last executing test programs: 7.13090223s ago: executing program 2 (id=412): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) socket(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x1, 0x0) openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x2942, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2}) ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[0x0], 0x1}) r3 = socket$phonet_pipe(0x23, 0x5, 0x2) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r3}, 0x20) ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)}) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r4 = dup(0xffffffffffffffff) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0) r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00') read$FUSE(r5, &(0x7f0000000640)={0x2020}, 0x2020) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',privport,access=', @ANYRESDEC=r6]) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x0, 0x0, r4, 0x2, '\x00', 0x0, r4, 0x2, 0x5, 0x0, 0x0, @void, @value, @void, @value}, 0x50) ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f00000001c0)={'ip6gre0\x00', &(0x7f0000000500)={'syztnl1\x00', 0x0, 0x4, 0x8, 0xf, 0x439, 0x4, @local, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7, 0x10, 0x2, 0x9}}) 7.070791119s ago: executing program 2 (id=415): r0 = syz_open_procfs(0x0, &(0x7f0000000680)='net\x00') r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f00000006c0)=@newtaction={0x308, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x2f4, 0x1, [@m_simple={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0xf454, 0x800000, 0x8, 0x8001, 0x8}}, @TCA_DEF_DATA={0x9, 0x3, ')$)+\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_skbedit={0x48, 0x12, 0x0, 0x0, {{0xc}, {0x4}, {0x1b, 0x6, "f60f3b477b740f0d867e019dd1bd68c77374c5af4cf6a8"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_vlan={0xd4, 0x3, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x2a, 0x0, 0x4, 0x2, 0x4}, 0x2}}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0xdbc}]}, {0x79, 0x6, "230610d7246e5bd86f825ec8081c4684f862c6d5c619a6f9f585e6288a4aa4fa3b63e1aad6502aadf877f87de1467c9aa15273327d8acde2d48506e2cf14cc5c393d5a95e5a9ed750eb82cee2d4d7dce1e5625c42d0cf03694689a9474afb6856ad7faba171d13b52b7e0097ef3f69335b11328700"}, {0xc}, {0xc, 0x8, {0x2, 0x2}}}}, @m_mirred={0x180, 0x13, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x7, 0xe4d, 0x3, 0xf, 0x2}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x73e, 0x9, 0x4, 0x9, 0x7fff}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0x4, 0xffffffffffffffff, 0x79, 0x3dd3b048}, 0x3}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x4, 0x8, 0x0, 0x84, 0x2cf}, 0x4}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x7c7, 0x0, 0x1, 0xe, 0x6}, 0x4}}]}, {0xb1, 0x6, "437d01eee4594911164116a8b61507a9cb21c2fb44585bb5737a7d6aa9f1aa9a1e90b085bfc19ac9c1ee55da6d168f40f992f738dd8274d80adb2ff10d0aabd4dd456d26e5875426f9225eb2bf8fa3e492f4c4a991b8b861b673b96834130255ce9f591abc19150147df3caab7940bc6125b4798dce5e58d81deeac6937358572b5c60d382e2ccbe12f674c9d58f48cba0158b418f98a4df45419d4a378dac5037d999dab1e4d0f9a46d82c295"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x308}}, 0x0) sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000040)='B', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x0) r3 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x438, 0x258, 0x268, 0x311, 0x258, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x0, 0xfffffffc}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@uncond, 0x0, 0xa8, 0x110, 0xe4030000}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x498) socket$nl_route(0x10, 0x3, 0x0) r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace$setregs(0xd, r4, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb") ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000540)) ptrace$cont(0x20, r4, 0x0, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x2204880, 0x0) r5 = userfaultfd(0x80800) openat$cgroup_ro(r0, 0x0, 0x0, 0x0) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, 0x0) openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x100, 0x0) r6 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_STAT_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB="30000000111401000000000000000000080001000000000008004f000400000008004a000000000008004b0013"], 0x30}}, 0x0) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000080), r8) sendmsg$NLBL_CALIPSO_C_LISTALL(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB="65572abd700df9d1df2504"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x408c056) sendmsg$NLBL_CALIPSO_C_LIST(r7, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r9, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x2}]}, 0x2c}}, 0x8004) ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040)=0x1) ioctl$vim2m_VIDIOC_QBUF(r1, 0xc058560f, &(0x7f0000000180)=@mmap={0x1, 0x1, 0x4, 0x1, 0x1, {}, {0x4, 0x1, 0x8, 0x5, 0x29, 0xd, "0adb3fb8"}, 0x5}) close_range(r1, 0xffffffffffffffff, 0x0) 6.990704197s ago: executing program 2 (id=418): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) write(0xffffffffffffffff, &(0x7f0000000040)="3a03000019002551075c0165ff0ffc02802000030004000500e1000c0400070280000f", 0x23) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="12000000120001000200000000000000100000000c00001700000000000000000f10"], 0x30}], 0x1, 0x0, 0x0, 0x20004000}, 0x0) r2 = dup(r1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) socket$l2tp(0x2, 0x2, 0x73) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="02"], 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x4, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x3b}, [@exit={0x95, 0x0, 0x1008}], {0x95, 0x0, 0x5a5}}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = socket$kcm(0x2, 0x5, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000080)=[{&(0x7f00000000c0)='#', 0x1}], 0x1}, 0x0) recvmsg(r5, &(0x7f0000000440)={0x0, 0x0, 0x0}, 0x102) setsockopt$sock_attach_bpf(r5, 0x1, 0x7, &(0x7f0000000180), 0x43) socket$l2tp(0x2, 0x2, 0x73) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 6.56139306s ago: executing program 2 (id=424): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r1, 0x5, 0x0, 0x2, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_DISABLE_VHT={0x4}]}, 0x2c}}, 0x0) (fail_nth: 10) 6.361071186s ago: executing program 2 (id=426): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000040000000800000008", @ANYRESOCT], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000040)="47ea198bfd0e9cd5e092a9be7e8e", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) ftruncate(0xffffffffffffffff, 0x2) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x1, 0x0) fchdir(r3) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x80, 0x1) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='nfsd\x00', 0x403, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x28011, r4, 0x0) ftruncate(r4, 0x796c) setregid(0x0, 0xee01) faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0) write$uinput_user_dev(r4, &(0x7f00000025c0)={'syz0\x00', {0x2, 0x7, 0x3, 0x7fff}, 0x14, [0x3, 0x5, 0x7, 0x9, 0xfffffffd, 0x736, 0x8001, 0x9, 0x401, 0x2, 0x7d, 0x2, 0x10, 0xf6, 0x9, 0x0, 0x1, 0x5, 0x5, 0x3, 0x6, 0xfffff301, 0x8, 0x9, 0x9, 0x80000001, 0x7, 0x7, 0x6, 0x8, 0x8, 0x5, 0x2faf, 0x0, 0x1, 0x6, 0xd, 0x4, 0x80000001, 0xc2, 0x10001, 0x0, 0x3, 0x4, 0x16, 0x486, 0x2c, 0x7, 0x7, 0xb2, 0x7fff, 0x9, 0x5d, 0x8, 0xfac, 0xfe6, 0x5, 0x90f9, 0x1, 0x7, 0x81, 0xd43e, 0x7, 0x8001], [0x7, 0xcb47, 0x9056, 0xceb, 0x6, 0xdaf, 0x5, 0x7, 0x3a, 0x247, 0x40, 0x200, 0x40, 0x2, 0x1000, 0x0, 0x421b, 0xee37, 0x0, 0x1, 0x7ff, 0x2, 0x7fffffff, 0x7, 0x10003, 0x3, 0x7ff, 0x63, 0x46a78be1, 0x7fff, 0xa1, 0x6f8, 0xf, 0x9, 0x200, 0x9, 0x4, 0x0, 0x7, 0xebe, 0x8001, 0xf7f, 0x8, 0x100, 0x1, 0x8, 0x4, 0x6, 0x200, 0xf2, 0x7, 0x3, 0x10001, 0x101, 0x2, 0x8001, 0x100, 0x7fff, 0xb07, 0xdff, 0x1, 0x1, 0x40, 0x8], [0x9, 0x2, 0x9, 0xd, 0x41f, 0x37e0, 0x1, 0x3, 0x4, 0xc000000, 0x6, 0x4, 0x5, 0x2, 0x10000, 0x44, 0x8001, 0x7, 0x3ff, 0xb020, 0x3, 0x81, 0x2, 0x304, 0x9, 0x80000001, 0x0, 0x800, 0x3, 0x1, 0x5, 0x6, 0x4, 0x6, 0x10000, 0xfffffffd, 0x2, 0x7fffffff, 0x1fc00, 0x0, 0x1e6, 0x8, 0x3, 0x7, 0xe5e, 0x0, 0x9, 0x2e, 0x7, 0xff, 0x40, 0xfaa7, 0x3, 0xfffffff8, 0xa49, 0x10, 0x1ff, 0x1, 0x80000000, 0x18, 0xfff, 0x2af, 0x401, 0x1], [0x5, 0x8, 0xf, 0x2, 0x2, 0xc, 0x6, 0xbb7b, 0x5, 0x8000, 0x10, 0x89e6, 0x1, 0x7, 0x80002, 0x3, 0x4, 0x1, 0x2c5, 0x2, 0x10, 0x1, 0x3, 0x3, 0x2, 0x5, 0xb7, 0x80000003, 0x2000000, 0x800, 0x40, 0x3, 0x3, 0xffff8001, 0x40, 0x7ff, 0x0, 0x6, 0x7, 0x8, 0xf3c, 0x3, 0x0, 0x9, 0xfffff800, 0xc, 0xffffffff, 0x5, 0x73, 0x0, 0x9, 0xfffffff7, 0x4, 0x7, 0x1, 0x3, 0x9, 0x1, 0x3, 0x4000000, 0x7ffffffe, 0x2, 0xcf2, 0x5]}, 0x45c) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r6 = dup(r5) r7 = dup(r6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x1000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000000)={0x6000, 0x80600}) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2c, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x404, 0x58}}}}, [@NL80211_ATTR_MESH_CONFIG={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x200480c0) 2.128483567s ago: executing program 2 (id=426): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000040000000800000008", @ANYRESOCT], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000bc00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000400850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xe, 0x0, &(0x7f0000000040)="47ea198bfd0e9cd5e092a9be7e8e", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4) ftruncate(0xffffffffffffffff, 0x2) r2 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0) r3 = fsmount(r2, 0x1, 0x0) fchdir(r3) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x80, 0x1) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='nfsd\x00', 0x403, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000004, 0x28011, r4, 0x0) ftruncate(r4, 0x796c) setregid(0x0, 0xee01) faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x0) write$uinput_user_dev(r4, &(0x7f00000025c0)={'syz0\x00', {0x2, 0x7, 0x3, 0x7fff}, 0x14, [0x3, 0x5, 0x7, 0x9, 0xfffffffd, 0x736, 0x8001, 0x9, 0x401, 0x2, 0x7d, 0x2, 0x10, 0xf6, 0x9, 0x0, 0x1, 0x5, 0x5, 0x3, 0x6, 0xfffff301, 0x8, 0x9, 0x9, 0x80000001, 0x7, 0x7, 0x6, 0x8, 0x8, 0x5, 0x2faf, 0x0, 0x1, 0x6, 0xd, 0x4, 0x80000001, 0xc2, 0x10001, 0x0, 0x3, 0x4, 0x16, 0x486, 0x2c, 0x7, 0x7, 0xb2, 0x7fff, 0x9, 0x5d, 0x8, 0xfac, 0xfe6, 0x5, 0x90f9, 0x1, 0x7, 0x81, 0xd43e, 0x7, 0x8001], [0x7, 0xcb47, 0x9056, 0xceb, 0x6, 0xdaf, 0x5, 0x7, 0x3a, 0x247, 0x40, 0x200, 0x40, 0x2, 0x1000, 0x0, 0x421b, 0xee37, 0x0, 0x1, 0x7ff, 0x2, 0x7fffffff, 0x7, 0x10003, 0x3, 0x7ff, 0x63, 0x46a78be1, 0x7fff, 0xa1, 0x6f8, 0xf, 0x9, 0x200, 0x9, 0x4, 0x0, 0x7, 0xebe, 0x8001, 0xf7f, 0x8, 0x100, 0x1, 0x8, 0x4, 0x6, 0x200, 0xf2, 0x7, 0x3, 0x10001, 0x101, 0x2, 0x8001, 0x100, 0x7fff, 0xb07, 0xdff, 0x1, 0x1, 0x40, 0x8], [0x9, 0x2, 0x9, 0xd, 0x41f, 0x37e0, 0x1, 0x3, 0x4, 0xc000000, 0x6, 0x4, 0x5, 0x2, 0x10000, 0x44, 0x8001, 0x7, 0x3ff, 0xb020, 0x3, 0x81, 0x2, 0x304, 0x9, 0x80000001, 0x0, 0x800, 0x3, 0x1, 0x5, 0x6, 0x4, 0x6, 0x10000, 0xfffffffd, 0x2, 0x7fffffff, 0x1fc00, 0x0, 0x1e6, 0x8, 0x3, 0x7, 0xe5e, 0x0, 0x9, 0x2e, 0x7, 0xff, 0x40, 0xfaa7, 0x3, 0xfffffff8, 0xa49, 0x10, 0x1ff, 0x1, 0x80000000, 0x18, 0xfff, 0x2af, 0x401, 0x1], [0x5, 0x8, 0xf, 0x2, 0x2, 0xc, 0x6, 0xbb7b, 0x5, 0x8000, 0x10, 0x89e6, 0x1, 0x7, 0x80002, 0x3, 0x4, 0x1, 0x2c5, 0x2, 0x10, 0x1, 0x3, 0x3, 0x2, 0x5, 0xb7, 0x80000003, 0x2000000, 0x800, 0x40, 0x3, 0x3, 0xffff8001, 0x40, 0x7ff, 0x0, 0x6, 0x7, 0x8, 0xf3c, 0x3, 0x0, 0x9, 0xfffff800, 0xc, 0xffffffff, 0x5, 0x73, 0x0, 0x9, 0xfffffff7, 0x4, 0x7, 0x1, 0x3, 0x9, 0x1, 0x3, 0x4000000, 0x7ffffffe, 0x2, 0xcf2, 0x5]}, 0x45c) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2) r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r6 = dup(r5) r7 = dup(r6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r7, 0x1000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$BLKZEROOUT(r7, 0x127f, &(0x7f0000000000)={0x6000, 0x80600}) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0) openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x2c, 0x0, 0x8, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8}, @val={0xc, 0x99, {0x404, 0x58}}}}, [@NL80211_ATTR_MESH_CONFIG={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008000}, 0x200480c0) 1.111169914s ago: executing program 3 (id=482): sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0xcc, 0x2, 0x2, 0x201, 0x0, 0x0, {0x1, 0x0, 0x3}, [@CTA_EXPECT_CLASS={0x8, 0x9, 0x1, 0x0, 0x4}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_NAT={0x94, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}, @CTA_EXPECT_NAT_TUPLE={0x78, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x35}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x14, 0x4, @private1}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, @CTA_EXPECT_MASTER={0x0, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE]}]}, 0xcc}, 0x1, 0x0, 0x0, 0x81}, 0x800) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 1.110858942s ago: executing program 3 (id=483): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00') stat(&(0x7f0000005fc0)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r1, 0x5, 0x0, 0x2, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_DISABLE_VHT={0x4}]}, 0x2c}}, 0x0) 1.001126046s ago: executing program 3 (id=486): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) setrlimit(0x1, &(0x7f0000000000)) r0 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)="ae", 0x1, 0xffffffffffffffff) keyctl$read(0x2, r0, &(0x7f0000001940)=""/4086, 0xff6) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="05005b"], 0x24}}, 0x0) setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000140), 0x8) r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341) ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000200)) ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) write$P9_RVERSION(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff097b000008003950275b4a7a99737cc16a4b80703264a2065e05000000c7129a1337f9f92f344965943d035bf49b5045ca658f0000000000", @ANYRESOCT=0x0], 0x15) socket$nl_generic(0x10, 0x3, 0x10) r8 = dup(r2) write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r8, @ANYBLOB=',privport,access=', @ANYRESDEC=r9]) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.000723202s ago: executing program 3 (id=487): r0 = socket$kcm(0x2, 0x2, 0x73) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x10) clock_gettime(0x0, &(0x7f0000003f80)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000003d80)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/120, 0x78}, {&(0x7f0000000080)=""/194, 0xc2}, {&(0x7f0000000180)=""/159, 0x9f}, {&(0x7f0000000240)=""/32, 0x20}, {&(0x7f0000000280)=""/130, 0x82}, {&(0x7f0000000340)=""/81, 0x51}, {&(0x7f00000003c0)=""/187, 0xbb}, {&(0x7f0000000e40)=""/4096, 0x1000}, {&(0x7f0000000480)=""/65, 0x41}, {&(0x7f0000000500)=""/50, 0x32}], 0xa}, 0x9}, {{&(0x7f0000000680)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000700)=""/68, 0x44}, {&(0x7f0000000780)=""/154, 0x9a}, {&(0x7f0000000840)=""/51, 0x33}, {&(0x7f0000000880)=""/34, 0x22}, {&(0x7f00000008c0)=""/78, 0x4e}, {&(0x7f0000001e40)=""/4096, 0x1000}, {&(0x7f0000000940)=""/231, 0xe7}, {&(0x7f0000000a40)=""/253, 0xfd}, {&(0x7f0000000b40)=""/42, 0x2a}, {&(0x7f0000000b80)=""/100, 0x64}], 0xa, &(0x7f0000000cc0)=""/161, 0xa1}, 0x80}, {{&(0x7f0000000d80)=@ieee802154={0x24, @short}, 0x80, &(0x7f00000030c0)=[{&(0x7f0000002e40)=""/129, 0x81}, {&(0x7f0000002f00)=""/206, 0xce}, {&(0x7f0000003000)=""/69, 0x45}, {&(0x7f0000003080)=""/16, 0x10}], 0x4, &(0x7f0000003100)=""/68, 0x44}, 0x8}, {{&(0x7f0000003180)=@nl=@proc, 0x80, &(0x7f0000003380)=[{&(0x7f0000003200)=""/115, 0x73}, {&(0x7f0000003280)=""/154, 0x9a}, {&(0x7f0000003340)=""/37, 0x25}], 0x3, &(0x7f00000033c0)=""/83, 0x53}, 0xe}, {{&(0x7f0000003440)=@nfc, 0x80, &(0x7f0000003940)=[{&(0x7f00000034c0)=""/143, 0x8f}, {&(0x7f0000003580)=""/95, 0x5f}, {&(0x7f0000003600)=""/113, 0x71}, {&(0x7f0000003680)=""/234, 0xea}, {&(0x7f0000003780)=""/137, 0x89}, {&(0x7f0000003840)=""/214, 0xd6}], 0x6}, 0xa}, {{0x0, 0x0, 0x0}, 0xff}, {{0x0, 0x0, &(0x7f0000003ac0)=[{&(0x7f00000039c0)=""/202, 0xca}], 0x1, &(0x7f0000003b00)=""/14, 0xe}}, {{0x0, 0x0, &(0x7f0000003c80)=[{&(0x7f0000003b40)=""/223, 0xdf}, {&(0x7f0000003c40)=""/19, 0x13}], 0x2, &(0x7f0000003cc0)=""/157, 0x9d}, 0x3}], 0x8, 0x2, &(0x7f0000003fc0)={r1, r2+10000000}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r3, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="0200"}) capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued\x00', 0x275a, 0x0) fchmod(r4, 0x20049549e2a2d659) ftruncate(r4, 0x0) mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000e00)={[{@none}, {}]}) 581.264718ms ago: executing program 1 (id=494): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000a40), 0x42600, 0x0) openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000040)={0xf0f029, 0x1}) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0x70001, 0x0, [0x40000000000, 0x64f, 0x6, 0x6, 0xfffffffffffffffc, 0x4ffff, 0x29]}) syz_emit_ethernet(0x4e, &(0x7f0000001500)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f9edff", 0x18, 0x3a, 0x0, @remote, @mcast2, {[], @mld={0x18a, 0x0, 0x0, 0x1000, 0xffff, @loopback}}}}}}, 0x0) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000280), r4) sendmsg$NET_DM_CMD_STOP(r4, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x14, r5, 0x1, 0x70bd28, 0x25dfdbfc, {0x6}}, 0x14}}, 0x0) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000000)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e00f20c06635000000400f22c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x5b}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 378.153826ms ago: executing program 1 (id=496): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, &(0x7f0000001500)="267600410f01b00000000066b88e000f00d066420f3a14ce5736430f0164b107b805000000b9060000000f01c1f30f01330f015b7548b80c000000000000000f23d80f21f835800000000f23f8f30fc733", 0x51}], 0x1, 0x43, 0x0, 0x0) r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='[:]:/', 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e390202"], 0x3c) ioctl$KVM_RUN(r2, 0xae80, 0x0) syz_emit_vhci(&(0x7f0000000040)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) 270.064858ms ago: executing program 1 (id=498): r0 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x40000) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) ioctl$SG_IO(r0, 0x2285, &(0x7f0000000440)={0x53, 0x0, 0x6, 0x0, @buffer={0xffef, 0x0, 0x0}, &(0x7f0000000380)="851666ce20db", 0x0, 0x10, 0x3b, 0x0, 0x0}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vcan0\x00'}) 269.98176ms ago: executing program 0 (id=499): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000020000002e00000008000300", @ANYRES32=r2, @ANYBLOB="0a00340002020202020200001000b00020001d4c87fa6249a6050700"], 0x38}}, 0x0) 201.448788ms ago: executing program 0 (id=500): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x328, 0x0, 0x111, 0x4b4, 0x120, 0xd4feffff, 0x258, 0x20a, 0x278, 0x258, 0x278, 0x3, 0x0, {[{{@ipv6={@private0, @empty, [], [], 'syz_tun\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xf8, 0x120, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @local, [], [], 'netdevsim0\x00', 'veth1_to_bridge\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@nfacct={{0x48}, {'syz1\x00'}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'snmp\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x388) r2 = gettid() clock_nanosleep(0x7, 0x0, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080)) tkill(r2, 0x7) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x1000, {0x0, 0x0, 0x0, 0x0, 0x88affda4, 0x22d11}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x3}]}}}]}, 0x3c}}, 0xc004) 101.250352ms ago: executing program 0 (id=501): sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="f8000000020201020000000000000000010000030800094000000004180003800c00028005000100880400000c000280050001000600000006000340000300000c000280050001008800000094000a800800014000000000080001400000000108000140000000017800028006000340000000000c00028005000100010000002c00018014000300fe8000000000000000000000000000bb14000400fe8000000000000000000000000000352c00018014000300fe88000000000000000000000000010114000400fc0100000000000000000000000000000600034000030000180001801400018008000100ac1414aa08000200ffffffff"], 0xf8}, 0x1, 0x0, 0x0, 0x81}, 0x800) r0 = socket$kcm(0x10, 0x2, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0) r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x40, 0x0) ioctl$LOOP_CTL_ADD(r1, 0x4c80, 0x0) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0) 101.03308ms ago: executing program 3 (id=502): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}, 0x1, 0xfffffffffffffff5}, 0x0) 100.789388ms ago: executing program 1 (id=503): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x8000}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}]}}]}, 0x44}}, 0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0) (fail_nth: 32) 100.390308ms ago: executing program 3 (id=504): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="b0000000000000008d15c937040795e9ec68ba339b8fd15e58983b3da942"], 0xb0) getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r3]) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (fail_nth: 16) 100.178617ms ago: executing program 0 (id=505): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) (async) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) (async) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) ioctl$SG_SET_FORCE_PACK_ID(r4, 0x227b, &(0x7f00000001c0)=0x2001) (async) readv(r4, &(0x7f0000000480)=[{&(0x7f0000000000)=""/246, 0xf6}], 0x1) (async) sendmsg$NL80211_CMD_STOP_NAN(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x28, r2, 0x200, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x81, 0x5e}}}}, ["", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x2001}, 0x20044004) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0) sendmsg$NL80211_CMD_LEAVE_OCB(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="14000000", @ANYRES16=r5, @ANYBLOB="db43d01417a28115d12bdba21a5f5cd3097cd35f62"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4000091) (async) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0x2) ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000001c0)=0x3) (async) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) (async) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)={0x2c, r8, 0xf11, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x4}, @NL80211_ATTR_CQM_RSSI_HYST={0x8}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20000004}, 0x0) 11.353229ms ago: executing program 0 (id=506): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0) (fail_nth: 29) 10.58264ms ago: executing program 1 (id=507): r0 = socket(0x2a, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newqdisc={0x24}, 0x24}}, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000b00)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7, 0x8000}}]}}]}, 0x48}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0x4}, {}, {0x8, 0xe}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xf1, 0x4, 0x4}]}}]}}]}, 0x44}}, 0x14) r2 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x6000000) 171.879µs ago: executing program 1 (id=508): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x3c, 0x10, 0x401, 0x0, 0xffc3, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}]}}}]}, 0x3c}}, 0x0) 0s ago: executing program 0 (id=509): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f00000014c0)=[@text64={0x40, &(0x7f0000001500)="267600410f01b00000000066b88e000f00d066420f3a14ce5736430f0164b107b805000000b9060000000f01c1f30f01330f015b7548b80c000000000000000f23d80f21f835800000000f23f8f30fc733", 0x51}], 0x1, 0x43, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYRES8=r0], 0x3c) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) get_mempolicy(0x0, &(0x7f0000000440), 0x4000, &(0x7f0000fff000/0x1000)=nil, 0x2) ioctl$KVM_X86_SET_MCE(r3, 0x4040ae9e, &(0x7f0000000000)={0x300000000000000, 0x8000000, 0x5, 0x4, 0x1a}) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): has invalid maxpacket 32 [ 64.340601][ T5976] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 64.354187][ T5976] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 64.357080][ T5976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.563656][ T5976] usb 5-1: GET_CAPABILITIES returned 0 [ 64.565350][ T5976] usbtmc 5-1:16.0: can't read capabilities [ 64.771181][ T5976] usb 5-1: USB disconnect, device number 2 [ 65.096430][ T6693] SELinux: Context system_u:object_r:random_device_t:s0 is not valid (left unmapped). [ 65.310797][ T6710] bridge_slave_0: left allmulticast mode [ 65.312588][ T6710] bridge_slave_0: left promiscuous mode [ 65.314718][ T6710] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.318703][ T6710] bridge_slave_1: left allmulticast mode [ 65.320497][ T6710] bridge_slave_1: left promiscuous mode [ 65.322325][ T6710] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.327767][ T6710] bond0: (slave bond_slave_0): Releasing backup interface [ 65.332877][ T6710] bond0: (slave bond_slave_1): Releasing backup interface [ 65.347582][ T6710] team0: Port device team_slave_0 removed [ 65.354407][ T6710] team0: Port device team_slave_1 removed [ 65.356597][ T6710] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.359634][ T6710] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.363872][ T6710] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.367169][ T6710] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.489518][ T1145] Bluetooth: hci4: Frame reassembly failed (-84) [ 65.491844][ T1145] Bluetooth: hci4: Frame reassembly failed (-84) [ 65.513241][ T6726] FAULT_INJECTION: forcing a failure. [ 65.513241][ T6726] name failslab, interval 1, probability 0, space 0, times 0 [ 65.519879][ T6726] CPU: 3 UID: 0 PID: 6726 Comm: syz.0.247 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 65.519894][ T6726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 65.519901][ T6726] Call Trace: [ 65.519905][ T6726] [ 65.519909][ T6726] dump_stack_lvl+0x16c/0x1f0 [ 65.519942][ T6726] should_fail_ex+0x512/0x640 [ 65.519959][ T6726] ? fs_reclaim_acquire+0xae/0x150 [ 65.519975][ T6726] ? tomoyo_encode2+0x100/0x3e0 [ 65.519990][ T6726] should_failslab+0xc2/0x120 [ 65.520002][ T6726] __kmalloc_noprof+0xd2/0x510 [ 65.520022][ T6726] tomoyo_encode2+0x100/0x3e0 [ 65.520038][ T6726] tomoyo_encode+0x29/0x50 [ 65.520052][ T6726] tomoyo_mount_acl+0x144/0x850 [ 65.520065][ T6726] ? kernel_text_address+0x8d/0x100 [ 65.520078][ T6726] ? __kernel_text_address+0xd/0x40 [ 65.520089][ T6726] ? unwind_get_return_address+0x59/0xa0 [ 65.520102][ T6726] ? arch_stack_walk+0xa6/0x100 [ 65.520116][ T6726] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 65.520144][ T6726] ? tomoyo_domain+0xbb/0x150 [ 65.520153][ T6726] ? tomoyo_profile+0x47/0x60 [ 65.520171][ T6726] tomoyo_mount_permission+0x16d/0x420 [ 65.520184][ T6726] ? tomoyo_mount_permission+0x14f/0x420 [ 65.520199][ T6726] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 65.520221][ T6726] security_sb_mount+0x9b/0x260 [ 65.520235][ T6726] path_mount+0x128/0x1f20 [ 65.520247][ T6726] ? kmem_cache_free+0x2d4/0x4d0 [ 65.520263][ T6726] ? __pfx_path_mount+0x10/0x10 [ 65.520276][ T6726] ? putname+0x154/0x1a0 [ 65.520288][ T6726] __x64_sys_mount+0x28d/0x310 [ 65.520299][ T6726] ? __pfx___x64_sys_mount+0x10/0x10 [ 65.520310][ T6726] ? rcu_is_watching+0x12/0xc0 [ 65.520326][ T6726] do_syscall_64+0xcd/0x260 [ 65.520341][ T6726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 65.520352][ T6726] RIP: 0033:0x7f9ed658e969 [ 65.520360][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 65.520371][ T6726] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 65.520382][ T6726] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 65.520388][ T6726] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 65.520395][ T6726] RBP: 00007f9ed7322090 R08: 0000200000000080 R09: 0000000000000000 [ 65.520401][ T6726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 65.520407][ T6726] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 65.520420][ T6726] [ 66.050460][ T6734] cgroup: No subsys list or none specified [ 66.229770][ T6741] 9pnet: Could not find request transport: fd0x0000000000000003 [ 66.397061][ T6752] netlink: 'syz.3.257': attribute type 1 has an invalid length. [ 66.422144][ T6752] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address [ 66.425700][ T6752] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode [ 66.432081][ T6752] bond1: (slave wireguard0): making interface the new active one [ 66.435856][ T6752] bond1: (slave wireguard0): Enslaving as an active interface with an up link [ 66.499307][ T6756] netlink: 'syz.1.258': attribute type 9 has an invalid length. [ 66.501831][ T6756] __nla_validate_parse: 7 callbacks suppressed [ 66.501839][ T6756] netlink: 212012 bytes leftover after parsing attributes in process `syz.1.258'. [ 66.582814][ T6760] FAULT_INJECTION: forcing a failure. [ 66.582814][ T6760] name failslab, interval 1, probability 0, space 0, times 0 [ 66.586721][ T6760] CPU: 0 UID: 0 PID: 6760 Comm: syz.0.260 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 66.586735][ T6760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.586742][ T6760] Call Trace: [ 66.586746][ T6760] [ 66.586750][ T6760] dump_stack_lvl+0x16c/0x1f0 [ 66.586767][ T6760] should_fail_ex+0x512/0x640 [ 66.586781][ T6760] ? __kmalloc_noprof+0xbf/0x510 [ 66.586799][ T6760] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 66.586814][ T6760] should_failslab+0xc2/0x120 [ 66.586825][ T6760] __kmalloc_noprof+0xd2/0x510 [ 66.586843][ T6760] ? avc_has_perm_noaudit+0x149/0x3b0 [ 66.586862][ T6760] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 66.586880][ T6760] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 66.586894][ T6760] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 66.586913][ T6760] ? bpf_lsm_capable+0x9/0x10 [ 66.586929][ T6760] ? security_capable+0x7e/0x260 [ 66.586941][ T6760] ? ns_capable+0xd7/0x110 [ 66.586955][ T6760] genl_rcv_msg+0x55c/0x800 [ 66.586970][ T6760] ? __pfx_genl_rcv_msg+0x10/0x10 [ 66.586983][ T6760] ? __pfx___dev_queue_xmit+0x10/0x10 [ 66.586998][ T6760] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 66.587012][ T6760] ? __pfx_nl80211_connect+0x10/0x10 [ 66.587021][ T6760] ? __pfx_nl80211_post_doit+0x10/0x10 [ 66.587047][ T6760] ? __lock_acquire+0xaa4/0x1ba0 [ 66.587066][ T6760] netlink_rcv_skb+0x16a/0x440 [ 66.587079][ T6760] ? __pfx_genl_rcv_msg+0x10/0x10 [ 66.587093][ T6760] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 66.587110][ T6760] ? __pfx_down_read+0x10/0x10 [ 66.587126][ T6760] ? netlink_deliver_tap+0x1ae/0xd30 [ 66.587139][ T6760] genl_rcv+0x28/0x40 [ 66.587150][ T6760] netlink_unicast+0x53a/0x7f0 [ 66.587164][ T6760] ? __pfx_netlink_unicast+0x10/0x10 [ 66.587179][ T6760] netlink_sendmsg+0x8d1/0xdd0 [ 66.587193][ T6760] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.587210][ T6760] ____sys_sendmsg+0xa95/0xc70 [ 66.587224][ T6760] ? copy_msghdr_from_user+0x10a/0x160 [ 66.587234][ T6760] ? __pfx_____sys_sendmsg+0x10/0x10 [ 66.587253][ T6760] ___sys_sendmsg+0x134/0x1d0 [ 66.587264][ T6760] ? __pfx____sys_sendmsg+0x10/0x10 [ 66.587295][ T6760] __sys_sendmsg+0x16d/0x220 [ 66.587305][ T6760] ? __pfx___sys_sendmsg+0x10/0x10 [ 66.587320][ T6760] ? rcu_is_watching+0x12/0xc0 [ 66.587336][ T6760] do_syscall_64+0xcd/0x260 [ 66.587351][ T6760] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.587362][ T6760] RIP: 0033:0x7f9ed658e969 [ 66.587370][ T6760] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.587381][ T6760] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 66.587391][ T6760] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 66.587398][ T6760] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 66.587404][ T6760] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 66.587410][ T6760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 66.587416][ T6760] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 66.587429][ T6760] [ 66.760276][ T6766] netlink: 'syz.0.262': attribute type 9 has an invalid length. [ 66.762456][ T6766] netlink: 212012 bytes leftover after parsing attributes in process `syz.0.262'. [ 66.811427][ T6768] 9pnet: Could not find request transport: fd0x0000000000000003 [ 66.840234][ T6771] FAULT_INJECTION: forcing a failure. [ 66.840234][ T6771] name failslab, interval 1, probability 0, space 0, times 0 [ 66.844205][ T6771] CPU: 1 UID: 0 PID: 6771 Comm: syz.0.264 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 66.844221][ T6771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.844228][ T6771] Call Trace: [ 66.844232][ T6771] [ 66.844236][ T6771] dump_stack_lvl+0x16c/0x1f0 [ 66.844254][ T6771] should_fail_ex+0x512/0x640 [ 66.844268][ T6771] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 66.844288][ T6771] should_failslab+0xc2/0x120 [ 66.844299][ T6771] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 66.844315][ T6771] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.844336][ T6771] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 66.844351][ T6771] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 66.844371][ T6771] idr_get_free+0x528/0xa30 [ 66.844398][ T6771] idr_alloc_u32+0x190/0x2f0 [ 66.844414][ T6771] ? __pfx_idr_alloc_u32+0x10/0x10 [ 66.844427][ T6771] ? tcf_exts_init_ex+0x1bc/0x610 [ 66.844446][ T6771] cls_bpf_change+0x507/0x1f50 [ 66.844468][ T6771] ? find_held_lock+0x2b/0x80 [ 66.844481][ T6771] ? __pfx_cls_bpf_change+0x10/0x10 [ 66.844493][ T6771] ? tc_new_tfilter+0x1e00/0x2340 [ 66.844507][ T6771] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 66.844529][ T6771] ? __pfx_cls_bpf_change+0x10/0x10 [ 66.844542][ T6771] tc_new_tfilter+0xa32/0x2340 [ 66.844562][ T6771] ? __pfx_tc_new_tfilter+0x10/0x10 [ 66.844579][ T6771] ? __lock_acquire+0x5ca/0x1ba0 [ 66.844601][ T6771] ? find_held_lock+0x2b/0x80 [ 66.844613][ T6771] ? __pfx_tc_new_tfilter+0x10/0x10 [ 66.844624][ T6771] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 66.844636][ T6771] ? __pfx_tc_new_tfilter+0x10/0x10 [ 66.844648][ T6771] rtnetlink_rcv_msg+0x95b/0xe90 [ 66.844660][ T6771] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 66.844678][ T6771] netlink_rcv_skb+0x16a/0x440 [ 66.844690][ T6771] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 66.844701][ T6771] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 66.844723][ T6771] ? netlink_deliver_tap+0x1ae/0xd30 [ 66.844737][ T6771] netlink_unicast+0x53a/0x7f0 [ 66.844750][ T6771] ? __pfx_netlink_unicast+0x10/0x10 [ 66.844765][ T6771] netlink_sendmsg+0x8d1/0xdd0 [ 66.844779][ T6771] ? __pfx_netlink_sendmsg+0x10/0x10 [ 66.844795][ T6771] ____sys_sendmsg+0xa95/0xc70 [ 66.844809][ T6771] ? copy_msghdr_from_user+0x10a/0x160 [ 66.844819][ T6771] ? __pfx_____sys_sendmsg+0x10/0x10 [ 66.844834][ T6771] ? kfree+0x252/0x4d0 [ 66.844847][ T6771] ? __pfx__kstrtoull+0x10/0x10 [ 66.844861][ T6771] ___sys_sendmsg+0x134/0x1d0 [ 66.844871][ T6771] ? __pfx____sys_sendmsg+0x10/0x10 [ 66.844893][ T6771] ? __pfx___might_resched+0x10/0x10 [ 66.844910][ T6771] __sys_sendmmsg+0x200/0x420 [ 66.844922][ T6771] ? __pfx___sys_sendmmsg+0x10/0x10 [ 66.844936][ T6771] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 66.844955][ T6771] ? fput+0x70/0xf0 [ 66.844966][ T6771] ? ksys_write+0x1b9/0x240 [ 66.844981][ T6771] ? __pfx_ksys_write+0x10/0x10 [ 66.844999][ T6771] __x64_sys_sendmmsg+0x9c/0x100 [ 66.845009][ T6771] ? lockdep_hardirqs_on+0x7c/0x110 [ 66.845022][ T6771] do_syscall_64+0xcd/0x260 [ 66.845036][ T6771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 66.845047][ T6771] RIP: 0033:0x7f9ed658e969 [ 66.845056][ T6771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 66.845067][ T6771] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 66.845078][ T6771] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 66.845084][ T6771] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 66.845091][ T6771] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 66.845097][ T6771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 66.845103][ T6771] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 66.845116][ T6771] [ 66.958464][ C1] vkms_vblank_simulate: vblank timer overrun [ 67.185408][ T6780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.268'. [ 67.201684][ T6780] binder: 6779:6780 ioctl c018620c 200000000000 returned -1 [ 67.244102][ T6785] netlink: 32 bytes leftover after parsing attributes in process `syz.3.270'. [ 67.245582][ T6786] netlink: 'syz.0.271': attribute type 10 has an invalid length. [ 67.247608][ T6785] netlink: 'syz.3.270': attribute type 1 has an invalid length. [ 67.252539][ T6785] netlink: 15 bytes leftover after parsing attributes in process `syz.3.270'. [ 67.253705][ T6786] FAULT_INJECTION: forcing a failure. [ 67.253705][ T6786] name failslab, interval 1, probability 0, space 0, times 0 [ 67.261135][ T6786] CPU: 2 UID: 0 PID: 6786 Comm: syz.0.271 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 67.261159][ T6786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.261169][ T6786] Call Trace: [ 67.261176][ T6786] [ 67.261182][ T6786] dump_stack_lvl+0x16c/0x1f0 [ 67.261207][ T6786] should_fail_ex+0x512/0x640 [ 67.261235][ T6786] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 67.261265][ T6786] should_failslab+0xc2/0x120 [ 67.261283][ T6786] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 67.261310][ T6786] ? __d_alloc+0x31/0xaa0 [ 67.261330][ T6786] __d_alloc+0x31/0xaa0 [ 67.261350][ T6786] d_alloc+0x4a/0x1e0 [ 67.261366][ T6786] d_alloc_parallel+0xe3/0x12e0 [ 67.261388][ T6786] ? __lock_acquire+0xaa4/0x1ba0 [ 67.261422][ T6786] ? __pfx_d_alloc_parallel+0x10/0x10 [ 67.261446][ T6786] ? lockdep_init_map_type+0x5c/0x280 [ 67.261470][ T6786] ? lockdep_init_map_type+0x5c/0x280 [ 67.261499][ T6786] __lookup_slow+0x193/0x460 [ 67.261519][ T6786] ? __pfx___lookup_slow+0x10/0x10 [ 67.261541][ T6786] ? pcpu_block_update_hint_alloc+0x310/0xb80 [ 67.261572][ T6786] ? pcpu_block_update_hint_alloc+0x310/0xb80 [ 67.261599][ T6786] ? d_lookup+0xe7/0x190 [ 67.261625][ T6786] lookup_one_len+0x17f/0x1b0 [ 67.261646][ T6786] ? __pfx_lookup_one_len+0x10/0x10 [ 67.261668][ T6786] ? mntput+0x10/0x90 [ 67.261695][ T6786] start_creating.part.0+0x12f/0x3a0 [ 67.261722][ T6786] __debugfs_create_file+0xa7/0x6b0 [ 67.261749][ T6786] debugfs_create_file_unsafe+0x3c/0x50 [ 67.261777][ T6786] debugfs_create_u32+0x70/0xa0 [ 67.261799][ T6786] ? __pfx_mac80211_hwsim_link_add_debugfs+0x10/0x10 [ 67.261827][ T6786] ieee80211_link_debugfs_drv_add+0x3ef/0x570 [ 67.261852][ T6786] drv_add_interface+0x7e5/0x960 [ 67.261874][ T6786] ieee80211_do_open+0x123c/0x1fc0 [ 67.261899][ T6786] ieee80211_open+0x189/0x210 [ 67.261917][ T6786] ? __pfx_ieee80211_open+0x10/0x10 [ 67.261937][ T6786] __dev_open+0x2e4/0x7d0 [ 67.261962][ T6786] ? __pfx___dev_open+0x10/0x10 [ 67.262009][ T6786] ? netif_set_mac_address+0x212/0x4a0 [ 67.262028][ T6786] ? __pfx_netif_set_mac_address+0x10/0x10 [ 67.262049][ T6786] netif_open+0xf2/0x160 [ 67.262073][ T6786] ? __pfx_netif_open+0x10/0x10 [ 67.262105][ T6786] dev_open+0xb2/0x260 [ 67.262125][ T6786] bond_enslave+0x9f3/0x6050 [ 67.262157][ T6786] ? console_lock_spinning_disable_and_check+0x100/0x180 [ 67.262177][ T6786] ? console_lock_spinning_disable_and_check+0x100/0x180 [ 67.262199][ T6786] ? __pfx_bond_enslave+0x10/0x10 [ 67.262222][ T6786] ? lock_acquire+0x179/0x350 [ 67.262252][ T6786] ? do_raw_spin_lock+0x12c/0x2b0 [ 67.262284][ T6786] ? __pfx___dev_change_flags+0x10/0x10 [ 67.262309][ T6786] ? validate_linkmsg+0x57c/0xb60 [ 67.262329][ T6786] ? __pfx_bond_enslave+0x10/0x10 [ 67.262348][ T6786] do_set_master+0x40c/0x730 [ 67.262372][ T6786] ? netif_change_flags+0x70/0x160 [ 67.262392][ T6786] do_setlink.constprop.0+0xe66/0x44b0 [ 67.262415][ T6786] ? __lock_acquire+0xaa4/0x1ba0 [ 67.262439][ T6786] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 67.262458][ T6786] ? find_held_lock+0x2b/0x80 [ 67.262481][ T6786] ? __mutex_trylock_common+0xe9/0x250 [ 67.262506][ T6786] ? __pfx___mutex_trylock_common+0x10/0x10 [ 67.262533][ T6786] ? __pfx___might_resched+0x10/0x10 [ 67.262556][ T6786] ? rcu_is_watching+0x12/0xc0 [ 67.262575][ T6786] ? trace_contention_end+0xdd/0x130 [ 67.262601][ T6786] ? __mutex_lock+0x1ca/0xb90 [ 67.262625][ T6786] ? rtnl_newlink+0x600/0x2000 [ 67.262643][ T6786] ? __pfx___mutex_lock+0x10/0x10 [ 67.262664][ T6786] ? cap_capable+0xb3/0x250 [ 67.262692][ T6786] ? netlink_ns_capable+0xfa/0x130 [ 67.262713][ T6786] rtnl_newlink+0x1446/0x2000 [ 67.262739][ T6786] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.262754][ T6786] ? find_held_lock+0x2b/0x80 [ 67.262774][ T6786] ? avc_has_perm_noaudit+0x117/0x3b0 [ 67.262806][ T6786] ? avc_has_perm_noaudit+0x149/0x3b0 [ 67.262839][ T6786] ? __lock_acquire+0x5ca/0x1ba0 [ 67.262876][ T6786] ? find_held_lock+0x2b/0x80 [ 67.262894][ T6786] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.262909][ T6786] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.262924][ T6786] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 67.262942][ T6786] ? __pfx_rtnl_newlink+0x10/0x10 [ 67.262959][ T6786] rtnetlink_rcv_msg+0x95b/0xe90 [ 67.262979][ T6786] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 67.263008][ T6786] netlink_rcv_skb+0x16a/0x440 [ 67.263027][ T6786] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 67.263045][ T6786] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 67.263078][ T6786] ? netlink_deliver_tap+0x1ae/0xd30 [ 67.263101][ T6786] netlink_unicast+0x53a/0x7f0 [ 67.263123][ T6786] ? __pfx_netlink_unicast+0x10/0x10 [ 67.263149][ T6786] netlink_sendmsg+0x8d1/0xdd0 [ 67.263172][ T6786] ? __pfx_netlink_sendmsg+0x10/0x10 [ 67.263201][ T6786] ____sys_sendmsg+0xa95/0xc70 [ 67.263223][ T6786] ? copy_msghdr_from_user+0x10a/0x160 [ 67.263245][ T6786] ? __pfx_____sys_sendmsg+0x10/0x10 [ 67.263278][ T6786] ___sys_sendmsg+0x134/0x1d0 [ 67.263296][ T6786] ? __pfx____sys_sendmsg+0x10/0x10 [ 67.263345][ T6786] __sys_sendmsg+0x16d/0x220 [ 67.263362][ T6786] ? __pfx___sys_sendmsg+0x10/0x10 [ 67.263386][ T6786] ? rcu_is_watching+0x12/0xc0 [ 67.263412][ T6786] do_syscall_64+0xcd/0x260 [ 67.263436][ T6786] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 67.263453][ T6786] RIP: 0033:0x7f9ed658e969 [ 67.263467][ T6786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 67.263483][ T6786] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 67.263499][ T6786] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 67.263510][ T6786] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 67.263520][ T6786] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 67.263530][ T6786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 67.263540][ T6786] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 67.263563][ T6786] [ 67.275036][ T6786] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 67.282905][ T6788] overlayfs: missing 'lowerdir' [ 67.328092][ T6790] 9pnet: Could not find request transport: fd0x0000000000000003 [ 67.504491][ T67] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 67.633876][ T6816] 9pnet_fd: Insufficient options for proto=fd [ 67.639758][ T6814] bond0: (slave wlan1): Releasing backup interface [ 67.642686][ T6814] mac80211_hwsim hwsim5 wlan1: left allmulticast mode [ 67.651724][ T6818] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 33554432, id = 0 [ 67.688515][ T40] kauditd_printk_skb: 36 callbacks suppressed [ 67.688530][ T40] audit: type=1326 audit(1745984669.173:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6821 comm="syz.3.285" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b0b18e969 code=0x0 [ 67.739960][ T40] audit: type=1326 audit(1745984669.223:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6821 comm="syz.3.285" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0b0b18e969 code=0x0 [ 67.797809][ T6834] netlink: 'syz.2.288': attribute type 1 has an invalid length. [ 67.800273][ T6834] netlink: 224 bytes leftover after parsing attributes in process `syz.2.288'. [ 67.804228][ T6834] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'. [ 67.816472][ T6834] ufs: Invalid option: "grpquota" or missing value [ 67.821675][ T6834] ufs: wrong mount options [ 68.007527][ T6844] 9pnet_fd: Insufficient options for proto=fd [ 68.041451][ T6847] MTD: Attempt to mount non-MTD device "/dev/sr0" [ 68.052051][ T6847] cramfs: wrong magic [ 68.057955][ T6850] FAULT_INJECTION: forcing a failure. [ 68.057955][ T6850] name failslab, interval 1, probability 0, space 0, times 0 [ 68.061771][ T6850] CPU: 2 UID: 0 PID: 6850 Comm: syz.1.294 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 68.061785][ T6850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.061792][ T6850] Call Trace: [ 68.061795][ T6850] [ 68.061799][ T6850] dump_stack_lvl+0x16c/0x1f0 [ 68.061817][ T6850] should_fail_ex+0x512/0x640 [ 68.061831][ T6850] ? fs_reclaim_acquire+0xae/0x150 [ 68.061846][ T6850] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 68.061862][ T6850] should_failslab+0xc2/0x120 [ 68.061873][ T6850] __kmalloc_noprof+0xd2/0x510 [ 68.061891][ T6850] ? trace_kmalloc+0x2b/0xd0 [ 68.061901][ T6850] ? __kmalloc_noprof+0x242/0x510 [ 68.061920][ T6850] tomoyo_realpath_from_path+0xc2/0x6e0 [ 68.061936][ T6850] ? tomoyo_fill_path_info+0x233/0x420 [ 68.061949][ T6850] tomoyo_mount_acl+0x1ae/0x850 [ 68.061977][ T6850] ? kernel_text_address+0x8d/0x100 [ 68.061991][ T6850] ? __kernel_text_address+0xd/0x40 [ 68.062003][ T6850] ? unwind_get_return_address+0x59/0xa0 [ 68.062016][ T6850] ? arch_stack_walk+0xa6/0x100 [ 68.062030][ T6850] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 68.062059][ T6850] ? tomoyo_domain+0xbb/0x150 [ 68.062067][ T6850] ? tomoyo_profile+0x47/0x60 [ 68.062085][ T6850] tomoyo_mount_permission+0x16d/0x420 [ 68.062099][ T6850] ? tomoyo_mount_permission+0x14f/0x420 [ 68.062113][ T6850] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 68.062135][ T6850] security_sb_mount+0x9b/0x260 [ 68.062149][ T6850] path_mount+0x128/0x1f20 [ 68.062161][ T6850] ? kmem_cache_free+0x2d4/0x4d0 [ 68.062177][ T6850] ? __pfx_path_mount+0x10/0x10 [ 68.062189][ T6850] ? putname+0x154/0x1a0 [ 68.062202][ T6850] __x64_sys_mount+0x28d/0x310 [ 68.062213][ T6850] ? __pfx___x64_sys_mount+0x10/0x10 [ 68.062228][ T6850] do_syscall_64+0xcd/0x260 [ 68.062243][ T6850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.062254][ T6850] RIP: 0033:0x7f6ad378e969 [ 68.062264][ T6850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.062274][ T6850] RSP: 002b:00007f6ad4578038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 68.062284][ T6850] RAX: ffffffffffffffda RBX: 00007f6ad39b5fa0 RCX: 00007f6ad378e969 [ 68.062291][ T6850] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 68.062297][ T6850] RBP: 00007f6ad4578090 R08: 0000200000000080 R09: 0000000000000000 [ 68.062304][ T6850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.062310][ T6850] R13: 0000000000000000 R14: 00007f6ad39b5fa0 R15: 00007ffdcdf9e228 [ 68.062323][ T6850] [ 68.062327][ T6850] ERROR: Out of memory at tomoyo_realpath_from_path. [ 68.111301][ T6852] overlayfs: statfs failed on './file0' [ 68.289918][ T40] audit: type=1400 audit(1745984669.773:375): avc: denied { read } for pid=6855 comm="syz.2.297" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 68.426238][ T40] audit: type=1400 audit(1745984669.913:376): avc: denied { write } for pid=6865 comm="syz.2.301" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1 [ 68.431525][ T6866] tmpfs: Bad value for 'mpol' [ 68.433309][ T40] audit: type=1400 audit(1745984669.913:377): avc: denied { mount } for pid=6865 comm="syz.2.301" name="/" dev="autofs" ino=14633 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 68.433344][ T40] audit: type=1400 audit(1745984669.913:378): avc: denied { read } for pid=6865 comm="syz.2.301" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 68.479441][ T40] audit: type=1400 audit(1745984669.963:379): avc: denied { append } for pid=6867 comm="syz.0.302" name="event1" dev="devtmpfs" ino=942 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 68.507850][ T40] audit: type=1400 audit(1745984669.993:380): avc: denied { unmount } for pid=5941 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1 [ 68.533671][ T6871] 9pnet_fd: Insufficient options for proto=fd [ 68.599910][ T6876] FAULT_INJECTION: forcing a failure. [ 68.599910][ T6876] name failslab, interval 1, probability 0, space 0, times 0 [ 68.600938][ T6877] netlink: 'syz.2.306': attribute type 9 has an invalid length. [ 68.604590][ T6876] CPU: 1 UID: 0 PID: 6876 Comm: syz.3.305 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 68.604613][ T6876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.604623][ T6876] Call Trace: [ 68.604629][ T6876] [ 68.604635][ T6876] dump_stack_lvl+0x16c/0x1f0 [ 68.604659][ T6876] should_fail_ex+0x512/0x640 [ 68.604678][ T6876] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 68.604706][ T6876] should_failslab+0xc2/0x120 [ 68.604722][ T6876] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 68.604746][ T6876] ? __alloc_skb+0x2b2/0x380 [ 68.604769][ T6876] ? bpf_lsm_capable+0x9/0x10 [ 68.604793][ T6876] __alloc_skb+0x2b2/0x380 [ 68.604809][ T6876] ? __pfx___alloc_skb+0x10/0x10 [ 68.604825][ T6876] ? genl_rcv_msg+0x4b0/0x800 [ 68.604838][ T6876] ? genl_rcv_msg+0x4bb/0x800 [ 68.604855][ T6876] netlink_ack+0x15d/0xb80 [ 68.604867][ T6876] ? __lock_acquire+0xaa4/0x1ba0 [ 68.604886][ T6876] netlink_rcv_skb+0x347/0x440 [ 68.604900][ T6876] ? __pfx_genl_rcv_msg+0x10/0x10 [ 68.604920][ T6876] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 68.604947][ T6876] ? __pfx_down_read+0x10/0x10 [ 68.604970][ T6876] ? netlink_deliver_tap+0x1ae/0xd30 [ 68.604989][ T6876] genl_rcv+0x28/0x40 [ 68.605006][ T6876] netlink_unicast+0x53a/0x7f0 [ 68.605025][ T6876] ? __pfx_netlink_unicast+0x10/0x10 [ 68.605049][ T6876] netlink_sendmsg+0x8d1/0xdd0 [ 68.605070][ T6876] ? __pfx_netlink_sendmsg+0x10/0x10 [ 68.605096][ T6876] ____sys_sendmsg+0xa95/0xc70 [ 68.605116][ T6876] ? copy_msghdr_from_user+0x10a/0x160 [ 68.605130][ T6876] ? __pfx_____sys_sendmsg+0x10/0x10 [ 68.605161][ T6876] ___sys_sendmsg+0x134/0x1d0 [ 68.605178][ T6876] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.605241][ T6876] __sys_sendmsg+0x16d/0x220 [ 68.605256][ T6876] ? __pfx___sys_sendmsg+0x10/0x10 [ 68.605278][ T6876] ? rcu_is_watching+0x12/0xc0 [ 68.605303][ T6876] do_syscall_64+0xcd/0x260 [ 68.605324][ T6876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.605340][ T6876] RIP: 0033:0x7f0b0b18e969 [ 68.605352][ T6876] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.605367][ T6876] RSP: 002b:00007f0b0bfcb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 68.605377][ T6876] RAX: ffffffffffffffda RBX: 00007f0b0b3b5fa0 RCX: 00007f0b0b18e969 [ 68.605384][ T6876] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 68.605390][ T6876] RBP: 00007f0b0bfcb090 R08: 0000000000000000 R09: 0000000000000000 [ 68.605397][ T6876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 68.605403][ T6876] R13: 0000000000000000 R14: 00007f0b0b3b5fa0 R15: 00007fffb87971e8 [ 68.605416][ T6876] [ 68.688495][ T6877] netlink: 212012 bytes leftover after parsing attributes in process `syz.2.306'. [ 68.691446][ T40] audit: type=1400 audit(1745984670.173:381): avc: denied { read write } for pid=6867 comm="syz.0.302" name="raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 68.699055][ T40] audit: type=1400 audit(1745984670.173:382): avc: denied { open } for pid=6867 comm="syz.0.302" path="/dev/raw-gadget" dev="devtmpfs" ino=849 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 68.738285][ T6884] FAULT_INJECTION: forcing a failure. [ 68.738285][ T6884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 68.743598][ T6884] CPU: 1 UID: 0 PID: 6884 Comm: syz.2.309 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 68.743620][ T6884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.743630][ T6884] Call Trace: [ 68.743635][ T6884] [ 68.743642][ T6884] dump_stack_lvl+0x16c/0x1f0 [ 68.743666][ T6884] should_fail_ex+0x512/0x640 [ 68.743690][ T6884] _copy_from_user+0x2e/0xd0 [ 68.743715][ T6884] copy_msghdr_from_user+0x98/0x160 [ 68.743730][ T6884] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 68.743751][ T6884] ? kfree+0x252/0x4d0 [ 68.743771][ T6884] ? __pfx__kstrtoull+0x10/0x10 [ 68.743792][ T6884] ___sys_sendmsg+0xfe/0x1d0 [ 68.743810][ T6884] ? __pfx____sys_sendmsg+0x10/0x10 [ 68.743848][ T6884] ? __pfx___might_resched+0x10/0x10 [ 68.743876][ T6884] __sys_sendmmsg+0x200/0x420 [ 68.743896][ T6884] ? __pfx___sys_sendmmsg+0x10/0x10 [ 68.743921][ T6884] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 68.743955][ T6884] ? fput+0x70/0xf0 [ 68.743973][ T6884] ? ksys_write+0x1b9/0x240 [ 68.743996][ T6884] ? __pfx_ksys_write+0x10/0x10 [ 68.744019][ T6884] ? rcu_is_watching+0x12/0xc0 [ 68.744043][ T6884] __x64_sys_sendmmsg+0x9c/0x100 [ 68.744059][ T6884] ? lockdep_hardirqs_on+0x7c/0x110 [ 68.744078][ T6884] do_syscall_64+0xcd/0x260 [ 68.744100][ T6884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 68.744117][ T6884] RIP: 0033:0x7fe6c1f8e969 [ 68.744147][ T6884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 68.744169][ T6884] RSP: 002b:00007fe6c2d7f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 68.744186][ T6884] RAX: ffffffffffffffda RBX: 00007fe6c21b5fa0 RCX: 00007fe6c1f8e969 [ 68.744197][ T6884] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 68.744207][ T6884] RBP: 00007fe6c2d7f090 R08: 0000000000000000 R09: 0000000000000000 [ 68.744225][ T6884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 68.744236][ T6884] R13: 0000000000000000 R14: 00007fe6c21b5fa0 R15: 00007ffc1aec6288 [ 68.744259][ T6884] [ 68.752127][ T9] IPVS: starting estimator thread 0... [ 68.774447][ T6886] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold [ 68.777280][ T6886] IPVS: length: 184 != 24 [ 68.904302][ T6887] IPVS: using max 44 ests per chain, 105600 per kthread [ 68.934330][ T5837] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 68.942088][ T6899] 9pnet_fd: Insufficient options for proto=fd [ 68.969621][ T6901] netlink: 'syz.3.315': attribute type 10 has an invalid length. [ 68.975798][ T6901] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 69.018443][ T6904] block device autoloading is deprecated and will be removed. [ 69.105776][ T5837] usb 5-1: config 1 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 250, changing to 11 [ 69.109572][ T5837] usb 5-1: config 1 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 69.119666][ T5837] usb 5-1: config 1 interface 0 has no altsetting 0 [ 69.126592][ T5837] usb 5-1: string descriptor 0 read error: -22 [ 69.131737][ T5837] usb 5-1: New USB device found, idVendor=046d, idProduct=c512, bcdDevice= 0.40 [ 69.134860][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.274645][ T6925] 9pnet_fd: Insufficient options for proto=fd [ 69.342932][ T6868] netlink: 212184 bytes leftover after parsing attributes in process `syz.0.302'. [ 69.349273][ T5837] usbhid 5-1:1.0: can't add hid device: -71 [ 69.351235][ T5837] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 69.355485][ T5837] usb 5-1: USB disconnect, device number 3 [ 69.550211][ T6942] program syz.3.330 