [ 2669.559565][T14865] el0t_64_sync_handler+0xa0/0xe4 [ 2669.559807][T14865] el0t_64_sync+0x1a4/0x1a8 [ 2670.548801][T14870] fuse: Unknown parameter 'group_id00000000000000000000' [ 2672.522241][T14881] fuse: Unknown parameter 'group_id00000000000000000000' [ 2672.860066][T14885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2672.877495][T14885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2672.913800][T14885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2672.916545][T14885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2672.945118][T14885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2672.950231][T14885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2672.986337][T14885] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2672.988835][T14885] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2673.675972][T14892] input: syz0 as /devices/virtual/input/input41 [ 2674.204929][T14894] fuse: Unknown parameter 'group_id00000000000000000000' [ 2685.464194][T14921] vxcan1: entered allmulticast mode [ 2712.208665][T15064] FAULT_INJECTION: forcing a failure. [ 2712.208665][T15064] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2712.209455][T15064] CPU: 0 UID: 0 PID: 15064 Comm: syz.2.4000 Not tainted syzkaller #0 PREEMPT [ 2712.209764][T15064] Hardware name: linux,dummy-virt (DT) [ 2712.209896][T15064] Call trace: [ 2712.210011][T15064] show_stack+0x18/0x24 (C) [ 2712.210344][T15064] dump_stack_lvl+0x78/0x90 [ 2712.210584][T15064] dump_stack+0x18/0x24 [ 2712.210820][T15064] should_fail_ex+0x1dc/0x234 [ 2712.211061][T15064] should_fail+0x14/0x24 [ 2712.211322][T15064] should_fail_usercopy+0x1c/0x28 [ 2712.211607][T15064] simple_read_from_buffer+0x5c/0x138 [ 2712.211864][T15064] proc_fail_nth_read+0xac/0x134 [ 2712.212120][T15064] vfs_read+0xc0/0x318 [ 2712.212357][T15064] ksys_read+0x6c/0x100 [ 2712.212760][T15064] __arm64_sys_read+0x1c/0x28 [ 2712.213050][T15064] invoke_syscall+0x48/0x110 [ 2712.213311][T15064] el0_svc_common.constprop.0+0x40/0xe0 [ 2712.213530][T15064] do_el0_svc+0x1c/0x28 [ 2712.213759][T15064] el0_svc+0x34/0x10c [ 2712.213983][T15064] el0t_64_sync_handler+0xa0/0xe4 [ 2712.214250][T15064] el0t_64_sync+0x1a4/0x1a8 [ 2713.219076][T15076] FAULT_INJECTION: forcing a failure. [ 2713.219076][T15076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2713.223976][T15076] CPU: 0 UID: 0 PID: 15076 Comm: syz.1.4005 Not tainted syzkaller #0 PREEMPT [ 2713.224310][T15076] Hardware name: linux,dummy-virt (DT) [ 2713.224439][T15076] Call trace: [ 2713.224543][T15076] show_stack+0x18/0x24 (C) [ 2713.224828][T15076] dump_stack_lvl+0x78/0x90 [ 2713.225096][T15076] dump_stack+0x18/0x24 [ 2713.225331][T15076] should_fail_ex+0x1dc/0x234 [ 2713.225584][T15076] should_fail+0x14/0x24 [ 2713.225873][T15076] should_fail_usercopy+0x1c/0x28 [ 2713.226157][T15076] simple_read_from_buffer+0x5c/0x138 [ 2713.226396][T15076] proc_fail_nth_read+0xac/0x134 [ 2713.226676][T15076] vfs_read+0xc0/0x318 [ 2713.226902][T15076] ksys_read+0x6c/0x100 [ 2713.227173][T15076] __arm64_sys_read+0x1c/0x28 [ 2713.227417][T15076] invoke_syscall+0x48/0x110 [ 2713.227683][T15076] el0_svc_common.constprop.0+0x40/0xe0 [ 2713.228041][T15076] do_el0_svc+0x1c/0x28 [ 2713.228283][T15076] el0_svc+0x34/0x10c [ 2713.228591][T15076] el0t_64_sync_handler+0xa0/0xe4 [ 2713.228923][T15076] el0t_64_sync+0x1a4/0x1a8 [ 2721.775316][T15108] FAULT_INJECTION: forcing a failure. [ 2721.775316][T15108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2721.775821][T15108] CPU: 0 UID: 0 PID: 15108 Comm: syz.2.4015 Not tainted syzkaller #0 PREEMPT [ 2721.776125][T15108] Hardware name: linux,dummy-virt (DT) [ 2721.776243][T15108] Call trace: [ 2721.776332][T15108] show_stack+0x18/0x24 (C) [ 2721.776585][T15108] dump_stack_lvl+0x78/0x90 [ 2721.776836][T15108] dump_stack+0x18/0x24 [ 2721.776981][T15108] should_fail_ex+0x1dc/0x234 [ 2721.777139][T15108] should_fail+0x14/0x24 [ 2721.777288][T15108] should_fail_usercopy+0x1c/0x28 [ 2721.777423][T15108] _inline_copy_from_user+0x24/0xb0 [ 2721.777611][T15108] move_addr_to_kernel+0x44/0xbc [ 2721.777767][T15108] __copy_msghdr+0xd0/0xf0 [ 2721.777940][T15108] copy_msghdr_from_user+0x68/0xcc [ 2721.778142][T15108] ___sys_sendmsg+0x8c/0x100 [ 2721.778298][T15108] __sys_sendmsg+0x98/0xf8 [ 2721.778453][T15108] __arm64_sys_sendmsg+0x24/0x30 [ 2721.778589][T15108] invoke_syscall+0x48/0x110 [ 2721.778727][T15108] el0_svc_common.constprop.0+0x40/0xe0 [ 2721.778883][T15108] do_el0_svc+0x1c/0x28 [ 2721.779041][T15108] el0_svc+0x34/0x10c [ 2721.779195][T15108] el0t_64_sync_handler+0xa0/0xe4 [ 2721.779345][T15108] el0t_64_sync+0x1a4/0x1a8 [ 2727.686501][T15137] block nbd1: shutting down sockets [ 2733.781422][T15175] 8021q: VLANs not supported on tunl0 [ 2742.507458][T15239] input: syz0 as /devices/virtual/input/input44 [ 2755.443157][T15265] FAULT_INJECTION: forcing a failure. [ 2755.443157][T15265] name failslab, interval 1, probability 0, space 0, times 0 [ 2755.447874][T15265] CPU: 1 UID: 0 PID: 15265 Comm: syz.1.4070 Not tainted syzkaller #0 PREEMPT [ 2755.448252][T15265] Hardware name: linux,dummy-virt (DT) [ 2755.448382][T15265] Call trace: [ 2755.448485][T15265] show_stack+0x18/0x24 (C) [ 2755.448809][T15265] dump_stack_lvl+0x78/0x90 [ 2755.449067][T15265] dump_stack+0x18/0x24 [ 2755.449311][T15265] should_fail_ex+0x1dc/0x234 [ 2755.449601][T15265] should_failslab+0x54/0x80 [ 2755.449848][T15265] __kmalloc_noprof+0xa8/0x430 [ 2755.450133][T15265] tomoyo_realpath_from_path+0x44/0x1b4 [ 2755.450388][T15265] tomoyo_path_number_perm+0xd8/0x20c [ 2755.450638][T15265] tomoyo_file_ioctl+0x1c/0x28 [ 2755.450879][T15265] security_file_ioctl+0x8c/0x19c [ 2755.451126][T15265] __arm64_sys_ioctl+0x48/0x104 [ 2755.451384][T15265] invoke_syscall+0x48/0x110 [ 2755.451635][T15265] el0_svc_common.constprop.0+0x40/0xe0 [ 2755.451885][T15265] do_el0_svc+0x1c/0x28 [ 2755.452133][T15265] el0_svc+0x34/0x10c [ 2755.452387][T15265] el0t_64_sync_handler+0xa0/0xe4 [ 2755.452668][T15265] el0t_64_sync+0x1a4/0x1a8 [ 2755.513971][T15265] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2764.558541][T15290] input: syz0 as /devices/virtual/input/input46 [ 2775.601943][T15297] FAULT_INJECTION: forcing a failure. [ 2775.601943][T15297] name failslab, interval 1, probability 0, space 0, times 0 [ 2775.609324][T15297] CPU: 1 UID: 0 PID: 15297 Comm: syz.2.4080 Not tainted syzkaller #0 PREEMPT [ 2775.609682][T15297] Hardware name: linux,dummy-virt (DT) [ 2775.609789][T15297] Call trace: [ 2775.609900][T15297] show_stack+0x18/0x24 (C) [ 2775.610203][T15297] dump_stack_lvl+0x78/0x90 [ 2775.610432][T15297] dump_stack+0x18/0x24 [ 2775.610672][T15297] should_fail_ex+0x1dc/0x234 [ 2775.610892][T15297] should_failslab+0x54/0x80 [ 2775.611112][T15297] kmem_cache_alloc_noprof+0x54/0x368 [ 2775.611353][T15297] getname_flags.part.0+0x2c/0x1bc [ 2775.611595][T15297] getname_flags+0x38/0x60 [ 2775.611819][T15297] do_sys_openat2+0x5c/0xe8 [ 2775.612041][T15297] __arm64_sys_openat+0x64/0xa8 [ 2775.612269][T15297] invoke_syscall+0x48/0x110 [ 2775.612609][T15297] el0_svc_common.constprop.0+0x40/0xe0 [ 2775.612858][T15297] do_el0_svc+0x1c/0x28 [ 2775.613103][T15297] el0_svc+0x34/0x10c [ 2775.613320][T15297] el0t_64_sync_handler+0xa0/0xe4 [ 2775.613555][T15297] el0t_64_sync+0x1a4/0x1a8 [ 2778.344511][T15308] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2778.347936][T15308] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2780.037313][T15314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2780.041445][T15314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2780.070290][T15314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2780.084333][T15314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2780.099741][T15314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2780.102081][T15314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2780.429732][T15314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 2780.432300][T15314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 2782.882469][T15331] input: syz0 as /devices/virtual/input/input47 [ 2804.044559][T15405] input: syz0 as /devices/virtual/input/input48 [ 2820.899854][T15453] FAULT_INJECTION: forcing a failure. [ 2820.899854][T15453] name failslab, interval 1, probability 0, space 0, times 0 [ 2820.900372][T15453] CPU: 1 UID: 0 PID: 15453 Comm: syz.2.4132 Not tainted syzkaller #0 PREEMPT [ 2820.900652][T15453] Hardware name: linux,dummy-virt (DT) [ 2820.900770][T15453] Call trace: [ 2820.900863][T15453] show_stack+0x18/0x24 (C) [ 2820.901128][T15453] dump_stack_lvl+0x78/0x90 [ 2820.901406][T15453] dump_stack+0x18/0x24 [ 2820.901765][T15453] should_fail_ex+0x1dc/0x234 [ 2820.901999][T15453] should_failslab+0x54/0x80 [ 2820.902250][T15453] __kmalloc_node_track_caller_noprof+0xac/0x404 [ 2820.902477][T15453] kmemdup_nul+0x3c/0x9c [ 2820.902856][T15453] vfs_parse_fs_string+0x50/0xb0 [ 2820.903098][T15453] vfs_parse_monolithic_sep+0xa0/0xf4 [ 2820.903375][T15453] generic_parse_monolithic+0x18/0x24 [ 2820.903604][T15453] parse_monolithic_mount_data+0x28/0x34 [ 2820.903871][T15453] path_mount+0x408/0xa28 [ 2820.904154][T15453] __arm64_sys_mount+0x1b4/0x210 [ 2820.904387][T15453] invoke_syscall+0x48/0x110 [ 2820.904617][T15453] el0_svc_common.constprop.0+0x40/0xe0 [ 2820.904845][T15453] do_el0_svc+0x1c/0x28 [ 2820.905074][T15453] el0_svc+0x34/0x10c [ 2820.905328][T15453] el0t_64_sync_handler+0xa0/0xe4 [ 2820.905558][T15453] el0t_64_sync+0x1a4/0x1a8 [ 2827.461657][T15510] FAULT_INJECTION: forcing a failure. [ 2827.461657][T15510] name failslab, interval 1, probability 0, space 0, times 0 [ 2827.469014][T15510] CPU: 0 UID: 0 PID: 15510 Comm: syz.1.4156 Not tainted syzkaller #0 PREEMPT [ 2827.469360][T15510] Hardware name: linux,dummy-virt (DT) [ 2827.469479][T15510] Call trace: [ 2827.469569][T15510] show_stack+0x18/0x24 (C) [ 2827.469860][T15510] dump_stack_lvl+0x78/0x90 [ 2827.470175][T15510] dump_stack+0x18/0x24 [ 2827.470435][T15510] should_fail_ex+0x1dc/0x234 [ 2827.470697][T15510] should_failslab+0x54/0x80 [ 2827.470959][T15510] __kmalloc_noprof+0xa8/0x430 [ 2827.471231][T15510] tomoyo_encode2+0x7c/0x140 [ 2827.471491][T15510] tomoyo_encode+0x28/0x40 [ 2827.471815][T15510] tomoyo_realpath_from_path+0x80/0x1b4 [ 2827.472103][T15510] tomoyo_path_number_perm+0xd8/0x20c [ 2827.472373][T15510] tomoyo_file_ioctl+0x1c/0x28 [ 2827.472711][T15510] security_file_ioctl+0x8c/0x19c [ 2827.472988][T15510] __arm64_sys_ioctl+0x48/0x104 [ 2827.473312][T15510] invoke_syscall+0x48/0x110 [ 2827.473580][T15510] el0_svc_common.constprop.0+0x40/0xe0 [ 2827.473845][T15510] do_el0_svc+0x1c/0x28 [ 2827.474146][T15510] el0_svc+0x34/0x10c [ 2827.474411][T15510] el0t_64_sync_handler+0xa0/0xe4 [ 2827.474677][T15510] el0t_64_sync+0x1a4/0x1a8 [ 2827.515627][T15510] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2831.882445][T15555] input: syz0 as /devices/virtual/input/input49 [ 2833.048830][T15563] FAULT_INJECTION: forcing a failure. [ 2833.048830][T15563] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2833.071589][T15563] CPU: 0 UID: 0 PID: 15563 Comm: syz.1.4174 Not tainted syzkaller #0 PREEMPT [ 2833.072014][T15563] Hardware name: linux,dummy-virt (DT) [ 2833.072153][T15563] Call trace: [ 2833.072270][T15563] show_stack+0x18/0x24 (C) [ 2833.072645][T15563] dump_stack_lvl+0x78/0x90 [ 2833.072929][T15563] dump_stack+0x18/0x24 [ 2833.073187][T15563] should_fail_ex+0x1dc/0x234 [ 2833.073416][T15563] should_fail+0x14/0x24 [ 2833.073615][T15563] should_fail_usercopy+0x1c/0x28 [ 2833.073806][T15563] _inline_copy_from_user+0x24/0xb0 [ 2833.074006][T15563] kvm_vm_ioctl+0xbf8/0x14b8 [ 2833.074253][T15563] __arm64_sys_ioctl+0xac/0x104 [ 2833.074480][T15563] invoke_syscall+0x48/0x110 [ 2833.074698][T15563] el0_svc_common.constprop.0+0x40/0xe0 [ 2833.074899][T15563] do_el0_svc+0x1c/0x28 [ 2833.075164][T15563] el0_svc+0x34/0x10c [ 2833.075402][T15563] el0t_64_sync_handler+0xa0/0xe4 [ 2833.075626][T15563] el0t_64_sync+0x1a4/0x1a8 [ 2839.389284][T15599] input: syz0 as /devices/virtual/input/input50 [ 2851.113393][ C0] sched: DL replenish lagged too much [ 2856.347491][T15620] input: syz0 as /devices/virtual/input/input51 [ 2872.400184][T15645] trusted_key: encrypted_key: insufficient parameters specified [ 2874.413969][T15651] input: syz0 as /devices/virtual/input/input53 [ 2877.909519][T15668] trusted_key: encrypted_key: insufficient parameters specified [ 2878.502328][T15670] fuse: Unknown parameter '000000000000000000030xffffffffffffffff' [ 2881.487157][T15673] FAULT_INJECTION: forcing a failure. [ 2881.487157][T15673] name failslab, interval 1, probability 0, space 0, times 0 [ 2881.520685][T15673] CPU: 1 UID: 0 PID: 15673 Comm: syz.1.4211 Not tainted syzkaller #0 PREEMPT [ 2881.521064][T15673] Hardware name: linux,dummy-virt (DT) [ 2881.521182][T15673] Call trace: [ 2881.521275][T15673] show_stack+0x18/0x24 (C) [ 2881.521545][T15673] dump_stack_lvl+0x78/0x90 [ 2881.521774][T15673] dump_stack+0x18/0x24 [ 2881.522005][T15673] should_fail_ex+0x1dc/0x234 [ 2881.522268][T15673] should_failslab+0x54/0x80 [ 2881.522468][T15673] kmem_cache_alloc_noprof+0x54/0x368 [ 2881.522746][T15673] skb_clone+0x60/0xc4 [ 2881.522985][T15673] __netlink_deliver_tap+0xf8/0x28c [ 2881.523206][T15673] netlink_unicast+0x2e8/0x314 [ 2881.523437][T15673] netlink_sendmsg+0x194/0x3fc [ 2881.523664][T15673] __sock_sendmsg+0x54/0x60 [ 2881.523903][T15673] ____sys_sendmsg+0x234/0x29c [ 2881.524149][T15673] ___sys_sendmsg+0xac/0x100 [ 2881.524386][T15673] __sys_sendmsg+0x98/0xf8 [ 2881.524607][T15673] __arm64_sys_sendmsg+0x24/0x30 [ 2881.524853][T15673] invoke_syscall+0x48/0x110 [ 2881.525102][T15673] el0_svc_common.constprop.0+0x40/0xe0 [ 2881.525350][T15673] do_el0_svc+0x1c/0x28 [ 2881.525614][T15673] el0_svc+0x34/0x10c [ 2881.525862][T15673] el0t_64_sync_handler+0xa0/0xe4 [ 2881.526081][T15673] el0t_64_sync+0x1a4/0x1a8 [ 2887.327790][T15690] trusted_key: encrypted_key: insufficient parameters specified [ 2890.466506][T15706] trusted_key: encrypted_key: insufficient parameters specified [ 2892.779180][T15724] serio: Serial port pts0 [ 2905.504432][T15777] FAULT_INJECTION: forcing a failure. [ 2905.504432][T15777] name failslab, interval 1, probability 0, space 0, times 0 [ 2905.505075][T15777] CPU: 1 UID: 0 PID: 15777 Comm: syz.1.4244 Not tainted syzkaller #0 PREEMPT [ 2905.505471][T15777] Hardware name: linux,dummy-virt (DT) [ 2905.505611][T15777] Call trace: [ 2905.505717][T15777] show_stack+0x18/0x24 (C) [ 2905.506008][T15777] dump_stack_lvl+0x78/0x90 [ 2905.506334][T15777] dump_stack+0x18/0x24 [ 2905.506595][T15777] should_fail_ex+0x1dc/0x234 [ 2905.506855][T15777] should_failslab+0x54/0x80 [ 2905.507107][T15777] __kmalloc_node_track_caller_noprof+0xac/0x404 [ 2905.507374][T15777] kmemdup_nul+0x3c/0x9c [ 2905.507584][T15777] vfs_parse_fs_string+0x50/0xb0 [ 2905.507808][T15777] vfs_parse_monolithic_sep+0xa0/0xf4 [ 2905.508032][T15777] generic_parse_monolithic+0x18/0x24 [ 2905.508270][T15777] parse_monolithic_mount_data+0x28/0x34 [ 2905.508516][T15777] path_mount+0x408/0xa28 [ 2905.508750][T15777] __arm64_sys_mount+0x1b4/0x210 [ 2905.509026][T15777] invoke_syscall+0x48/0x110 [ 2905.509279][T15777] el0_svc_common.constprop.0+0x40/0xe0 [ 2905.509526][T15777] do_el0_svc+0x1c/0x28 [ 2905.509741][T15777] el0_svc+0x34/0x10c [ 2905.509968][T15777] el0t_64_sync_handler+0xa0/0xe4 [ 2905.510256][T15777] el0t_64_sync+0x1a4/0x1a8 [ 2908.470014][T15801] FAULT_INJECTION: forcing a failure. [ 2908.470014][T15801] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2908.477656][T15801] CPU: 0 UID: 0 PID: 15801 Comm: syz.1.4255 Not tainted syzkaller #0 PREEMPT [ 2908.478009][T15801] Hardware name: linux,dummy-virt (DT) [ 2908.478159][T15801] Call trace: [ 2908.478261][T15801] show_stack+0x18/0x24 (C) [ 2908.478615][T15801] dump_stack_lvl+0x78/0x90 [ 2908.478852][T15801] dump_stack+0x18/0x24 [ 2908.479121][T15801] should_fail_ex+0x1dc/0x234 [ 2908.479372][T15801] should_fail+0x14/0x24 [ 2908.479618][T15801] should_fail_usercopy+0x1c/0x28 [ 2908.479858][T15801] _inline_copy_from_user+0x24/0xb0 [ 2908.480129][T15801] get_user_ifreq+0x6c/0x88 [ 2908.480379][T15801] sock_do_ioctl+0xb0/0x108 [ 2908.480635][T15801] sock_ioctl+0x224/0x350 [ 2908.480899][T15801] __arm64_sys_ioctl+0xac/0x104 [ 2908.481173][T15801] invoke_syscall+0x48/0x110 [ 