last executing test programs: 5.610007327s ago: executing program 2 (id=1241): r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'}) close(r1) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="1e030600bc5cb60128876360864666702c1ffe8000000000003b", @ANYRESDEC], 0xffdd) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 3.219737938s ago: executing program 0 (id=1245): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='scalable\x00', 0x9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x8208204) open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) ftruncate(r1, 0x0) r2 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) open_by_handle_at(r5, &(0x7f0000000100)=@ocfs2={0xc, 0xfe, {0x5}}, 0x260040) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185648, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f905, 0x6, '\x00', @p_u32=&(0x7f0000000100)=0xfffffffe}}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) ioctl$FBIOGET_VSCREENINFO(r1, 0x4600, &(0x7f0000000140)) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=0x0) mount$fuse(0x0, 0x0, &(0x7f0000000240), 0x8000, &(0x7f0000000580)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@allow_other}, {@allow_other}, {@default_permissions}], [{@fowner_gt}]}}) mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000240)='./bus\x00', &(0x7f0000000280), 0x242840, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=virtio,privport,mmap,euid>', @ANYRESDEC=r6, @ANYBLOB="2c736d61636b66ff03000000000000"]) 2.969318547s ago: executing program 0 (id=1246): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000040)={0x38, r1, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'nicvf0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}]}, 0x38}}, 0xa00) 2.901493973s ago: executing program 3 (id=1248): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) ioctl$RTC_SET_TIME(0xffffffffffffffff, 0x4024700a, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000900000000000000213f0000c50000000e800000850000000e0000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000006c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000000)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2.854432069s ago: executing program 2 (id=1249): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='scalable\x00', 0x9) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) io_submit(0x0, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x8208204) open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) ftruncate(r1, 0x0) r2 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) open_by_handle_at(r5, &(0x7f0000000100)=@ocfs2={0xc, 0xfe, {0x5}}, 0x260040) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185648, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f905, 0x6, '\x00', @p_u32=&(0x7f0000000100)=0xfffffffe}}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) ioctl$FBIOGET_VSCREENINFO(r1, 0x4600, &(0x7f0000000140)) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=0x0) mount$fuse(0x0, 0x0, &(0x7f0000000240), 0x8000, &(0x7f0000000580)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@allow_other}, {@allow_other}, {@default_permissions}], [{@fowner_gt}]}}) mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000240)='./bus\x00', &(0x7f0000000280), 0x242840, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=virtio,privport,mmap,euid>', @ANYRESDEC=r6, @ANYBLOB="2c736d61636b66ff03000000000000"]) 2.779770418s ago: executing program 0 (id=1252): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='scalable\x00', 0x9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0) setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./file0\x00') r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0) ftruncate(r1, 0x8208204) open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0) open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0) ftruncate(r1, 0x0) r2 = openat$vicodec0(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_procs(r4, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0) open_by_handle_at(r5, &(0x7f0000000100)=@ocfs2={0xc, 0xfe, {0x5}}, 0x260040) ioctl$VIDIOC_G_EXT_CTRLS(r2, 0xc0185648, &(0x7f0000000080)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x98f905, 0x6, '\x00', @p_u32=&(0x7f0000000100)=0xfffffffe}}) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10) ioctl$FBIOGET_VSCREENINFO(r1, 0x4600, &(0x7f0000000140)) sendto$inet(r0, 0x0, 0x0, 0x200047fd, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600), 0x4) sendto$inet(r0, &(0x7f0000000700)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff959bcecc7a95425a3a07e758044ab4ea6f7c555d88fecf90b037511bf746bec66ba", 0x994b6e03113064ae, 0x0, 0x0, 0x0) recvmsg(r0, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104) getresuid(&(0x7f00000002c0), &(0x7f0000000300), &(0x7f0000000340)=0x0) mount$fuse(0x0, 0x0, &(0x7f0000000240), 0x8000, &(0x7f0000000580)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {'user_id', 0x3d, r6}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@allow_other}, {@allow_other}, {@default_permissions}], [{@fowner_gt}]}}) mount$9p_virtio(&(0x7f0000000200), &(0x7f0000000240)='./bus\x00', &(0x7f0000000280), 0x242840, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=virtio,privport,mmap,euid>', @ANYRESDEC=r6, @ANYBLOB="2c736d61636b66ff03000000000000"]) 2.629654472s ago: executing program 3 (id=1254): io_setup(0x3ff, 0x0) eventfd(0xc) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ee17e2e04"], 0x7) 2.470159021s ago: executing program 2 (id=1255): sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180011000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93", 0xcb}], 0x1, 0x0, 0x0, 0x7400}, 0x0) syz_emit_ethernet(0x7a, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaaaa86dd60000b28000c2f00fe800000003a00000000000000100002fe8000000000000000000000000000aa242088be"], 0x0) 2.469758966s ago: executing program 3 (id=1256): socket$nl_netfilter(0x10, 0x3, 0xc) (async) creat(&(0x7f0000000280)='./file0\x00', 0x0) sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={0x0, 0xf}}, 0x0) (async) r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd) (async) r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe) (async) r2 = add_key$user(&(0x7f0000000540), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}}) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x12, 0x5, &(0x7f0000000180)=ANY=[@ANYRES8=0x0, @ANYRES16], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) socket$nl_route(0x10, 0x3, 0x0) r3 = socket$inet_udp(0x2, 0x2, 0x0) r4 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x80800, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000300)=@l={0x92, 0x4, 0xc0, 0x10, 0x40, 0xd0, 0x7c}) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) (async) ioctl$KVM_CREATE_PIT2(r6, 0x4040ae77, &(0x7f0000000000)) (async) ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_PIT(r6, 0x8048ae66, &(0x7f0000000040)) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SCALLUSERDATA(r8, 0x89e5, &(0x7f0000000340)={0x8, "47b90bff9c66bb96fc980844a047b9eb424b83401a79ae96845875ac81e14e7f27e3bdfd2f5d721170a04c0ad4aa2d1dded0d29abe36c855a12f13a141374367313bb9e0a38f211721afabdd786974dbd6c2c9ec7faa6b5828433e0e958151bf393cfef057b3c3e8f186d1bcd34bb3b6dd4859223964108280e7523383f86727"}) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'veth0_to_bridge\x00', 0x0}) (async) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1bf4a6df3a0000001c000000002000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x90) (async) r11 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r11, 0x0) 2.33480564s ago: executing program 2 (id=1258): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xb}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="940df94d5295733368ff3a55ed32cf374924267de8604eda898dd05d0a1f477b", @ANYRES16=r3, @ANYRESOCT=r3], 0x28}}, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r4 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff}, 0x10) sendmsg$kcm(r4, &(0x7f00000016c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="2e0000004a008102e00f80ecdb4cb9020a", 0x4a}, {&(0x7f0000001700)="0c74c75350f4a590e15c61c7942348092734fe1863473bbce6798a60e9", 0x1d}], 0x2, 0x0, 0x0, 0x10}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000002800)=ANY=[@ANYRES64=r3, @ANYRES16=r3, @ANYBLOB="a3649487b9d88f6db7ba5a9d1571c3edbba75e11c98f1a4eeb21daa955848dbeea2e58a895fee06c737820ea71c9afebfde564d4eb259739280c7f757bb16b6f9ba840ca41437900bfe0a664190111eaafdcf97048784f108dcc37dac2621e7d950aebe033d84bbe0d73e85b", @ANYRES32=r2, @ANYRES16=r1, @ANYRESOCT=r3, @ANYRES16=r4, @ANYBLOB="f9263b67816a9e045d5b1e7c20d47dcbe52f5d3f3f2d6a54a008fd516fa14e7b5b19672c5c1d38d06c1b9230b0de89c23fab5563e1895bc65666bd5dda6c8541de031e1ba5a4b026e9254177275f0a3a4c820c45f12a560235ebe40f2d0623e8fe26fe9ff261442a5f2c059429b19afa8a5fcc9513c52261d6e5437779016ca7fbcafea49c2d512ab92cbb04a7cf0e3581ffa5d61fac4d59fa0e56e6cdaf7d2c2e91dcd2139b62d91b82fe1361c46d9dc9f8f08e31010bd247570c7f9ead41ed91ea0b39567e1c3a00b2dda1539bdb3153b1dd12fd3e7cbdc0070914ce0ff7e77484a7a023e57068ffec06341e00cbe841dfe45823e4c6fbb509d6147edfa8db5861436735ad94209f0473a0034e168b6ae474dfca9382dcfbf023033a81e8d1db3a100b7469ecf7e340ceba1dba0c9c33786e0294d77951d4453cccb0308cc87b134f37aaefc45b69c3c1aa9d87c67d8cae3fa77735cd4e99ee2806f77bb6e814362abff6e89c1ec9451e84575fb555f915f84ecfd7cd040052de79d6f4caddbafa5fccd85d1e882aa64b1cf482f5276efc7aca7986d2a717a7e73399ef58d7ac577e9a4df7448d72deb8ed4d3c298e7d47f1f082dd1e7982553d760a0899039691643d59585c099b3cfa0d5875787b2a100ba9b9b2db4ee50a4970f6907e9e405561e5da1aa8ad98d67df6cb009da27e885406e3189b56c00ddd531f46383cd92de39ff9835f005f59ecadb72675ad91a0d4bf1bd525ebcb0242123e81e674ad354ad686b6780de2bee44c28758462f7752ec54de4c8af07100de33a72faa90878ff229118e7a38014b0c763dc315b1b7c9cbe67ee629f14659d7f182ac5f3c3b7a5bc32f91ba7bfa3c816c01115392aaab76a49da75469c1871756aec603d3d26c6978e26a5da116f6041556b08a73a2093838e5760b60a88105d4056332475eee703268979c4d32a8c18d93ea07ec0d198f5c1ac027ed9f4eafede77932bc3692b011e89010677a853dd686b4cc463c396f8660bf25693fa0890211d98da5210538223bb1f8349af08ee0c24e2a8576c11658da928dd2f977c5315774df69d8cdf3bd39295c88451e9af66baa811585b2cf600bdf0fcca574a7adfb93248f4e9ac545ec917127cb60d7b68bc9e21745f13eb2a2292a961949cf74966f14222fe7f42935ddcb0238cb8ae061fe363a9f47e344092e4cfe55ff809ea47a32c102452b03d46973df876a805b5c6bfe593c82a46bf8110a612a318a8e05394f2351bcdbba5cbc34621d6287cead3d958207df480b44833420e8add63d52de5597b7f5d5f33bfe429321ed847082f1a8e8e38b091a1ae4ff750826a348f0e0bee17aefa9eec3d63ea92101fa9f4c714b1f40987b0597d3f57ff8ca1a1ac403951c5b5a110cf5bd5cf118e59d4687f3c2004f95c7076a5b046f146e2a2de65fb8effd6065e5cd1379abbe785ca8f3f05ca3d8f7d6219f10c181dc1c8f3b700bd3fa3bc98864e5cc78b39c465a2f057345c58009366063917fc1dc626040ce65bde76d645ee05d2d02a80de8b67f7e60970cb7705635b2fb39cbd00dfd7f43f5cbc908c9477b89f924329d10daf305ff434cde4e46e866232623f3a88e6869c3a6c1bdd9eb1fc388ff365f6ef411d65b58c6764e01ba06d7bca572fb963eee57de2d0209f86999cecb356be514140078801d5183ec44e955ef88ed09df172cd23de4633f5e38bbc560e9b19982a46a5483698cf1943796284ff0303868996550551d8bba015d7ff5750c660cef60db4e77372583930683012df5821ec9a2a9ba3b10febfc82f9f06984707e5ebce07ee3bc5f97cbc80b5e50118ea5e66342236ac83369909bec1af883c0709e315e04c4200239b5ff9140b35b86415487c08931876dac83b62125bc61ab25b43328ee8eb24a883bd3972eafffc2fd31a1de45dca7fdaab3d8f5f0f738eea7b045929d50b517bd839435a99c5c9b744cec6862a8e91e7a3842379d75ae194db6f0a324bdafcc2ec9c8d48fe2f08801ee39a80fa8d88be7a673787c1e9e570fdec083d14827d74f55e0187e6cd1134ec83b88e334982528c97b0ae5d3576f37d553b731b2b7a67179b4649b6368b2b3c1797edb977d51668bbe0f3ca8a6d52b80715d70ad26cfcc3c545d0a4165daa4c4a423f30e63f3cfb76cef4c5a45fd3069f4c9452a31eabf7c9e3149e7ba06dbb3eecaec6dfb6b5a36b8056e49e221ad4fda2b56d45fd1bb1aea192b72f81062124b71985689d6a44a855b6710c4e9e016bc06fca93680c91df95bd26caea78ec89298237c8e8951e698a4cfc86ae747c7c1e0e30f1a367a0dccca020814fab79a684550ddf471b044d1f1fd35d52101163d449dbf01e9b1e03f7c4e9992753f51c2d7fe023485121dcf9aa4ba62cf1368e51fb27f7350904a02a32c19db9f36e7d3ffe08ed9b36bc70d7fabc195a320fef89b7d18017d0a964fdd3c481392f71e5ceff29ecd94452276ecf48ec85fa2f5dfde3467ffe131822b2c8a0700d68f8f6f56da527d476f53d6f14abd97242ce504abacf4e47c329305024e45e9159b22dbc1ed237165dfa2075a875782d39f06f993122205cb849eaf1a896e4ce6a837e52f31a8ac1b71d0f1e9717c3858df582000590cc8e10fd4b2b66d4769e5d57a4158aaaeb9217d4c16eac456dd2d064aa8117cdfdc255419f1f6f5e0570fcdab09e44bac4384c616f9e7c286c98598e8f96c0a70e02e26afd512a458bb177588d6c675252cae6c67016539af45b829727ab165b14dbcc1e5b5fd4aa47c5f01b4462afc597d1e046940f29a640883507b7a715095a69736fffcb61c085d09f00d675a4466377bb64dceed53eb616049e8c280ada16bfc5d0ef705cee516ca4ddb9dee860df2e688a5fba84a295e0fb44f12419f0229cd9d4f6c545d1bd0e6ed676de8df451a0c45ad9eebd5a5b420ebeed90d74a4cae2de9407a3beef0a36951884d42a90736c5642adecc330447867199456dd58787957c62efc2ad657dc1c837c130ebdff98997cc4ff10b2449a4fca448683db99799e1b7d5fd27f5db8e0f415947e784a365c0c1f6040d802055fa8d75fb9aa7efe9eb02f2559ba962b98e45a91c393478478ac0b3d2368429b2d328fd370aca6f6cb66c3d3d1e757d380bc0b9d2df43a9ea3598a84c5b48bc326c2942a3a178ff72bd13342fbaf5ebf1db8c1ca4f440656db08f1faebf1295e202d5104194550e85cf5c91d87e560a1b20cbfc083e1277e192ca99bbf31b42a3233fb4f6efa5e83318a4927c226c994f7884ef2cf78b59594aacf1716f3bef1e4e503eb01e1c225a2958bdb33e838ac3e48ddccac42390f055481fb31874eac2b74f7b93c2a72a5ee826f37f3c306d307d76f6ea85a9fe7cc2db778bac2fb83c2212f2808f339312b9e7e1244f9c8e0bc2a8c31aaf440781ca67604b75453fdbeda8727b68443cfd40c27a9ce8dbeab3c44d8080865c5f0cf909aa0a292137684b8e4b49d8c7557592b6278848c4e18166e8b39812acd2342e151882aae145d1e29cd877d09198fb894507f651dc4596e30a7e0d77e9b560e25b8f5c8c534f7a81725cb3b2f722d06b11a9552a7089fe7f7f4c72946f3bd505e5b02cdcc9d8a142dbd2572d19ee863ce2af33f3c91b5de795df8a8eb1862ec717de38ccaa9191071fa9f877610ec949161eb2073fcaeff4b404751385c78727083dec69549819400c98a6e183e971efc5a50e048519c88c8627ec62e10fa4bea2bb96052d2ba221a180f70d2283c37398114948ba9e8eb300a0e6d23ff7edfca8a54b8f91ab4ce963800d674d61f0d234935f4c18be81542aeb2b82af09a1281f8ead9120526c4d09ab56081df1db7fd8dc577f96f30f900ccf3719d240fd41d2a722bc9269de25af40e141ba36c3fbf4123078866f55233bd4cffc83f769cd7f59057682223024590618b557c3a073e4b12b05ff1ccdc03a9e85f82b4ead911ee3dfe954336d276ca6473d03cbe2413322cea24a01d471fcaea19ad6f4142ee53f0a7cbffb87873a3980f38e244331fb47992eb8ac7d1d13b49e38eccebf5858b4ddd4ad21ddc50505a8da221b96e3b8d0ac32736fc8d54c14d6c959658c4c7971a82947283cf8418d17824b142859411ede02ae7ca43710ce8872667bce706509807527c8eceef1b0bef3048a2146aa5bd3cf0a558fdab62e5421084db748f1f7bbc436eb75d0dfceadc2ad0df1c81b9ecaddfe60dfd343f43100068ac4a6f764788737d31522829d4e6aacf4fad53306f6cf4a9e3c86f8c9e025594bf12b5c4f8785a8524cfd95b74d043971482c381c31d16135e68da4e98c750464bcba1dfeda4c3d57685c0b84674d5da0e153c8a72ca4dae59a45daf4c8f41f37ea0759c5cdaff82be4615a748f4333c28d5926db80d6b256ee81f537a16ab8ef16aec157c3fc7e333def79d767956bcd39c101bdef5e6e9ba14d0187aa081607117c93e5ad761b24a294b79341e0a7efa26eebad756134a51fc2c7cc0bc91869db303789eb88943f73b3d10945e9713fc4e49f2710c04017bd90e376d444ca8ba1397496c5386713959c636d0fe81a7a2d8cfdf00c40ddff77fc08bc219ed241bc9473b193e809a08271643b016383c9fe5cc840ad2315c69615c3797f7e529ae1a38a7e86886a87779016f6213d875a1e35bebb8ba03439b677e8c139fc1ddaad57bae5ad6233cd82f038fae19a66efd49586756e713f3cf7651b42ae499e4ae2b40aeb53bf1ea91b3996bc46832ad333ee199a3e541f4d4f10461a61134a9d9ffcb22c520308f27b47881ded093e6952fb5fec5dc3194bf3787dffcf92d4095e58a4d1974381cbb30df358b4adc40858549f6297f777ef969f43593e18d4bc0e97ade61a356ccc2c4a0c58cf89fd6babd677c0a89435015c97687f4232b830982d997d0bbdf22decc2a68c410650617f6a1a10d938983ff8d1b13a26695d96b6970e961943791ae7b989104e7ca2faaafdb341b44264ade7a34ffcbd77df524a636648c5d4ebf2a587c6827c73f883d19bff6e4d80ddfa523dbe7b27397b4e93002d7a7fb29baa0a86368693d6fa0f92b4e675b3abc303a0c6e479faf8252b86cc09fefca644546f8a0269ad5b3e992015caf1ba9e4d4b30040386d1afcf2bfe902da11fe6a66c4ae4c7931eaa8482c9c818e40db348ff7020211482f17deb1370ea3a389b2a7197fefce54d1d33b56d26ffd18672292c119e02cc4cd3e5ae0fb22a6d0280136c50e113d29c61eb521525732eccdc9c4b5e2181bdb38879040a6d2e4bcd26d762f0c67ed004adfff1f199eb88cb7a59936aee4a4094570d71de134fc786e46d4ac4a074f31ade490005923474075df888edaf8584d966e68e3ad2879eda5871e851c8bc95e63eb7a436d99a770905fca99398feaac7470fa9bd5622b496a4a47386c59abe5331a3a8db810029bb4da203a6034268257628a6a416668a6dcd4c55851501e5dd8eb223885f0ca712026cea6a22f371e80fe6203caa84417a1525c4db56fa34b468f9dd51bd4ba94154205cd423a6018f2c752dda74adb6563180cbefb92b12bee9d1428099e658ab67d811e6a3419b2eeb58167978025390951b3465a84a494f77a7198c294c68b121dd628c96fb74e5d70f7b5ec751c531c5df1792e63f7ec6e1e1dbff6a498c1ed662cadb7ec63e62e8b75e4aa67b82cc5d361ca16e370efe586f55c66d75d7bf0ed3f3ea1809a31bff8a5797a3885eb9642a14d2ea08551ec6c28254a2a320330f69ce7fca37fed8ae6f4fc1d0469634fb33d96"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="02000000040000000600000004af1a2de5563ac2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r5}, 0x38) socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) socket$kcm(0x29, 0x5, 0x0) openat$cdrom(0xffffff9c, 0x0, 0x0, 0x0) ioctl$KDENABIO(0xffffffffffffffff, 0x4b36) capget(&(0x7f0000000000)={0x19980330}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xf}]}, @NFT_MSG_NEWSETELEM={0x74, 0xc, 0xa, 0x801, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x48, 0x3, 0x0, 0x1, [{0x44, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x38, 0xb, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc}]}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10}}, 0xf8}, 0x1, 0xffffffff}, 0x0) r7 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r7, 0xae44, 0x80000000) 2.317422754s ago: executing program 0 (id=1259): ioprio_get$uid(0x3, 0x0) 2.317035305s ago: executing program 1 (id=1260): mount(0x0, 0x0, 0x0, 0x0, 0x0) syz_emit_ethernet(0x46, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @dev}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @loopback, @local}, '\x00\x00\x00\x00\x00\x00\x00\x00'}}}}}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x401) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x8, &(0x7f00000002c0)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @ringbuf_query, @map_idx_val={0x18, 0x5, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x6a}], &(0x7f0000000140)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x53, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000003c0)={0x1, 0x0, 0x1, 0xff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x10, 0xffb, @void, @value}, 0x90) fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0}) quotactl_fd$Q_SETINFO(r0, 0xffffffff80000602, r1, &(0x7f0000000300)={0x7, 0xc0000000, 0x1, 0x3}) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x0, 0xeb, 0x0, &(0x7f0000000640)="91bdad44d444d485b5c7226dff5a2a3a402bf4cd7bd9ff96e48663dbf7e70efa5b5a5ebcfbb095be499d18e70b126c28706489f89f7f34eb5395c170e921142993921671ce0a24dc5898aa1c53d80e5d8212d7b4f65ff9f801ea87634fcf3e39d8fbfc9d391a34596159d91e451b5ae0de03a44e117fce24d1a99db6cab6d1bfcef36d382ddfbf51eb7ad191f190ae00859245635cf1a87680a0c5db7319f0a1136ce911f9db27902b57bedae09dc1e9b3328263d2884f8f6778d14d4db7b164f2301e6941187f41c9240e33e853d90f57b019890da7ef32d59f45b27bb163255b66528065279505572412", 0x0, 0xf7ad, 0x0, 0x9f, 0xd8, &(0x7f00000009c0)="33c33939b78fd0c648075431fbc3079eb164e01cbf9176ce51f9b5e2083846788f404403ac2d91749315f53004a6fe089f3966ec59875e63572eae156027fe7d968671b069ea669a35e287b4f4103c6fccf1bc60b962ae99329a1e22e38667f0b3e241684190a7f731ac7c15297dbdbe97f0793246810ee0aa9e7a7258d75dcef671a1d4c06823e7fdd4a865939f10e1323cb4fd55127b522f3796665a3ef0", &(0x7f0000000a80)="49041bd57a51ee9e08b3fec6e4ca4375e2c860186b197ff6ea53763478b2d0a374ead3100470454923d09722f86b6f084cfc66e7904534cb77058d7d3af3a367a3a8580b5114077f49eae623c50b8de96ad20eabd07d96e74215fdc683a1d67e5bade7bb90a1d85852a0d29a58c9b6769f8f8d2349c01c6a2077b9a83163eaad26fbafefb4fde6e22c8a2c30dab4bd81d26b835a7542e0cfdbeb3f852444fdd14a5158b3ff17194c95bc83790dfd36f36eb74fe5445186c21aed236d5d0f0b80f6c89002790475a4cd924bd490027dbf7568e7178b40e270", 0x1, 0x0, 0x5}, 0x4c) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) setsockopt$inet_dccp_int(r2, 0x21, 0x0, &(0x7f0000000040)=0x9, 0x4) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x32600) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) r4 = syz_init_net_socket$x25(0x9, 0x5, 0x0) writev(r4, &(0x7f00000004c0)=[{&(0x7f0000000240)="b4cc3183d1b5f4d148eb93821499897ac4509a24936b", 0x16}, {&(0x7f000001aa80)="2ddf44fdbd9d791763d84dca70f76c0d428a6435d48aa472d37f3438a02534fcf2e88f8fa55f728d66b101b3ba49abbb061f6b9d69127bf001416c44125658cb6d9649e2f92de8eb75e1d10b53a4a7d8d7e22caf04c61da4b4d4586aa5fda671bd786a95cf6d387bdc1afd2809fcddc08225cc647e968ecd81bde58dcc8aad96f09793344cd4e8ca2ea91a698c8452385cb1b7c2dc788ec53c7c8334cfc7314289a88d2a21d6faced39f623c29f60e9561b0d10d754883227f85704c3384cdd89643758aa6f1f83137f40bd2e7d11ae24ca374dc43103136d93c05d20de69753f3280e97522edce3b94d8b57a82755720912f08a9dcdd37850a10ce8f4c7b7fb85de86d2b46dd833920caec2df2c1d572c14388f03e6556625106b2ad2c56cda0c07eb5453df4d6ece08c2ca5cd52ba98f2006746d2061647f69efccfe2c34927a8ca18dbd5fd299a5cff11ad9c5576db0a9a1d7bfb1e2dd9013d19fe333642232b0f2944246db32cd0abb61571538f7026caca6f41f70e1467418a20102dc3755a166f61d0c20c5b302914ea7e819e55ea314abc1f67c843a091884273ea345e0825f42f379e80c26cb16ee862ed1bb8dce9d1930dd1aaaf7ffc8573e76e58095fe584ad5de71d959e1c05dc4bc1f3bce1f9748b020e4f6ceabcb21efbe9f25253eee7c9c2235a44d7f77c29802fafe59bb9b831070053fb1ce7c8e6efb54c06a8a127e91e6f657f3551f2d9fa143b8cb50dde93c97c1c346fae39d35d126fc56c5492615283eb49e48be99069357988fd9396f2608d41fb6ba9b45dff65fa66edfbb2b08d97a567a74ac83c905850fe8f7e111a31802c10f14057978ace6854cf5a65f7538c845b6dedd41965040a7ac97e6c61ee7b8aeb201435b878b112be092fb510667acd7934728d2ecacbde357c13ed00898fc21071f46a4a400b4867ca8850ed8aae1f2650b146b28cf177a270d326309111d9ce17e36bbeb2ca08e33f7646d866958f7c4f427d2531b3668a66163d7e164abf3963e6f8de7725210d26154e41d99ea12a0e91557a541f6fcd6dd00caf52be77220d1b3468aca4584a6e6e6bc5a0b3fd9de140aa5857d90b6703b9787c7150875dc63a252b26c79dafc40db84db35c9f8b852ccca6e50b4729fcaa28c37475e18f1a41bcc7f9ee74ac19e708b9d02ec8d6c4112446c356968b95f6a58f8db51caf7875ca04b80010aed6fc9967f7b4c95cebdd6e4a59603139a8484a945cb9fed552108b007022a4daf98eb39a66c5587b674cc9f30b335a04be606687267cc2c40821326ff213f3770f94ffc2fda31a1f1f93a2069fc6d652f1e7f45bfba87720537aaf89e8df14a2b1aa174a9e443eba79ce08ed12424a2fae09e588cf74a9f6bdd9729d430538c090d5880e3012a5ef5288d16750057b1b3e60d15da9a1d241bb86d3c964986d67f361ff444dd380d3e37bf39755b85d25244ff179974b636d8a66b481c6bfd26b5c9856d6538ee62569dc0660ed1a747f993898ca4bf2b98a48374bb880d75dab18d463faf6cebac976867b3ce7a9c41055c2181fca3419e5be8d0803fc1f5d3f3cbddfb3fee32442017b4fc418e38cc5bcb59062e403f938fb15b0cb6cc9259d9e3ab9ad184803e3614bb0e445e9aba26e80712427a8b0c4252b9ac969059a38007110f41ecbd46a0ec05dc2c8531272f520af215329c41b5f772b3cc4f82b95ad57df57e88003d51e2794148df359ee111e1bf5b6293f5edeaf7681ae34f0434f531a4c039cedde693b083d59213aa4d48dd6119df23317e3ccc31162a87d45939f4e6bfbc8c82303024960badc3aee3b1992805617a1a8c75f2ab6515eab9c9b6b28680f26b7a2a0079bf6453d3a38819a067d2112b85a0c62aa8d961e17aa94d77a7258fd1cc81b9da1afd7f0a4cb7b2583c6b96df0c7d4aaff17e13ff4328eb197b8d3b7c1fb2668d56fdd078660f8a52a41147640fa8c3696769ba69350d3750343bf739f7e55b7cc95c6b3f32237b70e2e1309c71e251e03bad2ca85c589674a5142e08f74e549626e1fff91302eb5f09ea93b7b5cefd8d515d2e8f1f97f8e88a6e62c76bff8cdc1749cf631c3edf7ec2c01d76555f59938043722de537cd4a872bb1ea496aba89281b4f849beb3a5ea40b8c650e5ffabab0a515ca84a39d440d3c4a81152bb95c352e838fb6f2d97eb4a1472f91b9db28c324fdf7eec98425430d494d21b76d03c4cf8ab8e599680f3e7dca91d758c1294defb8dfdcb0e0998468fc7021ad2ddda0a930139560b663524142b4ed84eef6706384558982d7a69c19a3a41d433d83254c03e552882802b3f0437154c61eafaac1faf62e2f95f8b7ddffa9bbac692a7838100262c897c3f5f4678fdd7a591705d7d145f0bf6abb1f4fccdc33da4905aeb64a6daeb87a17714856cd64e01fd4d6e8d6d3ecdee0e79ef81dd8d7cc82facee096faebeaf0fe16caadf5571c5a9892e4dc293c00e9795046405bac6a1b68d7dede2d53cd3fdf8d02b7be2c9c246620b975f205a3fd4aa090c9d306fb65d7e735d63df9d6ae8f5a3fd88c370c9d6c2985b03dea8c6fcefd3ca1858074331c70a3599bd800aa4481a6a03f3a0baed51da71f8eecdbcb0cd0774ba8786b0845ffe003632d248e41b3648b2eef5d795ff3ca30056ccf559d230fcec5e41ea885011d2633393a1c00acfe94be319236e8e93b36bdaf093aae83a65cbe9c553fde14fd949e7f47d0fccac909844a81d71103da1a8bacb0403ee984c533109755731584e11efda218a626b62ed9597e8a3a83c2b58d959ad2f5a4adc47680ca6e75d2a7613de2773085f8e65c2c809a36ea638949cb08223b253a0e03a4dab39924f5fd230e4cb871cc5b81e3b23efe4a561504873a85ea42e4f3bc0aae0c81334b481fb288f5f002073433487fa10488b73515c5f5d4f1be38fdbc07438cc4e8b5b6f8e8cd7cc90b328f1bb2f7e5da07b35fe3d03ed3a54b32703390eaa9f495d7f06c2bbb7927396f175cdd5a087326b8ea14ab8806ca699b7dfee5a159a8baaf8d775ae6f7454e093e6a3f5f7fbf466ca9fe1515fcbd5f5f0df64cb6759e96fab773f31b571719792c4e3833165d7f8dcdccdc714f5fe15464c6392a31785e78ba34edb0ec6313937f2c39b3b8ff8dc5d699d96aa0d449b5c0ca5b4c1c9702af8787a80716bd9d85e6e81f193d9e791837cd9e8f6c786fe862f89017d9e9c5af22748cac949fe63019a19ee11f34ca9efbc64313ceb773911b285d178c8704f80c607136f3ff02b32d4a896e8f2b560a331ef39f66d5d7a1ff510c204b24fe5797cb10b0e0c5f0d503abb15e60e65d7a99922125cd66435b79d0765f610042df923d10240c1284d83527f1bd86ce5bb590655f305e7771d900e130e4566e4a0dedc052a45eb559c4db568a1dadf714e3343eb5447266144b46dff0c0d4b2dbb70f039aed15a702e106ae3586c22374b3a1d702dff62324e9f178f6b09f1fa27f6ed12f0a96dda194b8f0f52887abd75242ea395a7f410037a24df11dd161858ee3fdcd12a4bcd4f6b455888ddf527feceabe455811516c202b42a6bb6f7c7c8e15cc6b1dd73d743ab16b7cdb99b0fbc88a3dff385cd4decfb5dfd5af7874a7e022dde440b6e75e99484a01b79517c288bbc1ed07d1c5f5a760f2c00939fda028b1955cd616965acf885c7e8cbb820e61e0e19718d21bea2ae4074f8c11f90a5278bda16edd3f329edc5c83b55eab5658e31a78960e4ef6789440d6fd3fba19a3d542ee5421617ea60d4860d2e8df257f22b3b626961dee5780e29a16e195accadc1d0b310e7d98a466f8d7d59adc653b9be0426d9360d973149798df7b57fb6420cd927c0730933c46ced3fe24c5d88d94195936d4ff791f929e914fd0415a65ca9dd130a0cd4b3ea1e2ad70dd18cd2e8df912c9d0041ce1ec000bfd2c754c375fdeda9c702aca996e6376bd18ef0a4a5af23dbb7db891d900ea96ae53f728b5fc77edeb9b70675efbee928eaf053a7e7afc478515ff9c1e64a3961d4e97c64a0f63c904c56e4adb8f7f0bfda8b316d8f54f24c84e867ebdc819735876803231d56c8d2bb8b94c03cc82e96fc0dc980619bcd1702650d04ec63a73103d62a462b855506b95100123c21daf662995c44dc2c8e1542af8037df81968acf7e636bc4b326396eb86f3f2023240fbfd3e10465dfd42d99752d91174dd5838d5ddbcf879ab044e7f18380f9b06541fadd70d8cca7ffdf1f3", 0xbc0}, {&(0x7f0000000b80)="165df50dbb7ee8d7182a77024aa90af9aa9eb5f98e4915b4117bff80892beb4391cebdb49bf641b0f7bb31f80027777aa82c31ccc18a93c129979bef3c33755708975b5b57b2d1ccd135ef80cc560e5314d1631d54b88485df6d8d20146d4e2f781c7ee8548903d01acdf60b0327dcd24bceb2b5a5d1d4251f49f753c3ea7f45a3d199cf", 0x84}, {&(0x7f0000000280)="72f0a226ac9fee40e482be0d6c1ee989ded29e89c3f490f1ef0fa054661d141d122fe6390e1c6229ee2e822f93d030", 0x2f}], 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000002600)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd70a5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c707647fa8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa60e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d162718e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a47c721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f664222000000000000000d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d808f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bff000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6197155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b0a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r5}, 0x10) ioctl$EVIOCGRAB(r3, 0x40044590, &(0x7f0000000080)) ioctl$EVIOCGABS20(r3, 0x40044591, 0x0) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31000000005c000000060a010400000000000000000100000008000b4000000000340004802000018008000100636d70001400028008000140000000000800024000000000100001800900010068617368000000000900010073797a3000000000140000001100010000000000000000000000000a8b23f6ccc83ef3889dde5c53de9abf6730afa2de3784836e6b7991037d7667e5db61d0b5ea5d760d7e77ebefb188c319d9c7672f22f9395fbb14d231711673002cb724253e7e5133d7a4288a9da99d3877d9d1590c208b5bf08316e84c9cd6c612691dc7df28ba9ef590129c7f76b87e1c68edb31155ecd8de8a7216cfe16025dc00aec258579618b6e628aa5626636e73315947d2988bdc544ba6c8e239462b0c59211b3a7ff275f160d5a6085174c57b6fe6da0771103afb4a"], 0xd0}}, 0x0) 2.316597054s ago: executing program 3 (id=1261): syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0xb, 0x0) read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8) fcntl$addseals(0xffffffffffffffff, 0x409, 0x7) socket$l2tp(0x2, 0x2, 0x73) r1 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TIOCSETD(r1, 0x5423, 0x0) ioctl$EVIOCGPROP(0xffffffffffffffff, 0x40047438, 0x0) r2 = socket$inet6(0xa, 0x6, 0x0) syz_open_dev$admmidi(0x0, 0x20, 0x200) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="40000000100003040000000000", @ANYRES32=0x0], 0x40}}, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000580)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@metacopy_on}], [{@hash}, {@obj_type={'obj_type', 0x3d, 'metacopy=on'}}]}) chdir(&(0x7f00000001c0)='./bus\x00') r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000009d00)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000009e00)={0x0, 0x0, &(0x7f0000009dc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010027bd7000fcdbdf256800000008000300", @ANYRES32=r6, @ANYBLOB="1800c700fa04073f"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x74, r5, 0x810, 0x70bd2c, 0x25dfdbff, {{}, {@void, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x74}, 0x1, 0x0, 0x0, 0x10}, 0x20008811) r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) getdents64(r7, &(0x7f0000000f80)=""/4096, 0x300) close_range(r2, 0xffffffffffffffff, 0x0) 2.094397814s ago: executing program 0 (id=1262): openat$khugepaged_scan(0xffffffffffffff9c, 0x0, 0x1, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fffff) ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(0xffffffffffffffff, 0xc02064cc, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = open(0x0, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0x541b, 0x0) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) r2 = userfaultfd(0x801) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, 0x0) ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000000)={&(0x7f00005ae000/0x3000)=nil, &(0x7f0000779000/0x1000)=nil, 0x3000, 0x3, 0x2}) sendmsg$TIPC_CMD_GET_BEARER_NAMES(0xffffffffffffffff, 0x0, 0x40) r3 = socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000780)=@raw={'raw\x00', 0x8, 0x3, 0x2b4, 0x150, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x220, 0xffffffff, 0xffffffff, 0x220, 0xffffffff, 0x7fffffe, 0x0, {[{{@uncond, 0x6, 0x130, 0x150, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "00000100cbd047da9ca965f96ad5801f0514d363ee84bb895919d9490f6785fba3c4a44f1e25ecefef2a2d6054f5260ece5ce1a56a5ef73be11d65bfe8c37674024c183ebacdf741cea92ded3a9ca54de15dd9ec8ef62f9e000000000000000000ffffff7f00", 0x7d, 0x2}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0x70, 0xd0, 0x0, {0x50010000}}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x310) 1.42996978s ago: executing program 2 (id=1263): socket$key(0xf, 0x3, 0x2) r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$CDROMPLAYTRKIND(r0, 0x5304, &(0x7f0000000380)={0x0, 0x0, 0x1}) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r0, 0x40047211, 0x0) r1 = socket(0x10, 0x3, 0x0) openat$procfs(0xffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0) setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[], 0x1c}}, 0x0) connect$bt_l2cap(r1, &(0x7f0000000200)={0x1f, 0x6, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x7, 0x1}, 0xe) 1.368152015s ago: executing program 1 (id=1264): io_setup(0x3ff, 0x0) eventfd(0xc) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ee17e2e04"], 0x7) 1.353238741s ago: executing program 2 (id=1265): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10) pipe(0x0) r1 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10) r2 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x1}, 0x10) close(r1) setsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0xffffffffffffffff, 0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f00000001c0)}, 0x1c) r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x80, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0x1, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000019300)={{r3}, &(0x7f0000000240), &(0x7f0000000280)=r4}, 0x1c) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='devfreq_frequency\x00'}, 0x18) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004b00)=[{{0x0, 0x0, &(0x7f00000047c0)=[{&(0x7f00000037c0)="0a7710543d413ae880a090e14c560e799d2b2093faa6bd1277ba2d84a10553f66c92453e9f9380a19ee711b6cb455511da5afbb8c7db351e52136a053980bf87958a4a1faf56a9e77e588a9b0e7dca85fa9e3a28423f8118a16d27cf4cc8bc6fdc9c3b09721cb9af19def49099f81ae68474a84f749035130e9762d1cb1a18b4b6b0ca943b05898da788488124155a7070a45bd27fc343e2ffd453e33a9e58a2ebb704aac673aa200c1eda1a6d2a5dd5ac38e8232ffa853fced19ecd5de5ae196145edcb56529423bfe055d317b58197147b8ed4e01896e9ca5ca12a6c50a1c38f008cd3362a017ea4beb40dffdbb5a221faf2ac604a67eaf8689527331b55c8748c5d59b7d919160082bb14feaaa193bb8d7579bcd3faf8eff975447e18d1b4b6d81d4ae0fa250732223d1f8b8b1d5540cb69f5570bc575d49428a97658462c32e43c42bee98efe7682423706c06b80b9155f0f02c58dfd00e631a9ee6d44d4b5896960a41cb5476033b4b8847b357621e1152015ea65b211615daed89eb993bead0e10c057fe8945ff40c9d15075cc05e169b6db10367361d0b692b14701eea23d28c0e037a2c32a94cb4112585a901d50f7395dd8f55ed541862d845b73dfc7f189677a1f283c5658bb7a9f17d9ac42511f733abe60456c7ad624ad1434cb14d189206e1ca0fecd4d1c297459abd1304a3ce6dba9db8345d4c1869c6e6347cb6b0979cc03645c50c045f2d865efe3f96cfead0b51cff76a0c88154ba1bfbcefd7ceb52d8270c0c19cd57a2a4853794663311afdfffaee14aeaf4aeeddb6ae5ed7c7d89885d209bb293077b52bda9a7ff78df7a1ea889b39ebfa0f20b23875f7c9699c513dae0d9e90c77d00fce6e1ffd61c6307612e2d018db755bdd771a209671fb5b3968c0499221728f42daf94eeba65d6ecf576509caf057a4991d80b574f00180c84f8b4cbec6cc40f7cccfb8ddc666a006250433052631709cec7362d585a695617870e3dcad11f269f42f7546f40fef8b03337d4b9298695b8cb905c0ce65a78c44c08ceb5fcfb3a0884a5706fa308e3b2fea0d2213156c7ccfb968934f5035a86c9e7a220ee2fb1f9440f7fb38f38745243322eef8da2d8877f5129e63855ff9f748fd7c0df9fcbcc38d3377dabaecdc46c3a1c63c742cbcb0ce379d2376845ff7e9fadc9bcae26a380d8a951842722ff6fcb72505163920bf34f27dd5145d0bb01891ef400f9bac145f4026d4326704b369d0614d54595d1b19cba1d21fc5e2d69614f3fac42e0da2cb26d735c77c0790b6099c2cb8d803a59e1792afd23bf7af3ecd3dfe70b3bb4119120b65f03de9981f99afc955a3254518184f63d0a86b6aab077e50ae7923f45e91743797053bcc9986f9a79aabedf3201a5627f0156f63a78371582fbd70a84d071c6c2c16baf37add98447ae423cf727e298308440867629359d6243af215d18e7816e52db4fe49f29284e738a25d90b00091b0a589c8e998bea6a2cbab133c1a24859721360e5e10aade58db4ff984da5c19e19cb6ec23a88398c3b9b769d3c2db6b913112082c3746e50581d89ea4b43b2ca502a875cc08bb7432ac882eeedbb258a5c96a0b26c95a60a4b9a797e35cbd12271a9e10cf83adc8eff8ee94af700ec381efc581b7d10ff8a9b2097898a89344bf4fc9383c68ac93981b85bd5d9d906219f0e48152dd8cdef07be742a085b8a53b1408ca72089627a965618355058a15a456bb5e3ac3d2e3ac8bf03e14f5037f92d06dfc063bb87c26ed76d7421bc0a396cf7cc46d7283c8fcb8caf16db2072decf45636303994549572a0e388404490330e790caa77b98b56b1176578b7141eac56a635e216afb487412cd1d2d7b410713ba8cd46352b570ffe4854190ce88a3d2365f68b39606a91f9539a408bd49ca82ccc90e955bb9905408960d277122b91399db0824e4639d015261996afed3eb3fa26dba8aaf185a1bb148d317d4f47a8afc0a2f892c7445d518d34cb6b27680ef35151c295b021e5acb9accc4c937547d1e7af7c846ccaeb03fa16f32dc0d5b6ef46c5ef516dc2dcc8dacabfcb62b4bf25a10d13421d8c7a9c904682d769eb0c4fd7629ae345fa8106708b5f06e799eb872d51633ecea711ba3ebb64fc2adaebaa611405925871543a8304fed4bb92ef9e6ebb91ab70f48ca809e4136928075bd69c75cfd002f9f7bac7b90bc7b415389e69140418c868047ab57606fcfeab23e8134fccebce4a5065445cec290fa425d09f5050b78d5b0480a6956b35691490e816d0d4138deb4eb5c8d6087a1edcd0a0842f34433bdfc3f7566aff4a8e07594637e7a314d32d628272c6d9a7319dd43dc31074674194514cce50976602d668eeae1ec39371101fad5b020f27751904b5df74fa462e73db9d068d6fa7a834a669ea03e6c379625cb3a2aecb3e5a75e86f6502ceaad5906f64e7c9967224188e1920d7d66da2b246122473933fe980f5aa5096e648ac35e36f9b2ffb5dca6989a118d522732768592b32c763f830da2ab4d29d7cb235e08cd9f7e0a29f36d593c41fc1891e7a616063eaba69cc1e631b64911e8e6607ac5f693e2cce85ed686bf3eca3d7e6fc74e3f4b8ca6b1a6c818b81e4297b7557e527c74c8668accc967392a50cd2d4708a03df72045762635608f72e571a7878136dff9941264d1a41eb59bd3ea6fdde8290eb6cdf1213693a5dff8c1a0e52c95a6e8f64459e8db7b2d98d0b0955afbe519299a0e76d7fe03009dee53958240e03197337ab8dd3b41d35d156c8cab5ef23c4650de90481c3496e442a6c522cfd498782dd394ea86d0e600f4b0dbdb020874b83e22936d5b9dcc84ecc197a9da20013c346ffeebaa7e88446fc132ca66a81d29d0c577c9ec3124b615095699f4e027c533235f524ddf7c9617ac1feea8502a967a4a7bc1553f5fb44d1230396aae4fe00aa7d81c3a72aa2e2d73bf1c45088a2dfe49d23b", 0x840}], 0x200000000000020f, 0x0, 0x0, 0x4c805}}], 0x1, 0x0) prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000006100)='cmdline\x00') read$FUSE(r6, &(0x7f0000006800)={0x2020}, 0x2020) read$FUSE(r6, &(0x7f00000040c0)={0x2020}, 0x2020) r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r7) socket(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) syz_emit_ethernet(0x3a, &(0x7f0000000180)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000086e8546612c0000000000069078000000ffffffffffffff7f00001890780400"/58], 0x0) write$cgroup_subtree(r5, &(0x7f0000000180)=ANY=[], 0x280) 1.269910257s ago: executing program 1 (id=1266): seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x402) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x1) syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x8341) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000002000000000000000000000e0000000000000000000000000000000c0000000007000000000000850001000000fbff0000000009000000000000"], 0x0, 0x4e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) read$msr(r0, &(0x7f0000019680)=""/102360, 0x18fd8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000e5b000)={0x2, 0x4e20, @broadcast}, 0x10) setsockopt$TIPC_IMPORTANCE(0xffffffffffffffff, 0x10f, 0x7f, 0x0, 0x0) connect$inet(r1, 0x0, 0x0) socket$kcm(0x29, 0x2, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x59032, 0xffffffffffffffff, 0x0) r2 = socket$alg(0x26, 0x5, 0x0) bind$alg(r2, &(0x7f0000000940)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58) setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000440)='\x00'/14, 0xe) accept4(r2, 0x0, 0x0, 0x0) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000962000/0x3000)=nil, &(0x7f0000582000/0x2000)=nil, 0x3000}) 1.225885561s ago: executing program 3 (id=1267): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5800000010001fff000000000000000000000012", @ANYRES32=0x0, @ANYBLOB="02200000c04471d7300012800b000100697036746e6c00002000028005000900290000001400020000000000000000000000000000000001080004"], 0x58}}, 0x0) 1.129956271s ago: executing program 3 (id=1268): socket$nl_route(0x10, 0x3, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f00000001c0), 0x4) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000300)=[@in6={0xa, 0x4e23, 0x5, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10001}]}, &(0x7f0000000200)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000400)={r1}, &(0x7f0000000140)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000000300)=""/102400, 0x19000) bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1b, 0x13, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x78, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, @void, @value}, 0x90) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/address_bits', 0x0, 0x104) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000019480)={0x8, 0x1c29, &(0x7f0000019440)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x3}], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) connect$phonet_pipe(r3, &(0x7f0000000200), 0x10) r4 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0xe, &(0x7f0000000000)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400600142603600e1208000b0000000401a8001600a400014009000200036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360d070100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) r6 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) dup3(r4, r6, 0x0) socket$inet6_sctp(0xa, 0x5, 0x84) madvise(&(0x7f0000d38000/0x3000)=nil, 0x3000, 0xe) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil) madvise(&(0x7f0000f7c000/0x3000)=nil, 0x3000, 0x14) openat$ptp0(0xffffffffffffff9c, &(0x7f0000019380), 0x107000, 0x0) 249.190247ms ago: executing program 1 (id=1269): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900001373797a30000000004c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021100011800c000100636f756e746572006c0000000c0a01010000000000000000070000000900020073797a31000000000900010073797a3000000000400003803c000080080003401b"], 0x100}}, 0x0) 94.821291ms ago: executing program 1 (id=1270): sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_conn_complete={{0x3, 0xb}, {0x7, 0xc8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1, 0x9}}}, 0xe) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f0000000200)={{@my=0x0}, 0x0, 0x1}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) ioctl$IOCTL_VMCI_NOTIFICATIONS_RECEIVE(r1, 0x7a6, &(0x7f0000000240)={0xe, 0x1, 0x69f80000000, 0x20ad, 0x10001, 0x3}) sendmsg$IPSET_CMD_TYPE(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x80, 0xd, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x6}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x3}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'bitmap:ip,mac\x00'}]}, 0x80}, 0x1, 0x0, 0x0, 0x41004}, 0x801) 94.409478ms ago: executing program 0 (id=1271): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601}) syz_open_dev$mouse(&(0x7f0000000100), 0xffffff80, 0x8080) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="8f0cb9790708"], 0xfdef) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700f00000004000000060ec97000fc83a00fe8000000000000000000200000000aaff020000000000000000000000000001"], 0xffe) 0s ago: executing program 1 (id=1272): openat$nullb(0xffffff9c, &(0x7f00000002c0), 0x280, 0x0) arch_prctl$ARCH_GET_FS(0x1003, &(0x7f00000001c0)) r0 = openat$cdrom(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$CDROM_SET_OPTIONS(r0, 0x5320, 0x1c) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', r1, &(0x7f0000000100)='./file2\x00') lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r1], 0x20, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xa, &(0x7f0000019600)=ANY=[@ANYBLOB="05690400010000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000100010085000000060000000f480600fffffffffdbc2e4bb51c5eee698c5771c5d7ce71ff99cd1aaee012d3bb98707a6ccf20f131e0ed7b95f87090068a16d639d6929e0aa3a224244c65be2b380d702fec4d0efc88cc2039d54dea442f19f96bd3e40edbe79f6ce0bf0ab9845334cdc251302d74dbde96feb31c22aff30ca701ce37a2ffccda11dff8ff"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x14, &(0x7f0000019300)=""/20, 0x41100, 0x52, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000019400)={0x2, 0x4}, 0x8, 0x10, &(0x7f0000019440)={0x2, 0x1, 0x40, 0x44}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000019500)=[r1, 0xffffffffffffffff, r1, r1], 0x0, 0x10, 0xfffffff8, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xf, 0x11012, r2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r2, 0x0) (fail_nth: 13) kernel console output (not intermixed with test programs): 2 family 0 port 6081 - 0 [ 105.576432][ T6461] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.596584][ T6461] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.602793][ T6461] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.778963][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.800053][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.813646][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.826295][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.126008][ T5358] Bluetooth: hci4: command tx timeout [ 107.180439][ T6513] Bluetooth: MGMT ver 1.23 [ 107.182875][ T6513] netlink: 24 bytes leftover after parsing attributes in process `syz.3.323'. [ 108.244770][ T5358] Bluetooth: hci4: command tx timeout [ 109.228083][ T6535] netlink: 8 bytes leftover after parsing attributes in process `syz.2.328'. [ 110.286089][ T5358] Bluetooth: hci4: command tx timeout [ 111.897603][ T6554] syz.0.332: attempt to access beyond end of device [ 111.897603][ T6554] loop0: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 111.909288][ T6554] EXT4-fs (loop0): unable to read superblock [ 111.944071][ T6554] usb 2-1: USB disconnect, device number 3 [ 112.015631][ T6554] hub 2-0:1.0: USB hub found [ 112.024009][ T6554] hub 2-0:1.0: 6 ports detected [ 112.225933][ T5351] usb 2-1: new high-speed USB device number 4 using ehci-pci [ 112.406055][ T5351] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 112.432100][ T5351] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 112.436164][ T5351] usb 2-1: Product: QEMU USB Tablet [ 112.439195][ T5351] usb 2-1: Manufacturer: QEMU [ 112.442562][ T5351] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 112.549628][ T5351] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0005/input/input9 [ 112.648612][ T5351] hid-generic 0003:0627:0001.0005: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 113.142211][ T6567] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 113.206450][ T6567] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 114.987354][ T6580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.342'. [ 119.836109][ T6632] netlink: 8 bytes leftover after parsing attributes in process `syz.1.357'. [ 119.953420][ T6635] netlink: 48 bytes leftover after parsing attributes in process `syz.2.358'. [ 119.959552][ T6635] netlink: 48 bytes leftover after parsing attributes in process `syz.2.358'. [ 120.079668][ T6642] netlink: 44 bytes leftover after parsing attributes in process `syz.3.360'. [ 120.082720][ T6642] netlink: 59 bytes leftover after parsing attributes in process `syz.3.360'. [ 120.400014][ T6654] netlink: 'syz.0.364': attribute type 3 has an invalid length. [ 120.413773][ T6654] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.364'. [ 120.440850][ T6654] fuseblk: Bad value for 'fd' [ 120.697553][ T1994] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 120.852833][ T1994] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 120.862154][ T1994] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 120.865385][ T1994] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 120.868729][ T1994] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 120.875752][ T1994] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 120.880257][ T1994] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 120.882903][ T1994] usb 5-1: Manufacturer: syz [ 120.887495][ T1994] usb 5-1: config 0 descriptor?? [ 121.328947][ T1994] appleir 0003:05AC:8243.0006: unknown main item tag 0x0 [ 121.331069][ T1994] appleir 0003:05AC:8243.0006: No inputs registered, leaving [ 121.340925][ T1994] appleir 0003:05AC:8243.0006: hiddev0,hidraw1: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0 [ 123.182117][ T6662] netlink: 20 bytes leftover after parsing attributes in process `syz.0.366'. [ 123.420208][ T5406] usb 5-1: USB disconnect, device number 2 [ 123.998528][ T39] audit: type=1804 audit(1727609142.083:8): pid=6668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.368" name="/newroot/104/file0/bus" dev="ramfs" ino=10165 res=1 errno=0 [ 124.111803][ T39] audit: type=1800 audit(1727609142.193:9): pid=6668 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.368" name="bus" dev="ramfs" ino=10165 res=0 errno=0 [ 127.100887][ T5358] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 127.602454][ T6699] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 129.348386][ T39] audit: type=1804 audit(1727609147.433:10): pid=6706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.379" name="/newroot/52/file0/bus" dev="ramfs" ino=14314 res=1 errno=0 [ 129.453805][ T39] audit: type=1800 audit(1727609147.523:11): pid=6706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.379" name="bus" dev="ramfs" ino=14314 res=0 errno=0 [ 129.487178][ T6713] FAULT_INJECTION: forcing a failure. [ 129.487178][ T6713] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 129.491645][ T6713] CPU: 3 UID: 0 PID: 6713 Comm: syz.0.382 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 129.494613][ T6713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 129.497745][ T6713] Call Trace: [ 129.498641][ T6713] [ 129.499399][ T6713] dump_stack_lvl+0x16c/0x1f0 [ 129.500767][ T6713] should_fail_ex+0x497/0x5b0 [ 129.502094][ T6713] ? fs_reclaim_acquire+0xae/0x160 [ 129.503396][ T6713] should_fail_alloc_page+0xe7/0x130 [ 129.504734][ T6713] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 129.506608][ T6713] ? register_lock_class+0xb1/0x1240 [ 129.508161][ T6713] __alloc_pages_noprof+0x190/0x25c0 [ 129.509814][ T6713] ? hlock_class+0x4e/0x130 [ 129.511300][ T6713] ? __lock_acquire+0xbdd/0x3ce0 [ 129.512745][ T6713] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 129.514144][ T6713] ? hlock_class+0x4e/0x130 [ 129.515474][ T6713] ? __lock_acquire+0x163e/0x3ce0 [ 129.516880][ T6713] ? hlock_class+0x4e/0x130 [ 129.518058][ T6713] ? mark_lock+0xb5/0xc60 [ 129.519365][ T6713] ? __pfx___lock_acquire+0x10/0x10 [ 129.521130][ T6713] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 129.523152][ T6713] ? policy_nodemask+0xea/0x4e0 [ 129.524795][ T6713] alloc_pages_mpol_noprof+0x2c9/0x610 [ 129.526619][ T6713] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 129.528424][ T6713] ? find_held_lock+0x2d/0x110 [ 129.529696][ T6713] ? find_held_lock+0x2d/0x110 [ 129.531265][ T6713] pte_alloc_one+0x20/0x360 [ 129.532474][ T6713] __pte_alloc+0x6e/0x390 [ 129.533642][ T6713] ? __pfx___pte_alloc+0x10/0x10 [ 129.534967][ T6713] ? __pfx___might_resched+0x10/0x10 [ 129.536757][ T6713] copy_page_range+0x389a/0x5a50 [ 129.538047][ T6713] ? __pfx_copy_page_range+0x10/0x10 [ 129.539490][ T6713] ? __pfx_lock_release+0x10/0x10 [ 129.541181][ T6713] ? lock_acquire+0x2f/0xb0 [ 129.542836][ T6713] ? copy_mm+0x12a7/0x2550 [ 129.544349][ T6713] ? down_write+0x14e/0x200 [ 129.545921][ T6713] ? up_write+0x1b2/0x520 [ 129.547170][ T6713] copy_mm+0x134f/0x2550 [ 129.548386][ T6713] ? __pfx_copy_mm+0x10/0x10 [ 129.549679][ T6713] ? copy_process+0x38ef/0x6f00 [ 129.551005][ T6713] ? __raw_spin_lock_init+0x3a/0x110 [ 129.552428][ T6713] copy_process+0x3ab9/0x6f00 [ 129.553673][ T6713] ? __pfx_copy_process+0x10/0x10 [ 129.555098][ T6713] ? find_held_lock+0x2d/0x110 [ 129.556825][ T6713] kernel_clone+0xfd/0x960 [ 129.557966][ T6713] ? __pfx_kernel_clone+0x10/0x10 [ 129.559381][ T6713] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 129.561333][ T6713] __do_compat_sys_ia32_clone+0xb7/0x100 [ 129.563211][ T6713] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10 [ 129.565331][ T6713] __do_fast_syscall_32+0x73/0x120 [ 129.566648][ T6713] do_fast_syscall_32+0x32/0x80 [ 129.567901][ T6713] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 129.569472][ T6713] RIP: 0023:0xf742e579 [ 129.570505][ T6713] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 129.576279][ T6713] RSP: 002b:00000000f571651c EFLAGS: 00000246 ORIG_RAX: 0000000000000078 [ 129.578403][ T6713] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000000000000 [ 129.580602][ T6713] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 129.583246][ T6713] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 129.585923][ T6713] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 129.588610][ T6713] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 129.591432][ T6713] [ 129.660284][ T6715] netlink: 12 bytes leftover after parsing attributes in process `syz.0.383'. [ 132.217098][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.219441][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 132.243366][ T6737] No such timeout policy "syz0" [ 132.247637][ T6737] overlayfs: failed to resolve './file0': -2 [ 135.508979][ T39] audit: type=1804 audit(1727609153.593:12): pid=6782 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.402" name="/newroot/105/file0/bus" dev="ramfs" ino=10229 res=1 errno=0 [ 140.267007][ T6820] netlink: 44 bytes leftover after parsing attributes in process `syz.0.414'. [ 140.269476][ T6820] netlink: 51 bytes leftover after parsing attributes in process `syz.0.414'. [ 140.272150][ T6820] netlink: 'syz.0.414': attribute type 6 has an invalid length. [ 140.274399][ T6820] netlink: 51 bytes leftover after parsing attributes in process `syz.0.414'. [ 140.662068][ T39] audit: type=1804 audit(1727609414.743:13): pid=6826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.415" name="/newroot/22/file0/bus" dev="ramfs" ino=17413 res=1 errno=0 [ 141.917613][ T6838] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 143.640074][ T5358] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 145.211812][ T6867] FAULT_INJECTION: forcing a failure. [ 145.211812][ T6867] name failslab, interval 1, probability 0, space 0, times 0 [ 145.226503][ T6867] CPU: 3 UID: 0 PID: 6867 Comm: syz.1.427 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 145.230108][ T6867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 145.233848][ T6867] Call Trace: [ 145.235061][ T6867] [ 145.236115][ T6867] dump_stack_lvl+0x16c/0x1f0 [ 145.237812][ T6867] should_fail_ex+0x497/0x5b0 [ 145.239534][ T6867] ? fs_reclaim_acquire+0xae/0x160 [ 145.241368][ T6867] should_failslab+0xc2/0x120 [ 145.243068][ T6867] kmem_cache_alloc_node_noprof+0x71/0x310 [ 145.245137][ T6867] ? __alloc_skb+0x2b3/0x380 [ 145.246910][ T6867] __alloc_skb+0x2b3/0x380 [ 145.248508][ T6867] ? __pfx___alloc_skb+0x10/0x10 [ 145.250272][ T6867] ? lock_acquire+0x2f/0xb0 [ 145.251914][ T6867] netlink_alloc_large_skb+0x69/0x130 [ 145.253845][ T6867] netlink_sendmsg+0x689/0xd70 [ 145.255550][ T6867] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.257426][ T6867] ? lock_acquire+0x2f/0xb0 [ 145.259075][ T6867] ____sys_sendmsg+0x9ae/0xb40 [ 145.260790][ T6867] ? __pfx_____sys_sendmsg+0x10/0x10 [ 145.262700][ T6867] ? get_compat_msghdr+0x11b/0x170 [ 145.264562][ T6867] ? __pfx___lock_acquire+0x10/0x10 [ 145.266455][ T6867] ___sys_sendmsg+0x135/0x1e0 [ 145.268169][ T6867] ? __pfx____sys_sendmsg+0x10/0x10 [ 145.270072][ T6867] ? lock_acquire+0x2f/0xb0 [ 145.271710][ T6867] ? __fget_files+0x40/0x3f0 [ 145.273375][ T6867] ? fdget+0x176/0x210 [ 145.274994][ T6867] __sys_sendmsg+0x117/0x1f0 [ 145.276627][ T6867] ? __pfx___sys_sendmsg+0x10/0x10 [ 145.278484][ T6867] ? __fget_files+0x244/0x3f0 [ 145.280207][ T6867] __do_fast_syscall_32+0x73/0x120 [ 145.282052][ T6867] do_fast_syscall_32+0x32/0x80 [ 145.283796][ T6867] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 145.285602][ T6867] RIP: 0023:0xf73ee579 [ 145.287025][ T6867] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 145.292856][ T6867] RSP: 002b:00000000f56d656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 145.295911][ T6867] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380 [ 145.298503][ T6867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 145.300693][ T6867] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 145.303076][ T6867] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 145.305217][ T6867] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 145.307472][ T6867] [ 145.623507][ T6876] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 145.648179][ T6876] syzkaller0: entered promiscuous mode [ 145.660290][ T6876] syzkaller0: entered allmulticast mode [ 147.819008][ T5358] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 148.218565][ T6893] FAULT_INJECTION: forcing a failure. [ 148.218565][ T6893] name failslab, interval 1, probability 0, space 0, times 0 [ 148.221929][ T6893] CPU: 3 UID: 0 PID: 6893 Comm: syz.3.437 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 148.224634][ T6893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 148.227444][ T6893] Call Trace: [ 148.228341][ T6893] [ 148.229252][ T6893] dump_stack_lvl+0x16c/0x1f0 [ 148.230552][ T6893] should_fail_ex+0x497/0x5b0 [ 148.231826][ T6893] ? fs_reclaim_acquire+0xae/0x160 [ 148.233191][ T6893] should_failslab+0xc2/0x120 [ 148.234471][ T6893] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 148.235917][ T6893] ? vm_area_dup+0x21/0x300 [ 148.237126][ T6893] vm_area_dup+0x21/0x300 [ 148.238263][ T6893] __split_vma+0x181/0x1210 [ 148.239455][ T6893] ? __pfx___split_vma+0x10/0x10 [ 148.240768][ T6893] vms_gather_munmap_vmas+0x38f/0x1750 [ 148.242218][ T6893] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 148.243742][ T6893] ? mas_walk+0x6a6/0x910 [ 148.244993][ T6893] mmap_region+0x36c/0x2a50 [ 148.246389][ T6893] ? __pfx_mark_lock+0x10/0x10 [ 148.247723][ T6893] ? hlock_class+0x4e/0x130 [ 148.249255][ T6893] ? __lock_acquire+0xbdd/0x3ce0 [ 148.250941][ T6893] ? __pfx_mmap_region+0x10/0x10 [ 148.252606][ T6893] ? __pfx___lock_acquire+0x10/0x10 [ 148.254397][ T6893] ? mm_get_unmapped_area+0x95/0xe0 [ 148.255908][ T6893] ? bpf_lsm_mmap_addr+0x9/0x10 [ 148.257171][ T6893] ? security_mmap_addr+0x6c/0x1e0 [ 148.258569][ T6893] ? __get_unmapped_area+0x26b/0x3a0 [ 148.260133][ T6893] do_mmap+0xc00/0xfc0 [ 148.261537][ T6893] vm_mmap_pgoff+0x1ba/0x360 [ 148.263136][ T6893] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 148.264764][ T6893] ? ksys_write+0x1ad/0x260 [ 148.265945][ T6893] ksys_mmap_pgoff+0x7d/0x5c0 [ 148.267182][ T6893] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 148.268561][ T6893] __do_fast_syscall_32+0x73/0x120 [ 148.269888][ T6893] do_fast_syscall_32+0x32/0x80 [ 148.271166][ T6893] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 148.272997][ T6893] RIP: 0023:0xf7f9f579 [ 148.274183][ T6893] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 148.280644][ T6893] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 148.283041][ T6893] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 148.285068][ T6893] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000006 [ 148.287112][ T6893] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 148.289353][ T6893] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 148.292014][ T6893] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 148.294578][ T6893] [ 148.690157][ T6903] warning: `syz.3.440' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 149.281074][ T5358] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 149.700216][ T6929] netlink: 12 bytes leftover after parsing attributes in process `syz.3.446'. [ 151.202887][ T5358] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 151.999713][ T6967] netlink: 'syz.0.466': attribute type 1 has an invalid length. [ 152.001722][ T6967] netlink: 112860 bytes leftover after parsing attributes in process `syz.0.466'. [ 152.016852][ T6967] netlink: 'syz.0.466': attribute type 1 has an invalid length. [ 152.481257][ T6971] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 153.983478][ T5358] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 155.555912][ T39] audit: type=1804 audit(1727609429.643:14): pid=6995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.475" name="/newroot/78/file0/bus" dev="ramfs" ino=17645 res=1 errno=0 [ 155.695892][ T39] audit: type=1800 audit(1727609429.773:15): pid=6995 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.475" name="bus" dev="ramfs" ino=17645 res=0 errno=0 [ 156.979771][ T7020] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 157.675242][ T5358] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 158.367138][ T7053] netlink: 4 bytes leftover after parsing attributes in process `syz.3.484'. [ 158.884701][ T5356] block nbd1: Receive control failed (result -32) [ 158.894435][ T7043] block nbd1: shutting down sockets [ 159.290386][ T5356] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 159.490872][ T39] audit: type=1804 audit(1727609433.573:16): pid=7060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.487" name="/newroot/129/bus/bus" dev="overlay" ino=732 res=1 errno=0 [ 159.573456][ T7063] ax25_connect(): syz.2.488 uses autobind, please contact jreuter@yaina.de [ 159.700632][ T7067] netlink: 44 bytes leftover after parsing attributes in process `syz.2.490'. [ 159.703784][ T7067] netlink: 59 bytes leftover after parsing attributes in process `syz.2.490'. [ 159.885955][ T5356] Bluetooth: hci2: command 0x0406 tx timeout [ 159.885983][ T5347] Bluetooth: hci1: command 0x0406 tx timeout [ 163.172986][ T7104] Illegal XDP return value 4294967274 on prog (id 75) dev lo, expect packet loss! [ 164.307951][ T5349] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 164.977574][ T7125] netlink: 4 bytes leftover after parsing attributes in process `syz.2.511'. [ 166.744370][ T7131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.512'. [ 166.744411][ T7131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.512'. [ 173.250063][ T39] audit: type=1804 audit(1727609703.323:17): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.521" name="/newroot/130/file0/bus" dev="ramfs" ino=17796 res=1 errno=0 [ 173.343204][ T39] audit: type=1800 audit(1727609703.423:18): pid=7160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.521" name="bus" dev="ramfs" ino=17796 res=0 errno=0 [ 173.513078][ T7164] netlink: 4 bytes leftover after parsing attributes in process `syz.2.522'. [ 174.872991][ T7173] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 174.888617][ T7173] syzkaller0: entered promiscuous mode [ 174.890960][ T7173] syzkaller0: entered allmulticast mode [ 176.750954][ T5349] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 177.064853][ T39] audit: type=1804 audit(1727609707.143:19): pid=7197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.531" name="/newroot/96/file0/bus" dev="ramfs" ino=16726 res=1 errno=0 [ 177.180365][ T39] audit: type=1800 audit(1727609707.263:20): pid=7197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.531" name="bus" dev="ramfs" ino=16726 res=0 errno=0 [ 179.763885][ T7232] netlink: 20 bytes leftover after parsing attributes in process `syz.1.541'. [ 180.645974][ T39] audit: type=1804 audit(1727609710.693:21): pid=7238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.542" name="/newroot/48/file0/bus" dev="ramfs" ino=17908 res=1 errno=0 [ 180.720235][ T39] audit: type=1800 audit(1727609710.803:22): pid=7238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.542" name="bus" dev="ramfs" ino=17908 res=0 errno=0 [ 181.572347][ T39] audit: type=1804 audit(1727609711.653:23): pid=7245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.544" name="/newroot/148/file0/bus" dev="ramfs" ino=15795 res=1 errno=0 [ 181.685892][ T39] audit: type=1800 audit(1727609711.763:24): pid=7245 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.544" name="bus" dev="ramfs" ino=15795 res=0 errno=0 [ 185.645896][ T5349] Bluetooth: hci3: command 0x0406 tx timeout [ 187.066031][ T7230] sched: DL replenish lagged too much [ 187.337932][ T5349] Bluetooth: hci4: Ignoring HCI_Connection_Complete for existing connection [ 187.657313][ T7278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.551'. [ 187.657335][ T7278] netlink: 8 bytes leftover after parsing attributes in process `syz.1.551'. [ 193.097317][ T39] audit: type=1804 audit(1727609723.163:25): pid=7323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.567" name="/newroot/53/file0/bus" dev="ramfs" ino=15875 res=1 errno=0 [ 193.182473][ T39] audit: type=1800 audit(1727609723.263:26): pid=7323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.567" name="bus" dev="ramfs" ino=15875 res=0 errno=0 [ 193.648472][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.650841][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.920402][ T39] audit: type=1804 audit(1727609724.003:27): pid=7347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.574" name="/newroot/145/file0/bus" dev="ramfs" ino=16804 res=1 errno=0 [ 194.050056][ T39] audit: type=1800 audit(1727609724.133:28): pid=7347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.574" name="bus" dev="ramfs" ino=16804 res=0 errno=0 [ 195.012097][ T7367] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 195.249490][ T7369] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 195.278114][ T7369] syzkaller0: entered promiscuous mode [ 195.279646][ T7369] syzkaller0: entered allmulticast mode [ 196.992523][ T7392] FAULT_INJECTION: forcing a failure. [ 196.992523][ T7392] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 196.999731][ T7392] CPU: 2 UID: 0 PID: 7392 Comm: syz.0.587 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 197.002537][ T7392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.005778][ T7392] Call Trace: [ 197.006935][ T7392] [ 197.007703][ T7392] dump_stack_lvl+0x16c/0x1f0 [ 197.009165][ T7392] should_fail_ex+0x497/0x5b0 [ 197.010506][ T7392] _copy_from_user+0x30/0xf0 [ 197.011722][ T7392] bpf_test_init.isra.0+0xf1/0x150 [ 197.013099][ T7392] bpf_prog_test_run_xdp+0x4f0/0x1580 [ 197.014807][ T7392] ? lock_acquire+0x2f/0xb0 [ 197.016289][ T7392] ? __fget_files+0x40/0x3f0 [ 197.017803][ T7392] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 197.019246][ T7392] ? fput+0x30/0x390 [ 197.020410][ T7392] ? __bpf_prog_get+0xa0/0x290 [ 197.021921][ T7392] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 197.023848][ T7392] __sys_bpf+0x1921/0x5780 [ 197.025133][ T7392] ? ksys_write+0x21e/0x260 [ 197.026685][ T7392] ? __pfx___sys_bpf+0x10/0x10 [ 197.028273][ T7392] ? vfs_write+0x14d/0x1140 [ 197.029769][ T7392] ? __mutex_unlock_slowpath+0x164/0x650 [ 197.031662][ T7392] ? fput+0x30/0x390 [ 197.033013][ T7392] ? ksys_write+0x1ad/0x260 [ 197.034559][ T7392] ? __pfx_ksys_write+0x10/0x10 [ 197.036097][ T7392] __ia32_sys_bpf+0x76/0xe0 [ 197.037558][ T7392] __do_fast_syscall_32+0x73/0x120 [ 197.039081][ T7392] do_fast_syscall_32+0x32/0x80 [ 197.040390][ T7392] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 197.042210][ T7392] RIP: 0023:0xf742e579 [ 197.043432][ T7392] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 197.048527][ T7392] RSP: 002b:00000000f56d456c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 197.050862][ T7392] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600 [ 197.053232][ T7392] RDX: 000000000000004c RSI: 0000000000000000 RDI: 0000000000000000 [ 197.055677][ T7392] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 197.057806][ T7392] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 197.059907][ T7392] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 197.061987][ T7392] [ 197.063425][ C2] hpet: Lost 3 RTC interrupts [ 197.944336][ T5349] Bluetooth: hci2: unexpected event for opcode 0x2042 [ 199.007054][ T5349] Bluetooth: hci2: SCO packet for unknown connection handle 200 [ 199.804521][ T39] audit: type=1804 audit(1727609729.883:29): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.601" name="/newroot/112/file0/bus" dev="ramfs" ino=19299 res=1 errno=0 [ 199.930135][ T39] audit: type=1800 audit(1727609730.013:30): pid=7431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.601" name="bus" dev="ramfs" ino=19299 res=0 errno=0 [ 203.275873][ T64] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 203.442726][ T64] usb 6-1: config index 0 descriptor too short (expected 23569, got 27) [ 203.455419][ T64] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 203.467799][ T64] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 203.470157][ T64] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 203.472210][ T64] usb 6-1: Manufacturer: syz [ 203.487817][ T64] usb 6-1: config 0 descriptor?? [ 203.595933][ T64] rc_core: IR keymap rc-hauppauge not found [ 203.598039][ T64] Registered IR keymap rc-empty [ 203.620568][ T64] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0 [ 203.636520][ T64] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/rc/rc0/input10 [ 204.287438][ T7491] /dev/sr0: Can't open blockdev [ 204.463733][ T7492] /dev/sr0: Can't open blockdev [ 204.513121][ T39] audit: type=1804 audit(1727609734.593:31): pid=7495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.622" name="/newroot/154/file0/bus" dev="ramfs" ino=15956 res=1 errno=0 [ 204.636312][ T39] audit: type=1800 audit(1727609734.723:32): pid=7495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.622" name="bus" dev="ramfs" ino=15956 res=0 errno=0 [ 205.377732][ T35] usb 6-1: USB disconnect, device number 10 [ 205.780509][ T7513] netlink: 20 bytes leftover after parsing attributes in process `syz.0.628'. [ 205.909675][ T39] audit: type=1804 audit(1727609735.993:33): pid=7518 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.628" name="/newroot/156/bus/file0" dev="overlay" ino=876 res=1 errno=0 [ 206.907989][ T39] audit: type=1804 audit(1727609736.993:34): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.631" name="/newroot/119/file0/bus" dev="ramfs" ino=15982 res=1 errno=0 [ 207.037565][ T39] audit: type=1800 audit(1727609737.123:35): pid=7528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.631" name="bus" dev="ramfs" ino=15982 res=0 errno=0 [ 208.416599][ T7539] /dev/sr0: Can't open blockdev [ 208.557414][ T7541] /dev/sr0: Can't open blockdev [ 208.929310][ T39] audit: type=1804 audit(1727609739.013:36): pid=7551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.638" name="/newroot/157/file0/bus" dev="ramfs" ino=19417 res=1 errno=0 [ 209.037840][ T39] audit: type=1800 audit(1727609739.123:37): pid=7551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.638" name="bus" dev="ramfs" ino=19417 res=0 errno=0 [ 210.099490][ T7571] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 210.386141][ T5387] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 210.535996][ T5387] usb 6-1: Using ep0 maxpacket: 8 [ 210.545253][ T5387] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 210.577630][ T5387] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 210.580876][ T5387] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 210.584886][ T5387] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 210.588219][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 210.591615][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 210.594588][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 210.602346][ T5387] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 210.604654][ T5387] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 210.607106][ T5387] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 210.609617][ T5387] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 210.612614][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 210.615529][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 210.620464][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 210.628421][ T5387] usb 6-1: config 246 has too many interfaces: 42, using maximum allowed: 32 [ 210.631793][ T5387] usb 6-1: config 246 descriptor has 1 excess byte, ignoring [ 210.634163][ T5387] usb 6-1: config 246 has 1 interface, different from the descriptor's value: 42 [ 210.639003][ T5387] usb 6-1: config 246 interface 0 altsetting 0 has an endpoint descriptor with address 0x3F, changing to 0xF [ 210.642296][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 255, changing to 11 [ 210.645281][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7 [ 210.648613][ T5387] usb 6-1: config 246 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0 [ 210.655551][ T5387] usb 6-1: string descriptor 0 read error: -22 [ 210.657728][ T5387] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 210.660101][ T5387] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 210.674709][ T5387] adutux 6-1:246.0: ADU100 now attached to /dev/usb/adutux0 [ 211.649669][ T8] usb 6-1: USB disconnect, device number 11 [ 211.905293][ T7595] netlink: 36 bytes leftover after parsing attributes in process `syz.0.651'. [ 212.019544][ T39] audit: type=1804 audit(1727609742.103:38): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.652" name="/newroot/75/file0/bus" dev="ramfs" ino=18329 res=1 errno=0 [ 212.123309][ T39] audit: type=1800 audit(1727609742.203:39): pid=7600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.652" name="bus" dev="ramfs" ino=18329 res=0 errno=0 [ 212.947284][ T7620] Cannot find map_set index 1 as target [ 213.126384][ T7629] FAULT_INJECTION: forcing a failure. [ 213.126384][ T7629] name failslab, interval 1, probability 0, space 0, times 0 [ 213.131111][ T7629] CPU: 1 UID: 0 PID: 7629 Comm: syz.2.663 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 213.134937][ T7629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 213.138918][ T7629] Call Trace: [ 213.140150][ T7629] [ 213.141246][ T7629] dump_stack_lvl+0x16c/0x1f0 [ 213.143008][ T7629] should_fail_ex+0x497/0x5b0 [ 213.144761][ T7629] ? fs_reclaim_acquire+0xae/0x160 [ 213.146665][ T7629] should_failslab+0xc2/0x120 [ 213.148543][ T7629] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 213.150588][ T7629] ? vm_area_dup+0x53/0x300 [ 213.152327][ T7629] vm_area_dup+0x53/0x300 [ 213.153952][ T7629] copy_mm+0xe5a/0x2550 [ 213.155509][ T7629] ? __pfx_copy_mm+0x10/0x10 [ 213.157503][ T7629] ? copy_process+0x38ef/0x6f00 [ 213.159459][ T7629] ? __raw_spin_lock_init+0x3a/0x110 [ 213.161450][ T7629] copy_process+0x3ab9/0x6f00 [ 213.163339][ T7629] ? __pfx_copy_process+0x10/0x10 [ 213.165223][ T7629] ? trace_lock_acquire+0x14a/0x1d0 [ 213.167160][ T7629] kernel_clone+0xfd/0x960 [ 213.168803][ T7629] ? __pfx_kernel_clone+0x10/0x10 [ 213.170639][ T7629] ? __schedule+0xefd/0x5750 [ 213.172350][ T7629] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 213.174615][ T7629] __do_compat_sys_ia32_clone+0xb7/0x100 [ 213.176828][ T7629] ? __pfx___do_compat_sys_ia32_clone+0x10/0x10 [ 213.179260][ T7629] __do_fast_syscall_32+0x73/0x120 [ 213.181141][ T7629] do_fast_syscall_32+0x32/0x80 [ 213.183049][ T7629] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 213.185338][ T7629] RIP: 0023:0xf7f26579 [ 213.186831][ T7629] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 213.193865][ T7629] RSP: 002b:00000000f56a651c EFLAGS: 00000246 ORIG_RAX: 0000000000000078 [ 213.197054][ T7629] RAX: ffffffffffffffda RBX: 0000000000000011 RCX: 0000000000000000 [ 213.199948][ T7629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 213.202835][ T7629] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 213.205958][ T7629] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 213.209104][ T7629] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 213.212292][ T7629] [ 213.715930][ T39] audit: type=1326 audit(1727609743.673:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7637 comm="syz.3.667" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f9f579 code=0x0 [ 213.722685][ T39] audit: type=1804 audit(1727609743.743:41): pid=7639 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.666" name="/newroot/183/bus/bus" dev="overlay" ino=1043 res=1 errno=0 [ 214.869176][ T39] audit: type=1804 audit(1727609744.953:42): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.671" name="/newroot/186/file0/bus" dev="ramfs" ino=18406 res=1 errno=0 [ 214.981683][ T39] audit: type=1800 audit(1727609745.063:43): pid=7655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.671" name="bus" dev="ramfs" ino=18406 res=0 errno=0 [ 215.096033][ T7661] afs: Unknown parameter 'dyh' [ 215.400032][ T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.481122][ T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.597471][ T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.641141][ T5358] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 215.644905][ T5358] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 215.656099][ T5358] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 215.696222][ T5358] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 215.717342][ T5358] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 215.720106][ T5358] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 215.734414][ T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 215.838900][ T12] bridge_slave_1: left allmulticast mode [ 215.840413][ T12] bridge_slave_1: left promiscuous mode [ 215.845503][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 215.886390][ T12] bridge_slave_0: left allmulticast mode [ 215.888429][ T12] bridge_slave_0: left promiscuous mode [ 215.890570][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 216.406618][ T7674] block nbd2: shutting down sockets [ 216.826178][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 216.836109][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 216.856011][ T12] bond0 (unregistering): Released all slaves [ 216.910911][ T7681] netlink: 52 bytes leftover after parsing attributes in process `syz.2.680'. [ 216.914193][ T7681] team_slave_0: entered allmulticast mode [ 216.917167][ T7681] A link change request failed with some changes committed already. Interface team_slave_0 may have been left with an inconsistent configuration, please check. [ 216.923422][ T7682] netlink: 'syz.2.680': attribute type 27 has an invalid length. [ 217.151255][ T7663] chnl_net:caif_netlink_parms(): no params data found [ 217.247771][ T7713] bridge0: mtu less than device minimum [ 217.312955][ T12] hsr_slave_0: left promiscuous mode [ 217.321260][ T12] hsr_slave_1: left promiscuous mode [ 217.337122][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 217.345415][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 217.361094][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 217.371590][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 217.480216][ T12] veth1_macvtap: left promiscuous mode [ 217.483146][ T12] veth0_macvtap: left promiscuous mode [ 217.485507][ T12] veth1_vlan: left promiscuous mode [ 217.497252][ T12] veth0_vlan: left promiscuous mode [ 217.806364][ T5358] Bluetooth: hci0: command tx timeout [ 218.483279][ T12] team0 (unregistering): Port device team_slave_1 removed [ 218.578829][ T12] team0 (unregistering): Port device team_slave_0 removed [ 219.390021][ T7729] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 219.506832][ T7663] bridge0: port 1(bridge_slave_0) entered blocking state [ 219.508940][ T7663] bridge0: port 1(bridge_slave_0) entered disabled state [ 219.511008][ T7663] bridge_slave_0: entered allmulticast mode [ 219.513243][ T7663] bridge_slave_0: entered promiscuous mode [ 219.531088][ T7663] bridge0: port 2(bridge_slave_1) entered blocking state [ 219.533009][ T7663] bridge0: port 2(bridge_slave_1) entered disabled state [ 219.534946][ T7663] bridge_slave_1: entered allmulticast mode [ 219.546597][ T7663] bridge_slave_1: entered promiscuous mode [ 219.620419][ T7663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 219.641590][ T7663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 219.733840][ T7663] team0: Port device team_slave_0 added [ 219.748860][ T7663] team0: Port device team_slave_1 added [ 219.821552][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 219.823461][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.848554][ T7663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 219.853368][ T7663] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 219.875900][ T7663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 219.883921][ T7663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 219.885944][ T5358] Bluetooth: hci0: command tx timeout [ 219.965653][ T7663] hsr_slave_0: entered promiscuous mode [ 219.989777][ T7663] hsr_slave_1: entered promiscuous mode [ 219.996822][ T7663] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 219.999980][ T7663] Cannot create hsr debugfs directory [ 220.440593][ T7756] netlink: 'syz.3.697': attribute type 4 has an invalid length. [ 220.814280][ T7663] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 220.822059][ T7663] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 220.825517][ T7663] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 220.831438][ T7663] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 220.891027][ T7663] 8021q: adding VLAN 0 to HW filter on device bond0 [ 220.907185][ T7663] 8021q: adding VLAN 0 to HW filter on device team0 [ 220.924276][ T70] bridge0: port 1(bridge_slave_0) entered blocking state [ 220.926368][ T70] bridge0: port 1(bridge_slave_0) entered forwarding state [ 220.933245][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 220.935169][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 220.985223][ T7663] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 220.990811][ T7663] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 221.081607][ T5358] Bluetooth: hci2: unexpected cc 0x042e length: 1 < 7 [ 221.083971][ T5358] Bluetooth: hci2: unexpected event for opcode 0x042e [ 221.178592][ T7663] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 221.198931][ T7663] veth0_vlan: entered promiscuous mode [ 221.214969][ T7663] veth1_vlan: entered promiscuous mode [ 221.272528][ T7663] veth0_macvtap: entered promiscuous mode [ 221.277245][ T7663] veth1_macvtap: entered promiscuous mode [ 221.311114][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.314125][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.320855][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.323799][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.329471][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.332450][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.335288][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 221.341684][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.349133][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 221.362676][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.365752][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.368872][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.371705][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.374301][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.377140][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.379742][ T7663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 221.382541][ T7663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 221.387681][ T7663] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 221.404004][ T7663] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.407100][ T7663] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.410144][ T7663] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.416224][ T5917] libceph: connect (1)[c::]:6789 error -101 [ 221.418137][ T5917] libceph: mon0 (1)[c::]:6789 connect error [ 221.423507][ T7663] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 221.579861][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.585197][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.619542][ T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 221.622342][ T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 221.677363][ T5917] libceph: connect (1)[c::]:6789 error -101 [ 221.679791][ T5917] libceph: mon0 (1)[c::]:6789 connect error [ 221.729358][ T7810] FAULT_INJECTION: forcing a failure. [ 221.729358][ T7810] name failslab, interval 1, probability 0, space 0, times 0 [ 221.733108][ T7810] CPU: 1 UID: 0 PID: 7810 Comm: syz.0.676 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 221.736127][ T7810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 221.739120][ T7810] Call Trace: [ 221.739996][ T7810] [ 221.740780][ T7810] dump_stack_lvl+0x16c/0x1f0 [ 221.742060][ T7810] should_fail_ex+0x497/0x5b0 [ 221.743297][ T7810] should_failslab+0xc2/0x120 [ 221.744537][ T7810] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 221.745939][ T7810] ? skb_clone+0x190/0x3f0 [ 221.747152][ T7810] skb_clone+0x190/0x3f0 [ 221.748359][ T7810] netlink_deliver_tap+0xb26/0xcf0 [ 221.750325][ T7810] netlink_unicast+0x5e1/0x7f0 [ 221.752101][ T7810] ? __pfx_netlink_unicast+0x10/0x10 [ 221.753557][ T7810] ? __phys_addr_symbol+0x30/0x80 [ 221.755184][ T7810] ? __check_object_size+0x488/0x710 [ 221.756680][ T7810] netlink_sendmsg+0x8b8/0xd70 [ 221.757991][ T7810] ? __pfx_netlink_sendmsg+0x10/0x10 [ 221.759379][ T7810] ? lock_acquire+0x2f/0xb0 [ 221.760596][ T7810] ____sys_sendmsg+0x9ae/0xb40 [ 221.761880][ T7810] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.763266][ T7810] ? get_compat_msghdr+0x11b/0x170 [ 221.765007][ T7810] ? __pfx___lock_acquire+0x10/0x10 [ 221.766502][ T7810] ___sys_sendmsg+0x135/0x1e0 [ 221.767757][ T7810] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.769140][ T7810] ? lock_acquire+0x2f/0xb0 [ 221.770553][ T7810] ? __fget_files+0x40/0x3f0 [ 221.771774][ T7810] ? fdget+0x176/0x210 [ 221.773073][ T7810] __sys_sendmsg+0x117/0x1f0 [ 221.774571][ T7810] ? __pfx___sys_sendmsg+0x10/0x10 [ 221.776131][ T7810] ? __fget_files+0x244/0x3f0 [ 221.777468][ T7810] __do_fast_syscall_32+0x73/0x120 [ 221.778918][ T7810] do_fast_syscall_32+0x32/0x80 [ 221.780287][ T7810] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 221.782069][ T7810] RIP: 0023:0xf7fc4579 [ 221.783206][ T7810] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 221.788673][ T7810] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 221.791186][ T7810] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000380 [ 221.793445][ T7810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 221.796082][ T7810] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 221.798501][ T7810] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 221.800809][ T7810] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 221.803077][ T7810] [ 221.966185][ T5358] Bluetooth: hci0: command tx timeout [ 222.065061][ T7820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.703'. [ 222.185876][ T39] audit: type=1804 audit(1727609752.263:44): pid=7828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.705" name="/newroot/2/file0/bus" dev="ramfs" ino=22557 res=1 errno=0 [ 222.193064][ T5917] libceph: connect (1)[c::]:6789 error -101 [ 222.194877][ T5917] libceph: mon0 (1)[c::]:6789 connect error [ 222.201851][ T7799] ceph: No mds server is up or the cluster is laggy [ 222.307542][ T39] audit: type=1800 audit(1727609752.383:45): pid=7828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.705" name="bus" dev="ramfs" ino=22557 res=0 errno=0 [ 222.420589][ T7834] netlink: 84 bytes leftover after parsing attributes in process `syz.0.707'. [ 222.790101][ T7837] tmpfs: Unknown parameter 'usrquota 0 0 0 0 0 0 0 [ 222.790101][ T7837] gretap0./file1' [ 224.105944][ T5358] Bluetooth: hci0: command tx timeout [ 225.567104][ T7863] netlink: 'syz.2.715': attribute type 4 has an invalid length. [ 225.850174][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.3.716'. [ 225.854538][ T7866] netlink: 24 bytes leftover after parsing attributes in process `syz.3.716'. [ 226.124348][ T7868] block device autoloading is deprecated and will be removed. [ 226.303945][ T39] audit: type=1326 audit(1727609756.383:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7873 comm="syz.0.721" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc4579 code=0x0 [ 226.370370][ T39] audit: type=1804 audit(1727609756.403:47): pid=7878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.722" name="/newroot/198/file0/bus" dev="ramfs" ino=21698 