last executing test programs: 6m10.912614727s ago: executing program 0 (id=96): r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0) r1 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f00000000c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r1, 0x47f9, 0x0, 0x0, 0x0, 0x0) r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) writev(r4, &(0x7f0000000300)=[{0x0}, {&(0x7f0000000280)="d7", 0x1}], 0x2) syz_usb_disconnect(r0) 6m9.363451161s ago: executing program 0 (id=108): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0xc, 0x12, r0, 0x0) r1 = accept4(r0, 0x0, 0x0, 0x0) r2 = dup(r1) read$FUSE(r2, &(0x7f0000001e00)={0x2020}, 0x2020) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) 6m9.21577846s ago: executing program 0 (id=109): socket$nl_generic(0x10, 0x3, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=0x0, &(0x7f0000000640)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x5, 0x0, 0x4}]}, 0x8) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc}) io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0) 6m9.156644337s ago: executing program 0 (id=110): mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000180)='./file1\x00') r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, r0) setpgid(0x0, r0) openat$dir(0xffffff9c, &(0x7f0000000000)='./file0\x00', 0x1010f6, 0x1) 6m9.069457137s ago: executing program 0 (id=111): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c) mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00'}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 6m8.770826939s ago: executing program 0 (id=114): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88) r0 = open(&(0x7f0000000540)='.\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f0000000180)='./file0\x00', r1, &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', r1, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) renameat2(r2, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000300)='./file1\x00', 0x2) 6m8.658807995s ago: executing program 32 (id=114): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88) r0 = open(&(0x7f0000000540)='.\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f0000000180)='./file0\x00', r1, &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4) renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', r1, &(0x7f00000003c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) renameat2(r2, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000300)='./file1\x00', 0x2) 6m8.566256117s ago: executing program 2 (id=119): r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4) connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10) setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4) setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @sack_perm, @window={0x3, 0x9, 0x2}, @mss={0x2, 0x400}, @mss={0x2, 0xcb2}, @mss={0x2, 0x3}, @timestamp, @sack_perm], 0x26) setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4) sendto$inet(r0, &(0x7f0000000200)="184cbb4872cd7c19f8eabb1e8b1925204fda59f540e5c81f769b094a63077cc251012d314d2342669e45d8714c5d0ac8b61296ccd48a720e0dcf762194d296e2c659010071ce5b55e8c960e2f05345f074d75fdc5b99f965", 0x58, 0x410c1, 0x0, 0x0) 6m8.493533176s ago: executing program 2 (id=121): r0 = socket(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0xfffffffe, 0x8}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=@newtfilter={0x68, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xfff1, 0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x38, 0x2, [@TCA_CGROUP_ACT={0x34}]}}]}, 0x68}}, 0x0) 6m8.437438857s ago: executing program 2 (id=122): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x0, 0x0, @ioapic={0x10000, 0x1be, 0x85, 0xfffffbc5, 0x0, [{0x6c, 0x4, 0x9, '\x00', 0x12}, {0x7, 0x8, 0x6f, '\x00', 0x3}, {0x0, 0x41, 0x5, '\x00', 0x5}, {0x81, 0x3, 0x8, '\x00', 0x9}, {0x8, 0x50, 0x4, '\x00', 0x49}, {0xf3, 0xf, 0x2, '\x00', 0x7}, {0x6, 0xf4, 0x1, '\x00', 0x8}, {0xa, 0x47, 0xb, '\x00', 0x45}, {0x7, 0xd, 0xfe, '\x00', 0xff}, {0x6, 0x3, 0x0, '\x00', 0x6}, {0x38, 0x11, 0x2}, {0x56, 0x4, 0x1}, {0x3, 0x6, 0x10, '\x00', 0x5}, {0x5, 0x4f, 0x2, '\x00', 0x2}, {0x4, 0x4, 0x1, '\x00', 0x9}, {0x0, 0x2, 0xf2, '\x00', 0x7f}, {0x8, 0x7, 0xd5, '\x00', 0x99}, {0xd, 0x3, 0x2, '\x00', 0xff}, {0xa, 0x9e, 0xc0, '\x00', 0x2}, {0x2, 0x3f, 0xd}, {0x7, 0x21, 0x23, '\x00', 0x1}, {0x5, 0x0, 0xff, '\x00', 0xf}, {0x93, 0x1, 0x4, '\x00', 0xe6}, {0x3, 0x4, 0xa, '\x00', 0x54}]}}) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000100)={0x2, 0x0, @pic={0x0, 0x7, 0x5, 0xd3, 0x0, 0x3, 0x4, 0xbb, 0x6d, 0xc0, 0x6d, 0x7, 0x61, 0xb, 0x95, 0xd}}) ioctl$KVM_GET_MP_STATE(r2, 0x8004ae98, &(0x7f0000000340)) 6m8.245024192s ago: executing program 2 (id=126): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) close(r0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x9}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_MSG_GETSETELEM(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="40000000210a018800000000000000000a0000010900020073797a31000000000900010073797a310000000014000380100000800c000180060001"], 0x40}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000) 6m8.154503558s ago: executing program 2 (id=127): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101) mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdir(&(0x7f00000003c0)='./file0\x00', 0x12c) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0) 6m8.086705298s ago: executing program 2 (id=129): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x303}, "3d186e85f3a07d09", "a373047e6878fdb57fc2596912f8bdfd", "27edd157", "3684fa3381fd0182"}, 0x28) writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) close(r0) 5m53.036254507s ago: executing program 33 (id=129): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x303}, "3d186e85f3a07d09", "a373047e6878fdb57fc2596912f8bdfd", "27edd157", "3684fa3381fd0182"}, 0x28) writev(r0, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1) close(r0) 9.859560167s ago: executing program 1 (id=2927): r0 = socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) sendmsg$key(r3, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@mcast1, 0x4e20, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0xfffffffffffffffe}, {0x0, 0x0, 0xfffffffffffffffc, 0xff}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x2, 0x0, 0xb7, 0xfffffffe, 0xffffff7e}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c) 7.030792645s ago: executing program 1 (id=2940): syz_io_uring_setup(0x10d, &(0x7f0000000500)={0x0, 0x6ebb, 0x0, 0x1, 0xfffffffe}, &(0x7f00000000c0)=0x0, &(0x7f0000000280)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x11c, &(0x7f0000000000)=0xfffffffd, 0x0, 0x4) syz_init_net_socket$ax25(0x3, 0x2, 0xc4) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64-generic\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000180)={0x28, 0x4, 0x0, {0x3, 0x5}}, 0x28) r2 = socket(0x10, 0x803, 0x0) recvmmsg(r2, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000006800e97800000000000000000a0000000000000008000500", @ANYRES8=r3], 0x20}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000030000000008001e0001"], 0x24}}, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0x437, 0x3, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE6={0x14, 0x7, @private0}]}}}]}, 0x48}}, 0x0) 6.873093387s ago: executing program 1 (id=2944): socket$inet_udp(0x2, 0x2, 0x0) ioctl$TCSETAW(0xffffffffffffffff, 0x5435, 0x0) syz_usb_connect(0x0, 0x2d, 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = socket$kcm(0x29, 0x2, 0x0) r3 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0) pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0) sendfile(r2, r3, 0x0, 0x8000fb00) 5.92139716s ago: executing program 5 (id=2938): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x48}}, 0x0) 4.933623477s ago: executing program 5 (id=2941): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x30, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}}, 0x0) syz_80211_inject_frame(&(0x7f00000002c0)=@device_b, 0x0, 0x57) nanosleep(0x0, 0x0) syz_80211_inject_frame(0x0, &(0x7f0000000400)=@mgmt_frame=@auth={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x1}}, 0x0, 0x2, 0x0, @void}, 0x1e) syz_80211_inject_frame(0x0, 0x0, 0x20) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) 4.324055471s ago: executing program 3 (id=2943): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc}) socket$inet_sctp(0x2, 0x1, 0x84) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) 4.321454522s ago: executing program 4 (id=2952): openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1a, &(0x7f00000006c0)=0x80, 0x4) sendmmsg(0xffffffffffffffff, &(0x7f0000002e00)=[{{&(0x7f0000001580)=@in={0x2, 0x4e20, @private=0xa010101}, 0x80, 0x0}}], 0x1, 0x44800) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x2, 0x0) read(r1, &(0x7f0000000080)=""/1, 0x1) r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x1, 0x0) r4 = openat$cgroup_subtree(r3, &(0x7f00000000c0), 0x2, 0x0) write$cgroup_subtree(r4, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5) read$FUSE(r1, &(0x7f0000000340)={0x2020}, 0x2020) 4.320176123s ago: executing program 5 (id=2945): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x10001, 0xfffffe0000000005, 0xfa11, 0xffffffff}, 0x0) semget$private(0x0, 0x4000, 0x0) setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x16, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f0000000100), 0xfffffd9d) r3 = socket(0x1e, 0x4, 0x0) connect$tipc(r3, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10) sendfile(r3, r2, 0x0, 0x8010002b) 4.176524088s ago: executing program 4 (id=2946): syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, 0x0, 0x0) pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) splice(r1, 0x0, r0, 0x0, 0x10000008ebc, 0x0) r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r2) openat$kvm(0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r2, 0x0, 0x0) ptrace$getregset(0x4204, r2, 0x2, 0x0) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x9, 0x4, 0x6, 0xfffa}, 0x1d, [0x1, 0xc95a, 0xfffffff3, 0x9, 0x80, 0x2, 0x3, 0x7f, 0x6, 0x4d, 0x39cc191a, 0x5c, 0x9, 0x3, 0x2, 0x0, 0x6, 0x3, 0x0, 0x2ab, 0x4, 0x7, 0x4, 0x3c5b, 0x1, 0x1ff, 0x9, 0x1, 0x1f461e2c, 0x7, 0xe661, 0x7fff, 0xb, 0x3, 0x7fff, 0x4c74, 0x80000000, 0x800242, 0xffffffff, 0xa, 0x0, 0x71, 0x2, 0x6, 0x3, 0x2, 0x1, 0x3e, 0x8f, 0x6, 0x6, 0x3, 0x80092a3, 0x3, 0x1, 0x20000000, 0x82, 0x0, 0x7, 0x7, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x6, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf9, 0xd, 0x2bf, 0x5, 0x1000, 0xfffffffc, 0x0, 0x0, 0x7, 0x5, 0x2f, 0xe, 0x312, 0x1, 0x0, 0x0, 0x8, 0x4, 0x8000, 0x9, 0x3fe, 0x401, 0xfff, 0x4, 0xfb, 0x5, 0x8000, 0x5f31, 0x4, 0x1, 0x2, 0x2, 0xa0009, 0x4, 0x9, 0x8, 0x9, 0x6, 0xb, 0xa, 0x1, 0x9, 0x9, 0x2, 0x7f, 0x9, 0x1, 0x3, 0x9, 0xffffffff, 0x7, 0x3, 0xb, 0x48c93690, 0x42, 0x400004], [0x6, 0x6, 0x80000001, 0x2, 0xff, 0x101, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x1, 0xb, 0x4, 0x5, 0x1005, 0x0, 0x200001f0, 0xfffffffd, 0x2, 0x86, 0x1, 0x9, 0x3e7, 0x9, 0x5, 0x2, 0x2, 0x800, 0x8, 0x5, 0x8001, 0x4, 0x38, 0x800003, 0x200, 0x80, 0x2, 0xcc52, 0x950bfaf, 0x1000, 0xa2, 0x5, 0x53cf697b, 0xfffffff9, 0x6, 0xac8, 0xbf, 0x10002, 0x403, 0x7ff, 0x3, 0x0, 0x1, 0xffff, 0x0, 0x6, 0x1c, 0x120000, 0x3, 0x6, 0xaaed, 0x4, 0xff], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x1, 0x6, 0x5, 0x0, 0x3, 0x80ce7, 0x1ff, 0x3, 0x7, 0x5, 0x1003, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xe620, 0x2, 0x2, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x4, 0xffffffff, 0x80000000, 0x5, 0x8, 0xc8, 0xee1, 0x0, 0xffff, 0x3, 0x7f, 0x100, 0x9602, 0x4, 0x2, 0xffff, 0x6, 0x1, 0x10080, 0x6, 0x8, 0x30b1d693, 0x5a2b, 0xc, 0x7, 0x1, 0x6c18, 0x0, 0x4, 0x5, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) 3.95513947s ago: executing program 3 (id=2947): pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) write$P9_RGETLOCK(r0, &(0x7f0000000640)=ANY=[], 0x200002e6) fcntl$setpipe(r0, 0x407, 0x7000000) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0xf2de1000) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) setrlimit(0x9, &(0x7f0000000080)={0x8606, 0xffff}) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x80002, 0x0) io_setup(0x8f0, &(0x7f0000002400)) 3.949812491s ago: executing program 4 (id=2956): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1}, 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r1 = socket(0x1d, 0x2, 0x6) r2 = syz_open_dev$vbi(&(0x7f00000001c0), 0x0, 0x2) ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f0000000100)=0x3) ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r2, 0xc0845657, &(0x7f0000000200)={0x0, @bt={0xa8f, 0x86c, 0x1, 0x1, 0xd59f80, 0x19f2, 0x3f, 0x19ef, 0x3, 0x8, 0x2800, 0x6, 0x2, 0xba2, 0xc, 0x30, {0x8, 0xffffffff}, 0xd0, 0x9}}) sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0) bind$inet(r1, &(0x7f00000000c0)={0x1d, 0x4e20, @loopback}, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x800000, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e"]) r3 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1) writev(r3, &(0x7f0000000680)=[{&(0x7f0000000040)="646a53e446de86a03ca53401a666039a19210b0c7c", 0x15}], 0x1) mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x60000000000000, 0x28011, r0, 0x0) 3.922265798s ago: executing program 4 (id=2948): socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000600)={0x0, @in6={{0xa, 0x4e24, 0x9, @mcast2, 0xcf27}}, 0x10001, 0x2, 0x7, 0x9, 0x80, 0x1, 0x6}, 0x9c) r0 = socket$nl_route(0x10, 0x3, 0x0) unshare(0x6a040000) readahead(0xffffffffffffffff, 0x2a91, 0x7ff) ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60) socket$inet_smc(0x2b, 0x1, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x20040844) getpgid(0x0) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010103}]}, &(0x7f0000000380)=0x10) syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000000), 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000140)={r2, 0xfffffffd}, &(0x7f00000000c0)=0x8) 3.556987676s ago: executing program 3 (id=2949): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4f22}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x10, 0x4, 0x4, 0x2}, 0x50) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r3, 0x2000012, 0xe, 0x0, &(0x7f0000000280)="63ec33c9e9b98600000000000000", 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50) 3.33109581s ago: executing program 5 (id=2950): r0 = socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = socket$key(0xf, 0x3, 0x2) setsockopt(0xffffffffffffffff, 0x84, 0x81, 0x0, 0x0) socket$inet_sctp(0x2, 0x1, 0x84) sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0) sendmsg$key(r3, 0x0, 0x0) bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16) connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast2}, 0x10) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in=@multicast2, @in6=@mcast1, 0x4e20, 0x4, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0xfffffffffffffffe}, {0x0, 0x0, 0xfffffffffffffffc, 0xff}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x3c}, 0x0, 0x32}, 0x0, @in=@private=0xa010100, 0x0, 0x2, 0x0, 0xb7, 0xfffffffe, 0xffffff7e}}, 0xe8) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x1c) 3.32527661s ago: executing program 1 (id=2960): sendmsg$unix(0xffffffffffffffff, 0x0, 0x240408c1) r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000080), 0xc) getsockopt$sock_buf(r0, 0x1, 0x1c, 0x0, &(0x7f0000000040)) unshare(0x68040200) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0x1}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000000000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r3, 0x8100, 0xe, 0x0, &(0x7f00000002c0)="c8e8a1aee95e10e19e00399da26f", 0x0, 0xadf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000080)={'filter\x00', 0x0, [0x5, 0xef, 0x20000004, 0x3, 0x6]}, &(0x7f0000000040)=0x54) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000100)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x64) r4 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8) ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000180)=0x0) sendmsg$kcm(r4, &(0x7f0000000380)={&(0x7f00000001c0)=@nfc={0x27, r5, 0xffffffffffffffff, 