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 69.606766][ T6950] FAULT_INJECTION: forcing a failure. [ 69.606766][ T6950] name failslab, interval 1, probability 0, space 0, times 0 [ 69.610581][ T6950] CPU: 1 UID: 0 PID: 6950 Comm: syz.1.333 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 69.610595][ T6950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.610602][ T6950] Call Trace: [ 69.610606][ T6950] [ 69.610610][ T6950] dump_stack_lvl+0x16c/0x1f0 [ 69.610627][ T6950] should_fail_ex+0x512/0x640 [ 69.610642][ T6950] ? fs_reclaim_acquire+0xae/0x150 [ 69.610657][ T6950] ? tomoyo_encode2+0x100/0x3e0 [ 69.610671][ T6950] should_failslab+0xc2/0x120 [ 69.610683][ T6950] __kmalloc_noprof+0xd2/0x510 [ 69.610703][ T6950] tomoyo_encode2+0x100/0x3e0 [ 69.610719][ T6950] tomoyo_encode+0x29/0x50 [ 69.610733][ T6950] tomoyo_mount_acl+0x314/0x850 [ 69.610746][ T6950] ? kernel_text_address+0x8d/0x100 [ 69.610759][ T6950] ? __kernel_text_address+0xd/0x40 [ 69.610772][ T6950] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 69.610800][ T6950] ? tomoyo_domain+0xbb/0x150 [ 69.610809][ T6950] ? tomoyo_profile+0x47/0x60 [ 69.610826][ T6950] tomoyo_mount_permission+0x16d/0x420 [ 69.610840][ T6950] ? tomoyo_mount_permission+0x14f/0x420 [ 69.610854][ T6950] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 69.610876][ T6950] security_sb_mount+0x9b/0x260 [ 69.610890][ T6950] path_mount+0x128/0x1f20 [ 69.610903][ T6950] ? kmem_cache_free+0x2d4/0x4d0 [ 69.610919][ T6950] ? __pfx_path_mount+0x10/0x10 [ 69.610931][ T6950] ? putname+0x154/0x1a0 [ 69.610944][ T6950] __x64_sys_mount+0x28d/0x310 [ 69.610955][ T6950] ? __pfx___x64_sys_mount+0x10/0x10 [ 69.610965][ T6950] ? rcu_is_watching+0x12/0xc0 [ 69.610981][ T6950] do_syscall_64+0xcd/0x260 [ 69.610996][ T6950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 69.611007][ T6950] RIP: 0033:0x7f6ad378e969 [ 69.611016][ T6950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 69.611027][ T6950] RSP: 002b:00007f6ad4578038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 69.611037][ T6950] RAX: ffffffffffffffda RBX: 00007f6ad39b5fa0 RCX: 00007f6ad378e969 [ 69.611044][ T6950] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 69.611050][ T6950] RBP: 00007f6ad4578090 R08: 0000200000000080 R09: 0000000000000000 [ 69.611056][ T6950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 69.611062][ T6950] R13: 0000000000000000 R14: 00007f6ad39b5fa0 R15: 00007ffdcdf9e228 [ 69.611075][ T6950] [ 69.663396][ T6953] 9pnet_fd: Insufficient options for proto=fd [ 69.663999][ C1] vkms_vblank_simulate: vblank timer overrun [ 69.690287][ C1] vkms_vblank_simulate: vblank timer overrun [ 69.726118][ T6955] netlink: 'syz.3.335': attribute type 39 has an invalid length. [ 69.778196][ T6957] Bluetooth: hci0: invalid len left 7, exp >= 131 [ 69.836854][ T6961] overlayfs: statfs failed on './file0' [ 69.849836][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.2.338'. [ 69.918208][ T6970] netlink: 'syz.0.342': attribute type 9 has an invalid length. [ 70.033564][ T6982] overlayfs: failed to resolve './file1': -2 [ 70.062633][ T6987] FAULT_INJECTION: forcing a failure. [ 70.062633][ T6987] name failslab, interval 1, probability 0, space 0, times 0 [ 70.068602][ T6987] CPU: 3 UID: 0 PID: 6987 Comm: syz.0.346 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 70.068625][ T6987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.068634][ T6987] Call Trace: [ 70.068640][ T6987] [ 70.068646][ T6987] dump_stack_lvl+0x16c/0x1f0 [ 70.068688][ T6987] should_fail_ex+0x512/0x640 [ 70.068712][ T6987] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 70.068741][ T6987] should_failslab+0xc2/0x120 [ 70.068757][ T6987] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 70.068781][ T6987] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.068799][ T6987] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 70.068819][ T6987] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 70.068840][ T6987] idr_get_free+0x528/0xa30 [ 70.068867][ T6987] idr_alloc_u32+0x190/0x2f0 [ 70.068888][ T6987] ? __pfx_idr_alloc_u32+0x10/0x10 [ 70.068910][ T6987] ? tcf_exts_init_ex+0x1bc/0x610 [ 70.068940][ T6987] cls_bpf_change+0x507/0x1f50 [ 70.068965][ T6987] ? find_held_lock+0x2b/0x80 [ 70.068985][ T6987] ? __pfx_cls_bpf_change+0x10/0x10 [ 70.069003][ T6987] ? tc_new_tfilter+0x1e00/0x2340 [ 70.069027][ T6987] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 70.069063][ T6987] ? __pfx_cls_bpf_change+0x10/0x10 [ 70.069084][ T6987] tc_new_tfilter+0xa32/0x2340 [ 70.069120][ T6987] ? __pfx_tc_new_tfilter+0x10/0x10 [ 70.069149][ T6987] ? __lock_acquire+0x5ca/0x1ba0 [ 70.069186][ T6987] ? find_held_lock+0x2b/0x80 [ 70.069205][ T6987] ? __pfx_tc_new_tfilter+0x10/0x10 [ 70.069221][ T6987] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 70.069239][ T6987] ? __pfx_tc_new_tfilter+0x10/0x10 [ 70.069260][ T6987] rtnetlink_rcv_msg+0x95b/0xe90 [ 70.069279][ T6987] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 70.069310][ T6987] netlink_rcv_skb+0x16a/0x440 [ 70.069330][ T6987] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 70.069349][ T6987] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 70.069381][ T6987] ? netlink_deliver_tap+0x1ae/0xd30 [ 70.069404][ T6987] netlink_unicast+0x53a/0x7f0 [ 70.069423][ T6987] ? __pfx_netlink_unicast+0x10/0x10 [ 70.069449][ T6987] netlink_sendmsg+0x8d1/0xdd0 [ 70.069477][ T6987] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.069506][ T6987] ____sys_sendmsg+0xa95/0xc70 [ 70.069528][ T6987] ? copy_msghdr_from_user+0x10a/0x160 [ 70.069544][ T6987] ? __pfx_____sys_sendmsg+0x10/0x10 [ 70.069569][ T6987] ? kfree+0x252/0x4d0 [ 70.069589][ T6987] ? __pfx__kstrtoull+0x10/0x10 [ 70.069611][ T6987] ___sys_sendmsg+0x134/0x1d0 [ 70.069629][ T6987] ? __pfx____sys_sendmsg+0x10/0x10 [ 70.069670][ T6987] ? __pfx___might_resched+0x10/0x10 [ 70.069698][ T6987] __sys_sendmmsg+0x200/0x420 [ 70.069718][ T6987] ? __pfx___sys_sendmmsg+0x10/0x10 [ 70.069744][ T6987] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 70.069777][ T6987] ? fput+0x70/0xf0 [ 70.069795][ T6987] ? ksys_write+0x1b9/0x240 [ 70.069820][ T6987] ? __pfx_ksys_write+0x10/0x10 [ 70.069842][ T6987] ? rcu_is_watching+0x12/0xc0 [ 70.069865][ T6987] __x64_sys_sendmmsg+0x9c/0x100 [ 70.069882][ T6987] ? lockdep_hardirqs_on+0x7c/0x110 [ 70.069903][ T6987] do_syscall_64+0xcd/0x260 [ 70.069926][ T6987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.069943][ T6987] RIP: 0033:0x7f9ed658e969 [ 70.069980][ T6987] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.069996][ T6987] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 70.070013][ T6987] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 70.070024][ T6987] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 70.070034][ T6987] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 70.070045][ T6987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 70.070055][ T6987] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 70.070079][ T6987] [ 70.310270][ T6993] binder: 6992:6993 ioctl c0306201 200000000200 returned -14 [ 70.387215][ T7002] FAULT_INJECTION: forcing a failure. [ 70.387215][ T7002] name failslab, interval 1, probability 0, space 0, times 0 [ 70.391164][ T7002] CPU: 2 UID: 0 PID: 7002 Comm: syz.1.351 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 70.391180][ T7002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.391191][ T7002] Call Trace: [ 70.391196][ T7002] [ 70.391200][ T7002] dump_stack_lvl+0x16c/0x1f0 [ 70.391218][ T7002] should_fail_ex+0x512/0x640 [ 70.391233][ T7002] ? fs_reclaim_acquire+0xae/0x150 [ 70.391249][ T7002] should_failslab+0xc2/0x120 [ 70.391262][ T7002] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 70.391281][ T7002] ? security_inode_alloc+0x3b/0x2b0 [ 70.391297][ T7002] security_inode_alloc+0x3b/0x2b0 [ 70.391311][ T7002] inode_init_always_gfp+0xce4/0x1030 [ 70.391332][ T7002] alloc_inode+0x86/0x240 [ 70.391346][ T7002] new_inode+0x22/0x1c0 [ 70.391358][ T7002] ? start_creating.part.0+0x25d/0x3a0 [ 70.391376][ T7002] __debugfs_create_file+0x11c/0x6b0 [ 70.391395][ T7002] debugfs_create_file_short+0x41/0x60 [ 70.391414][ T7002] ieee80211_debugfs_recreate_netdev+0x29e/0x17e0 [ 70.391431][ T7002] ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10 [ 70.391447][ T7002] ? __pfx___might_resched+0x10/0x10 [ 70.391465][ T7002] drv_remove_interface+0x2bf/0x640 [ 70.391478][ T7002] ieee80211_do_stop+0x1781/0x2510 [ 70.391499][ T7002] ? __pfx_ieee80211_do_stop+0x10/0x10 [ 70.391514][ T7002] ? do_raw_spin_lock+0x12c/0x2b0 [ 70.391532][ T7002] ? mark_held_locks+0x49/0x80 [ 70.391552][ T7002] ieee80211_stop+0x11d/0x670 [ 70.391566][ T7002] ? __pfx_ieee80211_stop+0x10/0x10 [ 70.391579][ T7002] __dev_close_many+0x298/0x770 [ 70.391595][ T7002] ? __pfx___dev_close_many+0x10/0x10 [ 70.391610][ T7002] ? __local_bh_enable_ip+0xa4/0x120 [ 70.391626][ T7002] __dev_change_flags+0x4d8/0x720 [ 70.391646][ T7002] ? __pfx___dev_change_flags+0x10/0x10 [ 70.391665][ T7002] ? unwind_get_return_address+0x59/0xa0 [ 70.391679][ T7002] ? __pfx_validate_linkmsg+0x10/0x10 [ 70.391693][ T7002] netif_change_flags+0x8d/0x160 [ 70.391704][ T7002] do_setlink.constprop.0+0xddf/0x44b0 [ 70.391719][ T7002] ? __lock_acquire+0xaa4/0x1ba0 [ 70.391736][ T7002] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 70.391748][ T7002] ? find_held_lock+0x2b/0x80 [ 70.391764][ T7002] ? __mutex_trylock_common+0xe9/0x250 [ 70.391782][ T7002] ? __pfx___mutex_trylock_common+0x10/0x10 [ 70.391800][ T7002] ? __pfx___might_resched+0x10/0x10 [ 70.391815][ T7002] ? rcu_is_watching+0x12/0xc0 [ 70.391828][ T7002] ? trace_contention_end+0xdd/0x130 [ 70.391846][ T7002] ? __mutex_lock+0x1ca/0xb90 [ 70.391862][ T7002] ? rtnl_newlink+0x600/0x2000 [ 70.391874][ T7002] ? __pfx___mutex_lock+0x10/0x10 [ 70.391887][ T7002] ? cap_capable+0xb3/0x250 [ 70.391904][ T7002] ? netlink_ns_capable+0xfa/0x130 [ 70.391917][ T7002] rtnl_newlink+0x1446/0x2000 [ 70.391932][ T7002] ? __pfx_rtnl_newlink+0x10/0x10 [ 70.391942][ T7002] ? find_held_lock+0x2b/0x80 [ 70.391954][ T7002] ? avc_has_perm_noaudit+0x117/0x3b0 [ 70.391974][ T7002] ? avc_has_perm_noaudit+0x149/0x3b0 [ 70.391995][ T7002] ? __lock_acquire+0x5ca/0x1ba0 [ 70.392017][ T7002] ? find_held_lock+0x2b/0x80 [ 70.392029][ T7002] ? __pfx_rtnl_newlink+0x10/0x10 [ 70.392038][ T7002] ? __pfx_rtnl_newlink+0x10/0x10 [ 70.392048][ T7002] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 70.392059][ T7002] ? __pfx_rtnl_newlink+0x10/0x10 [ 70.392069][ T7002] rtnetlink_rcv_msg+0x95b/0xe90 [ 70.392081][ T7002] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 70.392099][ T7002] netlink_rcv_skb+0x16a/0x440 [ 70.392110][ T7002] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 70.392122][ T7002] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 70.392141][ T7002] ? netlink_deliver_tap+0x1ae/0xd30 [ 70.392155][ T7002] netlink_unicast+0x53a/0x7f0 [ 70.392168][ T7002] ? __pfx_netlink_unicast+0x10/0x10 [ 70.392188][ T7002] netlink_sendmsg+0x8d1/0xdd0 [ 70.392201][ T7002] ? __pfx_netlink_sendmsg+0x10/0x10 [ 70.392218][ T7002] ____sys_sendmsg+0xa95/0xc70 [ 70.392232][ T7002] ? copy_msghdr_from_user+0x10a/0x160 [ 70.392242][ T7002] ? __pfx_____sys_sendmsg+0x10/0x10 [ 70.392262][ T7002] ___sys_sendmsg+0x134/0x1d0 [ 70.392273][ T7002] ? __pfx____sys_sendmsg+0x10/0x10 [ 70.392299][ T7002] __sys_sendmsg+0x16d/0x220 [ 70.392309][ T7002] ? __pfx___sys_sendmsg+0x10/0x10 [ 70.392324][ T7002] ? rcu_is_watching+0x12/0xc0 [ 70.392339][ T7002] do_syscall_64+0xcd/0x260 [ 70.392354][ T7002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 70.392365][ T7002] RIP: 0033:0x7f6ad378e969 [ 70.392375][ T7002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 70.392385][ T7002] RSP: 002b:00007f6ad4578038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 70.392395][ T7002] RAX: ffffffffffffffda RBX: 00007f6ad39b5fa0 RCX: 00007f6ad378e969 [ 70.392402][ T7002] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 70.392408][ T7002] RBP: 00007f6ad4578090 R08: 0000000000000000 R09: 0000000000000000 [ 70.392414][ T7002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 70.392421][ T7002] R13: 0000000000000000 R14: 00007f6ad39b5fa0 R15: 00007ffdcdf9e228 [ 70.392434][ T7002] [ 70.392450][ T7002] debugfs: out of free dentries, can not create file 'flags' [ 70.551245][ T7002] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 70.618110][ T7011] overlayfs: failed to resolve './file1': -2 [ 70.781284][ T7027] bond0: (slave wlan1): Releasing backup interface [ 70.891910][ T7036] xt_CT: You must specify a L4 protocol and not use inversions on it [ 71.045050][ T7045] overlayfs: failed to resolve './file1': -2 [ 71.117815][ T1421] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.119921][ T1421] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.153480][ T7051] FAULT_INJECTION: forcing a failure. [ 71.153480][ T7051] name failslab, interval 1, probability 0, space 0, times 0 [ 71.157694][ T7051] CPU: 3 UID: 0 PID: 7051 Comm: syz.3.371 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 71.157709][ T7051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.157716][ T7051] Call Trace: [ 71.157719][ T7051] [ 71.157723][ T7051] dump_stack_lvl+0x16c/0x1f0 [ 71.157740][ T7051] should_fail_ex+0x512/0x640 [ 71.157754][ T7051] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 71.157772][ T7051] should_failslab+0xc2/0x120 [ 71.157783][ T7051] __kmalloc_cache_noprof+0x6a/0x3e0 [ 71.157799][ T7051] ? alloc_fs_context+0x57/0x9c0 [ 71.157811][ T7051] alloc_fs_context+0x57/0x9c0 [ 71.157823][ T7051] path_mount+0xb06/0x1f20 [ 71.157835][ T7051] ? kmem_cache_free+0x2d4/0x4d0 [ 71.157852][ T7051] ? __pfx_path_mount+0x10/0x10 [ 71.157887][ T7051] ? putname+0x154/0x1a0 [ 71.157907][ T7051] __x64_sys_mount+0x28d/0x310 [ 71.157925][ T7051] ? __pfx___x64_sys_mount+0x10/0x10 [ 71.157966][ T7051] do_syscall_64+0xcd/0x260 [ 71.157982][ T7051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 71.157993][ T7051] RIP: 0033:0x7f0b0b18e969 [ 71.158002][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 71.158012][ T7051] RSP: 002b:00007f0b0bfcb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 71.158023][ T7051] RAX: ffffffffffffffda RBX: 00007f0b0b3b5fa0 RCX: 00007f0b0b18e969 [ 71.158029][ T7051] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 71.158036][ T7051] RBP: 00007f0b0bfcb090 R08: 0000200000000080 R09: 0000000000000000 [ 71.158042][ T7051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 71.158048][ T7051] R13: 0000000000000000 R14: 00007f0b0b3b5fa0 R15: 00007fffb87971e8 [ 71.158061][ T7051] [ 71.208323][ T7052] fuse: Unknown parameter '' [ 71.221814][ T7052] fuse: Bad value for 'user_id' [ 71.223327][ T7052] fuse: Bad value for 'user_id' [ 71.240758][ T7054] syzkaller0: entered promiscuous mode [ 71.243221][ T7054] syzkaller0: tun_chr_ioctl cmd 1074025677 [ 71.245228][ T7054] syzkaller0: Linktype set failed because interface is up [ 71.322285][ T7061] bond0: (slave wlan1): Releasing backup interface [ 71.330648][ T7061] bond1: (slave wireguard0): Releasing backup interface [ 72.115964][ T7080] __nla_validate_parse: 1 callbacks suppressed [ 72.115980][ T7080] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.379'. [ 72.159183][ T7088] validate_nla: 3 callbacks suppressed [ 72.159199][ T7088] netlink: 'syz.3.382': attribute type 9 has an invalid length. [ 72.161398][ T7082] sp0: Synchronizing with TNC [ 72.164934][ T7088] netlink: 212012 bytes leftover after parsing attributes in process `syz.3.382'. [ 72.165737][ T7089] FAULT_INJECTION: forcing a failure. [ 72.165737][ T7089] name failslab, interval 1, probability 0, space 0, times 0 [ 72.165756][ T7089] CPU: 3 UID: 0 PID: 7089 Comm: syz.0.383 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 72.165769][ T7089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.165776][ T7089] Call Trace: [ 72.165780][ T7089] [ 72.165783][ T7089] dump_stack_lvl+0x16c/0x1f0 [ 72.165800][ T7089] should_fail_ex+0x512/0x640 [ 72.165814][ T7089] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 72.165833][ T7089] should_failslab+0xc2/0x120 [ 72.165845][ T7089] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 72.165861][ T7089] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.165873][ T7089] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 72.165888][ T7089] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 72.165902][ T7089] idr_get_free+0x528/0xa30 [ 72.165919][ T7089] idr_alloc_u32+0x190/0x2f0 [ 72.165961][ T7089] ? __pfx_idr_alloc_u32+0x10/0x10 [ 72.165975][ T7089] ? tcf_exts_init_ex+0x1bc/0x610 [ 72.165995][ T7089] cls_bpf_change+0x507/0x1f50 [ 72.166011][ T7089] ? find_held_lock+0x2b/0x80 [ 72.166023][ T7089] ? __pfx_cls_bpf_change+0x10/0x10 [ 72.166035][ T7089] ? tc_new_tfilter+0x1e00/0x2340 [ 72.166050][ T7089] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 72.166072][ T7089] ? __pfx_cls_bpf_change+0x10/0x10 [ 72.166084][ T7089] tc_new_tfilter+0xa32/0x2340 [ 72.166104][ T7089] ? __pfx_tc_new_tfilter+0x10/0x10 [ 72.166121][ T7089] ? __lock_acquire+0x5ca/0x1ba0 [ 72.166144][ T7089] ? find_held_lock+0x2b/0x80 [ 72.166156][ T7089] ? __pfx_tc_new_tfilter+0x10/0x10 [ 72.166167][ T7089] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 72.166179][ T7089] ? __pfx_tc_new_tfilter+0x10/0x10 [ 72.166195][ T7089] rtnetlink_rcv_msg+0x95b/0xe90 [ 72.166207][ T7089] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.166224][ T7089] netlink_rcv_skb+0x16a/0x440 [ 72.166237][ T7089] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.166248][ T7089] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.166267][ T7089] ? netlink_deliver_tap+0x1ae/0xd30 [ 72.166281][ T7089] netlink_unicast+0x53a/0x7f0 [ 72.166294][ T7089] ? __pfx_netlink_unicast+0x10/0x10 [ 72.166310][ T7089] netlink_sendmsg+0x8d1/0xdd0 [ 72.166324][ T7089] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.166341][ T7089] ____sys_sendmsg+0xa95/0xc70 [ 72.166355][ T7089] ? copy_msghdr_from_user+0x10a/0x160 [ 72.166364][ T7089] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.166379][ T7089] ? kfree+0x252/0x4d0 [ 72.166392][ T7089] ? __pfx__kstrtoull+0x10/0x10 [ 72.166407][ T7089] ___sys_sendmsg+0x134/0x1d0 [ 72.166417][ T7089] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.166440][ T7089] ? __pfx___might_resched+0x10/0x10 [ 72.166458][ T7089] __sys_sendmmsg+0x200/0x420 [ 72.166470][ T7089] ? __pfx___sys_sendmmsg+0x10/0x10 [ 72.166484][ T7089] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 72.166504][ T7089] ? fput+0x70/0xf0 [ 72.166515][ T7089] ? ksys_write+0x1b9/0x240 [ 72.166530][ T7089] ? __pfx_ksys_write+0x10/0x10 [ 72.166545][ T7089] ? rcu_is_watching+0x12/0xc0 [ 72.166559][ T7089] __x64_sys_sendmmsg+0x9c/0x100 [ 72.166569][ T7089] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.166581][ T7089] do_syscall_64+0xcd/0x260 [ 72.166596][ T7089] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.166606][ T7089] RIP: 0033:0x7f9ed658e969 [ 72.166616][ T7089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.166626][ T7089] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 72.166636][ T7089] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 72.166643][ T7089] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 72.166649][ T7089] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 72.166655][ T7089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 72.166661][ T7089] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 72.166674][ T7089] [ 72.192082][ T7082] [U] è [ 72.207807][ T7091] netlink: 84 bytes leftover after parsing attributes in process `syz.0.384'. [ 72.230068][ T7095] overlayfs: conflicting options: nfs_export=on,metacopy=on [ 72.283099][ T7097] netlink: 36 bytes leftover after parsing attributes in process `syz.3.385'. [ 72.316592][ T7093] FAULT_INJECTION: forcing a failure. [ 72.316592][ T7093] name failslab, interval 1, probability 0, space 0, times 0 [ 72.321873][ T7093] CPU: 2 UID: 0 PID: 7093 Comm: syz.2.380 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 72.321897][ T7093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.321907][ T7093] Call Trace: [ 72.321914][ T7093] [ 72.321921][ T7093] dump_stack_lvl+0x16c/0x1f0 [ 72.321967][ T7093] should_fail_ex+0x512/0x640 [ 72.321992][ T7093] should_failslab+0xc2/0x120 [ 72.322011][ T7093] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 72.322038][ T7093] ? skb_clone+0x190/0x3f0 [ 72.322060][ T7093] skb_clone+0x190/0x3f0 [ 72.322078][ T7093] netlink_deliver_tap+0xabd/0xd30 [ 72.322100][ T7093] netlink_unicast+0x6b2/0x7f0 [ 72.322119][ T7093] ? __pfx_netlink_unicast+0x10/0x10 [ 72.322135][ T7093] ? genl_rcv_msg+0x4bb/0x800 [ 72.322163][ T7093] netlink_ack+0x696/0xb80 [ 72.322189][ T7093] netlink_rcv_skb+0x347/0x440 [ 72.322208][ T7093] ? __pfx_genl_rcv_msg+0x10/0x10 [ 72.322230][ T7093] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.322261][ T7093] ? __pfx_down_read+0x10/0x10 [ 72.322285][ T7093] ? netlink_deliver_tap+0x1ae/0xd30 [ 72.322307][ T7093] genl_rcv+0x28/0x40 [ 72.322326][ T7093] netlink_unicast+0x53a/0x7f0 [ 72.322347][ T7093] ? __pfx_netlink_unicast+0x10/0x10 [ 72.322379][ T7093] netlink_sendmsg+0x8d1/0xdd0 [ 72.322402][ T7093] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.322430][ T7093] ____sys_sendmsg+0xa95/0xc70 [ 72.322453][ T7093] ? copy_msghdr_from_user+0x10a/0x160 [ 72.322469][ T7093] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.322502][ T7093] ___sys_sendmsg+0x134/0x1d0 [ 72.322520][ T7093] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.322566][ T7093] __sys_sendmsg+0x16d/0x220 [ 72.322583][ T7093] ? __pfx___sys_sendmsg+0x10/0x10 [ 72.322607][ T7093] ? rcu_is_watching+0x12/0xc0 [ 72.322634][ T7093] do_syscall_64+0xcd/0x260 [ 72.322657][ T7093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.322675][ T7093] RIP: 0033:0x7fe6c1f8e969 [ 72.322689][ T7093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.322706][ T7093] RSP: 002b:00007fe6c2d7f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.322725][ T7093] RAX: ffffffffffffffda RBX: 00007fe6c21b5fa0 RCX: 00007fe6c1f8e969 [ 72.322737][ T7093] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000003 [ 72.322747][ T7093] RBP: 00007fe6c2d7f090 R08: 0000000000000000 R09: 0000000000000000 [ 72.322758][ T7093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 72.322768][ T7093] R13: 0000000000000000 R14: 00007fe6c21b5fa0 R15: 00007ffc1aec6288 [ 72.322792][ T7093] [ 72.441508][ T7101] program syz.2.387 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 72.446569][ T7101] netlink: 16 bytes leftover after parsing attributes in process `syz.2.387'. [ 72.481211][ T7108] netlink: 'syz.1.390': attribute type 10 has an invalid length. [ 72.489018][ T7108] FAULT_INJECTION: forcing a failure. [ 72.489018][ T7108] name failslab, interval 1, probability 0, space 0, times 0 [ 72.494077][ T7108] CPU: 2 UID: 0 PID: 7108 Comm: syz.1.390 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 72.494100][ T7108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.494111][ T7108] Call Trace: [ 72.494117][ T7108] [ 72.494138][ T7108] dump_stack_lvl+0x16c/0x1f0 [ 72.494172][ T7108] should_fail_ex+0x512/0x640 [ 72.494193][ T7108] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 72.494223][ T7108] should_failslab+0xc2/0x120 [ 72.494242][ T7108] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 72.494268][ T7108] ? __pfx_lookup_one_len+0x10/0x10 [ 72.494289][ T7108] ? alloc_inode+0x61/0x240 [ 72.494313][ T7108] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 72.494336][ T7108] alloc_inode+0x61/0x240 [ 72.494356][ T7108] new_inode+0x22/0x1c0 [ 72.494374][ T7108] ? start_creating.part.0+0x25d/0x3a0 [ 72.494400][ T7108] __debugfs_create_file+0x11c/0x6b0 [ 72.494429][ T7108] debugfs_create_file_short+0x41/0x60 [ 72.494457][ T7108] ieee80211_debugfs_recreate_netdev+0x426/0x17e0 [ 72.494482][ T7108] ? __pfx_ieee80211_debugfs_recreate_netdev+0x10/0x10 [ 72.494507][ T7108] ? __pfx___might_resched+0x10/0x10 [ 72.494536][ T7108] drv_remove_interface+0x2bf/0x640 [ 72.494556][ T7108] ieee80211_do_stop+0x1781/0x2510 [ 72.494590][ T7108] ? __pfx_ieee80211_do_stop+0x10/0x10 [ 72.494615][ T7108] ? do_raw_spin_lock+0x12c/0x2b0 [ 72.494644][ T7108] ? mark_held_locks+0x49/0x80 [ 72.494672][ T7108] ieee80211_stop+0x11d/0x670 [ 72.494695][ T7108] ? __pfx_ieee80211_stop+0x10/0x10 [ 72.494714][ T7108] __dev_close_many+0x298/0x770 [ 72.494737][ T7108] ? __pfx___dev_close_many+0x10/0x10 [ 72.494765][ T7108] __dev_change_flags+0x4d8/0x720 [ 72.494793][ T7108] ? __pfx___dev_change_flags+0x10/0x10 [ 72.494822][ T7108] ? __pfx_validate_linkmsg+0x10/0x10 [ 72.494842][ T7108] netif_change_flags+0x8d/0x160 [ 72.494861][ T7108] do_setlink.constprop.0+0xddf/0x44b0 [ 72.494884][ T7108] ? __lock_acquire+0xaa4/0x1ba0 [ 72.494908][ T7108] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 72.494927][ T7108] ? find_held_lock+0x2b/0x80 [ 72.494951][ T7108] ? __mutex_trylock_common+0xe9/0x250 [ 72.494978][ T7108] ? __pfx___mutex_trylock_common+0x10/0x10 [ 72.495004][ T7108] ? __pfx___might_resched+0x10/0x10 [ 72.495026][ T7108] ? rcu_is_watching+0x12/0xc0 [ 72.495045][ T7108] ? trace_contention_end+0xdd/0x130 [ 72.495071][ T7108] ? __mutex_lock+0x1ca/0xb90 [ 72.495095][ T7108] ? rtnl_newlink+0x600/0x2000 [ 72.495115][ T7108] ? __pfx___mutex_lock+0x10/0x10 [ 72.495135][ T7108] ? cap_capable+0xb3/0x250 [ 72.495169][ T7108] ? netlink_ns_capable+0xfa/0x130 [ 72.495190][ T7108] rtnl_newlink+0x1446/0x2000 [ 72.495215][ T7108] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.495230][ T7108] ? find_held_lock+0x2b/0x80 [ 72.495250][ T7108] ? avc_has_perm_noaudit+0x117/0x3b0 [ 72.495282][ T7108] ? avc_has_perm_noaudit+0x149/0x3b0 [ 72.495315][ T7108] ? __lock_acquire+0x5ca/0x1ba0 [ 72.495354][ T7108] ? find_held_lock+0x2b/0x80 [ 72.495371][ T7108] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.495387][ T7108] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.495402][ T7108] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 72.495420][ T7108] ? __pfx_rtnl_newlink+0x10/0x10 [ 72.495438][ T7108] rtnetlink_rcv_msg+0x95b/0xe90 [ 72.495458][ T7108] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.495489][ T7108] netlink_rcv_skb+0x16a/0x440 [ 72.495508][ T7108] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 72.495527][ T7108] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 72.495561][ T7108] ? netlink_deliver_tap+0x1ae/0xd30 [ 72.495585][ T7108] netlink_unicast+0x53a/0x7f0 [ 72.495607][ T7108] ? __pfx_netlink_unicast+0x10/0x10 [ 72.495637][ T7108] netlink_sendmsg+0x8d1/0xdd0 [ 72.495673][ T7108] ? __pfx_netlink_sendmsg+0x10/0x10 [ 72.495704][ T7108] ____sys_sendmsg+0xa95/0xc70 [ 72.495726][ T7108] ? copy_msghdr_from_user+0x10a/0x160 [ 72.495742][ T7108] ? __pfx_____sys_sendmsg+0x10/0x10 [ 72.495774][ T7108] ___sys_sendmsg+0x134/0x1d0 [ 72.495791][ T7108] ? __pfx____sys_sendmsg+0x10/0x10 [ 72.495840][ T7108] __sys_sendmsg+0x16d/0x220 [ 72.495857][ T7108] ? __pfx___sys_sendmsg+0x10/0x10 [ 72.495881][ T7108] ? rcu_is_watching+0x12/0xc0 [ 72.495907][ T7108] do_syscall_64+0xcd/0x260 [ 72.495931][ T7108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 72.495948][ T7108] RIP: 0033:0x7f6ad378e969 [ 72.495963][ T7108] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 72.495979][ T7108] RSP: 002b:00007f6ad4578038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 72.495995][ T7108] RAX: ffffffffffffffda RBX: 00007f6ad39b5fa0 RCX: 00007f6ad378e969 [ 72.496007][ T7108] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 72.496016][ T7108] RBP: 00007f6ad4578090 R08: 0000000000000000 R09: 0000000000000000 [ 72.496026][ T7108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 72.496035][ T7108] R13: 0000000000000000 R14: 