Extracting prog: 1h29m0.886996957s Minimizing prog: 34m37.64017527s Simplifying prog options: 0s Extracting C: 4m19.71120251s Simplifying C: 36m30.140538941s extracting reproducer from 126 programs testing a last program of every proc single: executing 76 programs separately with timeout 6m0s testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): socket-sendmsg$nl_route-socket$nl_netfilter-sendmsg$NFT_MSG_GETSETELEM-syz_genetlink_get_family_id$nl80211 detailed listing: executing program 0: r0 = socket(0x10, 0x80002, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x4801) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)=ANY=[@ANYBLOB="2c0000000d0a010e"], 0x2c}}, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_usb_control_io-syz_usb_control_io$hid-syz_usb_control_io$uac1-socket$nl_netfilter-socket$nl_netfilter-getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST-getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST-sendmsg$NFT_BATCH detailed listing: executing program 0: r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0) syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000000c0)={0x44, &(0x7f00000001c0)=ANY=[@ANYBLOB="40184900"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000040)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x18) (async) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000040)={0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000080)=0x18) sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x58, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_bridge\x00'}]}]}]}, @NFT_MSG_DELFLOWTABLE={0x48, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}}, 0xe8}}, 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_clone-getpgid-ptrace$getregset-sched_setattr-wait4-openat$iommufd-socket$inet6-setsockopt$inet6_int-ioctl$IOMMU_IOAS_ALLOC-mmap detailed listing: executing program 0: r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = getpgid(r0) ptrace$getregset(0x4204, r1, 0x6, &(0x7f0000000100)={&(0x7f0000000000)=""/170, 0xaa}) sched_setattr(r1, &(0x7f00000000c0)={0x38, 0x5, 0x10000004, 0x8, 0xf, 0x155, 0x9, 0x8, 0x9, 0x8}, 0x0) wait4(0x0, 0x0, 0x80000000, 0xfffffffffffffffc) r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x181000, 0x0) r3 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r3, 0x29, 0x16, &(0x7f0000fcb000), 0x4) ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000980)={0x1}) mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000001, 0x30, r2, 0x93250000) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat-syz_usb_connect-bpf$MAP_UPDATE_ELEM-bpf$PROG_LOAD-keyctl$dh_compute-sendmsg$L2TP_CMD_TUNNEL_GET-syz_open_dev$evdev-ioctl$EVIOCGKEYCODE_V2 detailed listing: executing program 0: r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x20100, 0x80) syz_usb_connect(0x2, 0x9a2, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0) bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b405000000000000711035000000000015000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x39) keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={'xxhash64-generic\x00'}, &(0x7f00000005c0)}) sendmsg$L2TP_CMD_TUNNEL_GET(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x58, 0x0, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@L2TP_ATTR_VLAN_ID={0x6, 0xe, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'ip6gretap0\x00'}, @L2TP_ATTR_RECV_TIMEOUT={0xc, 0x16, 0x4}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @private0={0xfc, 0x0, '\x00', 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20040010}, 0x4000040) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0) ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000180)=""/199) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_usb_connect-syz_usb_control_io$uac1-syz_usb_connect$uac1-syz_usb_control_io$uac1 detailed listing: executing program 0: r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_connect$uac1(0x3, 0xb6, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0xff, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa4, 0x3, 0x1, 0x39, 0xa0, 