0x5}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000240)="078085af4e660703e129277a8c5ffa08f1b37499e9d1839fd04072d6631a9e0e610173feab9020d016e0d38f2c411e36393fee830936bf96ce82c698b521dc04f7bfe0dae5393736410f9c1c259ee01970f0a116dc320b3f8bc3e5ac97b4d2aa8ce6f2c558860b2d3e453024f883b37c9d58a46efb7b918e84d3608b545ccaaf505abc5b9f2381614425c925923e8149210ed2cf4ed9ed45db4d1fa33d34abf6fc8c0646457108e41559535f1439914fb61088637b2054a54cf5f860ef4a396a66bb37e982401f0f3193b2", 0xcb}], 0x1}, 0x20008040) 2.918366632s ago: executing program 4 (id=2951): socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x6) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000180)={0x48, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x48}}, 0x0) 2.902383421s ago: executing program 1 (id=2962): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xb1, &(0x7f0000000140)=""/177, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x2, &(0x7f0000000240)=0x1000, 0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6c, 0x6, 0x0, 0xfffffffc}, {0x6, 0x0, 0x0, 0x7fff7ffc}]}) ioprio_get$pid(0x2, r1) 1.829622119s ago: executing program 3 (id=2953): sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) finit_module(0xffffffffffffffff, 0x0, 0x0) capset(0x0, 0x0) r0 = socket$tipc(0x1e, 0x5, 0x0) setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000080)=0x6, 0x4) setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10) setsockopt$TIPC_GROUP_LEAVE(r0, 0x10f, 0x88) sendmsg$tipc(r0, &(0x7f0000000c80)={&(0x7f0000000980)=@id, 0x10, 0x0}, 0x0) connect$tipc(r0, &(0x7f00000000c0)=@name, 0x10) 1.765427426s ago: executing program 5 (id=2954): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20040844) sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000000200), 0x0, 0x4000050, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r2, &(0x7f00000004c0), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r2, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) cachestat(r2, &(0x7f0000000040), &(0x7f000009de80), 0x0) 1.335625935s ago: executing program 3 (id=2955): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f0000000300)=@abs={0x0, 0x0, 0x3}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xfffffffc, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0) ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, 0x0) io_setup(0x3ff, 0x0) io_submit(0x0, 0x0, &(0x7f0000000300)) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc00c5512, 0x0) openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000003fc0), 0x20000, 0x0) ioctl$SOUND_MIXER_READ_DEVMASK(r2, 0xc0044dff, &(0x7f0000004000)) 15.058689ms ago: executing program 1 (id=2957): socketpair$unix(0x1, 0x3, 0x0, 0x0) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000002c0), 0x80, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc}) socket$inet_sctp(0x2, 0x1, 0x84) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff) 14.886749ms ago: executing program 5 (id=2958): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x11) ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0x40045304, &(0x7f0000000540)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x116}) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 1.368648ms ago: executing program 4 (id=2967): syz_open_dev$vbi(0x0, 0x1, 0x2) socket$packet(0x11, 0x2, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x3, @pix={0x434c, 0x8, 0x584e4f53, 0x4, 0xc, 0x7, 0x0, 0x40000005, 0x1, 0x4, 0x2, 0x7}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1) sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10) sendmsg$tipc(r3, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x10) 0s ago: executing program 3 (id=2968): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket$unix(0x1, 0x1, 0x0) r2 = socket$kcm(0x11, 0x3, 0x0) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r3) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x4e, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0xa30e, 0x1, 0xfffffffa}}}}]}, 0x44}}, 0x0) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x5, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x88c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r9, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x85c, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x18d0b}, @TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x2, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0xd05, 0x7a, 0x11dc294f, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0xc33, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0x0, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0x8, 0x3, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x9, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0x1, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x20000000, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x7, 0x2, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x9, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xce3a, 0x2, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x0, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0x4b, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e7, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x1, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x10, 0x3, 0x3, 0xbd, 0x4, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0xe4, 0xbcba, 0x80, 0x8, 0xc6, 0x9, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x80, 0x3, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0x73da, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}, @TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$kcm(r2, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x7, r10, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)='\'', 0x1}], 0x1}, 0x4) kernel console output (not intermixed with test programs): vsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 20004 - 0 [ 268.275925][ T1183] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 20004 - 0 [ 268.283026][ T1183] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 20004 - 0 [ 269.169705][ T40] kauditd_printk_skb: 64 callbacks suppressed [ 269.169717][ T40] audit: type=1326 audit(1770676600.426:1048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf748d598 code=0x7ffc0000 [ 269.185002][T12407] netlink: 'syz.3.2143': attribute type 1 has an invalid length. [ 269.204389][ T40] audit: type=1326 audit(1770676600.436:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf748d598 code=0x7ffc0000 [ 269.223411][ T40] audit: type=1326 audit(1770676600.436:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.232236][ T40] audit: type=1326 audit(1770676600.436:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.232392][T12407] 8021q: adding VLAN 0 to HW filter on device bond8 [ 269.240968][ T40] audit: type=1326 audit(1770676600.436:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.255152][ T40] audit: type=1326 audit(1770676600.436:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.263485][ T40] audit: type=1326 audit(1770676600.436:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.271936][ T40] audit: type=1326 audit(1770676600.436:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf748d598 code=0x7ffc0000 [ 269.284369][ T40] audit: type=1326 audit(1770676600.436:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x7ffc0000 [ 269.288665][T12411] vlan3: entered promiscuous mode [ 269.292730][ T40] audit: type=1326 audit(1770676600.436:1057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12391 comm="syz.1.2135" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf748d598 code=0x7ffc0000 [ 269.306560][T12411] bond8: entered promiscuous mode [ 269.308682][T12411] vlan3: entered allmulticast mode [ 269.310731][T12411] bond8: entered allmulticast mode [ 269.415102][T12407] bond8: (slave bridge3): making interface the new active one [ 269.424267][T12407] bridge3: entered promiscuous mode [ 269.426033][T12407] bridge3: entered allmulticast mode [ 269.428283][T12407] bond8: (slave bridge3): Enslaving as an active interface with an up link [ 269.510565][T12424] netlink: 'syz.5.2146': attribute type 39 has an invalid length. [ 269.987171][T12451] 2: renamed from team_slave_1 [ 271.027315][T12466] netlink: 'syz.4.2158': attribute type 1 has an invalid length. [ 271.047915][T12466] 8021q: adding VLAN 0 to HW filter on device bond10 [ 271.111540][T12466] bond9: (slave dummy0): Releasing active interface [ 271.157121][T12466] bond10: (slave dummy0): making interface the new active one [ 271.165396][T12466] bond10: (slave dummy0): Enslaving as an active interface with an up link [ 271.588271][T12479] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2162'. [ 271.606255][T12479] 8021q: adding VLAN 0 to HW filter on device bond9 [ 271.624959][T12479] bond9: (slave dummy0): Enslaving as an active interface with an up link [ 272.980218][T12512] netlink: 'syz.1.2169': attribute type 1 has an invalid length. [ 273.000106][T12512] 8021q: adding VLAN 0 to HW filter on device bond7 [ 273.029691][T12512] bond6: (slave dummy0): Releasing backup interface [ 273.039679][T12512] bond7: (slave dummy0): making interface the new active one [ 273.043919][T12512] bond7: (slave dummy0): Enslaving as an active interface with an up link [ 273.098852][T12515] overlayfs: missing 'lowerdir' [ 273.653275][T12525] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2174'. [ 273.667006][T12525] 8021q: adding VLAN 0 to HW filter on device bond10 [ 273.686287][T12525] bond9: (slave dummy0): Releasing active interface [ 273.692995][T12525] bond10: (slave dummy0): Enslaving as an active interface with an up link [ 273.937143][T12536] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2181'. [ 274.162247][T12549] create_pit_timer: 5 callbacks suppressed [ 274.162264][T12549] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 274.299220][T12554] picdev_read: 77 callbacks suppressed [ 274.299233][T12554] kvm: pic: non byte read [ 274.311921][T12554] pic_ioport_write: 98 callbacks suppressed [ 274.311933][T12554] kvm: pic: level sensitive irq not supported [ 274.331004][T12554] kvm: pic: non byte read [ 274.338211][T12554] kvm: pic: non byte read [ 274.731709][T12557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2188'. [ 274.804125][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 274.811008][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 274.815081][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 274.818594][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 274.821824][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2189'. [ 274.900529][T12571] netlink: 'syz.4.2192': attribute type 1 has an invalid length. [ 274.922436][T12571] 8021q: adding VLAN 0 to HW filter on device bond11 [ 274.970613][T12571] bond11: (slave gretap1): making interface the new active one [ 274.975943][T12571] bond11: (slave gretap1): Enslaving as an active interface with an up link [ 276.922833][T12608] bond0: (slave wlan1): Releasing backup interface [ 278.704981][T12667] 9p: Bad value for 'version' [ 279.153549][T12678] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2224'. [ 279.580730][ T40] kauditd_printk_skb: 443 callbacks suppressed [ 279.580742][ T40] audit: type=1326 audit(1770676610.836:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2227" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf748d579 code=0x0 [ 280.988686][T12723] lo: Caught tx_queue_len zero misconfig [ 281.001157][T12723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2236'. [ 281.005204][T12723] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2236'. [ 282.441456][T12752] ip_vti0: left promiscuous mode [ 282.444895][T12752] bond3: left promiscuous mode [ 282.446649][T12752] bridge13: left promiscuous mode [ 282.448489][T12752] gretap1: left promiscuous mode [ 285.106295][T12794] netlink: 'syz.3.2257': attribute type 1 has an invalid length. [ 285.117807][T12794] 8021q: adding VLAN 0 to HW filter on device bond10 [ 285.228703][T12794] 8021q: adding VLAN 0 to HW filter on device bond10 [ 285.233526][T12794] bond10: (slave vxcan9): The slave device specified does not support setting the MAC address [ 285.246825][T12794] bond10: (slave vxcan9): Error -95 calling set_mac_address [ 285.277575][T12796] bond11: entered promiscuous mode [ 285.282274][T12796] 8021q: adding VLAN 0 to HW filter on device bond11 [ 285.287628][T12796] bond10: (slave bond11): Enslaving as an active interface with a down link [ 285.302465][T12799] macvlan2: entered promiscuous mode [ 285.307160][T12799] macvlan2: entered allmulticast mode [ 285.310257][T12799] bond10: entered promiscuous mode [ 285.314895][T12799] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 285.321180][T12803] netlink: 'syz.4.2259': attribute type 1 has an invalid length. [ 285.329913][T12799] bond10: left promiscuous mode [ 285.368059][T12803] 8021q: adding VLAN 0 to HW filter on device bond12 [ 285.416406][T12803] 8021q: adding VLAN 0 to HW filter on device bond12 [ 285.419060][T12803] bond12: (slave vxcan1): The slave device specified does not support setting the MAC address [ 285.422797][T12803] bond12: (slave vxcan1): Error -95 calling set_mac_address [ 285.456806][T12811] gretap2: entered promiscuous mode [ 285.459977][T12811] bond12: (slave gretap2): making interface the new active one [ 285.462612][T12811] bond12: (slave gretap2): Enslaving as an active interface with an up link [ 285.477736][T12811] macvlan2: entered promiscuous mode [ 285.479464][T12811] macvlan2: entered allmulticast mode [ 285.481516][T12811] bond12: entered promiscuous mode [ 285.484083][T12813] ptrace attach of "/syz-executor exec"[12817] was attempted by "/syz-executor exec"[12813] [ 285.504824][T12811] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 285.557113][T12811] bond12: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2 [ 285.585383][T12811] bond12: left promiscuous mode [ 286.109051][T12837] 9p: Bad value for 'rfdno' [ 286.792513][T12847] overlayfs: failed to clone upperpath [ 286.801944][T12847] overlayfs: failed to clone upperpath [ 288.379041][T12895] netlink: 'syz.3.2284': attribute type 1 has an invalid length. [ 288.395958][T12895] 8021q: adding VLAN 0 to HW filter on device bond12 [ 288.407876][T12895] syz_tun: left promiscuous mode [ 288.536947][T12895] bond5: left promiscuous mode [ 288.539124][T12895] bridge2: left promiscuous mode [ 288.540896][T12895] bond5: left allmulticast mode [ 288.542670][T12895] bridge2: left allmulticast mode [ 288.556677][T12895] geneve2: left promiscuous mode [ 288.558833][T12895] geneve2: left allmulticast mode [ 288.566891][T12895] vlan3: left promiscuous mode [ 288.569013][T12895] bond8: left promiscuous mode [ 288.571124][T12895] bridge3: left promiscuous mode [ 288.573596][T12895] vlan3: left allmulticast mode [ 288.576344][T12895] bond8: left allmulticast mode [ 288.578502][T12895] bridge3: left allmulticast mode [ 288.588668][T12895] bond11: left promiscuous mode [ 288.593131][ T1143] netdevsim netdevsim3 eth0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.597289][ T1143] netdevsim netdevsim3 eth1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.602338][ T1143] netdevsim netdevsim3 eth2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 288.614461][ T1143] netdevsim netdevsim3 eth3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.327229][T12959] overlayfs: failed to clone upperpath [ 291.043792][T12963] syz.3.2297 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 291.048656][T12963] CPU: 1 UID: 0 PID: 12963 Comm: syz.3.2297 Tainted: G L syzkaller #0 PREEMPT(full) [ 291.048685][T12963] Tainted: [L]=SOFTLOCKUP [ 291.048689][T12963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 291.048696][T12963] Call Trace: [ 291.048700][T12963] [ 291.048705][T12963] dump_stack_lvl+0x100/0x190 [ 291.048724][T12963] dump_header+0xfb/0x606 [ 291.048735][T12963] oom_kill_process.cold+0xd/0x321 [ 291.048748][T12963] out_of_memory+0x1256/0x14f0 [ 291.048764][T12963] ? __pfx_out_of_memory+0x10/0x10 [ 291.048782][T12963] __alloc_frozen_pages_noprof+0x1d30/0x2410 [ 291.048802][T12963] ? irqentry_exit+0x180/0x670 [ 291.048814][T12963] ? lockdep_hardirqs_on+0x78/0x100 [ 291.048826][T12963] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 291.048845][T12963] ? policy_nodemask+0x60/0x4f0 [ 291.048862][T12963] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 291.048874][T12963] ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80 [ 291.048890][T12963] ? policy_nodemask+0xed/0x4f0 [ 291.048906][T12963] alloc_pages_mpol+0x1fb/0x550 [ 