2908.481443][T15801] el0_svc_common.constprop.0+0x40/0xe0 [ 2908.481706][T15801] do_el0_svc+0x1c/0x28 [ 2908.481973][T15801] el0_svc+0x34/0x10c [ 2908.482248][T15801] el0t_64_sync_handler+0xa0/0xe4 [ 2908.482456][T15801] el0t_64_sync+0x1a4/0x1a8 [ 2915.216815][T15837] FAULT_INJECTION: forcing a failure. [ 2915.216815][T15837] name failslab, interval 1, probability 0, space 0, times 0 [ 2915.221409][T15837] CPU: 1 UID: 0 PID: 15837 Comm: syz.1.4269 Not tainted syzkaller #0 PREEMPT [ 2915.221915][T15837] Hardware name: linux,dummy-virt (DT) [ 2915.222175][T15837] Call trace: [ 2915.222314][T15837] show_stack+0x18/0x24 (C) [ 2915.222639][T15837] dump_stack_lvl+0x78/0x90 [ 2915.222904][T15837] dump_stack+0x18/0x24 [ 2915.223237][T15837] should_fail_ex+0x1dc/0x234 [ 2915.223501][T15837] should_failslab+0x54/0x80 [ 2915.223788][T15837] __kmalloc_noprof+0xa8/0x430 [ 2915.224092][T15837] tomoyo_realpath_from_path+0x44/0x1b4 [ 2915.224383][T15837] tomoyo_path_number_perm+0xd8/0x20c [ 2915.224675][T15837] tomoyo_file_ioctl+0x1c/0x28 [ 2915.224952][T15837] security_file_ioctl+0x8c/0x19c [ 2915.225281][T15837] __arm64_sys_ioctl+0x48/0x104 [ 2915.225593][T15837] invoke_syscall+0x48/0x110 [ 2915.225862][T15837] el0_svc_common.constprop.0+0x40/0xe0 [ 2915.226167][T15837] do_el0_svc+0x1c/0x28 [ 2915.226431][T15837] el0_svc+0x34/0x10c [ 2915.226672][T15837] el0t_64_sync_handler+0xa0/0xe4 [ 2915.226934][T15837] el0t_64_sync+0x1a4/0x1a8 [ 2915.234075][T15837] ERROR: Out of memory at tomoyo_realpath_from_path. [ 2918.067660][T15856] trusted_key: encrypted_key: insufficient parameters specified [ 2922.867573][T15883] trusted_key: encrypted_key: insufficient parameters specified [ 2925.134764][T15900] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 2927.282320][T15917] trusted_key: encrypted_key: insufficient parameters specified [ 2929.634296][T15929] trusted_key: encrypted_key: insufficient parameters specified [ 2932.061863][T15937] trusted_key: encrypted_key: insufficient parameters specified [ 2940.959976][T15957] FAULT_INJECTION: forcing a failure. [ 2940.959976][T15957] name failslab, interval 1, probability 0, space 0, times 0 [ 2940.960609][T15957] CPU: 0 UID: 0 PID: 15957 Comm: syz.1.4307 Not tainted syzkaller #0 PREEMPT [ 2940.960925][T15957] Hardware name: linux,dummy-virt (DT) [ 2940.961174][T15957] Call trace: [ 2940.961384][T15957] show_stack+0x18/0x24 (C) [ 2940.961883][T15957] dump_stack_lvl+0x78/0x90 [ 2940.962216][T15957] dump_stack+0x18/0x24 [ 2940.962573][T15957] should_fail_ex+0x1dc/0x234 [ 2940.962833][T15957] should_failslab+0x54/0x80 [ 2940.963098][T15957] kmem_cache_alloc_noprof+0x54/0x368 [ 2940.963355][T15957] security_file_alloc+0x28/0x1a0 [ 2940.963603][T15957] init_file+0x3c/0x11c [ 2940.963852][T15957] alloc_empty_file+0x70/0x138 [ 2940.964109][T15957] alloc_file_pseudo+0xa0/0x114 [ 2940.964351][T15957] sock_alloc_file+0x40/0xd8 [ 2940.964602][T15957] __sys_socket+0xd8/0x12c [ 2940.964851][T15957] __arm64_sys_socket+0x20/0x30 [ 2940.965107][T15957] invoke_syscall+0x48/0x110 [ 2940.965359][T15957] el0_svc_common.constprop.0+0x40/0xe0 [ 2940.965611][T15957] do_el0_svc+0x1c/0x28 [ 2940.965859][T15957] el0_svc+0x34/0x10c [ 2940.966151][T15957] el0t_64_sync_handler+0xa0/0xe4 [ 2940.966402][T15957] el0t_64_sync+0x1a4/0x1a8 [ 2944.866658][T15973] FAULT_INJECTION: forcing a failure. [ 2944.866658][T15973] name failslab, interval 1, probability 0, space 0, times 0 [ 2944.867232][T15973] CPU: 1 UID: 0 PID: 15973 Comm: syz.2.4313 Not tainted syzkaller #0 PREEMPT [ 2944.867605][T15973] Hardware name: linux,dummy-virt (DT) [ 2944.867749][T15973] Call trace: [ 2944.867847][T15973] show_stack+0x18/0x24 (C) [ 2944.868212][T15973] dump_stack_lvl+0x78/0x90 [ 2944.868473][T15973] dump_stack+0x18/0x24 [ 2944.868810][T15973] should_fail_ex+0x1dc/0x234 [ 2944.869194][T15973] should_failslab+0x54/0x80 [ 2944.869504][T15973] kmem_cache_alloc_noprof+0x54/0x368 [ 2944.869758][T15973] getname_flags.part.0+0x2c/0x1bc [ 2944.870016][T15973] getname_flags+0x38/0x60 [ 2944.870301][T15973] do_sys_openat2+0x5c/0xe8 [ 2944.870601][T15973] __arm64_sys_openat+0x64/0xa8 [ 2944.870850][T15973] invoke_syscall+0x48/0x110 [ 2944.871127][T15973] el0_svc_common.constprop.0+0x40/0xe0 [ 2944.871378][T15973] do_el0_svc+0x1c/0x28 [ 2944.871603][T15973] el0_svc+0x34/0x10c [ 2944.871822][T15973] el0t_64_sync_handler+0xa0/0xe4 [ 2944.872060][T15973] el0t_64_sync+0x1a4/0x1a8 [ 2945.162459][T15980] FAULT_INJECTION: forcing a failure. [ 2945.162459][T15980] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2945.168080][T15980] CPU: 1 UID: 0 PID: 15980 Comm: syz.2.4316 Not tainted syzkaller #0 PREEMPT [ 2945.168396][T15980] Hardware name: linux,dummy-virt (DT) [ 2945.168473][T15980] Call trace: [ 2945.168530][T15980] show_stack+0x18/0x24 (C) [ 2945.168686][T15980] dump_stack_lvl+0x78/0x90 [ 2945.168900][T15980] dump_stack+0x18/0x24 [ 2945.169046][T15980] should_fail_ex+0x1dc/0x234 [ 2945.169179][T15980] should_fail+0x14/0x24 [ 2945.169380][T15980] should_fail_usercopy+0x1c/0x28 [ 2945.169537][T15980] simple_read_from_buffer+0x5c/0x138 [ 2945.169672][T15980] proc_fail_nth_read+0xac/0x134 [ 2945.169900][T15980] vfs_read+0xc0/0x318 [ 2945.170095][T15980] ksys_read+0x6c/0x100 [ 2945.170391][T15980] __arm64_sys_read+0x1c/0x28 [ 2945.170598][T15980] invoke_syscall+0x48/0x110 [ 2945.170880][T15980] el0_svc_common.constprop.0+0x40/0xe0 [ 2945.171121][T15980] do_el0_svc+0x1c/0x28 [ 2945.171443][T15980] el0_svc+0x34/0x10c [ 2945.171667][T15980] el0t_64_sync_handler+0xa0/0xe4 [ 2945.171946][T15980] el0t_64_sync+0x1a4/0x1a8 [ 2945.429707][T15978] fuse: Bad value for 'fd' [ 2946.193838][T15991] fuse: Bad value for 'fd' [ 2947.272579][ T7565] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2947.444097][ T7565] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2947.599568][ T7565] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2947.709474][ T7565] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 2948.785255][ T7565] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 2948.845682][ T7565] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 2948.898541][ T7565] bond0 (unregistering): Released all slaves [ 2949.153944][ T7565] hsr_slave_0: left promiscuous mode [ 2949.165717][ T7565] hsr_slave_1: left promiscuous mode [ 2949.231630][ T7565] veth1_macvtap: left promiscuous mode [ 2949.238947][ T7565] veth0_macvtap: left promiscuous mode [ 2949.247190][ T7565] veth1_vlan: left promiscuous mode [ 2949.250438][ T7565] veth0_vlan: left promiscuous mode [ 2950.259685][T16019] FAULT_INJECTION: forcing a failure. [ 2950.259685][T16019] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 2950.260298][T16019] CPU: 0 UID: 0 PID: 16019 Comm: syz.2.4328 Not tainted syzkaller #0 PREEMPT [ 2950.260567][T16019] Hardware name: linux,dummy-virt (DT) [ 2950.260673][T16019] Call trace: [ 2950.260799][T16019] show_stack+0x18/0x24 (C) [ 2950.261103][T16019] dump_stack_lvl+0x78/0x90 [ 2950.261357][T16019] dump_stack+0x18/0x24 [ 2950.261597][T16019] should_fail_ex+0x1dc/0x234 [ 2950.261839][T16019] should_fail+0x14/0x24 [ 2950.262079][T16019] should_fail_usercopy+0x1c/0x28 [ 2950.262359][T16019] simple_read_from_buffer+0x5c/0x138 [ 2950.262653][T16019] proc_fail_nth_read+0xac/0x134 [ 2950.262943][T16019] vfs_read+0xc0/0x318 [ 2950.263232][T16019] ksys_read+0x6c/0x100 [ 2950.263519][T16019] __arm64_sys_read+0x1c/0x28 [ 2950.263805][T16019] invoke_syscall+0x48/0x110 [ 2950.264080][T16019] el0_svc_common.constprop.0+0x40/0xe0 [ 2950.264331][T16019] do_el0_svc+0x1c/0x28 [ 2950.264552][T16019] el0_svc+0x34/0x10c [ 2950.264777][T16019] el0t_64_sync_handler+0xa0/0xe4 [ 2950.265032][T16019] el0t_64_sync+0x1a4/0x1a8 [ 2951.149567][T15999] lo speed is unknown, defaulting to 1000 [ 2954.587869][T15999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 2954.618963][T15999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 2956.984701][T15999] hsr_slave_0: entered promiscuous mode [ 2956.991744][T15999] hsr_slave_1: entered promiscuous mode [ 2957.012361][T15999] debugfs: 'hsr0' already exists in 'hsr' [ 2957.033639][T15999] Cannot create hsr debugfs directory [ 2959.406497][T15999] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 2959.470595][T15999] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 2959.512072][T15999] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 2959.538587][T15999] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 2961.799316][T15999] 8021q: adding VLAN 0 to HW filter on device bond0 [ 2969.056467][T15999] veth0_vlan: entered promiscuous mode [ 2969.190643][T15999] veth1_vlan: entered promiscuous mode [ 2969.564896][T15999] veth0_macvtap: entered promiscuous mode [ 2969.617174][T15999] veth1_macvtap: entered promiscuous mode [ 2969.874666][ T7565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 2969.875703][ T7565] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 2969.876123][ T7565] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 2969.876531][ T7565] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 2970.961388][T16176] lo speed is unknown, defaulting to 1000 [ 2996.511173][T16311] ref_tracker: memory allocation failure, unreliable refcount tracker. [ 3004.485782][T16333] fuse: Bad value for 'fd' [ 3004.510508][T16333] fuse: Bad value for 'fd' [ 3008.308394][T16348] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 3009.006022][T16353] FAULT_INJECTION: forcing a failure. [ 3009.006022][T16353] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3009.006426][T16353] CPU: 0 UID: 0 PID: 16353 Comm: syz.1.4394 Not tainted syzkaller #0 PREEMPT [ 3009.006699][T16353] Hardware name: linux,dummy-virt (DT) [ 3009.006811][T16353] Call trace: [ 3009.006929][T16353] show_stack+0x18/0x24 (C) [ 3009.007204][T16353] dump_stack_lvl+0x78/0x90 [ 3009.007474][T16353] dump_stack+0x18/0x24 [ 3009.007743][T16353] should_fail_ex+0x1dc/0x234 [ 3009.007990][T16353] should_fail+0x14/0x24 [ 3009.008265][T16353] should_fail_usercopy+0x1c/0x28 [ 3009.008511][T16353] simple_read_from_buffer+0x5c/0x138 [ 3009.008807][T16353] proc_fail_nth_read+0xac/0x134 [ 3009.009045][T16353] vfs_read+0xc0/0x318 [ 3009.009300][T16353] ksys_read+0x6c/0x100 [ 3009.009546][T16353] __arm64_sys_read+0x1c/0x28 [ 3009.009815][T16353] invoke_syscall+0x48/0x110 [ 3009.010055][T16353] el0_svc_common.constprop.0+0x40/0xe0 [ 3009.010343][T16353] do_el0_svc+0x1c/0x28 [ 3009.010613][T16353] el0_svc+0x34/0x10c [ 3009.010871][T16353] el0t_64_sync_handler+0xa0/0xe4 [ 3009.011137][T16353] el0t_64_sync+0x1a4/0x1a8 [ 3012.886400][T16373] input: syz0 as /devices/virtual/input/input54 [ 3031.864741][T16416] FAULT_INJECTION: forcing a failure. [ 3031.864741][T16416] name failslab, interval 1, probability 0, space 0, times 0 [ 3031.865454][T16416] CPU: 0 UID: 0 PID: 16416 Comm: syz.2.4410 Not tainted syzkaller #0 PREEMPT [ 3031.865705][T16416] Hardware name: linux,dummy-virt (DT) [ 3031.865819][T16416] Call trace: [ 3031.865912][T16416] show_stack+0x18/0x24 (C) [ 3031.866198][T16416] dump_stack_lvl+0x78/0x90 [ 3031.866413][T16416] dump_stack+0x18/0x24 [ 3031.866651][T16416] should_fail_ex+0x1dc/0x234 [ 3031.866975][T16416] should_failslab+0x54/0x80 [ 3031.867229][T16416] __kmalloc_node_track_caller_noprof+0xac/0x404 [ 3031.867556][T16416] kstrdup+0x48/0x84 [ 3031.867990][T16416] __request_module+0x128/0x1fc [ 3031.869120][T16416] dev_load+0x9c/0xa4 [ 3031.869459][T16416] dev_ioctl+0x428/0x57c [ 3031.869741][T16416] sock_do_ioctl+0xcc/0x108 [ 3031.869947][T16416] sock_ioctl+0x224/0x350 [ 3031.871161][T16416] __arm64_sys_ioctl+0xac/0x104 [ 3031.871472][T16416] invoke_syscall+0x48/0x110 [ 3031.871733][T16416] el0_svc_common.constprop.0+0x40/0xe0 [ 3031.872009][T16416] do_el0_svc+0x1c/0x28 [ 3031.872285][T16416] el0_svc+0x34/0x10c [ 3031.872595][T16416] el0t_64_sync_handler+0xa0/0xe4 [ 3031.872856][T16416] el0t_64_sync+0x1a4/0x1a8 [ 3037.680677][T16448] FAULT_INJECTION: forcing a failure. [ 3037.680677][T16448] name failslab, interval 1, probability 0, space 0, times 0 [ 3037.684648][T16448] CPU: 0 UID: 0 PID: 16448 Comm: syz.2.4420 Not tainted syzkaller #0 PREEMPT [ 3037.685011][T16448] Hardware name: linux,dummy-virt (DT) [ 3037.685140][T16448] Call trace: [ 3037.685331][T16448] show_stack+0x18/0x24 (C) [ 3037.685528][T16448] dump_stack_lvl+0x78/0x90 [ 3037.685661][T16448] dump_stack+0x18/0x24 [ 3037.685787][T16448] should_fail_ex+0x1dc/0x234 [ 3037.685916][T16448] should_failslab+0x54/0x80 [ 3037.686051][T16448] __kvmalloc_node_noprof+0x114/0x528 [ 3037.686203][T16448] simple_xattr_alloc+0x38/0x74 [ 3037.686335][T16448] simple_xattr_set+0x38/0x1ac [ 3037.686462][T16448] shmem_xattr_handler_set+0x184/0x1a8 [ 3037.686593][T16448] __vfs_setxattr+0xac/0xe8 [ 3037.686720][T16448] __vfs_setxattr_noperm+0x88/0x22c [ 3037.686847][T16448] __vfs_setxattr_locked+0xe0/0x120 [ 3037.686980][T16448] vfs_setxattr+0x94/0x170 [ 3037.687150][T16448] do_setxattr+0xa0/0xb8 [ 3037.687319][T16448] file_setxattr+0x64/0xb0 [ 3037.687567][T16448] path_setxattrat+0x10c/0x18c [ 3037.687742][T16448] __arm64_sys_fsetxattr+0x2c/0x3c [ 3037.687896][T16448] invoke_syscall+0x48/0x110 [ 3037.688045][T16448] el0_svc_common.constprop.0+0x40/0xe0 [ 3037.688193][T16448] do_el0_svc+0x1c/0x28 [ 3037.688357][T16448] el0_svc+0x34/0x10c [ 3037.688488][T16448] el0t_64_sync_handler+0xa0/0xe4 [ 3037.688654][T16448] el0t_64_sync+0x1a4/0x1a8 [ 3040.221306][T16469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3040.229336][T16469] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3049.764276][T16522] FAULT_INJECTION: forcing a failure. [ 3049.764276][T16522] name failslab, interval 1, probability 0, space 0, times 0 [ 3049.764862][T16522] CPU: 0 UID: 0 PID: 16522 Comm: syz.1.4446 Not tainted syzkaller #0 PREEMPT [ 3049.765158][T16522] Hardware name: linux,dummy-virt (DT) [ 3049.765275][T16522] Call trace: [ 3049.765372][T16522] show_stack+0x18/0x24 (C) [ 3049.765706][T16522] dump_stack_lvl+0x78/0x90 [ 3049.765981][T16522] dump_stack+0x18/0x24 [ 3049.766252][T16522] should_fail_ex+0x1dc/0x234 [ 3049.766517][T16522] should_failslab+0x54/0x80 [ 3049.766760][T16522] __kmalloc_noprof+0xa8/0x430 [ 3049.767011][T16522] tomoyo_realpath_from_path+0x44/0x1b4 [ 3049.767289][T16522] tomoyo_path_number_perm+0xd8/0x20c [ 3049.767548][T16522] tomoyo_file_ioctl+0x1c/0x28 [ 3049.767862][T16522] security_file_ioctl+0x8c/0x19c [ 3049.768164][T16522] __arm64_sys_ioctl+0x48/0x104 [ 3049.768398][T16522] invoke_syscall+0x48/0x110 [ 3049.768653][T16522] el0_svc_common.constprop.0+0x40/0xe0 [ 3049.768949][T16522] do_el0_svc+0x1c/0x28 [ 3049.769183][T16522] el0_svc+0x34/0x10c [ 3049.769430][T16522] el0t_64_sync_handler+0xa0/0xe4 [ 3049.769671][T16522] el0t_64_sync+0x1a4/0x1a8 [ 3049.785352][T16522] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3066.616761][T16632] FAULT_INJECTION: forcing a failure. [ 3066.616761][T16632] name failslab, interval 1, probability 0, space 0, times 0 [ 3066.617287][T16632] CPU: 0 UID: 0 PID: 16632 Comm: syz.1.4489 Not tainted syzkaller #0 PREEMPT [ 3066.617576][T16632] Hardware name: linux,dummy-virt (DT) [ 3066.617686][T16632] Call trace: [ 3066.617783][T16632] show_stack+0x18/0x24 (C) [ 3066.618071][T16632] dump_stack_lvl+0x78/0x90 [ 3066.618371][T16632] dump_stack+0x18/0x24 [ 3066.618721][T16632] should_fail_ex+0x1dc/0x234 [ 3066.619007][T16632] should_failslab+0x54/0x80 [ 3066.619294][T16632] __kvmalloc_node_noprof+0x114/0x528 [ 3066.619564][T16632] vmemdup_user+0x30/0xb8 [ 3066.619832][T16632] setxattr_copy+0x54/0x94 [ 3066.620103][T16632] path_setxattrat+0x84/0x18c [ 3066.620378][T16632] __arm64_sys_fsetxattr+0x2c/0x3c [ 3066.620646][T16632] invoke_syscall+0x48/0x110 [ 3066.620981][T16632] el0_svc_common.constprop.0+0x40/0xe0 [ 3066.621226][T16632] do_el0_svc+0x1c/0x28 [ 3066.621469][T16632] el0_svc+0x34/0x10c [ 3066.621708][T16632] el0t_64_sync_handler+0xa0/0xe4 [ 3066.621975][T16632] el0t_64_sync+0x1a4/0x1a8 [ 3068.105892][T16645] FAULT_INJECTION: forcing a failure. [ 3068.105892][T16645] name failslab, interval 1, probability 0, space 0, times 0 [ 3068.110414][T16645] CPU: 1 UID: 0 PID: 16645 Comm: syz.2.4495 Not tainted syzkaller #0 PREEMPT [ 3068.110776][T16645] Hardware name: linux,dummy-virt (DT) [ 3068.110938][T16645] Call trace: [ 3068.111053][T16645] show_stack+0x18/0x24 (C) [ 3068.111354][T16645] dump_stack_lvl+0x78/0x90 [ 