program: openat$sndseq(0xffffffffffffff9c, 0x0, 0x62181) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) timer_create(0x0, &(0x7f0000000280)={0x0, 0x24, 0x1, @thr={&(0x7f00000000c0)="71a2b0abd9a6c55f36e6ec29c952cc1fdfdee55827c82150b814491d43cce0c22da756f07e5b5ce7e0621bd59c3f3d1048d2783a572e8e599569bd283557df2a488a6b4a88d38e78bbec93c566f0be8a109a22b426", &(0x7f00000007c0)="cf7e15694b189fe94e7fe866d1749c40ddc703d1182351ee62e9a0e9627cf32f1624d34a4f796e11489dad4d6d38ca0d3a55faf8942b1edad10d850011d8ed08c301a2481efe4ff2ad99c3129ae24d"}}, &(0x7f0000002700)) syz_usb_connect(0x0, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$vsock_stream(0x28, 0x1, 0x0) bind$vsock_stream(r0, &(0x7f0000000440), 0x10) listen(r0, 0x0) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2711, @hyper}, 0x10) connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10) sched_setaffinity(0x0, 0x0, 0x0) r2 = getpid() sched_setscheduler(r2, 0x2, 0x0) sched_setaffinity(r2, 0x0, 0x0) r3 = syz_open_dev$MSR(0x0, 0x8000003, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$VIDIOC_G_INPUT(0xffffffffffffffff, 0x80045626, 0x0) socket$netlink(0x10, 0x3, 0x0) r4 = creat(0x0, 0x4b) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a31000000002c000000030a01020000000000000000010000000900030073797a32000000000900010073797a31000000002c000000050a01020000000000000000010000000c00024000000000000000010900010073797a310000000028000000000a05000000000000000000010000080900010073797a3100000000082dedaf91c4ec8a9d11c540661b9ed900024000000001140000001100010000000000000000000000000a"], 0xc8}}, 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x2000000000001, 0x58b002) ioctl$DRM_IOCTL_DROP_MASTER(r4, 0x641f) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000600)={r6, 0x0, 0x0, 0x0, 0x3, [], [0x800000], [0x0, 0x1001000], [0x0, 0x0, 0xe8a6]}) ioctl$PPPIOCSACTIVE(r4, 0x40107446, &(0x7f0000000c80)={0x8, &(0x7f0000000c40)=[{0x8, 0x80, 0x9, 0x2}, {0x8, 0x3, 0x8, 0x1}, {0xe, 0xb7, 0x8, 0x5}, {0xf42, 0xe, 0x4, 0x21b}, {0xa0, 0x3, 0x7a, 0xc0000000}, {0x1, 0xa8, 0x1, 0x5}, {0x1ff, 0x7f, 0x14, 0xed5}, {0x3a3, 0x7, 0x2, 0x1}]}) [ 68.973610][ T5309] Bluetooth: hci0: command tx timeout [ 69.002077][ T25] audit: type=1326 audit(1745528053.082:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.0" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f923758e969 code=0x7ffc0000 [ 69.041971][ T25] audit: type=1326 audit(1745528053.112:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5323 comm="syz.0.0" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f923758e969 code=0x7ffc0000 [ 69.062390][ T5324] netlink: 8 bytes leftover after parsing attributes in process `syz.0.0'. [ 70.640614][ T5324] ================================================================== [ 70.643686][ T5324] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x396/0x430 [ 70.646834][ T5324] Write of size 4064 at addr ffffc9000d661020 by task syz.0.0/5324 [ 70.649722][ T5324] [ 70.650658][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) [ 70.650672][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.650678][ T5324] Call Trace: [ 70.650685][ T5324] [ 70.650690][ T5324] dump_stack_lvl+0x189/0x250 [ 70.650710][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.650725][ T5324] ? __pfx__printk+0x10/0x10 [ 70.650737][ T5324] ? __pfx__printk+0x10/0x10 [ 70.650746][ T5324] ? __virt_addr_valid+0xc3/0x540 [ 70.650761][ T5324] print_report+0xb4/0x290 [ 70.650774][ T5324] ? vrealloc_noprof+0x396/0x430 [ 70.650797][ T5324] kasan_report+0x118/0x150 [ 70.650811][ T5324] ? vrealloc_noprof+0x396/0x430 [ 70.650825][ T5324] kasan_check_range+0x29a/0x2b0 [ 70.650839][ T5324] __asan_memset+0x22/0x50 [ 70.650851][ T5324] vrealloc_noprof+0x396/0x430 [ 70.650866][ T5324] push_insn_history+0x184/0x650 [ 70.650881][ T5324] do_check+0x597/0xd630 [ 70.650905][ T5324] ? __pfx_do_check+0x10/0x10 [ 70.650917][ T5324] ? __asan_memset+0x22/0x50 [ 70.650926][ T5324] ? init_func_state+0x1ddf/0x2d20 [ 70.650940][ T5324] do_check_common+0x168d/0x20b0 [ 70.650955][ T5324] bpf_check+0x13679/0x19a70 [ 70.650969][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.650985][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.651002][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.651017][ T5324] ? do_raw_spin_lock+0x121/0x290 [ 70.651033][ T5324] ? __pfx_bpf_check+0x10/0x10 [ 70.651045][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.651058][ T5324] ? cgroup_rstat_updated+0x144/0xb50 [ 70.651069][ T5324] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 70.651077][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.651087][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.651097][ T5324] ? ktime_get_with_offset+0x8c/0x2a0 [ 70.651105][ T5324] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 70.651115][ T5324] ? lockdep_hardirqs_on+0x9c/0x150 [ 70.651174][ T5324] ? ktime_get_with_offset+0x8c/0x2a0 [ 70.651185][ T5324] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 70.651196][ T5324] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 70.651211][ T5324] ? bpf_obj_name_cpy+0x194/0x1e0 [ 70.651219][ T5324] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 70.651233][ T5324] ? security_bpf_prog_load+0x7f/0x310 [ 70.651244][ T5324] bpf_prog_load+0x1318/0x1930 [ 70.651259][ T5324] ? __pfx_bpf_prog_load+0x10/0x10 [ 70.651276][ T5324] ? bpf_lsm_bpf+0x9/0x20 [ 70.651288][ T5324] ? security_bpf+0x7e/0x300 [ 70.651298][ T5324] __sys_bpf+0x5f1/0x860 [ 70.651311][ T5324] ? __pfx___sys_bpf+0x10/0x10 [ 70.651322][ T5324] ? rcu_is_watching+0x15/0xb0 [ 70.651335][ T5324] ? rcu_is_watching+0x15/0xb0 [ 70.651341][ T5324] ? __secure_computing+0xe2/0x2a0 [ 70.651352][ T5324] __x64_sys_bpf+0x7c/0x90 [ 70.651359][ T5324] do_syscall_64+0xf6/0x210 [ 70.651368][ T5324] ? clear_bhb_loop+0x45/0xa0 [ 70.651376][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.651383][ T5324] RIP: 0033:0x7f923758e969 [ 70.651391][ T5324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.651397][ T5324] RSP: 002b:00007f92339f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 70.651405][ T5324] RAX: ffffffffffffffda RBX: 00007f92377b5fa0 RCX: 00007f923758e969 [ 70.651410][ T5324] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 70.651415][ T5324] RBP: 00007f9237610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 70.651419][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.651423][ T5324] R13: 0000000000000000 R14: 00007f92377b5fa0 R15: 00007ffc9aa4c318 [ 70.651432][ T5324] [ 70.651435][ T5324] [ 70.788996][ T5324] The buggy address belongs to the virtual mapping at [ 70.788996][ T5324] [ffffc9000d641000, ffffc9000d663000) created by: [ 70.788996][ T5324] kvrealloc_noprof+0x82/0xe0 [ 70.795514][ T5324] [ 70.796462][ T5324] The buggy address belongs to the physical page: [ 70.798801][ T5324] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x1d5a pfn:0x46d90 [ 70.802221][ T5324] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 