291.048922][T12963] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 291.048941][T12963] alloc_pages_noprof+0x131/0x390 [ 291.048957][T12963] __vmalloc_node_range_noprof+0xa1d/0x1530 [ 291.048971][T12963] ? packet_set_ring+0xb14/0x1860 [ 291.048986][T12963] ? policy_nodemask+0xed/0x4f0 [ 291.049001][T12963] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 291.049012][T12963] ? alloc_pages_mpol+0x25a/0x550 [ 291.049027][T12963] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 291.049042][T12963] ? rcu_is_watching+0x12/0xc0 [ 291.049051][T12963] ? packet_set_ring+0xa57/0x1860 [ 291.049063][T12963] ? packet_set_ring+0xb14/0x1860 [ 291.049073][T12963] __vmalloc_node_noprof+0xad/0xf0 [ 291.049083][T12963] ? packet_set_ring+0xb14/0x1860 [ 291.049095][T12963] packet_set_ring+0xb14/0x1860 [ 291.049112][T12963] packet_setsockopt+0x11f8/0x3580 [ 291.049124][T12963] ? __pfx___might_resched+0x10/0x10 [ 291.049141][T12963] ? __lock_acquire+0x4a5/0x2630 [ 291.049156][T12963] ? __pfx_packet_setsockopt+0x10/0x10 [ 291.049168][T12963] ? aa_sk_perm+0x2de/0xb40 [ 291.049210][T12963] ? rcu_is_watching+0x12/0xc0 [ 291.049230][T12963] ? find_held_lock+0x2b/0x80 [ 291.049244][T12963] ? aa_sock_opt_perm+0xfe/0x1b0 [ 291.049257][T12963] ? __pfx_packet_setsockopt+0x10/0x10 [ 291.049270][T12963] do_sock_setsockopt+0xf3/0x1d0 [ 291.049284][T12963] __sys_setsockopt+0x119/0x190 [ 291.049301][T12963] __ia32_sys_setsockopt+0xbc/0x160 [ 291.049316][T12963] ? __do_fast_syscall_32+0x97/0x660 [ 291.049329][T12963] ? lockdep_hardirqs_on+0x78/0x100 [ 291.049341][T12963] __do_fast_syscall_32+0xde/0x660 [ 291.049356][T12963] do_fast_syscall_32+0x32/0x70 [ 291.049370][T12963] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 291.049383][T12963] RIP: 0023:0xf7fb7579 [ 291.049392][T12963] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 291.049402][T12963] RSP: 002b:00000000f543450c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 291.049413][T12963] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000107 [ 291.049420][T12963] RDX: 0000000000000005 RSI: 00000000800000c0 RDI: 000000000000001c [ 291.049426][T12963] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 291.049432][T12963] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 291.049438][T12963] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 291.049452][T12963] [ 291.049483][T12963] Mem-Info: [ 291.162939][T12963] active_anon:4681 inactive_anon:17792 isolated_anon:0 [ 291.162939][T12963] active_file:8452 inactive_file:12092 isolated_file:0 [ 291.162939][T12963] unevictable:1768 dirty:19 writeback:25 [ 291.162939][T12963] slab_reclaimable:6448 slab_unreclaimable:63458 [ 291.162939][T12963] mapped:26702 shmem:21271 pagetables:1335 [ 291.162939][T12963] sec_pagetables:318 bounce:0 [ 291.162939][T12963] kernel_misc_reclaimable:0 [ 291.162939][T12963] free:41159 free_pcp:293 free_cma:0 [ 291.177307][T12963] Node 0 active_anon:72kB inactive_anon:0kB active_file:8kB inactive_file:124kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:8kB writeback:0kB shmem:4344kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:9952kB pagetables:1600kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 291.186974][T12963] Node 0 DMA free:1496kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:124kB free_cma:0kB [ 291.196496][T12963] lowmem_reserve[]: 0 288 288 288 288 [ 291.198464][T12963] Node 0 DMA32 free:5712kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:0KB free_highatomic:0KB active_anon:36kB inactive_anon:76kB active_file:8kB inactive_file:104kB unevictable:3536kB writepending:8kB zspages:2140kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:1048kB local_pcp:956kB free_cma:0kB [ 291.208684][T12963] lowmem_reserve[]: 0 0 0 0 0 [ 291.210379][T12963] Node 0 DMA: 1*4kB (U) 0*8kB 1*16kB (U) 0*32kB 1*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1492kB [ 291.215372][T12963] Node 0 DMA32: 33*4kB (UME) 46*8kB (UME) 10*16kB (UM) 47*32kB (UME) 25*64kB (UME) 12*128kB (UME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5300kB [ 291.220695][T12963] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 291.223774][T12963] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 291.273634][T12963] 42984 total pagecache pages [ 291.275398][T12963] 1192 pages in swap cache [ 291.276890][T12963] Free swap = 98696kB [ 291.278253][T12963] Total swap = 124996kB [ 291.279603][T12963] 524155 pages RAM [ 291.280861][T12963] 0 pages HighMem/MovableOnly [ 291.282379][T12963] 209486 pages reserved [ 291.283728][T12963] 0 pages cma reserved [ 291.285109][T12963] Unreclaimable slab info: [ 291.286832][T12963] Name Used Total [ 291.288903][T12963] bio-184 4KB 4KB [ 291.290878][T12963] pid_3 31KB 31KB [ 291.292832][T12963] pid_2 113KB 141KB [ 291.294913][T12963] bio-472 15KB 15KB [ 291.296866][T12963] bio-536 15KB 15KB [ 291.298857][T12963] bio-552 15KB 15KB [ 291.300819][T12963] bio-584 15KB 15KB [ 291.302784][T12963] afs_inode_cache 30KB 30KB [ 291.304788][T12963] zspage-zswap1 129KB 129KB [ 291.306754][T12963] zs_handle-zswap1 158KB 164KB [ 291.308696][T12963] zswap_entry 426KB 474KB [ 291.310679][T12963] AF_VSOCK 122KB 122KB [ 291.312633][T12963] sw_flow_stats 4KB 4KB [ 291.314650][T12963] sw_flow 15KB 15KB [ 291.316622][T12963] batadv_tt_change_cache 16KB 16KB [ 291.318724][T12963] batadv_tl_cache 16KB 16KB [ 291.320693][T12963] ceph_osd_request 95KB 95KB [ 291.322633][T12963] ceph_msg 23KB 23KB [ 291.324629][T12963] IEEE-802.15.4-MAC 62KB 62KB [ 291.326592][T12963] p9_req_t 79KB 79KB [ 291.328528][T12963] INET_SMC 31KB 31KB [ 291.330509][T12963] SMC6 62KB 62KB [ 291.332442][T12963] SMC 125KB 125KB [ 291.334498][T12963] TIPC 123KB 123KB [ 291.336434][T12963] RDS 123KB 123KB [ 291.338385][T12963] rds_connection 15KB 15KB [ 291.340371][T12963] SCTPv6 120KB 120KB [ 291.342315][T12963] SCTP 122KB 122KB [ 291.344325][T12963] sctp_chunk 85KB 125KB [ 291.346280][T12963] sctp_bind_bucket 16KB 16KB [ 291.348242][T12963] PNPIPE 123KB 123KB [ 291.350239][T12963] PHONET 31KB 31KB [ 291.352208][T12963] L2TP/IPv6 95KB 95KB [ 291.354254][T12963] L2TP/IP 31KB 31KB [ 291.356187][T12963] KCM 93KB 93KB [ 291.358178][T12963] kcm_mux 47KB 47KB [ 291.360118][T12963] RXRPC 128KB 128KB [ 291.362094][T12963] rxrpc_call_jar 286KB 286KB [ 291.364042][T12963] can_receiver 11KB 11KB [ 291.366044][T12963] net_bridge_fdb_entry 23KB 23KB [ 291.368093][T12963] nf-frags 79KB 118KB [ 291.370079][T12963] MPTCPv6 125KB 125KB [ 291.372029][T12963] fib6_node 97KB 120KB [ 291.373991][T12963] ip6_dst_cache 140KB 203KB [ 291.376002][T12963] PINGv6 61KB 61KB [ 291.378013][T12963] RAWv6 216KB 216KB [ 291.379964][T12963] UDPLITEv6 122KB 122KB [ 291.381931][T12963] UDPv6 376KB 673KB [ 291.383912][T12963] tw_sock_TCPv6 15KB 15KB [ 291.386157][T12963] TCPv6 483KB 626KB [ 291.388107][T12963] nf_conntrack 86KB 126KB [ 291.390132][T12963] wg_peer 148KB 148KB [ 291.392083][T12963] allowedips_node 19KB 19KB [ 291.394086][T12963] t10_alua_lu_gp_cache 7KB 7KB [ 291.396232][T12963] scsi_sense_cache 48KB 48KB [ 291.398358][T12963] virtio_scsi_cmd 16KB 16KB [ 291.400307][T12963] bio-136 66KB 92KB [ 291.402257][T12963] io_kiocb 7187KB 7210KB [ 291.404402][T12963] bio-264 7KB 7KB [ 291.406512][T12963] mqueue_inode_cache 121KB 121KB [ 291.408561][T12963] f2fs_bio_post_read_ctx 23KB 23KB [ 291.410766][T12963] jfs_mp 7KB 7KB [ 291.412667][T12963] orangefs_op_cache 17KB 17KB [ 291.414603][T12963] fuse_request 79KB 118KB [ 291.416494][T12963] cifs_small_rq 16KB 16KB [ 291.418389][T12963] cifs_request 67KB 67KB [ 291.420333][T12963] cifs_mpx_ids 7KB 7KB [ 291.422295][T12963] cifs_io_subrequest 39KB 39KB [ 291.424420][T12963] cifs_io_request 95KB 95KB [ 291.426447][T12963] nfs_commit_data 15KB 15KB [ 291.428384][T12963] nfs_write_data 63KB 63KB [ 291.430384][T12963] jbd2_inode 7KB 7KB [ 291.432388][T12963] ext4_system_zone 3KB 3KB [ 291.434446][T12963] ext4_io_end_vec 15KB 15KB [ 291.436375][T12963] kioctx 127KB 127KB [ 291.438342][T12963] aio_kiocb 31KB 31KB [ 291.440306][T12963] userfaultfd_ctx_cache 63KB 63KB [ 291.442357][T12963] fanotify_path_event 3KB 3KB [ 291.444524][T12963] fanotify_fid_event 11KB 11KB [ 291.446513][T12963] fanotify_mark 15KB 15KB [ 291.448493][T12963] dnotify_mark 7KB 7KB [ 291.450476][T12963] dnotify_struct 7KB 7KB [ 291.452440][T12963] fasync_cache 15KB 15KB [ 291.454466][T12963] pid_namespace 61KB 61KB [ 291.456401][T12963] kvm_gmem_inode_cache 31KB 31KB [ 291.458487][T12963] kvm_async_pf 3KB 3KB [ 291.460455][T12963] kvm_vcpu 123KB 123KB [ 291.462444][T12963] kvm_mmu_page_header 112KB 131KB [ 291.464531][T12963] pte_list_desc 114KB 114KB [ 291.466553][T12963] x86_emulator 126KB 126KB [ 291.468502][T12963] rpc_buffers 31KB 31KB [ 291.470574][T12963] rpc_tasks 7KB 7KB [ 291.472523][T12963] UNIX-STREAM 336KB 336KB [ 291.474668][T12963] UNIX 503KB 765KB [ 291.476624][T12963] ip4-frags 23KB 23KB [ 291.478634][T12963] mfc_cache 4KB 4KB [ 291.480614][T12963] UDP-Lite 123KB 123KB [ 291.482561][T12963] MPTCP 120KB 120KB [ 291.485921][T12963] request_sock_subflow_v4 7KB 7KB [ 291.488030][T12963] tcp_bind2_bucket 16KB 16KB [ 291.490051][T12963] tcp_bind_bucket 16KB 16KB [ 291.492008][T12963] inet_peer 8KB 8KB [ 291.493965][T12963] xfrm_dst 102KB 141KB [ 291.496042][T12963] xfrm_state 496KB 669KB [ 291.498070][T12963] ip_fib_trie 32KB 32KB [ 291.500041][T12963] ip_fib_alias 47KB 90KB [ 291.501998][T12963] rtable 309KB 312KB [ 291.503973][T12963] PING 63KB 63KB [ 291.506056][T12963] RAW 159KB 159KB [ 291.508298][T12963] UDP 154KB 154KB [ 291.510276][T12963] tw_sock_TCP 7KB 7KB [ 291.512250][T12963] request_sock_TCP 23KB 23KB [ 291.514281][T12963] TCP 401KB 573KB [ 291.516233][T12963] hugetlbfs_inode_cache 125KB 125KB [ 291.518332][T12963] fscache_cookie_jar 23KB 23KB [ 291.520305][T12963] netfs_subrequest 93KB 93KB [ 291.522283][T12963] netfs_request 159KB 159KB [ 291.524296][T12963] bio-280 15KB 15KB [ 291.526339][T12963] backing_aio 4KB 4KB [ 291.528303][T12963] ep_head 16KB 16KB [ 291.530564][T12963] eventpoll_pwq 19KB 19KB [ 291.532755][T12963] eventpoll_epi 66KB 66KB [ 291.539303][T12963] inotify_inode_mark 27KB 27KB [ 291.541317][T12963] sgpool-128 29KB 29KB [ 291.543290][T12963] sgpool-64 31KB 31KB [ 291.545364][T12963] sgpool-32 126KB 126KB [ 291.547346][T12963] sgpool-16 62KB 62KB [ 291.549298][T12963] sgpool-8 46KB 46KB [ 291.551273][T12963] bio_crypt_ctx 7KB 7KB [ 291.553225][T12963] bio_integrity_data 4KB 4KB [ 291.555355][T12963] request_queue 262KB 278KB [ 291.557338][T12963] blkdev_ioc 31KB 31KB [ 291.559272][T12963] bio-200 108KB 132KB [ 291.561266][T12963] biovec-max 718KB 892KB [ 291.563207][T12963] biovec-64 189KB 378KB [ 291.565302][T12963] biovec-16 46KB 46KB [ 291.567243][T12963] mm_slot 15KB 15KB [ 291.569233][T12963] user_namespace 93KB 93KB [ 291.571209][T12963] uid_cache 31KB 31KB [ 291.573145][T12963] iommu_iova_magazine 1031KB 1039KB [ 291.575267][T12963] iommu_iova 192KB 192KB [ 291.577238][T12963] dmaengine-unmap-256 30KB 30KB [ 291.579251][T12963] dmaengine-unmap-128 30KB 30KB [ 291.581283][T12963] dmaengine-unmap-16 4KB 4KB [ 291.583316][T12963] dmaengine-unmap-2 4KB 4KB [ 291.585353][T12963] QIPCRTR 125KB 125KB [ 291.587326][T12963] audit_buffer 160KB 179KB [ 291.589273][T12963] skbuff_ext_cache 28KB 28KB [ 291.591234][T12963] skbuff_small_head 1158KB 1482KB [ 291.593210][T12963] skbuff_fclone_cache 203KB 296KB [ 291.595293][T12963] skbuff_head_cache 918KB 1070KB [ 291.597283][T12963] configfs_dir_cache 16KB 16KB [ 291.599254][T12963] file_lease_cache 95KB 166KB [ 291.601242][T12963] file_lock_cache 111KB 198KB [ 291.603189][T12963] file_lock_ctx 19KB 19KB [ 291.605226][T12963] fsnotify_mark_connector 15KB 15KB [ 291.607332][T12963] posix_timers_cache 32KB 32KB [ 291.609383][T12963] taskstats 61KB 61KB [ 291.611341][T12963] mem_cgroup_per_node 107KB 123KB [ 291.613347][T12963] mem_cgroup 89KB 89KB [ 291.615380][T12963] proc_dir_entry 709KB 765KB [ 291.617347][T12963] pde_opener 15KB 15KB [ 291.619315][T12963] seq_file 93KB 156KB [ 291.621285][T12963] sigqueue 35KB 55KB [ 291.623235][T12963] shmem_inode_cache 7767KB 7988KB [ 291.625290][T12963] kernfs_iattrs_cache 15KB 15KB [ 291.627282][T12963] kernfs_node_cache 30448KB 30460KB [ 291.629261][T12963] mnt_cache 132KB 165KB [ 291.631232][T12963] bfilp 23KB 23KB [ 291.633212][T12963] filp 529KB 598KB [ 291.635140][T12963] names_cache 5163KB 5384KB [ 291.636891][T12963] net_namespace 141KB 141KB [ 291.638874][T12963] ima_iint_cache 63KB 63KB [ 291.640870][T12963] lsm_inode_cache 1395KB 1945KB [ 291.642866][T12963] lsm_file_cache 183KB 204KB [ 291.644891][T12963] key_jar 39KB 39KB [ 291.646841][T12963] uts_namespace 62KB 62KB [ 291.648806][T12963] nsproxy 15KB 15KB [ 291.650760][T12963] vm_area_struct 1422KB 1523KB [ 291.652723][T12963] fs_cache 73KB 92KB [ 291.654705][T12963] files_cache 221KB 366KB [ 291.656624][T12963] signal_cache 1004KB 1787KB [ 291.658612][T12963] sighand_cache 1262KB 1984KB [ 291.660593][T12963] task_struct 4933KB 5154KB [ 291.662571][T12963] cred 190KB 336KB [ 291.664630][T12963] anon_vma_chain 368KB 378KB [ 291.666616][T12963] anon_vma 421KB 478KB [ 291.668563][T12963] pid 216KB 441KB [ 291.670611][T12963] Acpi-Operand 249KB 356KB [ 291.672554][T12963] Acpi-ParseExt 133KB 133KB [ 291.674616][T12963] Acpi-Parse 70KB 86KB [ 291.676599][T12963] Acpi-State 90KB 126KB [ 291.678478][T12963] Acpi-Namespace 56KB 56KB [ 291.680441][T12963] shared_policy_node 4KB 4KB [ 291.682525][T12963] numa_policy 15KB 15KB [ 291.684668][T12963] perf_event 62KB 62KB [ 291.686630][T12963] trace_event_file 532KB 532KB [ 291.688587][T12963] ftrace_event_field 1004KB 1004KB [ 291.690599][T12963] pool_workqueue 1854KB 1904KB [ 291.692547][T12963] task_group 46KB 46KB [ 291.694602][T12963] maple_node 1749KB 1832KB [ 291.696550][T12963] mm_struct 508KB 735KB [ 291.698542][T12963] vmap_area 585KB 1223KB [ 291.700501][T12963] debug_objects_cache 2751KB 2930KB [ 291.702526][T12963] page->ptl 139KB 173KB [ 291.704568][T12963] kmalloc-cg-8k 3232KB 3360KB [ 291.706574][T12963] kmalloc-cg-4k 16608KB 16832KB [ 291.708545][T12963] kmalloc-cg-2k 11156KB 11424KB [ 291.710528][T12963] kmalloc-cg-1k 2934KB 3264KB [ 291.712497][T12963] kmalloc-cg-512 1398KB 1568KB [ 291.714522][T12963] kmalloc-cg-256 482KB 520KB [ 291.716500][T12963] kmalloc-cg-128 240KB 256KB [ 291.718464][T12963] kmalloc-cg-64 99KB 136KB [ 291.720416][T12963] kmalloc-cg-32 59KB 160KB [ 291.722410][T12963] kmalloc-cg-16 37KB 48KB [ 291.724438][T12963] kmalloc-cg-8 32KB 32KB [ 291.726413][T12963] kmalloc-cg-192 88KB 104KB [ 291.728358][T12963] kmalloc-cg-96 80KB 124KB [ 291.730396][T12963] kmalloc-8k 4976KB 5632KB [ 291.732386][T12963] kmalloc-4k 15368KB 15744KB [ 291.734536][T12963] kmalloc-2k 12812KB 13824KB [ 291.736525][T12963] kmalloc-1k 8040KB 8832KB [ 291.738555][T12963] kmalloc-512 9662KB 10832KB [ 291.740451][T12963] kmalloc-256 4475KB 4928KB [ 291.742515][T12963] kmalloc-128 2238KB 3844KB [ 291.744646][T12963] kmalloc-64 3116KB 3500KB [ 291.746603][T12963] kmalloc-32 3362KB 3384KB [ 291.748555][T12963] kmalloc-16 438KB 468KB [ 291.750513][T12963] kmalloc-8 515KB 532KB [ 291.752500][T12963] kmalloc-192 3442KB 3856KB [ 291.754569][T12963] kmalloc-96 2644KB 3332KB [ 291.756492][T12963] kmem_cache_node 224KB 228KB [ 291.758418][T12963] kmem_cache 195KB 195KB [ 291.760312][T12963] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz3,task=syz.3.2297,pid=12963,uid=0 [ 291.765109][T12963] Out of memory (oom_kill_allocating_task): Killed process 12962 (syz.3.2297) total-vm:102268kB, anon-rss:1792kB, file-rss:22956kB, shmem-rss:11392kB, UID:0 pgtables:132kB oom_score_adj:0 [ 291.987858][T12969] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2300'. [ 292.020750][T12972] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 292.668183][T12984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2304'. [ 292.695361][T12984] bond10: (slave dummy0): Releasing backup interface [ 294.848102][T13044] netlink: 107460 bytes leftover after parsing attributes in process `syz.5.2320'. [ 296.362164][T13069] netlink: 'syz.5.2324': attribute type 1 has an invalid length. [ 296.392171][T13069] bond11: entered promiscuous mode [ 296.394466][T13069] bond11: entered allmulticast mode [ 296.419677][T13069] bond11: (slave ip6gretap1): making interface the new active one [ 296.421988][T13069] ip6gretap1: entered promiscuous mode [ 296.423697][T13069] ip6gretap1: entered allmulticast