3068.111643][T16645] dump_stack+0x18/0x24 [ 3068.111888][T16645] should_fail_ex+0x1dc/0x234 [ 3068.112144][T16645] should_failslab+0x54/0x80 [ 3068.112388][T16645] __kmalloc_cache_noprof+0x54/0x390 [ 3068.112677][T16645] call_usermodehelper_setup+0x68/0xcc [ 3068.112911][T16645] __request_module+0x170/0x1fc [ 3068.113139][T16645] dev_load+0x9c/0xa4 [ 3068.113359][T16645] dev_ioctl+0x428/0x57c [ 3068.113583][T16645] sock_do_ioctl+0xcc/0x108 [ 3068.113820][T16645] sock_ioctl+0x224/0x350 [ 3068.114066][T16645] __arm64_sys_ioctl+0xac/0x104 [ 3068.114343][T16645] invoke_syscall+0x48/0x110 [ 3068.114564][T16645] el0_svc_common.constprop.0+0x40/0xe0 [ 3068.114790][T16645] do_el0_svc+0x1c/0x28 [ 3068.115041][T16645] el0_svc+0x34/0x10c [ 3068.115281][T16645] el0t_64_sync_handler+0xa0/0xe4 [ 3068.115519][T16645] el0t_64_sync+0x1a4/0x1a8 [ 3069.050935][T16654] FAULT_INJECTION: forcing a failure. [ 3069.050935][T16654] name failslab, interval 1, probability 0, space 0, times 0 [ 3069.057236][T16654] CPU: 1 UID: 0 PID: 16654 Comm: syz.1.4499 Not tainted syzkaller #0 PREEMPT [ 3069.057546][T16654] Hardware name: linux,dummy-virt (DT) [ 3069.057662][T16654] Call trace: [ 3069.057755][T16654] show_stack+0x18/0x24 (C) [ 3069.057991][T16654] dump_stack_lvl+0x78/0x90 [ 3069.058280][T16654] dump_stack+0x18/0x24 [ 3069.058488][T16654] should_fail_ex+0x1dc/0x234 [ 3069.058720][T16654] should_failslab+0x54/0x80 [ 3069.058953][T16654] __kmalloc_noprof+0xa8/0x430 [ 3069.059214][T16654] tomoyo_realpath_from_path+0x44/0x1b4 [ 3069.059457][T16654] tomoyo_path_number_perm+0xd8/0x20c [ 3069.059679][T16654] tomoyo_file_ioctl+0x1c/0x28 [ 3069.059896][T16654] security_file_ioctl+0x8c/0x19c [ 3069.060135][T16654] __arm64_sys_ioctl+0x48/0x104 [ 3069.060391][T16654] invoke_syscall+0x48/0x110 [ 3069.060636][T16654] el0_svc_common.constprop.0+0x40/0xe0 [ 3069.060882][T16654] do_el0_svc+0x1c/0x28 [ 3069.061159][T16654] el0_svc+0x34/0x10c [ 3069.061526][T16654] el0t_64_sync_handler+0xa0/0xe4 [ 3069.061773][T16654] el0t_64_sync+0x1a4/0x1a8 [ 3069.086504][T16654] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3069.252324][T16657] FAULT_INJECTION: forcing a failure. [ 3069.252324][T16657] name failslab, interval 1, probability 0, space 0, times 0 [ 3069.254240][T16657] CPU: 0 UID: 0 PID: 16657 Comm: syz.1.4500 Not tainted syzkaller #0 PREEMPT [ 3069.254555][T16657] Hardware name: linux,dummy-virt (DT) [ 3069.254729][T16657] Call trace: [ 3069.254855][T16657] show_stack+0x18/0x24 (C) [ 3069.255145][T16657] dump_stack_lvl+0x78/0x90 [ 3069.255399][T16657] dump_stack+0x18/0x24 [ 3069.255689][T16657] should_fail_ex+0x1dc/0x234 [ 3069.255946][T16657] should_failslab+0x54/0x80 [ 3069.256239][T16657] kmem_cache_alloc_node_noprof+0x5c/0x370 [ 3069.256542][T16657] __alloc_skb+0x150/0x194 [ 3069.256833][T16657] netlink_alloc_large_skb+0x94/0xb8 [ 3069.257109][T16657] netlink_sendmsg+0x10c/0x3fc [ 3069.257319][T16657] __sock_sendmsg+0x54/0x60 [ 3069.257544][T16657] __sys_sendto+0x118/0x180 [ 3069.257765][T16657] __arm64_sys_sendto+0x28/0x38 [ 3069.258024][T16657] invoke_syscall+0x48/0x110 [ 3069.258295][T16657] el0_svc_common.constprop.0+0x40/0xe0 [ 3069.258527][T16657] do_el0_svc+0x1c/0x28 [ 3069.258824][T16657] el0_svc+0x34/0x10c [ 3069.259145][T16657] el0t_64_sync_handler+0xa0/0xe4 [ 3069.259404][T16657] el0t_64_sync+0x1a4/0x1a8 [ 3078.849754][T16711] FAULT_INJECTION: forcing a failure. [ 3078.849754][T16711] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3078.850390][T16711] CPU: 1 UID: 0 PID: 16711 Comm: syz.2.4520 Not tainted syzkaller #0 PREEMPT [ 3078.850660][T16711] Hardware name: linux,dummy-virt (DT) [ 3078.850785][T16711] Call trace: [ 3078.850885][T16711] show_stack+0x18/0x24 (C) [ 3078.851160][T16711] dump_stack_lvl+0x78/0x90 [ 3078.851385][T16711] dump_stack+0x18/0x24 [ 3078.851622][T16711] should_fail_ex+0x1dc/0x234 [ 3078.851850][T16711] should_fail+0x14/0x24 [ 3078.852078][T16711] should_fail_usercopy+0x1c/0x28 [ 3078.852321][T16711] _copy_from_iter+0x5c/0x65c [ 3078.852603][T16711] isotp_sendmsg+0x1e0/0x7ec [ 3078.852858][T16711] __sock_sendmsg+0x54/0x60 [ 3078.853113][T16711] ____sys_sendmsg+0x234/0x29c [ 3078.853351][T16711] ___sys_sendmsg+0xac/0x100 [ 3078.853585][T16711] __sys_sendmsg+0x98/0xf8 [ 3078.853886][T16711] __arm64_sys_sendmsg+0x24/0x30 [ 3078.854151][T16711] invoke_syscall+0x48/0x110 [ 3078.854415][T16711] el0_svc_common.constprop.0+0x40/0xe0 [ 3078.854663][T16711] do_el0_svc+0x1c/0x28 [ 3078.854905][T16711] el0_svc+0x34/0x10c [ 3078.855153][T16711] el0t_64_sync_handler+0xa0/0xe4 [ 3078.855402][T16711] el0t_64_sync+0x1a4/0x1a8 [ 3079.102347][T16719] input: syz0 as /devices/virtual/input/input56 [ 3095.322478][T16758] FAULT_INJECTION: forcing a failure. [ 3095.322478][T16758] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3095.327975][T16758] CPU: 1 UID: 0 PID: 16758 Comm: syz.1.4538 Not tainted syzkaller #0 PREEMPT [ 3095.328335][T16758] Hardware name: linux,dummy-virt (DT) [ 3095.328444][T16758] Call trace: [ 3095.328532][T16758] show_stack+0x18/0x24 (C) [ 3095.328816][T16758] dump_stack_lvl+0x78/0x90 [ 3095.329032][T16758] dump_stack+0x18/0x24 [ 3095.329237][T16758] should_fail_ex+0x1dc/0x234 [ 3095.329455][T16758] should_fail+0x14/0x24 [ 3095.329659][T16758] should_fail_usercopy+0x1c/0x28 [ 3095.329859][T16758] _inline_copy_from_user+0x24/0xb0 [ 3095.330077][T16758] copy_msghdr_from_user+0x54/0xcc [ 3095.330445][T16758] ___sys_sendmsg+0x8c/0x100 [ 3095.330657][T16758] __sys_sendmsg+0x98/0xf8 [ 3095.330905][T16758] __arm64_sys_sendmsg+0x24/0x30 [ 3095.331141][T16758] invoke_syscall+0x48/0x110 [ 3095.331383][T16758] el0_svc_common.constprop.0+0x40/0xe0 [ 3095.331610][T16758] do_el0_svc+0x1c/0x28 [ 3095.331817][T16758] el0_svc+0x34/0x10c [ 3095.332032][T16758] el0t_64_sync_handler+0xa0/0xe4 [ 3095.332249][T16758] el0t_64_sync+0x1a4/0x1a8 [ 3096.315288][T16762] input: syz0 as /devices/virtual/input/input57 [ 3114.904550][T16794] input: syz0 as /devices/virtual/input/input58 [ 3122.735631][T16814] fuse: Unknown parameter 'f`' [ 3128.947551][T16843] FAULT_INJECTION: forcing a failure. [ 3128.947551][T16843] name failslab, interval 1, probability 0, space 0, times 0 [ 3128.971529][T16843] CPU: 0 UID: 0 PID: 16843 Comm: syz.2.4564 Not tainted syzkaller #0 PREEMPT [ 3128.971887][T16843] Hardware name: linux,dummy-virt (DT) [ 3128.972023][T16843] Call trace: [ 3128.972127][T16843] show_stack+0x18/0x24 (C) [ 3128.972391][T16843] dump_stack_lvl+0x78/0x90 [ 3128.972699][T16843] dump_stack+0x18/0x24 [ 3128.972954][T16843] should_fail_ex+0x1dc/0x234 [ 3128.973293][T16843] should_failslab+0x54/0x80 [ 3128.973563][T16843] kmem_cache_alloc_node_noprof+0x5c/0x370 [ 3128.973838][T16843] __alloc_skb+0x150/0x194 [ 3128.974166][T16843] netlink_alloc_large_skb+0x94/0xb8 [ 3128.974446][T16843] netlink_sendmsg+0x10c/0x3fc [ 3128.974711][T16843] __sock_sendmsg+0x54/0x60 [ 3128.974987][T16843] ____sys_sendmsg+0x234/0x29c [ 3128.975234][T16843] ___sys_sendmsg+0xac/0x100 [ 3128.975468][T16843] __sys_sendmsg+0x98/0xf8 [ 3128.975709][T16843] __arm64_sys_sendmsg+0x24/0x30 [ 3128.975946][T16843] invoke_syscall+0x48/0x110 [ 3128.976185][T16843] el0_svc_common.constprop.0+0x40/0xe0 [ 3128.976430][T16843] do_el0_svc+0x1c/0x28 [ 3128.976694][T16843] el0_svc+0x34/0x10c [ 3128.976973][T16843] el0t_64_sync_handler+0xa0/0xe4 [ 3128.977195][T16843] el0t_64_sync+0x1a4/0x1a8 [ 3137.188045][T16889] fuse: Unknown parameter 'gro&d' [ 3138.092467][T16897] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 3138.476447][T16897] can0: slcan on ttynull. [ 3138.586207][T16896] can0 (unregistered): slcan off ttynull. [ 3140.051530][T16919] No control pipe specified [ 3140.694943][T16927] FAULT_INJECTION: forcing a failure. [ 3140.694943][T16927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3140.696824][T16927] CPU: 0 UID: 0 PID: 16927 Comm: syz.1.4592 Not tainted syzkaller #0 PREEMPT [ 3140.697027][T16927] Hardware name: linux,dummy-virt (DT) [ 3140.697096][T16927] Call trace: [ 3140.697151][T16927] show_stack+0x18/0x24 (C) [ 3140.697298][T16927] dump_stack_lvl+0x78/0x90 [ 3140.697452][T16927] dump_stack+0x18/0x24 [ 3140.697597][T16927] should_fail_ex+0x1dc/0x234 [ 3140.697729][T16927] should_fail+0x14/0x24 [ 3140.697853][T16927] should_fail_usercopy+0x1c/0x28 [ 3140.697982][T16927] simple_read_from_buffer+0x5c/0x138 [ 3140.698168][T16927] proc_fail_nth_read+0xac/0x134 [ 3140.698309][T16927] vfs_read+0xc0/0x318 [ 3140.698435][T16927] ksys_read+0x6c/0x100 [ 3140.698571][T16927] __arm64_sys_read+0x1c/0x28 [ 3140.698698][T16927] invoke_syscall+0x48/0x110 [ 3140.698835][T16927] el0_svc_common.constprop.0+0x40/0xe0 [ 3140.698970][T16927] do_el0_svc+0x1c/0x28 [ 3140.699114][T16927] el0_svc+0x34/0x10c [ 3140.699246][T16927] el0t_64_sync_handler+0xa0/0xe4 [ 3140.699378][T16927] el0t_64_sync+0x1a4/0x1a8 [ 3141.354984][T16935] FAULT_INJECTION: forcing a failure. [ 3141.354984][T16935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3141.355481][T16935] CPU: 0 UID: 0 PID: 16935 Comm: syz.2.4596 Not tainted syzkaller #0 PREEMPT [ 3141.355760][T16935] Hardware name: linux,dummy-virt (DT) [ 3141.355873][T16935] Call trace: [ 3141.356056][T16935] show_stack+0x18/0x24 (C) [ 3141.356358][T16935] dump_stack_lvl+0x78/0x90 [ 3141.356610][T16935] dump_stack+0x18/0x24 [ 3141.356877][T16935] should_fail_ex+0x1dc/0x234 [ 3141.357124][T16935] should_fail+0x14/0x24 [ 3141.357368][T16935] should_fail_usercopy+0x1c/0x28 [ 3141.357627][T16935] simple_read_from_buffer+0x5c/0x138 [ 3141.357864][T16935] proc_fail_nth_read+0xac/0x134 [ 3141.358124][T16935] vfs_read+0xc0/0x318 [ 3141.358471][T16935] ksys_read+0x6c/0x100 [ 3141.358787][T16935] __arm64_sys_read+0x1c/0x28 [ 3141.359053][T16935] invoke_syscall+0x48/0x110 [ 3141.359348][T16935] el0_svc_common.constprop.0+0x40/0xe0 [ 3141.359573][T16935] do_el0_svc+0x1c/0x28 [ 3141.359812][T16935] el0_svc+0x34/0x10c [ 3141.360040][T16935] el0t_64_sync_handler+0xa0/0xe4 [ 3141.360273][T16935] el0t_64_sync+0x1a4/0x1a8 [ 3144.223740][T16943] FAULT_INJECTION: forcing a failure. [ 3144.223740][T16943] name failslab, interval 1, probability 0, space 0, times 0 [ 3144.224222][T16943] CPU: 0 UID: 0 PID: 16943 Comm: syz.1.4599 Not tainted syzkaller #0 PREEMPT [ 3144.224471][T16943] Hardware name: linux,dummy-virt (DT) [ 3144.224587][T16943] Call trace: [ 3144.224754][T16943] show_stack+0x18/0x24 (C) [ 3144.225038][T16943] dump_stack_lvl+0x78/0x90 [ 3144.225330][T16943] dump_stack+0x18/0x24 [ 3144.225595][T16943] should_fail_ex+0x1dc/0x234 [ 3144.225877][T16943] should_failslab+0x54/0x80 [ 3144.226171][T16943] kmem_cache_alloc_node_noprof+0x5c/0x370 [ 3144.226352][T16943] __alloc_skb+0x150/0x194 [ 3144.226501][T16943] alloc_skb_with_frags+0x50/0x1e8 [ 3144.226679][T16943] sock_alloc_send_pskb+0x284/0x2b4 [ 3144.226808][T16943] __ip6_append_data+0xe3c/0x14a4 [ 3144.226962][T16943] ip6_append_data+0xb8/0x1b0 [ 3144.227089][T16943] icmp6_send+0x40c/0x85c [ 3144.227278][T16943] ip6_link_failure+0x2c/0x98 [ 3144.227413][T16943] vti6_tnl_xmit+0x330/0x7d0 [ 3144.227556][T16943] dev_hard_start_xmit+0x90/0x108 [ 3144.227687][T16943] __dev_queue_xmit+0x250/0xf3c [ 3144.227832][T16943] neigh_connected_output+0xb0/0x138 [ 3144.227990][T16943] ip6_finish_output2+0x2c8/0x8f4 [ 3144.228176][T16943] ip6_finish_output+0x23c/0x39c [ 3144.228307][T16943] ip6_output+0x78/0x1cc [ 3144.228500][T16943] ip6_xmit+0x2f0/0x70c [ 3144.228647][T16943] inet6_csk_xmit+0xc8/0x124 [ 3144.228812][T16943] __tcp_transmit_skb+0x478/0xd18 [ 3144.228985][T16943] tcp_connect+0x77c/0xe68 [ 3144.229144][T16943] tcp_v6_connect+0x430/0x60c [ 3144.229278][T16943] __inet_stream_connect+0xf8/0x3cc [ 3144.229411][T16943] tcp_sendmsg_fastopen+0xd4/0x1e0 [ 3144.229540][T16943] tcp_sendmsg_locked+0x970/0xe48 [ 3144.229687][T16943] tcp_sendmsg+0x38/0x60 [ 3144.229828][T16943] inet6_sendmsg+0x44/0x70 [ 3144.229974][T16943] smc_sendmsg+0x80/0x33c [ 3144.230185][T16943] __sock_sendmsg+0x54/0x60 [ 3144.230322][T16943] ____sys_sendmsg+0x190/0x29c [ 3144.230449][T16943] ___sys_sendmsg+0xac/0x100 [ 3144.230651][T16943] __sys_sendmmsg+0x104/0x258 [ 3144.230876][T16943] __arm64_sys_sendmmsg+0x28/0x38 [ 3144.231171][T16943] invoke_syscall+0x48/0x110 [ 3144.231399][T16943] el0_svc_common.constprop.0+0x40/0xe0 [ 3144.231697][T16943] do_el0_svc+0x1c/0x28 [ 3144.232002][T16943] el0_svc+0x34/0x10c [ 3144.232245][T16943] el0t_64_sync_handler+0xa0/0xe4 [ 3144.232533][T16943] el0t_64_sync+0x1a4/0x1a8 [ 3146.356390][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.357043][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.357250][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.357452][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.357652][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.357853][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.358058][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.358287][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.358464][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.358644][T15603] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0 [ 3146.378710][T15603] hid-generic 0000:0000:0000.0008: hidraw0: HID v0.00 Device [syz1] on syz0 [ 3146.669531][T16952] fido_id[16952]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 3149.127979][T16971] FAULT_INJECTION: forcing a failure. [ 3149.127979][T16971] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3149.133524][T16971] CPU: 1 UID: 0 PID: 16971 Comm: syz.2.4608 Not tainted syzkaller #0 PREEMPT [ 3149.133873][T16971] Hardware name: linux,dummy-virt (DT) [ 3149.134004][T16971] Call trace: [ 3149.134131][T16971] show_stack+0x18/0x24 (C) [ 3149.134393][T16971] dump_stack_lvl+0x78/0x90 [ 3149.134632][T16971] dump_stack+0x18/0x24 [ 3149.134878][T16971] should_fail_ex+0x1dc/0x234 [ 3149.135122][T16971] should_fail+0x14/0x24 [ 3149.135327][T16971] should_fail_usercopy+0x1c/0x28 [ 3149.135537][T16971] simple_read_from_buffer+0x5c/0x138 [ 3149.135757][T16971] proc_fail_nth_read+0xac/0x134 [ 3149.136024][T16971] vfs_read+0xc0/0x318 [ 3149.136238][T16971] ksys_read+0x6c/0x100 [ 3149.136467][T16971] __arm64_sys_read+0x1c/0x28 [ 3149.136790][T16971] invoke_syscall+0x48/0x110 [ 3149.137026][T16971] el0_svc_common.constprop.0+0x40/0xe0 [ 3149.137250][T16971] do_el0_svc+0x1c/0x28 [ 3149.137528][T16971] el0_svc+0x34/0x10c [ 3149.137754][T16971] el0t_64_sync_handler+0xa0/0xe4 [ 3149.137988][T16971] el0t_64_sync+0x1a4/0x1a8 [ 3150.160252][T16983] FAULT_INJECTION: forcing a failure. [ 3150.160252][T16983] name failslab, interval 1, probability 0, space 0, times 0 [ 3150.176039][T16983] CPU: 1 UID: 0 PID: 16983 Comm: syz.2.4613 Not tainted syzkaller #0 PREEMPT [ 3150.176418][T16983] Hardware name: linux,dummy-virt (DT) [ 3150.176546][T16983] Call trace: [ 3150.176678][T16983] show_stack+0x18/0x24 (C) [ 3150.176972][T16983] dump_stack_lvl+0x78/0x90 [ 3150.177220][T16983] dump_stack+0x18/0x24 [ 3150.177437][T16983] should_fail_ex+0x1dc/0x234 [ 3150.177660][T16983] should_failslab+0x54/0x80 [ 3150.177900][T16983] __kmalloc_noprof+0xa8/0x430 [ 3150.178196][T16983] tomoyo_realpath_from_path+0x44/0x1b4 [ 3150.178450][T16983] tomoyo_path_number_perm+0xd8/0x20c [ 3150.178700][T16983] tomoyo_file_ioctl+0x1c/0x28 [ 3150.178952][T16983] security_file_ioctl+0x8c/0x19c [ 3150.179183][T16983] __arm64_sys_ioctl+0x48/0x104 [ 3150.179437][T16983] invoke_syscall+0x48/0x110 [ 3150.179688][T16983] el0_svc_common.constprop.0+0x40/0xe0 [ 3150.179940][T16983] do_el0_svc+0x1c/0x28 [ 3150.180196][T16983] el0_svc+0x34/0x10c [ 3150.180496][T16983] el0t_64_sync_handler+0xa0/0xe4 [ 3150.180749][T16983] el0t_64_sync+0x1a4/0x1a8 [ 3150.215698][T16983] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3150.395429][T16986] input: syz0 as /devices/virtual/input/input60 [ 3161.243798][ C1] vkms_vblank_simulate: vblank timer overrun [ 3166.559814][T17087] trusted_key: encrypted_key: insufficient parameters specified [ 3187.345912][T17189] fuse: Bad value for 'fd' [ 3190.119092][T17202] fuse: Bad value for 'fd' [ 3196.132438][T17256] input: syz0 as /devices/virtual/input/input61 [ 3196.599304][T17262] FAULT_INJECTION: forcing a failure. [ 3196.599304][T17262] name failslab, interval 1, probability 0, space 0, times 0 [ 3196.599926][T17262] CPU: 1 UID: 0 PID: 17262 Comm: syz.1.4709 Not tainted syzkaller #0 PREEMPT [ 3196.600205][T17262] Hardware