last executing test programs: 15.534365726s ago: executing program 0 (id=233): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="1400000042000102"], 0x14}}, 0x40044c4) 15.22632319s ago: executing program 0 (id=234): r0 = socket$inet6(0xa, 0x80002, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) connect$inet(0xffffffffffffffff, 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, 0x0, 0x10040, 0x0) setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4) sendmmsg$inet6(r0, 0x0, 0x0, 0x4001c00) ioctl$DRM_IOCTL_MODE_SETPROPERTY(0xffffffffffffffff, 0xc01064ab, 0x0) 8.872845261s ago: executing program 0 (id=239): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000000c0)='cgroup.clone_children\x00', 0x2, 0x0) write$cgroup_int(r1, &(0x7f0000000200)=0xf232, 0x12) 8.531462027s ago: executing program 0 (id=240): mprotect(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x1) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000047c0)=[{{0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f0000000340)=""/1, 0x1}], 0x1}, 0xe75}], 0x3aa0, 0x60002000, 0x0) recvfrom$l2tp6(r1, &(0x7f0000000180)=""/158, 0x9e, 0x2, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(0x0, r1) 7.710584386s ago: executing program 0 (id=241): openat$yama_ptrace_scope(0xffffff9c, &(0x7f0000000040), 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0) add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) futex(&(0x7f000000cffc)=0x4, 0x80000000000b, 0x4, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0) 6.182864808s ago: executing program 1 (id=243): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r6, {0x7, 0xfff1}, {0xffff, 0xffff}, {0x2, 0x1}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x400dc}, 0x4020080) close(0x3) 5.581717496s ago: executing program 1 (id=244): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) sendto$inet(r0, &(0x7f0000000740)="5e000d001b71ecab36c7f263c06bddc65b99fb63499dd5c8ef68ff53e24127f1a538594685e48943f26ed6e8d84b02464cc13dd7cc64d3a5a334a763cad337436ce16682040000000000000041579f9e3959de3e9f8005da735613f1fc390f61811b62d69ee340f9f79e873b463b442399d8f632fd469049daa8994b59ebbeefa4859b11599cc05188d9a9f46af90a8264052857cffe0fb0e528cc079e26ab9a2f2094fafe18763cbc7ae174a9bf4b0bebf592861d437b496968f81219de64c46557436b171144d804539a9d788799b583fba9a776cd6a6dc6c0bfe9f3d84acaf6fa8ac7b08f3511e996373651dafa74b208ea066271246b56984bee8da5be03d29f2fe1dc52714a6e36c4bdadb42bb62e4e7f1ad8afe9cb42d3ead3336bcb08a7af807bc33400aa0f716d360e7ebf014da55fedf36de4d5ca24f4d27f357968e7605c5463093b53657072fb18d9a6ae92803e98e2ccc364d4601b6fd74ea8bcb1bb1dd4bf426084ec50488bd740e07131e4a2b64ab7424988c99a8b7cba9ccdfa85e5c8ee23bd3a4b2a62f8514b528c069fbce420d9afacbcc439280566fd09c40b1ecc764b9822cdd3f6a5b1bf5afad00ed329e13c5a85efa1e7bc27830fda78ed18ba4966961b18db79a16e1dc7a9d7d3f420c24be7c4dbb7da63d7d3e722b2ca80fd0aa1ed3446d0b4edf1dd974cb84b1ac5cd959645df0feb362b63212f4299961f37af21667686a3308c18d7d3f91fa6e5f5a9d694e867b2", 0x21b, 0x40000, 0x0, 0x0) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0) 5.29198557s ago: executing program 1 (id=245): r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, 0x0, 0x8) 5.152104366s ago: executing program 1 (id=246): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x50) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r3, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bca900000000000035090100013800002c00000000000000b7020000000000007b9af8ff00000000b5090000c0ff0000dbaaf8fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffc70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080080004608f0ff76000000bf9810000000000056080000000000008500000007000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) 3.862101807s ago: executing program 0 (id=247): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) removexattr(&(0x7f0000000040)='./cgroup.cpu/cpuset.cpus\x00', &(0x7f0000000300)=@known='security.selinux\x00') bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = io_uring_setup(0x5e69, &(0x7f0000000100)={0x0, 0x1084, 0x40, 0x10000003, 0x2c3}) io_uring_register$IORING_REGISTER_FILES(r3, 0x2, 0x0, 0x0) io_uring_register$IORING_UNREGISTER_FILES(r3, 0x3, 0x0, 0x0) r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x4aa42, 0x0) mincore(&(0x7f0000f0c000/0x3000)=nil, 0x0, &(0x7f0000afaf0a)=""/246) ioctl$AUTOFS_IOC_FAIL(r4, 0x4c80, 0x7000000) 153.488853ms ago: executing program 1 (id=248): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="dc0000003f000701000000000000000001"], 0xdc}, 0x1, 0x0, 0x0, 0xc000}, 0xc040) 0s