mode [ 296.426612][T13069] bond11: (slave ip6gretap1): Enslaving as an active interface with an up link [ 296.436334][T13071] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2325'. [ 296.451469][T13069] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2324'. [ 296.457843][T13069] bond11: left promiscuous mode [ 296.460162][T13069] ip6gretap1: left promiscuous mode [ 296.462667][T13069] bond11: left allmulticast mode [ 296.465227][T13069] ip6gretap1: left allmulticast mode [ 296.468003][T13069] 8021q: adding VLAN 0 to HW filter on device bond11 [ 296.853748][T13083] 8021q: adding VLAN 0 to HW filter on device bond13 [ 296.869507][T13083] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2331'. [ 296.872552][T13083] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2331'. [ 296.876798][T13083] bond0: left allmulticast mode [ 296.878504][T13083] bond_slave_1: left allmulticast mode [ 296.883511][T13083] bond13: (slave bond0): Enslaving as an active interface with a down link [ 296.895879][T13083] bond13: (slave bond0): Releasing active interface [ 296.900167][T13083] bond10: (slave dummy0): Releasing active interface [ 296.906188][T13083] bond0: (slave bond_slave_1): Releasing backup interface [ 296.909163][T13083] bond_slave_1: left promiscuous mode [ 296.911305][T13083] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 296.915024][T13083] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 296.918005][T13083] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 297.766626][T13115] netlink: 'syz.1.2336': attribute type 1 has an invalid length. [ 297.779393][T13115] bond8: entered promiscuous mode [ 297.781388][T13115] 8021q: adding VLAN 0 to HW filter on device bond8 [ 297.813194][T13115] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2336'. [ 297.816595][T13115] bond8: entered allmulticast mode [ 297.828722][T13115] bond8: (slave bridge17): making interface the new active one [ 297.831311][T13115] bridge17: entered promiscuous mode [ 297.833220][T13115] bridge17: entered allmulticast mode [ 297.836183][T13115] bond8: (slave bridge17): Enslaving as an active interface with an up link [ 298.872195][T13138] netlink: 'syz.1.2343': attribute type 1 has an invalid length. [ 298.888954][T13138] 8021q: adding VLAN 0 to HW filter on device bond9 [ 298.914280][T13138] 8021q: adding VLAN 0 to HW filter on device bond9 [ 298.916642][T13138] bond9: (slave vxcan1): The slave device specified does not support setting the MAC address [ 298.920359][T13138] bond9: (slave vxcan1): Error -95 calling set_mac_address [ 299.042978][T13143] gretap2: entered promiscuous mode [ 299.054045][T13143] bond9: (slave gretap2): making interface the new active one [ 299.060875][T13143] bond9: (slave gretap2): Enslaving as an active interface with an up link [ 299.261819][T13138] macvlan2: entered promiscuous mode [ 299.263587][T13138] macvlan2: entered allmulticast mode [ 299.275518][T13138] bond9: entered promiscuous mode [ 299.277980][T13138] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 299.282276][T13138] bond9: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2 [ 299.287926][T13138] bond9: left promiscuous mode [ 299.819293][ T40] audit: type=1326 audit(1770676631.076:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.830882][ T40] audit: type=1326 audit(1770676631.086:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.840614][ T40] audit: type=1326 audit(1770676631.086:1504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.849548][T13158] netlink: 'syz.4.2347': attribute type 1 has an invalid length. [ 299.859062][ T40] audit: type=1326 audit(1770676631.086:1505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.876212][ T40] audit: type=1326 audit(1770676631.086:1506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=288 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.894281][ T40] audit: type=1326 audit(1770676631.086:1507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.901172][ T40] audit: type=1326 audit(1770676631.086:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.910355][ T40] audit: type=1326 audit(1770676631.086:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.918509][T13161] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2347'. [ 299.921520][ T40] audit: type=1326 audit(1770676631.086:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.928365][ T40] audit: type=1326 audit(1770676631.086:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13155 comm="syz.3.2348" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 299.949188][T13158] bond14: entered promiscuous mode [ 299.951458][T13158] 8021q: adding VLAN 0 to HW filter on device bond14 [ 299.953901][T13161] bond14: entered allmulticast mode [ 299.981216][T13158] bond14: (slave bridge10): making interface the new active one [ 299.984281][T13158] bridge10: entered promiscuous mode [ 299.986090][T13158] bridge10: entered allmulticast mode [ 299.988381][T13158] bond14: (slave bridge10): Enslaving as an active interface with an up link [ 300.024521][T13147] orangefs_mount: mount request failed with -4 [ 303.759703][T13223] netlink: 'syz.5.2357': attribute type 1 has an invalid length. [ 303.778216][T13223] 8021q: adding VLAN 0 to HW filter on device bond12 [ 303.820403][T13223] 8021q: adding VLAN 0 to HW filter on device bond12 [ 303.823393][T13223] bond12: (slave vxcan1): The slave device specified does not support setting the MAC address [ 303.828932][T13223] bond12: (slave vxcan1): Error -95 calling set_mac_address [ 303.866928][T13226] gretap1: entered promiscuous mode [ 303.871425][T13226] bond12: (slave gretap1): making interface the new active one [ 303.874084][T13226] bond12: (slave gretap1): Enslaving as an active interface with an up link [ 303.900113][T13226] macvlan0: entered promiscuous mode [ 303.904149][T13226] macvlan0: entered allmulticast mode [ 303.907451][T13226] bond12: entered promiscuous mode [ 303.912658][T13226] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 303.925975][T13226] bond12: (slave macvlan0): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 303.930649][T13226] bond12: left promiscuous mode [ 305.143213][T13229] orangefs_mount: mount request failed with -4 [ 305.616112][T13244] 8021q: adding VLAN 0 to HW filter on device bond13 [ 305.631689][T13244] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2364'. [ 305.634636][T13244] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2364'. [ 305.707375][T13244] team0: Port device bond0 removed [ 305.710230][T13244] 8021q: adding VLAN 0 to HW filter on device bond0 [ 305.713547][T13244] bond13: (slave bond0): making interface the new active one [ 305.717182][T13244] bond13: (slave bond0): Enslaving as an active interface with an up link [ 305.720594][T13246] bond0: (slave syz_tun): Releasing backup interface [ 305.724284][T13246] bond13: (slave bond0): Releasing active interface [ 305.728321][T13246] bond9: (slave dummy0): Releasing backup interface [ 305.731179][T13246] veth0_to_bond: left allmulticast mode [ 305.733075][T13246] veth0_to_bond: left promiscuous mode [ 305.735112][T13246] bridge1: port 2(veth0_to_bond) entered disabled state [ 305.745314][T13246] bond2: (slave ip6erspan0): Releasing active interface [ 305.752049][T13246] bond3: (slave vxcan3): Releasing backup interface [ 305.755599][T13246] bond3: (slave vxcan5): making interface the new active one [ 305.759542][T13246] bond3: (slave vxcan5): Releasing backup interface [ 305.762395][T13246] veth11: left allmulticast mode [ 305.764092][T13246] veth11: left promiscuous mode [ 305.766403][T13246] bridge1: port 1(veth11) entered disabled state [ 305.772689][T13246] bond5: (slave bridge2): Releasing backup interface [ 305.777631][T13246] bond6: (slave ip6gretap1): Releasing active interface [ 305.783345][T13246] bond7: (slave gretap1): Releasing active interface [ 305.789386][T13246] bond8: (slave bridge3): Releasing active interface [ 305.794439][T13246] bond10: (slave bond11): Releasing active interface [ 305.922144][T13250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2365'. [ 306.021093][T13250] vxlan0: entered promiscuous mode [ 306.048877][ T69] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.053710][ T69] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.064519][ T69] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.067548][ T69] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 306.776763][T13281] netlink: 'syz.3.2373': attribute type 1 has an invalid length. [ 306.793870][T13281] 8021q: adding VLAN 0 to HW filter on device bond14 [ 306.841781][T13281] bond14: (slave veth15): Enslaving as an active interface with a down link [ 306.877138][T13281] bond14: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 306.892767][T13281] vlan4: entered allmulticast mode [ 306.894821][T13281] veth0_to_bond: entered allmulticast mode [ 306.897313][T13281] veth0_to_bond: entered promiscuous mode [ 306.899966][T13281] veth0_to_bond: left promiscuous mode [ 306.902066][T13281] veth0_to_bond: entered promiscuous mode [ 306.904161][T13281] bond14: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 306.910377][T13281] veth0_to_bond: left promiscuous mode [ 307.682912][T13300] netlink: 'syz.3.2377': attribute type 2 has an invalid length. [ 307.693700][T13300] #{6c: entered promiscuous mode [ 307.706597][T13300] netlink: 'syz.3.2377': attribute type 2 has an invalid length. [ 307.709727][T13300] #{6c: left promiscuous mode [ 308.483983][T13306] netlink: 'syz.5.2383': attribute type 3 has an invalid length. [ 308.486897][T13308] netlink: 'syz.3.2380': attribute type 1 has an invalid length. [ 308.506456][T13308] 8021q: adding VLAN 0 to HW filter on device bond15 [ 308.575603][T13308] 8021q: adding VLAN 0 to HW filter on device bond15 [ 308.578375][T13308] bond15: (slave vxcan9): The slave device specified does not support setting the MAC address [ 308.581950][T13308] bond15: (slave vxcan9): Error -95 calling set_mac_address [ 308.625466][T13314] gretap2: entered promiscuous mode [ 308.630368][T13314] bond15: (slave gretap2): making interface the new active one [ 308.633907][T13314] bond15: (slave gretap2): Enslaving as an active interface with an up link [ 308.684670][T13308] macvlan2: entered promiscuous mode [ 308.687025][T13308] macvlan2: entered allmulticast mode [ 308.689964][T13308] bond15: entered promiscuous mode [ 308.692877][T13308] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 308.698408][T13308] bond15: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap2 [ 308.704604][T13308] bond15: left promiscuous mode [ 308.753135][T13315] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 309.539538][T13331] netlink: 'syz.5.2389': attribute type 1 has an invalid length. [ 309.564838][T13331] 8021q: adding VLAN 0 to HW filter on device bond13 [ 309.606138][T13331] 8021q: adding VLAN 0 to HW filter on device bond13 [ 309.609753][T13331] bond13: (slave vxcan1): The slave device specified does not support setting the MAC address [ 309.613558][T13331] bond13: (slave vxcan1): Error -95 calling set_mac_address [ 309.665640][T13335] bond14: entered promiscuous mode [ 309.668327][T13335] 8021q: adding VLAN 0 to HW filter on device bond14 [ 309.674865][T13335] bond13: (slave bond14): Enslaving as an active interface with a down link [ 309.743617][T13331] macvlan0: entered promiscuous mode [ 309.745902][T13331] macvlan0: entered allmulticast mode [ 309.748708][T13331] bond13: entered promiscuous mode [ 309.750716][T13331] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 309.756338][T13331] bond13: left promiscuous mode [ 312.242770][ T6774] IPVS: starting estimator thread 0... [ 312.342865][T13381] IPVS: using max 44 ests per chain, 105600 per kthread [ 314.840839][T13419] netlink: 'syz.3.2412': attribute type 1 has an invalid length. [ 314.851789][T13419] bond16: entered promiscuous mode [ 314.853630][T13419] 8021q: adding VLAN 0 to HW filter on device bond16 [ 314.873565][T13419] bond16: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 314.877651][T13419] bond16: (slave ipvlan2): The slave device specified does not support setting the MAC address [ 314.880868][T13419] bond16: (slave ipvlan2): Setting fail_over_mac to active for active-backup mode [ 315.263075][T13430] syz.4.2416: vmalloc error: size 2147479872, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 315.267896][T13430] CPU: 0 UID: 0 PID: 13430 Comm: syz.4.2416 Tainted: G L syzkaller #0 PREEMPT(full) [ 315.267916][T13430] Tainted: [L]=SOFTLOCKUP [ 315.267920][T13430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 315.267927][T13430] Call Trace: [ 315.267932][T13430] [ 315.267937][T13430] dump_stack_lvl+0x100/0x190 [ 315.267955][T13430] warn_alloc.cold+0x95/0x1c1 [ 315.267974][T13430] ? __pfx_warn_alloc+0x10/0x10 [ 315.267991][T13430] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 315.268010][T13430] ? __perf_event_task_sched_in+0x27a/0xa10 [ 315.268027][T13430] __vmalloc_node_range_noprof+0x1252/0x1530 [ 315.268039][T13430] ? finish_task_switch.isra.0+0x1ff/0xb70 [ 315.268057][T13430] ? netlink_alloc_large_skb+0x9b/0x150 [ 315.268077][T13430] ? alloc_pages_mpol+0x25a/0x550 [ 315.268096][T13430] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 315.268114][T13430] __kvmalloc_node_noprof+0x3cd/0xac0 [ 315.268128][T13430] ? netlink_alloc_large_skb+0x9b/0x150 [ 315.268148][T13430] ? netlink_alloc_large_skb+0x9b/0x150 [ 315.268165][T13430] ? find_held_lock+0x2b/0x80 [ 315.268177][T13430] ? aa_file_perm+0x268/0x1540 [ 315.268191][T13430] ? netlink_alloc_large_skb+0x9b/0x150 [ 315.268215][T13430] netlink_alloc_large_skb+0x9b/0x150 [ 315.268235][T13430] netlink_sendmsg+0x680/0xda0 [ 315.268256][T13430] ? __pfx_netlink_sendmsg+0x10/0x10 [ 315.268276][T13430] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 315.268294][T13430] sock_write_iter+0x566/0x610 [ 315.268309][T13430] ? __pfx_sock_write_iter+0x10/0x10 [ 315.268327][T13430] ? bpf_lsm_file_permission+0x9/0x10 [ 315.268342][T13430] ? security_file_permission+0x76/0x210 [ 315.268361][T13430] ? rw_verify_area+0xce/0x6d0 [ 315.268373][T13430] vfs_write+0x6ac/0x1070 [ 315.268386][T13430] ? __pfx_sock_write_iter+0x10/0x10 [ 315.268399][T13430] ? __pfx_vfs_write+0x10/0x10 [ 315.268410][T13430] ? find_held_lock+0x2b/0x80 [ 315.268430][T13430] ksys_write+0x1f8/0x250 [ 315.268443][T13430] ? __pfx_ksys_write+0x10/0x10 [ 315.268459][T13430] __do_fast_syscall_32+0xde/0x660 [ 315.268475][T13430] do_fast_syscall_32+0x32/0x70 [ 315.268490][T13430] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 315.268504][T13430] RIP: 0023:0xf7f93579 [ 315.268523][T13430] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 315.268541][T13430] RSP: 002b:00000000f545650c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 315.268558][T13430] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280 [ 315.268567][T13430] RDX: 00000000ffffff03 RSI: 0000000000000000 RDI: 0000000000000000 [ 315.268576][T13430] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 315.268584][T13430] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 315.268594][T13430] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 315.268633][T13430] [ 315.268644][T13430] Mem-Info: [ 315.371880][T13430] active_anon:4726 inactive_anon:15306 isolated_anon:0 [ 315.371880][T13430] active_file:6288 inactive_file:14141 isolated_file:0 [ 315.371880][T13430] unevictable:1768 dirty:513 writeback:0 [ 315.371880][T13430] slab_reclaimable:6498 slab_unreclaimable:64662 [ 315.371880][T13430] mapped:24105 shmem:19232 pagetables:1433 [ 315.371880][T13430] sec_pagetables:318 bounce:0 [ 315.371880][T13430] kernel_misc_reclaimable:0 [ 315.371880][T13430] free:29229 free_pcp:20641 free_cma:0 [ 315.386740][T13430] Node 0 active_anon:0kB inactive_anon:100kB active_file:0kB inactive_file:12kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:8kB writeback:0kB shmem:4344kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10004kB pagetables:1604kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 315.402261][T13430] Node 1 active_anon:20176kB inactive_anon:61124kB active_file:25152kB inactive_file:56560kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:97360kB dirty:2052kB writeback:0kB shmem:73584kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:5104kB pagetables:4144kB sec_pagetables:112kB all_unreclaimable? no Balloon:0kB [ 315.413041][T13430] Node 