res=1 errno=0 [ 226.445891][ T39] audit: type=1800 audit(1727609756.513:48): pid=7878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.722" name="bus" dev="ramfs" ino=21698 res=0 errno=0 [ 226.472032][ T7886] netlink: 8 bytes leftover after parsing attributes in process `syz.0.723'. [ 226.522129][ T5349] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 226.526811][ T5349] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 226.529731][ T5349] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 226.532552][ T5349] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 226.535557][ T5349] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 226.536286][ T5347] Bluetooth: hci4: command 0x0406 tx timeout [ 226.542346][ T5349] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 226.678507][ T7887] chnl_net:caif_netlink_parms(): no params data found [ 226.809563][ T7887] bridge0: port 1(bridge_slave_0) entered blocking state [ 226.811559][ T7887] bridge0: port 1(bridge_slave_0) entered disabled state [ 226.814263][ T7887] bridge_slave_0: entered allmulticast mode [ 226.818799][ T7887] bridge_slave_0: entered promiscuous mode [ 226.831363][ T7887] bridge0: port 2(bridge_slave_1) entered blocking state [ 226.834379][ T7887] bridge0: port 2(bridge_slave_1) entered disabled state [ 226.840293][ T7887] bridge_slave_1: entered allmulticast mode [ 226.845394][ T7887] bridge_slave_1: entered promiscuous mode [ 226.913405][ T7887] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 226.924754][ T7887] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 227.043996][ T7887] team0: Port device team_slave_0 added [ 227.054533][ T7887] team0: Port device team_slave_1 added [ 227.120430][ T7887] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 227.126144][ T7887] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.149243][ T7887] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 227.155023][ T7887] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 227.186268][ T7887] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 227.219093][ T7887] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 227.312031][ T7887] hsr_slave_0: entered promiscuous mode [ 227.319727][ T7887] hsr_slave_1: entered promiscuous mode [ 227.327642][ T7887] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 227.331356][ T7887] Cannot create hsr debugfs directory [ 227.629640][ T7887] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.723117][ T7887] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.864239][ T7887] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 227.963606][ T7887] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 228.202909][ T7887] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 228.236420][ T7887] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 228.242051][ T7887] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 228.256383][ T7887] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 228.322733][ T7887] 8021q: adding VLAN 0 to HW filter on device bond0 [ 228.332910][ T7887] 8021q: adding VLAN 0 to HW filter on device team0 [ 228.338058][ T75] bridge0: port 1(bridge_slave_0) entered blocking state [ 228.340597][ T75] bridge0: port 1(bridge_slave_0) entered forwarding state [ 228.361831][ T75] bridge0: port 2(bridge_slave_1) entered blocking state [ 228.364093][ T75] bridge0: port 2(bridge_slave_1) entered forwarding state [ 228.613064][ T7887] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 228.616259][ T5358] Bluetooth: hci5: command tx timeout [ 228.635304][ T7887] veth0_vlan: entered promiscuous mode [ 228.642414][ T7887] veth1_vlan: entered promiscuous mode [ 228.678815][ T7887] veth0_macvtap: entered promiscuous mode [ 228.687519][ T7887] veth1_macvtap: entered promiscuous mode [ 228.734224][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.738697][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.742798][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.750343][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.755002][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.768813][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.776083][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.825915][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.830649][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 228.835376][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.877223][ T7887] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 228.887352][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.895931][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.900371][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.904128][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.912100][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.917847][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.926731][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.931534][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.936328][ T7887] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 228.940253][ T7887] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 228.947495][ T7887] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 228.954709][ T7887] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.958623][ T7887] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.965279][ T7887] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 228.973042][ T7887] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.040004][ T5358] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 229.044065][ T5358] Bluetooth: hci4: unexpected event for opcode 0x042e [ 229.147589][ T70] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.149898][ T70] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.172061][ T1105] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.174999][ T1105] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.304280][ T39] audit: type=1804 audit(1727609759.383:49): pid=7927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.732" name="/newroot/200/file0/bus" dev="ramfs" ino=21821 res=1 errno=0 [ 229.410703][ T7930] netlink: 'syz.3.731': attribute type 4 has an invalid length. [ 229.426257][ T39] audit: type=1800 audit(1727609759.513:50): pid=7927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.732" name="bus" dev="ramfs" ino=21821 res=0 errno=0 [ 230.175265][ T7947] netlink: 36 bytes leftover after parsing attributes in process `syz.2.737'. [ 230.677041][ T5358] Bluetooth: hci0: unexpected cc 0x042e length: 1 < 7 [ 230.696594][ T5358] Bluetooth: hci5: command tx timeout [ 230.931684][ T7959] 9pnet_fd: Insufficient options for proto=fd [ 232.027487][ T5358] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 234.046150][ T5358] Bluetooth: hci5: command tx timeout [ 235.134036][ T8007] netlink: 44 bytes leftover after parsing attributes in process `syz.3.757'. [ 235.143816][ T8007] netlink: 51 bytes leftover after parsing attributes in process `syz.3.757'. [ 235.147142][ T8007] netlink: 'syz.3.757': attribute type 6 has an invalid length. [ 235.149275][ T8007] netlink: 51 bytes leftover after parsing attributes in process `syz.3.757'. [ 235.160140][ T8009] FAULT_INJECTION: forcing a failure. [ 235.160140][ T8009] name failslab, interval 1, probability 0, space 0, times 0 [ 235.164085][ T8009] CPU: 2 UID: 0 PID: 8009 Comm: syz.1.758 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 235.166917][ T8009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 235.169981][ T8009] Call Trace: [ 235.170854][ T8009] [ 235.171774][ T8009] dump_stack_lvl+0x16c/0x1f0 [ 235.173396][ T8009] should_fail_ex+0x497/0x5b0 [ 235.174787][ T8009] ? fs_reclaim_acquire+0xae/0x160 [ 235.176357][ T8009] should_failslab+0xc2/0x120 [ 235.177926][ T8009] kmem_cache_alloc_node_noprof+0x71/0x310 [ 235.179884][ T8009] ? __alloc_skb+0x2b3/0x380 [ 235.181465][ T8009] __alloc_skb+0x2b3/0x380 [ 235.182990][ T8009] ? __pfx___alloc_skb+0x10/0x10 [ 235.184704][ T8009] ? lock_acquire+0x2f/0xb0 [ 235.186370][ T8009] netlink_alloc_large_skb+0x69/0x130 [ 235.188362][ T8009] netlink_sendmsg+0x689/0xd70 [ 235.189863][ T8009] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.191319][ T8009] ? lock_acquire+0x2f/0xb0 [ 235.192560][ T8009] ____sys_sendmsg+0x9ae/0xb40 [ 235.193840][ T8009] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.195232][ T8009] ? get_compat_msghdr+0x11b/0x170 [ 235.196894][ T8009] ? __pfx___lock_acquire+0x10/0x10 [ 235.198719][ T8009] ___sys_sendmsg+0x135/0x1e0 [ 235.200353][ T8009] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.202141][ T8009] ? lock_acquire+0x2f/0xb0 [ 235.203755][ T8009] ? __fget_files+0x40/0x3f0 [ 235.205221][ T8009] ? fdget+0x176/0x210 [ 235.206502][ T8009] __sys_sendmsg+0x117/0x1f0 [ 235.207954][ T8009] ? __pfx___sys_sendmsg+0x10/0x10 [ 235.209477][ T8009] ? __fget_files+0x244/0x3f0 [ 235.210776][ T8009] __do_fast_syscall_32+0x73/0x120 [ 235.212317][ T8009] do_fast_syscall_32+0x32/0x80 [ 235.213495][ T8009] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 235.215090][ T8009] RIP: 0023:0xf7f21579 [ 235.216250][ T8009] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 235.221765][ T8009] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 235.223877][ T8009] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 235.225942][ T8009] RDX: 0000000020008000 RSI: 0000000000000000 RDI: 0000000000000000 [ 235.228333][ T8009] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 235.230432][ T8009] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 235.232923][ T8009] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 235.235528][ T8009] [ 235.236945][ C2] hpet: Lost 3 RTC interrupts [ 236.285959][ T8021] netlink: 'syz.1.761': attribute type 4 has an invalid length. [ 236.384914][ T8025] netlink: 36 bytes leftover after parsing attributes in process `syz.1.763'. [ 236.584556][ T8028] netlink: 36 bytes leftover after parsing attributes in process `syz.2.764'. [ 239.228824][ T8043] netlink: 'syz.0.770': attribute type 4 has an invalid length. [ 239.576982][ T8054] netlink: 20 bytes leftover after parsing attributes in process `syz.0.775'. [ 240.571688][ T8065] fuse: Bad value for 'user_id' [ 240.574276][ T8065] fuse: Bad value for 'user_id' [ 242.629686][ T8072] netlink: 'syz.2.780': attribute type 4 has an invalid length. [ 242.833500][ T8074] input: syz1 as /devices/virtual/input/input11 [ 243.158670][ T8087] netlink: 36 bytes leftover after parsing attributes in process `syz.3.786'. [ 243.212481][ T5358] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 243.272109][ T39] audit: type=1804 audit(1727610029.361:51): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.788" name="/newroot/208/file0/bus" dev="ramfs" ino=21055 res=1 errno=0 [ 243.386030][ T39] audit: type=1800 audit(1727610029.481:52): pid=8092 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.788" name="bus" dev="ramfs" ino=21055 res=0 errno=0 [ 243.675093][ T5358] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection [ 244.429605][ T8118] fuse: Bad value for 'user_id' [ 244.431288][ T8118] fuse: Bad value for 'user_id' [ 248.525448][ T8163] netlink: 'syz.2.809': attribute type 1 has an invalid length. [ 248.676996][ T39] audit: type=1804 audit(1727610034.761:53): pid=8164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.809" name="/newroot/213/bus/bus" dev="overlay" ino=1219 res=1 errno=0 [ 249.109189][ T8168] fuse: Bad value for 'fd' [ 249.113302][ T8168] netlink: 9 bytes leftover after parsing attributes in process `syz.3.811'. [ 249.119696][ T8168] gretap0: entered promiscuous mode [ 249.145554][ T8168] netlink: 5 bytes leftover after parsing attributes in process `syz.3.811'. [ 249.148854][ T8168] 0ªX¹¦D: renamed from gretap0 [ 249.161478][ T8168] 0ªX¹¦D: left promiscuous mode [ 249.162882][ T8168] 0ªX¹¦D: entered allmulticast mode [ 249.165192][ T8168] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 249.298840][ T39] audit: type=1804 audit(1727610035.391:54): pid=8172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.813" name="/newroot/127/file0/bus" dev="ramfs" ino=22052 res=1 errno=0 [ 249.358322][ T39] audit: type=1804 audit(1727610035.451:55): pid=8177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.815" name="/newroot/34/file0/bus" dev="ramfs" ino=22057 res=1 errno=0 [ 249.400452][ T39] audit: type=1804 audit(1727610035.481:56): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.816" name="/newroot/29/file0/bus" dev="ramfs" ino=22061 res=1 errno=0 [ 249.425940][ T39] audit: type=1800 audit(1727610035.511:57): pid=8172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.813" name="bus" dev="ramfs" ino=22052 res=0 errno=0 [ 249.490257][ T39] audit: type=1800 audit(1727610035.581:58): pid=8177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.815" name="bus" dev="ramfs" ino=22057 res=0 errno=0 [ 249.526805][ T39] audit: type=1800 audit(1727610035.621:59): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.816" name="bus" dev="ramfs" ino=22061 res=0 errno=0 [ 249.715552][ T8187] netlink: 36 bytes leftover after parsing attributes in process `syz.3.817'. [ 249.907979][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.820'. [ 250.290894][ T8202] fuse: Bad value for 'fd' [ 250.300305][ T8202] netlink: 9 bytes leftover after parsing attributes in process `syz.2.823'. [ 250.310186][ T8202] gretap0: entered promiscuous mode [ 250.340634][ T8202] netlink: 5 bytes leftover after parsing attributes in process `syz.2.823'. [ 250.343144][ T8202] 0ªX¹¦D: renamed from gretap0 [ 250.349677][ T8202] 0ªX¹¦D: left promiscuous mode [ 250.351423][ T8202] 0ªX¹¦D: entered allmulticast mode [ 250.354548][ T8202] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 250.446794][ T39] audit: type=1804 audit(1727610036.531:60): pid=8205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.825" name="/newroot/218/file0/bus" dev="ramfs" ino=21237 res=1 errno=0 [ 250.616238][ T39] audit: type=1800 audit(1727610036.641:61): pid=8205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.825" name="bus" dev="ramfs" ino=21237 res=0 errno=0 [ 250.655594][ T39] audit: type=1804 audit(1727610036.741:62): pid=8213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.827" name="/newroot/37/file0/bus" dev="ramfs" ino=22139 res=1 errno=0 [ 250.721668][ T8219] netlink: 20 bytes leftover after parsing attributes in process `syz.2.828'. [ 251.346856][ T8226] netlink: 'syz.0.829': attribute type 1 has an invalid length. [ 252.728633][ T8249] netlink: 24 bytes leftover after parsing attributes in process `syz.0.837'. [ 253.203929][ T8270] syz.2.846: attempt to access beyond end of device [ 253.203929][ T8270] loop2: rw=4096, sector=2, nr_sectors = 2 limit=0 [ 253.212318][ T8270] EXT4-fs (loop2): unable to read superblock [ 253.228144][ T8270] usb 2-1: USB disconnect, device number 4 [ 253.438811][ T8271] hub 2-0:1.0: USB hub found [ 253.442537][ T8271] hub 2-0:1.0: 6 ports detected [ 253.588269][ T8283] bridge_slave_1: left allmulticast mode [ 253.589800][ T8283] bridge_slave_1: left promiscuous mode [ 253.593560][ T8283] bridge0: port 2(bridge_slave_1) entered disabled state [ 253.646158][ T25] usb 2-1: new high-speed USB device number 5 using ehci-pci [ 253.868972][ T25] usb 2-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 253.871636][ T25] usb 2-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 253.874250][ T25] usb 2-1: Product: QEMU USB Tablet [ 253.875631][ T25] usb 2-1: Manufacturer: QEMU [ 253.881758][ T25] usb 2-1: SerialNumber: 28754-0000:00:1d.7-1 [ 253.908256][ T25] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb2/2-1/2-1:1.0/0003:0627:0001.0007/input/input12 [ 253.969537][ T25] hid-generic 0003:0627:0001.0007: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 254.092243][ T8302] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 254.766464][ T8309] mac80211_hwsim hwsim13 ÿÿÿÿÿÿ: renamed from wlan1 (while UP) [ 255.100460][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.102218][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.753069][ T8321] netlink: 44 bytes leftover after parsing attributes in process `syz.3.862'. [ 255.756862][ T8321] netlink: 43 bytes leftover after parsing attributes in process `syz.3.862'. [ 255.760674][ T8321] netlink: 'syz.3.862': attribute type 6 has an invalid length. [ 255.764354][ T8321] netlink: 43 bytes leftover after parsing attributes in process `syz.3.862'. [ 256.200068][ T8342] overlayfs: missing 'workdir' [ 257.372441][ T8367] FAULT_INJECTION: forcing a failure. [ 257.372441][ T8367] name failslab, interval 1, probability 0, space 0, times 0 [ 257.382064][ T8367] CPU: 2 UID: 0 PID: 8367 Comm: syz.2.878 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 257.384813][ T8367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 257.387938][ T8367] Call Trace: [ 257.388906][ T8367] [ 257.389745][ T8367] dump_stack_lvl+0x16c/0x1f0 [ 257.391001][ T8367] should_fail_ex+0x497/0x5b0 [ 257.392237][ T8367] ? fs_reclaim_acquire+0xae/0x160 [ 257.393585][ T8367] should_failslab+0xc2/0x120 [ 257.394826][ T8367] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 257.396242][ T8367] ? vm_area_alloc+0xe0/0x1c0 [ 257.397582][ T8367] vm_area_alloc+0xe0/0x1c0 [ 257.399257][ T8367] mmap_region+0xf18/0x2a50 [ 257.400939][ T8367] ? __lock_acquire+0xbdd/0x3ce0 [ 257.402767][ T8367] ? __pfx_mmap_region+0x10/0x10 [ 257.404568][ T8367] ? __pfx___lock_acquire+0x10/0x10 [ 257.406795][ T8367] ? mm_get_unmapped_area+0x95/0xe0 [ 257.408857][ T8367] ? bpf_lsm_mmap_addr+0x9/0x10 [ 257.410675][ T8367] ? security_mmap_addr+0x6c/0x1e0 [ 257.412591][ T8367] ? __get_unmapped_area+0x26b/0x3a0 [ 257.414524][ T8367] do_mmap+0xc00/0xfc0 [ 257.416014][ T8367] vm_mmap_pgoff+0x1ba/0x360 [ 257.417639][ T8367] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 257.419448][ T8367] ? ksys_write+0x1ad/0x260 [ 257.421046][ T8367] ksys_mmap_pgoff+0x7d/0x5c0 [ 257.422366][ T8367] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 257.424221][ T8367] __do_fast_syscall_32+0x73/0x120 [ 257.425858][ T8367] do_fast_syscall_32+0x32/0x80 [ 257.427679][ T8367] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 257.429994][ T8367] RIP: 0023:0xf7f26579 [ 257.431489][ T8367] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 257.438429][ T8367] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 257.441485][ T8367] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 257.444313][ T8367] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000006 [ 257.446701][ T8367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 257.449498][ T8367] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 257.452387][ T8367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 257.455395][ T8367] [ 257.456996][ C2] hpet_rtc_timer_reinit: 6 callbacks suppressed [ 257.457010][ C2] hpet: Lost 2 RTC interrupts [ 257.630192][ T8383] netlink: 'syz.3.884': attribute type 4 has an invalid length. [ 257.633695][ T8383] netlink: 'syz.3.884': attribute type 4 has an invalid length. [ 258.459058][ T8391] netlink: 40 bytes leftover after parsing attributes in process `syz.0.887'. [ 258.946197][ T8414] sctp: [Deprecated]: syz.3.894 (pid 8414) Use of struct sctp_assoc_value in delayed_ack socket option. [ 258.946197][ T8414] Use struct sctp_sack_info instead [ 260.950387][ T8437] capability: warning: `syz.1.901' uses deprecated v2 capabilities in a way that may be insecure [ 260.978016][ T8437] tipc: Started in network mode [ 260.979777][ T8437] tipc: Node identity ac1414aa, cluster identity 4711 [ 260.988881][ T8437] tipc: Enabled bearer , priority 10 [ 261.001832][ T5358] Bluetooth: hci5: Ignoring HCI_Connection_Complete for existing connection [ 261.194173][ T8443] input: syz0 as /devices/virtual/input/input13 [ 261.947542][ T8449] netlink: 24 bytes leftover after parsing attributes in process `syz.0.905'. [ 262.256670][ T8457] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 262.259952][ T8457] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 262.366578][ T64] tipc: Node number set to 2886997162 [ 262.604857][ T8463] tipc: Started in network mode [ 262.607388][ T8463] tipc: Node identity 7f000001, cluster identity 4711 [ 262.610292][ T8463] tipc: Enabling of bearer rejected, failed to enable media [ 263.389200][ T8477] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 263.471862][ T8477] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 263.612183][ T8483] netlink: 48 bytes leftover after parsing attributes in process `syz.3.915'. [ 263.615534][ T8483] netlink: 48 bytes leftover after parsing attributes in process `syz.3.915'. [ 264.516620][ T39] audit: type=1400 audit(1727610306.596:69): apparmor="DENIED" operation="stack_onexec" class="file" info="label not found" error=-2 profile="unconfined" name="&-.+2@!$@*" pid=8487 comm="syz.2.917" [ 264.638023][ T8490] FAULT_INJECTION: forcing a failure. [ 264.638023][ T8490] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 264.645215][ T8490] CPU: 1 UID: 0 PID: 8490 Comm: syz.3.918 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 264.649053][ T8490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 264.652895][ T8490] Call Trace: [ 264.654146][ T8490] [ 264.655335][ T8490] dump_stack_lvl+0x16c/0x1f0 [ 264.657489][ T8490] should_fail_ex+0x497/0x5b0 [ 264.659018][ T8490] _copy_from_iter+0x29b/0x13e0 [ 264.660471][ T8490] ? __pfx__copy_from_iter+0x10/0x10 [ 264.661897][ T8490] ? __virt_addr_valid+0x1a4/0x590 [ 264.663299][ T8490] ? __virt_addr_valid+0x5e/0x590 [ 264.664620][ T8490] ? __phys_addr_symbol+0x30/0x80 [ 264.665965][ T8490] ? __check_object_size+0x488/0x710 [ 264.667678][ T8490] netlink_sendmsg+0x813/0xd70 [ 264.669667][ T8490] ? __pfx_netlink_sendmsg+0x10/0x10 [ 264.671606][ T8490] ? lock_acquire+0x2f/0xb0 [ 264.673425][ T8490] ____sys_sendmsg+0x9ae/0xb40 [ 264.675256][ T8490] ? __pfx_____sys_sendmsg+0x10/0x10 [ 264.677498][ T8490] ? get_compat_msghdr+0x11b/0x170 [ 264.679425][ T8490] ? __lock_task_sighand+0xc2/0x340 [ 264.681152][ T8490] ? __pfx___lock_acquire+0x10/0x10 [ 264.682794][ T8490] ___sys_sendmsg+0x135/0x1e0 [ 264.684256][ T8490] ? __pfx____sys_sendmsg+0x10/0x10 [ 264.686310][ T8490] ? lock_acquire+0x2f/0xb0 [ 264.687971][ T8490] ? __fget_files+0x40/0x3f0 [ 264.689732][ T8490] ? fdget+0x176/0x210 [ 264.691215][ T8490] __sys_sendmsg+0x117/0x1f0 [ 264.692899][ T8490] ? __pfx___sys_sendmsg+0x10/0x10 [ 264.694996][ T8490] ? bpf_trace_run2+0x2a6/0x590 [ 264.697016][ T8490] ? rcu_is_watching+0x12/0xc0 [ 264.698833][ T8490] __do_fast_syscall_32+0x73/0x120 [ 264.700661][ T8490] do_fast_syscall_32+0x32/0x80 [ 264.702043][ T8490] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 264.703903][ T8490] RIP: 0023:0xf7f9f579 [ 264.705028][ T8490] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 264.710347][ T8490] RSP: 002b:00000000f572656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 264.712638][ T8490] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 264.714816][ T8490] RDX: 0000000020008000 RSI: 0000000000000000 RDI: 0000000000000000 [ 264.717070][ T8490] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 264.719604][ T8490] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 264.722332][ T8490] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 264.724810][ T8490] [ 265.279602][ T39] audit: type=1804 audit(1727610307.366:70): pid=8500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.921" name="/newroot/50/file0/bus" dev="ramfs" ino=21424 res=1 errno=0 [ 265.391837][ T39] audit: type=1800 audit(1727610307.476:71): pid=8500 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.921" name="bus" dev="ramfs" ino=21424 res=0 errno=0 [ 267.301416][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.931'. [ 269.389433][ T8571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.942'. [ 270.010120][ T39] audit: type=1804 audit(1727610312.096:72): pid=8574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.943" name="/newroot/256/file0/bus" dev="ramfs" ino=22495 res=1 errno=0 [ 270.147408][ T39] audit: type=1800 audit(1727610312.236:73): pid=8574 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.943" name="bus" dev="ramfs" ino=22495 res=0 errno=0 [ 270.956268][ T5358] Bluetooth: hci0: unexpected cc 0x042e length: 1 < 7 [ 272.232170][ T8610] hugetlbfs: Unknown parameter 'nr_fnod¿Œ»' [ 272.334516][ T8610] veth0_vlan: left promiscuous mode [ 272.340064][ T8610] veth0_vlan: entered promiscuous mode [ 274.353935][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.0.967'. [ 274.398598][ T8645] bond1: entered allmulticast mode [ 274.400801][ T8645] 8021q: adding VLAN 0 to HW filter on device bond1 [ 274.715260][ T8658] netlink: 44 bytes leftover after parsing attributes in process `syz.2.970'. [ 274.722411][ T8658] netlink: 59 bytes leftover after parsing attributes in process `syz.2.970'. [ 274.985054][ T8665] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 274.990124][ T8665] x_tables: ip6_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING [ 275.002511][ T5358] Bluetooth: hci0: unexpected cc 0x042e length: 1 < 7 [ 275.091595][ T8671] ipt_REJECT: ECHOREPLY no longer supported. [ 276.304895][ T5358] Bluetooth: hci0: unexpected cc 0x042e length: 1 < 7 [ 276.618047][ T8715] block nbd1: shutting down sockets [ 276.750397][ T8717] Unsupported ieee802154 address type: 0 [ 276.903183][ T8726] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 277.141418][ T8736] debugfs: Directory 'netdev:nicvf0' with parent 'phy3' already present! [ 277.215917][ T5358] Bluetooth: hci2: unexpected cc 0x042e length: 1 < 7 [ 277.218728][ T5358] Bluetooth: hci2: unexpected event for opcode 0x042e [ 277.831732][ T8765] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 278.810063][ T5358] Bluetooth: hci2: unexpected cc 0x042e length: 1 < 7 [ 278.812807][ T5358] Bluetooth: hci2: unexpected event for opcode 0x042e [ 279.882249][ T8788] overlay: ./file0 is not a directory [ 279.898516][ T39] audit: type=1804 audit(1727610577.984:74): pid=8790 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1011" name="/newroot/90/file0/bus" dev="ramfs" ino=26808 res=1 errno=0 [ 279.906805][ T39] audit: type=1804 audit(1727610577.994:75): pid=8792 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1012" name="/newroot/280/file0/bus" dev="ramfs" ino=26810 res=1 errno=0 [ 279.994301][ T8788] overlay: ./file0 is not a directory [ 281.295955][ T8799] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1013'. [ 281.402959][ T8801] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1014'. [ 281.406634][ T8801] netlink: 51 bytes leftover after parsing attributes in process `syz.3.1014'. [ 281.409843][ T8801] netlink: 'syz.3.1014': attribute type 6 has an invalid length. [ 281.412620][ T8801] netlink: 51 bytes leftover after parsing attributes in process `syz.3.1014'. [ 281.807107][ T5358] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 282.233227][ T8812] Cannot find map_set index 1 as target [ 282.415871][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 282.595911][ T25] usb 5-1: Using ep0 maxpacket: 8 [ 282.600453][ T25] usb 5-1: config index 0 descriptor too short (expected 301, got 45) [ 282.603232][ T25] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 282.607648][ T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 282.611402][ T25] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 282.615022][ T25] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 282.620037][ T25] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 282.633523][ T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 282.820005][ T8822] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 282.856020][ T25] usb 5-1: GET_CAPABILITIES returned 0 [ 282.857876][ T25] usbtmc 5-1:16.0: can't read capabilities [ 283.457353][ T8832] bridge_slave_1: left allmulticast mode [ 283.458851][ T8832] bridge_slave_1: left promiscuous mode [ 283.460442][ T8832] bridge0: port 2(bridge_slave_1) entered disabled state [ 283.604511][ T5358] Bluetooth: hci2: unexpected cc 0x042e length: 1 < 7 [ 283.606525][ T5358] Bluetooth: hci2: unexpected event for opcode 0x042e [ 285.026763][ T8841] FAULT_INJECTION: forcing a failure. [ 285.026763][ T8841] name failslab, interval 1, probability 0, space 0, times 0 [ 285.034021][ T8841] CPU: 0 UID: 0 PID: 8841 Comm: syz.1.1027 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 285.037870][ T8841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 285.041636][ T8841] Call Trace: [ 285.042832][ T8841] [ 285.043896][ T8841] dump_stack_lvl+0x16c/0x1f0 [ 285.045595][ T8841] should_fail_ex+0x497/0x5b0 [ 285.047253][ T8841] ? fs_reclaim_acquire+0xae/0x160 [ 285.049165][ T8841] should_failslab+0xc2/0x120 [ 285.050938][ T8841] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 285.052980][ T8841] ? stack_depot_save_flags+0x28/0x900 [ 285.055020][ T8841] ? alloc_empty_file+0x73/0x1e0 [ 285.056805][ T8841] alloc_empty_file+0x73/0x1e0 [ 285.058539][ T8841] path_openat+0xe1/0x2d60 [ 285.060144][ T8841] ? hlock_class+0x4e/0x130 [ 285.061788][ T8841] ? __lock_acquire+0x163e/0x3ce0 [ 285.063704][ T8841] ? __pfx_path_openat+0x10/0x10 [ 285.065596][ T8841] ? __pfx___lock_acquire+0x10/0x10 [ 285.067452][ T8841] do_filp_open+0x1dc/0x430 [ 285.069065][ T8841] ? __pfx_do_filp_open+0x10/0x10 [ 285.070876][ T8841] ? _raw_spin_unlock+0x28/0x50 [ 285.072603][ T8841] ? alloc_fd+0x2d7/0x6c0 [ 285.074149][ T8841] do_sys_openat2+0x17a/0x1e0 [ 285.075849][ T8841] ? __pfx_do_sys_openat2+0x10/0x10 [ 285.077749][ T8841] ? __fget_files+0x244/0x3f0 [ 285.079434][ T8841] __ia32_compat_sys_open+0x147/0x1e0 [ 285.081522][ T8841] ? __pfx___ia32_compat_sys_open+0x10/0x10 [ 285.083659][ T8841] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 285.086029][ T8841] __do_fast_syscall_32+0x73/0x120 [ 285.087856][ T8841] do_fast_syscall_32+0x32/0x80 [ 285.089618][ T8841] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 285.091862][ T8841] RIP: 0023:0xf7f21579 [ 285.093330][ T8841] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 285.100221][ T8841] RSP: 002b:00000000f568556c EFLAGS: 00000296 ORIG_RAX: 0000000000000005 [ 285.103120][ T8841] RAX: ffffffffffffffda RBX: 0000000020000240 RCX: 0000000000105081 [ 285.105890][ T8841] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 285.108823][ T8841] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 285.111774][ T8841] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 285.114587][ T8841] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 285.117422][ T8841] [ 286.509649][ T25] usb 5-1: USB disconnect, device number 3 [ 286.652473][ T8843] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4) [ 286.655076][ T8843] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 286.693644][ T8843] vhci_hcd vhci_hcd.0: Device attached [ 286.755932][ T39] audit: type=1804 audit(1727610840.836:76): pid=8857 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1030" name="/newroot/93/file0/bus" dev="ramfs" ino=25903 res=1 errno=0 [ 286.956469][ T64] usb 20-1: SetAddress Request (2) to port 0 [ 286.958340][ T64] usb 20-1: new SuperSpeed USB device number 2 using vhci_hcd [ 287.483588][ T8851] vhci_hcd: connection reset by peer [ 287.491975][ T1105] vhci_hcd: stop threads [ 287.494183][ T1105] vhci_hcd: release socket [ 287.505539][ T1105] vhci_hcd: disconnect device [ 288.643039][ T5358] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 288.645289][ T5358] Bluetooth: hci4: unexpected event for opcode 0x042e [ 288.748441][ T8870] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 290.846032][ T5917] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 290.995852][ T5917] usb 7-1: Using ep0 maxpacket: 8 [ 290.999857][ T5917] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 291.002440][ T5917] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 291.004789][ T5917] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 291.009138][ T5917] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 291.016080][ T5917] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 291.018592][ T5917] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 291.027418][ T5917] hub 7-1:1.0: bad descriptor, ignoring hub [ 291.028957][ T5917] hub 7-1:1.0: probe with driver hub failed with error -5 [ 291.031009][ T5917] cdc_wdm 7-1:1.0: skipping garbage [ 291.032410][ T5917] cdc_wdm 7-1:1.0: skipping garbage [ 291.035574][ T5917] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device [ 291.045104][ T5917] cdc_wdm 7-1:1.0: Unknown control protocol [ 291.527016][ T5917] usb 7-1: USB disconnect, device number 3 [ 292.046115][ T64] usb 20-1: device descriptor read/8, error -110 [ 292.443352][ T64] usb usb20-port1: attempt power cycle [ 292.497966][ T5358] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 292.796418][ T8] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 292.835917][ T57] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 292.948053][ T8] usb 7-1: unable to get BOS descriptor or descriptor too short [ 292.951003][ T8] usb 7-1: config 9 has an invalid interface number: 171 but max is 2 [ 292.953174][ T8] usb 7-1: config 9 has an invalid interface number: 157 but max is 2 [ 292.955399][ T8] usb 7-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 292.966361][ T8] usb 7-1: config 9 has 2 interfaces, different from the descriptor's value: 3 [ 292.976052][ T8] usb 7-1: config 9 has no interface number 0 [ 292.977812][ T8] usb 7-1: config 9 has no interface number 1 [ 292.979474][ T8] usb 7-1: config 9 interface 171 altsetting 14 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 292.986046][ T57] usb 6-1: Using ep0 maxpacket: 8 [ 292.988152][ T8] usb 7-1: config 9 interface 171 altsetting 14 has an invalid descriptor for endpoint zero, skipping [ 292.991579][ T57] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 292.995633][ T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 292.995901][ T8] usb 7-1: config 9 interface 157 altsetting 9 has an invalid endpoint descriptor of length 6, skipping [ 292.999507][ T57] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 293.006721][ T64] usb usb20-port1: unable to enumerate USB device [ 293.007139][ T57] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 293.014120][ T57] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 293.014170][ T8] usb 7-1: config 9 interface 157 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 7 [ 293.017591][ T57] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 293.023631][ T8] usb 7-1: config 9 interface 171 has no altsetting 0 [ 293.025592][ T8] usb 7-1: config 9 interface 157 has no altsetting 0 [ 293.038755][ T8] usb 7-1: New USB device found, idVendor=04b4, idProduct=2830, bcdDevice= 6.1f [ 293.042110][ T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 293.044905][ T8] usb 7-1: Product: syz [ 293.055999][ T8] usb 7-1: Manufacturer: syz [ 293.057442][ T8] usb 7-1: SerialNumber: syz [ 293.287395][ T8] dvb-usb: found a 'Opera1 DVB-S USB2.0' in cold state, will try to load a firmware [ 293.303992][ T8] usb 7-1: Direct firmware load for dvb-usb-opera-01.fw failed with error -2 [ 293.308155][ T8] usb 7-1: Falling back to sysfs fallback for: dvb-usb-opera-01.fw [ 294.013375][ T8915] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1047'. [ 294.016850][ T8915] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1047'. [ 294.020310][ T8915] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1047'. [ 294.839572][ T39] audit: type=1800 audit(1727610848.926:77): pid=8926 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1050" name="/" dev="fuse" ino=1 res=0 errno=0 [ 295.054608][ T5358] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 295.056621][ T5358] Bluetooth: hci4: unexpected event for opcode 0x042e [ 295.197534][ T8938] binder: 8937:8938 ioctl 4040942c 200001c0 returned -22 [ 295.326717][ T39] audit: type=1804 audit(1727610849.416:78): pid=8940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1055" name="/newroot/178/file0/bus" dev="ramfs" ino=25170 res=1 errno=0 [ 295.796991][ T57] usb 6-1: usb_control_msg returned -71 [ 295.800181][ T57] usbtmc 6-1:16.0: can't read capabilities [ 295.826586][ T57] usb 6-1: USB disconnect, device number 12 [ 296.039791][ T8945] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 296.042327][ T8945] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 296.078651][ T8944] mac80211_hwsim hwsim16 wlan0: entered promiscuous mode [ 296.082085][ T8944] macsec1: entered allmulticast mode [ 296.083844][ T8944] mac80211_hwsim hwsim16 wlan0: entered allmulticast mode [ 296.123964][ T8945] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 296.127179][ T8945] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 296.136847][ T8944] mac80211_hwsim hwsim16 wlan0: left allmulticast mode [ 296.143454][ T8944] mac80211_hwsim hwsim16 wlan0: left promiscuous mode [ 296.149222][ T8945] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 296.156671][ T8945] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 296.167765][ T8945] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 296.174185][ T8945] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 296.217611][ T8945] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 296.228763][ T8945] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 296.253002][ T8946] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1056'. [ 296.257866][ T8945] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 296.346481][ T8945] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 296.351288][ T8945] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 296.370969][ T8945] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 296.649635][ T8956] netlink: 'syz.3.1059': attribute type 10 has an invalid length. [ 296.652057][ T8956] ipvlan1: entered promiscuous mode [ 296.674873][ T8956] team0: Device ipvlan1 failed to register rx_handler [ 296.775763][ T5358] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 296.778494][ T5358] Bluetooth: hci5: unexpected event for opcode 0x042e [ 296.873977][ T8965] Cannot find map_set index 1 as target [ 297.492859][ T8972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1065'. [ 297.496390][ T8972] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 297.499156][ T8972] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 297.505464][ T8972] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 297.509382][ T8972] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 297.615122][ T8978] netlink: 'syz.2.1069': attribute type 4 has an invalid length. [ 297.836173][ T8981] netlink: 'syz.2.1070': attribute type 3 has an invalid length. [ 297.839331][ T8981] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1070'. [ 297.995593][ T8983] FAULT_INJECTION: forcing a failure. [ 297.995593][ T8983] name failslab, interval 1, probability 0, space 0, times 0 [ 298.001193][ T8983] CPU: 2 UID: 0 PID: 8983 Comm: syz.1.1071 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 298.004934][ T8983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 298.008932][ T8983] Call Trace: [ 298.010260][ T8983] [ 298.011433][ T8983] dump_stack_lvl+0x16c/0x1f0 [ 298.013271][ T8983] should_fail_ex+0x497/0x5b0 [ 298.015097][ T8983] ? fs_reclaim_acquire+0xae/0x160 [ 298.017167][ T8983] should_failslab+0xc2/0x120 [ 298.019030][ T8983] kmem_cache_alloc_node_noprof+0x71/0x310 [ 298.021337][ T8983] ? __alloc_skb+0x2b3/0x380 [ 298.023070][ T8983] __alloc_skb+0x2b3/0x380 [ 298.024838][ T8983] ? __pfx___alloc_skb+0x10/0x10 [ 298.026825][ T8983] ? lock_acquire+0x2f/0xb0 [ 298.028627][ T8983] netlink_alloc_large_skb+0x69/0x130 [ 298.030707][ T8983] netlink_sendmsg+0x689/0xd70 [ 298.032514][ T8983] ? __pfx_netlink_sendmsg+0x10/0x10 [ 298.034490][ T8983] ? trace_lock_acquire+0x14a/0x1d0 [ 298.036467][ T8983] sock_write_iter+0x4fe/0x5b0 [ 298.038303][ T8983] ? __pfx_sock_write_iter+0x10/0x10 [ 298.040309][ T8983] do_iter_readv_writev+0x532/0x7f0 [ 298.042272][ T8983] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 298.044428][ T8983] ? bpf_lsm_file_permission+0x9/0x10 [ 298.046464][ T8983] ? security_file_permission+0x71/0x210 [ 298.048597][ T8983] vfs_writev+0x363/0xdd0 [ 298.050239][ T8983] ? find_held_lock+0x2d/0x110 [ 298.052041][ T8983] ? __pfx_vfs_writev+0x10/0x10 [ 298.053859][ T8983] ? find_held_lock+0x2d/0x110 [ 298.055627][ T8983] ? __pfx_lock_release+0x10/0x10 [ 298.057529][ T8983] ? trace_lock_acquire+0x14a/0x1d0 [ 298.059460][ T8983] ? __fget_files+0x244/0x3f0 [ 298.061243][ T8983] ? do_writev+0x289/0x370 [ 298.062901][ T8983] do_writev+0x289/0x370 [ 298.064478][ T8983] ? __pfx_do_writev+0x10/0x10 [ 298.066272][ T8983] __do_fast_syscall_32+0x73/0x120 [ 298.068192][ T8983] do_fast_syscall_32+0x32/0x80 [ 298.070106][ T8983] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 298.072479][ T8983] RIP: 0023:0xf7f21579 [ 298.073987][ T8983] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 298.081042][ T8983] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000092 [ 298.084246][ T8983] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200003c0 [ 298.087188][ T8983] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 298.090138][ T8983] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 298.093086][ T8983] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 298.096013][ T8983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 298.099112][ T8983] [ 298.100977][ C2] hpet: Lost 6 RTC interrupts [ 298.105955][ T5358] Bluetooth: hci1: command 0x0406 tx timeout [ 298.135982][ T5358] Bluetooth: hci2: command 0x0406 tx timeout [ 298.206102][ T5358] Bluetooth: hci3: command 0x0406 tx timeout [ 298.208608][ T5358] Bluetooth: hci4: command 0x0406 tx timeout [ 298.286016][ T5358] Bluetooth: hci0: command 0x0c1a tx timeout [ 298.730609][ T5349] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 298.733322][ T5349] Bluetooth: hci5: unexpected event for opcode 0x042e [ 299.365887][ T5917] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 299.535916][ T5917] usb 8-1: Using ep0 maxpacket: 8 [ 299.540495][ T5917] usb 8-1: config index 0 descriptor too short (expected 301, got 45) [ 299.551742][ T5917] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 299.562551][ T5917] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 299.572251][ T5917] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 299.586364][ T5917] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 299.600507][ T5917] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 299.607476][ T5917] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.625027][ T9002] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1079'. [ 299.813449][ T39] audit: type=1804 audit(1727610853.896:79): pid=9005 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1080" name="/newroot/99/file0/bus" dev="ramfs" ino=26112 res=1 errno=0 [ 299.845937][ T5917] usb 8-1: GET_CAPABILITIES returned 0 [ 299.848816][ T5917] usbtmc 8-1:16.0: can't read capabilities [ 300.063640][ T9000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 300.074327][ T9000] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 300.125971][ T5349] Bluetooth: hci1: command 0x0406 tx timeout [ 300.215938][ T5349] Bluetooth: hci2: command 0x0406 tx timeout [ 300.286272][ T5358] Bluetooth: hci3: command 0x0406 tx timeout [ 300.287936][ T5349] Bluetooth: hci4: command 0x0406 tx timeout [ 300.301057][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1083'. [ 300.304350][ T9015] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1083'. [ 300.307217][ T9015] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1083'. [ 300.365904][ T5349] Bluetooth: hci0: command 0x0c1a tx timeout [ 301.495889][ T5393] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 301.666185][ T5393] usb 5-1: Using ep0 maxpacket: 32 [ 301.668825][ T5393] usb 5-1: config 0 has no interfaces? [ 301.672167][ T5393] usb 5-1: New USB device found, idVendor=1557, idProduct=8150, bcdDevice=29.ed [ 301.675097][ T5393] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 301.680578][ T5393] usb 5-1: Product: syz [ 301.687031][ T5393] usb 5-1: Manufacturer: syz [ 301.690290][ T5393] usb 5-1: SerialNumber: syz [ 301.700768][ T5393] usb 5-1: config 0 descriptor?? [ 302.450563][ T5349] Bluetooth: hci0: command 0x0c1a tx timeout [ 302.612881][ T9056] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1093'. [ 302.623548][ T9056] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1093'. [ 302.650662][ T9056] netlink: 'syz.1.1093': attribute type 1 has an invalid length. [ 302.655352][ T9056] nbd: illegal input index 11862028 [ 303.687223][ T9062] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check. [ 304.176285][ T5393] usb 5-1: USB disconnect, device number 4 [ 304.809622][ T9080] tipc: Enabled bearer , priority 10 [ 305.048140][ T9091] FAULT_INJECTION: forcing a failure. [ 305.048140][ T9091] name failslab, interval 1, probability 0, space 0, times 0 [ 305.066197][ T9091] CPU: 1 UID: 0 PID: 9091 Comm: syz.1.1100 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 305.069971][ T9091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 305.073629][ T9091] Call Trace: [ 305.074785][ T9091] [ 305.075810][ T9091] dump_stack_lvl+0x16c/0x1f0 [ 305.077454][ T9091] should_fail_ex+0x497/0x5b0 [ 305.079086][ T9091] ? fs_reclaim_acquire+0xae/0x160 [ 305.080986][ T9091] should_failslab+0xc2/0x120 [ 305.082674][ T9091] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 305.084585][ T9091] ? security_file_alloc+0x34/0x2b0 [ 305.086499][ T9091] ? rcu_is_watching+0x12/0xc0 [ 305.088201][ T9091] security_file_alloc+0x34/0x2b0 [ 305.089997][ T9091] init_file+0x93/0x230 [ 305.091484][ T9091] alloc_empty_file+0x91/0x1e0 [ 305.093205][ T9091] path_openat+0xe1/0x2d60 [ 305.094797][ T9091] ? hlock_class+0x4e/0x130 [ 305.096423][ T9091] ? __lock_acquire+0x163e/0x3ce0 [ 305.098180][ T9091] ? __pfx_path_openat+0x10/0x10 [ 305.099907][ T9091] ? __pfx___lock_acquire+0x10/0x10 [ 305.101721][ T9091] do_filp_open+0x1dc/0x430 [ 305.103324][ T9091] ? __pfx_do_filp_open+0x10/0x10 [ 305.105087][ T9091] ? _raw_spin_unlock+0x28/0x50 [ 305.106851][ T9091] ? alloc_fd+0x2d7/0x6c0 [ 305.108418][ T9091] do_sys_openat2+0x17a/0x1e0 [ 305.110125][ T9091] ? __pfx_do_sys_openat2+0x10/0x10 [ 305.112042][ T9091] ? __fget_files+0x244/0x3f0 [ 305.113734][ T9091] __ia32_compat_sys_open+0x147/0x1e0 [ 305.115414][ T9091] ? __pfx___ia32_compat_sys_open+0x10/0x10 [ 305.117536][ T9091] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 305.119869][ T9091] __do_fast_syscall_32+0x73/0x120 [ 305.121697][ T9091] do_fast_syscall_32+0x32/0x80 [ 305.123418][ T9091] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 305.125626][ T9091] RIP: 0023:0xf7f21579 [ 305.127168][ T9091] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 305.133911][ T9091] RSP: 002b:00000000f568556c EFLAGS: 00000296 ORIG_RAX: 0000000000000005 [ 305.136851][ T9091] RAX: ffffffffffffffda RBX: 0000000020000240 RCX: 0000000000105081 [ 305.139638][ T9091] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 305.142381][ T9091] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 305.145212][ T9091] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 305.148006][ T9091] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 305.150797][ T9091] [ 305.167279][ T9000] usbtmc 8-1:16.0: usb_control_msg returned -110 [ 305.233841][ T64] usb 8-1: USB disconnect, device number 5 [ 305.926962][ T5393] tipc: Node number set to 2130706433 [ 306.034933][ T9104] Cannot find map_set index 1 as target [ 306.452848][ T5349] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 306.454784][ T5349] Bluetooth: hci4: unexpected event for opcode 0x042e [ 308.344431][ T9130] netlink: 416 bytes leftover after parsing attributes in process `syz.1.1114'. [ 308.347729][ T9130] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1114'. [ 308.821876][ T9137] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check. [ 309.362510][ T9151] netlink: 'syz.1.1122': attribute type 4 has an invalid length. [ 310.797024][ T9171] devtmpfs: Bad value for 'mpol' [ 311.915659][ T9182] batman_adv: batadv0: Adding interface: dummy0 [ 311.925116][ T9182] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 311.955957][ T9182] batman_adv: batadv0: Interface activated: dummy0 [ 311.962097][ T9182] netlink: 732 bytes leftover after parsing attributes in process `syz.0.1131'. [ 311.965336][ T9182] netlink: 732 bytes leftover after parsing attributes in process `syz.0.1131'. [ 316.201508][ T9209] FAULT_INJECTION: forcing a failure. [ 316.201508][ T9209] name failslab, interval 1, probability 0, space 0, times 0 [ 316.206573][ T9209] CPU: 3 UID: 0 PID: 9209 Comm: syz.0.1140 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 316.210207][ T9209] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 316.214079][ T9209] Call Trace: [ 316.215304][ T9209] [ 316.216385][ T9209] dump_stack_lvl+0x16c/0x1f0 [ 316.218216][ T9209] should_fail_ex+0x497/0x5b0 [ 316.219837][ T9209] ? fs_reclaim_acquire+0xae/0x160 [ 316.221718][ T9209] should_failslab+0xc2/0x120 [ 316.223355][ T9209] kmem_cache_alloc_node_noprof+0x71/0x310 [ 316.225390][ T9209] ? __alloc_skb+0x2b3/0x380 [ 316.226565][ T9209] __alloc_skb+0x2b3/0x380 [ 316.227685][ T9209] ? __pfx___alloc_skb+0x10/0x10 [ 316.229116][ T9209] ? __mutex_trylock_common+0xea/0x250 [ 316.231004][ T9209] netlink_dump+0x6af/0xcc0 [ 316.232537][ T9209] ? trace_contention_end+0xea/0x140 [ 316.234329][ T9209] ? __pfx_netlink_dump+0x10/0x10 [ 316.236005][ T9209] ? __mutex_lock+0x1a6/0x9c0 [ 316.237596][ T9209] ? find_held_lock+0x2d/0x110 [ 316.239195][ T9209] ? lock_acquire+0x2f/0xb0 [ 316.240672][ T9209] ? netlink_lookup+0x3d/0x270 [ 316.242259][ T9209] __netlink_dump_start+0x6d9/0x980 [ 316.244094][ T9209] ? __pfx_rtm_dump_nexthop+0x10/0x10 [ 316.245844][ T9209] rtnetlink_rcv_msg+0xb44/0xea0 [ 316.247523][ T9209] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.249460][ T9209] ? __pfx_rtnl_dumpit+0x10/0x10 [ 316.251179][ T9209] ? __pfx_rtm_dump_nexthop+0x10/0x10 [ 316.253028][ T9209] netlink_rcv_skb+0x165/0x410 [ 316.254626][ T9209] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 316.256409][ T9209] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 316.258212][ T9209] ? netlink_deliver_tap+0x1ae/0xcf0 [ 316.259968][ T9209] netlink_unicast+0x53c/0x7f0 [ 316.261528][ T9209] ? __pfx_netlink_unicast+0x10/0x10 [ 316.263330][ T9209] ? __phys_addr_symbol+0x30/0x80 [ 316.264977][ T9209] ? __check_object_size+0x488/0x710 [ 316.266679][ T9209] netlink_sendmsg+0x8b8/0xd70 [ 316.268280][ T9209] ? __pfx_netlink_sendmsg+0x10/0x10 [ 316.270010][ T9209] ? lock_acquire+0x2f/0xb0 [ 316.271464][ T9209] ____sys_sendmsg+0x9ae/0xb40 [ 316.273009][ T9209] ? __pfx_____sys_sendmsg+0x10/0x10 [ 316.274703][ T9209] ? get_compat_msghdr+0x11b/0x170 [ 316.276443][ T9209] ? __pfx___lock_acquire+0x10/0x10 [ 316.278209][ T9209] ___sys_sendmsg+0x135/0x1e0 [ 316.279864][ T9209] ? __pfx____sys_sendmsg+0x10/0x10 [ 316.281700][ T9209] ? lock_acquire+0x2f/0xb0 [ 316.283329][ T9209] ? __fget_files+0x40/0x3f0 [ 316.284934][ T9209] ? fdget+0x176/0x210 [ 316.286300][ T9209] __sys_sendmsg+0x117/0x1f0 [ 316.287871][ T9209] ? __pfx___sys_sendmsg+0x10/0x10 [ 316.289607][ T9209] ? __fget_files+0x244/0x3f0 [ 316.291188][ T9209] __do_fast_syscall_32+0x73/0x120 [ 316.292941][ T9209] do_fast_syscall_32+0x32/0x80 [ 316.294606][ T9209] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 316.296807][ T9209] RIP: 0023:0xf7fc4579 [ 316.298166][ T9209] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 316.304365][ T9209] RSP: 002b:00000000f574656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 316.307046][ T9209] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 316.309850][ T9209] RDX: 0000000020008000 RSI: 0000000000000000 RDI: 0000000000000000 [ 316.312594][ T9209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 316.315049][ T9209] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 316.317139][ T9209] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 316.319489][ T9209] [ 316.537698][ T1375] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.539686][ T1375] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.926272][ T9245] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1153'. [ 318.075307][ T39] audit: type=1400 audit(1727610872.156:80): apparmor="DENIED" operation="stack" class="file" info="label not found" error=-2 profile="unconfined" name=3A090EA3680EB06A1A5FD3F7614EFCD31267A0590DD509A5EFFE069ABB05AD3352B3AC017439E1DBC66F4DF20C0741B02DB717F35BBBCD4A734DE1F70C73C07EDA77D9616BE3DD1E63E92055FE373A94F022B1F018E4B2A80C8DE7F63E446A7147 pid=9248 comm="syz.0.1155" [ 318.081783][ T9249] sp0: Synchronizing with TNC [ 318.124232][ T9249] syz.0.1155: attempt to access beyond end of device [ 318.124232][ T9249] nbd0: rw=0, sector=0, nr_sectors = 1 limit=0 [ 318.145529][ T9249] (syz.0.1155,9249,3):ocfs2_get_sector:1769 ERROR: status = -5 [ 318.148319][ T9249] (syz.0.1155,9249,3):ocfs2_sb_probe:749 ERROR: status = -5 [ 318.150875][ T9249] (syz.0.1155,9249,3):ocfs2_fill_super:990 ERROR: superblock probe failed! [ 318.153866][ T9249] (syz.0.1155,9249,3):ocfs2_fill_super:1178 ERROR: status = -5 [ 319.326572][ T9269] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 319.338969][ T9269] syzkaller0: entered promiscuous mode [ 319.340551][ T9269] syzkaller0: entered allmulticast mode [ 320.826088][ T9280] raw_sendmsg: syz.3.1164 forgot to set AF_INET. Fix it! [ 322.223656][ T9284] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 322.230615][ T9288] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1166'. [ 322.742719][ T35] libceph: connect (1)[c::]:6789 error -101 [ 322.744993][ T35] libceph: mon0 (1)[c::]:6789 connect error [ 322.834278][ T9310] ceph: No mds server is up or the cluster is laggy [ 322.876220][ T9315] 9pnet_fd: Insufficient options for proto=fd [ 323.903450][ T39] audit: type=1804 audit(1727610877.986:81): pid=9323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1177" name="/newroot/195/bus/bus" dev="overlay" ino=1110 res=1 errno=0 [ 324.780094][ T9337] netlink: 'syz.1.1181': attribute type 4 has an invalid length. [ 324.822211][ T9339] FAULT_INJECTION: forcing a failure. [ 324.822211][ T9339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 324.827429][ T9339] CPU: 3 UID: 0 PID: 9339 Comm: syz.1.1183 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 324.831163][ T9339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 324.834902][ T9339] Call Trace: [ 324.836105][ T9339] [ 324.837198][ T9339] dump_stack_lvl+0x16c/0x1f0 [ 324.838474][ T9339] should_fail_ex+0x497/0x5b0 [ 324.839715][ T9339] _copy_from_iter+0x29b/0x13e0 [ 324.841007][ T9339] ? __pfx__copy_from_iter+0x10/0x10 [ 324.842382][ T9339] ? __virt_addr_valid+0x1a4/0x590 [ 324.843740][ T9339] ? __virt_addr_valid+0x5e/0x590 [ 324.845117][ T9339] ? __phys_addr_symbol+0x30/0x80 [ 324.846489][ T9339] ? __check_object_size+0x488/0x710 [ 324.848261][ T9339] netlink_sendmsg+0x813/0xd70 [ 324.849787][ T9339] ? __pfx_netlink_sendmsg+0x10/0x10 [ 324.851534][ T9339] ? trace_lock_acquire+0x14a/0x1d0 [ 324.853126][ T9339] sock_write_iter+0x4fe/0x5b0 [ 324.854389][ T9339] ? __pfx_sock_write_iter+0x10/0x10 [ 324.856178][ T9339] do_iter_readv_writev+0x532/0x7f0 [ 324.858033][ T9339] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 324.860025][ T9339] ? bpf_lsm_file_permission+0x9/0x10 [ 324.861944][ T9339] ? security_file_permission+0x71/0x210 [ 324.863831][ T9339] vfs_writev+0x363/0xdd0 [ 324.865098][ T9339] ? find_held_lock+0x2d/0x110 [ 324.866812][ T9339] ? __pfx_vfs_writev+0x10/0x10 [ 324.868558][ T9339] ? find_held_lock+0x2d/0x110 [ 324.870266][ T9339] ? __pfx_lock_release+0x10/0x10 [ 324.872041][ T9339] ? trace_lock_acquire+0x14a/0x1d0 [ 324.873787][ T9339] ? __fget_files+0x244/0x3f0 [ 324.875360][ T9339] ? do_writev+0x289/0x370 [ 324.877109][ T9339] do_writev+0x289/0x370 [ 324.878600][ T9339] ? __pfx_do_writev+0x10/0x10 [ 324.880319][ T9339] __do_fast_syscall_32+0x73/0x120 [ 324.882130][ T9339] do_fast_syscall_32+0x32/0x80 [ 324.883842][ T9339] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 324.886165][ T9339] RIP: 0023:0xf7f21579 [ 324.887635][ T9339] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 324.894285][ T9339] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 0000000000000092 [ 324.896607][ T9339] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200003c0 [ 324.899294][ T9339] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 324.902062][ T9339] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 324.904890][ T9339] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 324.907326][ T9339] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 324.910157][ T9339] [ 325.008065][ T9343] 9pnet_fd: Insufficient options for proto=fd [ 325.729804][ T9360] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.1189'. [ 325.732473][ T9360] openvswitch: netlink: VXLAN extension message has 5 unknown bytes. [ 326.617111][ T39] audit: type=1326 audit(1727610880.706:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.634454][ T39] audit: type=1326 audit(1727610880.706:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.644931][ T39] audit: type=1326 audit(1727610880.706:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=39 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.655121][ T39] audit: type=1326 audit(1727610880.706:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.676872][ T39] audit: type=1326 audit(1727610880.706:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.692274][ T39] audit: type=1326 audit(1727610880.706:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=323 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.718301][ T39] audit: type=1326 audit(1727610880.706:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.725132][ T39] audit: type=1326 audit(1727610880.706:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 326.736210][ T39] audit: type=1326 audit(1727610880.776:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9366 comm="syz.1.1191" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f21579 code=0x7ffc0000 [ 327.511363][ T9370] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1193'. [ 327.569852][ T9372] netlink: 'syz.1.1192': attribute type 4 has an invalid length. [ 327.577723][ T9372] input: syz1 as /devices/virtual/input/input14 [ 329.617126][ T5349] Bluetooth: hci2: SCO packet for unknown connection handle 768 [ 329.628424][ T5349] Bluetooth: hci2: SCO packet for unknown connection handle 1039 [ 330.106877][ T9403] e1000e 0000:00:02.0 eth1: NIC Link is Down [ 330.370850][ T9417] xt_hashlimit: Unknown mode mask 90FFFFFF, kernel too old? [ 330.986561][ T9462] Cannot find map_set index 1 as target [ 332.044238][ T39] kauditd_printk_skb: 31 callbacks suppressed [ 332.044255][ T39] audit: type=1804 audit(1727610886.126:122): pid=9482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1219" name="/newroot/336/file0/bus" dev="ramfs" ino=27875 res=1 errno=0 [ 332.172840][ T39] audit: type=1800 audit(1727610886.256:123): pid=9482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1219" name="bus" dev="ramfs" ino=27875 res=0 errno=0 [ 332.490013][ T9491] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1223'. [ 332.493136][ T9491] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1223'. [ 332.496443][ T9491] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1223'. [ 332.505383][ T9495] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1224'. [ 332.749915][ T39] audit: type=1804 audit(1727610886.836:124): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1229" name="/newroot/208/file0/bus" dev="ramfs" ino=28880 res=1 errno=0 [ 332.855275][ T39] audit: type=1800 audit(1727610886.936:125): pid=9512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1229" name="bus" dev="ramfs" ino=28880 res=0 errno=0 [ 333.304872][ T9522] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1231'. [ 334.153120][ T9535] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1235'. [ 334.606451][ T35] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 334.756836][ T35] usb 8-1: too many configurations: 230, using maximum allowed: 8 [ 334.761498][ T35] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 334.764196][ T35] usb 8-1: can't read configurations, error -61 [ 334.895906][ T35] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 335.066333][ T35] usb 8-1: too many configurations: 230, using maximum allowed: 8 [ 335.073837][ T35] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 335.075960][ T35] usb 8-1: can't read configurations, error -61 [ 335.078349][ T35] usb usb8-port1: attempt power cycle [ 335.416503][ T35] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 335.449887][ T35] usb 8-1: too many configurations: 230, using maximum allowed: 8 [ 335.459410][ T35] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 335.462113][ T35] usb 8-1: can't read configurations, error -61 [ 335.605929][ T35] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 335.627057][ T35] usb 8-1: too many configurations: 230, using maximum allowed: 8 [ 335.630686][ T35] usb 8-1: unable to read config index 0 descriptor/start: -61 [ 335.632686][ T35] usb 8-1: can't read configurations, error -61 [ 335.646017][ T35] usb usb8-port1: unable to enumerate USB device [ 336.009490][ T39] audit: type=1804 audit(1727610890.096:126): pid=9551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1240" name="/newroot/341/file0/bus" dev="ramfs" ino=26504 res=1 errno=0 [ 336.124646][ T39] audit: type=1800 audit(1727610890.206:127): pid=9551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1240" name="bus" dev="ramfs" ino=26504 res=0 errno=0 [ 336.503441][ T9556] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 336.511393][ T9556] syzkaller0: entered promiscuous mode [ 336.512905][ T9556] syzkaller0: entered allmulticast mode [ 337.690449][ T9562] hfs: unable to parse mount options [ 338.894652][ T39] audit: type=1804 audit(1727610892.976:128): pid=9569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1245" name="/newroot/148/file0/bus" dev="ramfs" ino=27386 res=1 errno=0 [ 339.001927][ T39] audit: type=1800 audit(1727610893.086:129): pid=9569 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1245" name="bus" dev="ramfs" ino=27386 res=0 errno=0 [ 339.254754][ T9579] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1248'. [ 339.308373][ T39] audit: type=1804 audit(1727610893.396:130): pid=9584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1249" name="/newroot/343/file0/bus" dev="ramfs" ino=28954 res=1 errno=0 [ 339.331706][ T9585] binder_alloc: 9578: binder_alloc_buf size 8 failed, no address space [ 339.334982][ T9585] binder_alloc: allocated: 4096 (num: 1 largest: 4096), free: 0 (num: 0 largest: 0) [ 339.359356][ T39] audit: type=1804 audit(1727610893.446:131): pid=9589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1252" name="/newroot/150/file0/bus" dev="ramfs" ino=29724 res=1 errno=0 [ 339.427383][ T39] audit: type=1800 audit(1727610893.506:132): pid=9584 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1249" name="bus" dev="ramfs" ino=28954 res=0 errno=0 [ 339.524986][ T39] audit: type=1800 audit(1727610893.606:133): pid=9589 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1252" name="bus" dev="ramfs" ino=29724 res=0 errno=0 [ 339.559869][ T5349] Bluetooth: hci4: unexpected cc 0x042e length: 1 < 7 [ 339.562497][ T5349] Bluetooth: hci4: unexpected event for opcode 0x042e [ 340.015528][ T9618] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1261'. [ 340.096600][ T9618] overlay: Unknown parameter 'hash' [ 340.774625][ T5349] Bluetooth: hci5: unexpected cc 0x042e length: 1 < 7 [ 340.776761][ T5349] Bluetooth: hci5: unexpected event for opcode 0x042e [ 340.901456][ T9627] tipc: Failed to remove unknown binding: 66,1,1/0:393374225/393374227 [ 340.904617][ T9627] tipc: Failed to remove unknown binding: 66,1,1/0:393374225/393374227 [ 341.060074][ T9634] syzkaller0: entered promiscuous mode [ 341.062025][ T9634] syzkaller0: entered allmulticast mode [ 341.901508][ T9641] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1269'. [ 342.123758][ T9648] FAULT_INJECTION: forcing a failure. [ 342.123758][ T9648] name failslab, interval 1, probability 0, space 0, times 0 [ 342.132433][ T9648] CPU: 0 UID: 0 PID: 9648 Comm: syz.1.1272 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.136049][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.139803][ T9648] Call Trace: [ 342.140992][ T9648] [ 342.142053][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.143754][ T9648] should_fail_ex+0x497/0x5b0 [ 342.145438][ T9648] ? fs_reclaim_acquire+0xae/0x160 [ 342.147261][ T9648] should_failslab+0xc2/0x120 [ 342.148953][ T9648] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 342.150853][ T9648] ? mas_alloc_nodes+0x172/0x830 [ 342.152623][ T9648] mas_alloc_nodes+0x172/0x830 [ 342.154332][ T9648] mas_node_count_gfp+0x105/0x130 [ 342.156121][ T9648] mas_preallocate+0x53b/0xcd0 [ 342.157847][ T9648] ? __pfx_mas_preallocate+0x10/0x10 [ 342.159713][ T9648] ? shmem_get_inode+0x703/0xea0 [ 342.161486][ T9648] mmap_region+0x165e/0x2a50 [ 342.163122][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.164847][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.166729][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.168615][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.170340][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.172122][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.173990][ T9648] do_mmap+0xc00/0xfc0 [ 342.175417][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.177078][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.178899][ T9648] ? ksys_write+0x1ad/0x260 [ 342.180414][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.182032][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.183945][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.185764][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.187475][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.189707][ T9648] RIP: 0023:0xf7f21579 [ 342.191167][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.198297][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.201500][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.204309][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.207106][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.209895][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.212700][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.215456][ T9648] [ 342.217368][ T9648] BUG: Bad page map in process syz.1.1272 pte:52800225 pmd:7755c067 [ 342.221058][ T9648] addr:0000000020000000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:0 [ 342.226513][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.228926][ T9648] CPU: 1 UID: 0 PID: 9648 Comm: syz.1.1272 Not tainted 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.232496][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.236197][ T9648] Call Trace: [ 342.237386][ T9648] [ 342.238420][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.240065][ T9648] print_bad_pte+0x49c/0x710 [ 342.241666][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.243406][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.245270][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.246914][ T9648] vm_normal_page+0x269/0x2b0 [ 342.248581][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.250362][ T9648] ? hlock_class+0x4e/0x130 [ 342.251931][ T9648] ? __lock_acquire+0x163e/0x3ce0 [ 342.253658][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.255381][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.257209][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.258906][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.260700][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.262358][ T9648] unmap_vmas+0x22f/0x490 [ 342.263845][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.265525][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.267212][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.268735][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.270600][ T9648] unmap_region+0x201/0x480 [ 342.272214][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.274015][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.276151][ T9648] mmap_region+0x1c00/0x2a50 [ 342.277822][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.279533][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.281355][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.283165][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.284872][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.286722][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.288642][ T9648] do_mmap+0xc00/0xfc0 [ 342.290118][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.291758][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.293550][ T9648] ? ksys_write+0x1ad/0x260 [ 342.295143][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.296803][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.298669][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.300434][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.302118][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.304225][ T9648] RIP: 0023:0xf7f21579 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 342.305620][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.312313][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.315162][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.317881][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.320466][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.323024][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.325728][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.328465][ T9648] [ 342.329899][ T9648] Disabling lock debugging due to kernel taint [ 342.353312][ T9648] BUG: Bad page map in process syz.1.1272 pte:52801225 pmd:7755c067 [ 342.356083][ T9648] addr:0000000020001000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1 [ 342.359625][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.362006][ T9648] CPU: 1 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.366077][ T9648] Tainted: [B]=BAD_PAGE [ 342.367543][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.371389][ T9648] Call Trace: [ 342.372565][ T9648] [ 342.373599][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.375247][ T9648] print_bad_pte+0x49c/0x710 [ 342.376900][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.378658][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.380513][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.382102][ T9648] vm_normal_page+0x269/0x2b0 [ 342.383729][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.385525][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.387337][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.389091][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.390986][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.392736][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.394518][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.396241][ T9648] unmap_vmas+0x22f/0x490 [ 342.397770][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.399525][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.401297][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.402861][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.404602][ T9648] unmap_region+0x201/0x480 [ 342.406190][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.407909][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.409928][ T9648] mmap_region+0x1c00/0x2a50 [ 342.411543][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.413296][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.415076][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.416906][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.418589][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.420342][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.422174][ T9648] do_mmap+0xc00/0xfc0 [ 342.423574][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.425191][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.426944][ T9648] ? ksys_write+0x1ad/0x260 [ 342.428552][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.430176][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.432020][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.433811][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.435515][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.437729][ T9648] RIP: 0023:0xf7f21579 [ 342.439123][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.445628][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.448462][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.451161][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.453865][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.456608][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.459304][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.461981][ T9648] [ 342.470858][ T9648] BUG: Bad page map in process syz.1.1272 pte:52802225 pmd:7755c067 [ 342.473967][ T9648] addr:0000000020002000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2 [ 342.478002][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.480647][ T9648] CPU: 0 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.484772][ T9648] Tainted: [B]=BAD_PAGE [ 342.486287][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.490196][ T9648] Call Trace: [ 342.491396][ T9648] [ 342.492450][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.494149][ T9648] print_bad_pte+0x49c/0x710 [ 342.495796][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.497636][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.499543][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.501172][ T9648] vm_normal_page+0x269/0x2b0 [ 342.502838][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.504688][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.506560][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.508356][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.510272][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.512072][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.513940][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.515647][ T9648] unmap_vmas+0x22f/0x490 [ 342.517222][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.518959][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.520759][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.522382][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.524163][ T9648] unmap_region+0x201/0x480 [ 342.525799][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.527588][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.529702][ T9648] mmap_region+0x1c00/0x2a50 [ 342.531355][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.533165][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.535022][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.536872][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.538590][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.540406][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.542293][ T9648] do_mmap+0xc00/0xfc0 [ 342.543730][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.545378][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.547191][ T9648] ? ksys_write+0x1ad/0x260 [ 342.548808][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.550465][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.552346][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.554162][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.555881][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.558125][ T9648] RIP: 0023:0xf7f21579 [ 342.559574][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.566261][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.569178][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.571929][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.574691][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.577460][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.580223][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.582996][ T9648] [ 342.587018][ T9648] BUG: Bad page map in process syz.1.1272 pte:52803225 pmd:7755c067 [ 342.589862][ T9648] addr:0000000020003000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:3 [ 342.593497][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.596734][ T9648] CPU: 2 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.600846][ T9648] Tainted: [B]=BAD_PAGE [ 342.602310][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.606042][ T9648] Call Trace: [ 342.607218][ T9648] [ 342.608261][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.609940][ T9648] print_bad_pte+0x49c/0x710 [ 342.611575][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.613383][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.615235][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.616879][ T9648] vm_normal_page+0x269/0x2b0 [ 342.618541][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.620390][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.622256][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.624048][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.625949][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.627728][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.629515][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.631231][ T9648] unmap_vmas+0x22f/0x490 [ 342.632773][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.634493][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.636296][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.637866][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.639630][ T9648] unmap_region+0x201/0x480 [ 342.641249][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.643022][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.645134][ T9648] mmap_region+0x1c00/0x2a50 [ 342.646757][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.648469][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.650321][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.652188][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.653926][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.655745][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.657652][ T9648] do_mmap+0xc00/0xfc0 [ 342.659104][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.660759][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.662564][ T9648] ? ksys_write+0x1ad/0x260 [ 342.664173][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.665849][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.667741][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.669698][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.671432][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.673650][ T9648] RIP: 0023:0xf7f21579 [ 342.675118][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.681831][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.684677][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.687441][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.690230][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.692989][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.695682][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.698425][ T9648] [ 342.705978][ T9648] BUG: Bad page map in process syz.1.1272 pte:52804225 pmd:7755c067 [ 342.708904][ T9648] addr:0000000020004000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:4 [ 342.712718][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.715147][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.719146][ T9648] Tainted: [B]=BAD_PAGE [ 342.720565][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.724180][ T9648] Call Trace: [ 342.725360][ T9648] [ 342.726350][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.727948][ T9648] print_bad_pte+0x49c/0x710 [ 342.729534][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.731101][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.732966][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.734557][ T9648] vm_normal_page+0x269/0x2b0 [ 342.736117][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.737828][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.739606][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.741355][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.743128][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.744863][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.746639][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.748287][ T9648] unmap_vmas+0x22f/0x490 [ 342.749769][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.751460][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.753159][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.754683][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.756388][ T9648] unmap_region+0x201/0x480 [ 342.757959][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.759643][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.761426][ T9648] mmap_region+0x1c00/0x2a50 [ 342.763001][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.764751][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.766596][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.768461][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.770177][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.771892][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.773644][ T9648] do_mmap+0xc00/0xfc0 [ 342.775020][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.776589][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.778490][ T9648] ? ksys_write+0x1ad/0x260 [ 342.780160][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.781730][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.783513][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.785320][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.787061][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.789298][ T9648] RIP: 0023:0xf7f21579 [ 342.790654][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.797258][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.799917][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.802572][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.805256][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.807897][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.810464][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.813107][ T9648] [ 342.814742][ T9648] BUG: Bad page map in process syz.1.1272 pte:52805225 pmd:7755c067 [ 342.817487][ T9648] addr:0000000020005000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:5 [ 342.820982][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.823304][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.827235][ T9648] Tainted: [B]=BAD_PAGE [ 342.828671][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.832284][ T9648] Call Trace: [ 342.833463][ T9648] [ 342.834476][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.836132][ T9648] print_bad_pte+0x49c/0x710 [ 342.837743][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.839486][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.841263][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.842722][ T9648] vm_normal_page+0x269/0x2b0 [ 342.844277][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.846118][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.847972][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.849770][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.851633][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.853388][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.855111][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.856799][ T9648] unmap_vmas+0x22f/0x490 [ 342.858280][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.860005][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.861689][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.863237][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.864931][ T9648] unmap_region+0x201/0x480 [ 342.866469][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.868193][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.870282][ T9648] mmap_region+0x1c00/0x2a50 [ 342.871951][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.873708][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.875522][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.877384][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.879095][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.880858][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.882668][ T9648] do_mmap+0xc00/0xfc0 [ 342.884127][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 342.885759][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 342.887472][ T9648] ? ksys_write+0x1ad/0x260 [ 342.889079][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 342.890737][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 342.892635][ T9648] __do_fast_syscall_32+0x73/0x120 [ 342.894415][ T9648] do_fast_syscall_32+0x32/0x80 [ 342.896133][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 342.898360][ T9648] RIP: 0023:0xf7f21579 [ 342.899823][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 342.906397][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 342.909234][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 342.911944][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 342.914686][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 342.917440][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 342.920170][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 342.922947][ T9648] [ 342.924483][ T9648] BUG: Bad page map in process syz.1.1272 pte:52806225 pmd:7755c067 [ 342.927696][ T9648] addr:0000000020006000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:6 [ 342.931817][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 342.934440][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 342.938606][ T9648] Tainted: [B]=BAD_PAGE [ 342.940109][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 342.944078][ T9648] Call Trace: [ 342.945357][ T9648] [ 342.946303][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 342.947659][ T9648] print_bad_pte+0x49c/0x710 [ 342.949077][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 342.951005][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 342.953066][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.954764][ T9648] vm_normal_page+0x269/0x2b0 [ 342.956516][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 342.958630][ T9648] ? __pfx___might_resched+0x10/0x10 [ 342.960779][ T9648] unmap_page_range+0x109e/0x3ce0 [ 342.962694][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 342.964616][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.966457][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 342.968406][ T9648] unmap_single_vma+0x194/0x2b0 [ 342.970233][ T9648] unmap_vmas+0x22f/0x490 [ 342.971710][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 342.973501][ T9648] ? __pfx_lock_release+0x10/0x10 [ 342.975320][ T9648] ? lock_acquire+0x2f/0xb0 [ 342.976957][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 342.978632][ T9648] unmap_region+0x201/0x480 [ 342.980280][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 