last executing test programs: 13.280336858s ago: executing program 0 (id=2315): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DEAUTHENTICATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000006c0)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000895}, 0x20040014) 13.280159938s ago: executing program 0 (id=2316): syz_emit_ethernet(0x83, 0x0, 0x0) 13.259951327s ago: executing program 0 (id=2318): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c080}, 0x8002) 13.190033628s ago: executing program 0 (id=2319): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89801) move_mount(r1, &(0x7f0000000600)='.\x00', 0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x50) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x800804, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 13.180810302s ago: executing program 0 (id=2321): syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0x45eb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x8000) r3 = socket$phonet(0x23, 0x2, 0x1) sendto(r3, 0x0, 0x0, 0x0, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)) listen(r4, 0x90004) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c9"], 0x16) ppoll(&(0x7f00000000c0)=[{r4, 0x60}], 0x1, 0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x4) 11.910577686s ago: executing program 0 (id=2327): syz_emit_ethernet(0x83, 0x0, 0x0) 11.851363392s ago: executing program 32 (id=2327): syz_emit_ethernet(0x83, 0x0, 0x0) 9.599232164s ago: executing program 4 (id=2328): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f00000001c0)={0x1000200001ee0000, 0x3}) mmap$KVM_VCPU(&(0x7f0000000000/0xa000)=nil, 0x930, 0x1000001, 0x11, r2, 0x0) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x3, 0x2) 9.410250293s ago: executing program 4 (id=2361): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TDLS_MGMT(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x20000054) 9.410020402s ago: executing program 4 (id=2362): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) move_mount(0xffffffffffffffff, &(0x7f0000000600)='.\x00', 0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x50) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x800804, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 9.32829632s ago: executing program 4 (id=2363): r0 = creat(&(0x7f0000000340)='./file0\x00', 0x28) close(r0) syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0) r1 = getpid() r2 = syz_pidfd_open(r1, 0x0) mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000000), 0x200040, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}}) 7.905280967s ago: executing program 4 (id=2376): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xf, 0x4, 0x4, 0x12}, 0x50) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="05"], 0x10) bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000140)=ANY=[], 0xc) 7.789483234s ago: executing program 33 (id=2376): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xf, 0x4, 0x4, 0x12}, 0x50) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002700000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94) bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="05"], 0x10) bpf$MAP_CREATE_TAIL_CALL(0x9, &(0x7f0000000140)=ANY=[], 0xc) 6.549516067s ago: executing program 5 (id=2378): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000400)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r0, &(0x7f0000003700)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)={0x5c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x88c7}, @NL80211_ATTR_FRAME={0x2c, 0x33, @data_frame={@msdu=@type10={{}, {}, @from_mac, @device_b, @broadcast}, @a_msdu=[{@broadcast, @device_b}]}}]}, 0x5c}}, 0x0) 6.498640002s ago: executing program 5 (id=2400): r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="440000001000010028ad700402d4df2500000000", @ANYRES32=r2, @ANYBLOB="104e0600816a030024001280110001006272696467655f736c617665000000000c00058008002200"], 0x44}, 0x1, 0x0, 0x0, 0x400c080}, 0x8002) 6.387059145s ago: executing program 5 (id=2403): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89801) move_mount(r1, &(0x7f0000000600)='.\x00', 0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x50) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x800804, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 6.318221378s ago: executing program 5 (id=2404): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x11, &(0x7f0000000340)=0x2, 0x4) 4.869463454s ago: executing program 5 (id=2427): socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x100000, 0x5691409, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000004200)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x0, {0x0, 0x3022d6e144aa3cee}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x28a43, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) fanotify_mark(0xffffffffffffffff, 0x105, 0x40001032, r0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x200000000000000) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001640)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x5f, 0x5f]}}, 0x0, 0x1c, 0x0, 0x1, 0x7f}, 0x28) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) 4.795807659s ago: executing program 34 (id=2427): socket$nl_route(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x5}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x82) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x100000, 0x5691409, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}}, 0x50) syz_fuse_handle_req(r1, &(0x7f0000004200)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x0, {0x0, 0x3022d6e144aa3cee}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x28a43, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) fanotify_mark(0xffffffffffffffff, 0x105, 0x40001032, r0, 0x0) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]}) close_range(r4, 0xffffffffffffffff, 0x200000000000000) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001640)={&(0x7f0000001540)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x4}, {0x0, [0x5f, 0x5f]}}, 0x0, 0x1c, 0x0, 0x1, 0x7f}, 0x28) openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15) 4.750224686s ago: executing program 1 (id=2429): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x220c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x3) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x7) r5 = socket(0xa, 0x1, 0x0) listen(r5, 0x7f) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) 4.628408796s ago: executing program 1 (id=2430): r0 = socket$inet_udp(0x2, 0x2, 0x0) recvmmsg(r0, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001080)=""/9, 0x9}, 0x2}], 0x1, 0x1, 0x0) setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0) 3.739164949s ago: executing program 1 (id=2434): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, 0x0, 0x20040014) 3.737287904s ago: executing program 1 (id=2436): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x220c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x3) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x7) r5 = socket(0xa, 0x1, 0x0) listen(r5, 0x7f) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) 3.689152902s ago: executing program 1 (id=2438): pipe(0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3) sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f0000000400), 0x0, 0x0) read$msr(r0, &(0x7f000001aa40)=""/102392, 0x18ff8) sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, 0x0) syz_io_uring_setup(0x42cb, 0x0, 0x0, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/bus/input/devices\x00', 0x0, 0x0) 3.630261441s ago: executing program 1 (id=2439): syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0x45eb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x8000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'gre0\x00'}) r3 = socket$phonet(0x23, 0x2, 0x1) sendto(r3, 0x0, 0x0, 0x0, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)) listen(r4, 0x90004) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) ppoll(&(0x7f00000000c0)=[{r4, 0x60}], 0x1, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 1.519482559s ago: executing program 6 (id=2428): openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x108002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0xe, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000801017000000000004000000850000002f00000095"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94) socket$inet6_udp(0xa, 0x2, 0x0) socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$packet(0x11, 0x3, 0x300) socket$nl_generic(0x10, 0x3, 0x10) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) socket$xdp(0x2c, 0x3, 0x0) socket$nl_rdma(0x10, 0x3, 0x14) socket$nl_generic(0x10, 0x3, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x101401, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) socket(0x10, 0x3, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x15, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000fcffffff000000008000000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000020000207b8ae8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000008200000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) 1.429251809s ago: executing program 6 (id=2450): openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) read$FUSE(r1, &(0x7f0000001b40)={0x2020}, 0x205c) timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=0x0) timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0) fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff}) r3 = syz_io_uring_setup(0x41b9, &(0x7f0000000300)={0x0, 0x1000fec9, 0x400, 0xff7ffffc, 0x2be}, &(0x7f00000001c0)=0x0, &(0x7f0000000180)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r3, 0xdb4, 0xd070, 0x0, 0x0, 0x0) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 1.428826222s ago: executing program 3 (id=2451): openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/mdstat\x00', 0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081) socket$inet6(0xa, 0x2, 0x0) syz_open_dev$dvb_demux(&(0x7f0000000400), 0x0, 0x700) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0x1}], 0x1) syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x8001, 0x0, 0x1000001000, 0x45}, 0x0, &(0x7f0000000080)={0x3ff, 0x4, 0x100000, 0x9, 0x0, 0x10, 0x80000002}, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 598.404317ms ago: executing program 2 (id=2453): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) socket$tipc(0x1e, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000037}, 0x94) sched_setscheduler(0x0, 0x1, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0) r1 = syz_clone(0x11, 0x0, 0xfffffffffffffede, 0x0, 0x0, 0x0) r2 = syz_open_procfs(r1, &(0x7f0000000100)='oom_score\x00') pread64(r2, &(0x7f0000000500)=""/31, 0x1f, 0x6677) 516.2527ms ago: executing program 3 (id=2454): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x220c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x3) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x7) r5 = socket(0xa, 0x1, 0x0) listen(r5, 0x7f) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) 440.250487ms ago: executing program 3 (id=2455): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x24}}, 0x0) 440.049724ms ago: executing program 2 (id=2456): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010025bd7000000000", @ANYRES32=r1, @ANYBLOB="08009f000600000008002600b409"], 0x3c}, 0x1, 0x0, 0x0, 0x4c854}, 0x4040000) 360.095417ms ago: executing program 2 (id=2457): io_setup(0x239f, &(0x7f0000000380)) socket$nl_generic(0x10, 0x3, 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x0, &(0x7f0000000180)}) r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_int(r1, 0x29, 0x11, &(0x7f0000000040)=0x3, 0x4) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) r2 = fsmount(r0, 0x0, 0x82) fchdir(r2) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) socket$inet_udplite(0x2, 0x2, 0x88) unlinkat(r2, &(0x7f0000000140)='./file0\x00', 0x200) r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0) fsconfig$FSCONFIG_SET_BINARY(r3, 0x6, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x28) r4 = fsmount(r3, 0x0, 0x0) r5 = openat$cgroup_subtree(r4, &(0x7f0000000040), 0x2, 0x0) write$cgroup_subtree(r5, &(0x7f0000000080)={[{0x2d, 'pids'}]}, 0x6) 359.817393ms ago: executing program 3 (id=2458): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan0\x00'}) sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, 0x0, 0x20040014) 250.326399ms ago: executing program 3 (id=2459): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0) r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89801) move_mount(r1, &(0x7f0000000600)='.\x00', 0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x50) mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000000), 0x800804, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 157.364477ms ago: executing program 3 (id=2460): syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) ioctl$F2FS_IOC_GARBAGE_COLLECT(r0, 0x4004f506, &(0x7f0000000180)=0x1) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x7f, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x38, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x3, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x0, 0x200, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x5, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x2, 0x7, 0x6, 0x6, 0x5, 0x3, 0x87, 0x22e2, 0x502, 0xffffffff, 0x7, 0x1ff, 0x6, 0x10001, 0x9e, 0x1, 0x5, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x2, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x1], [0x8, 0x7, 0x3, 0xfffffffc, 0x8000, 0x2, 0x8, 0x1ff, 0xfffffffe, 0x10, 0x5e, 0x4, 0x8, 0x8, 0x5, 0x8, 0x45eb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a4, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x80000000, 0x652d, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c) ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040)=0x8000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000140)={'gre0\x00'}) r3 = socket$phonet(0x23, 0x2, 0x1) sendto(r3, 0x0, 0x0, 0x0, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)) listen(r4, 0x90004) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) ppoll(&(0x7f00000000c0)=[{r4, 0x60}], 0x1, 0x0, 0x0, 0x0) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1) 157.163171ms ago: executing program 6 (id=2461): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100000000000003000008000000180001801400020073797a5f74756e00000000000000000024000280040001001c000380"], 0x50}}, 0x0) 60.220904ms ago: executing program 2 (id=2462): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r0, 0x220c) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r1, 0x3) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x7) r5 = socket(0xa, 0x1, 0x0) listen(r5, 0x7f) socket$inet6_tcp(0xa, 0x1, 0x0) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[], 0x4c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800) 157.372µs ago: executing program 2 (id=2463): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f0000000140)={@dev={0xfe, 0x80, '\x00', 0xf}}, 0x14) 0s ago: executing program 2 (id=2464): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010025bd7000000000", @ANYRES32=r1, @ANYBLOB="08009f000600000008002600b409"], 0x3c}, 0x1, 0x0, 0x0, 0x4c854}, 0x4040000) kernel console output (not intermixed with test programs): cd.0: release socket [ 94.794494][ T94] vhci_hcd vhci_hcd.0: disconnect device [ 94.853420][ T6941] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9) [ 94.855681][ T6941] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 94.866194][ T6941] vhci_hcd vhci_hcd.0: Device attached [ 94.883844][ T6942] vhci_hcd: connection closed [ 94.887482][ T1274] vhci_hcd vhci_hcd.1: stop threads [ 94.896337][ T1274] vhci_hcd vhci_hcd.1: release socket [ 94.898196][ T1274] vhci_hcd vhci_hcd.1: disconnect device [ 95.022011][ T40] kauditd_printk_skb: 85 callbacks suppressed [ 95.022027][ T40] audit: type=1326 audit(1774547214.406:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.033746][ T40] audit: type=1326 audit(1774547214.406:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.043281][ T40] audit: type=1326 audit(1774547214.416:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.053372][ T40] audit: type=1326 audit(1774547214.416:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.061973][ T40] audit: type=1326 audit(1774547214.416:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.081259][ T40] audit: type=1326 audit(1774547214.416:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.100954][ T40] audit: type=1326 audit(1774547214.416:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.109789][ T40] audit: type=1326 audit(1774547214.416:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.119099][ T40] audit: type=1326 audit(1774547214.416:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.128225][ T40] audit: type=1326 audit(1774547214.416:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6945 comm="syz.2.146" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 95.779887][ T6964] veth0: entered promiscuous mode [ 95.784286][ T6964] veth0: left promiscuous mode [ 95.942702][ T6968] fuse: Unknown parameter '0x0000000000000004' [ 96.343803][ T6980] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6) [ 96.346917][ T6980] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 96.353460][ T6980] vhci_hcd vhci_hcd.0: Device attached [ 96.374197][ T6979] macvtap2: entered promiscuous mode [ 96.377422][ T6979] macvtap2: entered allmulticast mode [ 96.398415][ T6980] random: crng reseeded on system resumption [ 96.593728][ T6980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.154'. [ 96.760748][ T1022] usb 41-1: new low-speed USB device number 3 using vhci_hcd [ 96.970427][ T6993] netlink: 'syz.3.159': attribute type 3 has an invalid length. [ 96.996435][ T6981] vhci_hcd: connection reset by peer [ 96.999050][ T1274] vhci_hcd vhci_hcd.2: stop threads [ 97.001963][ T1274] vhci_hcd vhci_hcd.2: release socket [ 97.004466][ T1274] vhci_hcd vhci_hcd.2: disconnect device [ 98.601040][ T7032] Driver unsupported XDP return value 0 on prog (id 9) dev N/A, expect packet loss! [ 98.750848][ T7035] macvtap2: entered promiscuous mode [ 98.753166][ T7035] macvtap2: entered allmulticast mode [ 98.951718][ T34] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 99.511517][ T7044] bridge_slave_0: left allmulticast mode [ 99.514216][ T7044] bridge_slave_0: left promiscuous mode [ 99.518048][ T7044] bridge0: port 1(bridge_slave_0) entered disabled state [ 99.527941][ T7044] bridge_slave_1: left allmulticast mode [ 99.534687][ T7044] bridge_slave_1: left promiscuous mode [ 99.545148][ T7044] bridge0: port 2(bridge_slave_1) entered disabled state [ 99.562621][ T7044] bond0: (slave bond_slave_0): Releasing backup interface [ 99.611992][ T7044] bond0: (slave bond_slave_1): Releasing backup interface [ 99.653301][ T7044] team0: Port device team_slave_0 removed [ 99.830723][ T7044] team0: Port device team_slave_1 removed [ 99.839613][ T7044] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 99.842610][ T7044] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 99.846887][ T7044] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 99.849247][ T7044] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 99.853337][ T7044] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 99.875271][ T7050] macvtap2: entered promiscuous mode [ 100.352005][ T7050] macvtap2: entered allmulticast mode [ 101.409398][ T7095] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 101.411764][ T7095] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 101.496090][ T7095] vhci_hcd vhci_hcd.0: Device attached [ 101.890565][ T1022] vhci_hcd vhci_hcd.2: vhci_device speed not set [ 101.940645][ T1458] usb 38-1: SetAddress Request (2) to port 0 [ 101.942867][ T1458] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 102.375962][ T7097] vhci_hcd: connection reset by peer [ 102.379508][ T41] vhci_hcd vhci_hcd.0: stop threads [ 102.382209][ T41] vhci_hcd vhci_hcd.0: release socket [ 102.384557][ T41] vhci_hcd vhci_hcd.0: disconnect device [ 102.577771][ T7136] IPVS: sync thread started: state = MASTER, mcast_ifn = syz_tun, syncid = 1, id = 0 [ 103.438220][ T7167] netlink: 12 bytes leftover after parsing attributes in process `syz.3.193'. [ 103.709818][ T7170] overlayfs: failed to clone lowerpath [ 104.344827][ T40] kauditd_printk_skb: 25 callbacks suppressed [ 104.344843][ T40] audit: type=1326 audit(1774547223.726:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7185 comm="syz.3.199" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707ef6c code=0x0 [ 104.416482][ T7196] FAULT_INJECTION: forcing a failure. [ 104.416482][ T7196] name failslab, interval 1, probability 0, space 0, times 0 [ 104.424272][ T7196] CPU: 2 UID: 0 PID: 7196 Comm: syz.0.203 Tainted: G L syzkaller #0 PREEMPT(full) [ 104.424300][ T7196] Tainted: [L]=SOFTLOCKUP [ 104.424306][ T7196] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 104.424317][ T7196] Call Trace: [ 104.424323][ T7196] [ 104.424329][ T7196] dump_stack_lvl+0x100/0x190 [ 104.424359][ T7196] should_fail_ex.cold+0x5/0xa [ 104.424379][ T7196] should_failslab+0xc2/0x120 [ 104.424398][ T7196] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 104.424424][ T7196] ? skb_clone+0x190/0x400 [ 104.424454][ T7196] skb_clone+0x190/0x400 [ 104.424481][ T7196] netlink_deliver_tap+0xaed/0xcc0 [ 104.424514][ T7196] netlink_unicast+0x650/0x870 [ 104.424535][ T7196] ? __pfx_netlink_unicast+0x10/0x10 [ 104.424552][ T7196] ? __pfx___might_resched+0x10/0x10 [ 104.424587][ T7196] netlink_sendmsg+0x8b0/0xda0 [ 104.424609][ T7196] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.424630][ T7196] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 104.424663][ T7196] ____sys_sendmsg+0x9e1/0xb70 [ 104.424681][ T7196] ? __pfx_netlink_sendmsg+0x10/0x10 [ 104.424700][ T7196] ? __pfx_____sys_sendmsg+0x10/0x10 [ 104.424732][ T7196] ___sys_sendmsg+0x190/0x1e0 [ 104.424755][ T7196] ? __pfx____sys_sendmsg+0x10/0x10 [ 104.424807][ T7196] __sys_sendmsg+0x170/0x220 [ 104.424834][ T7196] ? __pfx___sys_sendmsg+0x10/0x10 [ 104.424868][ T7196] ? __pfx_ksys_write+0x10/0x10 [ 104.424892][ T7196] __do_fast_syscall_32+0xe3/0x8c0 [ 104.424912][ T7196] do_fast_syscall_32+0x32/0x70 [ 104.424929][ T7196] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 104.424951][ T7196] RIP: 0023:0xf701ef6c [ 104.424965][ T7196] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 104.424981][ T7196] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 104.424999][ T7196] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 104.425010][ T7196] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 104.425020][ T7196] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 104.425030][ T7196] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 104.425040][ T7196] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 104.425063][ T7196] [ 104.546973][ T7201] binder: 7200:7201 ioctl c0306201 80000c00 returned -14 [ 104.710836][ T7209] netlink: 'syz.1.208': attribute type 3 has an invalid length. [ 105.105058][ T7222] overlayfs: failed to clone lowerpath [ 105.224550][ T40] audit: type=1800 audit(1774547224.606:133): pid=7229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.214" name="nullb0" dev="tmpfs" ino=256 res=0 errno=0 [ 106.368572][ T7254] macvtap2: entered promiscuous mode [ 106.371073][ T7254] macvtap2: entered allmulticast mode [ 106.484882][ T7268] netlink: 4 bytes leftover after parsing attributes in process `syz.1.228'. [ 106.861584][ T7292] netlink: 4 bytes leftover after parsing attributes in process `syz.2.233'. [ 106.955153][ T7297] fuse: Unknown parameter '0x0000000000000005' [ 107.021844][ T1458] usb 38-1: device descriptor read/8, error -110 [ 107.126382][ T40] audit: type=1326 audit(1774547226.496:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.178560][ T40] audit: type=1326 audit(1774547226.506:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.185848][ T40] audit: type=1326 audit(1774547226.516:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.194248][ T40] audit: type=1326 audit(1774547226.516:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.202841][ T40] audit: type=1326 audit(1774547226.516:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.210682][ T40] audit: type=1326 audit(1774547226.526:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.218109][ T40] audit: type=1326 audit(1774547226.526:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.223855][ T7307] FAULT_INJECTION: forcing a failure. [ 107.223855][ T7307] name failslab, interval 1, probability 0, space 0, times 0 [ 107.227550][ T40] audit: type=1326 audit(1774547226.526:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7299 comm="syz.2.237" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 107.243289][ T7307] CPU: 1 UID: 0 PID: 7307 Comm: syz.0.238 Tainted: G L syzkaller #0 PREEMPT(full) [ 107.243321][ T7307] Tainted: [L]=SOFTLOCKUP [ 107.243327][ T7307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.243336][ T7307] Call Trace: [ 107.243342][ T7307] [ 107.243349][ T7307] dump_stack_lvl+0x100/0x190 [ 107.243383][ T7307] should_fail_ex.cold+0x5/0xa [ 107.243404][ T7307] should_failslab+0xc2/0x120 [ 107.243425][ T7307] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 107.243452][ T7307] ? alloc_vmap_area+0x186c/0x2bd0 [ 107.243476][ T7307] alloc_vmap_area+0x186c/0x2bd0 [ 107.243506][ T7307] ? __pfx_alloc_vmap_area+0x10/0x10 [ 107.243531][ T7307] __get_vm_area_node+0x1ca/0x330 [ 107.243557][ T7307] __vmalloc_node_range_noprof+0x213/0x1530 [ 107.243580][ T7307] ? bpf_prog_alloc_no_stats+0x58/0x640 [ 107.243608][ T7307] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 107.243629][ T7307] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 107.243652][ T7307] ? bpf_prog_alloc_no_stats+0x58/0x640 [ 107.243680][ T7307] ? __lock_acquire+0x4a5/0x2630 [ 107.243706][ T7307] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 107.243730][ T7307] ? __lock_acquire+0x4a5/0x2630 [ 107.243760][ T7307] ? bpf_prog_alloc_no_stats+0x58/0x640 [ 107.243786][ T7307] __vmalloc_node_noprof+0xad/0xf0 [ 107.243808][ T7307] ? bpf_prog_alloc_no_stats+0x58/0x640 [ 107.243836][ T7307] __vmalloc_noprof+0xa3/0x120 [ 107.243858][ T7307] ? __pfx___vmalloc_noprof+0x10/0x10 [ 107.243879][ T7307] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 107.243900][ T7307] ? rcu_is_watching+0x12/0xc0 [ 107.243927][ T7307] ? apparmor_capable+0x1d7/0x4d0 [ 107.243943][ T7307] ? __kernel_text_address+0xd/0x30 [ 107.243972][ T7307] bpf_prog_alloc_no_stats+0x58/0x640 [ 107.243997][ T7307] ? security_capable+0x80/0x260 [ 107.244026][ T7307] bpf_prog_alloc+0x3b/0x200 [ 107.244049][ T7307] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 107.244069][ T7307] bpf_prog_load+0x12fd/0x2c20 [ 107.244088][ T7307] ? _parse_integer_limit+0x17f/0x1d0 [ 107.244118][ T7307] ? __pfx_bpf_prog_load+0x10/0x10 [ 107.244136][ T7307] ? __lock_acquire+0x4a5/0x2630 [ 107.244191][ T7307] __sys_bpf+0x223a/0x4b90 [ 107.244215][ T7307] ? __pfx___sys_bpf+0x10/0x10 [ 107.244235][ T7307] ? proc_fail_nth_write+0x9f/0x220 [ 107.244270][ T7307] ? find_held_lock+0x2b/0x80 [ 107.244294][ T7307] ? find_held_lock+0x2b/0x80 [ 107.244311][ T7307] ? ksys_write+0x190/0x250 [ 107.244333][ T7307] ? __mutex_unlock_slowpath+0x15c/0x790 [ 107.244376][ T7307] ? fput+0x79/0x100 [ 107.244396][ T7307] ? ksys_write+0x1ac/0x250 [ 107.244416][ T7307] __ia32_sys_bpf+0x79/0xf0 [ 107.244436][ T7307] ? lockdep_hardirqs_on+0x78/0x100 [ 107.244462][ T7307] __do_fast_syscall_32+0xe3/0x8c0 [ 107.244481][ T7307] do_fast_syscall_32+0x32/0x70 [ 107.244498][ T7307] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 107.244519][ T7307] RIP: 0023:0xf701ef6c [ 107.244534][ T7307] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 107.244550][ T7307] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 107.244566][ T7307] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800004c0 [ 107.244580][ T7307] RDX: 0000000000000090 RSI: 0000000000000000 RDI: 0000000000000000 [ 107.244589][ T7307] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 107.244599][ T7307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 107.244608][ T7307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 107.244631][ T7307] [ 107.411575][ T1458] usb usb38-port1: attempt power cycle [ 107.831289][ T7314] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9) [ 107.833742][ T7314] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 107.837111][ T7314] vhci_hcd vhci_hcd.0: Device attached [ 107.850768][ T7319] vhci_hcd: connection closed [ 107.854822][ T41] vhci_hcd vhci_hcd.0: stop threads [ 107.869561][ T41] vhci_hcd vhci_hcd.0: release socket [ 107.872308][ T41] vhci_hcd vhci_hcd.0: disconnect device [ 108.226391][ T7330] overlayfs: failed to clone lowerpath [ 108.371823][ T7331] macvtap1: entered promiscuous mode [ 108.373735][ T7331] macvtap1: entered allmulticast mode [ 108.375485][ T7331] veth1_vlan: entered allmulticast mode [ 109.027873][ T7349] netlink: 28 bytes leftover after parsing attributes in process `syz.2.252'. [ 109.030776][ T7346] bond1: entered promiscuous mode [ 109.503117][ T7344] syz.3.248 (7344) used greatest stack depth: 16984 bytes left [ 110.574159][ T7397] netlink: 'syz.3.261': attribute type 4 has an invalid length. [ 111.960565][ T7413] fuse: Unknown parameter 'g۳roup^i00000000000000000000' [ 111.966206][ T7413] 9p: Bad value for 'rfdno' [ 112.260675][ T7420] overlayfs: failed to clone upperpath [ 113.040167][ T40] kauditd_printk_skb: 30 callbacks suppressed [ 113.040180][ T40] audit: type=1326 audit(1774547232.416:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.051470][ T40] audit: type=1326 audit(1774547232.416:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.061048][ T40] audit: type=1326 audit(1774547232.416:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.070898][ T40] audit: type=1326 audit(1774547232.416:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.078794][ T40] audit: type=1326 audit(1774547232.426:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.090692][ T40] audit: type=1326 audit(1774547232.426:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.099213][ T40] audit: type=1326 audit(1774547232.426:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.110016][ T40] audit: type=1326 audit(1774547232.426:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.118407][ T40] audit: type=1326 audit(1774547232.426:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 113.126769][ T40] audit: type=1326 audit(1774547232.426:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7457 comm="syz.1.275" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 114.072163][ T7482] FAULT_INJECTION: forcing a failure. [ 114.072163][ T7482] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 114.076880][ T7482] CPU: 1 UID: 0 PID: 7482 Comm: syz.0.282 Tainted: G L syzkaller #0 PREEMPT(full) [ 114.076899][ T7482] Tainted: [L]=SOFTLOCKUP [ 114.076903][ T7482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 114.076909][ T7482] Call Trace: [ 114.076913][ T7482] [ 114.076917][ T7482] dump_stack_lvl+0x100/0x190 [ 114.076939][ T7482] should_fail_ex.cold+0x5/0xa [ 114.076953][ T7482] strncpy_from_user+0x3b/0x2d0 [ 114.076969][ T7482] do_getname+0x78/0x390 [ 114.076985][ T7482] do_sys_openat2+0xc5/0x1e0 [ 114.077001][ T7482] ? __pfx_do_sys_openat2+0x10/0x10 [ 114.077015][ T7482] ? __fget_files+0x215/0x3d0 [ 114.077028][ T7482] ? __fget_files+0x21f/0x3d0 [ 114.077040][ T7482] __ia32_compat_sys_openat+0x12d/0x210 [ 114.077056][ T7482] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 114.077079][ T7482] ? __pfx_ksys_write+0x10/0x10 [ 114.077092][ T7482] __do_fast_syscall_32+0xe3/0x8c0 [ 114.077105][ T7482] do_fast_syscall_32+0x32/0x70 [ 114.077115][ T7482] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 114.077129][ T7482] RIP: 0023:0xf701ef6c [ 114.077138][ T7482] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 114.077148][ T7482] RSP: 002b:00000000f540d50c EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 114.077159][ T7482] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000100 [ 114.077165][ T7482] RDX: 