ago: executing program 1 (id=249): socket$kcm(0x10, 0x2, 0x0) r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000072"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48) close(r0) r1 = socket$kcm(0x2, 0x200000000000001, 0x0) sendmsg$inet(r1, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x20008000) r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB="b4050000fdff7f006110a40000000000c60000000000000095000000000000009f33ef60916e6e713f1e6b0b725ad99b817fd98cd824498949714e32f21dcc4ae5437aca55f21f3ca9e822d182054d54d53cd2b6da714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed00000000000000000000000000000000000000006c63b40e0c00000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f79829c90bd2114252581567acae715cbe1b57d5cda432c5b9443999f7d24195405f2e76ba88454cc9227069ccb7b37b41215c000000003be991e5e897284cdd6043058cec00000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20) recvmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000300)=""/143, 0x8f}], 0x1}, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:55268' (ED25519) to the list of known hosts. syzkaller login: [ 122.268471][ T3311] cgroup: Unknown subsys name 'net' [ 122.484778][ T3311] cgroup: Unknown subsys name 'cpuset' [ 122.528176][ T3311] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 123.248200][ T3311] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 133.839343][ T3316] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.869724][ T3316] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 134.265271][ T3317] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 134.298344][ T3317] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.915029][ T3316] hsr_slave_0: entered promiscuous mode [ 135.928901][ T3316] hsr_slave_1: entered promiscuous mode [ 136.272264][ T3317] hsr_slave_0: entered promiscuous mode [ 136.277324][ T3317] hsr_slave_1: entered promiscuous mode [ 136.284708][ T3317] debugfs: 'hsr0' already exists in 'hsr' [ 136.285508][ T3317] Cannot create hsr debugfs directory [ 137.394130][ T3316] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 137.437597][ T3316] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 137.461219][ T3316] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 137.525326][ T3316] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 137.689427][ T3317] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 137.712499][ T3317] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 137.732920][ T3317] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 137.767784][ T3317] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 139.228539][ T3316] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.412632][ T3317] 8021q: adding VLAN 0 to HW filter on device bond0 [ 144.582148][ T3316] veth0_vlan: entered promiscuous mode [ 144.684357][ T3316] veth1_vlan: entered promiscuous mode [ 144.832698][ T3317] veth0_vlan: entered promiscuous mode [ 144.944327][ T3317] veth1_vlan: entered promiscuous mode [ 145.088052][ T3316] veth0_macvtap: entered promiscuous mode [ 145.159432][ T3316] veth1_macvtap: entered promiscuous mode [ 145.429300][ T3317] veth0_macvtap: entered promiscuous mode [ 145.544209][ T3317] veth1_macvtap: entered promiscuous mode [ 145.569344][ T131] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.572922][ T131] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.574186][ T131] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.574565][ T131] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.983600][ T1110] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.984525][ T1110] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.984895][ T1110] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 145.985350][ T1110] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.512007][ T3316] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 147.711586][ T3092] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 147.834155][ T3468] capability: warning: `syz.1.3' uses deprecated v2 capabilities in a way that may be insecure [ 147.841615][ T3092] usb 1-1: device descriptor read/64, error -71 [ 148.091155][ T3092] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 148.221348][ T3092] usb 1-1: device descriptor read/64, error -71 [ 148.249465][ T3474] netlink: 16 bytes leftover after parsing attributes in process `syz.1.6'. [ 148.332695][ T3092] usb usb1-port1: attempt power cycle [ 148.702795][ T3092] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 148.734189][ T3092] usb 1-1: device descriptor read/8, error -71 [ 148.986682][ T3482] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 148.992045][ T3092] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 149.011203][ T3482] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 149.018177][ T3092] usb 1-1: device descriptor read/8, error -71 [ 149.141735][ T3092] usb usb1-port1: unable to enumerate USB device [ 150.281243][ T3488] binder: 3487:3488 ioctl 400c620e 20000140 returned -22 [ 150.460044][ T3490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.469256][ T3490] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 150.698004][ T3492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.704690][ T3492] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 151.689576][ T3505] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 151.695330][ T3505] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 158.541364][ T11] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 158.722478][ T11] usb 1-1: Using ep0 maxpacket: 32 [ 158.765779][ T11] usb 1-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0 [ 158.769116][ T11] usb 1-1: config 0 interface 0 has no altsetting 0 [ 158.776249][ T11] usb 1-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.00 [ 158.781602][ T11] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 158.837772][ T11] usb 1-1: config 0 descriptor?? [ 159.233681][ T3525] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 159.237421][ T3525] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 159.435600][ T11] hid-generic 0003:05AC:0224.0001: hidraw0: USB HID v5.58 Device [HID 05ac:0224] on usb-dummy_hcd.0-1/input0 [ 159.622685][ T905] usb 1-1: USB disconnect, device number 6 [ 160.148403][ T3536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 160.157540][ T3536] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 161.489954][ T3551] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 161.497176][ T3544] fido_id[3544]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory [ 161.556020][ T3551] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 163.487267][ T3562] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 163.523742][ T3562] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.724270][ T3572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 164.726656][ T3572] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 166.063207][ T11] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 166.288041][ T11] usb 1-1: no configurations [ 166.291482][ T11] usb 1-1: can't read configurations, error -22 [ 166.451469][ T11] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 166.627239][ T11] usb 1-1: no configurations [ 166.629393][ T11] usb 1-1: can't read configurations, error -22 [ 166.634737][ T11] usb usb1-port1: attempt power cycle [ 166.981530][ T11] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 167.008758][ T11] usb 1-1: no configurations [ 167.011614][ T11] usb 1-1: can't read configurations, error -22 [ 167.141536][ T11] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 167.169079][ T11] usb 1-1: no configurations [ 167.169692][ T11] usb 1-1: can't read configurations, error -22 [ 167.176651][ T11] usb usb1-port1: unable to enumerate USB device [ 169.340703][ T3598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.342028][ T3598] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 169.693159][ T3602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 169.702935][ T3602] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 172.987757][ T3612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 173.009926][ T3612] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 173.701232][ T3623] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 173.703630][ T3623] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.059313][ T3627] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.066085][ T3627] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.711768][ T3633] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.714436][ T3633] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.858457][ T3635] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.864008][ T3635] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.028346][ T3637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.029842][ T3637] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.439554][ T3643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.443721][ T3643] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 175.865407][ T3648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 175.875061][ T3648] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.407009][ T3092] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 176.593521][ T3657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.605303][ T3657] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 176.781695][ T3092] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 176.782360][ T3092] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 176.782746][ T3092] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 176.782992][ T3092] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 176.824984][ T3092] usb 1-1: config 0 descriptor?? [ 176.919036][ T3659] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 176.924459][ T3659] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 177.827623][ T3670] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 177.834363][ T3670] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 178.049502][ T3672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 178.059152][ T3672] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.271430][ T3684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.273668][ T3684] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.442144][ T3687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.458181][ T3687] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.632754][ T3689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.634948][ T3689] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 185.988544][ T3695] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.989876][ T3695] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.118590][ T3697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 186.129938][ T3697] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 187.107780][ T3092] usb 1-1: USB disconnect, device number 11 [ 189.029433][ T3708] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.035184][ T3708] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.175479][ T3710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.177803][ T3710] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 189.491369][ T3714] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 189.501941][ T3714] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 190.212823][ T3092] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 190.415977][ T3092] usb 1-1: no configurations [ 190.420991][ T3092] usb 1-1: can't read configurations, error -22 [ 190.570968][ T3092] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 190.902456][ T3092] usb 1-1: no configurations [ 190.904785][ T3092] usb 1-1: can't read configurations, error -22 [ 190.918025][ T3092] usb usb1-port1: attempt power cycle [ 191.271273][ T3092] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 191.297740][ T3092] usb 1-1: no configurations [ 191.298188][ T3092] usb 1-1: can't read configurations, error -22 [ 191.441084][ T3092] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 191.472164][ T3092] usb 1-1: no configurations [ 191.472444][ T3092] usb 1-1: can't read configurations, error -22 [ 191.475980][ T3092] usb usb1-port1: unable to enumerate USB device [ 192.266524][ T3724] mmap: syz.1.118 (3724) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 200.701350][ T3404] usb 1-1: new full-speed USB device number 16 using dummy_hcd [ 201.158442][ T3404] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 201.159040][ T3404] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 201.209256][ T3404] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00 [ 201.209893][ T3404] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 201.210617][ T3404] usb 1-1: SerialNumber: syz [ 201.321916][ T3404] usb 1-1: 0:2 : does not exist [ 201.746509][ T9] usb 1-1: USB disconnect, device number 16 [ 202.145021][ T3741] udevd[3741]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 203.022644][ T3748] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 203.032958][ T3748] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 206.241581][ T9] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 206.430033][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 206.431316][ T9] usb 1-1: config 0 has no interfaces? [ 206.432019][ T9] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 206.432510][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.120912][ T9] usb 1-1: config 0 descriptor?? [ 211.439741][ T3787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 211.459298][ T3787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 215.323823][ T3825] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 