0xed, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x755, 0x6}, [@extension_unit={0xd, 0x24, 0x8, 0x5, 0xb53d, 0xcd, "7ff60de6a7c9"}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x10, 0x24, 0x2, 0x2, 0x7f, 0x8, 0x2, "c098183e14880c"}]}, {{0x9, 0x5, 0x1, 0x9, 0x40, 0xfc, 0x0, 0xb, {0x7, 0x25, 0x1, 0x180, 0x1, 0x1}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0xf, 0x24, 0x2, 0x1, 0xb, 0x4, 0x9, 0x3, "3674ab944877a8"}, @as_header={0x7, 0x24, 0x1, 0x3, 0x75}, @as_header={0x7, 0x24, 0x1, 0x9, 0x9, 0x1001}, @format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0x40, 0x4, 0xe, 0x1, "80", ';\f'}]}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x4, 0x1, 0xa, {0x7, 0x25, 0x1, 0x2, 0x40, 0x7}}}}}}}]}}, &(0x7f0000000440)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x310, 0x10, 0x6, 0x8, 0xff, 0x10}, 0xc9, &(0x7f0000000140)={0x5, 0xf, 0xc9, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x1, 0x7f, 0x28}, @generic={0xa0, 0x10, 0x3, "6b61580ea38103728e4900364e929c0e1f99c2e9e9a6eb336752f39796f47aa8f13b3726c1b85976b30b0979d3927545c9b4a257bab5d1113cdd4ef50114728d30960a65dff18c31026bc1c085c37fceb7548ab08e650731539cabd38202641855dac3c20e172df9fd3eb4b19b65cebca2f56409f36bfc7ee774c9b028a007a377d33a6755782b1ca41ce5a14f4252b36983e33f61d27fc5a208fb2181"}, @ptm_cap={0x3}, @ssp_cap={0xc, 0x10, 0xa, 0x3, 0x0, 0xd, 0xf000, 0xb45}, @wireless={0xb, 0x10, 0x1, 0x4, 0x1, 0x0, 0x3, 0x0, 0x4}]}, 0x4, [{0x4a, &(0x7f00000002c0)=@string={0x4a, 0x3, "ab3aca4b92abcb8abff3000ae67ac4bda35eb6372c60db9fa98f1a41731b9bfb40c66d123736d7152ebbe360eec635eff6978ec5f36b5d7c428a257e388c8116e63b5d71d95575ee"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x407}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x40e}}, {0xa9, &(0x7f0000000380)=@string={0xa9, 0x3, "82c3b4f5a918f0209cbc92a4428ab804b966877839ea0c6757e07760cd9bd0f829a3e450a66fdc36ba8418e6f66813bc0c7f328215abe8d3f0b291ca70df2aa399ede3196670dedce1affc208819b40ad968dba520e03d034f796d1b2a2e2df5d743681299e90416d2d90d4a45193c8a85b19e44ae6e35e9efd45e7b1626b96b014ac45d890ffb53e7d64cbc102fadfde52c20697a1756933fc6954bfa3ed92ced2fa39bd1ca57"}}]}) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000280)={0x20, 0x8, 0x1, '\b'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs-gettid-kcmp-syz_genetlink_get_family_id$nl80211-socket$nl_generic-sendmsg$NL80211_CMD_SET_TID_CONFIG-preadv detailed listing: executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') r1 = gettid() kcmp(r1, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="d5aab2ea7f4e784829196641f9d000d46346d59ed825ccfa5a6767f407f8b61bb43c0853271c771d58488d9eced7cb4eefad3c9825a0b47a3c4e05159123e02bfe6ca97ff6d1cc7bc2455e17b888c2edd0fff5739276911cd265bfa115b382579306ec1427fbe69a6052853bc5abda9fcaf6253489", @ANYRES16=r2, @ANYBLOB="595300000000000000086b00000010001d800c00008008000d8004000180"], 0x24}}, 0x0) preadv(r0, &(0x7f0000000c00)=[{&(0x7f0000000500)=""/234, 0xea}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, 0xffff, 0x5dd073cf) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): syz_open_procfs-gettid-kcmp-syz_genetlink_get_family_id$nl80211-socket$nl_generic-sendmsg$NL80211_CMD_SET_TID_CONFIG-preadv detailed listing: executing program 0: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00') r1 = gettid() kcmp(r1, 0x0, 0x6, 0xffffffffffffffff, 0xffffffffffffffff) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)=ANY=[@ANYBLOB="d5aab2ea7f4e784829196641f9d000d46346d59ed825ccfa5a6767f407f8b61bb43c0853271c771d58488d9eced7cb4eefad3c9825a0b47a3c4e05159123e02bfe6ca97ff6d1cc7bc2455e17b888c2edd0fff5739276911cd265bfa115b382579306ec1427fbe69a6052853bc5abda9fcaf6253489", @ANYRES16=r2, @ANYBLOB="595300000000000000086b00000010001d800c00008008000d8004000180"], 0x24}}, 0x0) preadv(r0, &(0x7f0000000c00)=[{&(0x7f0000000500)=""/234, 0xea}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, 0xffff, 0x5dd073cf) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-mmap-socket$rds-setsockopt$SO_RDS_TRANSPORT-madvise-socket$inet-add_key$user-bpf$PROG_LOAD-add_key$user-keyctl$dh_compute-setsockopt$inet_mreqsrc-close-ioctl$sock_proto_private detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x5000005, 0x13, r0, 0x80a4a000) r1 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000000c0)=0x2, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r2 = socket$inet(0x2, 0x3, 0x2) r3 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x51}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000400)={r3, r4, r3}, &(0x7f0000000440)=""/190, 0xbe, &(0x7f00000003c0)={&(0x7f0000000040)={'sha256-generic\x00'}}) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc) close(r2) ioctl$sock_proto_private(r1, 0x89e0, &(0x7f0000001080)) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-mmap-socket$rds-setsockopt$SO_RDS_TRANSPORT-madvise-socket$inet-add_key$user-bpf$PROG_LOAD-add_key$user-keyctl$dh_compute-setsockopt$inet_mreqsrc-close-ioctl$sock_proto_private detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x5000005, 0x13, r0, 0x80a4a000) r1 = socket$rds(0x15, 0x5, 0x0) setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f00000000c0)=0x2, 0x4) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) r2 = socket$inet(0x2, 0x3, 0x2) r3 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x51}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r4 = add_key$user(&(0x7f0000002300), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705a", 0xc0, 0xffffffffffffffff) keyctl$dh_compute(0x17, &(0x7f0000000400)={r3, r4, r3}, &(0x7f0000000440)=""/190, 0xbe, &(0x7f00000003c0)={&(0x7f0000000040)={'sha256-generic\x00'}}) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc) close(r2) ioctl$sock_proto_private(r1, 0x89e0, &(0x7f0000001080)) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-mmap-socket$l2tp-rt_sigaction-pipe-setsockopt$inet_tcp_TCP_CONGESTION-epoll_create1-epoll_ctl$EPOLL_CTL_ADD-syz_usb_connect$uac1 detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0x48079000) socket$l2tp(0x2, 0x2, 0x73) rt_sigaction(0x18, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8, &(0x7f00000003c0)) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x90000004}) syz_usb_connect$uac1(0x0, 0xa6, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d01004000010203010902940003010000000904000000010100000a240100000301020c"], 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-socket$inet6_udp-setsockopt$IP6T_SO_SET_REPLACE-dup-mmap-madvise-madvise detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000340)=@nat={'nat\x00', 0x10, 0x5, 0x490, 0x0, 0xf0, 0xffffffff, 0xf0, 0x0, 0x3c0, 0x3c0, 0xffffffff, 0x3c0, 0x3c0, 0x5, 0x0, {[{{@ipv6={@empty, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', [], [], 'wlan1\x00', 'ip6erspan0\x00', {}, {}, 0x0, 0x4, 0x2}, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0xb, @ipv6=@loopback, @ipv4=@local, @gre_key=0x2, @port=0x4e21}}}, {{@ipv6={@rand_addr=' \x01\x00', @initdev={0xfe, 0x88, '\x00', 0x5d, 0x0}, [0xff000000, 0xffffffff, 0xffffff00, 0xffffff00], [0xffffff00, 0xffffffff, 0xffffffff, 0xffffff00], 'veth0_to_team\x00', 'macsec0\x00', {}, {}, 0x1107e390a1bc630b, 0x8, 0x2, 0x20}, 0x0, 0xa8, 0xf0}, @REDIRECT={0x48, 'REDIRECT\x00', 0x0, {0x1, @ipv6=@empty, @ipv6=@mcast2, @gre_key=0x5, @port=0x4e23}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @MASQUERADE={0x48, 'MASQUERADE\x00', 0x0, {0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @ipv6=@dev={0xfe, 0x80, '\x00', 0x3d}, @gre_key=0x4, @gre_key}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @NETMAP={0x48, 'NETMAP\x00', 0x0, {0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, @gre_key=0x2, @gre_key=0xffff}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4f0) r2 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000002, 0x28011, r2, 0x2c93a000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-mmap-socket$l2tp-rt_sigaction-pipe-setsockopt$inet_tcp_TCP_CONGESTION-epoll_create1-epoll_ctl$EPOLL_CTL_ADD-syz_usb_connect$uac1 detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r0, 0x48079000) socket$l2tp(0x2, 0x2, 0x73) rt_sigaction(0x18, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8, &(0x7f00000003c0)) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000080)='lp\x00', 