0000000000101001 RSI: 0000000000000000 RDI: 0000000000000000 [ 114.077171][ T7482] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 114.077286][ T7482] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 114.077293][ T7482] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 114.077306][ T7482] [ 114.806318][ T7497] 9p: Bad value for 'rfdno' [ 115.155668][ T7512] misc userio: Invalid payload size [ 115.353651][ T7513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.290'. [ 115.425615][ T7519] overlayfs: failed to clone lowerpath [ 116.197704][ T7555] syz_tun: entered allmulticast mode [ 116.210311][ T7555] team0: Port device gtp0 added [ 116.214714][ T7554] syz_tun: left allmulticast mode [ 117.113282][ T7571] futex_wake_op: syz.2.301 tries to shift op by -1; fix this program [ 117.448114][ T7609] af_packet: tpacket_rcv: packet too big, clamped from 7192 to 3942. macoff=106 [ 117.492631][ T7610] overlayfs: failed to clone lowerpath [ 118.458936][ T7643] netlink: 8 bytes leftover after parsing attributes in process `syz.0.310'. [ 118.481325][ T7643] capability: warning: `syz.0.310' uses deprecated v2 capabilities in a way that may be insecure [ 118.738856][ T40] kauditd_printk_skb: 116 callbacks suppressed [ 118.738869][ T40] audit: type=1326 audit(1774547238.116:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.750874][ T40] audit: type=1326 audit(1774547238.136:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.757672][ T40] audit: type=1326 audit(1774547238.136:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.764563][ T40] audit: type=1326 audit(1774547238.136:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.771684][ T40] audit: type=1326 audit(1774547238.136:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.778647][ T40] audit: type=1326 audit(1774547238.136:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.786621][ T40] audit: type=1326 audit(1774547238.136:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.793752][ T40] audit: type=1326 audit(1774547238.136:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.801533][ T40] audit: type=1326 audit(1774547238.136:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.808983][ T40] audit: type=1326 audit(1774547238.136:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7646 comm="syz.2.312" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 118.897243][ T6074] hid_parser_main: 28 callbacks suppressed [ 118.897264][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.903995][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.907222][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.910365][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.914185][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.917749][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.944049][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.948697][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.952867][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 118.956533][ T6074] hid-generic 0006:0004:0009.0003: unknown main item tag 0x0 [ 119.003709][ T6074] hid-generic 0006:0004:0009.0003: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 119.999142][ T7679] netlink: 4 bytes leftover after parsing attributes in process `syz.1.319'. [ 120.008579][ T7679] hsr_slave_0: left promiscuous mode [ 120.048761][ T7679] hsr_slave_1: left promiscuous mode [ 120.272042][ T7683] netlink: 24 bytes leftover after parsing attributes in process `syz.3.320'. [ 121.349768][ T7707] tipc: Started in network mode [ 121.353453][ T7707] tipc: Node identity 84e, cluster identity 4711 [ 121.356666][ T7707] tipc: Node number set to 2126 [ 121.711095][ T7715] overlayfs: failed to clone upperpath [ 122.554509][ T7729] macvtap2: entered promiscuous mode [ 122.556285][ T7729] macvtap2: entered allmulticast mode [ 123.617408][ T7742] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6) [ 123.619595][ T7742] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed) [ 123.623660][ T7742] vhci_hcd vhci_hcd.0: Device attached [ 123.782046][ T7742] netlink: 4 bytes leftover after parsing attributes in process `syz.0.328'. [ 123.813307][ T7755] macvtap2: entered promiscuous mode [ 123.816853][ T7755] macvtap2: entered allmulticast mode [ 123.890680][ T50] usb 37-1: new low-speed USB device number 4 using vhci_hcd [ 124.031088][ T7744] vhci_hcd: connection reset by peer [ 124.033915][ T1274] vhci_hcd vhci_hcd.0: stop threads [ 124.035964][ T1274] vhci_hcd vhci_hcd.0: release socket [ 124.039275][ T1274] vhci_hcd vhci_hcd.0: disconnect device [ 124.560273][ T7779] tipc: Enabling of bearer rejected, failed to enable media [ 124.564280][ T7780] netlink: 20 bytes leftover after parsing attributes in process `syz.3.343'. [ 124.673454][ T7785] tipc: Enabling of bearer rejected, failed to enable media [ 125.109166][ T7806] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 125.115691][ T7806] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 126.021416][ T7837] overlayfs: failed to clone lowerpath [ 126.358902][ T7843] netlink: 56 bytes leftover after parsing attributes in process `syz.3.357'. [ 126.367547][ T7843] netlink: 12 bytes leftover after parsing attributes in process `syz.3.357'. [ 126.370971][ T7843] netlink: 31 bytes leftover after parsing attributes in process `syz.3.357'. [ 126.374126][ T7843] netlink: 'syz.3.357': attribute type 3 has an invalid length. [ 126.377673][ T7843] netlink: 'syz.3.357': attribute type 2 has an invalid length. [ 126.380365][ T7843] netlink: 31 bytes leftover after parsing attributes in process `syz.3.357'. [ 126.902859][ T40] kauditd_printk_skb: 50 callbacks suppressed [ 126.902871][ T40] audit: type=1326 audit(1774547246.286:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.915799][ T40] audit: type=1326 audit(1774547246.296:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.925077][ T40] audit: type=1326 audit(1774547246.306:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.934080][ T40] audit: type=1326 audit(1774547246.316:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.944602][ T40] audit: type=1326 audit(1774547246.326:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.964408][ T40] audit: type=1326 audit(1774547246.326:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.973359][ T40] audit: type=1326 audit(1774547246.326:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.980716][ T40] audit: type=1326 audit(1774547246.326:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.989377][ T40] audit: type=1326 audit(1774547246.336:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 126.999680][ T40] audit: type=1326 audit(1774547246.336:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7868 comm="syz.2.365" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 128.647462][ T7900] macvtap2: entered promiscuous mode [ 128.649719][ T7900] macvtap2: entered allmulticast mode [ 128.873510][ T7905] macvtap2: entered promiscuous mode [ 128.875278][ T7905] macvtap2: entered allmulticast mode [ 128.987342][ T7912] netlink: 4 bytes leftover after parsing attributes in process `syz.2.373'. [ 129.010549][ T50] vhci_hcd vhci_hcd.0: vhci_device speed not set [ 130.089976][ T7927] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.284760][ T7927] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.459093][ T7927] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 130.578434][ T7927] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.074393][ T6291] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.208274][ T6291] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.219221][ T6291] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 131.232539][ T6291] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 132.076882][ T7961] overlayfs: missing 'lowerdir' [ 132.702655][ T7978] trusted_key: encrypted_key: insufficient parameters specified [ 132.795930][ T7986] xt_connbytes: Forcing CT accounting to be enabled [ 132.799397][ T7986] xt_TPROXY: Can be used only with -p tcp or -p udp [ 132.938303][ T7995] tmpfs: Unknown parameter 'nr_blocs' [ 132.975243][ T7997] netlink: 71 bytes leftover after parsing attributes in process `syz.1.404'. [ 133.868437][ T8029] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 133.955719][ T8029] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.015676][ T8029] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.094175][ T8029] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 134.193967][ T1144] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.197278][ T1144] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.210892][ T13] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 134.225334][ T13] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.173425][ T8044] ======================================================= [ 135.173425][ T8044] WARNING: The mand mount option has been deprecated and [ 135.173425][ T8044] and is ignored by this kernel. Remove the mand [ 135.173425][ T8044] option from the mount to silence this warning. [ 135.173425][ T8044] ======================================================= [ 135.201932][ T8044] overlayfs: failed to clone lowerpath [ 135.327677][ T40] kauditd_printk_skb: 44 callbacks suppressed [ 135.327693][ T40] audit: type=1326 audit(1774547254.696:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.360607][ T40] audit: type=1326 audit(1774547254.726:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.376456][ T40] audit: type=1326 audit(1774547254.726:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.383839][ T40] audit: type=1326 audit(1774547254.726:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.396837][ T40] audit: type=1326 audit(1774547254.726:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.428662][ T40] audit: type=1326 audit(1774547254.726:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.440761][ T40] audit: type=1326 audit(1774547254.736:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.448904][ T40] audit: type=1326 audit(1774547254.736:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.455940][ T40] audit: type=1326 audit(1774547254.736:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.472112][ T40] audit: type=1326 audit(1774547254.736:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8057 comm="syz.1.423" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 135.888918][ T8071] siw: device registration error -23 [ 137.534497][ T8119] overlayfs: failed to clone lowerpath [ 137.756474][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.758581][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 139.177211][ T8140] overlayfs: failed to clone upperpath [ 140.997401][ T8221] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.479'. [ 141.212892][ T8236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.475'. [ 143.019504][ T8286] erspan0: entered promiscuous mode [ 143.431494][ T8294] netlink: 112 bytes leftover after parsing attributes in process `syz.3.497'. [ 143.466281][ T8298] macvtap2: entered promiscuous mode [ 143.468500][ T8298] macvtap2: entered allmulticast mode [ 143.539660][ T40] kauditd_printk_skb: 26 callbacks suppressed [ 143.539681][ T40] audit: type=1800 audit(1774547262.916:448): pid=8305 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.500" name="nullb0" dev="tmpfs" ino=256 res=0 errno=0 [ 143.644287][ T8312] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'. [ 143.649046][ T8312] netlink: 136 bytes leftover after parsing attributes in process `syz.3.502'. [ 143.854077][ T8326] veth0: entered promiscuous mode [ 143.862319][ T8326] veth0: left promiscuous mode [ 144.019965][ T40] audit: type=1326 audit(1774547263.396:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.045752][ T40] audit: type=1326 audit(1774547263.406:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.066503][ T40] audit: type=1326 audit(1774547263.406:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.090560][ T40] audit: type=1326 audit(1774547263.406:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.099474][ T40] audit: type=1326 audit(1774547263.406:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.115628][ T40] audit: type=1326 audit(1774547263.406:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.181030][ T40] audit: type=1326 audit(1774547263.406:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.190016][ T40] audit: type=1326 audit(1774547263.406:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 144.207794][ T40] audit: type=1326 audit(1774547263.406:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8328 comm="syz.3.509" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 145.423799][ T8395] netlink: 8 bytes leftover after parsing attributes in process `syz.0.520'. [ 145.943345][ T8412] macvtap2: entered promiscuous mode [ 145.948114][ T8412] macvtap2: entered allmulticast mode [ 146.356024][ T8421] macvtap2: entered promiscuous mode [ 146.358365][ T8421] macvtap2: entered allmulticast mode [ 147.259967][ T8447] overlayfs: failed to clone upperpath [ 147.280285][ T8439] netlink: 4 bytes leftover after parsing attributes in process `syz.0.532'. [ 147.674678][ T8471] macvtap2: entered promiscuous mode [ 147.678203][ T8471] macvtap2: entered allmulticast mode [ 150.065276][ T8549] netlink: 4 bytes leftover after parsing attributes in process `syz.2.550'. [ 153.373422][ T8601] netlink: 'syz.3.564': attribute type 1 has an invalid length. [ 153.878237][ T8607] cgroup: fork rejected by pids controller in /syz2 [ 156.175422][ T9004] overlayfs: failed to clone lowerpath [ 156.830116][ T9017] trusted_key: encrypted_key: insufficient parameters specified [ 159.627706][ T9045] overlayfs: failed to clone lowerpath [ 160.236917][ T9053] overlayfs: failed to clone lowerpath [ 160.355866][ T40] kauditd_printk_skb: 94 callbacks suppressed [ 160.355880][ T40] audit: type=1326 audit(1774547279.726:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.374761][ T40] audit: type=1326 audit(1774547279.726:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.432883][ T40] audit: type=1326 audit(1774547279.726:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.469434][ T40] audit: type=1326 audit(1774547279.726:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.480175][ T9065] geneve2: entered promiscuous mode [ 160.521417][ T40] audit: type=1326 audit(1774547279.726:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.540569][ T40] audit: type=1326 audit(1774547279.726:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.549983][ T40] audit: type=1326 audit(1774547279.726:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.580576][ T40] audit: type=1326 audit(1774547279.726:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.610662][ T40] audit: type=1326 audit(1774547279.726:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 160.620790][ T40] audit: type=1326 audit(1774547279.726:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9049 comm="syz.3.600" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 162.245813][ T9134] netlink: 4 bytes leftover after parsing attributes in process `syz.2.618'. [ 162.257829][ T9134] netlink: 4 bytes leftover after parsing attributes in process `syz.2.618'. [ 163.397704][ T9151] macvtap2: entered promiscuous mode [ 163.408118][ T9151] macvtap2: entered allmulticast mode [ 167.311763][ T9273] overlayfs: failed to clone lowerpath [ 168.634577][ T40] kauditd_printk_skb: 27 callbacks suppressed [ 168.634593][ T40] audit: type=1326 audit(1774547288.016:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.675369][ T40] audit: type=1326 audit(1774547288.016:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.704548][ T40] audit: type=1326 audit(1774547288.016:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.746882][ T40] audit: type=1326 audit(1774547288.016:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.769070][ T9330] macvtap2: entered promiscuous mode [ 168.918255][ T9330] macvtap2: entered allmulticast mode [ 168.920670][ T40] audit: type=1326 audit(1774547288.016:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.931902][ T40] audit: type=1326 audit(1774547288.026:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.956235][ T40] audit: type=1326 audit(1774547288.026:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.976543][ T40] audit: type=1326 audit(1774547288.026:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 168.995870][ T40] audit: type=1326 audit(1774547288.026:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 169.002950][ T40] audit: type=1326 audit(1774547288.026:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9317 comm="syz.1.658" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 173.471483][ T9487] bond0: entered promiscuous mode [ 173.524015][ T9486] bond0: left promiscuous mode [ 173.942815][ T9526] bond0: entered promiscuous mode [ 173.944975][ T9526] bond_slave_0: entered promiscuous mode [ 173.947580][ T9526] bond_slave_1: entered promiscuous mode [ 174.092842][ T9520] bond0: left promiscuous mode [ 174.094489][ T9520] bond_slave_0: left promiscuous mode [ 174.097377][ T9520] bond_slave_1: left promiscuous mode [ 176.380693][ T40] kauditd_printk_skb: 56 callbacks suppressed [ 176.380712][ T40] audit: type=1326 audit(1774547295.756:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.393139][ T40] audit: type=1326 audit(1774547295.776:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.403901][ T40] audit: type=1326 audit(1774547295.786:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.413049][ T40] audit: type=1326 audit(1774547295.786:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.447226][ T40] audit: type=1326 audit(1774547295.786:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.510709][ T40] audit: type=1326 audit(1774547295.786:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=297 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.539072][ T40] audit: type=1326 audit(1774547295.786:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.558932][ T40] audit: type=1326 audit(1774547295.786:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.577920][ T40] audit: type=1326 audit(1774547295.786:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=358 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 176.597156][ T40] audit: type=1326 audit(1774547295.786:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9604 comm="syz.3.725" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x7ffc0000 [ 177.549110][ T9641] netlink: 8 bytes leftover after parsing attributes in process `syz.0.730'. [ 178.194854][ T9674] fuse: Unknown parameter '' [ 178.960311][ T9706] netlink: 84 bytes leftover after parsing attributes in process `syz.0.749'. [ 179.087295][ T9721] netlink: 24 bytes leftover after parsing attributes in process `syz.2.753'. [ 179.185900][ T9725] capability: warning: `syz.3.754' uses 32-bit capabilities (legacy support in use) [ 179.246381][ T9734] overlayfs: failed to clone upperpath [ 180.390084][ T9763] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 180.802492][ T9777] netlink: 16 bytes leftover after parsing attributes in process `syz.0.764'. [ 180.808872][ T9777] netlink: 'syz.0.764': attribute type 1 has an invalid length. [ 180.831094][ T9777] 8021q: adding VLAN 0 to HW filter on device bond1 [ 180.835391][ T9777] bond1: entered allmulticast mode [ 180.852054][ T9778] macvlan2: entered promiscuous mode [ 180.854160][ T9778] macvlan2: entered allmulticast mode [ 180.856857][ T9778] bond1: (slave macvlan2): Opening slave failed [ 180.996786][ T9782] netlink: 40 bytes leftover after parsing attributes in process `syz.1.765'. [ 181.666368][ T9805] warning: `syz.2.771' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 183.822900][ T9829] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.839441][ T9833] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.779'. [ 183.884086][ T9829] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.948833][ T9829] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.048160][ T9829] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.129734][ T41] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.132688][ T41] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.135376][ T41] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.138052][ T41] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 184.252472][ T9847] netlink: 12 bytes leftover after parsing attributes in process `syz.2.783'. [ 187.377944][ T9960] macvtap2: entered promiscuous mode [ 187.381321][ T9960] macvtap2: entered allmulticast mode [ 188.023241][ T9996] tmpfs: Bad value for 'huge' [ 188.165370][T10002] netlink: 24 bytes leftover after parsing attributes in process `syz.0.814'. [ 188.194853][ T9998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.814'. [ 188.238940][T10004] netlink: 4 bytes leftover after parsing attributes in process `syz.3.816'. [ 188.335544][T10008] Cannot find set identified by id 0 to match [ 189.132870][T10028] netlink: 4 bytes leftover after parsing attributes in process `syz.0.824'. [ 189.728755][T10061] macvtap2: entered promiscuous mode [ 189.734509][T10061] macvtap2: entered allmulticast mode [ 190.777160][T10096] fuse: Bad value for 'group_id' [ 190.779822][T10096] fuse: Bad value for 'group_id' [ 191.034474][T10098] netlink: 4 bytes leftover after parsing attributes in process `syz.1.836'. [ 192.333472][T10123] 9p: Bad value for 'rfdno' [ 192.476770][T10126] bond0: entered promiscuous mode [ 192.480102][T10126] bond_slave_0: entered promiscuous mode [ 192.483640][T10126] bond_slave_1: entered promiscuous mode [ 192.487080][T10117] bond0: left promiscuous mode [ 192.489106][T10117] bond_slave_0: left promiscuous mode [ 192.504763][T10117] bond_slave_1: left promiscuous mode [ 192.847708][T10143] netlink: 32 bytes leftover after parsing attributes in process `syz.3.848'. [ 192.916202][ T40] kauditd_printk_skb: 81 callbacks suppressed [ 192.916217][ T40] audit: type=1326 audit(1774547312.296:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.929926][ T40] audit: type=1326 audit(1774547312.316:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=428 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.943676][ T40] audit: type=1326 audit(1774547312.316:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.950575][ T40] audit: type=1326 audit(1774547312.326:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=429 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.958068][ T40] audit: type=1326 audit(1774547312.326:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.966414][ T40] audit: type=1326 audit(1774547312.326:751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.974246][ T40] audit: type=1326 audit(1774547312.326:752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.981220][ T40] audit: type=1326 audit(1774547312.326:753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.989277][ T40] audit: type=1326 audit(1774547312.326:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 192.996360][ T40] audit: type=1326 audit(1774547312.326:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10138 comm="syz.2.845" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 193.156554][T10151] netlink: 12 bytes leftover after parsing attributes in process `syz.3.849'. [ 194.697847][T10182] netlink: 'syz.3.853': attribute type 3 has an invalid length. [ 194.730794][ T54] IPVS: starting estimator thread 0... [ 194.733720][T10187] bridge_slave_0: left allmulticast mode [ 194.735538][T10187] bridge_slave_0: left promiscuous mode [ 194.737409][T10187] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.742922][T10187] bridge_slave_1: left allmulticast mode [ 194.744783][T10187] bridge_slave_1: left promiscuous mode [ 194.746610][T10187] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.759649][T10187] bond0: (slave bond_slave_0): Releasing backup interface [ 194.766039][T10187] bond0: (slave bond_slave_1): Releasing backup interface [ 194.773205][T10187] team0: Port device team_slave_0 removed [ 194.778109][T10187] team0: Port device team_slave_1 removed [ 194.780104][T10187] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.802356][T10187] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.811350][T10187] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.823682][T10187] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.830596][T10188] IPVS: using max 27 ests per chain, 64800 per kthread [ 194.832429][T10187] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 195.451584][T10207] bridge_slave_0: left allmulticast mode [ 195.453701][T10207] bridge_slave_0: left promiscuous mode [ 195.456041][T10207] bridge0: port 1(bridge_slave_0) entered disabled state [ 195.472358][T10207] bridge_slave_1: left allmulticast mode [ 195.474253][T10207] bridge_slave_1: left promiscuous mode [ 195.478402][T10207] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.489284][T10207] bond0: (slave bond_slave_0): Releasing backup interface [ 195.503935][T10207] bond0: (slave bond_slave_1): Releasing backup interface [ 195.526894][T10207] team0: Port device team_slave_0 removed [ 195.536033][T10207] team0: Port device team_slave_1 removed [ 195.542698][T10207] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 195.545473][T10207] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 195.548962][T10207] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 195.558315][T10207] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 195.601229][T10207] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 195.636605][T10214] netlink: 4 bytes leftover after parsing attributes in process `syz.2.861'. [ 195.639495][T10214] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 195.661302][T10214] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 196.392931][T10240] netlink: 12 bytes leftover after parsing attributes in process `syz.0.870'. [ 196.395880][T10240] 8021q: VLANs not supported on ip6tnl0 [ 198.394588][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.0.900'. [ 198.405715][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.0.900'. [ 198.411577][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.0.900'. [ 198.416797][T10316] netlink: 4 bytes leftover after parsing attributes in process `syz.0.900'. [ 199.024304][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.028616][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.568208][T10411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.939'. [ 200.769107][T10432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.949'. [ 200.773393][T10432] netlink: 8 bytes leftover after parsing attributes in process `syz.0.949'. [ 200.921988][T10443] overlayfs: failed to clone upperpath [ 201.567149][T10457] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.959'. [ 201.914571][T10477] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 203.621819][T10524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.985'. [ 205.328584][T10591] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1012'. [ 205.332438][T10591] bridge_slave_1: entered promiscuous mode [ 205.396306][T10598] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1015'. [ 206.794827][T10673] netlink: 'syz.1.1045': attribute type 1 has an invalid length. [ 206.813059][T10673] bond2: entered allmulticast mode [ 206.815059][T10673] 8021q: adding VLAN 0 to HW filter on device bond2 [ 206.837409][T10678] fuse: blksize only supported for fuseblk [ 206.991631][T10689] netlink: 'syz.1.1051': attribute type 13 has an invalid length. [ 206.994610][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1051'. [ 207.238639][T10710] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 212.054501][ T40] audit: type=1326 audit(1774547331.436:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.062929][ T40] audit: type=1326 audit(1774547331.436:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.071994][ T40] audit: type=1326 audit(1774547331.436:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.080283][ T40] audit: type=1326 audit(1774547331.436:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.089025][ T40] audit: type=1326 audit(1774547331.436:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=446 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.099020][ T40] audit: type=1326 audit(1774547331.436:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.107334][ T40] audit: type=1326 audit(1774547331.436:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.115859][ T40] audit: type=1326 audit(1774547331.436:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.123879][ T40] audit: type=1326 audit(1774547331.436:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.132999][ T40] audit: type=1326 audit(1774547331.436:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10920 comm="syz.1.1147" exe="/syz-executor" sig=0 arch=40000003 syscall=446 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 212.484044][T10945] cgroup: none used incorrectly [ 213.042899][T10969] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1165'. [ 213.046740][T10969] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 215.184494][T11054] siw: device registration error -23 [ 216.633505][T11107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1217'. [ 216.637854][T11107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1217'. [ 216.641293][T11107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1217'. [ 218.377080][T11157] netlink: 'syz.2.1237': attribute type 1 has an invalid length. [ 218.411970][T11157] 8021q: adding VLAN 0 to HW filter on device bond1 [ 218.437725][T11157] bond1: (slave geneve2): making interface the new active one [ 218.442508][T11157] bond1: (slave geneve2): Enslaving as an active interface with an up link [ 218.485603][T11160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1236'. [ 218.489525][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1236'. [ 219.487539][T11201] /dev/nullb0: Can't lookup blockdev [ 220.487313][T11246] overlayfs: failed to clone upperpath [ 221.212183][ T40] kauditd_printk_skb: 15 callbacks suppressed [ 221.212198][ T40] audit: type=1800 audit(1774547340.596:781): pid=11264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1275" name="bus" dev="tmpfs" ino=1758 res=0 errno=0 [ 221.263706][T11267] netlink: 'syz.3.1276': attribute type 1 has an invalid length. [ 221.279839][T11267] 8021q: adding VLAN 0 to HW filter on device bond2 [ 221.307842][T11267] bond2: (slave geneve2): making interface the new active one [ 221.311137][T11267] bond2: (slave geneve2): Enslaving as an active interface with an up link [ 222.027122][T11288] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1285'. [ 222.077668][T11293] vcan0: tx drop: invalid da for name 0x0000000000000001 [ 223.646753][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 223.653505][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 223.659139][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 223.664704][T11327] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1300'. [ 225.373404][T11367] overlayfs: failed to clone upperpath [ 225.379464][T11367] 9pnet_fd: p9_fd_create_tcp (11367): problem connecting socket to 127.0.0.1 [ 225.401831][T11367] netlink: 'syz.0.1312': attribute type 83 has an invalid length. [ 225.721237][T11383] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1319'. [ 225.725458][T11383] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1319'. [ 226.744035][T11409] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1328'. [ 226.750404][T11409] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1328'. [ 226.882373][T11420] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1332'. [ 227.481763][T11446] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1340'. [ 228.659399][T11512] bridge0: port 1(syz_tun) entered blocking state [ 228.662522][T11512] bridge0: port 1(syz_tun) entered disabled state [ 228.665648][T11512] syz_tun: entered allmulticast mode [ 228.671469][T11512] syz_tun: entered promiscuous mode [ 228.675701][T11512] bridge0: port 1(syz_tun) entered blocking state [ 228.678396][T11512] bridge0: port 1(syz_tun) entered forwarding state [ 228.783358][T11514] siw: device registration error -23 [ 229.598850][T11540] __nla_validate_parse: 2 callbacks suppressed [ 229.598864][T11540] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1384'. [ 229.609733][T11540] vlan2: entered promiscuous mode [ 229.621510][T11540] team0: entered promiscuous mode [ 229.648575][T11544] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1385'. [ 229.652333][T11544] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1385'. [ 230.570316][T11601] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1409'. [ 231.024653][T11617] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1416'. [ 231.590815][T11635] bridge0: port 3(syz_tun) entered blocking state [ 231.592420][T11633] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1422'. [ 231.593658][T11635] bridge0: port 3(syz_tun) entered disabled state [ 231.598679][T11635] syz_tun: entered allmulticast mode [ 231.600615][T11633] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1422'. [ 231.602637][T11635] syz_tun: entered promiscuous mode [ 231.607867][T11635] bridge0: port 3(syz_tun) entered blocking state [ 231.610698][T11635] bridge0: port 3(syz_tun) entered forwarding state [ 232.490006][T11656] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1431'. [ 232.494398][T11656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1431'. [ 233.154317][T11698] overlayfs: failed to clone lowerpath [ 233.352029][T11715] netlink: 'syz.3.1456': attribute type 4 has an invalid length. [ 233.506650][T11725] 9p: Bad value for 'rfdno' [ 237.893786][T11856] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1509'. [ 237.897341][T11856] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1509'. [ 237.909553][T11859] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1510'. [ 237.912972][T11859] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1510'. [ 238.263330][ T40] audit: type=1326 audit(1774547357.646:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11880 comm="syz.2.1519" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x0 [ 239.169514][T11893] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1523'. [ 239.173675][T11893] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1523'. [ 239.865557][ T40] audit: type=1326 audit(1774547359.246:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11909 comm="syz.0.1531" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x0 [ 239.984155][T11912] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1532'. [ 239.987067][T11912] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1532'. [ 240.083364][T11917] netlink: 52 bytes leftover after parsing attributes in process `syz.1.1533'. [ 240.086459][T11917] nbd: must specify at least one socket [ 240.214976][T11921] 9p: Bad value for 'rfdno' [ 240.329323][T11931] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 241.219074][T11966] netlink: 'syz.2.1555': attribute type 83 has an invalid length. [ 241.362852][T11976] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1560'. [ 242.613971][T12010] batman_adv: batadv0: Adding interface: macsec1 [ 242.616715][T12010] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 242.626892][T12010] batman_adv: batadv0: Interface activated: macsec1 [ 243.722247][T12040] __nla_validate_parse: 3 callbacks suppressed [ 243.722266][T12040] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1583'. [ 244.287940][T12072] overlayfs: failed to clone lowerpath [ 246.763200][T12150] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1626'. [ 246.766619][T12150] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1626'. [ 247.252307][T12177] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check. [ 247.306789][T12181] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1641'. [ 247.541957][T12198] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 247.548716][T12198] bond2: (slave lo): Enslaving as an active interface with an up link [ 247.554979][T12198] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check. [ 247.701541][T12213] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1654'. [ 247.704727][T12213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1654'. [ 247.938611][T12225] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1665'. [ 247.947985][T12225] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1665'. [ 248.849451][T12247] overlayfs: failed to clone upperpath [ 249.129588][T12262] Non-string source [ 249.456539][T12272] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0) [ 249.994193][T12288] autofs: Bad value for 'fd' [ 250.173690][T12296] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1681'. [ 251.243868][T12336] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1703'. [ 251.247762][T12336] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1703'. [ 252.951709][T12402] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1731'. [ 252.955795][T12402] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1731'. [ 253.284410][T12416] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1737'. [ 253.512297][T12429] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1740'. [ 253.516035][T12429] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1740'. [ 253.871930][T12443] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1745'. [ 254.118663][T12459] syz_tun: entered allmulticast mode [ 254.459004][T12467] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1754'. [ 254.894683][T12455] syz_tun: left allmulticast mode [ 257.290732][T12563] overlayfs: failed to resolve './file0': -2 [ 257.798324][T12575] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1798'. [ 257.881360][T12581] /dev/nullb0: Can't lookup blockdev [ 258.002468][T12593] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1806'. [ 258.331360][T12624] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1822'. [ 258.334218][T12624] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1822'. [ 258.751276][T12653] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1834'. [ 258.754259][T12653] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1834'. [ 258.804711][T12663] overlayfs: failed to clone upperpath [ 259.261841][T12680] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1843'. [ 259.612128][T12703] /dev/nullb0: Can't lookup blockdev [ 259.614954][T12704] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1854'. [ 260.464305][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.466610][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 260.481849][T12768] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1881'. [ 261.454834][T12803] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1894'. [ 261.771076][T12814] pimreg: entered allmulticast mode [ 263.457456][T12892] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1932'. [ 263.984563][T12911] GUP no longer grows the stack in syz.2.1937 (12911): 80003000-8000a000 (80001000) [ 263.988245][T12911] CPU: 1 UID: 0 PID: 12911 Comm: syz.2.1937 Tainted: G L syzkaller #0 PREEMPT(full) [ 263.988267][T12911] Tainted: [L]=SOFTLOCKUP [ 263.988272][T12911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 263.988280][T12911] Call Trace: [ 263.988284][T12911] [ 263.988290][T12911] dump_stack_lvl+0x100/0x190 [ 263.988311][T12911] gup_vma_lookup.cold+0x83/0x96 [ 263.988331][T12911] __get_user_pages+0x241/0x34d0 [ 263.988350][T12911] ? down_read_killable+0x30e/0x4c0 [ 263.988363][T12911] ? __lock_acquire+0x4a5/0x2630 [ 263.988379][T12911] ? __pfx___get_user_pages+0x10/0x10 [ 263.988398][T12911] __gup_longterm_locked+0x87d/0x16f0 [ 263.988416][T12911] ? __pfx___gup_longterm_locked+0x10/0x10 [ 263.988431][T12911] ? try_get_folio+0x262/0x750 [ 263.988443][T12911] ? find_held_lock+0x2b/0x80 [ 263.988459][T12911] gup_fast_fallback+0x18c6/0x2460 [ 263.988484][T12911] ? __pfx_gup_fast_fallback+0x10/0x10 [ 263.988499][T12911] ? __lock_acquire+0x4a5/0x2630 [ 263.988515][T12911] ? finish_task_switch.isra.0+0x200/0xb80 [ 263.988530][T12911] ? rcu_is_watching+0x12/0xc0 [ 263.988549][T12911] get_user_pages_fast+0xa7/0xf0 [ 263.988563][T12911] ? __pfx_get_user_pages_fast+0x10/0x10 [ 263.988581][T12911] __iov_iter_get_pages_alloc+0x8ec/0x20d0 [ 263.988599][T12911] ? pipe_lock+0x69/0x80 [ 263.988611][T12911] ? __pfx___iov_iter_get_pages_alloc+0x10/0x10 [ 263.988625][T12911] ? __pfx___mutex_lock+0x10/0x10 [ 263.988644][T12911] ? import_ubuf+0x1b6/0x220 [ 263.988659][T12911] iov_iter_get_pages2+0xa3/0x100 [ 263.988672][T12911] ? __pfx_iov_iter_get_pages2+0x10/0x10 [ 263.988686][T12911] ? wait_for_space+0x2ca/0x3b0 [ 263.988700][T12911] __do_sys_vmsplice+0x7eb/0x14f0 [ 263.988718][T12911] ? __pfx___do_sys_vmsplice+0x10/0x10 [ 263.988735][T12911] ? __pfx_futex_wait+0x10/0x10 [ 263.988756][T12911] ? signal_setup_done+0x12d/0x5c0 [ 263.988769][T12911] ? __pfx_signal_setup_done+0x10/0x10 [ 263.988799][T12911] ? __do_fast_syscall_32+0xe3/0x8c0 [ 263.988809][T12911] __do_fast_syscall_32+0xe3/0x8c0 [ 263.988821][T12911] do_fast_syscall_32+0x32/0x70 [ 263.988832][T12911] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 263.988846][T12911] RIP: 0023:0xf7f27f6c [ 263.988856][T12911] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8 [ 263.988867][T12911] RSP: 002b:00000000f53e650c EFLAGS: 00000292 ORIG_RAX: 000000000000013c [ 263.988877][T12911] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000800000c0 [ 263.988884][T12911] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 263.988890][T12911] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 263.988897][T12911] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 263.988903][T12911] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 263.988917][T12911] [ 264.186374][T12915] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1939'. [ 264.229457][T12917] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1940'. [ 264.273740][T12919] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1941'. [ 264.527221][T12933] Process accounting resumed [ 264.555612][T12938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1950'. [ 264.619038][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.624804][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.628518][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.633600][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.637244][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.641770][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.645758][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.649778][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.654569][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 264.658794][T12943] sctp: sctp_transport_update_pmtu: Reported pmtu 68 too low, using default minimum of 512 [ 266.102583][T13025] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1988'. [ 266.105960][T13025] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1988'. [ 266.429683][T13046] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1996'. [ 266.434032][T13046] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 266.795575][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880132cc800: rx timeout, send abort [ 267.121833][T13063] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2001'. [ 267.125004][T13063] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2001'. [ 267.295591][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880132ce000: rx timeout, send abort [ 267.299352][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880132cc800: abort rx timeout. Force session deactivation [ 267.315921][ C2] vcan0: j1939_xtp_rx_rts_session_active: 0xffff8880132ce000: connection exists (fe ff). last cmd: 20 [ 267.566507][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880132ce400: rx timeout, send abort [ 268.069158][ C2] vcan0: j1939_tp_rxtimer: 0xffff8880132ce400: abort rx timeout. Force session deactivation [ 268.764832][T13145] __nla_validate_parse: 5 callbacks suppressed [ 268.764852][T13145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2033'. [ 268.802108][T13146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2029'. [ 269.628839][T13197] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2057'. [ 270.066100][T13170] Set syz1 is full, maxelem 65536 reached [ 270.420868][T13227] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2070'. [ 270.423964][T13227] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2070'. [ 271.622686][T13291] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2097'. [ 271.625604][T13291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2097'. [ 271.834274][T13314] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2108'. [ 271.871487][T13319] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2110'. [ 271.874475][T13319] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2110'. [ 272.125750][ T40] audit: type=1326 audit(1774547391.446:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.142898][ T40] audit: type=1326 audit(1774547391.446:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.150600][ T40] audit: type=1326 audit(1774547391.446:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.157617][ T40] audit: type=1326 audit(1774547391.446:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.158804][T13345] IPVS: wrr: UDP 224.0.0.2:0 - no destination available [ 272.164664][ T40] audit: type=1326 audit(1774547391.446:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7125cab code=0x7ffc0000 [ 272.174045][ T40] audit: type=1326 audit(1774547391.446:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.180982][ T40] audit: type=1326 audit(1774547391.446:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.188891][ T40] audit: type=1326 audit(1774547391.446:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.195779][ T40] audit: type=1326 audit(1774547391.446:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 272.202835][ T40] audit: type=1326 audit(1774547391.446:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13336 comm="syz.2.2119" exe="/syz-executor" sig=0 arch=40000003 syscall=102 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 273.815978][T13427] __nla_validate_parse: 5 callbacks suppressed [ 273.815990][T13427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2154'. [ 273.848006][T13424] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2153'. [ 273.894130][T13436] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2158'. [ 273.919316][T13437] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2155'. [ 273.961767][T13437] nbd: socks must be embedded in a SOCK_ITEM attr [ 274.090284][T13355] udevd[13355]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 274.530941][T13451] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2161'. [ 275.232582][T13462] trusted_key: encrypted_key: key user:syz not found [ 275.235351][T13462] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2164'. [ 275.841552][T13472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2168'. [ 275.845325][T13472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2168'. [ 275.926485][T13475] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2170'. [ 276.090661][T13491] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2176'. [ 276.329965][T13442] udevd[13442]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 276.971281][T13521] netlink: 'syz.1.2187': attribute type 1 has an invalid length. [ 277.001745][T13521] 8021q: adding VLAN 0 to HW filter on device bond3 [ 277.028854][T13521] bond3: (slave gretap1): making interface the new active one [ 277.032673][T13521] bond3: (slave gretap1): Enslaving as an active interface with an up link [ 277.300696][ T40] kauditd_printk_skb: 55 callbacks suppressed [ 277.300714][ T40] audit: type=1326 audit(1774547396.666:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.311237][ T40] audit: type=1326 audit(1774547396.666:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.318189][ T40] audit: type=1326 audit(1774547396.666:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=21 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.325645][ T40] audit: type=1326 audit(1774547396.676:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.332808][ T40] audit: type=1326 audit(1774547396.676:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.341787][ T40] audit: type=1326 audit(1774547396.676:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf7125cab code=0x7ffc0000 [ 277.348596][ T40] audit: type=1326 audit(1774547396.676:855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.355479][ T40] audit: type=1326 audit(1774547396.676:856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.362385][ T40] audit: type=1326 audit(1774547396.676:857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 277.369037][ T40] audit: type=1326 audit(1774547396.676:858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13523 comm="syz.2.2188" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f27f6c code=0x7ffc0000 [ 279.208365][T13598] __nla_validate_parse: 19 callbacks suppressed [ 279.208380][T13598] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2220'. [ 279.239981][T13602] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2222'. [ 279.360848][T13607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2225'. [ 279.363910][T13607] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2225'. [ 279.369906][ T5948] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 279.375185][ T5948] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 279.377995][ T5948] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 279.382303][ T5948] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 279.385630][ T5948] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 279.397781][ T5950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 279.403016][ T5950] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 279.406405][ T5950] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 279.409851][ T5950] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 279.414684][ T5950] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 279.664326][T13611] chnl_net:caif_netlink_parms(): no params data found [ 279.723816][T13611] bridge0: port 1(bridge_slave_0) entered blocking state [ 279.726167][T13611] bridge0: port 1(bridge_slave_0) entered disabled state [ 279.728426][T13611] bridge_slave_0: entered allmulticast mode [ 279.732529][T13611] bridge_slave_0: entered promiscuous mode [ 279.736008][T13611] bridge0: port 2(bridge_slave_1) entered blocking state [ 279.738331][T13611] bridge0: port 2(bridge_slave_1) entered disabled state [ 279.743263][T13611] bridge_slave_1: entered allmulticast mode [ 279.746048][T13611] bridge_slave_1: entered promiscuous mode [ 279.764202][T13611] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 279.768661][T13611] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 279.785653][T13611] team0: Port device team_slave_0 added [ 279.788863][T13611] team0: Port device team_slave_1 added [ 279.806031][T13611] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 279.808253][T13611] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.817237][T13611] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 279.822136][T13611] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 279.824452][T13611] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 279.832921][T13611] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 279.860190][T13611] hsr_slave_0: entered promiscuous mode [ 279.862879][T13611] hsr_slave_1: entered promiscuous mode [ 279.865070][T13611] debugfs: 'hsr0' already exists in 'hsr' [ 279.866960][T13611] Cannot create hsr debugfs directory [ 279.948728][T13611] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.029079][T13611] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.095838][T13611] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.165490][T13611] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 280.287005][T13611] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 280.299132][T13611] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 280.307078][T13611] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 280.314972][T13611] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 280.342897][T13611] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.345947][T13611] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.349144][T13611] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.352231][T13611] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.406322][T13611] 8021q: adding VLAN 0 to HW filter on device bond0 [ 280.418586][ T6087] bridge0: port 1(bridge_slave_0) entered disabled state [ 280.422316][ T6087] bridge0: port 2(bridge_slave_1) entered disabled state [ 280.430044][T13611] 8021q: adding VLAN 0 to HW filter on device team0 [ 280.439783][ T6087] bridge0: port 1(bridge_slave_0) entered blocking state [ 280.442829][ T6087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 280.463286][ T6087] bridge0: port 2(bridge_slave_1) entered blocking state [ 280.466303][ T6087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 280.610135][T13611] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 280.641810][T13702] netlink: 'syz.2.2254': attribute type 1 has an invalid length. [ 280.657515][T13702] 8021q: adding VLAN 0 to HW filter on device bond2 [ 280.663123][T13611] veth0_vlan: entered promiscuous mode [ 280.673822][T13611] veth1_vlan: entered promiscuous mode [ 280.684521][T13702] bond2: (slave gretap2): making interface the new active one [ 280.690048][T13702] bond2: (slave gretap2): Enslaving as an active interface with an up link [ 280.706567][T13611] veth0_macvtap: entered promiscuous mode [ 280.710724][T13611] veth1_macvtap: entered promiscuous mode [ 280.719677][T13611] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 280.725053][T13611] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 280.734562][ T1144] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.738512][ T1144] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.742536][ T1144] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.748150][ T1144] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 280.811011][ T6291] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 280.813565][ T6291] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 280.818928][ T6291] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 280.822352][ T6291] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 281.373381][T13737] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2269'. [ 281.430649][ T5950] Bluetooth: hci4: command tx timeout [ 281.487286][ T5951] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 281.643346][ T5951] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 281.647610][ T5951] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 281.650660][ T5951] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 281.653546][ T5951] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 281.656392][ T5951] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 281.664772][ T5951] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 281.732171][T13617] udevd[13617]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 281.732460][ T5951] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -12 [ 281.866762][ T5951] usb 5-1: USB disconnect, device number 3 [ 282.060538][T13763] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2278'. [ 282.146956][T13774] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2282'. [ 282.277911][T13788] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2289'. [ 282.306111][T13625] udevd[13625]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 282.452922][T13803] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2296'. [ 282.456095][T13803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2296'. [ 282.658488][T13827] nbd: socks must be embedded in a SOCK_ITEM attr [ 282.675792][T13630] block nbd64: NBD_DISCONNECT [ 283.500662][ T5950] Bluetooth: hci4: command tx timeout [ 285.096225][ T6087] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.212471][ T6087] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.249045][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 285.253757][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 285.257071][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 285.262816][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 285.267326][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 285.299587][ T6087] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.387851][ T6087] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 285.429218][T13878] chnl_net:caif_netlink_parms(): no params data found [ 285.485418][T13878] bridge0: port 1(bridge_slave_0) entered blocking state [ 285.489370][T13878] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.494016][T13878] bridge_slave_0: entered allmulticast mode [ 285.497871][T13878] bridge_slave_0: entered promiscuous mode [ 285.503222][T13878] bridge0: port 2(bridge_slave_1) entered blocking state [ 285.506321][T13878] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.509367][T13878] bridge_slave_1: entered allmulticast mode [ 285.513230][T13878] bridge_slave_1: entered promiscuous mode [ 285.546739][T13878] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 285.569112][T13878] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 285.606838][T13878] team0: Port device team_slave_0 added [ 285.611136][T13878] team0: Port device team_slave_1 added [ 285.634296][T13878] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 285.636765][T13878] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 285.645015][T13878] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 285.648999][ T6087] bridge_slave_1: left allmulticast mode [ 285.651704][ T6087] bridge_slave_1: left promiscuous mode [ 285.654634][ T6087] bridge0: port 2(bridge_slave_1) entered disabled state [ 285.662366][ T6087] bridge_slave_0: left allmulticast mode [ 285.664179][ T6087] bridge_slave_0: left promiscuous mode [ 285.666038][ T6087] bridge0: port 1(bridge_slave_0) entered disabled state [ 285.956435][ T6087] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 285.969901][ T6087] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 285.982857][ T6087] bond0 (unregistering): Released all slaves [ 285.988034][T13878] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 285.990723][T13878] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 285.999683][T13878] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 286.011571][T13896] netlink: 'syz.1.2336': attribute type 3 has an invalid length. [ 286.015219][T13896] netlink: 'syz.1.2336': attribute type 3 has an invalid length. [ 286.113213][T13878] hsr_slave_0: entered promiscuous mode [ 286.115779][T13878] hsr_slave_1: entered promiscuous mode [ 286.118130][T13878] debugfs: 'hsr0' already exists in 'hsr' [ 286.120144][T13878] Cannot create hsr debugfs directory [ 286.173413][T13916] __nla_validate_parse: 8 callbacks suppressed [ 286.173425][T13916] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2338'. [ 286.346420][T13625] udevd[13625]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 286.378734][ T6087] hsr_slave_0: left promiscuous mode [ 286.385692][ T6087] hsr_slave_1: left promiscuous mode [ 286.388782][ T6087] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 286.392302][ T6087] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 286.397185][ T6087] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 286.400083][ T6087] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 286.443369][ T6087] veth1_macvtap: left promiscuous mode [ 286.446039][ T6087] veth0_macvtap: left promiscuous mode [ 286.448415][ T6087] veth1_vlan: left promiscuous mode [ 286.451534][ T6087] veth0_vlan: left promiscuous mode [ 286.633839][ T6087] team0 (unregistering): Port device team_slave_1 removed [ 286.641768][ T6087] team0 (unregistering): Port device team_slave_0 removed [ 286.719327][T13878] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 286.727175][T13878] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 286.732089][T13878] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 286.743681][T13878] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 286.833074][T13878] 8021q: adding VLAN 0 to HW filter on device bond0 [ 286.856608][T13878] 8021q: adding VLAN 0 to HW filter on device team0 [ 286.864761][ T6090] bridge0: port 1(bridge_slave_0) entered blocking state [ 286.867097][ T6090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 286.876326][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 286.878647][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 287.038295][T13878] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 287.230903][T13878] veth0_vlan: entered promiscuous mode [ 287.236674][T13878] veth1_vlan: entered promiscuous mode [ 287.251791][T13878] veth0_macvtap: entered promiscuous mode [ 287.259429][T13878] veth1_macvtap: entered promiscuous mode [ 287.274330][T13878] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 287.280703][T13878] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 287.286855][ T6087] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.289759][ T6087] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.295092][ T6087] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.297998][ T6087] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 287.340759][ T5950] Bluetooth: hci3: command tx timeout [ 287.357580][ T6291] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.363891][ T6291] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 287.377031][ T41] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 287.379697][ T41] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 288.123490][ T40] kauditd_printk_skb: 42 callbacks suppressed [ 288.123502][ T40] audit: type=1326 audit(1774547407.506:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.132573][ T40] audit: type=1326 audit(1774547407.506:902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.141278][ T40] audit: type=1326 audit(1774547407.506:903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.150218][ T40] audit: type=1326 audit(1774547407.506:904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.157922][ T40] audit: type=1326 audit(1774547407.506:905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.166899][ T40] audit: type=1326 audit(1774547407.506:906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.175732][ T40] audit: type=1326 audit(1774547407.506:907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.183184][ T40] audit: type=1326 audit(1774547407.506:908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14015 comm="syz.1.2366" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706ef6c code=0x7ffc0000 [ 288.296572][T14032] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2373'. [ 289.147814][ T6291] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 289.310810][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 289.318015][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 289.322852][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 289.326857][ T5948] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 289.332595][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 289.469185][T14050] chnl_net:caif_netlink_parms(): no params data found [ 289.487986][T14077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2391'. [ 289.491763][T14077] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2391'. [ 289.535945][T14050] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.538647][T14050] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.541838][T14050] bridge_slave_0: entered allmulticast mode [ 289.546088][T14050] bridge_slave_0: entered promiscuous mode [ 289.551368][T14050] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.554497][T14050] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.558034][T14050] bridge_slave_1: entered allmulticast mode [ 289.563041][T14050] bridge_slave_1: entered promiscuous mode [ 289.594240][T14050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 289.600929][T14050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 289.632886][T14050] team0: Port device team_slave_0 added [ 289.637775][T14050] team0: Port device team_slave_1 