name: linux,dummy-virt (DT) [ 3196.600309][T17262] Call trace: [ 3196.600388][T17262] show_stack+0x18/0x24 (C) [ 3196.600623][T17262] dump_stack_lvl+0x78/0x90 [ 3196.600865][T17262] dump_stack+0x18/0x24 [ 3196.601104][T17262] should_fail_ex+0x1dc/0x234 [ 3196.601330][T17262] should_failslab+0x54/0x80 [ 3196.601591][T17262] kmem_cache_alloc_node_noprof+0x5c/0x370 [ 3196.601868][T17262] __alloc_skb+0x150/0x194 [ 3196.602204][T17262] netlink_alloc_large_skb+0x94/0xb8 [ 3196.602480][T17262] netlink_sendmsg+0x10c/0x3fc [ 3196.602802][T17262] __sock_sendmsg+0x54/0x60 [ 3196.603054][T17262] ____sys_sendmsg+0x234/0x29c [ 3196.603322][T17262] ___sys_sendmsg+0xac/0x100 [ 3196.603550][T17262] __sys_sendmsg+0x98/0xf8 [ 3196.603790][T17262] __arm64_sys_sendmsg+0x24/0x30 [ 3196.604032][T17262] invoke_syscall+0x48/0x110 [ 3196.604280][T17262] el0_svc_common.constprop.0+0x40/0xe0 [ 3196.604525][T17262] do_el0_svc+0x1c/0x28 [ 3196.604793][T17262] el0_svc+0x34/0x10c [ 3196.605113][T17262] el0t_64_sync_handler+0xa0/0xe4 [ 3196.605375][T17262] el0t_64_sync+0x1a4/0x1a8 [ 3200.042024][T17290] fuse: Bad value for 'rootmode' [ 3215.878552][T17388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3215.888800][T17388] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3222.769062][T17401] FAULT_INJECTION: forcing a failure. [ 3222.769062][T17401] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3222.769733][T17401] CPU: 1 UID: 0 PID: 17401 Comm: syz.2.4751 Not tainted syzkaller #0 PREEMPT [ 3222.770018][T17401] Hardware name: linux,dummy-virt (DT) [ 3222.770179][T17401] Call trace: [ 3222.770334][T17401] show_stack+0x18/0x24 (C) [ 3222.770639][T17401] dump_stack_lvl+0x78/0x90 [ 3222.770892][T17401] dump_stack+0x18/0x24 [ 3222.771145][T17401] should_fail_ex+0x1dc/0x234 [ 3222.771364][T17401] should_fail+0x14/0x24 [ 3222.771580][T17401] should_fail_usercopy+0x1c/0x28 [ 3222.771815][T17401] simple_read_from_buffer+0x5c/0x138 [ 3222.772054][T17401] proc_fail_nth_read+0xac/0x134 [ 3222.772292][T17401] vfs_read+0xc0/0x318 [ 3222.772594][T17401] ksys_read+0x6c/0x100 [ 3222.772860][T17401] __arm64_sys_read+0x1c/0x28 [ 3222.773101][T17401] invoke_syscall+0x48/0x110 [ 3222.773342][T17401] el0_svc_common.constprop.0+0x40/0xe0 [ 3222.773595][T17401] do_el0_svc+0x1c/0x28 [ 3222.773819][T17401] el0_svc+0x34/0x10c [ 3222.774041][T17401] el0t_64_sync_handler+0xa0/0xe4 [ 3222.774287][T17401] el0t_64_sync+0x1a4/0x1a8 [ 3226.446307][T17414] input: syz0 as /devices/virtual/input/input62 [ 3229.010668][T17429] FAULT_INJECTION: forcing a failure. [ 3229.010668][T17429] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3229.016041][T17429] CPU: 1 UID: 0 PID: 17429 Comm: syz.2.4761 Not tainted syzkaller #0 PREEMPT [ 3229.016394][T17429] Hardware name: linux,dummy-virt (DT) [ 3229.016514][T17429] Call trace: [ 3229.016604][T17429] show_stack+0x18/0x24 (C) [ 3229.016860][T17429] dump_stack_lvl+0x78/0x90 [ 3229.017117][T17429] dump_stack+0x18/0x24 [ 3229.017355][T17429] should_fail_ex+0x1dc/0x234 [ 3229.017596][T17429] should_fail+0x14/0x24 [ 3229.017822][T17429] should_fail_usercopy+0x1c/0x28 [ 3229.018053][T17429] _copy_from_iter+0x5c/0x65c [ 3229.018306][T17429] netlink_sendmsg+0x15c/0x3fc [ 3229.018542][T17429] __sock_sendmsg+0x54/0x60 [ 3229.018765][T17429] __sys_sendto+0x118/0x180 [ 3229.019005][T17429] __arm64_sys_sendto+0x28/0x38 [ 3229.019242][T17429] invoke_syscall+0x48/0x110 [ 3229.019485][T17429] el0_svc_common.constprop.0+0x40/0xe0 [ 3229.019708][T17429] do_el0_svc+0x1c/0x28 [ 3229.019918][T17429] el0_svc+0x34/0x10c [ 3229.020142][T17429] el0t_64_sync_handler+0xa0/0xe4 [ 3229.020358][T17429] el0t_64_sync+0x1a4/0x1a8 [ 3230.991965][T17442] fuse: Bad value for 'fd' [ 3231.835861][T17453] fuse: Bad value for 'fd' [ 3233.295831][T17458] FAULT_INJECTION: forcing a failure. [ 3233.295831][T17458] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3233.296617][T17458] CPU: 1 UID: 0 PID: 17458 Comm: syz.2.4773 Not tainted syzkaller #0 PREEMPT [ 3233.296830][T17458] Hardware name: linux,dummy-virt (DT) [ 3233.296902][T17458] Call trace: [ 3233.296976][T17458] show_stack+0x18/0x24 (C) [ 3233.297145][T17458] dump_stack_lvl+0x78/0x90 [ 3233.297297][T17458] dump_stack+0x18/0x24 [ 3233.297473][T17458] should_fail_ex+0x1dc/0x234 [ 3233.297619][T17458] should_fail+0x14/0x24 [ 3233.297770][T17458] should_fail_usercopy+0x1c/0x28 [ 3233.297936][T17458] preserve_sve_context+0x144/0x2bc [ 3233.298070][T17458] setup_rt_frame+0x86c/0x1264 [ 3233.298247][T17458] do_signal+0x2a8/0x3ec [ 3233.298444][T17458] do_notify_resume+0xe0/0x16c [ 3233.298593][T17458] el0_svc+0x108/0x10c [ 3233.298750][T17458] el0t_64_sync_handler+0xa0/0xe4 [ 3233.298888][T17458] el0t_64_sync+0x1a4/0x1a8 [ 3248.939597][T17513] FAULT_INJECTION: forcing a failure. [ 3248.939597][T17513] name failslab, interval 1, probability 0, space 0, times 0 [ 3248.942422][T17513] CPU: 1 UID: 0 PID: 17513 Comm: syz.1.4789 Not tainted syzkaller #0 PREEMPT [ 3248.942955][T17513] Hardware name: linux,dummy-virt (DT) [ 3248.943079][T17513] Call trace: [ 3248.943164][T17513] show_stack+0x18/0x24 (C) [ 3248.943417][T17513] dump_stack_lvl+0x78/0x90 [ 3248.943622][T17513] dump_stack+0x18/0x24 [ 3248.943853][T17513] should_fail_ex+0x1dc/0x234 [ 3248.944156][T17513] should_failslab+0x54/0x80 [ 3248.944368][T17513] __kmalloc_noprof+0xa8/0x430 [ 3248.944634][T17513] tomoyo_realpath_from_path+0x44/0x1b4 [ 3248.944860][T17513] tomoyo_path_number_perm+0xd8/0x20c [ 3248.945092][T17513] tomoyo_file_ioctl+0x1c/0x28 [ 3248.945300][T17513] security_file_ioctl+0x8c/0x19c [ 3248.945556][T17513] __arm64_sys_ioctl+0x48/0x104 [ 3248.945801][T17513] invoke_syscall+0x48/0x110 [ 3248.946042][T17513] el0_svc_common.constprop.0+0x40/0xe0 [ 3248.946309][T17513] do_el0_svc+0x1c/0x28 [ 3248.946555][T17513] el0_svc+0x34/0x10c [ 3248.946838][T17513] el0t_64_sync_handler+0xa0/0xe4 [ 3248.947094][T17513] el0t_64_sync+0x1a4/0x1a8 [ 3248.960505][T17513] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3251.524663][T17524] fuse: Unknown parameter 'grou00000000000000000000' [ 3252.969576][T17536] fuse: Unknown parameter 'grou00000000000000000000' [ 3254.249374][T17545] FAULT_INJECTION: forcing a failure. [ 3254.249374][T17545] name failslab, interval 1, probability 0, space 0, times 0 [ 3254.250091][T17545] CPU: 1 UID: 0 PID: 17545 Comm: syz.1.4802 Not tainted syzkaller #0 PREEMPT [ 3254.250374][T17545] Hardware name: linux,dummy-virt (DT) [ 3254.250496][T17545] Call trace: [ 3254.250674][T17545] show_stack+0x18/0x24 (C) [ 3254.250912][T17545] dump_stack_lvl+0x78/0x90 [ 3254.251189][T17545] dump_stack+0x18/0x24 [ 3254.251449][T17545] should_fail_ex+0x1dc/0x234 [ 3254.251676][T17545] should_failslab+0x54/0x80 [ 3254.251936][T17545] __kmalloc_noprof+0xa8/0x430 [ 3254.252269][T17545] tomoyo_encode2+0x7c/0x140 [ 3254.252583][T17545] tomoyo_encode+0x28/0x40 [ 3254.252938][T17545] tomoyo_realpath_from_path+0x80/0x1b4 [ 3254.253255][T17545] tomoyo_check_open_permission+0x120/0x188 [ 3254.253571][T17545] tomoyo_file_open+0x30/0x3c [ 3254.253848][T17545] security_file_open+0x74/0x148 [ 3254.254151][T17545] do_dentry_open+0xe4/0x51c [ 3254.254435][T17545] vfs_open+0x2c/0xe8 [ 3254.254724][T17545] path_openat+0x764/0xf9c [ 3254.255035][T17545] do_filp_open+0xa4/0x15c [ 3254.255339][T17545] do_sys_openat2+0x8c/0xe8 [ 3254.255617][T17545] __arm64_sys_openat+0x64/0xa8 [ 3254.255902][T17545] invoke_syscall+0x48/0x110 [ 3254.256242][T17545] el0_svc_common.constprop.0+0x40/0xe0 [ 3254.256542][T17545] do_el0_svc+0x1c/0x28 [ 3254.256836][T17545] el0_svc+0x34/0x10c [ 3254.257151][T17545] el0t_64_sync_handler+0xa0/0xe4 [ 3254.257429][T17545] el0t_64_sync+0x1a4/0x1a8 [ 3254.259234][T17545] ERROR: Out of memory at tomoyo_realpath_from_path. [ 3259.822425][T17571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3259.828933][T17571] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3261.539820][T17583] input: syz0 as /devices/virtual/input/input63 [ 3268.366048][T17597] fuse: Bad value for 'fd' [ 3274.177677][T17606] fuse: Bad value for 'group_id' [ 3274.185157][T17606] fuse: Bad value for 'group_id' [ 3277.128700][ T137] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3277.241128][ T137] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3277.305442][ T137] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3277.391271][ T137] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3278.959853][ T137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3279.017974][ T137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3279.076486][ T137] bond0 (unregistering): Released all slaves [ 3279.275571][ T137] hsr_slave_0: left promiscuous mode [ 3279.288287][ T137] hsr_slave_1: left promiscuous mode [ 3279.331214][ T137] veth1_macvtap: left promiscuous mode [ 3279.340571][ T137] veth0_macvtap: left promiscuous mode [ 3279.354326][ T137] veth1_vlan: left promiscuous mode [ 3279.357375][ T137] veth0_vlan: left promiscuous mode [ 3280.927918][T17620] lo speed is unknown, defaulting to 1000 [ 3282.719389][T17653] input: syz0 as /devices/virtual/input/input64 [ 3291.436974][T17620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3291.548041][T17620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3298.269883][T17620] hsr_slave_0: entered promiscuous mode [ 3298.291397][T17620] hsr_slave_1: entered promiscuous mode [ 3298.308745][T17620] debugfs: 'hsr0' already exists in 'hsr' [ 3298.334765][T17620] Cannot create hsr debugfs directory [ 3298.760850][T17699] fuse: Unknown parameter '' [ 3300.730781][T17620] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 3300.795639][T17620] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 3300.831894][T17620] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 3300.866987][T17620] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 3303.030494][T17620] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3309.369092][T17620] veth0_vlan: entered promiscuous mode [ 3309.431810][T17620] veth1_vlan: entered promiscuous mode [ 3309.646276][T17620] veth0_macvtap: entered promiscuous mode [ 3309.691528][T17620] veth1_macvtap: entered promiscuous mode [ 3309.970652][ T137] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3309.976108][ T137] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3309.989067][ T137] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3310.004119][T11800] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3314.032162][T17824] FAULT_INJECTION: forcing a failure. [ 3314.032162][T17824] name failslab, interval 1, probability 0, space 0, times 0 [ 3314.040222][T17824] CPU: 0 UID: 0 PID: 17824 Comm: syz.2.4846 Not tainted syzkaller #0 PREEMPT [ 3314.040547][T17824] Hardware name: linux,dummy-virt (DT) [ 3314.040672][T17824] Call trace: [ 3314.040764][T17824] show_stack+0x18/0x24 (C) [ 3314.041018][T17824] dump_stack_lvl+0x78/0x90 [ 3314.041272][T17824] dump_stack+0x18/0x24 [ 3314.041509][T17824] should_fail_ex+0x1dc/0x234 [ 3314.041719][T17824] should_failslab+0x54/0x80 [ 3314.041923][T17824] __kmalloc_noprof+0xa8/0x430 [ 3314.042180][T17824] __list_lru_init+0x48/0x144 [ 3314.042421][T17824] alloc_super+0x234/0x2ec [ 3314.042704][T17824] sget_fc+0x78/0x380 [ 3314.042945][T17824] get_tree_nodev+0x2c/0xb8 [ 3314.043186][T17824] fuse_get_tree+0xc0/0x190 [ 3314.043421][T17824] vfs_get_tree+0x28/0xec [ 3314.043644][T17824] path_mount+0x42c/0xa28 [ 3314.043902][T17824] __arm64_sys_mount+0x1b4/0x210 [ 3314.044168][T17824] invoke_syscall+0x48/0x110 [ 3314.044453][T17824] el0_svc_common.constprop.0+0x40/0xe0 [ 3314.044728][T17824] do_el0_svc+0x1c/0x28 [ 3314.044989][T17824] el0_svc+0x34/0x10c [ 3314.045258][T17824] el0t_64_sync_handler+0xa0/0xe4 [ 3314.045519][T17824] el0t_64_sync+0x1a4/0x1a8 [ 3315.785264][T17838] input: syz0 as /devices/virtual/input/input65 [ 3316.324169][T17842] fuse: Unknown parameter 'use00000000000000000000' [ 3326.507731][T17880] FAULT_INJECTION: forcing a failure. [ 3326.507731][T17880] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3326.515139][T17880] CPU: 1 UID: 0 PID: 17880 Comm: syz.2.4864 Not tainted syzkaller #0 PREEMPT [ 3326.515351][T17880] Hardware name: linux,dummy-virt (DT) [ 3326.515419][T17880] Call trace: [ 3326.515474][T17880] show_stack+0x18/0x24 (C) [ 3326.515659][T17880] dump_stack_lvl+0x78/0x90 [ 3326.515829][T17880] dump_stack+0x18/0x24 [ 3326.516033][T17880] should_fail_ex+0x1dc/0x234 [ 3326.516243][T17880] should_fail+0x14/0x24 [ 3326.516442][T17880] should_fail_usercopy+0x1c/0x28 [ 3326.516595][T17880] _inline_copy_from_user+0x24/0xb0 [ 3326.516731][T17880] copy_msghdr_from_user+0x54/0xcc [ 3326.516862][T17880] ___sys_sendmsg+0x8c/0x100 [ 3326.517043][T17880] __sys_sendmsg+0x98/0xf8 [ 3326.517174][T17880] __arm64_sys_sendmsg+0x24/0x30 [ 3326.517315][T17880] invoke_syscall+0x48/0x110 [ 3326.517480][T17880] el0_svc_common.constprop.0+0x40/0xe0 [ 3326.517621][T17880] do_el0_svc+0x1c/0x28 [ 3326.517813][T17880] el0_svc+0x34/0x10c [ 3326.517980][T17880] el0t_64_sync_handler+0xa0/0xe4 [ 3326.518175][T17880] el0t_64_sync+0x1a4/0x1a8 [ 3331.187325][T17904] fuse: Unknown parameter 'group_id00000000000000000000' [ 3331.807014][T17910] input: syz0 as /devices/virtual/input/input66 [ 3345.199963][T17927] FAULT_INJECTION: forcing a failure. [ 3345.199963][T17927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3345.209076][T17927] CPU: 1 UID: 0 PID: 17927 Comm: syz.1.4882 Not tainted syzkaller #0 PREEMPT [ 3345.209430][T17927] Hardware name: linux,dummy-virt (DT) [ 3345.209552][T17927] Call trace: [ 3345.209660][T17927] show_stack+0x18/0x24 (C) [ 3345.209918][T17927] dump_stack_lvl+0x78/0x90 [ 3345.210206][T17927] dump_stack+0x18/0x24 [ 3345.210450][T17927] should_fail_ex+0x1dc/0x234 [ 3345.210691][T17927] should_fail+0x14/0x24 [ 3345.210905][T17927] should_fail_usercopy+0x1c/0x28 [ 3345.211098][T17927] simple_read_from_buffer+0x5c/0x138 [ 3345.211316][T17927] proc_fail_nth_read+0xac/0x134 [ 3345.211532][T17927] vfs_read+0xc0/0x318 [ 3345.211747][T17927] ksys_read+0x6c/0x100 [ 3345.211975][T17927] __arm64_sys_read+0x1c/0x28 [ 3345.212213][T17927] invoke_syscall+0x48/0x110 [ 3345.212447][T17927] el0_svc_common.constprop.0+0x40/0xe0 [ 3345.212848][T17927] do_el0_svc+0x1c/0x28 [ 3345.213098][T17927] el0_svc+0x34/0x10c [ 3345.213349][T17927] el0t_64_sync_handler+0xa0/0xe4 [ 3345.213587][T17927] el0t_64_sync+0x1a4/0x1a8 [ 3352.273465][T17947] input: syz0 as /devices/virtual/input/input67 [ 3373.956976][T18003] input: syz0 as /devices/virtual/input/input68 [ 3380.011574][T18022] fuse: Unknown parameter '0x0000000000000003' [ 3383.242138][T18037] fuse: Unknown parameter '0x0000000000000003' [ 3388.911915][T18054] fuse: Unknown parameter 'fd0x0000000000000003' [ 3399.925420][T18086] fuse: Bad value for 'user_id' [ 3399.925790][T18086] fuse: Bad value for 'user_id' [ 3412.505460][T18127] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 3412.512190][T18127] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 3421.740629][T18177] fuse: Unknown parameter 'use00000000000000000000' [ 3428.971307][T18201] fuse: Unknown parameter 'group_i00000000000000000000' [ 3433.951753][T18217] fuse: Unknown parameter 'group_id00000000000000000000' [ 3439.323734][T18233] fuse: Unknown parameter 'group_id00000000000000000000' [ 3444.672224][T18248] fuse: Unknown parameter 'group_id00000000000000000000' [ 3448.199347][T18262] fuse: Bad value for 'user_id' [ 3448.199915][T18262] fuse: Bad value for 'user_id' [ 3454.406718][T18279] fuse: Bad value for 'user_id' [ 3454.411381][T18279] fuse: Bad value for 'user_id' [ 3460.071218][T18295] fuse: Bad value for 'user_id' [ 3460.090920][T18295] fuse: Bad value for 'user_id' [ 3475.309265][T18352] FAULT_INJECTION: forcing a failure. [ 3475.309265][T18352] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3475.315218][T18352] CPU: 1 UID: 0 PID: 18352 Comm: syz.1.5030 Not tainted syzkaller #0 PREEMPT [ 3475.315549][T18352] Hardware name: linux,dummy-virt (DT) [ 3475.315663][T18352] Call trace: [ 3475.315765][T18352] show_stack+0x18/0x24 (C) [ 3475.316049][T18352] dump_stack_lvl+0x78/0x90 [ 3475.316292][T18352] dump_stack+0x18/0x24 [ 3475.316526][T18352] should_fail_ex+0x1dc/0x234 [ 3475.316733][T18352] should_fail+0x14/0x24 [ 3475.316935][T18352] should_fail_usercopy+0x1c/0x28 [ 3475.317291][T18352] _copy_from_iter+0x5c/0x65c [ 