215.326120][ T3825] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 215.753845][ T3830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 215.756198][ T3830] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 216.562381][ T3839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 216.564662][ T3839] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 217.446418][ T3590] usb 1-1: USB disconnect, device number 17 [ 217.941485][ T3590] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 218.130864][ T3590] usb 1-1: Using ep0 maxpacket: 8 [ 218.151255][ T3590] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb [ 218.151650][ T3590] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 218.175771][ T3590] usb 1-1: config 0 descriptor?? [ 218.456298][ T3590] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random [ 219.835010][ T3590] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71 [ 219.841436][ T3590] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9 [ 219.848195][ T3590] asix 1-1:0.0: probe with driver asix failed with error -71 [ 219.895253][ T3590] usb 1-1: USB disconnect, device number 18 [ 219.914139][ T3851] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 219.915386][ T3851] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.098575][ T3856] veth0_vlan: entered allmulticast mode [ 220.122679][ T3857] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.124147][ T3857] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.177432][ T3856] veth0_vlan: left promiscuous mode [ 220.203376][ T3856] veth0_vlan: entered promiscuous mode [ 220.901832][ T3725] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 221.254941][ T3725] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 221.255647][ T3725] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 221.296632][ T3725] usb 1-1: config 0 descriptor?? [ 221.708592][ T3725] usb 1-1: Cannot read MAC address [ 221.710022][ T3725] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 221.737296][ T3725] usb 1-1: USB disconnect, device number 19 [ 222.521117][ T32] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 222.807449][ T32] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 222.812567][ T32] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 222.816969][ T32] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 222.821292][ T32] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 222.856713][ T32] usb 1-1: config 0 descriptor?? [ 223.294995][ T3873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 223.301576][ T3873] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 223.661968][ T3875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 223.664365][ T3875] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 230.461833][ T3892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 230.476727][ T3892] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.472003][ T3900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.476519][ T3900] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.491238][ T3900] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.495255][ T3900] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 231.618541][ T3902] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.619815][ T3902] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.154358][ T3590] usb 1-1: USB disconnect, device number 20 [ 237.332371][ T3590] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 237.586880][ T3590] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 237.591602][ T3590] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 237.629590][ T3590] usb 1-1: config 0 descriptor?? [ 238.218980][ T3590] usb 1-1: Cannot read MAC address [ 238.227619][ T3590] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71 [ 238.293945][ T3590] usb 1-1: USB disconnect, device number 21 [ 238.842596][ T3590] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 239.116601][ T3590] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 239.121533][ T3590] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 239.124969][ T3590] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 239.128364][ T3590] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 239.157251][ T3590] usb 1-1: config 0 descriptor?? [ 244.152708][ C1] vcan0: j1939_tp_rxtimer: 0x0000000089021ad7: rx timeout, send abort [ 244.653867][ C1] vcan0: j1939_tp_rxtimer: 0x0000000089021ad7: abort rx timeout. Force session deactivation [ 249.472483][ T32] usb 1-1: USB disconnect, device number 22 [ 250.789999][ T3725] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 252.628056][ T3725] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 252.628695][ T3725] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 252.629034][ T3725] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33 [ 252.629300][ T3725] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 252.654038][ T3725] usb 1-1: config 0 descriptor?? [ 258.515409][ T3969] Zero length message leads to an empty skb [ 263.074467][ T32] usb 1-1: USB disconnect, device number 23 [ 263.681173][ T32] usb 1-1: new full-speed USB device number 24 using dummy_hcd [ 263.939671][ T32] usb 1-1: config 1 has an invalid interface number: 105 but max is 0 [ 263.945558][ T32] usb 1-1: config 1 has no interface number 0 [ 263.953569][ T32] usb 1-1: config 1 interface 105 has no altsetting 0 [ 264.047976][ T32] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=31.6d [ 264.054096][ T32] usb 1-1: New USB device strings: Mfr=107, Product=102, SerialNumber=146 [ 264.061831][ T32] usb 1-1: Product: syz [ 264.065865][ T32] usb 1-1: Manufacturer: syz [ 264.070839][ T32] usb 1-1: SerialNumber: syz [ 264.899584][ T32] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: 2 [ 264.906990][ T32] aqc111 1-1:1.105: probe with driver aqc111 failed with error -61 [ 265.122206][ T32] usb 1-1: USB disconnect, device number 24 [ 267.841261][ T3590] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 268.054682][ T3590] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00 [ 268.058484][ T3590] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 268.069439][ T3590] usb 1-1: Product: syz [ 268.069977][ T3590] usb 1-1: Manufacturer: syz [ 268.070723][ T3590] usb 1-1: SerialNumber: syz [ 270.041327][ T3590] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000040. ret = -EPROTO [ 270.047977][ T3590] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO [ 270.063239][ T3590] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO [ 270.067975][ T3590] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED.... [ 270.074457][ T3590] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED [ 270.118034][ T3590] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71 [ 270.197341][ T3590] usb 1-1: USB disconnect, device number 25 [ 279.324130][ T4013] tmpfs: Too small a size for current use [ 299.894010][ T4036] netlink: 'syz.0.231': attribute type 1 has an invalid length. [ 300.063802][ T4036] 8021q: adding VLAN 0 to HW filter on device bond1 [ 300.142209][ T4036] ip6erspan0: entered promiscuous mode [ 300.175192][ T4036] bond1: (slave ip6erspan0): making interface the new active one [ 300.506552][ T4036] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link [ 302.082815][ T4040] serio: Serial port ptm0 [ 311.572454][ T4068] trusted_key: encrypted_key: insufficient parameters specified [ 318.393555][ T4097] ================================================================== [ 318.395759][ T4097] BUG: KASAN: invalid-access in __memcpy+0xc/0x54 [ 318.397290][ T4097] Write at addr f7ff80008345d160 by task syz.1.249/4097 [ 318.397672][ T4097] Pointer tag: [f7], memory tag: [fe] [ 318.397776][ T4097] [ 318.398347][ T4097] CPU: 1 UID: 0 PID: 4097 Comm: syz.1.249 Not tainted syzkaller #0 PREEMPT [ 318.398649][ T4097] Hardware name: linux,dummy-virt (DT) [ 318.398859][ T4097] Call trace: [ 318.399072][ T4097] show_stack+0x18/0x24 (C) [ 318.399439][ T4097] dump_stack_lvl+0x78/0x90 [ 318.399651][ T4097] print_report+0x108/0x61c [ 318.399779][ T4097] kasan_report+0x88/0xac [ 318.399895][ T4097] __do_kernel_fault+0x170/0x1c8 [ 318.400037][ T4097] do_bad_area+0x68/0x78 [ 318.400236][ T4097] do_tag_check_fault+0x34/0x44 [ 318.400556][ T4097] do_mem_abort+0x44/0x94 [ 318.400674][ T4097] el1_abort+0x44/0x68 [ 318.400795][ T4097] el1h_64_sync_handler+0x50/0xac [ 318.400912][ T4097] el1h_64_sync+0x6c/0x70 [ 318.401105][ T4097] __memcpy+0xc/0x54 (P) [ 318.401281][ T4097] convert_ctx_accesses+0x694/0xb28 [ 318.401403][ T4097] bpf_check+0x1338/0x2a24 [ 318.401518][ T4097] bpf_prog_load+0x63c/0xcd4 [ 318.401673][ T4097] __sys_bpf+0x2e0/0x1a88 [ 318.401830][ T4097] __arm64_sys_bpf+0x24/0x34 [ 318.401956][ T4097] invoke_syscall+0x48/0x110 [ 318.402084][ T4097] el0_svc_common.constprop.0+0x40/0xe0 [ 318.402202][ T4097] do_el0_svc+0x1c/0x28 [ 318.402323][ T4097] el0_svc+0x34/0x10c [ 318.402438][ T4097] el0t_64_sync_handler+0xa0/0xe4 [ 318.402554][ T4097] el0t_64_sync+0x1a4/0x1a8 [ 318.402835][ T4097] [ 318.403031][ T4097] The buggy address belongs to a 1-page vmalloc region starting at 