00007f6ad39b5fa0 R15: 00007ffdcdf9e228 [ 72.496059][ T7108] [ 72.665480][ T7108] debugfs: out of free dentries, can not create file 'rc_rateidx_mask_2ghz' [ 72.720825][ T7121] netlink: 'syz.1.396': attribute type 2 has an invalid length. [ 72.721858][ T7122] overlayfs: failed to resolve './file0': -2 [ 72.731760][ T40] kauditd_printk_skb: 29 callbacks suppressed [ 72.731770][ T40] audit: type=1326 audit(1745984674.213:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7115 comm="syz.0.393" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9ed658e969 code=0x0 [ 72.824588][ T7131] netlink: 36 bytes leftover after parsing attributes in process `syz.2.398'. [ 72.967497][ T1473] usb 6-1: new low-speed USB device number 3 using dummy_hcd [ 73.126667][ T1473] usb 6-1: config 0 has an invalid interface number: 55 but max is 0 [ 73.130020][ T1473] usb 6-1: config 0 has no interface number 0 [ 73.132528][ T1473] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 73.136968][ T1473] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 73.140436][ T1473] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 73.145180][ T1473] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 73.149586][ T1473] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8 [ 73.153954][ T1473] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 73.159497][ T1473] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 73.163237][ T1473] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 73.168783][ T1473] usb 6-1: config 0 descriptor?? [ 73.172158][ T7121] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 73.175409][ T7121] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 73.181202][ T1473] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 73.276924][ T7160] FAULT_INJECTION: forcing a failure. [ 73.276924][ T7160] name failslab, interval 1, probability 0, space 0, times 0 [ 73.280872][ T7160] CPU: 2 UID: 0 PID: 7160 Comm: syz.2.408 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 73.280887][ T7160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.280893][ T7160] Call Trace: [ 73.280897][ T7160] [ 73.280902][ T7160] dump_stack_lvl+0x16c/0x1f0 [ 73.280918][ T7160] should_fail_ex+0x512/0x640 [ 73.280933][ T7160] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 73.280951][ T7160] should_failslab+0xc2/0x120 [ 73.280962][ T7160] __kmalloc_cache_noprof+0x6a/0x3e0 [ 73.280977][ T7160] ? ovl_init_fs_context+0x52/0x5d0 [ 73.280996][ T7160] ovl_init_fs_context+0x52/0x5d0 [ 73.281013][ T7160] ? __pfx_ovl_init_fs_context+0x10/0x10 [ 73.281030][ T7160] alloc_fs_context+0x54a/0x9c0 [ 73.281042][ T7160] path_mount+0xb06/0x1f20 [ 73.281054][ T7160] ? kmem_cache_free+0x2d4/0x4d0 [ 73.281070][ T7160] ? __pfx_path_mount+0x10/0x10 [ 73.281082][ T7160] ? putname+0x154/0x1a0 [ 73.281095][ T7160] __x64_sys_mount+0x28d/0x310 [ 73.281106][ T7160] ? __pfx___x64_sys_mount+0x10/0x10 [ 73.281121][ T7160] do_syscall_64+0xcd/0x260 [ 73.281135][ T7160] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.281147][ T7160] RIP: 0033:0x7fe6c1f8e969 [ 73.281155][ T7160] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.281166][ T7160] RSP: 002b:00007fe6c2d7f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 73.281176][ T7160] RAX: ffffffffffffffda RBX: 00007fe6c21b5fa0 RCX: 00007fe6c1f8e969 [ 73.281183][ T7160] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 73.281189][ T7160] RBP: 00007fe6c2d7f090 R08: 0000200000000080 R09: 0000000000000000 [ 73.281196][ T7160] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.281202][ T7160] R13: 0000000000000000 R14: 00007fe6c21b5fa0 R15: 00007ffc1aec6288 [ 73.281214][ T7160] [ 73.357277][ C2] vkms_vblank_simulate: vblank timer overrun [ 73.383336][ T40] audit: type=1400 audit(1745984674.863:413): avc: denied { bind } for pid=7119 comm="syz.1.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 73.390260][ T40] audit: type=1400 audit(1745984674.873:414): avc: denied { listen } for pid=7119 comm="syz.1.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 73.396647][ T40] audit: type=1400 audit(1745984674.873:415): avc: denied { accept } for pid=7119 comm="syz.1.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1 [ 73.559486][ T7169] 9pnet_fd: Insufficient options for proto=fd [ 73.568105][ T7171] netlink: 12 bytes leftover after parsing attributes in process `syz.3.413'. [ 73.681889][ T7184] FAULT_INJECTION: forcing a failure. [ 73.681889][ T7184] name failslab, interval 1, probability 0, space 0, times 0 [ 73.686001][ T7184] CPU: 2 UID: 0 PID: 7184 Comm: syz.0.417 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 73.686025][ T7184] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.686035][ T7184] Call Trace: [ 73.686042][ T7184] [ 73.686048][ T7184] dump_stack_lvl+0x16c/0x1f0 [ 73.686073][ T7184] should_fail_ex+0x512/0x640 [ 73.686099][ T7184] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 73.686120][ T7184] should_failslab+0xc2/0x120 [ 73.686138][ T7184] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 73.686156][ T7184] ? cls_bpf_change+0x7cc/0x1f50 [ 73.686180][ T7184] kmemdup_noprof+0x29/0x60 [ 73.686199][ T7184] cls_bpf_change+0x7cc/0x1f50 [ 73.686227][ T7184] ? __pfx_cls_bpf_change+0x10/0x10 [ 73.686246][ T7184] ? tc_new_tfilter+0x1e00/0x2340 [ 73.686284][ T7184] ? __pfx_cls_bpf_change+0x10/0x10 [ 73.686306][ T7184] tc_new_tfilter+0xa32/0x2340 [ 73.686339][ T7184] ? __pfx_tc_new_tfilter+0x10/0x10 [ 73.686367][ T7184] ? __lock_acquire+0x5ca/0x1ba0 [ 73.686406][ T7184] ? find_held_lock+0x2b/0x80 [ 73.686424][ T7184] ? __pfx_tc_new_tfilter+0x10/0x10 [ 73.686439][ T7184] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 73.686459][ T7184] ? __pfx_tc_new_tfilter+0x10/0x10 [ 73.686478][ T7184] rtnetlink_rcv_msg+0x95b/0xe90 [ 73.686496][ T7184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 73.686524][ T7184] netlink_rcv_skb+0x16a/0x440 [ 73.686544][ T7184] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 73.686562][ T7184] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 73.686594][ T7184] ? netlink_deliver_tap+0x1ae/0xd30 [ 73.686617][ T7184] netlink_unicast+0x53a/0x7f0 [ 73.686637][ T7184] ? __pfx_netlink_unicast+0x10/0x10 [ 73.686663][ T7184] netlink_sendmsg+0x8d1/0xdd0 [ 73.686685][ T7184] ? __pfx_netlink_sendmsg+0x10/0x10 [ 73.686714][ T7184] ____sys_sendmsg+0xa95/0xc70 [ 73.686736][ T7184] ? copy_msghdr_from_user+0x10a/0x160 [ 73.686752][ T7184] ? __pfx_____sys_sendmsg+0x10/0x10 [ 73.686776][ T7184] ? kfree+0x252/0x4d0 [ 73.686796][ T7184] ? __pfx__kstrtoull+0x10/0x10 [ 73.686818][ T7184] ___sys_sendmsg+0x134/0x1d0 [ 73.686835][ T7184] ? __pfx____sys_sendmsg+0x10/0x10 [ 73.686875][ T7184] ? __pfx___might_resched+0x10/0x10 [ 73.686902][ T7184] __sys_sendmmsg+0x200/0x420 [ 73.686921][ T7184] ? __pfx___sys_sendmmsg+0x10/0x10 [ 73.686946][ T7184] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 73.686988][ T7184] ? fput+0x70/0xf0 [ 73.687006][ T7184] ? ksys_write+0x1b9/0x240 [ 73.687028][ T7184] ? __pfx_ksys_write+0x10/0x10 [ 73.687049][ T7184] ? rcu_is_watching+0x12/0xc0 [ 73.687072][ T7184] __x64_sys_sendmmsg+0x9c/0x100 [ 73.687088][ T7184] ? lockdep_hardirqs_on+0x7c/0x110 [ 73.687112][ T7184] do_syscall_64+0xcd/0x260 [ 73.687135][ T7184] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 73.687152][ T7184] RIP: 0033:0x7f9ed658e969 [ 73.687166][ T7184] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 73.687182][ T7184] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 73.687198][ T7184] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 73.687209][ T7184] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 73.687219][ T7184] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 73.687228][ T7184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 73.687238][ T7184] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 73.687261][ T7184] [ 73.831689][ C2] vkms_vblank_simulate: vblank timer overrun [ 73.977903][ T7191] netlink: 'syz.0.420': attribute type 9 has an invalid length. [ 73.980424][ T7191] netlink: 212012 bytes leftover after parsing attributes in process `syz.0.420'. [ 73.992848][ T7193] netlink: 129704 bytes leftover after parsing attributes in process `syz.3.421'. [ 74.036747][ T40] audit: type=1326 audit(1745984675.523:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7195 comm="syz.0.422" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ed658e969 code=0x0 [ 74.138233][ T40] audit: type=1326 audit(1745984675.623:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7195 comm="syz.0.422" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9ed658e969 code=0x0 [ 74.187323][ T7204] netlink: 'syz.3.425': attribute type 29 has an invalid length. [ 74.190330][ T7204] netlink: 'syz.3.425': attribute type 29 has an invalid length. [ 74.219840][ T7204] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=29463 sclass=netlink_xfrm_socket pid=7204 comm=syz.3.425 [ 74.479786][ T5288] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 74.483696][ T5288] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 74.487651][ T5288] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 74.491147][ T5288] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 74.494813][ T5288] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 74.502519][ T40] audit: type=1400 audit(1745984675.983:418): avc: denied { mounton } for pid=7210 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 74.602835][ T7210] chnl_net:caif_netlink_parms(): no params data found [ 74.653523][ T7220] netlink: 'syz.3.429': attribute type 10 has an invalid length. [ 74.669241][ T7220] FAULT_INJECTION: forcing a failure. [ 74.669241][ T7220] name failslab, interval 1, probability 0, space 0, times 0 [ 74.675280][ T7220] CPU: 1 UID: 0 PID: 7220 Comm: syz.3.429 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 74.675303][ T7220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.675314][ T7220] Call Trace: [ 74.675319][ T7220] [ 74.675326][ T7220] dump_stack_lvl+0x16c/0x1f0 [ 74.675373][ T7220] should_fail_ex+0x512/0x640 [ 74.675400][ T7220] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 74.675428][ T7220] should_failslab+0xc2/0x120 [ 74.675453][ T7220] __kmalloc_cache_noprof+0x6a/0x3e0 [ 74.675477][ T7220] ? ____ip_mc_inc_group+0x403/0x10f0 [ 74.675499][ T7220] ____ip_mc_inc_group+0x403/0x10f0 [ 74.675515][ T7220] ? ib_device_get_by_netdev+0x1b8/0x520 [ 74.675540][ T7220] ? __pfx_____ip_mc_inc_group+0x10/0x10 [ 74.675568][ T7220] ? ib_device_get_by_netdev+0x1c2/0x520 [ 74.675596][ T7220] ip_mc_up+0x154/0x3b0 [ 74.675613][ T7220] inetdev_event+0xafb/0x18a0 [ 74.675633][ T7220] ? ib_netdevice_event+0xfc/0x330 [ 74.675656][ T7220] ? __pfx_inetdev_event+0x10/0x10 [ 74.675674][ T7220] ? wext_netdev_notifier_call+0xe/0x20 [ 74.675695][ T7220] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 74.675717][ T7220] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 74.675749][ T7220] notifier_call_chain+0xb9/0x410 [ 74.675771][ T7220] ? __pfx_inetdev_event+0x10/0x10 [ 74.675795][ T7220] call_netdevice_notifiers_info+0xbe/0x140 [ 74.675819][ T7220] netif_open+0x142/0x160 [ 74.675844][ T7220] ? __pfx_netif_open+0x10/0x10 [ 74.675876][ T7220] dev_open+0xb2/0x260 [ 74.675895][ T7220] bond_enslave+0x9f3/0x6050 [ 74.675930][ T7220] ? __pfx_bond_enslave+0x10/0x10 [ 74.675954][ T7220] ? lock_acquire+0x179/0x350 [ 74.675979][ T7220] ? do_raw_spin_lock+0x12c/0x2b0 [ 74.676010][ T7220] ? __pfx___dev_change_flags+0x10/0x10 [ 74.676036][ T7220] ? validate_linkmsg+0x57c/0xb60 [ 74.676051][ T7220] ? finish_task_switch.isra.0+0x2fa/0xc10 [ 74.676075][ T7220] ? __pfx_bond_enslave+0x10/0x10 [ 74.676094][ T7220] do_set_master+0x40c/0x730 [ 74.676118][ T7220] ? netif_change_flags+0x70/0x160 [ 74.676137][ T7220] do_setlink.constprop.0+0xe66/0x44b0 [ 74.676158][ T7220] ? __lock_acquire+0xaa4/0x1ba0 [ 74.676184][ T7220] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 74.676202][ T7220] ? __pfx___schedule+0x10/0x10 [ 74.676225][ T7220] ? do_raw_spin_lock+0x12c/0x2b0 [ 74.676248][ T7220] ? mark_held_locks+0x49/0x80 [ 74.676272][ T7220] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 74.676292][ T7220] ? lockdep_hardirqs_on+0x7c/0x110 [ 74.676313][ T7220] ? __mutex_lock+0x1ca/0xb90 [ 74.676337][ T7220] ? rtnl_newlink+0x600/0x2000 [ 74.676360][ T7220] ? __pfx___mutex_lock+0x10/0x10 [ 74.676379][ T7220] ? cap_capable+0xb3/0x250 [ 74.676407][ T7220] ? netlink_ns_capable+0xfa/0x130 [ 74.676428][ T7220] rtnl_newlink+0x1446/0x2000 [ 74.676454][ T7220] ? __pfx_rtnl_newlink+0x10/0x10 [ 74.676468][ T7220] ? find_held_lock+0x2b/0x80 [ 74.676489][ T7220] ? avc_has_perm_noaudit+0x117/0x3b0 [ 74.676520][ T7220] ? avc_has_perm_noaudit+0x149/0x3b0 [ 74.676553][ T7220] ? __lock_acquire+0x5ca/0x1ba0 [ 74.676592][ T7220] ? find_held_lock+0x2b/0x80 [ 74.676610][ T7220] ? __pfx_rtnl_newlink+0x10/0x10 [ 74.676626][ T7220] ? __pfx_rtnl_newlink+0x10/0x10 [ 74.676641][ T7220] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 74.676658][ T7220] ? __pfx_rtnl_newlink+0x10/0x10 [ 74.676676][ T7220] rtnetlink_rcv_msg+0x95b/0xe90 [ 74.676696][ T7220] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 74.676726][ T7220] netlink_rcv_skb+0x16a/0x440 [ 74.676746][ T7220] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 74.676765][ T7220] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 74.676799][ T7220] ? netlink_deliver_tap+0x1ae/0xd30 [ 74.676822][ T7220] netlink_unicast+0x53a/0x7f0 [ 74.676845][ T7220] ? __pfx_netlink_unicast+0x10/0x10 [ 74.676872][ T7220] netlink_sendmsg+0x8d1/0xdd0 [ 74.676896][ T7220] ? __pfx_netlink_sendmsg+0x10/0x10 [ 74.676925][ T7220] ____sys_sendmsg+0xa95/0xc70 [ 74.676949][ T7220] ? copy_msghdr_from_user+0x10a/0x160 [ 74.676965][ T7220] ? __pfx_____sys_sendmsg+0x10/0x10 [ 74.676999][ T7220] ___sys_sendmsg+0x134/0x1d0 [ 74.677016][ T7220] ? __pfx____sys_sendmsg+0x10/0x10 [ 74.677066][ T7220] __sys_sendmsg+0x16d/0x220 [ 74.677084][ T7220] ? __pfx___sys_sendmsg+0x10/0x10 [ 74.677107][ T7220] ? rcu_is_watching+0x12/0xc0 [ 74.677135][ T7220] do_syscall_64+0xcd/0x260 [ 74.677158][ T7220] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 74.677175][ T7220] RIP: 0033:0x7f0b0b18e969 [ 74.677188][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 74.677205][ T7220] RSP: 002b:00007f0b0bfcb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 74.677222][ T7220] RAX: ffffffffffffffda RBX: 00007f0b0b3b5fa0 RCX: 00007f0b0b18e969 [ 74.677233][ T7220] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 74.677243][ T7220] RBP: 00007f0b0bfcb090 R08: 0000000000000000 R09: 0000000000000000 [ 74.677253][ T7220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 74.677263][ T7220] R13: 0000000000000000 R14: 00007f0b0b3b5fa0 R15: 00007fffb87971e8 [ 74.677286][ T7220] [ 74.678918][ T7220] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 74.887369][ T7210] bridge0: port 1(bridge_slave_0) entered blocking state [ 74.889608][ T7210] bridge0: port 1(bridge_slave_0) entered disabled state [ 74.891189][ T40] audit: type=1400 audit(1745984676.373:419): avc: denied { getopt } for pid=7224 comm="syz.3.431" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 74.891809][ T7210] bridge_slave_0: entered allmulticast mode [ 74.903515][ T7210] bridge_slave_0: entered promiscuous mode [ 74.907815][ T7210] bridge0: port 2(bridge_slave_1) entered blocking state [ 74.910125][ T7210] bridge0: port 2(bridge_slave_1) entered disabled state [ 74.912420][ T7210] bridge_slave_1: entered allmulticast mode [ 74.915120][ T7210] bridge_slave_1: entered promiscuous mode [ 74.961531][ T7210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 74.967967][ T7210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 75.029855][ T7210] team0: Port device team_slave_0 added [ 75.033269][ T40] audit: type=1400 audit(1745984676.513:420): avc: denied { create } for pid=7230 comm="syz.0.