0 DMA free:2100kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:576kB local_pcp:188kB free_cma:0kB [ 315.422357][T13430] lowmem_reserve[]: 0 288 288 288 288 [ 315.424157][T13430] Node 0 DMA32 free:17164kB boost:6144kB min:19364kB low:22668kB high:25972kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:92kB active_file:0kB inactive_file:12kB unevictable:3536kB writepending:8kB zspages:2020kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:14136kB local_pcp:3580kB free_cma:0kB [ 315.433670][T13430] lowmem_reserve[]: 0 0 0 0 0 [ 315.435187][T13430] Node 1 DMA32 free:97452kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:21744kB inactive_anon:61124kB active_file:25152kB inactive_file:56560kB unevictable:3536kB writepending:2052kB zspages:4176kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:65672kB local_pcp:17628kB free_cma:0kB [ 315.444448][T13430] lowmem_reserve[]: 0 0 0 0 0 [ 315.445932][T13430] Node 0 DMA: 7*4kB (UM) 13*8kB (UM) 13*16kB (UM) 7*32kB (UM) 6*64kB (UM) 1*128kB (M) 0*256kB 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2100kB [ 315.450101][T13430] Node 0 DMA32: 113*4kB (U) 389*8kB (U) 162*16kB (U) 136*32kB (UME) 58*64kB (UE) 17*128kB (UE) 3*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17164kB [ 315.454641][T13430] Node 1 DMA32: 2428*4kB (UME) 2299*8kB (UME) 1179*16kB (UME) 114*32kB (ME) 91*64kB (UME) 50*128kB (ME) 29*256kB (ME) 5*512kB (M) 16*1024kB (UM) 4*2048kB (U) 0*4096kB = 97400kB [ 315.459950][T13430] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 315.462704][T13430] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 315.465435][T13430] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 315.468125][T13430] Node 1 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 315.470839][T13430] 42669 total pagecache pages [ 315.472203][T13430] 1235 pages in swap cache [ 315.473528][T13430] Free swap = 90736kB [ 315.535394][T13430] Total swap = 124996kB [ 315.537037][T13430] 524155 pages RAM [ 315.538133][T13430] 0 pages HighMem/MovableOnly [ 315.539549][T13430] 209486 pages reserved [ 315.540755][T13430] 0 pages cma reserved [ 316.940815][T13466] netlink: 'syz.4.2426': attribute type 1 has an invalid length. [ 316.958198][T13466] 8021q: adding VLAN 0 to HW filter on device bond15 [ 316.968261][T13464] netlink: 'syz.3.2427': attribute type 1 has an invalid length. [ 316.997589][T13464] 8021q: adding VLAN 0 to HW filter on device bond17 [ 317.015948][T13466] 8021q: adding VLAN 0 to HW filter on device bond15 [ 317.018697][T13466] bond15: (slave vxcan1): The slave device specified does not support setting the MAC address [ 317.022423][T13466] bond15: (slave vxcan1): Error -95 calling set_mac_address [ 317.042912][T13469] bond16: entered promiscuous mode [ 317.090181][T13469] 8021q: adding VLAN 0 to HW filter on device bond16 [ 317.093452][T13469] bond15: (slave bond16): Enslaving as an active interface with a down link [ 317.101286][T13464] vlan4: entered allmulticast mode [ 317.108157][T13464] bond17: (slave vlan4): Enslaving as an active interface with a down link [ 317.155929][T13466] macvlan2: entered promiscuous mode [ 317.157729][T13466] macvlan2: entered allmulticast mode [ 317.159885][T13466] bond15: entered promiscuous mode [ 317.162171][T13466] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 317.183526][T13466] bond15: left promiscuous mode [ 317.378479][T13474] netlink: 'syz.4.2429': attribute type 1 has an invalid length. [ 317.404816][T13474] 8021q: adding VLAN 0 to HW filter on device bond17 [ 317.422266][T13474] lo: left promiscuous mode [ 317.424064][T13474] lo: left allmulticast mode [ 317.426610][T13474] tunl0: left promiscuous mode [ 317.428754][T13474] tunl0: left allmulticast mode [ 317.432443][T13474] gre0: left promiscuous mode [ 317.435051][T13474] gre0: left allmulticast mode [ 317.442732][T13474] gretap0: left promiscuous mode [ 317.446228][T13474] gretap0: left allmulticast mode [ 317.454821][T13474] erspan0: left promiscuous mode [ 317.456834][T13474] erspan0: left allmulticast mode [ 317.460928][T13474] ip_vti0: left promiscuous mode [ 317.463076][T13474] ip_vti0: left allmulticast mode [ 317.586623][T13474] ip6_vti0: left promiscuous mode [ 317.588341][T13474] ip6_vti0: left allmulticast mode [ 317.590878][T13474] sit0: left promiscuous mode [ 317.592422][T13474] sit0: left allmulticast mode [ 317.605719][T13474] ip6tnl0: left promiscuous mode [ 317.607391][T13474] ip6tnl0: left allmulticast mode [ 317.610180][T13474] ip6gre0: left promiscuous mode [ 317.611922][T13474] ip6gre0: left allmulticast mode [ 317.615934][T13474] ip6gretap0: left promiscuous mode [ 317.618354][T13474] ip6gretap0: left allmulticast mode [ 317.621605][T13474] nlmon0: left promiscuous mode [ 317.623919][T13474] nlmon0: left allmulticast mode [ 317.626426][T13474] caif0: left promiscuous mode [ 317.627962][T13474] caif0: left allmulticast mode [ 317.638469][T13474] bond7: left allmulticast mode [ 317.658175][T13474] vlan2: left allmulticast mode [ 317.661200][T13474] hsr0: left allmulticast mode [ 317.662853][T13474] hsr_slave_0: left allmulticast mode [ 317.667684][T13474] hsr_slave_1: left allmulticast mode [ 317.711391][T13474] gretap2: left promiscuous mode [ 317.720302][T13474] bond14: left promiscuous mode [ 317.725345][T13474] bridge10: left promiscuous mode [ 317.729075][T13474] bond14: left allmulticast mode [ 317.733516][T13474] bridge10: left allmulticast mode [ 317.761309][T13474] bond16: left promiscuous mode [ 317.780841][ T69] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 20004 - 0 [ 317.783496][ T69] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 20004 - 0 [ 317.786920][ T69] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 20004 - 0 [ 317.789552][ T69] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 20004 - 0 [ 318.495330][T13497] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2434'. [ 318.503528][T13497] vxlan0: entered promiscuous mode [ 318.508381][ T1183] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0 [ 318.528640][ T1183] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0 [ 318.533662][ T1183] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0 [ 318.537234][ T1183] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0 [ 319.595500][T13525] netlink: 'syz.5.2443': attribute type 1 has an invalid length. [ 319.632291][T13525] 8021q: adding VLAN 0 to HW filter on device bond15 [ 319.730597][T13525] bond15: (slave veth21): Enslaving as an active interface with a down link [ 319.741130][T13527] bond15: (slave veth0_to_bond): Enslaving as an active interface with a down link [ 319.825362][T13525] vlan0: entered allmulticast mode [ 319.827813][T13525] veth0_to_bond: entered promiscuous mode [ 319.829918][T13525] veth0_to_bond: left promiscuous mode [ 319.831805][T13525] veth0_to_bond: entered promiscuous mode [ 319.833799][T13525] bond15: (slave vlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened) [ 319.846214][T13525] veth0_to_bond: left promiscuous mode [ 320.386373][T13537] netlink: 'syz.4.2444': attribute type 2 has an invalid length. [ 320.393384][T13537] #{6c: entered promiscuous mode [ 320.404983][T13537] netlink: 'syz.4.2444': attribute type 2 has an invalid length. [ 320.407576][T13537] #{6c: left promiscuous mode [ 320.946400][T13542] netlink: 'syz.5.2455': attribute type 10 has an invalid length. [ 322.065179][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.067383][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.013511][ T5949] Bluetooth: hci5: unexpected Set CIG Parameters response data [ 323.018993][ T5949] Bluetooth: hci5: unexpected event for opcode 0x2062 [ 323.938898][T13599] netlink: 'syz.5.2462': attribute type 2 has an invalid length. [ 323.950211][T13599] #{6c: entered promiscuous mode [ 323.962558][T13599] netlink: 'syz.5.2462': attribute type 2 has an invalid length. [ 323.966256][T13599] #{6c: left promiscuous mode [ 324.670703][T13609] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2465'. [ 324.700793][T13609] bridge11: port 1(veth13) entered blocking state [ 324.705744][T13609] bridge11: port 1(veth13) entered disabled state [ 324.707965][T13609] veth13: entered allmulticast mode [ 324.710472][T13609] veth13: entered promiscuous mode [ 325.638326][T13631] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2472'. [ 325.706735][T13637] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 327.074361][ T5949] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0 [ 327.079482][ T5949] Bluetooth: hci5: Injecting HCI hardware error event [ 327.084376][ T5949] Bluetooth: hci5: hardware error 0x00 [ 328.333247][T13703] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2491'. [ 328.500576][T13706] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2492'. [ 328.529218][T13706] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2492'. [ 329.164722][ T5949] Bluetooth: hci5: Opcode 0x0c03 failed: -110 [ 331.654052][T13753] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2504'. [ 331.854235][ T40] kauditd_printk_skb: 37 callbacks suppressed [ 331.854247][ T40] audit: type=1326 audit(1770676663.106:1549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.874268][ T40] audit: type=1326 audit(1770676663.106:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb7598 code=0x7ffc0000 [ 331.881755][ T40] audit: type=1326 audit(1770676663.106:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.890796][ T40] audit: type=1326 audit(1770676663.106:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.899026][ T40] audit: type=1326 audit(1770676663.106:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb7598 code=0x7ffc0000 [ 331.908201][ T40] audit: type=1326 audit(1770676663.106:1554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.918845][ T40] audit: type=1326 audit(1770676663.106:1555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.927218][ T40] audit: type=1326 audit(1770676663.106:1556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fb7598 code=0x7ffc0000 [ 331.935226][ T40] audit: type=1326 audit(1770676663.106:1557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 331.943045][ T40] audit: type=1326 audit(1770676663.106:1558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13747 comm="syz.3.2502" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 333.226741][ T5949] Bluetooth: hci0: unexpected event 0x10 length: 11 > 1 [ 333.229020][ T64] Bluetooth: hci0: hardware error 0xff [ 334.877857][T13824] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2525'. [ 334.930126][T13826] netlink: 'syz.5.2528': attribute type 1 has an invalid length. [ 334.963015][T13826] 8021q: adding VLAN 0 to HW filter on device bond16 [ 335.008828][T13826] 8021q: adding VLAN 0 to HW filter on device bond16 [ 335.012202][T13826] bond16: (slave vxcan1): The slave device specified does not support setting the MAC address [ 335.019035][T13826] bond16: (slave vxcan1): Error -95 calling set_mac_address [ 335.028494][T13828] syzkaller0: entered promiscuous mode [ 335.033428][T13828] syzkaller0: entered allmulticast mode [ 335.171945][T13826] macvlan0: entered promiscuous mode [ 335.173830][T13826] macvlan0: entered allmulticast mode [ 335.177758][T13826] bond16: entered promiscuous mode [ 335.179889][T13826] 8021q: adding VLAN 0 to HW filter on device macvlan0 [ 335.185467][T13826] bond16: left promiscuous mode [ 335.314799][ T64] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 335.472539][T13835] netlink: 'syz.4.2538': attribute type 1 has an invalid length. [ 335.496918][T13835] 8021q: adding VLAN 0 to HW filter on device bond18 [ 335.503428][T13836] 8021q: adding VLAN 0 to HW filter on device bond5 [ 335.509372][T13836] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2530'. [ 335.512155][T13836] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2530'. [ 335.517085][T13836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 335.520403][T13836] bond5: (slave bond0): making interface the new active one [ 335.523380][T13836] bond5: (slave bond0): Enslaving as an active interface with an up link [ 335.551370][T13835] 8021q: adding VLAN 0 to HW filter on device bond18 [ 335.555526][T13835] bond18: (slave vxcan1): The slave device specified does not support setting the MAC address [ 335.561163][T13835] bond18: (slave vxcan1): Error -95 calling set_mac_address [ 335.578118][T13836] bond5: (slave bond0): Releasing active interface [ 335.582889][T13836] bond7: (slave dummy0): Releasing active interface [ 335.592852][T13836] bridge_slave_0: left allmulticast mode [ 335.594980][T13836] bridge_slave_0: left promiscuous mode [ 335.597122][T13836] bridge0: port 1(bridge_slave_0) entered disabled state [ 335.602089][T13836] bridge_slave_1: left allmulticast mode [ 335.603878][T13836] bridge_slave_1: left promiscuous mode [ 335.606210][T13836] bridge0: port 2(bridge_slave_1) entered disabled state [ 335.610583][T13836] bond0: (slave bond_slave_0): Releasing backup interface [ 335.613921][T13836] bond0: (slave bond_slave_1): Releasing backup interface [ 335.618556][T13836] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 335.621548][T13836] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 335.650055][T13835] macvlan2: entered promiscuous mode [ 335.651770][T13835] macvlan2: entered allmulticast mode [ 335.655672][T13835] bond18: entered promiscuous mode [ 335.657747][T13835] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 335.686572][T13835] bond18: left promiscuous mode [ 336.859462][T13852] netlink: 'syz.1.2534': attribute type 10 has an invalid length. [ 336.863116][T13852] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 336.867066][T13852] bond0: (slave batadv0): Enslaving as an active interface with an up link [ 336.875371][T13852] batman_adv: batadv0: Removing interface: gretap1 [ 336.892216][T13852] bond0: (slave batadv0): Releasing backup interface [ 336.912877][ T40] kauditd_printk_skb: 1696 callbacks suppressed [ 336.912890][ T40] audit: type=1326 audit(1770676668.166:3255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.924516][ T40] audit: type=1326 audit(1770676668.166:3256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.931354][ T40] audit: type=1326 audit(1770676668.166:3257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.938527][ T40] audit: type=1326 audit(1770676668.166:3258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.945618][ T40] audit: type=1326 audit(1770676668.166:3259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.952596][ T40] audit: type=1326 audit(1770676668.176:3260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.959953][ T40] audit: type=1326 audit(1770676668.176:3261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.967379][ T40] audit: type=1326 audit(1770676668.176:3262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.974776][ T40] audit: type=1326 audit(1770676668.176:3263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.983504][ T40] audit: type=1326 audit(1770676668.176:3264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13859 comm="syz.3.2537" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000 [ 336.997640][T13866] netlink: 'syz.3.2540': attribute type 39 has an invalid length. [ 337.248917][T13863] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 337.267266][T13863] Error validating options; rc = [-22] [ 337.951226][T13886] netlink: 'syz.4.2544': attribute type 2 has an invalid length. [ 339.871193][T13922] syzkaller0: entered promiscuous mode [ 339.873115][T13922] syzkaller0: entered allmulticast mode [ 339.970533][T13925] netlink: 'syz.1.2554': attribute type 1 has an invalid length. [ 339.995144][T13925] 8021q: adding VLAN 0 to HW filter on device bond10 [ 340.065108][T13925] 8021q: adding VLAN 0 to HW filter on device bond10 [ 340.067463][T13925] bond10: (slave vxcan1): The slave device specified does not support setting the MAC address [ 340.071090][T13925] bond10: (slave vxcan1): Error -95 calling set_mac_address [ 340.105321][T13932] macvlan2: entered promiscuous mode [ 340.107051][T13932] macvlan2: entered allmulticast mode [ 340.109101][T13932] bond10: entered promiscuous mode [ 340.111075][T13932] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 340.134260][T13932] bond10: left promiscuous mode [ 340.934357][T13945] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2559'. [ 