0xf7ff80008345d000 allocated at bpf_check+0x8c/0x2a24 [ 318.404054][ T4097] The buggy address belongs to the physical page: [ 318.404310][ T4097] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xf9f0000000000000 pfn:0x4be5c [ 318.404633][ T4097] flags: 0x1ffe00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x8) [ 318.405351][ T4097] raw: 01ffe00000000000 0000000000000000 dead000000000122 0000000000000000 [ 318.405460][ T4097] raw: f9f0000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 318.405574][ T4097] page dumped because: kasan: bad access detected [ 318.405634][ T4097] [ 318.405681][ T4097] Memory state around the buggy address: [ 318.406052][ T4097] Unable to handle kernel paging request at virtual address ffff80008345cf00 [ 318.406166][ T4097] Mem abort info: [ 318.406216][ T4097] ESR = 0x0000000096000007 [ 318.406329][ T4097] EC = 0x25: DABT (current EL), IL = 32 bits [ 318.406451][ T4097] SET = 0, FnV = 0 [ 318.406519][ T4097] EA = 0, S1PTW = 0 [ 318.406589][ T4097] FSC = 0x07: level 3 translation fault [ 318.406668][ T4097] Data abort info: [ 318.406720][ T4097] ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000 [ 318.406793][ T4097] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 318.406906][ T4097] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 318.407091][ T4097] swapper pgtable: 4k pages, 52-bit VAs, pgdp=0000000042981000 [ 318.407225][ T4097] [ffff80008345cf00] pgd=1000000042ed3003, p4d=1000000042ed4003, pud=1000000042ed5003, pmd=1000000044147403, pte=0000000000000000 [ 318.408482][ T4097] Internal error: Oops: 0000000096000007 [#1] SMP [ 318.432736][ T4097] Modules linked in: [ 318.433725][ T4097] CPU: 1 UID: 0 PID: 4097 Comm: syz.1.249 Not tainted syzkaller #0 PREEMPT [ 318.434927][ T4097] Hardware name: linux,dummy-virt (DT) [ 318.435763][ T4097] pstate: 624020c9 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--) [ 318.436703][ T4097] pc : kasan_metadata_fetch_row+0xc/0x28 [ 318.437884][ T4097] lr : print_report+0x29c/0x61c [ 318.438535][ T4097] sp : ffff80008a8935e0 [ 318.439091][ T4097] x29: ffff80008a8935e0 x28: f1f000000887ddc0 x27: fcff800083455060 [ 318.440377][ T4097] x26: 0000000000000058 x25: ffff800082448bd0 x24: ffff800082448bd8 [ 318.441222][ T4097] x23: ffff80008345d160 x22: ffff800082419660 x21: ffff80008345d000 [ 318.442039][ T4097] x20: 00000000fffffffe x19: ffff80008345cf00 x18: 0000000000000010 [ 318.442839][ T4097] x17: ffff8000828ffa60 x16: 0000000000006200 x15: ffff80008a893460 [ 318.443632][ T4097] x14: ffff80008a89365c x13: ffff80008a893649 x12: ffff8000829ff3c0 [ 318.444454][ T4097] x11: 0000000000000001 x10: 0000000000000001 x9 : 000000000002ffe8 [ 318.445345][ T4097] x8 : f1f000000887ddc0 x7 : 0000000000000010 x6 : ffff800081c70640 [ 318.446107][ T4097] x5 : 0000000000000030 x4 : 0000000000000002 x3 : ffff80008345d000 [ 318.446869][ T4097] x2 : ffff80008345cf00 x1 : ffff80008345cf10 x0 : ffff80008a893638 [ 318.447854][ T4097] Call trace: [ 318.448376][ T4097] kasan_metadata_fetch_row+0xc/0x28 (P) [ 318.449053][ T4097] kasan_report+0x88/0xac [ 318.449614][ T4097] __do_kernel_fault+0x170/0x1c8 [ 318.450354][ T4097] do_bad_area+0x68/0x78 [ 318.451112][ T4097] do_tag_check_fault+0x34/0x44 [ 318.451623][ T4097] do_mem_abort+0x44/0x94 [ 318.452128][ T4097] el1_abort+0x44/0x68 [ 318.452611][ T4097] el1h_64_sync_handler+0x50/0xac [ 318.453114][ T4097] el1h_64_sync+0x6c/0x70 [ 318.453764][ T4097] __memcpy+0xc/0x54 (P) [ 318.454232][ T4097] convert_ctx_accesses+0x694/0xb28 [ 318.454744][ T4097] bpf_check+0x1338/0x2a24 [ 318.455196][ T4097] bpf_prog_load+0x63c/0xcd4 [ 318.455687][ T4097] __sys_bpf+0x2e0/0x1a88 [ 318.456120][ T4097] __arm64_sys_bpf+0x24/0x34 [ 318.456585][ T4097] invoke_syscall+0x48/0x110 [ 318.457123][ T4097] el0_svc_common.constprop.0+0x40/0xe0 [ 318.457750][ T4097] do_el0_svc+0x1c/0x28 [ 318.458263][ T4097] el0_svc+0x34/0x10c [ 318.458728][ T4097] el0t_64_sync_handler+0xa0/0xe4 [ 318.459277][ T4097] el0t_64_sync+0x1a4/0x1a8 [ 318.460316][ T4097] Code: d65f03c0 91040023 aa0103e2 91004021 (d9600042) [ 318.461498][ T4097] ---[ end trace 0000000000000000 ]--- [ 318.462320][ T4097] Kernel panic - not syncing: Oops: Fatal exception [ 318.463088][ T4097] SMP: stopping secondary CPUs [ 318.464192][ T4097] Kernel Offset: disabled [ 318.464606][ T4097] CPU features: 0x000000,0000d198,2fbe33e0,557ffebf [ 318.465379][ T4097] Memory Limit: none [ 318.466321][ T4097] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:24:06 Registers: info registers vcpu 0 CPU#0 PC=ffff800081b14b2c