70.804928][ T5324] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 70.808157][ T5324] raw: 0000000000001d5a 0000000000000000 00000001ffffffff 0000000000000000 [ 70.811508][ T5324] page dumped because: kasan: bad access detected [ 70.814039][ T5324] page_owner tracks the page as allocated [ 70.816137][ T5324] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 5324, tgid 5323 (syz.0.0), ts 70639219856, free_ts 70616096183 [ 70.822389][ T5324] post_alloc_hook+0x1d8/0x230 [ 70.824260][ T5324] get_page_from_freelist+0x21ce/0x22b0 [ 70.826394][ T5324] __alloc_pages_slowpath+0x2fe/0xcc0 [ 70.828471][ T5324] __alloc_frozen_pages_noprof+0x319/0x370 [ 70.830743][ T5324] alloc_pages_mpol+0x232/0x4a0 [ 70.832632][ T5324] alloc_pages_noprof+0xa9/0x190 [ 70.834616][ T5324] __vmalloc_node_range_noprof+0x8fe/0x12c0 [ 70.836962][ T5324] __kvmalloc_node_noprof+0x3a0/0x5e0 [ 70.839077][ T5324] kvrealloc_noprof+0x82/0xe0 [ 70.840719][ T5324] push_insn_history+0x184/0x650 [ 70.842664][ T5324] do_check+0x597/0xd630 [ 70.844307][ T5324] do_check_common+0x168d/0x20b0 [ 70.846229][ T5324] bpf_check+0x13679/0x19a70 [ 70.848132][ T5324] bpf_prog_load+0x1318/0x1930 [ 70.850138][ T5324] __sys_bpf+0x5f1/0x860 [ 70.851796][ T5324] __x64_sys_bpf+0x7c/0x90 [ 70.853772][ T5324] page last free pid 5324 tgid 5323 stack trace: [ 70.856041][ T5324] free_unref_folios+0xb81/0x14a0 [ 70.857753][ T5324] shrink_folio_list+0x3053/0x4e90 [ 70.859687][ T5324] evict_folios+0x417b/0x5110 [ 70.861351][ T5324] try_to_shrink_lruvec+0x705/0x990 [ 70.863353][ T5324] shrink_one+0x21b/0x7c0 [ 70.865042][ T5324] shrink_node+0x3139/0x3750 [ 70.866830][ T5324] do_try_to_free_pages+0x668/0x1960 [ 70.868807][ T5324] try_to_free_pages+0x8a2/0xdd0 [ 70.870697][ T5324] __alloc_pages_direct_reclaim+0x144/0x300 [ 70.872933][ T5324] __alloc_pages_slowpath+0x5d6/0xcc0 [ 70.874900][ T5324] __alloc_frozen_pages_noprof+0x319/0x370 [ 70.877054][ T5324] alloc_pages_mpol+0x232/0x4a0 [ 70.878865][ T5324] allocate_slab+0xe2/0x3b0 [ 70.880693][ T5324] ___slab_alloc+0xbfc/0x1480 [ 70.882501][ T5324] __kmalloc_node_track_caller_noprof+0x2f8/0x4e0 [ 70.885005][ T5324] krealloc_noprof+0x122/0x330 [ 70.886849][ T5324] [ 70.887699][ T5324] Memory state around the buggy address: [ 70.890048][ T5324] ffffc9000d660f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 70.893176][ T5324] ffffc9000d660f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 70.896158][ T5324] >ffffc9000d661000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 70.899319][ T5324] ^ [ 70.901328][ T5324] ffffc9000d661080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 70.904406][ T5324] ffffc9000d661100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 70.907442][ T5324] ================================================================== [ 70.913401][ T5324] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 70.916928][ T5324] CPU: 0 UID: 0 PID: 5324 Comm: syz.0.0 Not tainted 6.15.0-rc3-syzkaller-00076-ge72e9e693307 #0 PREEMPT(full) [ 70.921516][ T5324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.925735][ T5324] Call Trace: [ 70.927089][ T5324] [ 70.928325][ T5324] dump_stack_lvl+0x99/0x250 [ 70.930257][ T5324] ? __asan_memcpy+0x40/0x70 [ 70.931979][ T5324] ? __pfx_dump_stack_lvl+0x10/0x10 [ 70.933984][ T5324] ? __pfx__printk+0x10/0x10 [ 70.935920][ T5324] panic+0x2db/0x790 [ 70.937591][ T5324] ? __pfx_panic+0x10/0x10 [ 70.939365][ T5324] ? _raw_spin_unlock_irqrestore+0xa8/0x110 [ 70.941709][ T5324] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 70.944055][ T5324] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 70.946431][ T5324] ? print_memory_metadata+0x314/0x400 [ 70.948731][ T5324] ? vrealloc_noprof+0x396/0x430 [ 70.950694][ T5324] check_panic_on_warn+0x89/0xb0 [ 70.952499][ T5324] ? vrealloc_noprof+0x396/0x430 [ 70.954454][ T5324] end_report+0x78/0x160 [ 70.956104][ T5324] kasan_report+0x129/0x150 [ 70.957967][ T5324] ? vrealloc_noprof+0x396/0x430 [ 70.959780][ T5324] kasan_check_range+0x29a/0x2b0 [ 70.961761][ T5324] __asan_memset+0x22/0x50 [ 70.964147][ T5324] vrealloc_noprof+0x396/0x430 [ 70.966753][ T5324] push_insn_history+0x184/0x650 [ 70.969036][ T5324] do_check+0x597/0xd630 [ 70.970825][ T5324] ? __pfx_do_check+0x10/0x10 [ 70.972699][ T5324] ? __asan_memset+0x22/0x50 [ 70.974531][ T5324] ? init_func_state+0x1ddf/0x2d20 [ 70.976600][ T5324] do_check_common+0x168d/0x20b0 [ 70.978563][ T5324] bpf_check+0x13679/0x19a70 [ 70.980504][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.982425][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.984368][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.986244][ T5324] ? do_raw_spin_lock+0x121/0x290 [ 70.988296][ T5324] ? __pfx_bpf_check+0x10/0x10 [ 70.990379][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.992295][ T5324] ? cgroup_rstat_updated+0x144/0xb50 [ 70.994416][ T5324] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 70.996603][ T5324] ? __lock_acquire+0xaac/0xd20 [ 70.998541][ T5324] ? __lock_acquire+0xaac/0xd20 [ 71.000494][ T5324] ? ktime_get_with_offset+0x8c/0x2a0 [ 71.002400][ T5324] ? seqcount_lockdep_reader_access+0x123/0x1c0 [ 71.004604][ T5324] ? lockdep_hardirqs_on+0x9c/0x150 [ 71.006529][ T5324] ? ktime_get_with_offset+0x8c/0x2a0 [ 71.008688][ T5324] ? seqcount_lockdep_reader_access+0x175/0x1c0 [ 71.011224][ T5324] ? __pfx_seqcount_lockdep_reader_access+0x10/0x10 [ 71.013735][ T5324] ? bpf_obj_name_cpy+0x194/0x1e0 [ 71.015703][ T5324] ? bpf_lsm_bpf_prog_load+0x9/0x20 [ 71.017814][ T5324] ? security_bpf_prog_load+0x7f/0x310 [ 71.019965][ T5324] bpf_prog_load+0x1318/0x1930 [ 71.021899][ T5324] ? __pfx_bpf_prog_load+0x10/0x10 [ 71.023876][ T5324] ? bpf_lsm_bpf+0x9/0x20 [ 71.025420][ T5324] ? security_bpf+0x7e/0x300 [ 71.027036][ T5324] __sys_bpf+0x5f1/0x860 [ 71.028555][ T5324] ? __pfx___sys_bpf+0x10/0x10 [ 71.030328][ T5324] ? rcu_is_watching+0x15/0xb0 [ 71.032099][ T5324] ? rcu_is_watching+0x15/0xb0 [ 71.034028][ T5324] ? __secure_computing+0xe2/0x2a0 [ 71.036029][ T5324] __x64_sys_bpf+0x7c/0x90 [ 71.037831][ T5324] do_syscall_64+0xf6/0x210 [ 71.039686][ T5324] ? clear_bhb_loop+0x45/0xa0 [ 71.041580][ T5324] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.043971][ T5324] RIP: 0033:0x7f923758e969 [ 71.045742][ T5324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.053972][ T5324] RSP: 002b:00007f92339f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 71.057633][ T5324] RAX: ffffffffffffffda RBX: 00007f92377b5fa0 RCX: 00007f923758e969 [ 71.061041][ T5324] RDX: 0000000000000048 RSI: 00002000000017c0 RDI: 0000000000000005 [ 71.064211][ T5324] RBP: 00007f9237610ab1 R08: 0000000000000000 R09: 0000000000000000 [ 71.067179][ T5324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 71.070019][ T5324] R13: 0000000000000000 R14: 00007f92377b5fa0 R15: 00007ffc9aa4c318 [ 71.072953][ T5324] [ 71.074410][ T5324] Kernel Offset: disabled [ 71.076039][ T5324] Rebooting in 86400 seconds..