340.990349][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2559'. [ 341.004794][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2559'. [ 341.009641][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2559'. [ 341.014618][T13950] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2559'. [ 342.078025][T13972] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2565'. [ 342.114347][T13972] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2565'. [ 342.448088][T13983] netlink: 'syz.1.2569': attribute type 1 has an invalid length. [ 342.479005][T13983] 8021q: adding VLAN 0 to HW filter on device bond11 [ 342.497688][T13983] bond11: (slave dummy0): making interface the new active one [ 342.504826][T13983] bond11: (slave dummy0): Enslaving as an active interface with an up link [ 350.590107][T14138] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 350.596761][T14138] Error validating options; rc = [-22] [ 351.403258][T14154] 9p: Bad value for 'version' [ 351.463438][T14156] netlink: zone id is out of range [ 351.547897][T14156] netlink: set zone limit has 4 unknown bytes [ 352.738393][T14172] bond2: left allmulticast mode [ 352.787909][T14174] tipc: Enabled bearer , priority 0 [ 352.795301][T14174] syzkaller0: entered promiscuous mode [ 352.797146][T14174] syzkaller0: entered allmulticast mode [ 352.859622][T14174] tipc: Resetting bearer [ 352.865920][T14173] tipc: Resetting bearer [ 352.882034][T14173] tipc: Disabling bearer [ 356.656258][T14296] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2638'. [ 357.260551][T14312] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2642'. [ 357.263307][T14312] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2642'. [ 361.028407][T14376] tipc: Enabling of bearer rejected, failed to enable media [ 364.343202][T14456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2674'. [ 364.348543][T14456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2674'. [ 365.567429][T14480] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2678'. [ 365.917489][T14492] netlink: 'syz.3.2683': attribute type 1 has an invalid length. [ 365.930048][T14492] 8021q: adding VLAN 0 to HW filter on device bond18 [ 365.938867][T14492] bond18: (slave dummy0): making interface the new active one [ 365.942466][T14492] bond18: (slave dummy0): Enslaving as an active interface with an up link [ 366.098199][ T1145] bond18: (slave dummy0): link status definitely down, disabling slave [ 366.123470][ T1145] bond18: now running without any active interface! [ 366.137302][T14500] tipc: Enabling of bearer rejected, failed to enable media [ 366.670421][T14508] netlink: 'syz.3.2686': attribute type 1 has an invalid length. [ 366.675472][T14508] netlink: 'syz.3.2686': attribute type 3 has an invalid length. [ 367.598439][T14523] tipc: Enabling of bearer rejected, failed to enable media [ 368.556261][T14568] netlink: 'syz.1.2700': attribute type 1 has an invalid length. [ 368.584397][T14568] 8021q: adding VLAN 0 to HW filter on device bond12 [ 368.618596][T14568] bond12: (slave gretap3): making interface the new active one [ 368.629609][T14568] bond12: (slave gretap3): Enslaving as an active interface with an up link [ 371.114008][T14616] geneve3: entered allmulticast mode [ 371.124057][ T1147] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20001 - 0 [ 371.129683][ T1147] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20001 - 0 [ 371.132627][ T1147] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20001 - 0 [ 371.135465][ T1147] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20001 - 0 [ 373.307389][T14671] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2728'. [ 374.209190][T14684] fuse: Bad value for 'fd' [ 377.710930][T14772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2748'. [ 377.736937][T14772] bond11: (slave dummy0): Releasing active interface [ 379.720276][T14803] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2757'. [ 380.975425][T14821] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2763'. [ 383.320641][ T1420] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.326505][ T1420] ieee802154 phy1 wpan1: encryption failed: -22 [ 386.293487][T14899] syz.4.2775 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 386.297696][T14899] CPU: 1 UID: 0 PID: 14899 Comm: syz.4.2775 Tainted: G L syzkaller #0 PREEMPT(full) [ 386.297725][T14899] Tainted: [L]=SOFTLOCKUP [ 386.297729][T14899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 386.297735][T14899] Call Trace: [ 386.297740][T14899] [ 386.297745][T14899] dump_stack_lvl+0x100/0x190 [ 386.297762][T14899] dump_header+0xfb/0x606 [ 386.297774][T14899] oom_kill_process.cold+0xd/0x321 [ 386.297786][T14899] out_of_memory+0x1256/0x14f0 [ 386.297803][T14899] ? __pfx_out_of_memory+0x10/0x10 [ 386.297821][T14899] __alloc_frozen_pages_noprof+0x1d30/0x2410 [ 386.297842][T14899] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 386.297864][T14899] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 386.297876][T14899] ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80 [ 386.297892][T14899] ? policy_nodemask+0xed/0x4f0 [ 386.297908][T14899] alloc_pages_mpol+0x1fb/0x550 [ 386.297924][T14899] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 386.297940][T14899] ? alloc_pages_mpol+0x13/0x550 [ 386.297956][T14899] alloc_pages_noprof+0x131/0x390 [ 386.297972][T14899] __vmalloc_node_range_noprof+0xa1d/0x1530 [ 386.297986][T14899] ? packet_set_ring+0xb14/0x1860 [ 386.298001][T14899] ? policy_nodemask+0xed/0x4f0 [ 386.298015][T14899] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 386.298026][T14899] ? alloc_pages_mpol+0x25a/0x550 [ 386.298042][T14899] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 386.298056][T14899] ? rcu_is_watching+0x12/0xc0 [ 386.298066][T14899] ? packet_set_ring+0xa57/0x1860 [ 386.298078][T14899] ? packet_set_ring+0xb14/0x1860 [ 386.298088][T14899] __vmalloc_node_noprof+0xad/0xf0 [ 386.298098][T14899] ? packet_set_ring+0xb14/0x1860 [ 386.298110][T14899] packet_set_ring+0xb14/0x1860 [ 386.298128][T14899] packet_setsockopt+0x11f8/0x3580 [ 386.298139][T14899] ? __pfx___might_resched+0x10/0x10 [ 386.298156][T14899] ? __lock_acquire+0x4a5/0x2630 [ 386.298171][T14899] ? __pfx_packet_setsockopt+0x10/0x10 [ 386.298183][T14899] ? aa_sk_perm+0x2de/0xb40 [ 386.298199][T14899] ? rcu_is_watching+0x12/0xc0 [ 386.298212][T14899] ? find_held_lock+0x2b/0x80 [ 386.298224][T14899] ? aa_sock_opt_perm+0xfe/0x1b0 [ 386.298237][T14899] ? __pfx_packet_setsockopt+0x10/0x10 [ 386.298250][T14899] do_sock_setsockopt+0xf3/0x1d0 [ 386.298264][T14899] __sys_setsockopt+0x119/0x190 [ 386.298282][T14899] __ia32_sys_setsockopt+0xbc/0x160 [ 386.298296][T14899] ? __do_fast_syscall_32+0x97/0x660 [ 386.298310][T14899] ? lockdep_hardirqs_on+0x78/0x100 [ 386.298322][T14899] __do_fast_syscall_32+0xde/0x660 [ 386.298337][T14899] do_fast_syscall_32+0x32/0x70 [ 386.298351][T14899] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 386.298364][T14899] RIP: 0023:0xf7f93579 [ 386.298373][T14899] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 386.298384][T14899] RSP: 002b:00000000f541450c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 386.298395][T14899] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000107 [ 386.298401][T14899] RDX: 0000000000000005 RSI: 00000000800000c0 RDI: 000000000000001c [ 386.298408][T14899] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 386.298414][T14899] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 386.298420][T14899] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 386.298433][T14899] [ 386.298460][T14899] Mem-Info: [ 386.404714][T14899] active_anon:5336 inactive_anon:10559 isolated_anon:0 [ 386.404714][T14899] active_file:4479 inactive_file:12153 isolated_file:0 [ 386.404714][T14899] unevictable:1768 dirty:248 writeback:0 [ 386.404714][T14899] slab_reclaimable:6601 slab_unreclaimable:65165 [ 386.404714][T14899] mapped:27992 shmem:14403 pagetables:1459 [ 386.404714][T14899] sec_pagetables:320 bounce:0 [ 386.404714][T14899] kernel_misc_reclaimable:0 [ 386.404714][T14899] free:42220 free_pcp:158 free_cma:0 [ 386.418756][T14899] Node 0 active_anon:128kB inactive_anon:68kB active_file:4kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:4kB writeback:0kB shmem:4344kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10088kB pagetables:1680kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 386.428343][T14899] Node 0 DMA free:1500kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:124kB free_cma:0kB [ 386.437901][T14899] lowmem_reserve[]: 0 288 288 288 288 [ 386.439838][T14899] Node 0 DMA32 free:6480kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:0KB free_highatomic:0KB active_anon:52kB inactive_anon:352kB active_file:4kB inactive_file:4kB unevictable:3536kB writepending:4kB zspages:3164kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:508kB local_pcp:476kB free_cma:0kB [ 386.449868][T14899] lowmem_reserve[]: 0 0 0 0 0 [ 386.451595][T14899] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 2*32kB (U) 4*64kB (U) 1*128kB (U) 2*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 1488kB [ 386.456409][T14899] Node 0 DMA32: 31*4kB (ME) 38*8kB (ME) 10*16kB (UME) 43*32kB (UME) 36*64kB (UME) 15*128kB (UME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6188kB [ 386.461663][T14899] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 386.464690][T14899] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 386.467690][T14899] 32465 total pagecache pages [ 386.469253][T14899] 1445 pages in swap cache [ 386.470708][T14899] Free swap = 59544kB [ 386.472040][T14899] Total swap = 124996kB [ 386.473404][T14899] 524155 pages RAM [ 386.474639][T14899] 0 pages HighMem/MovableOnly [ 386.476213][T14899] 209486 pages reserved [ 386.477629][T14899] 0 pages cma reserved [ 386.478984][T14899] Unreclaimable slab info: [ 386.480450][T14899] Name Used Total [ 386.482462][T14899] bio-184 4KB 4KB [ 386.484461][T14899] pid_3 31KB 31KB [ 386.486475][T14899] pid_2 94KB 141KB [ 386.488479][T14899] bio-472 15KB 15KB [ 386.490488][T14899] bio-536 15KB 15KB [ 386.492461][T14899] bio-552 15KB 15KB [ 386.494447][T14899] bio-584 15KB 15KB [ 386.496462][T14899] afs_inode_cache 30KB 30KB [ 386.498428][T14899] zspage-zswap1 141KB 141KB [ 386.500443][T14899] zs_handle-zswap1 239KB 240KB [ 386.502423][T14899] zswap_entry 648KB 687KB [ 386.504465][T14899] AF_VSOCK 122KB 122KB [ 386.506474][T14899] sw_flow_stats 4KB 4KB [ 386.508440][T14899] sw_flow 15KB 15KB [ 386.510424][T14899] batadv_tt_change_cache 16KB 16KB [ 386.512579][T14899] batadv_tl_cache 16KB 16KB [ 386.514568][T14899] ceph_osd_request 95KB 95KB [ 386.516591][T14899] ceph_msg 23KB 23KB [ 386.518559][T14899] IEEE-802.15.4-MAC 62KB 62KB [ 386.520587][T14899] p9_req_t 79KB 79KB [ 386.522559][T14899] INET_SMC 31KB 31KB [ 386.524543][T14899] SMC6 125KB 125KB [ 386.526534][T14899] SMC 125KB 125KB [ 386.528492][T14899] TIPC 123KB 123KB [ 386.530445][T14899] RDS 123KB 123KB [ 386.532425][T14899] rds_connection 15KB 15KB [ 386.534408][T14899] SCTPv6 120KB 120KB [ 386.536420][T14899] SCTP 122KB 122KB [ 386.538455][T14899] sctp_chunk 70KB 109KB [ 386.540438][T14899] sctp_bind_bucket 16KB 16KB [ 386.542349][T14899] PNPIPE 123KB 123KB [ 386.544295][T14899] PHONET 31KB 31KB [ 386.614816][T14899] L2TP/IPv6 95KB 95KB [ 386.616819][T14899] L2TP/IP 63KB 63KB [ 386.618803][T14899] KCM 124KB 124KB [ 386.620791][T14899] kcm_mux 63KB 63KB [ 386.622750][T14899] RXRPC 128KB 128KB [ 386.624708][T14899] rxrpc_call_jar 286KB 286KB [ 386.626705][T14899] can_receiver 35KB 51KB [ 386.628682][T14899] net_bridge_fdb_entry 27KB 27KB [ 386.630716][T14899] nf-frags 79KB 118KB [ 386.632672][T14899] xfrm6_tunnel_spi 8KB 8KB [ 386.634620][T14899] MPTCPv6 125KB 125KB [ 386.636633][T14899] fib6_node 97KB 120KB [ 386.638611][T14899] ip6_dst_cache 140KB 203KB [ 386.640645][T14899] PINGv6 92KB 92KB [ 386.642628][T14899] RAWv6 216KB 216KB [ 386.644592][T14899] UDPLITEv6 122KB 122KB [ 386.646635][T14899] UDPv6 413KB 704KB [ 386.648607][T14899] tw_sock_TCPv6 15KB 15KB [ 386.650590][T14899] TCPv6 337KB 506KB [ 386.652582][T14899] ip_vs_conn 7KB 7KB [ 386.654540][T14899] nf_conntrack 40KB 133KB [ 386.656661][T14899] wg_peer 148KB 148KB [ 386.658632][T14899] allowedips_node 19KB 19KB [ 386.660641][T14899] t10_alua_lu_gp_cache 7KB 7KB [ 386.662705][T14899] scsi_sense_cache 48KB 48KB [ 386.664695][T14899] virtio_scsi_cmd 16KB 16KB [ 386.666732][T14899] bio-136 66KB 92KB [ 386.668766][T14899] io_kiocb 4093KB 4164KB [ 386.670785][T14899] bio-264 7KB 7KB [ 386.672780][T14899] mqueue_inode_cache 121KB 121KB [ 386.674819][T14899] f2fs_bio_post_read_ctx 23KB 23KB [ 386.677076][T14899] jfs_mp 7KB 7KB [ 386.679082][T14899] orangefs_op_cache 51KB 51KB [ 386.681067][T14899] fuse_request 79KB 118KB [ 386.683076][T14899] cifs_small_rq 16KB 16KB [ 386.685106][T14899] cifs_request 67KB 67KB [ 386.687053][T14899] cifs_mpx_ids 7KB 7KB [ 386.689043][T14899] cifs_io_subrequest 39KB 39KB [ 386.691025][T14899] cifs_io_request 95KB 95KB [ 386.692993][T14899] nfs_commit_data 15KB 15KB [ 386.695030][T14899] nfs_write_data 63KB 63KB [ 386.697012][T14899] ecryptfs_sb_cache 7KB 7KB [ 386.699041][T14899] jbd2_inode 7KB 7KB [ 386.701033][T14899] ext4_system_zone 3KB 3KB [ 386.702999][T14899] ext4_io_end_vec 15KB 15KB [ 386.705034][T14899] kioctx 127KB 127KB [ 386.706990][T14899] aio_kiocb 31KB 31KB [ 386.708975][T14899] userfaultfd_ctx_cache 63KB 63KB [ 386.711031][T14899] fanotify_path_event 3KB 3KB [ 386.713047][T14899] fanotify_fid_event 11KB 11KB [ 386.715090][T14899] fanotify_mark 15KB 15KB [ 386.717068][T14899] dnotify_mark 7KB 7KB [ 386.719060][T14899] dnotify_struct 7KB 7KB [ 386.721024][T14899] fasync_cache 15KB 15KB [ 386.723004][T14899] pid_namespace 61KB 61KB [ 386.820915][T14899] kvm_gmem_inode_cache 31KB 31KB [ 386.823075][T14899] kvm_async_pf 3KB 3KB [ 386.825566][T14899] kvm_vcpu 123KB 123KB [ 386.827716][T14899] kvm_mmu_page_header 54KB 85KB [ 386.829710][T14899] pte_list_desc 114KB 114KB [ 386.831833][T14899] x86_emulator 126KB 126KB [ 386.833940][T14899] rpc_buffers 31KB 31KB [ 386.835976][T14899] rpc_tasks 7KB 7KB [ 386.837910][T14899] UNIX-STREAM 336KB 336KB [ 386.839834][T14899] UNIX 385KB 673KB [ 386.841756][T14899] ip4-frags 23KB 23KB [ 386.843867][T14899] mfc_cache 8KB 8KB [ 386.845885][T14899] UDP-Lite 123KB 123KB [ 386.850032][T14899] MPTCP 120KB 120KB [ 386.853533][T14899] request_sock_subflow_v4 7KB 7KB [ 386.855895][T14899] tcp_bind2_bucket 16KB 16KB [ 386.857844][T14899] tcp_bind_bucket 16KB 16KB [ 386.859770][T14899] inet_peer 8KB 8KB [ 386.861725][T14899] xfrm_dst 78KB 157KB [ 386.863661][T14899] xfrm_state 256KB 541KB [ 386.866475][T14899] ip_fib_trie 32KB 32KB [ 386.868440][T14899] ip_fib_alias 47KB 90KB [ 386.870401][T14899] rtable 890KB 912KB [ 386.872364][T14899] PING 63KB 63KB [ 386.874310][T14899] RAW 159KB 159KB [ 386.876337][T14899] UDP 154KB 154KB [ 386.878267][T14899] tw_sock_TCP 7KB 7KB [ 386.880226][T14899] request_sock_TCP 23KB 23KB [ 386.882173][T14899] TCP 363KB 573KB [ 386.884123][T14899] hugetlbfs_inode_cache 125KB 125KB [ 386.886245][T14899] fscache_cookie_jar 23KB 23KB [ 386.888202][T14899] netfs_subrequest 93KB 93KB [ 386.890159][T14899] netfs_request 159KB 159KB [ 386.892095][T14899] bio-280 15KB 15KB [ 386.894048][T14899] backing_aio 4KB 4KB [ 386.896036][T14899] ep_head 16KB 16KB [ 386.897993][T14899] eventpoll_pwq 19KB 19KB [ 386.899925][T14899] eventpoll_epi 66KB 66KB [ 386.901861][T14899] inotify_inode_mark 27KB 27KB [ 386.903821][T14899] sgpool-128 29KB 29KB [ 386.905814][T14899] sgpool-64 31KB 31KB [ 386.910670][T14899] sgpool-32 126KB 126KB [ 386.912772][T14899] sgpool-16 62KB 62KB [ 386.914854][T14899] sgpool-8 46KB 46KB [ 386.916925][T14899] bio_crypt_ctx 7KB 7KB [ 386.919705][T14899] bio_integrity_data 4KB 4KB [ 386.921786][T14899] request_queue 262KB 278KB [ 386.923819][T14899] blkdev_ioc 31KB 31KB [ 386.926059][T14899] bio-200 112KB 148KB [ 386.928127][T14899] biovec-max 748KB 922KB [ 386.930212][T14899] biovec-64 189KB 378KB [ 386.932256][T14899] biovec-16 46KB 46KB [ 386.934305][T14899] mm_slot 15KB 15KB [ 386.936432][T14899] ksm_mm_slot 4KB 4KB [ 386.938484][T14899] user_namespace 93KB 93KB [ 386.940587][T14899] uid_cache 31KB 31KB [ 386.942730][T14899] iommu_iova_magazine 1031KB 1039KB [ 386.944870][T14899] iommu_iova 204KB 204KB [ 386.946946][T14899] dmaengine-unmap-256 30KB 30KB [ 