added [ 289.661960][T14050] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 289.664587][T14050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 289.674376][T14050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 289.679901][T14050] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 289.682819][T14050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 289.692022][T14050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 289.716564][T14050] hsr_slave_0: entered promiscuous mode [ 289.719485][T14050] hsr_slave_1: entered promiscuous mode [ 289.722399][T14050] debugfs: 'hsr0' already exists in 'hsr' [ 289.724242][T14050] Cannot create hsr debugfs directory [ 289.819369][T14050] netdevsim netdevsim5 netdevsim0: renamed from eth0 [ 289.823999][T14050] netdevsim netdevsim5 netdevsim1: renamed from eth1 [ 289.829903][T14050] netdevsim netdevsim5 netdevsim2: renamed from eth2 [ 289.842628][T14050] netdevsim netdevsim5 netdevsim3: renamed from eth3 [ 289.861746][T14050] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.864306][T14050] bridge0: port 2(bridge_slave_1) entered forwarding state [ 289.866705][T14050] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.869123][T14050] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.901355][T14050] 8021q: adding VLAN 0 to HW filter on device bond0 [ 289.908732][ T41] bridge0: port 1(bridge_slave_0) entered disabled state [ 289.911776][ T41] bridge0: port 2(bridge_slave_1) entered disabled state [ 289.918852][T14050] 8021q: adding VLAN 0 to HW filter on device team0 [ 289.925418][ T6087] bridge0: port 1(bridge_slave_0) entered blocking state [ 289.928264][ T6087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 289.936532][ T41] bridge0: port 2(bridge_slave_1) entered blocking state [ 289.939413][ T41] bridge0: port 2(bridge_slave_1) entered forwarding state [ 290.078253][T14050] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 290.268435][T14050] veth0_vlan: entered promiscuous mode [ 290.276965][T14050] veth1_vlan: entered promiscuous mode [ 290.295092][T14050] veth0_macvtap: entered promiscuous mode [ 290.300133][T14050] veth1_macvtap: entered promiscuous mode [ 290.310253][T14050] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 290.318287][T14050] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 290.325579][ T6090] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.328677][ T6090] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.333258][ T6090] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.336081][ T6090] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 290.383867][ T6090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 290.387603][ T6090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.403888][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 290.407266][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 290.560145][T14140] bridge0: port 2(bridge_slave_1) entered disabled state [ 290.860034][ T6291] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 290.973516][ T6291] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.044029][ T6291] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 291.263032][ T6291] bridge_slave_1: left allmulticast mode [ 291.268664][ T6291] bridge_slave_1: left promiscuous mode [ 291.271401][ T6291] bridge0: port 2(bridge_slave_1) entered disabled state [ 291.279683][ T6291] bridge_slave_0: left allmulticast mode [ 291.283126][ T6291] bridge_slave_0: left promiscuous mode [ 291.285308][ T6291] bridge0: port 1(bridge_slave_0) entered disabled state [ 291.448291][ T6291] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 291.473231][ T6291] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 291.478386][ T6291] bond0 (unregistering): Released all slaves [ 291.725764][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 291.733620][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 291.739885][ T5950] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 291.743719][ T5950] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 291.747253][ T5950] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 292.204209][ T6291] hsr_slave_0: left promiscuous mode [ 292.206449][ T6291] hsr_slave_1: left promiscuous mode [ 292.210725][ T6291] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 292.213218][ T6291] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 292.222954][ T6291] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 292.225401][ T6291] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 292.246274][ T6291] veth1_macvtap: left promiscuous mode [ 292.248242][ T6291] veth0_macvtap: left promiscuous mode [ 292.261733][ T6291] veth1_vlan: left promiscuous mode [ 292.263892][ T6291] veth0_vlan: left promiscuous mode [ 292.314583][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 292.319961][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 292.324476][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 292.327764][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 292.330429][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 292.496856][ T6291] team0 (unregistering): Port device team_slave_1 removed [ 292.508475][ T6291] team0 (unregistering): Port device team_slave_0 removed [ 292.592555][T14190] chnl_net:caif_netlink_parms(): no params data found [ 292.718600][T14190] bridge0: port 1(bridge_slave_0) entered blocking state [ 292.721424][T14190] bridge0: port 1(bridge_slave_0) entered disabled state [ 292.724337][T14190] bridge_slave_0: entered allmulticast mode [ 292.727915][T14190] bridge_slave_0: entered promiscuous mode [ 292.733165][T14190] bridge0: port 2(bridge_slave_1) entered blocking state [ 292.736088][T14190] bridge0: port 2(bridge_slave_1) entered disabled state [ 292.738545][T14190] bridge_slave_1: entered allmulticast mode [ 292.743202][T14190] bridge_slave_1: entered promiscuous mode [ 292.813695][T14190] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 292.824617][T14190] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 292.876585][T14190] team0: Port device team_slave_0 added [ 292.887076][T14190] team0: Port device team_slave_1 added [ 292.929996][T14227] chnl_net:caif_netlink_parms(): no params data found [ 292.938749][T14190] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 292.941633][T14190] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.951493][T14190] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 292.961530][T14190] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 292.964344][T14190] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 292.991146][T14190] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.092577][T14190] hsr_slave_0: entered promiscuous mode [ 293.096024][T14190] hsr_slave_1: entered promiscuous mode [ 293.098950][T14190] debugfs: 'hsr0' already exists in 'hsr' [ 293.101904][T14190] Cannot create hsr debugfs directory [ 293.136326][T14227] bridge0: port 1(bridge_slave_0) entered blocking state [ 293.139277][T14227] bridge0: port 1(bridge_slave_0) entered disabled state [ 293.146680][T14227] bridge_slave_0: entered allmulticast mode [ 293.152071][T14227] bridge_slave_0: entered promiscuous mode [ 293.156517][T14227] bridge0: port 2(bridge_slave_1) entered blocking state [ 293.159571][T14227] bridge0: port 2(bridge_slave_1) entered disabled state [ 293.163849][T14227] bridge_slave_1: entered allmulticast mode [ 293.167690][T14227] bridge_slave_1: entered promiscuous mode [ 293.231672][T14258] bridge0: port 2(bridge_slave_1) entered disabled state [ 293.254739][T14227] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 293.261992][T14227] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 293.306111][T14227] team0: Port device team_slave_0 added [ 293.309432][T14227] team0: Port device team_slave_1 added [ 293.373159][ T6291] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.409570][T14190] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.419846][T14227] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 293.423261][T14227] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 293.431233][T14227] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 293.436136][T14227] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 293.438288][T14227] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 293.446169][T14227] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 293.472454][T14227] hsr_slave_0: entered promiscuous mode [ 293.475143][T14227] hsr_slave_1: entered promiscuous mode [ 293.477520][T14227] debugfs: 'hsr0' already exists in 'hsr' [ 293.479498][T14227] Cannot create hsr debugfs directory [ 293.570032][T14190] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.658834][T14190] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.719612][T14190] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.740310][ T6291] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.826861][ T5948] Bluetooth: hci3: command tx timeout [ 293.830093][ T6291] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.857471][T14190] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 293.867661][T14190] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 293.873389][T14190] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 293.899852][ T6291] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 293.908452][T14190] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 293.952207][T14227] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 293.958698][T14227] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 293.966626][T14227] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 293.979329][T14227] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 294.056422][ T6291] bridge_slave_1: left promiscuous mode [ 294.058357][ T6291] bridge0: port 2(bridge_slave_1) entered disabled state [ 294.063859][ T6291] bridge_slave_0: left allmulticast mode [ 294.065828][ T6291] bridge_slave_0: left promiscuous mode [ 294.067988][ T6291] bridge0: port 1(bridge_slave_0) entered disabled state [ 294.234370][ T6291] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 294.240729][ T6291] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 294.246086][ T6291] bond0 (unregistering): Released all slaves [ 294.289003][T14190] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.314634][T14227] 8021q: adding VLAN 0 to HW filter on device bond0 [ 294.321287][T14190] 8021q: adding VLAN 0 to HW filter on device team0 [ 294.337335][ T6090] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.339974][ T6090] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.355262][T14227] 8021q: adding VLAN 0 to HW filter on device team0 [ 294.366463][ T6293] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.369445][ T6293] bridge0: port 2(bridge_slave_1) entered forwarding state [ 294.381194][ T5948] Bluetooth: hci1: command tx timeout [ 294.396916][ T6087] bridge0: port 1(bridge_slave_0) entered blocking state [ 294.399204][ T6087] bridge0: port 1(bridge_slave_0) entered forwarding state [ 294.408351][ T6087] bridge0: port 2(bridge_slave_1) entered blocking state [ 294.410740][ T6087] bridge0: port 2(bridge_slave_1) entered forwarding state [ 294.553702][ T6291] hsr_slave_0: left promiscuous mode [ 294.556067][ T6291] hsr_slave_1: left promiscuous mode [ 294.559148][ T6291] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 294.561561][ T6291] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 294.564294][ T6291] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 294.566570][ T6291] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 294.586502][ T6291] veth1_macvtap: left promiscuous mode [ 294.588305][ T6291] veth0_macvtap: left promiscuous mode [ 294.592798][ T6291] veth1_vlan: left promiscuous mode [ 294.594629][ T6291] veth0_vlan: left promiscuous mode [ 294.716656][ T6291] team0 (unregistering): Port device team_slave_1 removed [ 294.727130][ T6291] team0 (unregistering): Port device team_slave_0 removed [ 294.857042][T14227] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.877290][T14190] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 294.913746][T14190] veth0_vlan: entered promiscuous mode [ 294.920274][T14190] veth1_vlan: entered promiscuous mode [ 294.939620][T14190] veth0_macvtap: entered promiscuous mode [ 294.953634][T14190] veth1_macvtap: entered promiscuous mode [ 294.974069][T14190] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 294.983018][T14190] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 294.993136][ T6293] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 294.999641][ T6293] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.028161][ T6293] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.032975][ T6293] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.056557][ T6090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.059999][ T6090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.089498][ T6087] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.095014][ T6087] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.134202][T14227] veth0_vlan: entered promiscuous mode [ 295.155727][T14227] veth1_vlan: entered promiscuous mode [ 295.176901][T14227] veth0_macvtap: entered promiscuous mode [ 295.186247][T14227] veth1_macvtap: entered promiscuous mode [ 295.228843][T14227] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 295.255987][T14227] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 295.269990][ T6090] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.274461][ T6090] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.278150][ T6090] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.281328][ T6090] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 295.347780][ T6087] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.351692][ T6087] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.402629][ T6293] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 295.405143][ T6293] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 295.910648][ T5948] Bluetooth: hci3: command tx timeout [ 296.470983][ T5950] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 296.475154][ T5950] Bluetooth: hci1: command tx timeout [ 296.483775][ T5944] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 296.488027][ T5944] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 296.492807][ T5944] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 296.499971][ T5944] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 296.754010][T14377] chnl_net:caif_netlink_parms(): no params data found [ 296.906158][ T6116] bridge0: port 1(syz_tun) entered disabled state [ 296.940585][ T5944] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201' [ 296.943833][ T5944] CPU: 2 UID: 0 PID: 5944 Comm: kworker/u33:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 296.943854][ T5944] Tainted: [L]=SOFTLOCKUP [ 296.943858][ T5944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 296.943866][ T5944] Workqueue: hci3 hci_rx_work [ 296.943885][ T5944] Call Trace: [ 296.943890][ T5944] [ 296.943895][ T5944] dump_stack_lvl+0x100/0x190 [ 296.943914][ T5944] sysfs_warn_dup.cold+0x1c/0x28 [ 296.943932][ T5944] sysfs_create_dir_ns+0x24b/0x2b0 [ 296.943949][ T5944] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 296.943968][ T5944] ? find_held_lock+0x2b/0x80 [ 296.943980][ T5944] ? kobject_add_internal+0x25f/0x930 [ 296.943992][ T5944] ? kobject_add_internal+0x25f/0x930 [ 296.944005][ T5944] ? do_raw_spin_unlock+0x145/0x1e0 [ 296.944024][ T5944] kobject_add_internal+0x2c8/0x930 [ 296.944038][ T5944] kobject_add+0x16a/0x1e0 [ 296.944050][ T5944] ? __pfx_kobject_add+0x10/0x10 [ 296.944061][ T5944] ? class_to_subsys+0x10f/0x150 [ 296.944079][ T5944] ? kobject_put+0xb9/0x640 [ 296.944090][ T5944] ? _raw_spin_unlock+0x28/0x50 [ 296.944109][ T5944] device_add+0x294/0x1950 [ 296.944123][ T5944] ? __pfx_dev_set_name+0x10/0x10 [ 296.944138][ T5944] ? __pfx_device_add+0x10/0x10 [ 296.944152][ T5944] ? mgmt_send_event_skb+0x2fb/0x460 [ 296.944171][ T5944] hci_conn_add_sysfs+0x1a3/0x260 [ 296.944187][ T5944] le_conn_complete_evt+0x11cb/0x1f40 [ 296.944206][ T5944] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 