X00=ffff800081b14b28 X01=f6f000000bd08000 X02=0000000000000001 X03=fff07ffffcfec000 X04=0000000000000001 X05=0000000000000000 X06=0000000000000000 X07=0000000000000000 X08=ffff800082ceb818 X09=ffff800082924000 X10=0000000000000001 X11=ffff800082cb4ec0 X12=00000000000018c1 X13=000000000000035d X14=00000000000001a4 X15=00000000201e26c0 X16=ffff800082ce8000 X17=fff07ffffcfd3000 X18=0000000000000001 X19=0000000000000000 X20=ffff800082a31688 X21=ffff800082a31680 X22=0000000000000098 X23=0000000000000004 X24=ffff800082a31688 X25=0000000000000028 X26=0000000000000001 X27=fff07ffffcfec000 X28=faf0000008915100 X29=ffff800082ceb5a0 X30=ffff80008017f9b0 SP=ffff800082ceb5a0 PSTATE=404020c9 -Z-- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffff7f5f2ad0:00000031706f6f6c Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffff000000000000:ffffff0000000000 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ff000000fff00000 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:3333333333333333:3333333333333333 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000c0000000000 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000073:0000aaaaefce1c90 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000074:0000aaaaefcdef70 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffef61cea0:0000ffffef61cea0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd8:0000ffffef61ce70 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff8000809005f0 X00=0000000000000002 X01=0000000000000018 X02=ffff800082d15018 X03=ffff800082abef10 X04=f5f00000032db880 X05=0000000000000074 X06=0000000000000020 X07=0000000000000000 X08=7f7f7f7f7f7f7f7f X09=ffff800082abef40 X10=0000000000000001 X11=ffff80008a893090 X12=ffff8000829ff3c0 X13=ffff80008a892e5d X14=ffff80008a892e68 X15=ffff80008a892cd0 X16=0000000000006200 X17=ffff8000828ffa60 X18=00000000ffffffff X19=fbf0000003043048 X20=ffff800080900794 X21=f5f00000032db880 X22=fbf0000003043061 X23=0000000000000000 X24=0000000000000000 X25=ffff8000829211f0 X26=00000000000000c0 X27=ffff80008267c000 X28=ffffffffffffffff X29=ffff80008a892f80 X30=ffff8000809007bc SP=ffff80008a892f80 PSTATE=804020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:e9b5dba5b5c0fbcf:71374491428a2f98 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ab1c5ed5923f82a4:59f111f13956c25b Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:550c7dc3243185be:12835b01d807aa98 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c19bf1749bdc06a7:80deb1fe72be5d74 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:240ca1cc0fc19dc6:efbe4786e49b69c1 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:76f988da5cb0a9dc:4a7484aa2de92c6f Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:bf597fc7b00327c8:a831c66d983e5152 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:1429296706ca6351:d5a79147c6e00bf3 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:53380d134d2c6dfc:2e1b213827b70a85 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:92722c8581c2c92e:766a0abb650a7354 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c76c51a3c24b8b70:a81a664ba2bfe8a1 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:106aa070f40e3585:d6990624d192e819 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:34b0bcb52748774c:1e376c0819a4c116 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:682e6ff35b9cca4f:4ed8aa4a391c0cb3 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:8cc7020884c87814:78a5636f748f82ee Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:c67178f2bef9a3f7:a4506ceb90befffa Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:eb4cb52c8202facf:91badd150a87466d Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:4b2c6bc9c5793e82:0b149d4ef19a5be1 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0b47aaa1eaaf45b6:019d3f2e88afd5c3 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:95e6230854c54041:42d1bd579a712058 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:592af86756e1eb49:80ccc8c7ef48e789 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6d06065dc1251aad:9e617beda859402c Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:980eaca96f77bdca:7a42a29dfd3f58b1 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:5c579bfa13bee438:e7222a422b302052 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b3db032d1a72f7d7:c5651a42853f0122 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:11253944a1a14102:035c1361574aedad Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:eb39ae1abdab3434:0ce592a95ca5667f Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000