386.949060][T14899] dmaengine-unmap-128 30KB 30KB [ 386.951161][T14899] dmaengine-unmap-16 4KB 4KB [ 386.953231][T14899] dmaengine-unmap-2 4KB 4KB [ 386.955282][T14899] QIPCRTR 125KB 125KB [ 386.957370][T14899] audit_buffer 89KB 128KB [ 386.959429][T14899] skbuff_ext_cache 28KB 28KB [ 386.962018][T14899] skbuff_small_head 854KB 1126KB [ 386.964749][T14899] skbuff_fclone_cache 328KB 421KB [ 386.966853][T14899] skbuff_head_cache 1880KB 1937KB [ 386.968921][T14899] configfs_dir_cache 16KB 16KB [ 387.004986][T14899] file_lease_cache 134KB 206KB [ 387.006967][T14899] file_lock_cache 111KB 198KB [ 387.008933][T14899] file_lock_ctx 19KB 19KB [ 387.010878][T14899] fsnotify_mark_connector 15KB 15KB [ 387.012980][T14899] posix_timers_cache 32KB 32KB [ 387.015043][T14899] taskstats 61KB 61KB [ 387.017030][T14899] mem_cgroup_per_node 107KB 123KB [ 387.019061][T14899] mem_cgroup 89KB 89KB [ 387.021023][T14899] proc_dir_entry 732KB 789KB [ 387.022962][T14899] pde_opener 15KB 15KB [ 387.024994][T14899] seq_file 93KB 156KB [ 387.026948][T14899] sigqueue 35KB 55KB [ 387.028914][T14899] shmem_inode_cache 7844KB 7988KB [ 387.030857][T14899] kernfs_iattrs_cache 15KB 15KB [ 387.032872][T14899] kernfs_node_cache 32232KB 32261KB [ 387.034886][T14899] mnt_cache 128KB 165KB [ 387.036922][T14899] bfilp 23KB 23KB [ 387.038931][T14899] filp 554KB 590KB [ 387.040888][T14899] names_cache 4143KB 4403KB [ 387.042843][T14899] net_namespace 141KB 141KB [ 387.044860][T14899] ima_iint_cache 63KB 63KB [ 387.046828][T14899] lsm_inode_cache 1449KB 1945KB [ 387.048788][T14899] lsm_file_cache 171KB 204KB [ 387.050726][T14899] key_jar 63KB 63KB [ 387.052660][T14899] uts_namespace 62KB 62KB [ 387.054700][T14899] nsproxy 15KB 15KB [ 387.056662][T14899] vm_area_struct 1380KB 1406KB [ 387.058618][T14899] fs_cache 73KB 92KB [ 387.060605][T14899] files_cache 350KB 366KB [ 387.062548][T14899] signal_cache 1073KB 1787KB [ 387.064505][T14899] sighand_cache 1295KB 1984KB [ 387.066522][T14899] task_struct 5163KB 5236KB [ 387.068492][T14899] cred 182KB 336KB [ 387.070456][T14899] anon_vma_chain 357KB 378KB [ 387.072425][T14899] anon_vma 417KB 478KB [ 387.074387][T14899] pid 243KB 441KB [ 387.076401][T14899] Acpi-Operand 249KB 356KB [ 387.078356][T14899] Acpi-ParseExt 133KB 133KB [ 387.080334][T14899] Acpi-Parse 70KB 86KB [ 387.082287][T14899] Acpi-State 90KB 126KB [ 387.084242][T14899] Acpi-Namespace 56KB 56KB [ 387.086243][T14899] shared_policy_node 4KB 4KB [ 387.088224][T14899] numa_policy 15KB 15KB [ 387.090202][T14899] perf_event 62KB 62KB [ 387.092159][T14899] trace_event_file 532KB 532KB [ 387.094126][T14899] ftrace_event_field 1004KB 1004KB [ 387.096148][T14899] pool_workqueue 1859KB 1904KB [ 387.098109][T14899] task_group 46KB 46KB [ 387.100070][T14899] maple_node 1673KB 1696KB [ 387.102019][T14899] mm_struct 477KB 581KB [ 387.103956][T14899] vmap_area 1291KB 1303KB [ 387.106009][T14899] debug_objects_cache 2928KB 3501KB [ 387.107996][T14899] page->ptl 148KB 173KB [ 387.109983][T14899] kmalloc-cg-8k 4176KB 4288KB [ 387.111932][T14899] kmalloc-cg-4k 18008KB 18304KB [ 387.113893][T14899] kmalloc-cg-2k 13624KB 13920KB [ 387.115893][T14899] kmalloc-cg-1k 3190KB 3296KB [ 387.117855][T14899] kmalloc-cg-512 1063KB 1520KB [ 387.119828][T14899] kmalloc-cg-256 561KB 592KB [ 387.121788][T14899] kmalloc-cg-128 280KB 300KB [ 387.123737][T14899] kmalloc-cg-64 82KB 168KB [ 387.125739][T14899] kmalloc-cg-32 70KB 168KB [ 387.127687][T14899] kmalloc-cg-16 49KB 56KB [ 387.129663][T14899] kmalloc-cg-8 27KB 32KB [ 387.131610][T14899] kmalloc-cg-192 122KB 152KB [ 387.133565][T14899] kmalloc-cg-96 92KB 152KB [ 387.135583][T14899] kmalloc-8k 5264KB 5632KB [ 387.137564][T14899] kmalloc-4k 20232KB 20800KB [ 387.139535][T14899] kmalloc-2k 12656KB 13856KB [ 387.141498][T14899] kmalloc-1k 8774KB 9312KB [ 387.143475][T14899] kmalloc-512 8386KB 10160KB [ 387.145520][T14899] kmalloc-256 4406KB 5080KB [ 387.147499][T14899] kmalloc-128 950KB 1552KB [ 387.149482][T14899] kmalloc-64 3061KB 3496KB [ 387.151449][T14899] kmalloc-32 2520KB 2896KB [ 387.153399][T14899] kmalloc-16 445KB 472KB [ 387.155408][T14899] kmalloc-8 566KB 588KB [ 387.157397][T14899] kmalloc-192 2522KB 3084KB [ 387.159376][T14899] kmalloc-96 1996KB 2720KB [ 387.161320][T14899] kmem_cache_node 224KB 228KB [ 387.163268][T14899] kmem_cache 195KB 195KB [ 387.165288][T14899] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz4,task=syz.4.2775,pid=14899,uid=0 [ 387.169920][T14899] Out of memory (oom_kill_allocating_task): Killed process 14894 (syz.4.2775) total-vm:104304kB, anon-rss:1924kB, file-rss:22964kB, shmem-rss:11392kB, UID:0 pgtables:132kB oom_score_adj:0 [ 387.516815][T14907] netlink: 'syz.4.2779': attribute type 1 has an invalid length. [ 387.545618][T14907] bond19: (slave vxcan1): The slave device specified does not support setting the MAC address [ 387.549626][T14907] bond19: (slave vxcan1): Error -95 calling set_mac_address [ 387.648844][T14911] bond19: (slave gretap3): making interface the new active one [ 387.654967][T14911] bond19: (slave gretap3): Enslaving as an active interface with an up link [ 387.732613][T14907] macvlan2: entered promiscuous mode [ 387.734917][T14907] macvlan2: entered allmulticast mode [ 387.737008][T14907] bond19: entered promiscuous mode [ 387.738648][T14907] gretap3: entered promiscuous mode [ 387.740673][T14907] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 387.895126][T14907] bond19: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap3 [ 387.967934][T14907] bond19: left promiscuous mode [ 387.972024][T14907] gretap3: left promiscuous mode [ 390.019852][T14963] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 390.024245][T14963] Error validating options; rc = [-22] [ 394.514139][T15018] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 395.035303][T15018] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 395.107719][T15018] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 395.170782][T15018] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 20001 - 0 [ 395.285963][ T46] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 20001 - 0 [ 395.313651][ T46] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 20001 - 0 [ 395.374759][ T1183] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 20001 - 0 [ 395.382171][ T1183] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 20001 - 0 [ 397.370009][T15050] netlink: 'syz.1.2815': attribute type 3 has an invalid length. [ 398.554314][T15076] tipc: Can't bind to reserved service type 0 [ 400.227557][T15099] syz.5.2829 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO|__GFP_NOWARN), order=0, oom_score_adj=0 [ 400.232889][T15099] CPU: 0 UID: 0 PID: 15099 Comm: syz.5.2829 Tainted: G L syzkaller #0 PREEMPT(full) [ 400.232919][T15099] Tainted: [L]=SOFTLOCKUP [ 400.232926][T15099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 400.232937][T15099] Call Trace: [ 400.232944][T15099] [ 400.232951][T15099] dump_stack_lvl+0x100/0x190 [ 400.232980][T15099] dump_header+0xfb/0x606 [ 400.233003][T15099] oom_kill_process.cold+0xd/0x321 [ 400.233023][T15099] out_of_memory+0x1256/0x14f0 [ 400.233055][T15099] ? __pfx_out_of_memory+0x10/0x10 [ 400.233087][T15099] __alloc_frozen_pages_noprof+0x1d30/0x2410 [ 400.233119][T15099] ? __vmap_pages_range_noflush+0x3db/0x660 [ 400.233146][T15099] ? is_vmalloc_addr+0x86/0xa0 [ 400.233165][T15099] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 400.233196][T15099] ? __vmalloc_node_range_noprof+0x11eb/0x1530 [ 400.233215][T15099] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 400.233248][T15099] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 400.233268][T15099] ? cpuset_nodemask_valid_mems_allowed+0x5f/0x80 [ 400.233295][T15099] ? policy_nodemask+0xed/0x4f0 [ 400.233324][T15099] alloc_pages_mpol+0x1fb/0x550 [ 400.233351][T15099] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 400.233384][T15099] alloc_pages_noprof+0x131/0x390 [ 400.233411][T15099] __vmalloc_node_range_noprof+0xa1d/0x1530 [ 400.233438][T15099] ? packet_set_ring+0xb14/0x1860 [ 400.233464][T15099] ? policy_nodemask+0xed/0x4f0 [ 400.233489][T15099] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 400.233508][T15099] ? alloc_pages_mpol+0x25a/0x550 [ 400.233535][T15099] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 400.233560][T15099] ? rcu_is_watching+0x12/0xc0 [ 400.233577][T15099] ? packet_set_ring+0xa57/0x1860 [ 400.233598][T15099] ? packet_set_ring+0xb14/0x1860 [ 400.233616][T15099] __vmalloc_node_noprof+0xad/0xf0 [ 400.233633][T15099] ? packet_set_ring+0xb14/0x1860 [ 400.233655][T15099] packet_set_ring+0xb14/0x1860 [ 400.233684][T15099] packet_setsockopt+0x11f8/0x3580 [ 400.233704][T15099] ? __pfx___might_resched+0x10/0x10 [ 400.233733][T15099] ? __lock_acquire+0x4a5/0x2630 [ 400.233759][T15099] ? __pfx_packet_setsockopt+0x10/0x10 [ 400.233779][T15099] ? aa_sk_perm+0x2de/0xb40 [ 400.233816][T15099] ? find_held_lock+0x2b/0x80 [ 400.233836][T15099] ? aa_sock_opt_perm+0xfe/0x1b0 [ 400.233859][T15099] ? __pfx_packet_setsockopt+0x10/0x10 [ 400.233881][T15099] do_sock_setsockopt+0xf3/0x1d0 [ 400.233904][T15099] __sys_setsockopt+0x119/0x190 [ 400.233936][T15099] __ia32_sys_setsockopt+0xbc/0x160 [ 400.233961][T15099] ? __do_fast_syscall_32+0x97/0x660 [ 400.233984][T15099] ? lockdep_hardirqs_on+0x78/0x100 [ 400.234003][T15099] __do_fast_syscall_32+0xde/0x660 [ 400.234027][T15099] do_fast_syscall_32+0x32/0x70 [ 400.234050][T15099] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 400.234072][T15099] RIP: 0023:0xf743d579 [ 400.234086][T15099] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 [ 400.234103][T15099] RSP: 002b:00000000f542450c EFLAGS: 00000292 ORIG_RAX: 000000000000016e [ 400.234121][T15099] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000107 [ 400.234132][T15099] RDX: 0000000000000005 RSI: 00000000800000c0 RDI: 000000000000001c [ 400.234143][T15099] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 400.234153][T15099] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 400.234164][T15099] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 400.234194][T15099] [ 400.234201][T15099] Mem-Info: [ 400.346557][T15099] active_anon:10070 inactive_anon:7377 isolated_anon:0 [ 400.346557][T15099] active_file:3856 inactive_file:9927 isolated_file:0 [ 400.346557][T15099] unevictable:1768 dirty:16 writeback:0 [ 400.346557][T15099] slab_reclaimable:6691 slab_unreclaimable:69048 [ 400.346557][T15099] mapped:30856 shmem:16690 pagetables:1522 [ 400.346557][T15099] sec_pagetables:320 bounce:0 [ 400.346557][T15099] kernel_misc_reclaimable:0 [ 400.346557][T15099] free:42533 free_pcp:523 free_cma:0 [ 400.359800][T15099] Node 0 active_anon:76kB inactive_anon:52kB active_file:4kB inactive_file:4kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:16kB dirty:0kB writeback:0kB shmem:4344kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10152kB pagetables:1668kB sec_pagetables:1160kB all_unreclaimable? yes Balloon:0kB [ 400.368740][T15099] Node 0 DMA free:1432kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:8kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:124kB local_pcp:124kB free_cma:0kB [ 400.377772][T15099] lowmem_reserve[]: 0 288 288 288 288 [ 400.379518][T15099] Node 0 DMA32 free:5360kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:120kB active_file:4kB inactive_file:4kB unevictable:3536kB writepending:0kB zspages:3316kB present:1032196kB managed:295104kB mlocked:0kB bounce:0kB free_pcp:1968kB local_pcp:1916kB free_cma:0kB [ 400.389040][T15099] lowmem_reserve[]: 0 0 0 0 0 [ 400.390524][T15099] Node 0 DMA: 0*4kB 1*8kB (U) 1*16kB (U) 0*32kB 0*64kB 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 0*2048kB 0*4096kB = 1432kB [ 400.394480][T15099] Node 0 DMA32: 36*4kB (UME) 48*8kB (UME) 10*16kB (UME) 46*32kB (UME) 24*64kB (UME) 9*128kB (UME) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5360kB [ 400.399237][T15099] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 400.402044][T15099] Node 0 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB [ 400.404812][T15099] 31799 total pagecache pages [ 400.406279][T15099] 1302 pages in swap cache [ 400.407718][T15099] Free swap = 46532kB [ 400.409064][T15099] Total swap = 124996kB [ 400.410344][T15099] 524155 pages RAM [ 400.411506][T15099] 0 pages HighMem/MovableOnly [ 400.412988][T15099] 209486 pages reserved [ 400.414282][T15099] 0 pages cma reserved [ 400.415499][T15099] Unreclaimable slab info: [ 400.416888][T15099] Name Used Total [ 400.419011][T15099] bio-184 4KB 4KB [ 400.420933][T15099] pid_3 31KB 31KB [ 400.422754][T15099] pid_2 90KB 133KB [ 400.424620][T15099] bio-472 15KB 15KB [ 400.426400][T15099] bio-536 15KB 15KB [ 400.428279][T15099] bio-552 15KB 15KB [ 400.430125][T15099] bio-584 15KB 15KB [ 400.431939][T15099] afs_inode_cache 30KB 30KB [ 400.433775][T15099] zspage-zswap1 173KB 173KB [ 400.435612][T15099] zs_handle-zswap1 295KB 296KB [ 400.437406][T15099] zswap_entry 811KB 845KB [ 400.439308][T15099] AF_VSOCK 122KB 122KB [ 400.441138][T15099] sw_flow_stats 4KB 4KB [ 400.442923][T15099] sw_flow 15KB 15KB [ 400.444782][T15099] batadv_tt_change_cache 16KB 16KB [ 400.446720][T15099] batadv_tl_cache 16KB 16KB [ 400.448603][T15099] ceph_osd_request 95KB 95KB [ 400.450424][T15099] ceph_msg 23KB 23KB [ 400.452232][T15099] IEEE-802.15.4-MAC 62KB 62KB [ 400.454016][T15099] p9_req_t 79KB 79KB [ 400.455861][T15099] INET_SMC 31KB 31KB [ 400.457753][T15099] SMC6 125KB 125KB [ 400.459679][T15099] SMC 125KB 125KB [ 400.461490][T15099] TIPC 123KB 123KB [ 400.463353][T15099] RDS 123KB 123KB [ 400.465232][T15099] rds_connection 15KB 15KB [ 400.467087][T15099] SCTPv6 120KB 120KB [ 400.469021][T15099] SCTP 122KB 122KB [ 400.470887][T15099] sctp_chunk 78KB 117KB [ 400.472783][T15099] sctp_bind_bucket 16KB 16KB [ 400.474620][T15099] PNPIPE 123KB 123KB [ 400.476523][T15099] PHONET 31KB 31KB [ 400.478453][T15099] L2TP/IPv6 95KB 95KB [ 400.480465][T15099] L2TP/IP 63KB 63KB [ 400.482418][T15099] KCM 124KB 124KB [ 400.484557][T15099] kcm_mux 63KB 63KB [ 400.487009][T15099] RXRPC 128KB 128KB [ 400.489328][T15099] rxrpc_call_jar 286KB 286KB [ 400.491238][T15099] can_receiver 35KB 51KB [ 400.493183][T15099] net_bridge_fdb_entry 27KB 27KB [ 400.495347][T15099] nf-frags 79KB 118KB [ 400.497953][T15099] xfrm6_tunnel_spi 8KB 8KB [ 400.500094][T15099] MPTCPv6 125KB 125KB [ 400.502073][T15099] fib6_node 97KB 120KB [ 400.503843][T15099] ip6_dst_cache 140KB 203KB [ 400.505991][T15099] PINGv6 92KB 92KB [ 400.508580][T15099] RAWv6 216KB 216KB [ 400.510663][T15099] UDPLITEv6 122KB 122KB [ 400.512684][T15099] UDPv6 413KB 704KB [ 400.514649][T15099] tw_sock_TCPv6 15KB 15KB [ 400.516995][T15099] TCPv6 480KB 506KB [ 400.519703][T15099] ip_vs_conn 7KB 7KB [ 400.521771][T15099] nf_conntrack 40KB 133KB [ 400.523773][T15099] wg_peer 148KB 148KB [ 400.525971][T15099] allowedips_node 19KB 19KB [ 400.528537][T15099] t10_alua_lu_gp_cache 7KB 7KB [ 400.531004][T15099] scsi_sense_cache 48KB 48KB [ 400.533051][T15099] virtio_scsi_cmd 16KB 16KB [ 400.534979][T15099] bio-136 66KB 92KB [ 400.537018][T15099] io_kiocb 5979KB 5992KB [ 400.539598][T15099] bio-264 7KB 7KB [ 400.541971][T15099] mqueue_inode_cache 121KB 121KB [ 400.544336][T15099] f2fs_bio_post_read_ctx 23KB 23KB [ 400.547266][T15099] jfs_mp 7KB 7KB [ 400.549875][T15099] orangefs_op_cache 51KB 51KB [ 400.552446][T15099] fuse_request 79KB 118KB [ 400.554759][T15099] cifs_small_rq 16KB 16KB [ 400.557279][T15099] cifs_request 67KB 67KB [ 400.559831][T15099] cifs_mpx_ids 7KB 7KB [ 400.562358][T15099] cifs_io_subrequest 39KB 39KB [ 400.564933][T15099] cifs_io_request 95KB 95KB [ 400.567425][T15099] nfs_commit_data 15KB 15KB [ 400.569960][T15099] nfs_write_data 63KB 63KB [ 400.572414][T15099] ecryptfs_sb_cache 15KB 15KB [ 400.574892][T15099] jbd2_inode 7KB 7KB [ 400.577382][T15099] ext4_system_zone 3KB 3KB [ 400.580028][T15099] ext4_io_end_vec 15KB 15KB [ 400.582518][T15099] kioctx 127KB 127KB [ 400.585026][T15099] aio_kiocb 31KB 31KB [ 400.587499][T15099] userfaultfd_ctx_cache 63KB 63KB [ 400.590261][T15099] fanotify_path_event 3KB 3KB [ 400.592810][T15099] fanotify_fid_event 11KB 11KB [ 400.595303][T15099] fanotify_mark 15KB 15KB [ 400.597874][T15099] dnotify_mark 7KB 7KB [ 400.600409][T15099] dnotify_struct 7KB 7KB [ 400.602886][T15099] fasync_cache 15KB 15KB [ 400.605369][T15099] pid_namespace 61KB 61KB [ 400.607888][T15099] kvm_gmem_inode_cache 31KB 31KB [ 