3475.317535][T18352] netlink_sendmsg+0x15c/0x3fc [ 3475.317787][T18352] __sock_sendmsg+0x54/0x60 [ 3475.318044][T18352] ____sys_sendmsg+0x234/0x29c [ 3475.318320][T18352] ___sys_sendmsg+0xac/0x100 [ 3475.318551][T18352] __sys_sendmsg+0x98/0xf8 [ 3475.318801][T18352] __arm64_sys_sendmsg+0x24/0x30 [ 3475.319054][T18352] invoke_syscall+0x48/0x110 [ 3475.319305][T18352] el0_svc_common.constprop.0+0x40/0xe0 [ 3475.319552][T18352] do_el0_svc+0x1c/0x28 [ 3475.319790][T18352] el0_svc+0x34/0x10c [ 3475.320024][T18352] el0t_64_sync_handler+0xa0/0xe4 [ 3475.320258][T18352] el0t_64_sync+0x1a4/0x1a8 [ 3478.242417][T18360] fuse: Bad value for 'fd' [ 3483.691296][T18378] fuse: Bad value for 'fd' [ 3508.474328][T18461] fuse: Bad value for 'fd' [ 3514.516465][T18478] fuse: Bad value for 'fd' [ 3518.898295][T18499] fuse: Bad value for 'fd' [ 3520.619002][T18507] fuse: Bad value for 'fd' [ 3526.985697][T18538] fuse: Bad value for 'rootmode' [ 3530.681915][T18559] fuse: Bad value for 'rootmode' [ 3533.061534][T18579] fuse: Bad value for 'rootmode' [ 3537.068671][T18594] fuse: Unknown parameter 'use00000000000000000000' [ 3540.250296][T18608] fuse: Unknown parameter 'use00000000000000000000' [ 3540.640663][T18612] fuse: Bad value for 'fd' [ 3541.910630][T18620] fuse: Unknown parameter 'use00000000000000000000' [ 3543.527931][T18626] fuse: Bad value for 'fd' [ 3544.995512][T18634] fuse: Unknown parameter 'user_i00000000000000000000' [ 3547.140840][T18645] fuse: Unknown parameter 'user_i00000000000000000000' [ 3550.161043][T18658] fuse: Unknown parameter 'user_i00000000000000000000' [ 3553.015433][T18672] fuse: Unknown parameter 'user_id00000000000000000000' [ 3561.568219][T18700] fuse: Unknown parameter 'user_id00000000000000000000' [ 3562.717543][T18701] FAULT_INJECTION: forcing a failure. [ 3562.717543][T18701] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3562.724314][T18701] CPU: 1 UID: 0 PID: 18701 Comm: syz.2.5140 Not tainted syzkaller #0 PREEMPT [ 3562.724653][T18701] Hardware name: linux,dummy-virt (DT) [ 3562.724770][T18701] Call trace: [ 3562.724864][T18701] show_stack+0x18/0x24 (C) [ 3562.725121][T18701] dump_stack_lvl+0x78/0x90 [ 3562.725367][T18701] dump_stack+0x18/0x24 [ 3562.725602][T18701] should_fail_ex+0x1dc/0x234 [ 3562.725836][T18701] should_fail+0x14/0x24 [ 3562.726061][T18701] should_fail_usercopy+0x1c/0x28 [ 3562.726326][T18701] simple_read_from_buffer+0x5c/0x138 [ 3562.730375][T18701] proc_fail_nth_read+0xac/0x134 [ 3562.730611][T18701] vfs_read+0xc0/0x318 [ 3562.730839][T18701] ksys_read+0x6c/0x100 [ 3562.731063][T18701] __arm64_sys_read+0x1c/0x28 [ 3562.731293][T18701] invoke_syscall+0x48/0x110 [ 3562.731514][T18701] el0_svc_common.constprop.0+0x40/0xe0 [ 3562.731743][T18701] do_el0_svc+0x1c/0x28 [ 3562.731977][T18701] el0_svc+0x34/0x10c [ 3562.732204][T18701] el0t_64_sync_handler+0xa0/0xe4 [ 3562.733448][T18701] el0t_64_sync+0x1a4/0x1a8 [ 3566.139005][T18723] fuse: Bad value for 'fd' [ 3573.219712][T18755] FAULT_INJECTION: forcing a failure. [ 3573.219712][T18755] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3573.220299][T18755] CPU: 1 UID: 0 PID: 18755 Comm: syz.2.5154 Not tainted syzkaller #0 PREEMPT [ 3573.220569][T18755] Hardware name: linux,dummy-virt (DT) [ 3573.220708][T18755] Call trace: [ 3573.220810][T18755] show_stack+0x18/0x24 (C) [ 3573.221072][T18755] dump_stack_lvl+0x78/0x90 [ 3573.221321][T18755] dump_stack+0x18/0x24 [ 3573.221552][T18755] should_fail_ex+0x1dc/0x234 [ 3573.221783][T18755] should_fail+0x14/0x24 [ 3573.222008][T18755] should_fail_usercopy+0x1c/0x28 [ 3573.222273][T18755] simple_read_from_buffer+0x5c/0x138 [ 3573.222594][T18755] proc_fail_nth_read+0xac/0x134 [ 3573.224873][T18755] vfs_read+0xc0/0x318 [ 3573.225113][T18755] ksys_read+0x6c/0x100 [ 3573.225366][T18755] __arm64_sys_read+0x1c/0x28 [ 3573.225606][T18755] invoke_syscall+0x48/0x110 [ 3573.225901][T18755] el0_svc_common.constprop.0+0x40/0xe0 [ 3573.226164][T18755] do_el0_svc+0x1c/0x28 [ 3573.226412][T18755] el0_svc+0x34/0x10c [ 3573.226673][T18755] el0t_64_sync_handler+0xa0/0xe4 [ 3573.226943][T18755] el0t_64_sync+0x1a4/0x1a8 [ 3583.781277][T18799] fuse: Bad value for 'group_id' [ 3583.785206][T18799] fuse: Bad value for 'group_id' [ 3584.018352][T18801] FAULT_INJECTION: forcing a failure. [ 3584.018352][T18801] name failslab, interval 1, probability 0, space 0, times 0 [ 3584.020500][T18801] CPU: 1 UID: 0 PID: 18801 Comm: syz.1.5168 Not tainted syzkaller #0 PREEMPT [ 3584.020817][T18801] Hardware name: linux,dummy-virt (DT) [ 3584.020953][T18801] Call trace: [ 3584.021058][T18801] show_stack+0x18/0x24 (C) [ 3584.021341][T18801] dump_stack_lvl+0x78/0x90 [ 3584.021604][T18801] dump_stack+0x18/0x24 [ 3584.021835][T18801] should_fail_ex+0x1dc/0x234 [ 3584.022082][T18801] should_failslab+0x54/0x80 [ 3584.022378][T18801] kmem_cache_alloc_node_noprof+0x5c/0x370 [ 3584.022665][T18801] __alloc_skb+0x150/0x194 [ 3584.022901][T18801] netlink_alloc_large_skb+0x94/0xb8 [ 3584.023137][T18801] netlink_sendmsg+0x10c/0x3fc [ 3584.023391][T18801] __sock_sendmsg+0x54/0x60 [ 3584.023608][T18801] ____sys_sendmsg+0x234/0x29c [ 3584.023828][T18801] ___sys_sendmsg+0xac/0x100 [ 3584.024047][T18801] __sys_sendmsg+0x98/0xf8 [ 3584.024319][T18801] __arm64_sys_sendmsg+0x24/0x30 [ 3584.024568][T18801] invoke_syscall+0x48/0x110 [ 3584.024819][T18801] el0_svc_common.constprop.0+0x40/0xe0 [ 3584.025073][T18801] do_el0_svc+0x1c/0x28 [ 3584.025360][T18801] el0_svc+0x34/0x10c [ 3584.025614][T18801] el0t_64_sync_handler+0xa0/0xe4 [ 3584.025868][T18801] el0t_64_sync+0x1a4/0x1a8 [ 3584.904224][T18806] lo speed is unknown, defaulting to 1000 [ 3588.916058][T18820] FAULT_INJECTION: forcing a failure. [ 3588.916058][T18820] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3588.916623][T18820] CPU: 1 UID: 0 PID: 18820 Comm: syz.1.5174 Not tainted syzkaller #0 PREEMPT [ 3588.916884][T18820] Hardware name: linux,dummy-virt (DT) [ 3588.916996][T18820] Call trace: [ 3588.917088][T18820] show_stack+0x18/0x24 (C) [ 3588.918518][T18820] dump_stack_lvl+0x78/0x90 [ 3588.921673][T18820] dump_stack+0x18/0x24 [ 3588.921975][T18820] should_fail_ex+0x1dc/0x234 [ 3588.922249][T18820] should_fail+0x14/0x24 [ 3588.922480][T18820] should_fail_usercopy+0x1c/0x28 [ 3588.922730][T18820] setup_rt_frame+0x33c/0x1264 [ 3588.922940][T18820] do_signal+0x2a8/0x3ec [ 3588.923183][T18820] do_notify_resume+0xe0/0x16c [ 3588.923393][T18820] el0_svc+0x108/0x10c [ 3588.923597][T18820] el0t_64_sync_handler+0xa0/0xe4 [ 3588.923814][T18820] el0t_64_sync+0x1a4/0x1a8 [ 3589.996112][T18832] fuse: Unknown parameter 'grou00000000000000000000' [ 3594.229780][T18852] fuse: Unknown parameter 'grou00000000000000000000' [ 3594.803190][T18857] FAULT_INJECTION: forcing a failure. [ 3594.803190][T18857] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3594.809209][T18857] CPU: 1 UID: 0 PID: 18857 Comm: syz.2.5185 Not tainted syzkaller #0 PREEMPT [ 3594.809537][T18857] Hardware name: linux,dummy-virt (DT) [ 3594.809658][T18857] Call trace: [ 3594.809754][T18857] show_stack+0x18/0x24 (C) [ 3594.810025][T18857] dump_stack_lvl+0x78/0x90 [ 3594.810301][T18857] dump_stack+0x18/0x24 [ 3594.810537][T18857] should_fail_ex+0x1dc/0x234 [ 3594.810773][T18857] should_fail+0x14/0x24 [ 3594.811005][T18857] should_fail_usercopy+0x1c/0x28 [ 3594.811238][T18857] _inline_copy_from_user+0x24/0xb0 [ 3594.811482][T18857] copy_msghdr_from_user+0x54/0xcc [ 3594.811721][T18857] ___sys_sendmsg+0x8c/0x100 [ 3594.811958][T18857] __sys_sendmsg+0x98/0xf8 [ 3594.812199][T18857] __arm64_sys_sendmsg+0x24/0x30 [ 3594.812437][T18857] invoke_syscall+0x48/0x110 [ 3594.812739][T18857] el0_svc_common.constprop.0+0x40/0xe0 [ 3594.812992][T18857] do_el0_svc+0x1c/0x28 [ 3594.813231][T18857] el0_svc+0x34/0x10c [ 3594.813471][T18857] el0t_64_sync_handler+0xa0/0xe4 [ 3594.813710][T18857] el0t_64_sync+0x1a4/0x1a8 [ 3598.468291][T18896] fuse: Unknown parameter 'grou00000000000000000000' [ 3598.736610][T18899] input: syz0 as /devices/virtual/input/input72 [ 3599.987826][T18910] fuse: Unknown parameter '0x0000000000000003' [ 3600.446981][T18912] fuse: Bad value for 'group_id' [ 3600.449760][T18912] fuse: Bad value for 'group_id' [ 3601.140308][T18920] fuse: Unknown parameter 'fd0x0000000000000003' [ 3603.500375][T18933] fuse: Unknown parameter 'group_i00000000000000000000' [ 3603.792356][T18935] fuse: Unknown parameter 'fd0x0000000000000003' [ 3604.703604][T18937] FAULT_INJECTION: forcing a failure. [ 3604.703604][T18937] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3604.704250][T18937] CPU: 0 UID: 0 PID: 18937 Comm: syz.2.5206 Not tainted syzkaller #0 PREEMPT [ 3604.704572][T18937] Hardware name: linux,dummy-virt (DT) [ 3604.704696][T18937] Call trace: [ 3604.704845][T18937] show_stack+0x18/0x24 (C) [ 3604.705071][T18937] dump_stack_lvl+0x78/0x90 [ 3604.705272][T18937] dump_stack+0x18/0x24 [ 3604.705450][T18937] should_fail_ex+0x1dc/0x234 [ 3604.705626][T18937] should_fail+0x14/0x24 [ 3604.705800][T18937] should_fail_usercopy+0x1c/0x28 [ 3604.705973][T18937] strncpy_from_user+0x24/0x1a0 [ 3604.706188][T18937] getname_flags.part.0+0x48/0x1bc [ 3604.706395][T18937] getname_flags+0x38/0x60 [ 3604.706620][T18937] do_sys_openat2+0x5c/0xe8 [ 3604.706810][T18937] __arm64_sys_openat+0x64/0xa8 [ 3604.706989][T18937] invoke_syscall+0x48/0x110 [ 3604.707182][T18937] el0_svc_common.constprop.0+0x40/0xe0 [ 3604.707408][T18937] do_el0_svc+0x1c/0x28 [ 3604.707615][T18937] el0_svc+0x34/0x10c [ 3604.707825][T18937] el0t_64_sync_handler+0xa0/0xe4 [ 3604.708033][T18937] el0t_64_sync+0x1a4/0x1a8 [ 3607.701700][T18947] fuse: Unknown parameter 'group_i00000000000000000000' [ 3608.001104][T18949] fuse: Unknown parameter 'fd0x0000000000000003' [ 3611.937279][T18959] fuse: Unknown parameter 'group_id00000000000000000000' [ 3631.976002][T18997] fuse: Bad value for 'fd' [ 3632.404698][T19000] fuse: Unknown parameter 'group_id00000000000000000000' [ 3632.630751][T19003] FAULT_INJECTION: forcing a failure. [ 3632.630751][T19003] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3632.631367][T19003] CPU: 1 UID: 0 PID: 19003 Comm: syz.1.5230 Not tainted syzkaller #0 PREEMPT [ 3632.631660][T19003] Hardware name: linux,dummy-virt (DT) [ 3632.631779][T19003] Call trace: [ 3632.631876][T19003] show_stack+0x18/0x24 (C) [ 3632.632147][T19003] dump_stack_lvl+0x78/0x90 [ 3632.632387][T19003] dump_stack+0x18/0x24 [ 3632.632685][T19003] should_fail_ex+0x1dc/0x234 [ 3632.632920][T19003] should_fail+0x14/0x24 [ 3632.633156][T19003] should_fail_usercopy+0x1c/0x28 [ 3632.633386][T19003] _inline_copy_from_user+0x24/0xb0 [ 3632.633626][T19003] get_user_ifreq+0x6c/0x88 [ 3632.633859][T19003] sock_ioctl+0x24c/0x350 [ 3632.634064][T19003] __arm64_sys_ioctl+0xac/0x104 [ 3632.634300][T19003] invoke_syscall+0x48/0x110 [ 3632.634498][T19003] el0_svc_common.constprop.0+0x40/0xe0 [ 3632.634693][T19003] do_el0_svc+0x1c/0x28 [ 3632.634889][T19003] el0_svc+0x34/0x10c [ 3632.635105][T19003] el0t_64_sync_handler+0xa0/0xe4 [ 3632.635310][T19003] el0t_64_sync+0x1a4/0x1a8 [ 3634.484876][T19009] fuse: Bad value for 'fd' [ 3638.729060][T19022] fuse: Bad value for 'fd' [ 3639.751875][T19027] fuse: Bad value for 'fd' [ 3650.482003][T19063] fuse: Unknown parameter 'grou00000000000000000000' [ 3654.935325][T19076] fuse: Unknown parameter 'group_i00000000000000000000' [ 3655.326670][T19079] fuse: Bad value for 'fd' [ 3658.131204][T19089] fuse: Unknown parameter 'group_i00000000000000000000' [ 3662.070653][T19107] fuse: Unknown parameter 'group_i00000000000000000000' [ 3684.409126][T19153] fuse: Bad value for 'fd' [ 3693.665106][T19180] fuse: Bad value for 'fd' [ 3697.379895][T19193] fuse: Bad value for 'fd' [ 3697.705503][T19195] fuse: Unknown parameter 'user_i00000000000000000000' [ 3697.941396][T19199] fuse: Bad value for 'fd' [ 3698.471341][T19202] fuse: Unknown parameter 'user_i00000000000000000000' [ 3698.800998][T19204] fuse: Unknown parameter 'grou00000000000000000000' [ 3699.730445][T19208] fuse: Unknown parameter 'user_i00000000000000000000' [ 3699.946902][T19211] FAULT_INJECTION: forcing a failure. [ 3699.946902][T19211] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3699.947509][T19211] CPU: 0 UID: 0 PID: 19211 Comm: syz.2.5302 Not tainted syzkaller #0 PREEMPT [ 3699.950298][T19211] Hardware name: linux,dummy-virt (DT) [ 3699.950429][T19211] Call trace: [ 3699.955662][T19211] show_stack+0x18/0x24 (C) [ 3699.956055][T19211] dump_stack_lvl+0x78/0x90 [ 3699.956313][T19211] dump_stack+0x18/0x24 [ 3699.956539][T19211] should_fail_ex+0x1dc/0x234 [ 3699.956735][T19211] should_fail+0x14/0x24 [ 3699.956913][T19211] should_fail_usercopy+0x1c/0x28 [ 3699.957114][T19211] simple_read_from_buffer+0x5c/0x138 [ 3699.957351][T19211] proc_fail_nth_read+0xac/0x134 [ 3699.957565][T19211] vfs_read+0xc0/0x318 [ 3699.957767][T19211] ksys_read+0x6c/0x100 [ 3699.957982][T19211] __arm64_sys_read+0x1c/0x28 [ 3699.958234][T19211] invoke_syscall+0x48/0x110 [ 3699.958447][T19211] el0_svc_common.constprop.0+0x40/0xe0 [ 3699.958657][T19211] do_el0_svc+0x1c/0x28 [ 3699.958878][T19211] el0_svc+0x34/0x10c [ 3699.959096][T19211] el0t_64_sync_handler+0xa0/0xe4 [ 3699.959333][T19211] el0t_64_sync+0x1a4/0x1a8 [ 3700.238739][T19213] fuse: Unknown parameter 'user_i00000000000000000000' [ 3700.495641][T19215] fuse: Unknown parameter 'grou00000000000000000000' [ 3701.949734][T19222] fuse: Unknown parameter 'user_i00000000000000000000' [ 3702.212317][T19224] fuse: Unknown parameter 'user_i00000000000000000000' [ 3702.591915][T19226] fuse: Unknown parameter 'group_i00000000000000000000' [ 3703.267365][T19231] fuse: Unknown parameter 'user_id00000000000000000000' [ 3703.499279][T19232] input: syz0 as /devices/virtual/input/input73 [ 3703.856432][T19234] fuse: Unknown parameter 'user_id00000000000000000000' [ 3717.018000][T19248] fuse: Unknown parameter 'user_id00000000000000000000' [ 3723.458567][T19279] input: syz0 as /devices/virtual/input/input74 [ 3741.450329][T19304] fuse: Unknown parameter 'user_id00000000000000000000' [ 3741.946791][T19308] fuse: Bad value for 'fd' [ 3742.239977][T19310] input: syz0 as /devices/virtual/input/input75 [ 3744.135603][T19315] fuse: Unknown parameter 'user_id00000000000000000000' [ 3744.589049][T19317] fuse: Bad value for 'fd' [ 3745.078624][T19319] fuse: Bad value for 'fd' [ 3751.011026][T19326] fuse: Bad value for 'fd' [ 3751.335581][T19328] fuse: Bad value for 'fd' [ 3751.906005][T19331] fuse: Invalid rootmode [ 3760.258618][T19339] fuse: Bad value for 'fd' [ 3760.458516][T19343] fuse: Invalid rootmode [ 3761.921172][T19350] input: syz0 as /devices/virtual/input/input76 [ 3763.036085][T19352] fuse: Bad value for 'fd' [ 3763.775686][T19354] fuse: Invalid rootmode [ 3769.376467][T19360] fuse: Bad value for 'group_id' [ 3769.383750][T19360] fuse: Bad value for 'group_id' [ 3772.230704][T19366] fuse: Unknown parameter '0x0000000000000003' [ 3773.006590][T19368] fuse: Bad value for 'rootmode' [ 3773.490838][T19370] fuse: Unknown parameter 'group_i00000000000000000000' [ 3774.131090][T19372] fuse: Bad value for 'group_id' [ 3774.139274][T19372] fuse: Bad value for 'group_id' [ 3777.147421][T19377] fuse: Unknown parameter '0x0000000000000003' [ 3777.621089][T19379] fuse: Bad value for 'rootmode' [ 3777.852122][T19381] fuse: Unknown parameter 'group_i00000000000000000000' [ 3778.221967][T19383] fuse: Bad value for 'group_id' [ 3778.243482][T19383] fuse: Bad value for 'group_id' [ 3778.857467][T19388] fuse: Unknown parameter 'fd0x0000000000000003' [ 3779.071134][T19390] fuse: Bad value for 'rootmode' [ 3779.351623][T19392] fuse: Unknown parameter 'group_i00000000000000000000' [ 3780.088671][T19398] fuse: Unknown parameter 'fd0x0000000000000003' [ 3780.326439][T19400] fuse: Unknown parameter 'use00000000000000000000' [ 3780.795087][T19403] fuse: Unknown parameter 'group_id00000000000000000000' [ 3781.449505][T19409] fuse: Unknown parameter 'fd0x0000000000000003' [ 3781.625268][T19412] fuse: Unknown parameter 'use00000000000000000000' [ 3782.036430][T19414] input: syz0 as /devices/virtual/input/input77 [ 3783.572157][T19418] fuse: Unknown parameter 'group_id00000000000000000000' [ 3787.558192][T19425] fuse: Unknown parameter 'use00000000000000000000' [ 3788.188583][T19428] fuse: Unknown parameter '0x0000000000000003' [ 3788.760653][T19430] fuse: Unknown parameter 'group_id00000000000000000000' [ 3796.941258][T19443] fuse: Unknown parameter '0x0000000000000003' [ 3801.395320][T19459] fuse: Unknown parameter '0x0000000000000003' [ 3804.188809][T19465] input: syz0 as /devices/virtual/input/input78 [ 3805.395772][T19471] fuse: Unknown parameter 'user_id00000000000000000000' [ 3811.484628][T19480] fuse: Bad value for 'fd' [ 3815.064595][T19486] fuse: Unknown parameter 'user_id00000000000000000000' [ 3821.542086][T19501] fuse: Bad value for 'fd' [ 3824.096051][T19520] fuse: Bad value for 'fd' [ 3824.427705][T19522] input: syz0 as /devices/virtual/input/input79 [ 3828.263908][T19531] dlm: non-version read from control device 0 [ 3836.767147][T19548] fuse: Unknown parameter 'group_id00000000000000000000' [ 3842.655600][T19562] fuse: Unknown parameter 'group_id00000000000000000000' [ 3843.207701][T19568] input: syz0 as /devices/virtual/input/input80 [ 3844.116839][T19573] fuse: Unknown parameter 'fd0x0000000000000003' [ 3844.761420][T19575] fuse: Bad value for 'group_id' [ 3844.775119][T19575] fuse: Bad value for 'group_id' [ 3845.765529][T19579] fuse: Bad value for 'fd' [ 3847.520392][T19584] fuse: Unknown parameter 'fd0x0000000000000003' [ 3850.111748][T19589] FAULT_INJECTION: forcing a failure. [ 3850.111748][T19589] name failslab, interval 1, probability 0, space 0, times 0 [ 3850.131065][T19589] CPU: 1 UID: 0 PID: 19589 Comm: syz.1.5441 Not tainted syzkaller #0 PREEMPT [ 3850.131430][T19589] Hardware name: linux,dummy-virt (DT) [ 3850.131547][T19589] Call trace: [ 3850.131640][T19589] show_stack+0x18/0x24 (C) [ 3850.131900][T19589] dump_stack_lvl+0x78/0x90 [ 3850.132135][T19589] dump_stack+0x18/0x24 [ 3850.132368][T19589] should_fail_ex+0x1dc/0x234 [ 3850.132686][T19589] should_failslab+0x54/0x80 [ 3850.132971][T19589] __kvmalloc_node_noprof+0x114/0x528 [ 3850.133252][T19589] simple_xattr_alloc+0x38/0x74 [ 3850.133484][T19589] simple_xattr_set+0x38/0x1ac [ 3850.133716][T19589] shmem_xattr_handler_set+0x184/0x1a8 [ 3850.133950][T19589] __vfs_setxattr+0xac/0xe8 [ 3850.134208][T19589] __vfs_setxattr_noperm+0x88/0x22c [ 3850.134431][T19589] __vfs_setxattr_locked+0xe0/0x120 [ 3850.134650][T19589] vfs_setxattr+0x94/0x170 [ 3850.134886][T19589] do_setxattr+0xa0/0xb8 [ 3850.135120][T19589] file_setxattr+0x64/0xb0 [ 3850.135364][T19589] path_setxattrat+0x10c/0x18c [ 3850.135582][T19589] __arm64_sys_fsetxattr+0x2c/0x3c [ 3850.135812][T19589] invoke_syscall+0x48/0x110 [ 3850.136042][T19589] el0_svc_common.constprop.0+0x40/0xe0 [ 3850.136277][T19589] do_el0_svc+0x1c/0x28 [ 3850.136496][T19589] el0_svc+0x34/0x10c [ 3850.136754][T19589] el0t_64_sync_handler+0xa0/0xe4 [ 3850.136982][T19589] el0t_64_sync+0x1a4/0x1a8 [ 3863.397078][T19630] input: syz0 as /devices/virtual/input/input81 [ 3864.458757][ C0] vkms_vblank_simulate: vblank timer overrun [ 3877.993388][T19654] FAULT_INJECTION: forcing a failure. [ 3877.993388][T19654] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3877.993987][T19654] CPU: 1 UID: 0 PID: 19654 Comm: syz.1.5461 Not tainted syzkaller #0 PREEMPT [ 3877.994316][T19654] Hardware name: linux,dummy-virt (DT) [ 3877.994432][T19654] Call trace: [ 3877.994529][T19654] show_stack+0x18/0x24 (C) [ 3877.994789][T19654] dump_stack_lvl+0x78/0x90 [ 3877.995039][T19654] dump_stack+0x18/0x24 [ 3877.995262][T19654] should_fail_ex+0x1dc/0x234 [ 3877.995492][T19654] should_fail+0x14/0x24 [ 3877.995720][T19654] should_fail_usercopy+0x1c/0x28 [ 3877.995962][T19654] _copy_from_iter+0x5c/0x65c [ 3877.996196][T19654] isotp_sendmsg+0x1e0/0x7ec [ 3877.996422][T19654] __sock_sendmsg+0x54/0x60 [ 3877.996647][T19654] ____sys_sendmsg+0x234/0x29c [ 3877.996882][T19654] ___sys_sendmsg+0xac/0x100 [ 3877.997113][T19654] __sys_sendmsg+0x98/0xf8 [ 3877.997337][T19654] __arm64_sys_sendmsg+0x24/0x30 [ 3877.997571][T19654] invoke_syscall+0x48/0x110 [ 3877.997805][T19654] el0_svc_common.constprop.0+0x40/0xe0 [ 3877.998061][T19654] do_el0_svc+0x1c/0x28 [ 3877.998343][T19654] el0_svc+0x34/0x10c [ 3877.998600][T19654] el0t_64_sync_handler+0xa0/0xe4 [ 3877.998831][T19654] el0t_64_sync+0x1a4/0x1a8 [ 3879.472066][ T137] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3879.665584][ T137] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3879.849665][ T137] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3880.069811][ T137] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 3882.288976][ T137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 3882.346296][ T137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 3882.397101][ T137] bond0 (unregistering): Released all slaves [ 3882.659539][ T137] hsr_slave_0: left promiscuous mode [ 3882.672314][ T137] hsr_slave_1: left promiscuous mode [ 3882.711606][ T137] veth1_macvtap: left promiscuous mode [ 3882.715373][ T137] veth0_macvtap: left promiscuous mode [ 3882.718201][ T137] veth1_vlan: left promiscuous mode [ 3882.721603][ T137] veth0_vlan: left promiscuous mode [ 3885.174412][T19659] lo speed is unknown, defaulting to 1000 [ 3887.922258][T19693] input: syz0 as /devices/virtual/input/input82 [ 3895.855827][T19659] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 3895.969802][T19659] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 3901.506402][T19659] hsr_slave_0: entered promiscuous mode [ 3901.519913][T19659] hsr_slave_1: entered promiscuous mode [ 3901.539175][T19659] debugfs: 'hsr0' already exists in 'hsr' [ 3901.544789][T19659] Cannot create hsr debugfs directory [ 3905.291928][T19659] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 3905.354840][T19659] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 3905.399623][T19659] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 3905.480564][T19659] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 3907.578406][T19659] 8021q: adding VLAN 0 to HW filter on device bond0 [ 3911.858708][T19791] input: syz0 as /devices/virtual/input/input83 [ 3916.851634][T19659] veth0_vlan: entered promiscuous mode [ 3916.999762][T19659] veth1_vlan: entered promiscuous mode [ 3917.299573][T19659] veth0_macvtap: entered promiscuous mode [ 3917.393222][T19659] veth1_macvtap: entered promiscuous mode [ 3917.880395][ T7565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 3917.898298][ T39] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 3917.899137][ T39] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 3917.899576][ T39] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 3933.207260][T19854] FAULT_INJECTION: forcing a failure. [ 3933.207260][T19854] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 3933.207836][T19854] CPU: 1 UID: 0 PID: 19854 Comm: syz.1.5480 Not tainted syzkaller #0 PREEMPT [ 3933.208111][T19854] Hardware name: linux,dummy-virt (DT) [ 3933.208226][T19854] Call trace: [ 3933.208314][T19854] show_stack+0x18/0x24 (C) [ 3933.214651][T19854] dump_stack_lvl+0x78/0x90 [ 3933.220113][T19854] dump_stack+0x18/0x24 [ 3933.222162][T19854] should_fail_ex+0x1dc/0x234 [ 3933.222464][T19854] should_fail+0x14/0x24 [ 3933.222745][T19854] should_fail_usercopy+0x1c/0x28 [ 3933.222996][T19854] ip6gre_tunnel_siocdevprivate+0xd0/0x430 [ 3933.223667][T19854] dev_ifsioc+0x108/0x634 [ 3933.225244][T19854] dev_ioctl+0x55c/0x57c [ 3933.225493][T19854] sock_ioctl+0x268/0x350 [ 3933.225717][T19854] __arm64_sys_ioctl+0xac/0x104 [ 3933.225940][T19854] invoke_syscall+0x48/0x110 [ 3933.226219][T19854] el0_svc_common.constprop.0+0x40/0xe0 [ 3933.226488][T19854] do_el0_svc+0x1c/0x28 [ 3933.226701][T19854] el0_svc+0x34/0x10c [ 3933.231286][T19854] el0t_64_sync_handler+0xa0/0xe4 [ 3933.231543][T19854] el0t_64_sync+0x1a4/0x1a8 [ 3936.438090][T19859] fuse: Unknown parameter 'grou00000000000000000000' [ 3943.130736][T19876] fuse: Unknown parameter 'grou00000000000000000000' [ 3943.605405][T19880] input: syz0 as /devices/virtual/input/input84 [ 3955.288809][T19898] fuse: Unknown parameter 'grou00000000000000000000' [ 3961.457248][T19911] fuse: Unknown parameter 'group_i00000000000000000000' [ 3961.699266][T19913] FAULT_INJECTION: forcing a failure. [ 3961.699266][T19913] name failslab, interval 1, probability 0, space 0, times 0 [ 3961.706952][T19913] CPU: 1 UID: 0 PID: 19913 Comm: syz.2.5499 Not tainted syzkaller #0 PREEMPT [ 3961.707322][T19913] Hardware name: linux,dummy-virt (DT) [ 3961.707438][T19913] Call trace: [ 3961.707528][T19913] show_stack+0x18/0x24 (C) [ 3961.707823][T19913] dump_stack_lvl+0x78/0x90 [ 3961.708082][T19913] dump_stack+0x18/0x24 [ 3961.708304][T19913] should_fail_ex+0x1dc/0x234 [ 3961.708583][T19913] should_failslab+0x54/0x80 [ 3961.708873][T19913] __kmalloc_node_track_caller_noprof+0xac/0x404 [ 3961.709157][T19913] kstrdup+0x48/0x84 [ 3961.709414][T19913] simple_xattr_set+0x50/0x1ac [ 3961.709695][T19913] shmem_xattr_handler_set+0x184/0x1a8 [ 3961.709983][T19913] __vfs_setxattr+0xac/0xe8 [ 3961.710275][T19913] __vfs_setxattr_noperm+0x88/0x22c [ 3961.710552][T19913] __vfs_setxattr_locked+0xe0/0x120 [ 3961.710823][T19913] vfs_setxattr+0x94/0x170 [ 3961.711103][T19913] do_setxattr+0xa0/0xb8 [ 3961.711381][T19913] file_setxattr+0x64/0xb0 [ 3961.711662][T19913] path_setxattrat+0x10c/0x18c [ 3961.711916][T19913] __arm64_sys_fsetxattr+0x2c/0x3c [ 3961.712164][T19913] invoke_syscall+0x48/0x110 [ 3961.712398][T19913] el0_svc_common.constprop.0+0x40/0xe0 [ 3961.712728][T19913] do_el0_svc+0x1c/0x28 [ 3961.712987][T19913] el0_svc+0x34/0x10c [ 3961.713286][T19913] el0t_64_sync_handler+0xa0/0xe4 [ 3961.713580][T19913] el0t_64_sync+0x1a4/0x1a8 [ 3969.237418][T19926] fuse: Unknown parameter 'group_i00000000000000000000' [ 3970.642227][T19936] input: syz0 as /devices/virtual/input/input85 [ 3973.176883][T19940] fuse: Unknown parameter 'group_i00000000000000000000' [ 3995.490610][T19964] FAULT_INJECTION: forcing a failure. [ 3995.490610][T19964] name failslab, interval 1, probability 0, space 0, times 0 [ 3995.500128][T19964] CPU: 0 UID: 0 PID: 19964 Comm: syz.2.5513 Not tainted syzkaller #0 PREEMPT [ 3995.500506][T19964] Hardware name: linux,dummy-virt (DT) [ 3995.500634][T19964] Call trace: [ 3995.500734][T19964] show_stack+0x18/0x24 (C) [ 3995.501008][T19964] dump_stack_lvl+0x78/0x90 [ 3995.501260][T19964] dump_stack+0x18/0x24 [ 3995.501515][T19964] should_fail_ex+0x1dc/0x234 [ 3995.501774][T19964] should_failslab+0x54/0x80 [ 3995.502023][T19964] __kmalloc_noprof+0xa8/0x430 [ 3995.502313][T19964] tomoyo_realpath_from_path+0x44/0x1b4 [ 3995.502633][T19964] tomoyo_path_number_perm+0xd8/0x20c [ 3995.502894][T19964] tomoyo_file_ioctl+0x1c/0x28 [ 3995.503141][T19964] security_file_ioctl+0x8c/0x19c [ 3995.503409][T19964] __arm64_sys_ioctl+0x48/0x104 [ 3995.503701][T19964] invoke_syscall+0x48/0x110 [ 3995.504000][T19964] el0_svc_common.constprop.0+0x40/0xe0 [ 3995.504264][T19964] do_el0_svc+0x1c/0x28 [ 3995.504522][T19964] el0_svc+0x34/0x10c [ 3995.504778][T19964] el0t_64_sync_handler+0xa0/0xe4 [ 3995.505033][T19964] el0t_64_sync+0x1a4/0x1a8 [ 3995.527670][T19964] ERROR: Out of memory at tomoyo_realpath_from_path. [ 4013.967514][T20038] FAULT_INJECTION: forcing a failure. [ 4013.967514][T20038] name failslab, interval 1, probability 0, space 0, times 0 [ 4013.968006][T20038] CPU: 0 UID: 0 PID: 20038 Comm: syz.2.5535 Not tainted syzkaller #0 PREEMPT [ 4013.968307][T20038] Hardware name: linux,dummy-virt (DT) [ 4013.968428][T20038] Call trace: [ 4013.968524][T20038] show_stack+0x18/0x24 (C) [ 4013.968845][T20038] dump_stack_lvl+0x78/0x90 [ 4013.969453][T20038] dump_stack+0x18/0x24 [ 4013.969694][T20038] should_fail_ex+0x1dc/0x234 [ 4013.969934][T20038] should_failslab+0x54/0x80 [ 4013.970235][T20038] kmem_cache_alloc_noprof+0x54/0x368 [ 4013.970489][T20038] skb_clone+0x60/0xc4 [ 4013.970733][T20038] __netlink_deliver_tap+0xf8/0x28c [ 4013.970976][T20038] netlink_unicast+0x2e8/0x314 [ 4013.971225][T20038] netlink_sendmsg+0x194/0x3fc [ 4013.971541][T20038] __sock_sendmsg+0x54/0x60 [ 4013.971803][T20038] ____sys_sendmsg+0x234/0x29c [ 4013.972130][T20038] ___sys_sendmsg+0xac/0x100 [ 4013.972406][T20038] __sys_sendmsg+0x98/0xf8 [ 4013.972686][T20038] __arm64_sys_sendmsg+0x24/0x30 [ 4013.972972][T20038] invoke_syscall+0x48/0x110 [ 4013.973269][T20038] el0_svc_common.constprop.0+0x40/0xe0 [ 4013.973568][T20038] do_el0_svc+0x1c/0x28 [ 4013.973861][T20038] el0_svc+0x34/0x10c [ 4013.975666][T20038] el0t_64_sync_handler+0xa0/0xe4 [ 4013.975960][T20038] el0t_64_sync+0x1a4/0x1a8 [ 4018.142383][T20067] can: request_module (can-proto-5) failed. [ 4018.669102][T20072] fuse: Bad value for 'fd' [ 4021.421046][T20083] input: syz0 as /devices/virtual/input/input86 [ 4025.090216][T20093] fuse: Bad value for 'fd' [ 4031.720745][T20108] fuse: Bad value for 'fd' [ 4053.096320][T20177] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4053.105138][T20177] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4053.734658][T20182] fuse: Bad value for 'fd' [ 4086.810132][T20275] FAULT_INJECTION: forcing a failure. [ 4086.810132][T20275] name failslab, interval 1, probability 0, space 0, times 0 [ 4086.810623][T20275] CPU: 1 UID: 0 PID: 20275 Comm: syz.1.5616 Not tainted syzkaller #0 PREEMPT [ 4086.810928][T20275] Hardware name: linux,dummy-virt (DT) [ 4086.811051][T20275] Call trace: [ 4086.811154][T20275] show_stack+0x18/0x24 (C) [ 4086.813003][T20275] dump_stack_lvl+0x78/0x90 [ 4086.817087][T20275] dump_stack+0x18/0x24 [ 4086.817348][T20275] should_fail_ex+0x1dc/0x234 [ 4086.817566][T20275] should_failslab+0x54/0x80 [ 4086.817769][T20275] __kmalloc_cache_noprof+0x54/0x390 [ 4086.817986][T20275] device_create_groups_vargs+0x58/0x134 [ 4086.818242][T20275] device_create+0x5c/0x84 [ 4086.818453][T20275] bdi_register_va+0x80/0x244 [ 4086.818663][T20275] super_setup_bdi_name+0x84/0x100 [ 4086.818890][T20275] fuse_fill_super_common+0x188/0x434 [ 4086.819118][T20275] fuse_fill_super+0x64/0xb8 [ 4086.819334][T20275] get_tree_nodev+0x70/0xb8 [ 4086.819537][T20275] fuse_get_tree+0xc0/0x190 [ 4086.819746][T20275] vfs_get_tree+0x28/0xec [ 4086.819960][T20275] path_mount+0x42c/0xa28 [ 4086.820264][T20275] __arm64_sys_mount+0x1b4/0x210 [ 4086.820467][T20275] invoke_syscall+0x48/0x110 [ 4086.820703][T20275] el0_svc_common.constprop.0+0x40/0xe0 [ 4086.820938][T20275] do_el0_svc+0x1c/0x28 [ 4086.821183][T20275] el0_svc+0x34/0x10c [ 4086.821420][T20275] el0t_64_sync_handler+0xa0/0xe4 [ 4086.821661][T20275] el0t_64_sync+0x1a4/0x1a8 [ 4087.950794][T20287] fuse: Bad value for 'fd' [ 4088.617791][T20295] FAULT_INJECTION: forcing a failure. [ 4088.617791][T20295] name failslab, interval 1, probability 0, space 0, times 0 [ 4088.618495][T20295] CPU: 1 UID: 0 PID: 20295 Comm: syz.1.5626 Not tainted syzkaller #0 PREEMPT [ 4088.618774][T20295] Hardware name: linux,dummy-virt (DT) [ 4088.618888][T20295] Call trace: [ 4088.619095][T20295] show_stack+0x18/0x24 (C) [ 4088.619431][T20295] dump_stack_lvl+0x78/0x90 [ 4088.619737][T20295] dump_stack+0x18/0x24 [ 4088.620018][T20295] should_fail_ex+0x1dc/0x234 [ 4088.620309][T20295] should_failslab+0x54/0x80 [ 4088.620594][T20295] kmem_cache_alloc_noprof+0x54/0x368 [ 4088.620895][T20295] skb_clone+0x60/0xc4 [ 4088.621165][T20295] __netlink_deliver_tap+0xf8/0x28c [ 4088.621430][T20295] __netlink_sendskb+0x94/0x98 [ 4088.621695][T20295] netlink_unicast+0x2b8/0x314 [ 4088.621960][T20295] ctrl_getfamily+0x170/0x1c4 [ 4088.622276][T20295] genl_family_rcv_msg_doit+0xdc/0x144 [ 4088.622509][T20295] genl_rcv_msg+0x210/0x288 [ 4088.622737][T20295] netlink_rcv_skb+0x5c/0x128 [ 4088.622952][T20295] genl_rcv+0x38/0x50 [ 4088.623217][T20295] netlink_unicast+0x1e4/0x314 [ 4088.623437][T20295] netlink_sendmsg+0x194/0x3fc [ 4088.623649][T20295] __sock_sendmsg+0x54/0x60 [ 4088.623864][T20295] __sys_sendto+0x118/0x180 [ 4088.624086][T20295] __arm64_sys_sendto+0x28/0x38 [ 4088.624327][T20295] invoke_syscall+0x48/0x110 [ 4088.624559][T20295] el0_svc_common.constprop.0+0x40/0xe0 [ 4088.624801][T20295] do_el0_svc+0x1c/0x28 [ 4088.625083][T20295] el0_svc+0x34/0x10c [ 4088.625388][T20295] el0t_64_sync_handler+0xa0/0xe4 [ 4088.625677][T20295] el0t_64_sync+0x1a4/0x1a8 [ 4088.844443][T20298] fuse: Bad value for 'fd' [ 4091.713605][T20311] fuse: Bad value for 'fd' [ 4099.398164][T20340] fuse: Bad value for 'group_id' [ 4099.398732][T20340] fuse: Bad value for 'group_id' [ 4106.766459][T20363] fuse: Bad value for 'group_id' [ 4106.769829][T20363] fuse: Bad value for 'group_id' [ 4107.408447][T20371] fuse: Bad value for 'user_id' [ 4107.408810][T20371] fuse: Bad value for 'user_id' [ 