0x3) epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000040)={0x90000004}) syz_usb_connect$uac1(0x0, 0xa6, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000106b1d01004000010203010902940003010000000904000000010100000a240100000301020c"], 0x0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mprotect-openat$nullb-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-dup-fallocate detailed listing: executing program 0: mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0xd, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000009b3802c418000000000000000000000004000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005900000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x1000074000) program crashed: INFO: task hung in blkdev_fallocate single: successfully extracted reproducer found reproducer with 5 syscalls minimizing guilty program testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mprotect-openat$nullb-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-dup detailed listing: executing program 0: mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0xd, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000009b3802c418000000000000000000000004000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005900000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) dup(r0) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mprotect-openat$nullb-bpf$BPF_PROG_RAW_TRACEPOINT_LOAD-fallocate detailed listing: executing program 0: mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0xd, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000009b3802c418000000000000000000000004000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000005900000095"], &(0x7f0000000000)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) fallocate(0xffffffffffffffff, 0x11, 0x0, 0x1000074000) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mprotect-openat$nullb-dup-fallocate detailed listing: executing program 0: mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x1000074000) program crashed: INFO: task hung in blkdev_fallocate testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): mprotect-dup-fallocate detailed listing: executing program 0: mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1) r0 = dup(0xffffffffffffffff) fallocate(r0, 0x11, 0x0, 0x1000074000) program did not crash testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x1000074000) program crashed: INFO: task hung in blkdev_fallocate testing program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate detailed listing: executing program 0: r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x2, 0x0) r1 = dup(r0) fallocate(r1, 0x11, 0x0, 0x1000074000) program did not crash extracting C reproducer testing compiled C program (duration=6m0s, {Threaded:true Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate simplifying C reproducer testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:1 Slowdown:1 Sandbox:namespace SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: no output from test machine a never seen crash title: no output from test machine, ignore testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox:none SandboxArg:0 Leak:false NetInjection:true NetDevices:true NetReset:true Cgroups:true BinfmtMisc:true CloseFDs:true KCSAN:false DevlinkPCI:false NicVF:false USB:true VhciInjection:true Wifi:true IEEE802154:true Sysctl:true Swap:true UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:true Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:true HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:true Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:true Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate testing compiled C program (duration=6m0s, {Threaded:false Repeat:true RepeatTimes:0 Procs:5 Slowdown:1 Sandbox: SandboxArg:0 Leak:false NetInjection:false NetDevices:false NetReset:false Cgroups:false BinfmtMisc:false CloseFDs:false KCSAN:false DevlinkPCI:false NicVF:false USB:false VhciInjection:false Wifi:false IEEE802154:false Sysctl:false Swap:false UseTmpDir:false HandleSegv:false Trace:false LegacyOptions:{Collide:false Fault:false FaultCall:0 FaultNth:0}}): openat$nullb-dup-fallocate program crashed: INFO: task hung in blkdev_fallocate reproducing took 2h44m28.37895698s repro crashed as (corrupted=false): INFO: task syz-executor144:5841 blocked for more than 143 seconds. Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor144 state:D stack:26752 pid:5841 tgid:5841 ppid:5840 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 rwsem_down_write_slowpath+0xeee/0x13b0 kernel/locking/rwsem.c:1176 __down_write_common kernel/locking/rwsem.c:1304 [inline] __down_write kernel/locking/rwsem.c:1313 [inline] down_write+0x1d7/0x220 kernel/locking/rwsem.c:1578 filemap_invalidate_lock include/linux/fs.h:863 [inline] blkdev_fallocate+0x20e/0x490 block/fops.c:813 vfs_fallocate+0x569/0x6e0 fs/open.c:327 ksys_fallocate fs/open.c:351 [inline] __do_sys_fallocate fs/open.c:356 [inline] __se_sys_fallocate fs/open.c:354 [inline] __x64_sys_fallocate+0xbc/0x110 fs/open.c:354 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe9b91bdb29 RSP: 002b:00007fff3ab80f98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9b91bdb29 RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000001000074000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007fff3ab811b8 R14: 00007fff3ab80fc0 R15: 00007fff3ab80fb0 INFO: task syz-executor144:5860 blocked for more than 143 seconds. Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor144 state:D stack:26136 pid:5860 tgid:5860 ppid:5833 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 rwsem_down_write_slowpath+0xeee/0x13b0 kernel/locking/rwsem.c:1176 __down_write_common kernel/locking/rwsem.c:1304 [inline] __down_write kernel/locking/rwsem.c:1313 [inline] down_write+0x1d7/0x220 kernel/locking/rwsem.c:1578 filemap_invalidate_lock include/linux/fs.h:863 [inline] blkdev_fallocate+0x20e/0x490 block/fops.c:813 vfs_fallocate+0x569/0x6e0 fs/open.c:327 ksys_fallocate fs/open.c:351 [inline] __do_sys_fallocate fs/open.c:356 [inline] __se_sys_fallocate fs/open.c:354 [inline] __x64_sys_fallocate+0xbc/0x110 fs/open.c:354 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe9b91bdb29 RSP: 002b:00007fff3ab80f98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9b91bdb29 RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000001000074000 R11: 0000000000000246 R12: 0000000000012fcf R13: 00007fff3ab80fac R14: 00007fff3ab80fc0 R15: 00007fff3ab80fb0 Showing all locks held in the system: 1 lock held by khungtaskd/30: #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6744 1 lock held by klogd/5195: 2 locks held by getty/5598: #0: ffff88814d8670a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc90002fd62f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 drivers/tty/n_tty.c:2211 1 lock held by syz-executor144/5839: 1 lock held by syz-executor144/5841: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5860: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5861: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5862: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline] watchdog+0xff6/0x1040 kernel/hung_task.c:397 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 5195 Comm: klogd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:lookup_object lib/debugobjects.c:423 [inline] RIP: 0010:lookup_object_or_alloc lib/debugobjects.c:662 [inline] RIP: 0010:debug_object_activate+0x1c2/0x580 lib/debugobjects.c:820 Code: 3d fd 48 89 5c 24 30 4c 8b 3b 45 31 e4 eb 06 4d 8b 3f 41 ff c4 4d 85 ff 74 40 49 8d 5f 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 <74> 08 48 89 df e8 c4 47 3d fd 48 8b 44 24 10 48 39 03 0f 84 16 01 RSP: 0018:ffffc9000370f360 EFLAGS: 00000046 RAX: 1ffff1100ce9c5f4 RBX: ffff8880674e2fa0 RCX: 0000000000000001 RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffc9000370f240 RBP: ffffc9000370f470 R08: 0000000000000003 R09: fffff520006e1e48 R10: dffffc0000000000 R11: fffff520006e1e48 R12: 0000000000000039 R13: 1ffff920006e1e74 R14: dffffc0000000000 R15: ffff8880674e2f88 FS: 00007f86a75ed380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055558d1e06f8 CR3: 