296.944224][ T5944] hci_le_conn_complete_evt+0x23c/0x3a0 [ 296.944240][ T5944] ? skb_pull_data+0x15f/0x1e0 [ 296.944254][ T5944] hci_le_meta_evt+0x34a/0x5f0 [ 296.944269][ T5944] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 296.944286][ T5944] hci_event_packet+0x682/0x11c0 [ 296.944300][ T5944] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 296.944316][ T5944] ? __pfx_hci_event_packet+0x10/0x10 [ 296.944332][ T5944] ? kcov_remote_start+0x374/0x660 [ 296.944343][ T5944] ? lockdep_hardirqs_on+0x78/0x100 [ 296.944363][ T5944] hci_rx_work+0x451/0xfc0 [ 296.944380][ T5944] process_one_work+0xa23/0x19a0 [ 296.944402][ T5944] ? __pfx_process_one_work+0x10/0x10 [ 296.944422][ T5944] ? __pfx_hci_rx_work+0x10/0x10 [ 296.944437][ T5944] worker_thread+0x5ef/0xe50 [ 296.944457][ T5944] ? __pfx_worker_thread+0x10/0x10 [ 296.944474][ T5944] ? kthread+0x13a/0x450 [ 296.944487][ T5944] ? __pfx_worker_thread+0x10/0x10 [ 296.944502][ T5944] kthread+0x370/0x450 [ 296.944516][ T5944] ? __pfx_kthread+0x10/0x10 [ 296.944532][ T5944] ret_from_fork+0x754/0xd80 [ 296.944549][ T5944] ? __pfx_ret_from_fork+0x10/0x10 [ 296.944566][ T5944] ? rcu_is_watching+0x12/0xc0 [ 296.944583][ T5944] ? __switch_to+0x7b4/0x1120 [ 296.944595][ T5944] ? __pfx_kthread+0x10/0x10 [ 296.944611][ T5944] ret_from_fork_asm+0x1a/0x30 [ 296.944649][ T5944] [ 296.944692][ T5944] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 297.043251][ T6116] syz_tun (unregistering): left allmulticast mode [ 297.049069][ T6116] syz_tun (unregistering): left promiscuous mode [ 297.059025][ T5944] Bluetooth: hci3: failed to register connection device [ 297.059532][ T6116] bridge0: port 1(syz_tun) entered disabled state [ 297.068152][ T5944] ================================================================== [ 297.070709][ T5944] BUG: KASAN: slab-use-after-free in l2cap_connect_cfm+0xe57/0x1050 [ 297.073198][ T5944] Read of size 8 at addr ffff888024d04480 by task kworker/u33:2/5944 [ 297.078182][ T5944] [ 297.079356][ T5944] CPU: 2 UID: 0 PID: 5944 Comm: kworker/u33:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.079375][ T5944] Tainted: [L]=SOFTLOCKUP [ 297.079380][ T5944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 297.079388][ T5944] Workqueue: hci3 hci_rx_work [ 297.079406][ T5944] Call Trace: [ 297.079411][ T5944] [ 297.079416][ T5944] dump_stack_lvl+0x100/0x190 [ 297.079433][ T5944] print_report+0x156/0x4c9 [ 297.079450][ T5944] ? __virt_addr_valid+0x81/0x620 [ 297.079465][ T5944] ? __phys_addr+0xe8/0x180 [ 297.079480][ T5944] ? l2cap_connect_cfm+0xe57/0x1050 [ 297.079494][ T5944] kasan_report+0xdf/0x1e0 [ 297.079506][ T5944] ? l2cap_connect_cfm+0xe57/0x1050 [ 297.079520][ T5944] l2cap_connect_cfm+0xe57/0x1050 [ 297.079536][ T5944] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 297.079552][ T5944] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 297.079567][ T5944] le_conn_complete_evt+0x195c/0x1f40 [ 297.079583][ T5944] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 297.079599][ T5944] hci_le_conn_complete_evt+0x23c/0x3a0 [ 297.079613][ T5944] ? skb_pull_data+0x15f/0x1e0 [ 297.079626][ T5944] hci_le_meta_evt+0x34a/0x5f0 [ 297.079640][ T5944] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 297.079655][ T5944] hci_event_packet+0x682/0x11c0 [ 297.079668][ T5944] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 297.079683][ T5944] ? __pfx_hci_event_packet+0x10/0x10 [ 297.079697][ T5944] ? kcov_remote_start+0x374/0x660 [ 297.079708][ T5944] ? lockdep_hardirqs_on+0x78/0x100 [ 297.079726][ T5944] hci_rx_work+0x451/0xfc0 [ 297.079740][ T5944] process_one_work+0xa23/0x19a0 [ 297.079758][ T5944] ? __pfx_process_one_work+0x10/0x10 [ 297.079776][ T5944] ? __pfx_hci_rx_work+0x10/0x10 [ 297.079789][ T5944] worker_thread+0x5ef/0xe50 [ 297.079806][ T5944] ? __pfx_worker_thread+0x10/0x10 [ 297.079822][ T5944] ? kthread+0x13a/0x450 [ 297.079836][ T5944] ? __pfx_worker_thread+0x10/0x10 [ 297.079850][ T5944] kthread+0x370/0x450 [ 297.079864][ T5944] ? __pfx_kthread+0x10/0x10 [ 297.079878][ T5944] ret_from_fork+0x754/0xd80 [ 297.079895][ T5944] ? __pfx_ret_from_fork+0x10/0x10 [ 297.079911][ T5944] ? rcu_is_watching+0x12/0xc0 [ 297.079935][ T5944] ? __switch_to+0x7b4/0x1120 [ 297.079948][ T5944] ? __pfx_kthread+0x10/0x10 [ 297.079964][ T5944] ret_from_fork_asm+0x1a/0x30 [ 297.079980][ T5944] [ 297.079984][ T5944] [ 297.152657][ T5944] Allocated by task 5944: [ 297.154048][ T5944] kasan_save_stack+0x30/0x50 [ 297.155568][ T5944] kasan_save_track+0x14/0x30 [ 297.157075][ T5944] __kasan_kmalloc+0xaa/0xb0 [ 297.158576][ T5944] l2cap_chan_create+0x44/0x940 [ 297.160152][ T5944] l2cap_sock_alloc.constprop.0+0xf5/0x1e0 [ 297.161937][ T5944] l2cap_sock_new_connection_cb+0x101/0x260 [ 297.163781][ T5944] l2cap_connect_cfm+0x4e2/0x1050 [ 297.165325][ T5944] le_conn_complete_evt+0x195c/0x1f40 [ 297.166982][ T5944] hci_le_conn_complete_evt+0x23c/0x3a0 [ 297.168698][ T5944] hci_le_meta_evt+0x34a/0x5f0 [ 297.170207][ T5944] hci_event_packet+0x682/0x11c0 [ 297.171735][ T5944] hci_rx_work+0x451/0xfc0 [ 297.173126][ T5944] process_one_work+0xa23/0x19a0 [ 297.174707][ T5944] worker_thread+0x5ef/0xe50 [ 297.176184][ T5944] kthread+0x370/0x450 [ 297.177486][ T5944] ret_from_fork+0x754/0xd80 [ 297.178986][ T5944] ret_from_fork_asm+0x1a/0x30 [ 297.180539][ T5944] [ 297.181314][ T5944] Freed by task 14398: [ 297.182594][ T5944] kasan_save_stack+0x30/0x50 [ 297.184112][ T5944] kasan_save_track+0x14/0x30 [ 297.185582][ T5944] kasan_save_free_info+0x3b/0x70 [ 297.187179][ T5944] __kasan_slab_free+0x5f/0x80 [ 297.188735][ T5944] kfree+0x1f6/0x6b0 [ 297.190036][ T5944] l2cap_chan_put+0x235/0x300 [ 297.191549][ T5944] l2cap_sock_cleanup_listen+0x4d/0x2d0 [ 297.193313][ T5944] l2cap_sock_release+0x69/0x280 [ 297.194919][ T5944] __sock_release+0xb3/0x260 [ 297.196392][ T5944] sock_close+0x1c/0x30 [ 297.197734][ T5944] __fput+0x3ff/0xb40 [ 297.199024][ T5944] task_work_run+0x150/0x240 [ 297.200501][ T5944] exit_to_user_mode_loop+0x100/0x4a0 [ 297.202228][ T5944] __do_fast_syscall_32+0x578/0x8c0 [ 297.203894][ T5944] do_fast_syscall_32+0x32/0x70 [ 297.205460][ T5944] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 297.207497][ T5944] [ 297.208270][ T5944] The buggy address belongs to the object at ffff888024d04000 [ 297.208270][ T5944] which belongs to the cache kmalloc-2k of size 2048 [ 297.212655][ T5944] The buggy address is located 1152 bytes inside of [ 297.212655][ T5944] freed 2048-byte region [ffff888024d04000, ffff888024d04800) [ 297.217040][ T5944] [ 297.217823][ T5944] The buggy address belongs to the physical page: [ 297.219883][ T5944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24d00 [ 297.222601][ T5944] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 297.225270][ T5944] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 297.227614][ T5944] page_type: f5(slab) [ 297.228880][ T5944] raw: 00fff00000000040 ffff88801b842f00 dead000000000100 dead000000000122 [ 297.231611][ T5944] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 297.234559][ T5944] head: 00fff00000000040 ffff88801b842f00 dead000000000100 dead000000000122 [ 297.237297][ T5944] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 297.240012][ T5944] head: 00fff00000000003 ffffea0000934001 00000000ffffffff 00000000ffffffff [ 297.242710][ T5944] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 297.245449][ T5944] page dumped because: kasan: bad access detected [ 297.247462][ T5944] page_owner tracks the page as allocated [ 297.249246][ T5944] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5947, tgid 5947 (syz-executor), ts 63184019221, free_ts 28941113828 [ 297.255807][ T5944] post_alloc_hook+0x153/0x170 [ 297.257318][ T5944] get_page_from_freelist+0x111d/0x3140 [ 297.259057][ T5944] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 297.260903][ T5944] new_slab+0xa6/0x6b0 [ 297.262202][ T5944] refill_objects+0x26b/0x400 [ 297.263694][ T5944] __pcs_replace_empty_main+0x1ab/0x660 [ 297.265410][ T5944] __kmalloc_noprof+0x688/0x850 [ 297.266897][ T5944] sk_prot_alloc+0x10b/0x2a0 [ 297.268334][ T5944] sk_alloc+0x36/0xe80 [ 297.269613][ T5944] __netlink_create+0x5e/0x2c0 [ 297.271114][ T5944] netlink_create+0x293/0x610 [ 297.272594][ T5944] __sock_create+0x339/0x860 [ 297.274069][ T5944] __sys_socket+0x14d/0x260 [ 297.275486][ T5944] __ia32_compat_sys_socketcall+0x65b/0x770 [ 297.277364][ T5944] __do_fast_syscall_32+0xe3/0x8c0 [ 297.278988][ T5944] do_fast_syscall_32+0x32/0x70 [ 297.280538][ T5944] page last free pid 5359 tgid 5359 stack trace: [ 297.282724][ T5944] __free_frozen_pages+0x7e1/0x10d0 [ 297.284433][ T5944] qlist_free_all+0x47/0xe0 [ 297.285977][ T5944] kasan_quarantine_reduce+0x1a0/0x1f0 [ 297.287713][ T5944] __kasan_slab_alloc+0x69/0x90 [ 297.289303][ T5944] kmem_cache_alloc_noprof+0x241/0x6e0 [ 297.291047][ T5944] do_getname+0x35/0x390 [ 297.292370][ T5944] do_sys_openat2+0xc5/0x1e0 [ 297.293853][ T5944] __x64_sys_openat+0x12d/0x210 [ 297.295384][ T5944] do_syscall_64+0x106/0xf80 [ 297.296863][ T5944] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.298718][ T5944] [ 297.299494][ T5944] Memory state around the buggy address: [ 297.301248][ T5944] ffff888024d04380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 297.303723][ T5944] ffff888024d04400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 297.306239][ T5944] >ffff888024d04480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 297.309054][ T5944] ^ [ 297.310366][ T5944] ffff888024d04500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 297.312847][ T5944] ffff888024d04580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 297.315356][ T5944] ================================================================== [ 297.319196][ T5944] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 297.321829][ T5944] CPU: 2 UID: 0 PID: 5944 Comm: kworker/u33:2 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.326459][ T5944] Tainted: [L]=SOFTLOCKUP [ 297.328284][ T5944] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 297.332344][ T5944] Workqueue: hci3 hci_rx_work [ 297.334335][ T5944] Call Trace: [ 297.335730][ T5944] [ 297.336943][ T5944] dump_stack_lvl+0x100/0x190 [ 297.338981][ T5944] vpanic+0x552/0x970 [ 297.340689][ T5944] ? __pfx_vpanic+0x10/0x10 [ 297.342522][ T5944] ? l2cap_connect_cfm+0xe57/0x1050 [ 297.344324][ T5944] panic+0xd1/0xe0 [ 297.345542][ T5944] ? __pfx_panic+0x10/0x10 [ 297.347033][ T5944] ? l2cap_connect_cfm+0xe57/0x1050 [ 297.348726][ T5944] ? preempt_schedule_common+0x42/0xc0 [ 297.350556][ T5944] check_panic_on_warn.cold+0x19/0x34 [ 297.352435][ T5944] end_report.part.0+0x3a/0x90 [ 297.354047][ T5944] kasan_report.cold+0xe/0x18 [ 297.355536][ T5944] ? l2cap_connect_cfm+0xe57/0x1050 [ 297.357383][ T5944] l2cap_connect_cfm+0xe57/0x1050 [ 297.359103][ T5944] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 297.360832][ T5944] ? __pfx_l2cap_connect_cfm+0x10/0x10 [ 297.362985][ T5944] le_conn_complete_evt+0x195c/0x1f40 [ 297.365261][ T5944] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 297.367645][ T5944] hci_le_conn_complete_evt+0x23c/0x3a0 [ 297.369901][ T5944] ? skb_pull_data+0x15f/0x1e0 [ 297.371906][ T5944] hci_le_meta_evt+0x34a/0x5f0 [ 297.374006][ T5944] ? __pfx_hci_le_conn_complete_evt+0x10/0x10 [ 297.375900][ T5944] hci_event_packet+0x682/0x11c0 [ 297.377482][ T5944] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 297.379183][ T5944] ? __pfx_hci_event_packet+0x10/0x10 [ 297.380878][ T5944] ? kcov_remote_start+0x374/0x660 [ 297.382533][ T5944] ? lockdep_hardirqs_on+0x78/0x100 [ 297.384210][ T5944] hci_rx_work+0x451/0xfc0 [ 297.385655][ T5944] process_one_work+0xa23/0x19a0 [ 297.387246][ T5944] ? __pfx_process_one_work+0x10/0x10 [ 297.388878][ T5944] ? __pfx_hci_rx_work+0x10/0x10 [ 297.390380][ T5944] worker_thread+0x5ef/0xe50 [ 297.392067][ T5944] ? __pfx_worker_thread+0x10/0x10 [ 297.393929][ T5944] ? kthread+0x13a/0x450 [ 297.395421][ T5944] ? __pfx_worker_thread+0x10/0x10 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 297.397049][ T5944] kthread+0x370/0x450 [ 297.398441][ T5944] ? __pfx_kthread+0x10/0x10 [ 297.399921][ T5944] ret_from_fork+0x754/0xd80 [ 297.401398][ T5944] ? __pfx_ret_from_fork+0x10/0x10 [ 297.403038][ T5944] ? rcu_is_watching+0x12/0xc0 [ 297.404585][ T5944] ? __switch_to+0x7b4/0x1120 [ 297.406135][ T5944] ? __pfx_kthread+0x10/0x10 [ 297.407598][ T5944] ret_from_fork_asm+0x1a/0x30 [ 297.409095][ T5944] [ 297.410750][ T5944] Kernel Offset: disabled [ 297.412130][ T5944] Rebooting in 86400 seconds.. VM DIAGNOSIS: 17:50:16 Registers: info registers vcpu 0 CPU#0 RAX=00000000004ad8a9 RBX=ffffffff8e4975c0 RCX=ffffffff8b8dfc75 RDX=0000000000000000 RSI=ffffffff8de811d8 RDI=ffffffff8c1b1220 RBP=0000000000000000 RSP=ffffffff8e407e00 R8 =0000000000000001 R9 =ffffed100564679d R10=ffff88802b233ceb R11=0000000000000000 R12=0000000000000000 R13=fffffbfff1c92eb8 R14=0000000000000000 R15=ffffffff90d9dc10 RIP=ffffffff8b8de5df RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097146000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007ffcbd9e1ae0 CR3=0000000065fe7000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=1ffffffff1c24de5 RBX=000000000000000c RCX=ffffffff8280b53c RDX=dffffc0000000000 RSI=ffffffff82809700 RDI=000000000000000c RBP=1ffffffff1c24de5 RSP=ffffc900063b7428 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=0000000000000001 R13=0000000000000001 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff82809177 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097246000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f7f155b8 CR3=0000000021cf4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000001 Opmask01=0000000000000000 Opmask02=0000000000600000 Opmask03=0000000000000000 Opmask04=00000000ffdfffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffff6f84d6b 00007ffff6f84d6b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffff6f85270 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffff6f85270 0000003000000018 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420726574736967 6572206f74207972 742074276e6f6420 2c54534958454500 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7420726574736367 6572206574207372 7420742764656420 2654534352454500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6434323038383866 6666662072646461 207461203820657a 697320666f206461 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2e79726f74636572 696420656d617320 656874206e692065 6d616e20656d6173 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2065687420687469 772073676e696874 2072657473696765 72206f7420797274 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2074276e6f64202c 5453495845452d20 6874697720313032 3a3369636820726f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 662064656c696166 206c616e7265746e 695f6464615f7463 656a626f6b203a74 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000075 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8577f135 RDI=ffffffff9b4921c0 RBP=ffffffff9b492180 RSP=ffffc900063f7250 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6434323038386552 R12=0000000000000000 R13=0000000000000075 R14=0000000000000010 R15=ffffffff8577f0d0 RIP=ffffffff8577f15f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097346000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000008000f000 CR3=000000005f8d8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffff00 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000003 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000 RSI=0000000000000000 RDI=ffffffff8e7e77a0 RBP=ffffffff8e7e77a0 RSP=ffffc900006df288 R8 =0000000000000000 R9 =0000000000000000 R10=0000000006b001e1 R11=00000000000075fb R12=0000000000000002 R13=0000000000000000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff81e47242 RFL=00000297 [--S-APC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097446000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000800000c6 CR3=0000000075137000 CR4=00352ef0 DR0=000000006000003f DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f800000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000