342.982201][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 342.984421][ T9648] mmap_region+0x1c00/0x2a50 [ 342.986127][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 342.988030][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 342.989951][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 342.991828][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 342.993613][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 342.995495][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 342.997456][ T9648] do_mmap+0xc00/0xfc0 [ 342.998935][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.000619][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.002485][ T9648] ? ksys_write+0x1ad/0x260 [ 343.004189][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.005866][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.007706][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.009519][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.011298][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.013636][ T9648] RIP: 0023:0xf7f21579 [ 343.015088][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.022258][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.025105][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.027874][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.030942][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.033914][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.036686][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.039374][ T9648] [ 343.041104][ T9648] BUG: Bad page map in process syz.1.1272 pte:52807225 pmd:7755c067 [ 343.044162][ T9648] addr:0000000020007000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:7 [ 343.048156][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.050615][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.055004][ T9648] Tainted: [B]=BAD_PAGE [ 343.056628][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.060411][ T9648] Call Trace: [ 343.061601][ T9648] [ 343.062653][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.064471][ T9648] print_bad_pte+0x49c/0x710 [ 343.066294][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.068172][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.070026][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.071670][ T9648] vm_normal_page+0x269/0x2b0 [ 343.073410][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.075433][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.077505][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.079383][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.081300][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.083122][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.085097][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.086975][ T9648] unmap_vmas+0x22f/0x490 [ 343.088678][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.090568][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.092341][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.093949][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.095727][ T9648] unmap_region+0x201/0x480 [ 343.097436][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.099351][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.101516][ T9648] mmap_region+0x1c00/0x2a50 [ 343.103208][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.104977][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.106867][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.108828][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.110695][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.112565][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.114420][ T9648] do_mmap+0xc00/0xfc0 [ 343.115861][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.117550][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.119441][ T9648] ? ksys_write+0x1ad/0x260 [ 343.121138][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.122936][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.124906][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.126868][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.128594][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.130853][ T9648] RIP: 0023:0xf7f21579 [ 343.132393][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.139554][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.142500][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.145414][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.148285][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.151111][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.153873][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.156864][ T9648] [ 343.158494][ T9648] BUG: Bad page map in process syz.1.1272 pte:52808225 pmd:7755c067 [ 343.161424][ T9648] addr:0000000020008000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:8 [ 343.165157][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.167781][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.172232][ T9648] Tainted: [B]=BAD_PAGE [ 343.173692][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.177414][ T9648] Call Trace: [ 343.178630][ T9648] [ 343.179813][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.181702][ T9648] print_bad_pte+0x49c/0x710 [ 343.183401][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.185196][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.187078][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.188762][ T9648] vm_normal_page+0x269/0x2b0 [ 343.190536][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.192544][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.194553][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.196402][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.198301][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.200079][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.202025][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.203857][ T9648] unmap_vmas+0x22f/0x490 [ 343.205488][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.207285][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.209135][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.210771][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.212605][ T9648] unmap_region+0x201/0x480 [ 343.214192][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.216017][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.218178][ T9648] mmap_region+0x1c00/0x2a50 [ 343.219826][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.221591][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.223494][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.225465][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.227281][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.229127][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.230953][ T9648] do_mmap+0xc00/0xfc0 [ 343.232486][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.234276][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.236347][ T9648] ? ksys_write+0x1ad/0x260 [ 343.238157][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.239958][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.241990][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.243927][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.245763][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.248208][ T9648] RIP: 0023:0xf7f21579 [ 343.249667][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.256809][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.259689][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.262579][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.265532][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.268387][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.271122][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.273375][ T9648] [ 343.276154][ T9648] BUG: Bad page map in process syz.1.1272 pte:52809225 pmd:7755c067 [ 343.278426][ T9648] addr:0000000020009000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:9 [ 343.281680][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.283495][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.286919][ T9648] Tainted: [B]=BAD_PAGE [ 343.288092][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.291916][ T9648] Call Trace: [ 343.293069][ T9648] [ 343.294098][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.295748][ T9648] print_bad_pte+0x49c/0x710 [ 343.297448][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.299334][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.301296][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.302857][ T9648] vm_normal_page+0x269/0x2b0 [ 343.304481][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.306299][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.308211][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.310097][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.312032][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.313739][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.315495][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.317308][ T9648] unmap_vmas+0x22f/0x490 [ 343.318938][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.320738][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.322512][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.324055][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.325845][ T9648] unmap_region+0x201/0x480 [ 343.327445][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.329227][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.331251][ T9648] mmap_region+0x1c00/0x2a50 [ 343.332902][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.334685][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.336567][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.338466][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.340273][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.342217][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.344259][ T9648] do_mmap+0xc00/0xfc0 [ 343.345784][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.347430][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.349205][ T9648] ? ksys_write+0x1ad/0x260 [ 343.350854][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.352669][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.354653][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.356482][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.358222][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.360435][ T9648] RIP: 0023:0xf7f21579 [ 343.361942][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.368724][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.371675][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.374556][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.377373][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.380194][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.383032][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.385774][ T9648] [ 343.390711][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280a225 pmd:7755c067 [ 343.393577][ T9648] addr:000000002000a000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:a [ 343.397439][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.399948][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.404058][ T9648] Tainted: [B]=BAD_PAGE [ 343.405531][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.409392][ T9648] Call Trace: [ 343.410731][ T9648] [ 343.411857][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.413588][ T9648] print_bad_pte+0x49c/0x710 [ 343.415189][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.416948][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.418782][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.420372][ T9648] vm_normal_page+0x269/0x2b0 [ 343.421989][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.423760][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.425641][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.427472][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.429546][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.431478][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.433264][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.434989][ T9648] unmap_vmas+0x22f/0x490 [ 343.436566][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.438270][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.440043][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.441656][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.443539][ T9648] unmap_region+0x201/0x480 [ 343.445291][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.447101][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.449264][ T9648] mmap_region+0x1c00/0x2a50 [ 343.450963][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.452764][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.454579][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.456382][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.458079][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.459906][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.461793][ T9648] do_mmap+0xc00/0xfc0 [ 343.463214][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.464772][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.466689][ T9648] ? ksys_write+0x1ad/0x260 [ 343.468402][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.470106][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.471938][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.473560][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.475256][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.477364][ T9648] RIP: 0023:0xf7f21579 [ 343.478849][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.485785][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.488659][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.491364][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.493973][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.496702][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.499462][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.502185][ T9648] [ 343.513067][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280b225 pmd:7755c067 [ 343.515870][ T9648] addr:000000002000b000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:b [ 343.519641][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.522211][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.525747][ T9648] Tainted: [B]=BAD_PAGE [ 343.526825][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.530047][ T9648] Call Trace: [ 343.531265][ T9648] [ 343.532331][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.534076][ T9648] print_bad_pte+0x49c/0x710 [ 343.535780][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.537707][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.539660][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.541354][ T9648] vm_normal_page+0x269/0x2b0 [ 343.543281][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.545216][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.547146][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.548774][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.550647][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.552444][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.554340][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.556068][ T9648] unmap_vmas+0x22f/0x490 [ 343.557601][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.559328][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.561179][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.562912][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.564809][ T9648] unmap_region+0x201/0x480 [ 343.566446][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.568203][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.570460][ T9648] mmap_region+0x1c00/0x2a50 [ 343.572070][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.573825][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.575646][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.577536][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.579301][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.581221][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.583100][ T9648] do_mmap+0xc00/0xfc0 [ 343.584540][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.586149][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.587921][ T9648] ? ksys_write+0x1ad/0x260 [ 343.589575][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.591321][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.593417][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.595276][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.597001][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.599183][ T9648] RIP: 0023:0xf7f21579 [ 343.600615][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.607375][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.610241][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.612912][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.615597][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.618469][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.621330][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.624072][ T9648] [ 343.632832][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280c225 pmd:7755c067 [ 343.635675][ T9648] addr:000000002000c000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:c [ 343.639597][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.642206][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.646248][ T9648] Tainted: [B]=BAD_PAGE [ 343.647698][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.651561][ T9648] Call Trace: [ 343.652784][ T9648] [ 343.653861][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.655602][ T9648] print_bad_pte+0x49c/0x710 [ 343.657324][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.659122][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.660895][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.662481][ T9648] vm_normal_page+0x269/0x2b0 [ 343.664172][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.666013][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.667859][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.669711][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.671630][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.673384][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.675202][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.676919][ T9648] unmap_vmas+0x22f/0x490 [ 343.678410][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.680152][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.681928][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.683335][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.685182][ T9648] unmap_region+0x201/0x480 [ 343.686859][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.688647][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.690717][ T9648] mmap_region+0x1c00/0x2a50 [ 343.692343][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.694097][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.695922][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.697787][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.699593][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.701523][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.703442][ T9648] do_mmap+0xc00/0xfc0 [ 343.704905][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.706577][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.708322][ T9648] ? ksys_write+0x1ad/0x260 [ 343.709958][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.711584][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.713446][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.715309][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.717077][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.719338][ T9648] RIP: 0023:0xf7f21579 [ 343.720757][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.727352][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.730243][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.733024][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.736079][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.738930][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.741761][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.744486][ T9648] [ 343.745906][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280d225 pmd:7755c067 [ 343.748904][ T9648] addr:000000002000d000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:d [ 343.752813][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.755255][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.758601][ T9648] Tainted: [B]=BAD_PAGE [ 343.760074][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.762950][ T9648] Call Trace: [ 343.763828][ T9648] [ 343.764643][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.765886][ T9648] print_bad_pte+0x49c/0x710 [ 343.767108][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.768490][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.770133][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.771544][ T9648] vm_normal_page+0x269/0x2b0 [ 343.773214][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.775061][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.777016][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.778539][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.780265][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.781631][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.783057][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.784325][ T9648] unmap_vmas+0x22f/0x490 [ 343.785795][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.787548][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.789464][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.791085][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.792845][ T9648] unmap_region+0x201/0x480 [ 343.794427][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.796242][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.798334][ T9648] mmap_region+0x1c00/0x2a50 [ 343.799911][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.801681][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.803584][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.805405][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.807134][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.808963][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.810802][ T9648] do_mmap+0xc00/0xfc0 [ 343.812210][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.813876][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.815708][ T9648] ? ksys_write+0x1ad/0x260 [ 343.817358][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.819085][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.820989][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.822738][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.824467][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.826694][ T9648] RIP: 0023:0xf7f21579 [ 343.828093][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.834711][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.837568][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.840260][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.842874][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.845508][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.848222][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.850950][ T9648] [ 343.859284][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280e225 pmd:7755c067 [ 343.862063][ T9648] addr:000000002000e000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:e [ 343.865172][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.867028][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.870532][ T9648] Tainted: [B]=BAD_PAGE [ 343.871915][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.875636][ T9648] Call Trace: [ 343.876844][ T9648] [ 343.877883][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.879553][ T9648] print_bad_pte+0x49c/0x710 [ 343.881150][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.883003][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.885036][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.886690][ T9648] vm_normal_page+0x269/0x2b0 [ 343.887958][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 343.889628][ T9648] ? __pfx___might_resched+0x10/0x10 [ 343.891414][ T9648] unmap_page_range+0x109e/0x3ce0 [ 343.893135][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 343.894880][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.896678][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 343.898527][ T9648] unmap_single_vma+0x194/0x2b0 [ 343.900228][ T9648] unmap_vmas+0x22f/0x490 [ 343.901799][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 343.903614][ T9648] ? __pfx_lock_release+0x10/0x10 [ 343.905503][ T9648] ? lock_acquire+0x2f/0xb0 [ 343.907168][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 343.908966][ T9648] unmap_region+0x201/0x480 [ 343.910602][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 343.912403][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 343.914562][ T9648] mmap_region+0x1c00/0x2a50 [ 343.916325][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 343.918198][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 343.920061][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 343.921960][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 343.923717][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 343.925622][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 343.927540][ T9648] do_mmap+0xc00/0xfc0 [ 343.929058][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 343.930723][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 343.932579][ T9648] ? ksys_write+0x1ad/0x260 [ 343.934205][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 343.935929][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 343.938013][ T9648] __do_fast_syscall_32+0x73/0x120 [ 343.939804][ T9648] do_fast_syscall_32+0x32/0x80 [ 343.941573][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 343.943803][ T9648] RIP: 0023:0xf7f21579 [ 343.945295][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 343.952412][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 343.955375][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 343.958167][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 343.960935][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 343.963924][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 343.966975][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 343.969879][ T9648] [ 343.971234][ T9648] BUG: Bad page map in process syz.1.1272 pte:5280f225 pmd:7755c067 [ 343.974105][ T9648] addr:000000002000f000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:f [ 343.978113][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 343.980773][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 343.984926][ T9648] Tainted: [B]=BAD_PAGE [ 343.986350][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 343.990029][ T9648] Call Trace: [ 343.991189][ T9648] [ 343.992208][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 343.993858][ T9648] print_bad_pte+0x49c/0x710 [ 343.995534][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 343.997625][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 343.999796][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.001440][ T9648] vm_normal_page+0x269/0x2b0 [ 344.003096][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.004844][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.006622][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.008342][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.010234][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.011979][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.013854][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.015630][ T9648] unmap_vmas+0x22f/0x490 [ 344.017126][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.018776][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.020509][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.022112][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.024058][ T9648] unmap_region+0x201/0x480 [ 344.025816][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.027589][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.029659][ T9648] mmap_region+0x1c00/0x2a50 [ 344.031286][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.032984][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.034759][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.036614][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.038360][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.040213][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.042014][ T9648] do_mmap+0xc00/0xfc0 [ 344.043398][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.044972][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.046695][ T9648] ? ksys_write+0x1ad/0x260 [ 344.048212][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.049853][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.051782][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.053702][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.055457][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.057641][ T9648] RIP: 0023:0xf7f21579 [ 344.059038][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.065643][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.068546][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.071244][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.073944][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.076755][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.079530][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.082470][ T9648] [ 344.087958][ T9648] BUG: Bad page map in process syz.1.1272 pte:52810225 pmd:7755c067 [ 344.090832][ T9648] addr:0000000020010000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:10 [ 344.094688][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.097251][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.101384][ T9648] Tainted: [B]=BAD_PAGE [ 344.102883][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.106625][ T9648] Call Trace: [ 344.107831][ T9648] [ 344.108912][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.110630][ T9648] print_bad_pte+0x49c/0x710 [ 344.112315][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.114140][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.116050][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.117695][ T9648] vm_normal_page+0x269/0x2b0 [ 344.119298][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.121147][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.123019][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.124776][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.126673][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.128600][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.130454][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.132201][ T9648] unmap_vmas+0x22f/0x490 [ 344.133770][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.135454][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.137223][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.138837][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.140583][ T9648] unmap_region+0x201/0x480 [ 344.142185][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.143960][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.145999][ T9648] mmap_region+0x1c00/0x2a50 [ 344.147670][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.149446][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.151267][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.153136][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.154849][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.156758][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.158633][ T9648] do_mmap+0xc00/0xfc0 [ 344.160074][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.161723][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.163547][ T9648] ? ksys_write+0x1ad/0x260 [ 344.165182][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.166851][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.168766][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.170578][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.172308][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.174485][ T9648] RIP: 0023:0xf7f21579 [ 344.175956][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.182832][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.185744][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.188531][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.191315][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.194015][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.196766][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.199526][ T9648] [ 344.204005][ T9648] BUG: Bad page map in process syz.1.1272 pte:52811225 pmd:7755c067 [ 344.206939][ T9648] addr:0000000020011000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:11 [ 344.210693][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.213200][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.217637][ T9648] Tainted: [B]=BAD_PAGE [ 344.219316][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.223196][ T9648] Call Trace: [ 344.224419][ T9648] [ 344.225485][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.227164][ T9648] print_bad_pte+0x49c/0x710 [ 344.228906][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.230868][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.232969][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.234635][ T9648] vm_normal_page+0x269/0x2b0 [ 344.236343][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.238165][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.240005][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.241781][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.243687][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.245591][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.247589][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.249399][ T9648] unmap_vmas+0x22f/0x490 [ 344.250949][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.252735][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.254563][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.256147][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.258033][ T9648] unmap_region+0x201/0x480 [ 344.259732][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.261569][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.263681][ T9648] mmap_region+0x1c00/0x2a50 [ 344.265362][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.267138][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.269018][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.270861][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.272665][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.274623][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.276577][ T9648] do_mmap+0xc00/0xfc0 [ 344.278015][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.279640][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.281490][ T9648] ? ksys_write+0x1ad/0x260 [ 344.283114][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.284869][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.286777][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.288583][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.290330][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.292594][ T9648] RIP: 0023:0xf7f21579 [ 344.294044][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.300877][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.303842][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.306697][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.309495][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.312314][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.315080][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.317867][ T9648] [ 344.321763][ T9648] BUG: Bad page map in process syz.1.1272 pte:52812225 pmd:7755c067 [ 344.324577][ T9648] addr:0000000020012000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:12 [ 344.328365][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.330804][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.334926][ T9648] Tainted: [B]=BAD_PAGE [ 344.336407][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.340138][ T9648] Call Trace: [ 344.341331][ T9648] [ 344.342387][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.344102][ T9648] print_bad_pte+0x49c/0x710 [ 344.345822][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.347707][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.349605][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.351198][ T9648] vm_normal_page+0x269/0x2b0 [ 344.352866][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.354761][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.356754][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.358640][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.360558][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.362286][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.364077][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.365706][ T9648] unmap_vmas+0x22f/0x490 [ 344.367301][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.368982][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.370659][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.372229][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.373960][ T9648] unmap_region+0x201/0x480 [ 344.375610][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.377419][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.379491][ T9648] mmap_region+0x1c00/0x2a50 [ 344.381099][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.382740][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.384574][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.386488][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.388267][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.390063][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.391905][ T9648] do_mmap+0xc00/0xfc0 [ 344.393349][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.394950][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.396756][ T9648] ? ksys_write+0x1ad/0x260 [ 344.398315][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.399950][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.401797][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.403506][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.405197][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.407491][ T9648] RIP: 0023:0xf7f21579 [ 344.409009][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.415601][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.418474][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.421211][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.423985][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.426869][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.429615][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.432287][ T9648] [ 344.433510][ T9648] BUG: Bad page map in process syz.1.1272 pte:52813225 pmd:7755c067 [ 344.436306][ T9648] addr:0000000020013000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:13 [ 344.439934][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.442284][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.446586][ T9648] Tainted: [B]=BAD_PAGE [ 344.448061][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.451843][ T9648] Call Trace: [ 344.453070][ T9648] [ 344.454110][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.455795][ T9648] print_bad_pte+0x49c/0x710 [ 344.457487][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.459310][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.461176][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.462786][ T9648] vm_normal_page+0x269/0x2b0 [ 344.464425][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.466288][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.468223][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.470111][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.471978][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.473732][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.475532][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.477264][ T9648] unmap_vmas+0x22f/0x490 [ 344.478783][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.480565][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.482369][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.483947][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.485698][ T9648] unmap_region+0x201/0x480 [ 344.487274][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.489045][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.491194][ T9648] mmap_region+0x1c00/0x2a50 [ 344.492872][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.494605][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.496435][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.498257][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.499953][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.501735][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.503566][ T9648] do_mmap+0xc00/0xfc0 [ 344.505036][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.506690][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.508263][ T9648] ? ksys_write+0x1ad/0x260 [ 344.509771][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.511416][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.513266][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.515035][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.516752][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.518942][ T9648] RIP: 0023:0xf7f21579 [ 344.520401][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.527054][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.530189][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.533167][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.535864][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.538605][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.541435][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.544474][ T9648] [ 344.545976][ T9648] BUG: Bad page map in process syz.1.1272 pte:52814225 pmd:7755c067 [ 344.548841][ T9648] addr:0000000020014000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:14 [ 344.552577][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.555020][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.559318][ T9648] Tainted: [B]=BAD_PAGE [ 344.560693][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.564036][ T9648] Call Trace: [ 344.565216][ T9648] [ 344.566259][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.567946][ T9648] print_bad_pte+0x49c/0x710 [ 344.569579][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.571354][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.573387][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.575080][ T9648] vm_normal_page+0x269/0x2b0 [ 344.576735][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.578383][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.580218][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.581969][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.583815][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.585580][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.587396][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.589147][ T9648] unmap_vmas+0x22f/0x490 [ 344.590715][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.592435][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.594202][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.595797][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.597579][ T9648] unmap_region+0x201/0x480 [ 344.599190][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.601019][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.603136][ T9648] mmap_region+0x1c00/0x2a50 [ 344.604824][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.606580][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.608374][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.610203][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.611958][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.613736][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.615583][ T9648] do_mmap+0xc00/0xfc0 [ 344.617038][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.618648][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.620424][ T9648] ? ksys_write+0x1ad/0x260 [ 344.622002][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.623651][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.625543][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.627377][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.629082][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.631267][ T9648] RIP: 0023:0xf7f21579 [ 344.632691][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.639433][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.642358][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.644670][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.646766][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.648976][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.651771][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.654681][ T9648] [ 344.656349][ T9648] BUG: Bad page map in process syz.1.1272 pte:52815225 pmd:7755c067 [ 344.659183][ T9648] addr:0000000020015000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:15 [ 344.662594][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.665048][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.669138][ T9648] Tainted: [B]=BAD_PAGE [ 344.670579][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.674447][ T9648] Call Trace: [ 344.675685][ T9648] [ 344.676785][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.678457][ T9648] print_bad_pte+0x49c/0x710 [ 344.680098][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.681918][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.683819][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.685421][ T9648] vm_normal_page+0x269/0x2b0 [ 344.687302][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.689141][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.690981][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.692726][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.694457][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.696138][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.697964][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.699667][ T9648] unmap_vmas+0x22f/0x490 [ 344.701222][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.702961][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.704736][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.706362][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.708103][ T9648] unmap_region+0x201/0x480 [ 344.709741][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.711485][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.713618][ T9648] mmap_region+0x1c00/0x2a50 [ 344.715252][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.716979][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.718821][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.720671][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.722353][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.724129][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.725956][ T9648] do_mmap+0xc00/0xfc0 [ 344.727399][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.729066][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.730889][ T9648] ? ksys_write+0x1ad/0x260 [ 344.732470][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.734099][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.735965][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.737795][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.739505][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.741737][ T9648] RIP: 0023:0xf7f21579 [ 344.743170][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.749828][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.752713][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.755436][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.758209][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.761007][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.763687][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.766539][ T9648] [ 344.768382][ T9648] BUG: Bad page map in process syz.1.1272 pte:52816225 pmd:7755c067 [ 344.771192][ T9648] addr:0000000020016000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:16 [ 344.774871][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.777389][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.781441][ T9648] Tainted: [B]=BAD_PAGE [ 344.782898][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.786514][ T9648] Call Trace: [ 344.787624][ T9648] [ 344.788587][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.790133][ T9648] print_bad_pte+0x49c/0x710 [ 344.791758][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.793544][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 344.795362][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.796972][ T9648] vm_normal_page+0x269/0x2b0 [ 344.798646][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.800459][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.802216][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.803965][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.805808][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.807528][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.809409][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.811147][ T9648] unmap_vmas+0x22f/0x490 [ 344.812617][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.814274][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.816062][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.817664][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.819407][ T9648] unmap_region+0x201/0x480 [ 344.820989][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.822596][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.824149][ T9648] mmap_region+0x1c00/0x2a50 [ 344.825391][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.826682][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.828035][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.829819][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.831538][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.833346][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.835233][ T9648] do_mmap+0xc00/0xfc0 [ 344.836699][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.838319][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.840106][ T9648] ? ksys_write+0x1ad/0x260 [ 344.841671][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.843281][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.845126][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.846873][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.848648][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.850907][ T9648] RIP: 0023:0xf7f21579 [ 344.852315][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.858858][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.861736][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.864388][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.867117][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.869880][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.872551][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.875202][ T9648] [ 344.876494][ T9648] BUG: Bad page map in process syz.1.1272 pte:52817225 pmd:7755c067 [ 344.879269][ T9648] addr:0000000020017000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:17 [ 344.882965][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 344.885421][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 344.889410][ T9648] Tainted: [B]=BAD_PAGE [ 344.890877][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 344.894665][ T9648] Call Trace: [ 344.895842][ T9648] [ 344.896947][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 344.898653][ T9648] print_bad_pte+0x49c/0x710 [ 344.900298][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.901895][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 344.903640][ T9648] ? page_ext_put+0x48/0xd0 [ 344.905227][ T9648] ? page_table_check_clear.part.0+0x398/0x540 [ 344.907358][ T9648] vm_normal_page+0x269/0x2b0 [ 344.909008][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 344.910815][ T9648] ? __pfx_arch_check_zapped_pte+0x10/0x10 [ 344.912872][ T9648] ? __pfx___might_resched+0x10/0x10 [ 344.914843][ T9648] unmap_page_range+0x109e/0x3ce0 [ 344.916728][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 344.918608][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.920442][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 344.922203][ T9648] unmap_single_vma+0x194/0x2b0 [ 344.923943][ T9648] unmap_vmas+0x22f/0x490 [ 344.925445][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 344.927161][ T9648] ? __pfx_lock_release+0x10/0x10 [ 344.928896][ T9648] ? lock_acquire+0x2f/0xb0 [ 344.930481][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 344.932213][ T9648] unmap_region+0x201/0x480 [ 344.933820][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 344.935518][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 344.937600][ T9648] mmap_region+0x1c00/0x2a50 [ 344.939233][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 344.940977][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 344.942821][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 344.944638][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 344.946347][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 344.948124][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 344.949962][ T9648] do_mmap+0xc00/0xfc0 [ 344.951444][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 344.953137][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 344.954992][ T9648] ? ksys_write+0x1ad/0x260 [ 344.956610][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 344.958189][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 344.960018][ T9648] __do_fast_syscall_32+0x73/0x120 [ 344.961671][ T9648] do_fast_syscall_32+0x32/0x80 [ 344.963267][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 344.965409][ T9648] RIP: 0023:0xf7f21579 [ 344.966798][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 344.973381][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 344.976215][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 344.978881][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 344.981594][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 344.984299][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 344.987066][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 344.989942][ T9648] [ 344.991299][ T9648] BUG: Bad page map in process syz.1.1272 pte:52818225 pmd:7755c067 [ 344.994097][ T9648] addr:0000000020018000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:18 [ 344.997897][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.000375][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.004497][ T9648] Tainted: [B]=BAD_PAGE [ 345.005955][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.009672][ T9648] Call Trace: [ 345.010926][ T9648] [ 345.012033][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.013762][ T9648] print_bad_pte+0x49c/0x710 [ 345.015367][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.017145][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.019017][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.020674][ T9648] vm_normal_page+0x269/0x2b0 [ 345.022325][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.024169][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.026039][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.027777][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.029711][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.031456][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.033272][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.034940][ T9648] unmap_vmas+0x22f/0x490 [ 345.036471][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.038174][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.039922][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.041526][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.043294][ T9648] unmap_region+0x201/0x480 [ 345.044919][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.046724][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.048912][ T9648] mmap_region+0x1c00/0x2a50 [ 345.050514][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.052176][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.053958][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.055754][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.057495][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.059331][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.061068][ T9648] do_mmap+0xc00/0xfc0 [ 345.062317][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.063768][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.065534][ T9648] ? ksys_write+0x1ad/0x260 [ 345.067146][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.068803][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.070669][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.072458][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.074192][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.076564][ T9648] RIP: 0023:0xf7f21579 [ 345.077955][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.083727][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.086033][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.088217][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.090867][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.093666][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.096607][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.099466][ T9648] [ 345.100823][ T9648] BUG: Bad page map in process syz.1.1272 pte:52819225 pmd:7755c067 [ 345.103581][ T9648] addr:0000000020019000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:19 [ 345.107494][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.109997][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.114140][ T9648] Tainted: [B]=BAD_PAGE [ 345.115615][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.119408][ T9648] Call Trace: [ 345.120577][ T9648] [ 345.121593][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.123240][ T9648] print_bad_pte+0x49c/0x710 [ 345.124899][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.126555][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.128373][ T9648] ? page_ext_put+0x48/0xd0 [ 345.130027][ T9648] ? page_table_check_clear.part.0+0x398/0x540 [ 345.132128][ T9648] vm_normal_page+0x269/0x2b0 [ 345.133777][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.135478][ T9648] ? __pfx_arch_check_zapped_pte+0x10/0x10 [ 345.137451][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.139217][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.140884][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.142635][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.144293][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.146014][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.147613][ T9648] unmap_vmas+0x22f/0x490 [ 345.149065][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.150675][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.152366][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.153909][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.155636][ T9648] unmap_region+0x201/0x480 [ 345.157249][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.159044][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.161082][ T9648] mmap_region+0x1c00/0x2a50 [ 345.162618][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.164268][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.166010][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.167797][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.169527][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.171218][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.172971][ T9648] do_mmap+0xc00/0xfc0 [ 345.174341][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.175910][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.177690][ T9648] ? ksys_write+0x1ad/0x260 [ 345.179254][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.180915][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.182802][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.184528][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.186156][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.188270][ T9648] RIP: 0023:0xf7f21579 [ 345.189629][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.196038][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.198880][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.201613][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.204337][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.207234][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.210190][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.212905][ T9648] [ 345.215570][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281a225 pmd:7755c067 [ 345.218190][ T9648] addr:000000002001a000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1a [ 345.222014][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.224418][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.228598][ T9648] Tainted: [B]=BAD_PAGE [ 345.230034][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.233763][ T9648] Call Trace: [ 345.234923][ T9648] [ 345.235971][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.237711][ T9648] print_bad_pte+0x49c/0x710 [ 345.239396][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.241208][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.243128][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.244720][ T9648] vm_normal_page+0x269/0x2b0 [ 345.246335][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.248130][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.249983][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.251750][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.253667][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.255385][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.257116][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.258832][ T9648] unmap_vmas+0x22f/0x490 [ 345.260335][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.262014][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.263750][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.265366][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.267075][ T9648] unmap_region+0x201/0x480 [ 345.268682][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.270469][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.272570][ T9648] mmap_region+0x1c00/0x2a50 [ 345.274191][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.275852][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.277719][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.279497][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.281191][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.282999][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.284827][ T9648] do_mmap+0xc00/0xfc0 [ 345.286262][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.287941][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.289746][ T9648] ? ksys_write+0x1ad/0x260 [ 345.291321][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.292956][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.294808][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.296602][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.298277][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.300487][ T9648] RIP: 0023:0xf7f21579 [ 345.302000][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.308687][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.311507][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.314185][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.316925][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.319651][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.322539][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.325343][ T9648] [ 345.327326][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281b225 pmd:7755c067 [ 345.330302][ T9648] addr:000000002001b000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1b [ 345.333934][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.336434][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.340475][ T9648] Tainted: [B]=BAD_PAGE [ 345.341932][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.345575][ T9648] Call Trace: [ 345.346739][ T9648] [ 345.347844][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.349537][ T9648] print_bad_pte+0x49c/0x710 [ 345.351243][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.353090][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.354960][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.356582][ T9648] vm_normal_page+0x269/0x2b0 [ 345.358205][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.359963][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.361764][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.363564][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.365567][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.367418][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.369240][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.370926][ T9648] unmap_vmas+0x22f/0x490 [ 345.372400][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.374061][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.375839][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.377458][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.379255][ T9648] unmap_region+0x201/0x480 [ 345.380941][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.382667][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.384663][ T9648] mmap_region+0x1c00/0x2a50 [ 345.386215][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.387821][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.389660][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.391447][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.393134][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.394924][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.396877][ T9648] do_mmap+0xc00/0xfc0 [ 345.398368][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.400008][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.401790][ T9648] ? ksys_write+0x1ad/0x260 [ 345.403354][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.405078][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.407038][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.408850][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.410569][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.412733][ T9648] RIP: 0023:0xf7f21579 [ 345.414147][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.420791][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.423747][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.426491][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.429163][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.431879][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.434567][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.437371][ T9648] [ 345.438913][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281c225 pmd:7755c067 [ 345.441951][ T9648] addr:000000002001c000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1c [ 345.445752][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.448263][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.452333][ T9648] Tainted: [B]=BAD_PAGE [ 345.453757][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.457445][ T9648] Call Trace: [ 345.458519][ T9648] [ 345.459562][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.461274][ T9648] print_bad_pte+0x49c/0x710 [ 345.462852][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.464625][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.466506][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.467870][ T9648] vm_normal_page+0x269/0x2b0 [ 345.469330][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.470966][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.472803][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.474528][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.476427][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.478189][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.479929][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.481676][ T9648] unmap_vmas+0x22f/0x490 [ 345.483256][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.485019][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.486821][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.488282][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.490058][ T9648] unmap_region+0x201/0x480 [ 345.491665][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.493446][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.495587][ T9648] mmap_region+0x1c00/0x2a50 [ 345.497240][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.498971][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.500812][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.502660][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.504407][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.506294][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.508227][ T9648] do_mmap+0xc00/0xfc0 [ 345.509701][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.511400][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.513276][ T9648] ? ksys_write+0x1ad/0x260 [ 345.514943][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.516550][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.518240][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.520070][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.521809][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.524011][ T9648] RIP: 0023:0xf7f21579 [ 345.525426][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.532111][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.534981][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.537601][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.540302][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.542984][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.545659][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.548405][ T9648] [ 345.549870][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281d225 pmd:7755c067 [ 345.552745][ T9648] addr:000000002001d000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1d [ 345.556572][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.558994][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.562977][ T9648] Tainted: [B]=BAD_PAGE [ 345.564420][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.568125][ T9648] Call Trace: [ 345.569309][ T9648] [ 345.570340][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.571997][ T9648] print_bad_pte+0x49c/0x710 [ 345.573674][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.575470][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.577375][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.578965][ T9648] vm_normal_page+0x269/0x2b0 [ 345.580606][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.582412][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.584252][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.586043][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.587876][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.589636][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.591451][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.593157][ T9648] unmap_vmas+0x22f/0x490 [ 345.594697][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.596399][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.598181][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.599765][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.601503][ T9648] unmap_region+0x201/0x480 [ 345.603099][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.604873][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.606903][ T9648] mmap_region+0x1c00/0x2a50 [ 345.608493][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.610210][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.612025][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.613863][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.615568][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.617368][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.619226][ T9648] do_mmap+0xc00/0xfc0 [ 345.620665][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.622270][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.624076][ T9648] ? ksys_write+0x1ad/0x260 [ 345.625607][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.627228][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.629102][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.630605][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.631867][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.633503][ T9648] RIP: 0023:0xf7f21579 [ 345.634569][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.639927][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.642680][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.645430][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.648184][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.650909][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.653664][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.656442][ T9648] [ 345.657661][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281e225 pmd:7755c067 [ 345.660378][ T9648] addr:000000002001e000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1e [ 345.664064][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.666608][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.670703][ T9648] Tainted: [B]=BAD_PAGE [ 345.672075][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.675626][ T9648] Call Trace: [ 345.676605][ T9648] [ 345.677578][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.679222][ T9648] print_bad_pte+0x49c/0x710 [ 345.680846][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.682657][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.684522][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.686127][ T9648] vm_normal_page+0x269/0x2b0 [ 345.687781][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.689605][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.691440][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.693219][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.695087][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.696890][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.698706][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.700391][ T9648] unmap_vmas+0x22f/0x490 [ 345.701904][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.703620][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.705404][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.707001][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.708754][ T9648] unmap_region+0x201/0x480 [ 345.710341][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.712060][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.714129][ T9648] mmap_region+0x1c00/0x2a50 [ 345.715742][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.717485][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.719307][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.721121][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.722838][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.724665][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.726516][ T9648] do_mmap+0xc00/0xfc0 [ 345.727946][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.729529][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.731272][ T9648] ? ksys_write+0x1ad/0x260 [ 345.732815][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.734405][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.736308][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.738140][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.739835][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.742037][ T9648] RIP: 0023:0xf7f21579 [ 345.743452][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.749960][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.752835][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.755454][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.758274][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.761016][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.763741][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.766497][ T9648] [ 345.767975][ T9648] BUG: Bad page map in process syz.1.1272 pte:5281f225 pmd:7755c067 [ 345.770755][ T9648] addr:000000002001f000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:1f [ 345.774477][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.777007][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.781066][ T9648] Tainted: [B]=BAD_PAGE [ 345.782648][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.786404][ T9648] Call Trace: [ 345.787585][ T9648] [ 345.788646][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.790313][ T9648] print_bad_pte+0x49c/0x710 [ 345.791736][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.793434][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 345.795303][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.796957][ T9648] vm_normal_page+0x269/0x2b0 [ 345.798648][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.800486][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.802384][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.804180][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.805873][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.807637][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.809468][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.811186][ T9648] unmap_vmas+0x22f/0x490 [ 345.812699][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.814391][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.816048][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.817588][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.819358][ T9648] unmap_region+0x201/0x480 [ 345.820994][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.822814][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.824944][ T9648] mmap_region+0x1c00/0x2a50 [ 345.826609][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.828361][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.830195][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.832027][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.833728][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.835528][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.837425][ T9648] do_mmap+0xc00/0xfc0 [ 345.838865][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.840496][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.842329][ T9648] ? ksys_write+0x1ad/0x260 [ 345.843934][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.845573][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.847483][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.849308][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.851008][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.853215][ T9648] RIP: 0023:0xf7f21579 [ 345.854646][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.861298][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.864184][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.866918][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.869637][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.872383][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.875130][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.877903][ T9648] [ 345.879141][ T9648] BUG: Bad page map in process syz.1.1272 pte:52820225 pmd:7755c067 [ 345.881929][ T9648] addr:0000000020020000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:20 [ 345.885657][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 345.888137][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 345.892165][ T9648] Tainted: [B]=BAD_PAGE [ 345.893631][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 345.897375][ T9648] Call Trace: [ 345.898548][ T9648] [ 345.899591][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 345.901259][ T9648] print_bad_pte+0x49c/0x710 [ 345.902878][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.904456][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 345.906248][ T9648] ? page_ext_put+0x48/0xd0 [ 345.907834][ T9648] ? page_table_check_clear.part.0+0x398/0x540 [ 345.909918][ T9648] vm_normal_page+0x269/0x2b0 [ 345.911541][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 345.913357][ T9648] ? __pfx_arch_check_zapped_pte+0x10/0x10 [ 345.915398][ T9648] ? __pfx___might_resched+0x10/0x10 [ 345.917280][ T9648] unmap_page_range+0x109e/0x3ce0 [ 345.919066][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 345.920966][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.922681][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 345.924478][ T9648] unmap_single_vma+0x194/0x2b0 [ 345.926208][ T9648] unmap_vmas+0x22f/0x490 [ 345.927731][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 345.929457][ T9648] ? __pfx_lock_release+0x10/0x10 [ 345.931245][ T9648] ? lock_acquire+0x2f/0xb0 [ 345.932850][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 345.934611][ T9648] unmap_region+0x201/0x480 [ 345.936231][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 345.937999][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 345.940073][ T9648] mmap_region+0x1c00/0x2a50 [ 345.941728][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 345.943479][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 345.945340][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 345.947177][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 345.948930][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 345.950742][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 345.952600][ T9648] do_mmap+0xc00/0xfc0 [ 345.954025][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 345.955655][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 345.957475][ T9648] ? ksys_write+0x1ad/0x260 [ 345.959069][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 345.960738][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 345.962619][ T9648] __do_fast_syscall_32+0x73/0x120 [ 345.964414][ T9648] do_fast_syscall_32+0x32/0x80 [ 345.966151][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 345.968355][ T9648] RIP: 0023:0xf7f21579 [ 345.969793][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 345.976445][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 345.979380][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 345.982112][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 345.984918][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 345.987687][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 345.990369][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 345.993145][ T9648] [ 345.997621][ T9648] BUG: Bad page map in process syz.1.1272 pte:52821225 pmd:7755c067 [ 346.000448][ T9648] addr:0000000020021000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:21 [ 346.004246][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.006741][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.010778][ T9648] Tainted: [B]=BAD_PAGE [ 346.012176][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.015911][ T9648] Call Trace: [ 346.017125][ T9648] [ 346.018150][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.019818][ T9648] print_bad_pte+0x49c/0x710 [ 346.021386][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.023130][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.025066][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.026677][ T9648] vm_normal_page+0x269/0x2b0 [ 346.028329][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.030163][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.032006][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.033753][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.035666][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.037492][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.039308][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.041042][ T9648] unmap_vmas+0x22f/0x490 [ 346.042554][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.044304][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.046110][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.047724][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.049499][ T9648] unmap_region+0x201/0x480 [ 346.051121][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.052885][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.054993][ T9648] mmap_region+0x1c00/0x2a50 [ 346.056669][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.058409][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.060252][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.062105][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.063741][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.065501][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.067375][ T9648] do_mmap+0xc00/0xfc0 [ 346.068839][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.070485][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.072295][ T9648] ? ksys_write+0x1ad/0x260 [ 346.073894][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.075560][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.077495][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.079306][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.081052][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.083271][ T9648] RIP: 0023:0xf7f21579 [ 346.084721][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.091406][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.094320][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.097088][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.099836][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.102559][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.105280][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.108015][ T9648] [ 346.109670][ T9648] BUG: Bad page map in process syz.1.1272 pte:52822225 pmd:7755c067 [ 