000000007e0ec000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: debug_rcu_head_queue kernel/rcu/rcu.h:224 [inline] __call_rcu_common kernel/rcu/tree.c:3071 [inline] call_rcu+0x97/0xa70 kernel/rcu/tree.c:3190 __slab_free+0x2c2/0x380 mm/slub.c:4524 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4298 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4317 kmalloc_reserve+0x111/0x2a0 net/core/skbuff.c:609 __alloc_skb+0x1f3/0x440 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1323 [inline] alloc_skb_with_frags+0xc3/0x820 net/core/skbuff.c:6612 sock_alloc_send_pskb+0x91a/0xa60 net/core/sock.c:2881 unix_dgram_sendmsg+0x6d3/0x1f80 net/unix/af_unix.c:2027 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:726 __sys_sendto+0x363/0x4c0 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2200 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f86a774f9b5 Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 RSP: 002b:00007ffefe8c3c28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f86a774f9b5 RDX: 0000000000000056 RSI: 00005588bb415950 RDI: 0000000000000003 RBP: 00005588bb411910 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 R13: 00007f86a78dd212 R14: 00007ffefe8c3d28 R15: 0000000000000000 INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.679 msecs final repro crashed as (corrupted=false): INFO: task syz-executor144:5841 blocked for more than 143 seconds. Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor144 state:D stack:26752 pid:5841 tgid:5841 ppid:5840 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 rwsem_down_write_slowpath+0xeee/0x13b0 kernel/locking/rwsem.c:1176 __down_write_common kernel/locking/rwsem.c:1304 [inline] __down_write kernel/locking/rwsem.c:1313 [inline] down_write+0x1d7/0x220 kernel/locking/rwsem.c:1578 filemap_invalidate_lock include/linux/fs.h:863 [inline] blkdev_fallocate+0x20e/0x490 block/fops.c:813 vfs_fallocate+0x569/0x6e0 fs/open.c:327 ksys_fallocate fs/open.c:351 [inline] __do_sys_fallocate fs/open.c:356 [inline] __se_sys_fallocate fs/open.c:354 [inline] __x64_sys_fallocate+0xbc/0x110 fs/open.c:354 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe9b91bdb29 RSP: 002b:00007fff3ab80f98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9b91bdb29 RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000001000074000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007fff3ab811b8 R14: 00007fff3ab80fc0 R15: 00007fff3ab80fb0 INFO: task syz-executor144:5860 blocked for more than 143 seconds. Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. task:syz-executor144 state:D stack:26136 pid:5860 tgid:5860 ppid:5833 flags:0x00000006 Call Trace: context_switch kernel/sched/core.c:5369 [inline] __schedule+0x1850/0x4c30 kernel/sched/core.c:6756 __schedule_loop kernel/sched/core.c:6833 [inline] schedule+0x14b/0x320 kernel/sched/core.c:6848 schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:6905 rwsem_down_write_slowpath+0xeee/0x13b0 kernel/locking/rwsem.c:1176 __down_write_common kernel/locking/rwsem.c:1304 [inline] __down_write kernel/locking/rwsem.c:1313 [inline] down_write+0x1d7/0x220 kernel/locking/rwsem.c:1578 filemap_invalidate_lock include/linux/fs.h:863 [inline] blkdev_fallocate+0x20e/0x490 block/fops.c:813 vfs_fallocate+0x569/0x6e0 fs/open.c:327 ksys_fallocate fs/open.c:351 [inline] __do_sys_fallocate fs/open.c:356 [inline] __se_sys_fallocate fs/open.c:354 [inline] __x64_sys_fallocate+0xbc/0x110 fs/open.c:354 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7fe9b91bdb29 RSP: 002b:00007fff3ab80f98 EFLAGS: 00000246 ORIG_RAX: 000000000000011d RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fe9b91bdb29 RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000004 RBP: 00000000000f4240 R08: 00000000000000a0 R09: 00000000000000a0 R10: 0000001000074000 R11: 0000000000000246 R12: 0000000000012fcf R13: 00007fff3ab80fac R14: 00007fff3ab80fc0 R15: 00007fff3ab80fb0 Showing all locks held in the system: 1 lock held by khungtaskd/30: #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:337 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:849 [inline] #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0 kernel/locking/lockdep.c:6744 1 lock held by klogd/5195: 2 locks held by getty/5598: #0: ffff88814d8670a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 drivers/tty/tty_ldisc.c:243 #1: ffffc90002fd62f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00 drivers/tty/n_tty.c:2211 1 lock held by syz-executor144/5839: 1 lock held by syz-executor144/5841: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5860: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5861: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 1 lock held by syz-executor144/5862: #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_invalidate_lock include/linux/fs.h:863 [inline] #0: ffff8880234d14c0 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_fallocate+0x20e/0x490 block/fops.c:813 ============================================= NMI backtrace for cpu 1 CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Call Trace: __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120 nmi_cpu_backtrace+0x49c/0x4d0 lib/nmi_backtrace.c:113 nmi_trigger_cpumask_backtrace+0x198/0x320 lib/nmi_backtrace.c:62 trigger_all_cpu_backtrace include/linux/nmi.h:162 [inline] check_hung_uninterruptible_tasks kernel/hung_task.c:234 [inline] watchdog+0xff6/0x1040 kernel/hung_task.c:397 kthread+0x2f0/0x390 kernel/kthread.c:389 ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 Sending NMI from CPU 1 to CPUs 0: NMI backtrace for cpu 0 CPU: 0 UID: 0 PID: 5195 Comm: klogd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 RIP: 0010:lookup_object lib/debugobjects.c:423 [inline] RIP: 0010:lookup_object_or_alloc lib/debugobjects.c:662 [inline] RIP: 0010:debug_object_activate+0x1c2/0x580 lib/debugobjects.c:820 Code: 3d fd 48 89 5c 24 30 4c 8b 3b 45 31 e4 eb 06 4d 8b 3f 41 ff c4 4d 85 ff 74 40 49 8d 5f 18 48 89 d8 48 c1 e8 03 42 80 3c 30 00 <74> 08 48 89 df e8 c4 47 3d fd 48 8b 44 24 10 48 39 03 0f 84 16 01 RSP: 0018:ffffc9000370f360 EFLAGS: 00000046 RAX: 1ffff1100ce9c5f4 RBX: ffff8880674e2fa0 RCX: 0000000000000001 RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffffc9000370f240 RBP: ffffc9000370f470 R08: 0000000000000003 R09: fffff520006e1e48 R10: dffffc0000000000 R11: fffff520006e1e48 R12: 0000000000000039 R13: 1ffff920006e1e74 R14: dffffc0000000000 R15: ffff8880674e2f88 FS: 00007f86a75ed380(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000055558d1e06f8 CR3: 000000007e0ec000 CR4: 00000000003526f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: debug_rcu_head_queue kernel/rcu/rcu.h:224 [inline] __call_rcu_common kernel/rcu/tree.c:3071 [inline] call_rcu+0x97/0xa70 kernel/rcu/tree.c:3190 __slab_free+0x2c2/0x380 mm/slub.c:4524 qlink_free mm/kasan/quarantine.c:163 [inline] qlist_free_all+0x9a/0x140 mm/kasan/quarantine.c:179 kasan_quarantine_reduce+0x14f/0x170 mm/kasan/quarantine.c:286 __kasan_kmalloc+0x23/0xb0 mm/kasan/common.c:385 kasan_kmalloc include/linux/kasan.h:260 [inline] __do_kmalloc_node mm/slub.c:4298 [inline] __kmalloc_node_track_caller_noprof+0x28b/0x4c0 mm/slub.c:4317 kmalloc_reserve+0x111/0x2a0 net/core/skbuff.c:609 __alloc_skb+0x1f3/0x440 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1323 [inline] alloc_skb_with_frags+0xc3/0x820 net/core/skbuff.c:6612 sock_alloc_send_pskb+0x91a/0xa60 net/core/sock.c:2881 unix_dgram_sendmsg+0x6d3/0x1f80 net/unix/af_unix.c:2027 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x221/0x270 net/socket.c:726 __sys_sendto+0x363/0x4c0 net/socket.c:2197 __do_sys_sendto net/socket.c:2204 [inline] __se_sys_sendto net/socket.c:2200 [inline] __x64_sys_sendto+0xde/0x100 net/socket.c:2200 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f86a774f9b5 Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83 RSP: 002b:00007ffefe8c3c28 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f86a774f9b5 RDX: 0000000000000056 RSI: 00005588bb415950 RDI: 0000000000000003 RBP: 00005588bb411910 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013 R13: 00007f86a78dd212 R14: 00007ffefe8c3d28 R15: 0000000000000000 INFO: NMI handler (nmi_cpu_backtrace_handler) took too long to run: 1.679 msecs