400.610472][T15099] kvm_async_pf 3KB 3KB [ 400.612960][T15099] kvm_vcpu 123KB 123KB [ 400.615447][T15099] kvm_mmu_page_header 54KB 85KB [ 400.618108][T15099] pte_list_desc 114KB 114KB [ 400.620630][T15099] x86_emulator 126KB 126KB [ 400.623126][T15099] rpc_buffers 31KB 31KB [ 400.625630][T15099] rpc_tasks 7KB 7KB [ 400.628265][T15099] UNIX-STREAM 336KB 336KB [ 400.630798][T15099] UNIX 476KB 673KB [ 400.633289][T15099] ip4-frags 23KB 23KB [ 400.635760][T15099] mfc_cache 8KB 8KB [ 400.638386][T15099] UDP-Lite 123KB 123KB [ 400.640898][T15099] MPTCP 120KB 120KB [ 400.643371][T15099] request_sock_subflow_v4 7KB 7KB [ 400.646076][T15099] tcp_bind2_bucket 16KB 16KB [ 400.648659][T15099] tcp_bind_bucket 16KB 16KB [ 400.651184][T15099] inet_peer 8KB 8KB [ 400.653715][T15099] xfrm_dst 78KB 157KB [ 400.656245][T15099] xfrm_state 256KB 541KB [ 400.658841][T15099] ip_fib_trie 32KB 32KB [ 400.661371][T15099] ip_fib_alias 47KB 90KB [ 400.663897][T15099] rtable 59KB 180KB [ 400.666381][T15099] PING 63KB 63KB [ 400.669020][T15099] RAW 159KB 159KB [ 400.671478][T15099] UDP 154KB 154KB [ 400.674023][T15099] tw_sock_TCP 7KB 7KB [ 400.676575][T15099] request_sock_TCP 23KB 23KB [ 400.679226][T15099] TCP 363KB 541KB [ 400.681735][T15099] hugetlbfs_inode_cache 125KB 125KB [ 400.684366][T15099] fscache_cookie_jar 23KB 23KB [ 400.686255][T15099] netfs_subrequest 93KB 93KB [ 400.688217][T15099] netfs_request 159KB 159KB [ 400.690104][T15099] bio-280 15KB 15KB [ 400.691976][T15099] backing_aio 4KB 4KB [ 400.693896][T15099] ep_head 16KB 16KB [ 400.695779][T15099] eventpoll_pwq 19KB 19KB [ 400.697690][T15099] eventpoll_epi 66KB 66KB [ 400.699661][T15099] inotify_inode_mark 27KB 27KB [ 400.701635][T15099] sgpool-128 29KB 29KB [ 400.703526][T15099] sgpool-64 31KB 31KB [ 400.705358][T15099] sgpool-32 126KB 126KB [ 400.707199][T15099] sgpool-16 62KB 62KB [ 400.709119][T15099] sgpool-8 46KB 46KB [ 400.710989][T15099] bio_crypt_ctx 7KB 7KB [ 400.712871][T15099] bio_integrity_data 4KB 4KB [ 400.714752][T15099] request_queue 262KB 278KB [ 400.716657][T15099] blkdev_ioc 31KB 31KB [ 400.718541][T15099] bio-200 118KB 148KB [ 400.720422][T15099] biovec-max 748KB 922KB [ 400.722280][T15099] biovec-64 189KB 378KB [ 400.724159][T15099] biovec-16 46KB 46KB [ 400.726111][T15099] mm_slot 15KB 15KB [ 400.728041][T15099] ksm_mm_slot 4KB 4KB [ 400.729911][T15099] user_namespace 93KB 93KB [ 400.731801][T15099] uid_cache 31KB 31KB [ 400.733682][T15099] iommu_iova_magazine 1031KB 1039KB [ 400.735602][T15099] iommu_iova 204KB 204KB [ 400.737508][T15099] dmaengine-unmap-256 30KB 30KB [ 400.739451][T15099] dmaengine-unmap-128 30KB 30KB [ 400.741349][T15099] dmaengine-unmap-16 4KB 4KB [ 400.743221][T15099] dmaengine-unmap-2 4KB 4KB [ 400.745101][T15099] QIPCRTR 125KB 125KB [ 400.746936][T15099] audit_buffer 89KB 128KB [ 400.748907][T15099] skbuff_ext_cache 28KB 28KB [ 400.750792][T15099] skbuff_small_head 1285KB 1358KB [ 400.752680][T15099] skbuff_fclone_cache 362KB 531KB [ 400.754582][T15099] skbuff_head_cache 1073KB 1085KB [ 400.756473][T15099] configfs_dir_cache 16KB 16KB [ 400.758421][T15099] file_lease_cache 134KB 206KB [ 400.760309][T15099] file_lock_cache 111KB 198KB [ 400.762170][T15099] file_lock_ctx 19KB 19KB [ 400.764017][T15099] fsnotify_mark_connector 15KB 15KB [ 400.766036][T15099] posix_timers_cache 32KB 32KB [ 400.767960][T15099] taskstats 61KB 61KB [ 400.769842][T15099] mem_cgroup_per_node 107KB 123KB [ 400.771737][T15099] mem_cgroup 89KB 89KB [ 400.773618][T15099] proc_dir_entry 725KB 789KB [ 400.775454][T15099] pde_opener 15KB 15KB [ 400.777274][T15099] seq_file 93KB 156KB [ 400.779156][T15099] sigqueue 35KB 55KB [ 400.781023][T15099] shmem_inode_cache 7987KB 8019KB [ 400.782905][T15099] kernfs_iattrs_cache 15KB 15KB [ 400.784820][T15099] kernfs_node_cache 32317KB 32388KB [ 400.786692][T15099] mnt_cache 128KB 165KB [ 400.788715][T15099] bfilp 23KB 23KB [ 400.790579][T15099] filp 499KB 590KB [ 400.792451][T15099] names_cache 3803KB 3986KB [ 400.794285][T15099] net_namespace 141KB 141KB [ 400.796116][T15099] ima_iint_cache 63KB 63KB [ 400.798041][T15099] lsm_inode_cache 1473KB 1945KB [ 400.799941][T15099] lsm_file_cache 144KB 200KB [ 400.801826][T15099] key_jar 63KB 63KB [ 400.803687][T15099] uts_namespace 62KB 62KB [ 400.805546][T15099] nsproxy 15KB 15KB [ 400.807399][T15099] vm_area_struct 1178KB 1273KB [ 400.809371][T15099] fs_cache 52KB 92KB [ 400.811463][T15099] files_cache 350KB 366KB [ 400.813714][T15099] signal_cache 1020KB 1787KB [ 400.815789][T15099] sighand_cache 1301KB 1984KB [ 400.817753][T15099] task_struct 5282KB 5374KB [ 400.819620][T15099] cred 192KB 336KB [ 400.821484][T15099] anon_vma_chain 368KB 378KB [ 400.823324][T15099] anon_vma 407KB 478KB [ 400.825159][T15099] pid 242KB 441KB [ 400.827025][T15099] Acpi-Operand 249KB 356KB [ 400.829018][T15099] Acpi-ParseExt 133KB 133KB [ 400.830837][T15099] Acpi-Parse 70KB 86KB [ 400.832731][T15099] Acpi-State 90KB 126KB [ 400.834606][T15099] Acpi-Namespace 56KB 56KB [ 400.836510][T15099] shared_policy_node 4KB 4KB [ 400.838463][T15099] numa_policy 15KB 15KB [ 400.840393][T15099] perf_event 62KB 62KB [ 400.842235][T15099] trace_event_file 532KB 532KB [ 400.844105][T15099] ftrace_event_field 1004KB 1004KB [ 400.845944][T15099] pool_workqueue 1859KB 1904KB [ 400.847823][T15099] task_group 46KB 46KB [ 400.849876][T15099] maple_node 1087KB 1608KB [ 400.851783][T15099] mm_struct 477KB 581KB [ 400.853726][T15099] vmap_area 587KB 1243KB [ 400.855611][T15099] debug_objects_cache 2775KB 3313KB [ 400.857583][T15099] page->ptl 159KB 181KB [ 400.859501][T15099] kmalloc-cg-8k 4208KB 4320KB [ 400.861339][T15099] kmalloc-cg-4k 18152KB 18432KB [ 400.863242][T15099] kmalloc-cg-2k 12212KB 12544KB [ 400.865075][T15099] kmalloc-cg-1k 3148KB 3296KB [ 400.866937][T15099] kmalloc-cg-512 1228KB 1536KB [ 400.868950][T15099] kmalloc-cg-256 575KB 592KB [ 400.870805][T15099] kmalloc-cg-128 280KB 300KB [ 400.872681][T15099] kmalloc-cg-64 82KB 168KB [ 400.874510][T15099] kmalloc-cg-32 70KB 168KB [ 400.876382][T15099] kmalloc-cg-16 49KB 56KB [ 400.878280][T15099] kmalloc-cg-8 27KB 32KB [ 400.880177][T15099] kmalloc-cg-192 122KB 152KB [ 400.882037][T15099] kmalloc-cg-96 92KB 152KB [ 400.883918][T15099] kmalloc-8k 5968KB 6144KB [ 400.885819][T15099] kmalloc-4k 20296KB 20352KB [ 400.887727][T15099] kmalloc-2k 13940KB 14048KB [ 400.889616][T15099] kmalloc-1k 9266KB 9376KB [ 400.891545][T15099] kmalloc-512 8373KB 10160KB [ 400.893455][T15099] kmalloc-256 4715KB 4992KB [ 400.895340][T15099] kmalloc-128 921KB 1520KB [ 400.897242][T15099] kmalloc-64 3075KB 3500KB [ 400.899174][T15099] kmalloc-32 2694KB 2764KB [ 400.901092][T15099] kmalloc-16 436KB 472KB [ 400.902919][T15099] kmalloc-8 581KB 588KB [ 400.904823][T15099] kmalloc-192 2488KB 3068KB [ 400.906719][T15099] kmalloc-96 2150KB 2720KB [ 400.908613][T15099] kmem_cache_node 224KB 228KB [ 400.910492][T15099] kmem_cache 195KB 195KB [ 400.912382][T15099] oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/syz5,task=syz.5.2829,pid=15099,uid=0 [ 400.916776][T15099] Out of memory (oom_kill_allocating_task): Killed process 15095 (syz.5.2829) total-vm:104316kB, anon-rss:256kB, file-rss:22980kB, shmem-rss:11392kB, UID:0 pgtables:128kB oom_score_adj:0 [ 401.147631][T15104] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 401.152217][T15104] Error validating options; rc = [-22] [ 401.263010][T15111] bond18: (slave dummy0): Releasing active interface [ 401.266932][T15111] bond14: (slave veth0_to_bond): Releasing active interface [ 401.275739][T15111] bond14: (slave veth15): Releasing active interface [ 401.281298][T15111] bond15: (slave gretap2): Releasing active interface [ 401.286594][T15111] bond17: (slave vlan4): Releasing active interface [ 404.189842][T15161] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 404.193907][T15161] Error validating options; rc = [-22] [ 404.909303][T15181] netlink: 'syz.4.2848': attribute type 1 has an invalid length. [ 404.975157][T15181] macvlan2: entered promiscuous mode [ 404.977622][T15181] macvlan2: entered allmulticast mode [ 404.985205][T15181] bond20: entered promiscuous mode [ 404.990612][T15181] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 405.000584][T15181] bond20: left promiscuous mode [ 408.436403][T15236] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 408.440775][T15236] Error validating options; rc = [-22] [ 409.974156][T15260] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README [ 409.978444][T15260] Error validating options; rc = [-22] [ 429.370949][T15533] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 429.430599][ T40] kauditd_printk_skb: 14 callbacks suppressed [ 429.430617][ T40] audit: type=1326 audit(1770677016.722:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 429.444187][ T40] audit: type=1326 audit(1770677016.722:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 429.453186][ T40] audit: type=1326 audit(1770677016.722:3281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 429.463200][ T40] audit: type=1326 audit(1770677016.722:3282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 429.473240][ T40] audit: type=1326 audit(1770677016.722:3283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 429.483254][ T40] audit: type=1326 audit(1770677016.722:3284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 429.494446][ T40] audit: type=1326 audit(1770677016.722:3285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 429.504153][ T40] audit: type=1326 audit(1770677016.722:3286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f93598 code=0x7ffc0000 [ 429.513157][ T40] audit: type=1326 audit(1770677016.722:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 429.522214][ T40] audit: type=1326 audit(1770677016.722:3288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15535 comm="syz.4.2942" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93579 code=0x7ffc0000 [ 430.320379][T15552] 9p: Bad value for 'version' [ 435.141266][ T92] ------------[ cut here ]------------ [ 435.143343][ T92] time_after(jiffies, timeout) [ 435.143352][ T92] WARNING: io_uring/io_uring.c:3027 at io_ring_exit_work+0x42d/0xc2b, CPU#3: kworker/u32:5/92 [ 435.148145][ T92] Modules linked in: [ 435.150156][ T92] CPU: 3 UID: 0 PID: 92 Comm: kworker/u32:5 Tainted: G L syzkaller #0 PREEMPT(full) [ 435.154437][ T92] Tainted: [L]=SOFTLOCKUP [ 435.155802][ T92] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 435.158893][ T92] Workqueue: iou_exit io_ring_exit_work [ 435.161605][ T92] RIP: 0010:io_ring_exit_work+0x42d/0xc2b [ 435.163427][ T92] Code: 8e e8 a7 bf 3a 01 48 8b 05 00 29 ec 0c 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 ae 5f d1 00 4d 85 ed 79 12 e8 c4 64 d1 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 b2 64 d1 00 48 8b 74 24 38 [ 435.169491][ T92] RSP: 0018:ffffc9000100fa40 EFLAGS: 00010293 [ 435.171827][ T92] RAX: 0000000000000000 RBX: ffff88804abaa770 RCX: ffffffff8134e992 [ 435.174246][ T92] RDX: ffff888021a2c980 RSI: ffffffff8134e99c RDI: ffff888021a2c980 [ 435.176717][ T92] RBP: ffffc9000100fbd0 R08: 0000000000000007 R09: 0000000000000000 [ 435.179184][ T92] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff88804abaa000 [ 435.182040][ T92] R13: ffffffffffffffff R14: dffffc0000000000 R15: 0000000000000000 [ 435.184408][ T92] FS: 0000000000000000(0000) GS:ffff8880976e2000(0000) knlGS:0000000000000000 [ 435.187123][ T92] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 435.189214][ T92] CR2: 00000000800bd01c CR3: 0000000057788000 CR4: 0000000000352ef0 [ 435.192076][ T92] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 435.194573][ T92] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 435.197098][ T92] Call Trace: [ 435.198184][ T92] [ 435.199163][ T92] ? __pfx_io_ring_exit_work+0x10/0x10 [ 435.201367][ T92] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 435.203218][ T92] ? debug_object_deactivate+0x2e4/0x3b0 [ 435.204912][ T92] ? process_one_work+0x80b/0x1840 [ 435.206490][ T92] ? rcu_is_watching+0x12/0xc0 [ 435.207941][ T92] process_one_work+0x9c2/0x1840 [ 435.209452][ T92] ? __pfx_process_one_work+0x10/0x10 [ 435.211619][ T92] ? assign_work+0x19c/0x250 [ 435.213058][ T92] worker_thread+0x5da/0xe40 [ 435.214491][ T92] ? kthread+0x17d/0x730 [ 435.215803][ T92] ? __pfx_worker_thread+0x10/0x10 [ 435.217372][ T92] kthread+0x3b3/0x730 [ 435.218653][ T92] ? __pfx_kthread+0x10/0x10 [ 435.220151][ T92] ? ret_from_fork+0x79/0xaf0 [ 435.222588][ T92] ? ret_from_fork+0x79/0xaf0 [ 435.224077][ T92] ? rcu_is_watching+0x12/0xc0 [ 435.225541][ T92] ? __pfx_kthread+0x10/0x10 [ 435.227030][ T92] ret_from_fork+0x754/0xaf0 [ 435.228550][ T92] ? __pfx_ret_from_fork+0x10/0x10 [ 435.230186][ T92] ? __switch_to+0x7b9/0x10c0 [ 435.232281][ T92] ? __pfx_kthread+0x10/0x10 [ 435.233771][ T92] ret_from_fork_asm+0x1a/0x30 [ 435.235319][ T92] [ 435.236359][ T92] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 435.238641][ T92] CPU: 3 UID: 0 PID: 92 Comm: kworker/u32:5 Tainted: G L syzkaller #0 PREEMPT(full) [ 435.242043][ T92] Tainted: [L]=SOFTLOCKUP [ 435.243491][ T92] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 435.246661][ T92] Workqueue: iou_exit io_ring_exit_work [ 435.248454][ T92] Call Trace: [ 435.249485][ T92] [ 435.250402][ T92] dump_stack_lvl+0x100/0x190 [ 435.251853][ T92] vpanic+0x20d/0x630 [ 435.253070][ T92] panic+0xd1/0xd1 [ 435.254241][ T92] ? __pfx_panic+0x10/0x10 [ 435.255622][ T92] ? check_panic_on_warn+0x1f/0x90 [ 435.257251][ T92] check_panic_on_warn.cold+0x19/0x34 [ 435.258899][ T92] ? io_ring_exit_work+0x42d/0xc2b [ 435.260491][ T92] __warn.cold+0x191/0x2f8 [ 435.261887][ T92] __report_bug+0x296/0x3d0 [ 435.263312][ T92] ? io_ring_exit_work+0x42d/0xc2b [ 435.264911][ T92] ? __pfx___report_bug+0x10/0x10 [ 435.266474][ T92] ? rcu_is_watching+0x12/0xc0 [ 435.267982][ T92] ? trace_contention_end+0xd6/0x110 [ 435.269627][ T92] ? __mutex_lock+0x26a/0x1b90 [ 435.271078][ T92] ? find_held_lock+0x2b/0x80 [ 435.272531][ T92] ? io_req_caches_free+0x49/0x55 [ 435.274069][ T92] ? io_req_caches_free+0x49/0x55 [ 435.275633][ T92] ? io_ring_exit_work+0x42d/0xc2b [ 435.277288][ T92] report_bug+0xb2/0x220 [ 435.278677][ T92] ? io_ring_exit_work+0x42d/0xc2b [ 435.280308][ T92] handle_bug+0x166/0x2a0 [ 435.281689][ T92] exc_invalid_op+0x17/0x50 [ 435.283156][ T92] asm_exc_invalid_op+0x1a/0x20 [ 435.284709][ T92] RIP: 0010:io_ring_exit_work+0x42d/0xc2b [ 435.286435][ T92] Code: 8e e8 a7 bf 3a 01 48 8b 05 00 29 ec 0c 4c 8b 6c 24 28 31 ff 49 29 c5 4c 89 ee e8 ae 5f d1 00 4d 85 ed 79 12 e8 c4 64 d1 00 90 <0f> 0b 90 48 c7 44 24 38 70 17 00 00 e8 b2 64 d1 00 48 8b 74 24 38 [ 435.292395][ T92] RSP: 0018:ffffc9000100fa40 EFLAGS: 00010293 [ 435.294304][ T92] RAX: 0000000000000000 RBX: ffff88804abaa770 RCX: ffffffff8134e992 [ 435.296788][ T92] RDX: ffff888021a2c980 RSI: ffffffff8134e99c RDI: ffff888021a2c980 [ 435.299238][ T92] RBP: ffffc9000100fbd0 R08: 0000000000000007 R09: 0000000000000000 [ 435.301718][ T92] R10: ffffffffffffffff R11: 0000000000000000 R12: ffff88804abaa000 [ 435.304188][ T92] R13: ffffffffffffffff R14: dffffc0000000000 R15: 0000000000000000 [ 435.306589][ T92] ? io_ring_exit_work+0x422/0xc2b [ 435.308230][ T92] ? io_ring_exit_work+0x42c/0xc2b [ 435.309893][ T92] ? __pfx_io_ring_exit_work+0x10/0x10 [ 435.311623][ T92] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 435.313473][ T92] ? debug_object_deactivate+0x2e4/0x3b0 [ 435.315144][ T92] ? process_one_work+0x80b/0x1840 [ 435.316658][ T92] ? rcu_is_watching+0x12/0xc0 [ 435.318185][ T92] process_one_work+0x9c2/0x1840 [ 435.319796][ T92] ? __pfx_process_one_work+0x10/0x10 [ 435.321511][ T92] ? assign_work+0x19c/0x250 [ 435.322989][ T92] worker_thread+0x5da/0xe40 [ 435.324458][ T92] ? kthread+0x17d/0x730 [ 435.325803][ T92] ? __pfx_worker_thread+0x10/0x10 [ 435.327417][ T92] kthread+0x3b3/0x730 [ 435.328724][ T92] ? __pfx_kthread+0x10/0x10 [ 435.330169][ T92] ? ret_from_fork+0x79/0xaf0 [ 435.331621][ T92] ? ret_from_fork+0x79/0xaf0 [ 435.333069][ T92] ? rcu_is_watching+0x12/0xc0 [ 435.334530][ T92] ? __pfx_kthread+0x10/0x10 [ 435.335947][ T92] ret_from_fork+0x754/0xaf0 [ 435.337406][ T92] ? __pfx_ret_from_fork+0x10/0x10 [ 435.339020][ T92] ? __switch_to+0x7b9/0x10c0 [ 435.340448][ T92] ? __pfx_kthread+0x10/0x10 [ 435.341813][ T92] ret_from_fork_asm+0x1a/0x30 [ 435.343314][ T92] [ 435.345034][ T92] Kernel Offset: disabled [ 435.346416][ T92] Rebooting in 86400 seconds..