346.112511][ T9648] addr:0000000020022000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:22 [ 346.116329][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.118807][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.122935][ T9648] Tainted: [B]=BAD_PAGE [ 346.124389][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.128177][ T9648] Call Trace: [ 346.129391][ T9648] [ 346.130449][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.132140][ T9648] print_bad_pte+0x49c/0x710 [ 346.133792][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.135581][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.137541][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.139150][ T9648] vm_normal_page+0x269/0x2b0 [ 346.140827][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.142629][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.144462][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.146267][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.148132][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.149901][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.151697][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.153349][ T9648] unmap_vmas+0x22f/0x490 [ 346.154863][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.156596][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.158351][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.159955][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.161728][ T9648] unmap_region+0x201/0x480 [ 346.163340][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.165065][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.167164][ T9648] mmap_region+0x1c00/0x2a50 [ 346.168825][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.170580][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.172342][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.174130][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.175831][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.177668][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.179530][ T9648] do_mmap+0xc00/0xfc0 [ 346.181000][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.182644][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.184472][ T9648] ? ksys_write+0x1ad/0x260 [ 346.186081][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.187629][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.189521][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.191369][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.193035][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.195128][ T9648] RIP: 0023:0xf7f21579 [ 346.196540][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.203160][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.205928][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.208689][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.211448][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.214204][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.216929][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.219697][ T9648] [ 346.228751][ T9648] BUG: Bad page map in process syz.1.1272 pte:52823225 pmd:7755c067 [ 346.231617][ T9648] addr:0000000020023000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:23 [ 346.235322][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.237908][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.241996][ T9648] Tainted: [B]=BAD_PAGE [ 346.243454][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.247235][ T9648] Call Trace: [ 346.248413][ T9648] [ 346.249481][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.251135][ T9648] print_bad_pte+0x49c/0x710 [ 346.252769][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.254549][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.256355][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.257917][ T9648] vm_normal_page+0x269/0x2b0 [ 346.259566][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.261295][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.263145][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.264936][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.266783][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.268538][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.270365][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.272082][ T9648] unmap_vmas+0x22f/0x490 [ 346.273652][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.275382][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.277219][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.278853][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.280640][ T9648] unmap_region+0x201/0x480 [ 346.281880][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.283191][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.284753][ T9648] mmap_region+0x1c00/0x2a50 [ 346.286142][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.287902][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.289832][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.291697][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.293360][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.295021][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.296914][ T9648] do_mmap+0xc00/0xfc0 [ 346.298219][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.299688][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.301043][ T9648] ? ksys_write+0x1ad/0x260 [ 346.302591][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.304237][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.306128][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.307914][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.309661][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.311845][ T9648] RIP: 0023:0xf7f21579 [ 346.313238][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.318330][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.321263][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.323452][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.325537][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.327613][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.329997][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.332067][ T9648] [ 346.338607][ T9648] BUG: Bad page map in process syz.1.1272 pte:52824225 pmd:7755c067 [ 346.341449][ T9648] addr:0000000020024000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:24 [ 346.344629][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.346506][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.349831][ T9648] Tainted: [B]=BAD_PAGE [ 346.350921][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.353700][ T9648] Call Trace: [ 346.354584][ T9648] [ 346.355390][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.356677][ T9648] print_bad_pte+0x49c/0x710 [ 346.357901][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.359547][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.361449][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.363073][ T9648] vm_normal_page+0x269/0x2b0 [ 346.364705][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.366378][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.368113][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.369806][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.371473][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.373247][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.375099][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.376842][ T9648] unmap_vmas+0x22f/0x490 [ 346.378368][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.380099][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.381895][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.383527][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.385315][ T9648] unmap_region+0x201/0x480 [ 346.386911][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.388686][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.390771][ T9648] mmap_region+0x1c00/0x2a50 [ 346.392402][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.394157][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.395991][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.397866][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.399583][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.401420][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.403293][ T9648] do_mmap+0xc00/0xfc0 [ 346.404763][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.406409][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.408236][ T9648] ? ksys_write+0x1ad/0x260 [ 346.409890][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.411582][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.413489][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.415304][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.417037][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.419277][ T9648] RIP: 0023:0xf7f21579 [ 346.420706][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.427370][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.430345][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.433158][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.435970][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.438664][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.441313][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.444014][ T9648] [ 346.449115][ T9648] BUG: Bad page map in process syz.1.1272 pte:52825225 pmd:7755c067 [ 346.451957][ T9648] addr:0000000020025000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:25 [ 346.455724][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.458264][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.462294][ T9648] Tainted: [B]=BAD_PAGE [ 346.463764][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.467500][ T9648] Call Trace: [ 346.468704][ T9648] [ 346.469758][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.471428][ T9648] print_bad_pte+0x49c/0x710 [ 346.473086][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.474862][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.476788][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.478391][ T9648] vm_normal_page+0x269/0x2b0 [ 346.480056][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.481909][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.483775][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.485565][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.487471][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.489272][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.491126][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.492631][ T9648] unmap_vmas+0x22f/0x490 [ 346.493810][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.495098][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.496447][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.497670][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.499213][ T9648] unmap_region+0x201/0x480 [ 346.500809][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.502539][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.504603][ T9648] mmap_region+0x1c00/0x2a50 [ 346.506216][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.507935][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.509783][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.511605][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.513207][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.514543][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.515925][ T9648] do_mmap+0xc00/0xfc0 [ 346.517033][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.518257][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.519940][ T9648] ? ksys_write+0x1ad/0x260 [ 346.521136][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.522374][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.523788][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.525150][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.526432][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.528093][ T9648] RIP: 0023:0xf7f21579 [ 346.529389][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.535760][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.538647][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.541255][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.543744][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.546354][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.549054][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.551614][ T9648] [ 346.555339][ T9648] BUG: Bad page map in process syz.1.1272 pte:52826225 pmd:7755c067 [ 346.557969][ T9648] addr:0000000020026000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:26 [ 346.561667][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.564070][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.568034][ T9648] Tainted: [B]=BAD_PAGE [ 346.569479][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.573164][ T9648] Call Trace: [ 346.574301][ T9648] [ 346.575325][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.577004][ T9648] print_bad_pte+0x49c/0x710 [ 346.578591][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.580299][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.582112][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.583675][ T9648] vm_normal_page+0x269/0x2b0 [ 346.585295][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.587073][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.588879][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.590690][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.592382][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.594102][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.595876][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.597560][ T9648] unmap_vmas+0x22f/0x490 [ 346.599095][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.600842][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.602567][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.604102][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.605866][ T9648] unmap_region+0x201/0x480 [ 346.607440][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.609186][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.611218][ T9648] mmap_region+0x1c00/0x2a50 [ 346.612853][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.614700][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.616522][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.618304][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.619995][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.621759][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.623543][ T9648] do_mmap+0xc00/0xfc0 [ 346.624938][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.626509][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.628258][ T9648] ? ksys_write+0x1ad/0x260 [ 346.629847][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.631459][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.633302][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.635051][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.636777][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.638940][ T9648] RIP: 0023:0xf7f21579 [ 346.640347][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.646697][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.649522][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.652160][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.654796][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.657483][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.660076][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.662728][ T9648] [ 346.666897][ T9648] BUG: Bad page map in process syz.1.1272 pte:52827225 pmd:7755c067 [ 346.669666][ T9648] addr:0000000020027000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:27 [ 346.673370][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.675826][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.679864][ T9648] Tainted: [B]=BAD_PAGE [ 346.681335][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.684951][ T9648] Call Trace: [ 346.686126][ T9648] [ 346.687169][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.688839][ T9648] print_bad_pte+0x49c/0x710 [ 346.690437][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.692169][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.694001][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.695563][ T9648] vm_normal_page+0x269/0x2b0 [ 346.697203][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.698980][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.700838][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.702562][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.704396][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.706123][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.707857][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.709483][ T9648] unmap_vmas+0x22f/0x490 [ 346.710954][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.712623][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.714389][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.716038][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.717874][ T9648] unmap_region+0x201/0x480 [ 346.719539][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.721143][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.723091][ T9648] mmap_region+0x1c00/0x2a50 [ 346.724675][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.726352][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.728123][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.729832][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.731506][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.733163][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.734697][ T9648] do_mmap+0xc00/0xfc0 [ 346.735913][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.737431][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.739203][ T9648] ? ksys_write+0x1ad/0x260 [ 346.740782][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.742368][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.744211][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.745974][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.747667][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.749888][ T9648] RIP: 0023:0xf7f21579 [ 346.751322][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.757900][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.760807][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.763378][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.766073][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.768801][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.771490][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.774225][ T9648] [ 346.779705][ T9648] BUG: Bad page map in process syz.1.1272 pte:52828225 pmd:7755c067 [ 346.782488][ T9648] addr:0000000020028000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:28 [ 346.786054][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.788302][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.792250][ T9648] Tainted: [B]=BAD_PAGE [ 346.793680][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.797320][ T9648] Call Trace: [ 346.798468][ T9648] [ 346.799511][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.801080][ T9648] print_bad_pte+0x49c/0x710 [ 346.802652][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.804391][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.806359][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.807984][ T9648] vm_normal_page+0x269/0x2b0 [ 346.809670][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.811488][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.813292][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.814991][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.816839][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.818455][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.820152][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.821900][ T9648] unmap_vmas+0x22f/0x490 [ 346.823387][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.825069][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.826785][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.828324][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.830066][ T9648] unmap_region+0x201/0x480 [ 346.831624][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.833319][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.835283][ T9648] mmap_region+0x1c00/0x2a50 [ 346.836847][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.838511][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.840209][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.841920][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.843548][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.845363][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.847154][ T9648] do_mmap+0xc00/0xfc0 [ 346.848566][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.850207][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.851942][ T9648] ? ksys_write+0x1ad/0x260 [ 346.853491][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.855077][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.856917][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.858616][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.860280][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.862431][ T9648] RIP: 0023:0xf7f21579 [ 346.863842][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.870223][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.873001][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.875675][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.878381][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.881072][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 346.883685][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 346.886291][ T9648] [ 346.896513][ T9648] BUG: Bad page map in process syz.1.1272 pte:52829225 pmd:7755c067 [ 346.899275][ T9648] addr:0000000020029000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:29 [ 346.903042][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 346.905478][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 346.909464][ T9648] Tainted: [B]=BAD_PAGE [ 346.910861][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 346.914551][ T9648] Call Trace: [ 346.915798][ T9648] [ 346.916900][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 346.918560][ T9648] print_bad_pte+0x49c/0x710 [ 346.920212][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 346.922017][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 346.923870][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.925420][ T9648] vm_normal_page+0x269/0x2b0 [ 346.927030][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 346.928825][ T9648] ? __pfx___might_resched+0x10/0x10 [ 346.930648][ T9648] unmap_page_range+0x109e/0x3ce0 [ 346.932366][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 346.934372][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.936131][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 346.937944][ T9648] unmap_single_vma+0x194/0x2b0 [ 346.939638][ T9648] unmap_vmas+0x22f/0x490 [ 346.941160][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 346.942833][ T9648] ? __pfx_lock_release+0x10/0x10 [ 346.944570][ T9648] ? lock_acquire+0x2f/0xb0 [ 346.946112][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 346.947858][ T9648] unmap_region+0x201/0x480 [ 346.949452][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 346.951200][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.953225][ T9648] mmap_region+0x1c00/0x2a50 [ 346.954814][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 346.956569][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 346.958364][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 346.960183][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 346.961909][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 346.963684][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 346.965504][ T9648] do_mmap+0xc00/0xfc0 [ 346.966919][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 346.968531][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 346.970330][ T9648] ? ksys_write+0x1ad/0x260 [ 346.971909][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 346.973519][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 346.975332][ T9648] __do_fast_syscall_32+0x73/0x120 [ 346.977105][ T9648] do_fast_syscall_32+0x32/0x80 [ 346.978772][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 346.980929][ T9648] RIP: 0023:0xf7f21579 [ 346.982283][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 346.988755][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 346.991612][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 346.994063][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 346.996836][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 346.999526][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.002238][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.004957][ T9648] [ 347.013809][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282a225 pmd:7755c067 [ 347.016721][ T9648] addr:000000002002a000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2a [ 347.020474][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.022929][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.026931][ T9648] Tainted: [B]=BAD_PAGE [ 347.028337][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.032022][ T9648] Call Trace: [ 347.033171][ T9648] [ 347.034163][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.035813][ T9648] print_bad_pte+0x49c/0x710 [ 347.037434][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.039215][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.041053][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.042575][ T9648] vm_normal_page+0x269/0x2b0 [ 347.044228][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.046002][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.047776][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.049528][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.051344][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.053126][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.054904][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.056601][ T9648] unmap_vmas+0x22f/0x490 [ 347.058068][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.059764][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.061522][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.063083][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.064843][ T9648] unmap_region+0x201/0x480 [ 347.066402][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.068105][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.070086][ T9648] mmap_region+0x1c00/0x2a50 [ 347.071690][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.073415][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.075242][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.077047][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.078741][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.080529][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.082313][ T9648] do_mmap+0xc00/0xfc0 [ 347.083707][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.085298][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.087049][ T9648] ? ksys_write+0x1ad/0x260 [ 347.088638][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.090292][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.092108][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.093865][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.095527][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.097673][ T9648] RIP: 0023:0xf7f21579 [ 347.099096][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.105624][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.108432][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.111203][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.113887][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.116537][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.119313][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.121581][ T9648] [ 347.124331][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282b225 pmd:7755c067 [ 347.127108][ T9648] addr:000000002002b000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2b [ 347.130817][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.133159][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.137159][ T9648] Tainted: [B]=BAD_PAGE [ 347.138583][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.142271][ T9648] Call Trace: [ 347.143434][ T9648] [ 347.144481][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.146155][ T9648] print_bad_pte+0x49c/0x710 [ 347.147759][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.149463][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.151304][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.152908][ T9648] vm_normal_page+0x269/0x2b0 [ 347.154520][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.156315][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.158140][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.159904][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.161726][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.163432][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.165227][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.166886][ T9648] unmap_vmas+0x22f/0x490 [ 347.168382][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.170096][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.171731][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.173280][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.174974][ T9648] unmap_region+0x201/0x480 [ 347.176587][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.178298][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.180347][ T9648] mmap_region+0x1c00/0x2a50 [ 347.181969][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.183693][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.185381][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.187142][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.188912][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.190708][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.192512][ T9648] do_mmap+0xc00/0xfc0 [ 347.193923][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.195511][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.197250][ T9648] ? ksys_write+0x1ad/0x260 [ 347.198791][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.200266][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.201751][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.203092][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.204361][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.206008][ T9648] RIP: 0023:0xf7f21579 [ 347.207071][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.212020][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.214188][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.216248][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.218283][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.220309][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.222333][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.224355][ T9648] [ 347.227313][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282c225 pmd:7755c067 [ 347.229416][ T9648] addr:000000002002c000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2c [ 347.232176][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.233993][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.237055][ T9648] Tainted: [B]=BAD_PAGE [ 347.238140][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.240859][ T9648] Call Trace: [ 347.241735][ T9648] [ 347.242512][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.243757][ T9648] print_bad_pte+0x49c/0x710 [ 347.244989][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.246319][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.247719][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.248931][ T9648] vm_normal_page+0x269/0x2b0 [ 347.250169][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.251523][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.252919][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.254240][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.255639][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.256983][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.258329][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.259574][ T9648] unmap_vmas+0x22f/0x490 [ 347.260676][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.261921][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.263212][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.264387][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.265694][ T9648] unmap_region+0x201/0x480 [ 347.266895][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.268231][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.269803][ T9648] mmap_region+0x1c00/0x2a50 [ 347.271028][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.272327][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.273704][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.275046][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.276328][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.277677][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.279024][ T9648] do_mmap+0xc00/0xfc0 [ 347.280119][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.281351][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.282695][ T9648] ? ksys_write+0x1ad/0x260 [ 347.283890][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.285143][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.286541][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.287883][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.289172][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.290825][ T9648] RIP: 0023:0xf7f21579 [ 347.291894][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.296908][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.299064][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.301148][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.303188][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.305241][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.307293][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.309367][ T9648] [ 347.312973][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282d225 pmd:7755c067 [ 347.315081][ T9648] addr:000000002002d000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2d [ 347.317973][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.319788][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.322675][ T9648] Tainted: [B]=BAD_PAGE [ 347.323684][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.326220][ T9648] Call Trace: [ 347.327029][ T9648] [ 347.327783][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.329000][ T9648] print_bad_pte+0x49c/0x710 [ 347.330160][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.331382][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.332708][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.333813][ T9648] vm_normal_page+0x269/0x2b0 [ 347.334945][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.336201][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.337561][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.338890][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.340300][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.341637][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.342993][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.344184][ T9648] unmap_vmas+0x22f/0x490 [ 347.345337][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.346633][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.347957][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.349171][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.350493][ T9648] unmap_region+0x201/0x480 [ 347.351691][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.353020][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.354574][ T9648] mmap_region+0x1c00/0x2a50 [ 347.355807][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.357130][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.358493][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.359853][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.361135][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.362477][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.363825][ T9648] do_mmap+0xc00/0xfc0 [ 347.364873][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.366027][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.367306][ T9648] ? ksys_write+0x1ad/0x260 [ 347.368459][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.369686][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.371091][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.372430][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.373726][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.375370][ T9648] RIP: 0023:0xf7f21579 [ 347.376441][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.381436][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.383558][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.385611][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.387594][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.389563][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.391534][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.393616][ T9648] [ 347.394615][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282e225 pmd:7755c067 [ 347.396782][ T9648] addr:000000002002e000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2e [ 347.399577][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.401391][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.404379][ T9648] Tainted: [B]=BAD_PAGE [ 347.405478][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.408261][ T9648] Call Trace: [ 347.409144][ T9648] [ 347.409927][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.411170][ T9648] print_bad_pte+0x49c/0x710 [ 347.412386][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.413730][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.415133][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.416352][ T9648] vm_normal_page+0x269/0x2b0 [ 347.417596][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.418954][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.420332][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.421673][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.423076][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.424394][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.425784][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.427062][ T9648] unmap_vmas+0x22f/0x490 [ 347.428202][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.429501][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.430818][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.432013][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.433346][ T9648] unmap_region+0x201/0x480 [ 347.434556][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.435877][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.437462][ T9648] mmap_region+0x1c00/0x2a50 [ 347.438702][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.439998][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.441382][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.442743][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.444030][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.445375][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.446720][ T9648] do_mmap+0xc00/0xfc0 [ 347.447809][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.448997][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.450300][ T9648] ? ksys_write+0x1ad/0x260 [ 347.451491][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.452748][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.454147][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.455485][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.456781][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.458469][ T9648] RIP: 0023:0xf7f21579 [ 347.459534][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.464561][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.466819][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.469017][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.471128][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.473309][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.475438][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.477564][ T9648] [ 347.478861][ T9648] BUG: Bad page map in process syz.1.1272 pte:5282f225 pmd:7755c067 [ 347.480911][ T9648] addr:000000002002f000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:2f [ 347.483631][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.485436][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.488450][ T9648] Tainted: [B]=BAD_PAGE [ 347.489530][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.492271][ T9648] Call Trace: [ 347.493161][ T9648] [ 347.493936][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.495178][ T9648] print_bad_pte+0x49c/0x710 [ 347.496397][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.497740][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.499130][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.500247][ T9648] vm_normal_page+0x269/0x2b0 [ 347.501390][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.502624][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.503975][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.505317][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.506712][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.508020][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.509390][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.510784][ T9648] unmap_vmas+0x22f/0x490 [ 347.511958][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.513278][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.514608][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.515799][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.517132][ T9648] unmap_region+0x201/0x480 [ 347.518320][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.519642][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.521152][ T9648] mmap_region+0x1c00/0x2a50 [ 347.522325][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.523575][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.524907][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.526237][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.527488][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.528844][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.530226][ T9648] do_mmap+0xc00/0xfc0 [ 347.531300][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.532525][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.533845][ T9648] ? ksys_write+0x1ad/0x260 [ 347.534985][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.536223][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.537623][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.538956][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.540223][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.541871][ T9648] RIP: 0023:0xf7f21579 [ 347.542940][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.547849][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.550012][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.552054][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.554115][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.556181][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.558238][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.560281][ T9648] [ 347.561396][ T9648] BUG: Bad page map in process syz.1.1272 pte:52830225 pmd:7755c067 [ 347.563482][ T9648] addr:0000000020030000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:30 [ 347.566333][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.568125][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.571269][ T9648] Tainted: [B]=BAD_PAGE [ 347.572356][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.575142][ T9648] Call Trace: [ 347.576035][ T9648] [ 347.576849][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.578094][ T9648] print_bad_pte+0x49c/0x710 [ 347.579303][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.580643][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.582042][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.583241][ T9648] vm_normal_page+0x269/0x2b0 [ 347.584498][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.585857][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.587231][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.588562][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.589960][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.591273][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.592648][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.593916][ T9648] unmap_vmas+0x22f/0x490 [ 347.595038][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.596320][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.597651][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.598837][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.600143][ T9648] unmap_region+0x201/0x480 [ 347.601349][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.602667][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.604211][ T9648] mmap_region+0x1c00/0x2a50 [ 347.605449][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.606750][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.608122][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.609489][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.610735][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.612065][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.613452][ T9648] do_mmap+0xc00/0xfc0 [ 347.614526][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.615736][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.617099][ T9648] ? ksys_write+0x1ad/0x260 [ 347.618284][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.619507][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.620910][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.622238][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.623504][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.625157][ T9648] RIP: 0023:0xf7f21579 [ 347.626218][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.631192][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.633351][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.635389][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.637449][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.639490][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.641544][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.643599][ T9648] [ 347.646498][ T9648] BUG: Bad page map in process syz.1.1272 pte:52831225 pmd:7755c067 [ 347.648620][ T9648] addr:0000000020031000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:31 [ 347.651420][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.653241][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.656284][ T9648] Tainted: [B]=BAD_PAGE [ 347.657370][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.660131][ T9648] Call Trace: [ 347.661015][ T9648] [ 347.661790][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.663023][ T9648] print_bad_pte+0x49c/0x710 [ 347.664232][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.665572][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.666965][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.668161][ T9648] vm_normal_page+0x269/0x2b0 [ 347.669403][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.670764][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.672140][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.673465][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.674860][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.676195][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.677563][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.678843][ T9648] unmap_vmas+0x22f/0x490 [ 347.679979][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.681269][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.682584][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.683777][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.685107][ T9648] unmap_region+0x201/0x480 [ 347.686300][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.687617][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.689174][ T9648] mmap_region+0x1c00/0x2a50 [ 347.690386][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.691687][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.693058][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.694415][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.695685][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.697035][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.698409][ T9648] do_mmap+0xc00/0xfc0 [ 347.699480][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.700586][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.701935][ T9648] ? ksys_write+0x1ad/0x260 [ 347.703134][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.704375][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.705804][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.707144][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.708421][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.710098][ T9648] RIP: 0023:0xf7f21579 [ 347.711150][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.715945][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.718272][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.720320][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.722414][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.724454][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.726510][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.728552][ T9648] [ 347.731872][ T9648] BUG: Bad page map in process syz.1.1272 pte:52832225 pmd:7755c067 [ 347.733974][ T9648] addr:0000000020032000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:32 [ 347.736801][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.738598][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.741618][ T9648] Tainted: [B]=BAD_PAGE [ 347.742695][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.745488][ T9648] Call Trace: [ 347.746361][ T9648] [ 347.747134][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.748371][ T9648] print_bad_pte+0x49c/0x710 [ 347.749596][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.750930][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.752324][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.753543][ T9648] vm_normal_page+0x269/0x2b0 [ 347.754770][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.756127][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.757529][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.758849][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.760194][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.761476][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.762823][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.764085][ T9648] unmap_vmas+0x22f/0x490 [ 347.765234][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.766620][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.767915][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.769174][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.770457][ T9648] unmap_region+0x201/0x480 [ 347.771649][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.772991][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.774535][ T9648] mmap_region+0x1c00/0x2a50 [ 347.775761][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.777104][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.778481][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.779863][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.781154][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.782490][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.783874][ T9648] do_mmap+0xc00/0xfc0 [ 347.784962][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.786172][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.787510][ T9648] ? ksys_write+0x1ad/0x260 [ 347.788717][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.789920][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.791240][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.792603][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.793890][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.795547][ T9648] RIP: 0023:0xf7f21579 [ 347.796655][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.801617][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.803763][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.805765][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.807815][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.809867][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.811907][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.813976][ T9648] [ 347.815417][ T9648] BUG: Bad page map in process syz.1.1272 pte:52833225 pmd:7755c067 [ 347.817598][ T9648] addr:0000000020033000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:33 [ 347.820371][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.822176][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.825195][ T9648] Tainted: [B]=BAD_PAGE [ 347.826284][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.829004][ T9648] Call Trace: [ 347.829862][ T9648] [ 347.830615][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.831859][ T9648] print_bad_pte+0x49c/0x710 [ 347.833070][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.834388][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.835666][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.836830][ T9648] vm_normal_page+0x269/0x2b0 [ 347.837976][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.839272][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.840666][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.841988][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.843391][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.844716][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.846061][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.847330][ T9648] unmap_vmas+0x22f/0x490 [ 347.848437][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.849695][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.851005][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.852187][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.853499][ T9648] unmap_region+0x201/0x480 [ 347.854696][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.856009][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.857557][ T9648] mmap_region+0x1c00/0x2a50 [ 347.858766][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.860056][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.861418][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.862777][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.864041][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.865383][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.866755][ T9648] do_mmap+0xc00/0xfc0 [ 347.867823][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.869037][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.870372][ T9648] ? ksys_write+0x1ad/0x260 [ 347.871561][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.872794][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.874183][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.875522][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.876813][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.878462][ T9648] RIP: 0023:0xf7f21579 [ 347.879531][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.884514][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.886659][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.888699][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.890734][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.892772][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.894843][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.896919][ T9648] [ 347.898118][ T9648] BUG: Bad page map in process syz.1.1272 pte:52834225 pmd:7755c067 [ 347.900209][ T9648] addr:0000000020034000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:34 [ 347.903007][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.904839][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 347.907864][ T9648] Tainted: [B]=BAD_PAGE [ 347.908955][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 347.911715][ T9648] Call Trace: [ 347.912592][ T9648] [ 347.913376][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 347.914613][ T9648] print_bad_pte+0x49c/0x710 [ 347.915830][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 347.917188][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 347.918586][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.919781][ T9648] vm_normal_page+0x269/0x2b0 [ 347.921034][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 347.922392][ T9648] ? __pfx___might_resched+0x10/0x10 [ 347.923778][ T9648] unmap_page_range+0x109e/0x3ce0 [ 347.925113][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 347.926519][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.927839][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 347.929196][ T9648] unmap_single_vma+0x194/0x2b0 [ 347.930468][ T9648] unmap_vmas+0x22f/0x490 [ 347.931599][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 347.932876][ T9648] ? __pfx_lock_release+0x10/0x10 [ 347.934189][ T9648] ? lock_acquire+0x2f/0xb0 [ 347.935382][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 347.936682][ T9648] unmap_region+0x201/0x480 [ 347.937845][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 347.939147][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 347.940715][ T9648] mmap_region+0x1c00/0x2a50 [ 347.941945][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 347.943334][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 347.944694][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 347.946044][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 347.947334][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 347.948684][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 347.950054][ T9648] do_mmap+0xc00/0xfc0 [ 347.951118][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 347.952326][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.953669][ T9648] ? ksys_write+0x1ad/0x260 [ 347.954852][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 347.956080][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 347.957491][ T9648] __do_fast_syscall_32+0x73/0x120 [ 347.958829][ T9648] do_fast_syscall_32+0x32/0x80 [ 347.960094][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 347.961739][ T9648] RIP: 0023:0xf7f21579 [ 347.962801][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 347.967742][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 347.969911][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 347.971951][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 347.974001][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 347.976045][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 347.978111][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 347.980448][ T9648] [ 347.988426][ T9648] BUG: Bad page map in process syz.1.1272 pte:52835225 pmd:7755c067 [ 347.991229][ T9648] addr:0000000020035000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:35 [ 347.994780][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 347.997193][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.001119][ T9648] Tainted: [B]=BAD_PAGE [ 348.002543][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.006164][ T9648] Call Trace: [ 348.007307][ T9648] [ 348.008328][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.009983][ T9648] print_bad_pte+0x49c/0x710 [ 348.011642][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.013401][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.015198][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.016815][ T9648] vm_normal_page+0x269/0x2b0 [ 348.018463][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.020274][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.022099][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.023816][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.025664][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.027385][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.029188][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.030878][ T9648] unmap_vmas+0x22f/0x490 [ 348.032353][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.034008][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.035785][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.037432][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.039192][ T9648] unmap_region+0x201/0x480 [ 348.040838][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.042597][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.044668][ T9648] mmap_region+0x1c00/0x2a50 [ 348.046260][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.047987][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.049810][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.051593][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.053271][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.055021][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.056859][ T9648] do_mmap+0xc00/0xfc0 [ 348.058268][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.059900][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.061664][ T9648] ? ksys_write+0x1ad/0x260 [ 348.063210][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.064868][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.066752][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.068561][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.070267][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.072449][ T9648] RIP: 0023:0xf7f21579 [ 348.073867][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.080429][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.083029][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.085772][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.088449][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.090646][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.093025][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.095465][ T9648] [ 348.102050][ T9648] BUG: Bad page map in process syz.1.1272 pte:52836225 pmd:7755c067 [ 348.104828][ T9648] addr:0000000020036000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:36 [ 348.108668][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.110818][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.114375][ T9648] Tainted: [B]=BAD_PAGE [ 348.115763][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.119038][ T9648] Call Trace: [ 348.120174][ T9648] [ 348.121225][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.122712][ T9648] print_bad_pte+0x49c/0x710 [ 348.124293][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.126070][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.127959][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.129582][ T9648] vm_normal_page+0x269/0x2b0 [ 348.131050][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.132784][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.134569][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.136102][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.137571][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.138929][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.140648][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.142187][ T9648] unmap_vmas+0x22f/0x490 [ 348.143511][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.144926][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.146713][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.148325][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.149818][ T9648] unmap_region+0x201/0x480 [ 348.151301][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.152881][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.154614][ T9648] mmap_region+0x1c00/0x2a50 [ 348.156130][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.157693][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.159380][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.161065][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.162491][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.164313][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.166179][ T9648] do_mmap+0xc00/0xfc0 [ 348.167472][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.168986][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.170687][ T9648] ? ksys_write+0x1ad/0x260 [ 348.172108][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.173565][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.175347][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.176934][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.178503][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.180647][ T9648] RIP: 0023:0xf7f21579 [ 348.182082][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.188691][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.191558][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.194278][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.197035][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.199578][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.201915][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.204281][ T9648] [ 348.205645][ T9648] BUG: Bad page map in process syz.1.1272 pte:52837225 pmd:7755c067 [ 348.208504][ T9648] addr:0000000020037000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:37 [ 348.211682][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.213597][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.217377][ T9648] Tainted: [B]=BAD_PAGE [ 348.218459][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.221831][ T9648] Call Trace: [ 348.222977][ T9648] [ 348.223990][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.225647][ T9648] print_bad_pte+0x49c/0x710 [ 348.227308][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.229156][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.231043][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.232656][ T9648] vm_normal_page+0x269/0x2b0 [ 348.234295][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.236107][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.237977][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.239748][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.241750][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.243505][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.245387][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.247073][ T9648] unmap_vmas+0x22f/0x490 [ 348.248600][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.250103][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.251510][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.252674][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.254183][ T9648] unmap_region+0x201/0x480 [ 348.255723][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.257491][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.259277][ T9648] mmap_region+0x1c00/0x2a50 [ 348.260657][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.262376][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.264191][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.266007][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.267731][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.269512][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.271054][ T9648] do_mmap+0xc00/0xfc0 [ 348.272121][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.273363][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.275088][ T9648] ? ksys_write+0x1ad/0x260 [ 348.276375][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.277697][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.279496][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.281040][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.282750][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.284950][ T9648] RIP: 0023:0xf7f21579 [ 348.286323][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.291780][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.294744][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.297312][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.299976][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.302456][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.304999][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.307654][ T9648] [ 348.308911][ T9648] BUG: Bad page map in process syz.1.1272 pte:52838225 pmd:7755c067 [ 348.311040][ T9648] addr:0000000020038000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:38 [ 348.314806][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.317374][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.321085][ T9648] Tainted: [B]=BAD_PAGE [ 348.322450][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.326095][ T9648] Call Trace: [ 348.327216][ T9648] [ 348.328220][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.329857][ T9648] print_bad_pte+0x49c/0x710 [ 348.331439][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.333179][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.335087][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.336807][ T9648] vm_normal_page+0x269/0x2b0 [ 348.338437][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.340207][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.341994][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.343730][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.345549][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.347386][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.349266][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.350985][ T9648] unmap_vmas+0x22f/0x490 [ 348.352505][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.354189][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.355939][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.357555][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.359292][ T9648] unmap_region+0x201/0x480 [ 348.360877][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.362679][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.364681][ T9648] mmap_region+0x1c00/0x2a50 [ 348.366304][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.367677][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.369046][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.370401][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.371707][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.373128][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.374614][ T9648] do_mmap+0xc00/0xfc0 [ 348.375688][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.376933][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.378256][ T9648] ? ksys_write+0x1ad/0x260 [ 348.379548][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.380814][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.382259][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.383678][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.384955][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.386594][ T9648] RIP: 0023:0xf7f21579 [ 348.387659][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.393858][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.396823][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.399543][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.401752][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.404269][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.406937][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.409651][ T9648] [ 348.410910][ T9648] BUG: Bad page map in process syz.1.1272 pte:52839225 pmd:7755c067 [ 348.413386][ T9648] addr:0000000020039000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:39 [ 348.416928][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.418722][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.422404][ T9648] Tainted: [B]=BAD_PAGE [ 348.423624][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.427309][ T9648] Call Trace: [ 348.428200][ T9648] [ 348.428973][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.430215][ T9648] print_bad_pte+0x49c/0x710 [ 348.431616][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.433401][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.435287][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.436566][ T9648] vm_normal_page+0x269/0x2b0 [ 348.437801][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.439157][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.440583][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.442381][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.444045][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.445575][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.447419][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.449120][ T9648] unmap_vmas+0x22f/0x490 [ 348.450611][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.452300][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.454090][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.455719][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.457320][ T9648] unmap_region+0x201/0x480 [ 348.458496][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.459792][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.461538][ T9648] mmap_region+0x1c00/0x2a50 [ 348.463084][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.464545][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.466122][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.467892][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.469528][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.471250][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.473022][ T9648] do_mmap+0xc00/0xfc0 [ 348.474441][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.475787][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.477262][ T9648] ? ksys_write+0x1ad/0x260 [ 348.478505][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.480128][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.482002][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.483560][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.484815][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.486646][ T9648] RIP: 0023:0xf7f21579 [ 348.487733][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.493128][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.496077][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.498947][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.501812][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.504664][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.507451][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.510280][ T9648] [ 348.511570][ T9648] BUG: Bad page map in process syz.1.1272 pte:5283a225 pmd:7755c067 [ 348.514187][ T9648] addr:000000002003a000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:3a [ 348.517095][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.518901][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.522149][ T9648] Tainted: [B]=BAD_PAGE [ 348.523552][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.526390][ T9648] Call Trace: [ 348.527314][ T9648] [ 348.528134][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.529491][ T9648] print_bad_pte+0x49c/0x710 [ 348.530737][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.532097][ T9648] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 348.533735][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.535381][ T9648] vm_normal_page+0x269/0x2b0 [ 348.536892][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.538247][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.539630][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.540971][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.542363][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.543887][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.545514][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.547282][ T9648] unmap_vmas+0x22f/0x490 [ 348.548869][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.550655][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.552534][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.554216][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.555994][ T9648] unmap_region+0x201/0x480 [ 348.557660][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.559447][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.561594][ T9648] mmap_region+0x1c00/0x2a50 [ 348.563250][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.565171][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.566990][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.569029][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.570916][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.572807][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.574710][ T9648] do_mmap+0xc00/0xfc0 [ 348.576150][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.577836][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.579637][ T9648] ? ksys_write+0x1ad/0x260 [ 348.581252][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.582949][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.584882][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.586687][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.588367][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.590547][ T9648] RIP: 0023:0xf7f21579 [ 348.591950][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.598537][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.601394][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.604227][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.607106][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.609954][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.612785][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.615521][ T9648] [ 348.616866][ T9648] BUG: Bad page map in process syz.1.1272 pte:5283b225 pmd:7755c067 [ 348.619806][ T9648] addr:000000002003b000 vm_flags:000000fe anon_vma:0000000000000000 mapping:0000000000000000 index:3b [ 348.623731][ T9648] file:(null) fault:shmem_fault mmap:0x0 read_folio:0x0 [ 348.626197][ T9648] CPU: 3 UID: 0 PID: 9648 Comm: syz.1.1272 Tainted: G B 6.11.0-syzkaller-11993-g3efc57369a0c #0 [ 348.630363][ T9648] Tainted: [B]=BAD_PAGE [ 348.631923][ T9648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 348.635843][ T9648] Call Trace: [ 348.637047][ T9648] [ 348.638079][ T9648] dump_stack_lvl+0x16c/0x1f0 [ 348.639721][ T9648] print_bad_pte+0x49c/0x710 [ 348.641355][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.643067][ T9648] ? __pfx_print_bad_pte+0x10/0x10 [ 348.644992][ T9648] ? page_ext_put+0x48/0xd0 [ 348.646626][ T9648] ? page_table_check_clear.part.0+0x398/0x540 [ 348.648849][ T9648] vm_normal_page+0x269/0x2b0 [ 348.650545][ T9648] ? __pfx_vm_normal_page+0x10/0x10 [ 348.652431][ T9648] ? __pfx_arch_check_zapped_pte+0x10/0x10 [ 348.654619][ T9648] ? __pfx___might_resched+0x10/0x10 [ 348.656554][ T9648] unmap_page_range+0x109e/0x3ce0 [ 348.658451][ T9648] ? __pfx_unmap_page_range+0x10/0x10 [ 348.660401][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.662240][ T9648] ? trace_lock_acquire+0x14a/0x1d0 [ 348.664135][ T9648] unmap_single_vma+0x194/0x2b0 [ 348.665928][ T9648] unmap_vmas+0x22f/0x490 [ 348.667505][ T9648] ? __pfx_unmap_vmas+0x10/0x10 [ 348.669331][ T9648] ? __pfx_lock_release+0x10/0x10 [ 348.671199][ T9648] ? lock_acquire+0x2f/0xb0 [ 348.672835][ T9648] ? mlock_drain_local+0x6f/0x4f0 [ 348.674551][ T9648] unmap_region+0x201/0x480 [ 348.676098][ T9648] ? __pfx_unmap_region+0x10/0x10 [ 348.677879][ T9648] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 348.679946][ T9648] mmap_region+0x1c00/0x2a50 [ 348.681660][ T9648] ? __pfx_mmap_region+0x10/0x10 [ 348.683462][ T9648] ? __pfx___lock_acquire+0x10/0x10 [ 348.685276][ T9648] ? mm_get_unmapped_area+0x95/0xe0 [ 348.687179][ T9648] ? bpf_lsm_mmap_addr+0x9/0x10 [ 348.688998][ T9648] ? security_mmap_addr+0x6c/0x1e0 [ 348.690826][ T9648] ? __get_unmapped_area+0x26b/0x3a0 [ 348.692732][ T9648] do_mmap+0xc00/0xfc0 [ 348.694198][ T9648] vm_mmap_pgoff+0x1ba/0x360 [ 348.695674][ T9648] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 348.697556][ T9648] ? ksys_write+0x1ad/0x260 [ 348.699178][ T9648] ksys_mmap_pgoff+0x7d/0x5c0 [ 348.700871][ T9648] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 348.702780][ T9648] __do_fast_syscall_32+0x73/0x120 [ 348.704559][ T9648] do_fast_syscall_32+0x32/0x80 [ 348.706341][ T9648] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 348.708642][ T9648] RIP: 0023:0xf7f21579 [ 348.710065][ T9648] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 348.717034][ T9648] RSP: 002b:00000000f56a656c EFLAGS: 00000296 ORIG_RAX: 00000000000000c0 [ 348.720005][ T9648] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000b36000 [ 348.722843][ T9648] RDX: 0000000006ebbeee RSI: 0000000000008031 RDI: 0000000000000005 [ 348.725705][ T9648] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 348.728601][ T9648] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 348.731390][ T9648] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 348.734176][ T9648] [ 349.831155][ T9638] netlink: 'syz.3.1268': attribute type 21 has an invalid length. [ 350.146834][ T1203] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.250218][ T1203] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.396709][ T1203] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.517683][ T1203] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 350.595958][ T1203] bridge_slave_0: left allmulticast mode [ 350.598458][ T1203] bridge_slave_0: left promiscuous mode [ 350.600394][ T1203] bridge0: port 1(bridge_slave_0) entered disabled state [ 350.711671][ T1203] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 350.715970][ T1203] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 350.719815][ T1203] bond0 (unregistering): Released all slaves [ 350.766300][ T1203] tipc: Disabling bearer [ 350.768049][ T1203] tipc: Left network mode [ 350.972841][ T1203] hsr_slave_0: left promiscuous mode [ 350.975230][ T1203] hsr_slave_1: left promiscuous mode [ 350.978822][ T1203] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 350.980937][ T1203] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 350.983975][ T1203] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 350.991275][ T1203] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 351.007389][ T1203] veth1_macvtap: left promiscuous mode [ 351.009440][ T1203] veth0_macvtap: left promiscuous mode [ 351.011433][ T1203] veth1_vlan: left promiscuous mode [ 351.013348][ T1203] veth0_vlan: left promiscuous mode [ 351.201359][ T1203] team0 (unregistering): Port device team_slave_1 removed [ 351.245311][ T1203] team0 (unregistering): Port device team_slave_0 removed [ 352.017637][ T1203] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.108610][ T1203] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 352.187009][ T1203] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 VM DIAGNOSIS: 11:12:16 Registers: info registers vcpu 0 CPU#0 RAX=00000000010c331f RBX=0000000000000000 RCX=ffffffff8b12d6d9 RDX=0000000000000000 RSI=ffffffff8b4cc8e0 RDI=ffffffff8bb11da0 RBP=fffffbfff1b52af8 RSP=ffffffff8da07e20 R8 =0000000000000001 R9 =ffffed1005687025 R10=ffff88802b43812b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8da957c0 R14=ffffffff901cc388 R15=0000000000000000 RIP=ffffffff8b12eabf RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=ffffffffffffffe8 CR3=0000000064aa2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f800000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850340d5 RDI=ffffffff9a63a260 RBP=ffffffff9a63a220 RSP=ffffc900269a6f20 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000030 R14=ffffffff85034070 R15=0000000000000000 RIP=ffffffff850340ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=ffffffffffffffe8 CR3=0000000064aa2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002000000 Opmask01=0000000000000001 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff43338970 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f6e3a6d5e007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4b1f485e005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a2027393632312e 312e6e753d602073 7320353932372039 342032343d736200 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=1ffff920006f9ecd RCX=ffffffff816a25a9 RDX=1ffff11004a51854 RSI=ffffffff8b4ccba0 RDI=ffffffff8bb11da0 RBP=ffffffff901cf678 RSP=ffffc900037cf630 R8 =0000000000000000 R9 =fffffbfff2039871 R10=ffffffff901cc38f R11=0000000000000000 R12=ffff88802528c2a0 R13=1ffff920006f9ee6 R14=ffff888024244880 R15=0000000000000000 RIP=ffffffff8b12de68 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f361a51cd00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000561939ca1000 CR3=00000000008a6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 1875ca861875ca86 ZMM22=187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 187ecee3187ecee3 ZMM23=14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 14a40a3914a40a39 ZMM24=614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c 614c2b5c614c2b5c ZMM25=410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa 410b5bfa410b5bfa ZMM26=add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f add3d43fadd3d43f ZMM27=e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a e9e5592ae9e5592a ZMM28=000000b0000000af 000000ae000000ad 000000ac000000ab 000000aa000000a9 000000a8000000a7 000000a6000000a5 000000a4000000a3 000000a2000000a1 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=520f0000520f0000 520f0000520f0000 520f0000520f0000 520f0000520f0000 520f0000520f0000 520f0000520f0000 520f0000520f0000 520f0000520f0000 info registers vcpu 3 CPU#3 RAX=ffffffff9a386fa0 RBX=0000000000000000 RCX=1ffffffff1bb6ef9 RDX=dffffc0000000000 RSI=1ffff920001d3ea2 RDI=ffffffff8ddb77c8 RBP=0000000000000000 RSP=ffffc90000e9f480 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901cc38f R11=0000000000000002 R12=ffffffff8ddb77c0 R13=0000000000000000 R14=0000000000000000 R15=ffff888020640000 RIP=ffffffff8169ea9e RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=ffffffffffffffe8 CR3=0000000028e60000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000