4107.850608][T20375] fuse: Bad value for 'group_id' [ 4107.854921][T20375] fuse: Bad value for 'group_id' [ 4110.970809][T20390] dlm: non-version read from control device 8224 [ 4123.442287][T20465] FAULT_INJECTION: forcing a failure. [ 4123.442287][T20465] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 4123.448074][T20465] CPU: 0 UID: 0 PID: 20465 Comm: syz.2.5686 Not tainted syzkaller #0 PREEMPT [ 4123.448436][T20465] Hardware name: linux,dummy-virt (DT) [ 4123.448560][T20465] Call trace: [ 4123.448663][T20465] show_stack+0x18/0x24 (C) [ 4123.449004][T20465] dump_stack_lvl+0x78/0x90 [ 4123.449285][T20465] dump_stack+0x18/0x24 [ 4123.449514][T20465] should_fail_ex+0x1dc/0x234 [ 4123.449756][T20465] should_fail+0x14/0x24 [ 4123.449986][T20465] should_fail_usercopy+0x1c/0x28 [ 4123.450289][T20465] simple_read_from_buffer+0x5c/0x138 [ 4123.450517][T20465] proc_fail_nth_read+0xac/0x134 [ 4123.450782][T20465] vfs_read+0xc0/0x318 [ 4123.451020][T20465] ksys_read+0x6c/0x100 [ 4123.451320][T20465] __arm64_sys_read+0x1c/0x28 [ 4123.451545][T20465] invoke_syscall+0x48/0x110 [ 4123.451873][T20465] el0_svc_common.constprop.0+0x40/0xe0 [ 4123.452174][T20465] do_el0_svc+0x1c/0x28 [ 4123.452419][T20465] el0_svc+0x34/0x10c [ 4123.452709][T20465] el0t_64_sync_handler+0xa0/0xe4 [ 4123.452985][T20465] el0t_64_sync+0x1a4/0x1a8 [ 4125.681786][T20477] fuse: Bad value for 'fd' [ 4126.181265][T20483] fuse: Bad value for 'fd' [ 4127.586239][T20490] fuse: Bad value for 'fd' [ 4135.393992][T20533] input: syz1 as /devices/virtual/input/input87 [ 4142.488775][T20547] FAULT_INJECTION: forcing a failure. [ 4142.488775][T20547] name failslab, interval 1, probability 0, space 0, times 0 [ 4142.489156][T20547] CPU: 1 UID: 0 PID: 20547 Comm: syz.1.5711 Not tainted syzkaller #0 PREEMPT [ 4142.489551][T20547] Hardware name: linux,dummy-virt (DT) [ 4142.489616][T20547] Call trace: [ 4142.489841][T20547] show_stack+0x18/0x24 (C) [ 4142.490023][T20547] dump_stack_lvl+0x78/0x90 [ 4142.490215][T20547] dump_stack+0x18/0x24 [ 4142.490444][T20547] should_fail_ex+0x1dc/0x234 [ 4142.490650][T20547] should_failslab+0x54/0x80 [ 4142.490881][T20547] kmem_cache_alloc_noprof+0x54/0x368 [ 4142.491111][T20547] getname_flags.part.0+0x2c/0x1bc [ 4142.491377][T20547] getname_flags+0x38/0x60 [ 4142.491593][T20547] do_sys_openat2+0x5c/0xe8 [ 4142.491807][T20547] __arm64_sys_openat+0x64/0xa8 [ 4142.492048][T20547] invoke_syscall+0x48/0x110 [ 4142.492258][T20547] el0_svc_common.constprop.0+0x40/0xe0 [ 4142.492481][T20547] do_el0_svc+0x1c/0x28 [ 4142.492815][T20547] el0_svc+0x34/0x10c [ 4142.493093][T20547] el0t_64_sync_handler+0xa0/0xe4 [ 4142.493328][T20547] el0t_64_sync+0x1a4/0x1a8 [ 4168.338487][T20610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4168.348693][T20610] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4169.659092][T20622] lo speed is unknown, defaulting to 1000 [ 4172.000484][T20635] FAULT_INJECTION: forcing a failure. [ 4172.000484][T20635] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 4172.009986][T20635] CPU: 0 UID: 0 PID: 20635 Comm: syz.2.5739 Not tainted syzkaller #0 PREEMPT [ 4172.010370][T20635] Hardware name: linux,dummy-virt (DT) [ 4172.010486][T20635] Call trace: [ 4172.010681][T20635] show_stack+0x18/0x24 (C) [ 4172.011003][T20635] dump_stack_lvl+0x78/0x90 [ 4172.011173][T20635] dump_stack+0x18/0x24 [ 4172.011351][T20635] should_fail_ex+0x1dc/0x234 [ 4172.011567][T20635] should_fail+0x14/0x24 [ 4172.011764][T20635] should_fail_usercopy+0x1c/0x28 [ 4172.011961][T20635] simple_read_from_buffer+0x5c/0x138 [ 4172.012167][T20635] proc_fail_nth_read+0xac/0x134 [ 4172.012383][T20635] vfs_read+0xc0/0x318 [ 4172.012662][T20635] ksys_read+0x6c/0x100 [ 4172.012916][T20635] __arm64_sys_read+0x1c/0x28 [ 4172.013126][T20635] invoke_syscall+0x48/0x110 [ 4172.013350][T20635] el0_svc_common.constprop.0+0x40/0xe0 [ 4172.013771][T20635] do_el0_svc+0x1c/0x28 [ 4172.014154][T20635] el0_svc+0x34/0x10c [ 4172.014391][T20635] el0t_64_sync_handler+0xa0/0xe4 [ 4172.014616][T20635] el0t_64_sync+0x1a4/0x1a8 [ 4189.080028][T20691] fuse: Unknown parameter 'rootmoda' [ 4190.610029][T20700] fuse: Unknown parameter 'group_id00000000000000000000' [ 4192.150416][T20709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4192.152358][T20709] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4193.510820][T20715] fuse: Unknown parameter 'group_id00000000000000000000' [ 4195.223561][T20717] FAULT_INJECTION: forcing a failure. [ 4195.223561][T20717] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 4195.223889][T20717] CPU: 1 UID: 0 PID: 20717 Comm: syz.1.5765 Not tainted syzkaller #0 PREEMPT [ 4195.224060][T20717] Hardware name: linux,dummy-virt (DT) [ 4195.224127][T20717] Call trace: [ 4195.224181][T20717] show_stack+0x18/0x24 (C) [ 4195.224340][T20717] dump_stack_lvl+0x78/0x90 [ 4195.224472][T20717] dump_stack+0x18/0x24 [ 4195.224598][T20717] should_fail_ex+0x1dc/0x234 [ 4195.224725][T20717] should_fail+0x14/0x24 [ 4195.224849][T20717] should_fail_usercopy+0x1c/0x28 [ 4195.224973][T20717] simple_read_from_buffer+0x5c/0x138 [ 4195.225104][T20717] proc_fail_nth_read+0xac/0x134 [ 4195.225236][T20717] vfs_read+0xc0/0x318 [ 4195.225362][T20717] ksys_read+0x6c/0x100 [ 4195.225487][T20717] __arm64_sys_read+0x1c/0x28 [ 4195.225611][T20717] invoke_syscall+0x48/0x110 [ 4195.225740][T20717] el0_svc_common.constprop.0+0x40/0xe0 [ 4195.225870][T20717] do_el0_svc+0x1c/0x28 [ 4195.225998][T20717] el0_svc+0x34/0x10c [ 4195.226219][T20717] el0t_64_sync_handler+0xa0/0xe4 [ 4195.226358][T20717] el0t_64_sync+0x1a4/0x1a8 [ 4196.455235][T20729] fuse: Unknown parameter 'group_id00000000000000000000' [ 4198.381211][T20740] fuse: Bad value for 'user_id' [ 4198.387152][T20740] fuse: Bad value for 'user_id' [ 4200.201322][T20753] fuse: Bad value for 'user_id' [ 4200.207142][T20753] fuse: Bad value for 'user_id' [ 4201.579186][T20764] fuse: Bad value for 'user_id' [ 4201.582484][T20764] fuse: Bad value for 'user_id' [ 4202.169214][T20773] fuse: Bad value for 'fd' [ 4202.834724][T20785] fuse: Unknown parameter 'grou00000000000000000000' [ 4205.308748][T20792] fuse: Bad value for 'fd' [ 4205.576929][T20797] fuse: Unknown parameter 'grou00000000000000000000' [ 4207.557647][T20808] fuse: Bad value for 'fd' [ 4207.957684][T20814] fuse: Unknown parameter 'grou00000000000000000000' [ 4208.425073][T20818] fuse: Bad value for 'fd' [ 4208.796489][T20825] fuse: Unknown parameter 'group_i00000000000000000000' [ 4209.827157][T20831] fuse: Bad value for 'fd' [ 4210.247949][T20838] fuse: Unknown parameter 'group_i00000000000000000000' [ 4211.617702][T20843] fuse: Bad value for 'fd' [ 4211.949088][T20850] fuse: Unknown parameter 'group_i00000000000000000000' [ 4212.124021][T20854] fuse: Invalid rootmode [ 4214.934317][T20869] fuse: Invalid rootmode [ 4215.106711][T20871] fuse: Unknown parameter 'group_id00000000000000000000' [ 4215.851514][T20877] binder: 20876:20877 ioctl 80047210 20009880 returned -22 [ 4216.001258][T20881] fuse: Invalid rootmode [ 4216.159750][T20883] fuse: Unknown parameter 'group_id00000000000000000000' [ 4217.769126][T20893] fuse: Bad value for 'rootmode' [ 4217.909193][T20895] fuse: Unknown parameter 'group_id00000000000000000000' [ 4221.454718][T20909] fuse: Bad value for 'rootmode' [ 4225.456936][T20917] FAULT_INJECTION: forcing a failure. [ 4225.456936][T20917] name failslab, interval 1, probability 0, space 0, times 0 [ 4225.457594][T20917] CPU: 1 UID: 0 PID: 20917 Comm: syz.1.5844 Not tainted syzkaller #0 PREEMPT [ 4225.457872][T20917] Hardware name: linux,dummy-virt (DT) [ 4225.457992][T20917] Call trace: [ 4225.458083][T20917] show_stack+0x18/0x24 (C) [ 4225.458637][T20917] dump_stack_lvl+0x78/0x90 [ 4225.458892][T20917] dump_stack+0x18/0x24 [ 4225.459152][T20917] should_fail_ex+0x1dc/0x234 [ 4225.459421][T20917] should_failslab+0x54/0x80 [ 4225.459673][T20917] __kmalloc_node_track_caller_noprof+0xac/0x404 [ 4225.459965][T20917] kstrdup+0x48/0x84 [ 4225.460194][T20917] kstrdup_const+0x40/0x4c [ 4225.460461][T20917] kvasprintf_const+0xd4/0xd8 [ 4225.460714][T20917] kobject_set_name_vargs+0x44/0xbc [ 4225.460948][T20917] device_create_groups_vargs+0xa4/0x134 [ 4225.461210][T20917] device_create+0x5c/0x84 [ 4225.461472][T20917] bdi_register_va+0x80/0x244 [ 4225.461704][T20917] super_setup_bdi_name+0x84/0x100 [ 4225.461918][T20917] fuse_fill_super_common+0x188/0x434 [ 4225.462189][T20917] fuse_fill_super+0x64/0xb8 [ 4225.462422][T20917] get_tree_nodev+0x70/0xb8 [ 4225.462674][T20917] fuse_get_tree+0xc0/0x190 [ 4225.462894][T20917] vfs_get_tree+0x28/0xec [ 4225.463130][T20917] path_mount+0x42c/0xa28 [ 4225.463344][T20917] __arm64_sys_mount+0x1b4/0x210 [ 4225.463572][T20917] invoke_syscall+0x48/0x110 [ 4225.463802][T20917] el0_svc_common.constprop.0+0x40/0xe0 [ 4225.464083][T20917] do_el0_svc+0x1c/0x28 [ 4225.464350][T20917] el0_svc+0x34/0x10c [ 4225.464674][T20917] el0t_64_sync_handler+0xa0/0xe4 [ 4225.464952][T20917] el0t_64_sync+0x1a4/0x1a8 [ 4225.776624][T20919] fuse: Bad value for 'user_id' [ 4225.777167][T20919] fuse: Bad value for 'user_id' [ 4226.269623][T20923] fuse: Bad value for 'rootmode' [ 4229.111189][T20934] fuse: Bad value for 'user_id' [ 4229.114966][T20934] fuse: Bad value for 'user_id' [ 4229.461181][T20939] fuse: Unknown parameter 'use00000000000000000000' [ 4229.874866][T20946] fuse: Bad value for 'user_id' [ 4229.877539][T20946] fuse: Bad value for 'user_id' [ 4230.631820][T20955] fuse: Unknown parameter 'use00000000000000000000' [ 4230.902352][T20960] fuse: Bad value for 'fd' [ 4232.273779][T20968] fuse: Unknown parameter 'use00000000000000000000' [ 4235.285287][T20981] fuse: Unknown parameter 'user_i00000000000000000000' [ 4237.088496][T20994] fuse: Unknown parameter 'user_i00000000000000000000' [ 4238.165686][T21008] input: syz0 as /devices/virtual/input/input88 [ 4241.854855][T21037] fuse: Bad value for 'group_id' [ 4241.856342][T21037] fuse: Bad value for 'group_id' [ 4243.712270][T21049] fuse: Bad value for 'group_id' [ 4243.715322][T21049] fuse: Bad value for 'group_id' [ 4244.575022][T21051] FAULT_INJECTION: forcing a failure. [ 4244.575022][T21051] name failslab, interval 1, probability 0, space 0, times 0 [ 4244.575332][T21051] CPU: 0 UID: 0 PID: 21051 Comm: syz.2.5895 Not tainted syzkaller #0 PREEMPT [ 4244.575560][T21051] Hardware name: linux,dummy-virt (DT) [ 4244.575629][T21051] Call trace: [ 4244.575682][T21051] show_stack+0x18/0x24 (C) [ 4244.575853][T21051] dump_stack_lvl+0x78/0x90 [ 4244.576018][T21051] dump_stack+0x18/0x24 [ 4244.576146][T21051] should_fail_ex+0x1dc/0x234 [ 4244.576299][T21051] should_failslab+0x54/0x80 [ 4244.576523][T21051] kmem_cache_alloc_lru_noprof+0x5c/0x378 [ 4244.576761][T21051] proc_alloc_inode+0x20/0x4c [ 4244.577000][T21051] alloc_inode+0x28/0xd0 [ 4244.577230][T21051] new_inode+0x14/0x88 [ 4244.577451][T21051] proc_pid_make_inode+0x20/0xc0 [ 4244.577691][T21051] proc_pident_instantiate+0x2c/0xe0 [ 4244.577938][T21051] proc_pident_lookup+0x114/0x164 [ 4244.578219][T21051] proc_tgid_base_lookup+0x20/0x2c [ 4244.578473][T21051] __lookup_slow+0x88/0x154 [ 4244.578720][T21051] walk_component+0xd8/0x190 [ 4244.578970][T21051] link_path_walk+0x1fc/0x3d0 [ 4244.579138][T21051] path_openat+0x84/0xf9c [ 4244.579295][T21051] do_filp_open+0xa4/0x15c [ 4244.579472][T21051] do_sys_openat2+0x8c/0xe8 [ 4244.579599][T21051] __arm64_sys_openat+0x64/0xa8 [ 4244.579724][T21051] invoke_syscall+0x48/0x110 [ 4244.579853][T21051] el0_svc_common.constprop.0+0x40/0xe0 [ 4244.579991][T21051] do_el0_svc+0x1c/0x28 [ 4244.580120][T21051] el0_svc+0x34/0x10c [ 4244.580248][T21051] el0t_64_sync_handler+0xa0/0xe4 [ 4244.580377][T21051] el0t_64_sync+0x1a4/0x1a8 [ 4244.954934][T21054] fuse: Unknown parameter 'use00000000000000000000' [ 4250.490689][T21063] fuse: Bad value for 'group_id' [ 4250.493799][T21063] fuse: Bad value for 'group_id' [ 4258.683716][T21092] fuse: Unknown parameter '0x0000000000000003' [ 4261.629255][T21099] fuse: Unknown parameter 'grou00000000000000000000' [ 4261.830326][T21101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4261.858778][T21101] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4262.117369][T21106] fuse: Unknown parameter '0x0000000000000003' [ 4262.621586][T21113] fuse: Unknown parameter 'grou00000000000000000000' [ 4263.639702][T21119] fuse: Unknown parameter '0x0000000000000003' [ 4264.584933][T21126] fuse: Unknown parameter 'grou00000000000000000000' [ 4267.474733][T21132] fuse: Unknown parameter '0x0000000000000003' [ 4267.896013][T21138] fuse: Unknown parameter 'group_i00000000000000000000' [ 4269.286620][T21143] fuse: Unknown parameter 'fd0x0000000000000003' [ 4269.841919][T21149] fuse: Unknown parameter 'group_i00000000000000000000' [ 4270.284453][T21154] fuse: Unknown parameter 'fd0x0000000000000003' [ 4270.456135][T21156] fuse: Bad value for 'fd' [ 4270.777745][T21160] fuse: Unknown parameter 'group_i00000000000000000000' [ 4270.960067][T21164] fuse: Unknown parameter 'fd0x0000000000000003' [ 4271.097988][T21166] fuse: Bad value for 'fd' [ 4276.745743][T21185] fuse: Unknown parameter '0x0000000000000003' [ 4284.379434][ T30] audit: type=1326 audit(4284.065:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21230 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4284.387809][ T30] audit: type=1326 audit(4284.065:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21230 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=435 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4284.573649][T21232] lo speed is unknown, defaulting to 1000 [ 4284.988137][ T30] audit: type=1326 audit(4284.675:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21238 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffff83786788 code=0x7ffc0000 [ 4285.957110][T21248] lo speed is unknown, defaulting to 1000 [ 4286.503624][ T30] audit: type=1326 audit(4286.185:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21238 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=93 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4286.532184][ T30] audit: type=1326 audit(4286.215:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21230 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4286.533377][ T30] audit: type=1326 audit(4286.215:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21230 comm="syz.1.5963" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4286.796084][T21251] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4286.802359][T21251] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4287.111871][T21254] netlink: 59 bytes leftover after parsing attributes in process `syz.1.5971'. [ 4288.375463][T21272] binder: 21271:21272 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10) [ 4288.376034][T21272] binder: 21272 RLIMIT_NICE not set [ 4288.902221][T21277] binder: 21271:21277 tried to acquire reference to desc 0, got 1 instead [ 4288.985218][T10126] binder: release 21271:21277 transaction 48 out, still active [ 4288.985985][T10126] binder: undelivered TRANSACTION_COMPLETE [ 4288.991203][T10126] binder: undelivered TRANSACTION_COMPLETE [ 4289.015112][T10126] binder: send failed reply for transaction 48, target dead [ 4291.741521][T21292] lo speed is unknown, defaulting to 1000 [ 4299.954884][T21302] lo speed is unknown, defaulting to 1000 [ 4313.545819][T21322] netlink: 'syz.2.5996': attribute type 27 has an invalid length. [ 4315.903654][ T39] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 4315.904367][ T39] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 4315.905161][ T39] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 4315.905634][ T39] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 4316.948204][T21335] lo speed is unknown, defaulting to 1000 [ 4318.311884][T21337] netlink: 'syz.1.5998': attribute type 4 has an invalid length. [ 4318.313548][T21337] netlink: 17 bytes leftover after parsing attributes in process `syz.1.5998'. [ 4323.501677][T21354] lo speed is unknown, defaulting to 1000 [ 4330.540944][T21368] random: crng reseeded on system resumption [ 4331.006453][T21376] pim6reg1: entered promiscuous mode [ 4331.006960][T21376] pim6reg1: entered allmulticast mode [ 4347.399143][T21401] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6028'. [ 4349.477151][ T30] audit: type=1326 audit(4349.165:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.480407][ T30] audit: type=1326 audit(4349.165:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.485420][ T30] audit: type=1326 audit(4349.175:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.489453][ T30] audit: type=1326 audit(4349.175:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.507969][ T30] audit: type=1326 audit(4349.175:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=55 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.519404][ T30] audit: type=1326 audit(4349.205:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.531349][ T30] audit: type=1326 audit(4349.205:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.1.6031" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4349.666214][T21410] netlink: 96 bytes leftover after parsing attributes in process `syz.1.6032'. [ 4351.186397][ T30] audit: type=1326 audit(4350.875:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21419 comm="syz.2.6038" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9fb5c068 code=0x7ffc0000 [ 4351.191169][ T30] audit: type=1326 audit(4350.875:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21419 comm="syz.2.6038" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9fb5c068 code=0x7ffc0000 [ 4351.199927][ T30] audit: type=1326 audit(4350.885:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21419 comm="syz.2.6038" exe="/syz-executor" sig=0 arch=c00000b7 syscall=73 compat=0 ip=0xffff9fb5c068 code=0x7ffc0000 [ 4351.228887][T21422] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6037'. [ 4372.764293][T21461] lo speed is unknown, defaulting to 1000 [ 4373.498920][T21464] wireguard0: entered promiscuous mode [ 4373.501127][T21464] wireguard0: entered allmulticast mode [ 4403.846792][T18872] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4403.902454][T18872] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4403.960234][T18872] bond0 (unregistering): Released all slaves [ 4404.284772][T18872] hsr_slave_0: left promiscuous mode [ 4404.294398][T18872] hsr_slave_1: left promiscuous mode [ 4405.894116][T21506] lo speed is unknown, defaulting to 1000 [ 4412.758303][T21506] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 4412.857889][T21506] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 4417.461836][T21506] hsr_slave_0: entered promiscuous mode [ 4417.475857][T21506] hsr_slave_1: entered promiscuous mode [ 4417.487728][T21506] debugfs: 'hsr0' already exists in 'hsr' [ 4417.492185][T21506] Cannot create hsr debugfs directory [ 4421.011177][T21506] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 4421.098642][T21506] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 4421.172010][T21506] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 4421.251304][T21506] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 4423.684020][T21506] 8021q: adding VLAN 0 to HW filter on device bond0 [ 4428.987130][T21506] veth0_vlan: entered promiscuous mode [ 4429.038861][T21506] veth1_vlan: entered promiscuous mode [ 4429.166403][T21506] veth0_macvtap: entered promiscuous mode [ 4429.192290][T21506] veth1_macvtap: entered promiscuous mode [ 4429.417585][T21357] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 4429.419254][T21357] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 4429.419615][T21357] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 4429.419961][T21357] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 4435.094653][ T30] kauditd_printk_skb: 7 callbacks suppressed [ 4435.095349][ T30] audit: type=1326 audit(4434.615:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.095868][ T30] audit: type=1326 audit(4434.615:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.096277][ T30] audit: type=1326 audit(4434.625:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.096779][ T30] audit: type=1326 audit(4434.625:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.097215][ T30] audit: type=1326 audit(4434.625:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.097623][ T30] audit: type=1326 audit(4434.625:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.098062][ T30] audit: type=1326 audit(4434.625:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=155 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4435.098500][ T30] audit: type=1326 audit(4434.625:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21661 comm="syz.1.6075" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4436.338143][T21673] netlink: 72 bytes leftover after parsing attributes in process `syz.2.6080'. [ 4438.835736][ T30] audit: type=1326 audit(4438.465:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21697 comm="syz.1.6092" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4438.842425][ T30] audit: type=1326 audit(4438.465:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21697 comm="syz.1.6092" exe="/syz-executor" sig=0 arch=c00000b7 syscall=199 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4447.563631][ T30] kauditd_printk_skb: 3 callbacks suppressed [ 4447.564343][ T30] audit: type=1326 audit(4447.245:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21724 comm="syz.1.6102" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4447.564798][ T30] audit: type=1326 audit(4447.245:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21724 comm="syz.1.6102" exe="/syz-executor" sig=0 arch=c00000b7 syscall=204 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4447.565180][ T30] audit: type=1326 audit(4447.245:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21724 comm="syz.1.6102" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4447.565595][ T30] audit: type=1326 audit(4447.255:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21724 comm="syz.1.6102" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4492.512078][ T30] audit: type=1326 audit(4492.195:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21787 comm="syz.1.6125" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4492.527979][ T30] audit: type=1326 audit(4492.215:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21787 comm="syz.1.6125" exe="/syz-executor" sig=0 arch=c00000b7 syscall=90 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4492.535875][ T30] audit: type=1326 audit(4492.215:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21787 comm="syz.1.6125" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8375c068 code=0x7ffc0000 [ 4510.576634][T21816] vlan2: entered allmulticast mode [ 4510.577230][T21816] bridge_slave_0: entered allmulticast mode [ 4520.646995][T21836] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 4522.088260][T21825] hid_parser_main: 73 callbacks suppressed [ 4522.097313][T21825] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 4522.140331][T21825] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 4522.507684][T21844] lo speed is unknown, defaulting to 1000 [ 4533.810415][T21869] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6154'. [ 4533.826698][T21869] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6154'. [ 4546.084274][T21883] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6158'. [ 4579.069897][T21920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4579.085136][T21920] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4587.892066][T21934] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6174'. [ 4593.164657][T21946] lo speed is unknown, defaulting to 1000 [ 4596.080408][T21954] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6182'. [ 4627.799588][T21991] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 4627.816289][T21991] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 4639.556971][T22009] ================================================================== [ 4639.559373][T22009] BUG: KASAN: invalid-access in xfrm_state_find+0x328/0x16a0 [ 4639.561681][T22009] Read at addr f1f000000aa91308 by task syz.1.6199/22009 [ 4639.562132][T22009] Pointer tag: [f1], memory tag: [fe] [ 4639.562303][T22009] [ 4639.563579][T22009] CPU: 1 UID: 0 PID: 22009 Comm: syz.1.6199 Not tainted syzkaller #0 PREEMPT [ 4639.564253][T22009] Hardware name: linux,dummy-virt (DT) [ 4639.564721][T22009] Call trace: [ 4639.565169][T22009] show_stack+0x18/0x24 (C) [ 4639.565674][T22009] dump_stack_lvl+0x78/0x90 [ 4639.565985][T22009] print_report+0x108/0x61c [ 4639.566258][T22009] kasan_report+0x88/0xac [ 4639.566483][T22009] __do_kernel_fault+0x170/0x1c8 [ 4639.566710][T22009] do_bad_area+0x68/0x78 [ 4639.566967][T22009] do_tag_check_fault+0x34/0x44 [ 4639.567303][T22009] do_mem_abort+0x44/0x94 [ 4639.567593][T22009] el1_abort+0x40/0x60 [ 4639.567870][T22009] el1h_64_sync_handler+0x50/0xac [ 4639.568126][T22009] el1h_64_sync+0x6c/0x70 [ 4639.568507][T22009] xfrm_state_find+0x328/0x16a0 (P) [ 4639.568797][T22009] xfrm_resolve_and_create_bundle+0x1b8/0x1014 [ 4639.569056][T22009] xfrm_lookup_with_ifid+0x1ac/0xba0 [ 4639.569321][T22009] xfrm_lookup_route+0x28/0xb8 [ 4639.569578][T22009] ip_route_output_flow+0xd4/0xe0 [ 4639.569843][T22009] raw_sendmsg+0x250/0xc5c [ 4639.570154][T22009] inet_sendmsg+0x44/0x70 [ 4639.570444][T22009] __sock_sendmsg+0x54/0x60 [ 4639.570736][T22009] __sys_sendto+0x118/0x180 [ 4639.571001][T22009] __arm64_sys_sendto+0x28/0x38 [ 4639.571265][T22009] invoke_syscall+0x48/0x110 [ 4639.571527][T22009] el0_svc_common.constprop.0+0x40/0xe0 [ 4639.571791][T22009] do_el0_svc+0x1c/0x28 [ 4639.572046][T22009] el0_svc+0x34/0x10c [ 4639.572260][T22009] el0t_64_sync_handler+0xa0/0xe4 [ 4639.572472][T22009] el0t_64_sync+0x1a4/0x1a8 [ 4639.573056][T22009] [ 4639.573213][T22009] The buggy address belongs to the object at fff000000aa91040 [ 4639.573213][T22009] which belongs to the cache xfrm_state of size 824 [ 4639.573417][T22009] The buggy address is located 712 bytes inside of [ 4639.573417][T22009] 824-byte region [fff000000aa91040, fff000000aa91378) [ 4639.573620][T22009] [ 4639.573887][T22009] The buggy address belongs to the physical page: [ 4639.574527][T22009] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf9f000000aa90000 pfn:0x4aa90 [ 4639.574998][T22009] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 4639.575341][T22009] flags: 0x1ffc00000000040(head|node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0) [ 4639.576091][T22009] page_type: f5(slab) [ 4639.576803][T22009] raw: 01ffc00000000040 f6f000000334f300 dead000000000122 0000000000000000 [ 4639.577003][T22009] raw: f9f000000aa90000 0000000080130012 00000000f5000000 0000000000000000 [ 4639.577260][T22009] head: 01ffc00000000040 f6f000000334f300 dead000000000122 0000000000000000 [ 4639.577435][T22009] head: f9f000000aa90000 0000000080130012 00000000f5000000 0000000000000000 [ 4639.577593][T22009] head: 01ffc00000000002 ffffc1ffc02aa401 00000000ffffffff 00000000ffffffff [ 4639.577742][T22009] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 4639.577916][T22009] page dumped because: kasan: bad access detected [ 4639.578030][T22009] [ 4639.578132][T22009] Memory state around the buggy address: [ 4639.578500][T22009] fff000000aa91100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 4639.578711][T22009] fff000000aa91200: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 4639.578871][T22009] >fff000000aa91300: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 4639.579043][T22009] ^ [ 4639.579448][T22009] fff000000aa91400: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 4639.579604][T22009] fff000000aa91500: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 4639.579804][T22009] ================================================================== [ 4639.581312][T22009] Disabling lock debugging due to kernel taint SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 4644.728584][ T137] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4644.850298][ T137] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4644.981167][ T137] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4645.137122][ T137] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4646.785677][ T137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4646.880906][ T137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4646.981857][ T137] bond0 (unregistering): Released all slaves [ 4647.260930][ T137] hsr_slave_0: left promiscuous mode [ 4647.272323][ T137] hsr_slave_1: left promiscuous mode [ 4647.332369][ T137] veth1_macvtap: left promiscuous mode [ 4647.336037][ T137] veth0_macvtap: left promiscuous mode [ 4647.340801][ T137] veth1_vlan: left promiscuous mode [ 4647.341489][ T137] veth0_vlan: left promiscuous mode [ 4650.174812][T21357] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4650.344920][T21357] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4650.437093][T21357] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4650.567909][T21357] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 4651.889703][T21357] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 4651.936773][T21357] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 4651.987097][T21357] bond0 (unregistering): Released all slaves [ 4652.211801][T21357] hsr_slave_0: left promiscuous mode [ 4652.225667][T21357] hsr_slave_1: left promiscuous mode [ 4652.257653][T21357] veth1_macvtap: left promiscuous mode [ 4652.260173][T21357] veth0_macvtap: left promiscuous mode [ 4652.268739][T21357] veth1_vlan: left promiscuous mode [ 4652.269604][T21357] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 18:26:36 Registers: info registers vcpu 0 CPU#0 PC=ffff800081b11794 X00=ffff800081b11790 X01=f2f000000c969280 X02=0000000000000000 X03=0000000000000000 X04=000000000000b7e1 X05=0000000000000029 X06=0000000000000000 X07=f6f0000007777400 X08=f6f0000007777480 X09=0000000000000000 X10=0000000000000163 X11=0000000000000000 X12=000000000000053e X13=0000000000000000 X14=ffff800081b63cd0 X15=000000002008d680 X16=ffff800080000000 X17=fff07ffffcfe1000 X18=0000000000000014 X19=0000000000000000 X20=ffff800082a21508 X21=ffff800082a21500 X22=0000000000000000 X23=0000000000000006 X24=ffff800082a21508 X25=0000000000000028 X26=0000000000000001 X27=0000000000000000 X28=0000000000000001 X29=ffff800080003410 X30=ffff80008017d984 SP=ffff800080003410 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2525252525252525:2525252525252525 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000756c6c2570:6f6f6c2f7665642f Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000f0000000f0 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff000000ff00:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:fff000f000000000 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:bb448243222c92da:e3914ed4e87380b0 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6edc4d3a2914b135:d8e9c869e2695c88 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff2a6ba40:0000fffff2a6ba40 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000fffff2a6ba10 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800081b1cc9c X00=fcf00000040b1080 X01=0000000000000000 X02=ffff800082c6b740 X03=0000000000000041 X04=0000000000000040 X05=0000000000000001 X06=ffff800082aaf240 X07=0000000000000001 X08=7f7f7f7f7f7f7f7f X09=ffff800082aaf1a0 X10=0000000000000000 X11=ffff8000830bbe10 X12=ffff8000829ef238 X13=ffff8000830bbb7d X14=ffff8000830bbb88 X15=ffff8000830bb9f0 X16=ffff800080008000 X17=fff07ffffcffa000 X18=00000000ffffffff X19=ffff8000830bbe10 X20=0000000000000001 X21=ffff800082aaf1a0 X22=fbf000000316dc80 X23=ffff8000829111f0 X24=ffff800082aaf290 X25=0000000000000001 X26=fbf000000316dc80 X27=0000000000000000 X28=0000000000000000 X29=ffff8000830bbd70 X30=ffff8000808edbc8 SP=ffff8000830bbd70 PSTATE=60402009 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:206e776f6e6b6e75:006f6c6c33323025 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff83966438:0000ffff83966480 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ff000000000000ff Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000f000000f Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff83966468:0000ffff83966460 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff83966468:0000ffff83966460 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff83966478:0000ffff83966470 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff2a6ba40:0000fffff2a6ba40 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000fffff2a6ba10 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000