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 75.033438][ T7210] team0: Port device team_slave_1 added [ 75.040862][ T40] audit: type=1400 audit(1745984676.513:421): avc: denied { setopt } for pid=7230 comm="syz.0.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 75.072031][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 75.074349][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.082753][ T7210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 75.088225][ T7210] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 75.090447][ T7210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 75.099788][ T7210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 75.124318][ T1020] usb 8-1: new low-speed USB device number 4 using dummy_hcd [ 75.153113][ T7210] hsr_slave_0: entered promiscuous mode [ 75.156450][ T7210] hsr_slave_1: entered promiscuous mode [ 75.158647][ T7210] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 75.161251][ T7210] Cannot create hsr debugfs directory [ 75.264249][ T1020] usb 8-1: device descriptor read/64, error -71 [ 75.291814][ T7210] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.361067][ T7210] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.486686][ T7210] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.514981][ T1020] usb 8-1: new low-speed USB device number 5 using dummy_hcd [ 75.593346][ T7246] netlink: 12 bytes leftover after parsing attributes in process `syz.0.439'. [ 75.606764][ T7246] bridge1: port 1(ip6gretap1) entered blocking state [ 75.608849][ T7246] bridge1: port 1(ip6gretap1) entered disabled state [ 75.611104][ T7246] ip6gretap1: entered allmulticast mode [ 75.613502][ T7246] ip6gretap1: entered promiscuous mode [ 75.633292][ T7246] veth3: entered promiscuous mode [ 75.635622][ T7246] bridge1: port 2(veth3) entered blocking state [ 75.637581][ T7246] bridge1: port 2(veth3) entered disabled state [ 75.639554][ T7246] veth3: entered allmulticast mode [ 75.645302][ T1020] usb 8-1: device descriptor read/64, error -71 [ 75.656082][ T7210] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.735787][ T29] usb 6-1: USB disconnect, device number 3 [ 75.747418][ T29] ldusb 6-1:0.55: LD USB Device #0 now disconnected [ 75.755351][ T1020] usb usb8-port1: attempt power cycle [ 75.781679][ T7210] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 75.787228][ T7210] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 75.791703][ T7210] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 75.795584][ T7210] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 75.833647][ T7210] 8021q: adding VLAN 0 to HW filter on device bond0 [ 75.845516][ T7210] 8021q: adding VLAN 0 to HW filter on device team0 [ 75.856696][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 75.858886][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 75.862573][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 75.864821][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 75.965480][ T7210] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 75.990102][ T7210] veth0_vlan: entered promiscuous mode [ 75.996617][ T7210] veth1_vlan: entered promiscuous mode [ 76.010960][ T7210] veth0_macvtap: entered promiscuous mode [ 76.014942][ T7210] veth1_macvtap: entered promiscuous mode [ 76.023349][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 76.030797][ T7210] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 76.037065][ T7210] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.039873][ T7210] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.042587][ T7210] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.046127][ T7210] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.091783][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.094408][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.104493][ T1020] usb 8-1: new low-speed USB device number 6 using dummy_hcd [ 76.117721][ T7262] overlayfs: statfs failed on './file0' [ 76.119641][ T1145] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 76.122863][ T1145] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 76.124693][ T1020] usb 8-1: device descriptor read/8, error -71 [ 76.374824][ T1020] usb 8-1: new low-speed USB device number 7 using dummy_hcd [ 76.396758][ T1020] usb 8-1: device descriptor read/8, error -71 [ 76.518243][ T1020] usb usb8-port1: unable to enumerate USB device [ 76.698533][ T1145] bond0 (unregistering): Released all slaves [ 76.708479][ T7277] FAULT_INJECTION: forcing a failure. [ 76.708479][ T7277] name failslab, interval 1, probability 0, space 0, times 0 [ 76.712387][ T7277] CPU: 0 UID: 0 PID: 7277 Comm: syz.0.449 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 76.712402][ T7277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.712408][ T7277] Call Trace: [ 76.712412][ T7277] [ 76.712416][ T7277] dump_stack_lvl+0x16c/0x1f0 [ 76.712435][ T7277] should_fail_ex+0x512/0x640 [ 76.712449][ T7277] ? __kmalloc_cache_node_noprof+0x5a/0x420 [ 76.712468][ T7277] should_failslab+0xc2/0x120 [ 76.712479][ T7277] __kmalloc_cache_node_noprof+0x6d/0x420 [ 76.712496][ T7277] ? stack_depot_save_flags+0x28/0xa50 [ 76.712509][ T7277] ? __get_vm_area_node+0x101/0x300 [ 76.712525][ T7277] __get_vm_area_node+0x101/0x300 [ 76.712538][ T7277] ? kasan_save_stack+0x33/0x60 [ 76.712557][ T7277] __vmalloc_node_range_noprof+0x277/0x1540 [ 76.712572][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.712582][ T7277] ? ____sys_sendmsg+0xa95/0xc70 [ 76.712595][ T7277] ? ___sys_sendmsg+0x134/0x1d0 [ 76.712603][ T7277] ? __sys_sendmmsg+0x200/0x420 [ 76.712612][ T7277] ? do_syscall_64+0xcd/0x260 [ 76.712626][ T7277] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.712640][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.712653][ T7277] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 76.712672][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.712682][ T7277] __vmalloc_noprof+0x6d/0x90 [ 76.712697][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.712707][ T7277] bpf_prog_alloc_no_stats+0x54/0x630 [ 76.712719][ T7277] bpf_prog_alloc+0x3b/0x230 [ 76.712730][ T7277] bpf_prog_create+0xa5/0x240 [ 76.712742][ T7277] cls_bpf_change+0x804/0x1f50 [ 76.712759][ T7277] ? __pfx_cls_bpf_change+0x10/0x10 [ 76.712771][ T7277] ? tc_new_tfilter+0x1e00/0x2340 [ 76.712794][ T7277] ? __pfx_cls_bpf_change+0x10/0x10 [ 76.712807][ T7277] tc_new_tfilter+0xa32/0x2340 [ 76.712827][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.712844][ T7277] ? __lock_acquire+0x5ca/0x1ba0 [ 76.712868][ T7277] ? find_held_lock+0x2b/0x80 [ 76.712880][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.712891][ T7277] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 76.712903][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.712915][ T7277] rtnetlink_rcv_msg+0x95b/0xe90 [ 76.712927][ T7277] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 76.712944][ T7277] netlink_rcv_skb+0x16a/0x440 [ 76.712956][ T7277] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 76.712968][ T7277] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 76.712987][ T7277] ? netlink_deliver_tap+0x1ae/0xd30 [ 76.713001][ T7277] netlink_unicast+0x53a/0x7f0 [ 76.713014][ T7277] ? __pfx_netlink_unicast+0x10/0x10 [ 76.713030][ T7277] netlink_sendmsg+0x8d1/0xdd0 [ 76.713043][ T7277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.713060][ T7277] ____sys_sendmsg+0xa95/0xc70 [ 76.713074][ T7277] ? copy_msghdr_from_user+0x10a/0x160 [ 76.713084][ T7277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.713099][ T7277] ? kfree+0x252/0x4d0 [ 76.713112][ T7277] ? __pfx__kstrtoull+0x10/0x10 [ 76.713125][ T7277] ___sys_sendmsg+0x134/0x1d0 [ 76.713136][ T7277] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.713158][ T7277] ? __pfx___might_resched+0x10/0x10 [ 76.713175][ T7277] __sys_sendmmsg+0x200/0x420 [ 76.713187][ T7277] ? __pfx___sys_sendmmsg+0x10/0x10 [ 76.713201][ T7277] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 76.713222][ T7277] ? fput+0x70/0xf0 [ 76.713233][ T7277] ? ksys_write+0x1b9/0x240 [ 76.713248][ T7277] ? __pfx_ksys_write+0x10/0x10 [ 76.713266][ T7277] __x64_sys_sendmmsg+0x9c/0x100 [ 76.713276][ T7277] ? lockdep_hardirqs_on+0x7c/0x110 [ 76.713289][ T7277] do_syscall_64+0xcd/0x260 [ 76.713304][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.713314][ T7277] RIP: 0033:0x7f9ed658e969 [ 76.713327][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.713338][ T7277] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.713348][ T7277] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 76.713354][ T7277] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 76.713360][ T7277] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 76.713367][ T7277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 76.713373][ T7277] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 76.713386][ T7277] [ 76.713391][ T7277] warn_alloc: 1 callbacks suppressed [ 76.713396][ T7277] syz.0.449: vmalloc error: size 4096, vm_struct allocation failed, mode:0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 76.853947][ T7277] CPU: 1 UID: 0 PID: 7277 Comm: syz.0.449 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 76.853961][ T7277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.853968][ T7277] Call Trace: [ 76.853972][ T7277] [ 76.853977][ T7277] dump_stack_lvl+0x16c/0x1f0 [ 76.853995][ T7277] warn_alloc+0x248/0x3a0 [ 76.854014][ T7277] ? __pfx_warn_alloc+0x10/0x10 [ 76.854030][ T7277] ? rcu_is_watching+0x12/0xc0 [ 76.854043][ T7277] ? trace_kmalloc+0x2b/0xd0 [ 76.854055][ T7277] ? __kmalloc_cache_node_noprof+0x272/0x420 [ 76.854076][ T7277] ? __kasan_kmalloc+0x8a/0xb0 [ 76.854093][ T7277] ? __get_vm_area_node+0x1e5/0x300 [ 76.854110][ T7277] __vmalloc_node_range_noprof+0xd31/0x1540 [ 76.854135][ T7277] ? ____sys_sendmsg+0xa95/0xc70 [ 76.854152][ T7277] ? ___sys_sendmsg+0x134/0x1d0 [ 76.854160][ T7277] ? __sys_sendmmsg+0x200/0x420 [ 76.854169][ T7277] ? do_syscall_64+0xcd/0x260 [ 76.854182][ T7277] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.854196][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.854211][ T7277] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 76.854230][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.854240][ T7277] __vmalloc_noprof+0x6d/0x90 [ 76.854255][ T7277] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 76.854265][ T7277] bpf_prog_alloc_no_stats+0x54/0x630 [ 76.854277][ T7277] bpf_prog_alloc+0x3b/0x230 [ 76.854288][ T7277] bpf_prog_create+0xa5/0x240 [ 76.854300][ T7277] cls_bpf_change+0x804/0x1f50 [ 76.854318][ T7277] ? __pfx_cls_bpf_change+0x10/0x10 [ 76.854330][ T7277] ? tc_new_tfilter+0x1e00/0x2340 [ 76.854353][ T7277] ? __pfx_cls_bpf_change+0x10/0x10 [ 76.854366][ T7277] tc_new_tfilter+0xa32/0x2340 [ 76.854387][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.854404][ T7277] ? __lock_acquire+0x5ca/0x1ba0 [ 76.854427][ T7277] ? find_held_lock+0x2b/0x80 [ 76.854439][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.854451][ T7277] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 76.854462][ T7277] ? __pfx_tc_new_tfilter+0x10/0x10 [ 76.854475][ T7277] rtnetlink_rcv_msg+0x95b/0xe90 [ 76.854487][ T7277] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 76.854504][ T7277] netlink_rcv_skb+0x16a/0x440 [ 76.854517][ T7277] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 76.854528][ T7277] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 76.854548][ T7277] ? netlink_deliver_tap+0x1ae/0xd30 [ 76.854561][ T7277] netlink_unicast+0x53a/0x7f0 [ 76.854574][ T7277] ? __pfx_netlink_unicast+0x10/0x10 [ 76.854590][ T7277] netlink_sendmsg+0x8d1/0xdd0 [ 76.854604][ T7277] ? __pfx_netlink_sendmsg+0x10/0x10 [ 76.854621][ T7277] ____sys_sendmsg+0xa95/0xc70 [ 76.854635][ T7277] ? copy_msghdr_from_user+0x10a/0x160 [ 76.854644][ T7277] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.854660][ T7277] ? kfree+0x252/0x4d0 [ 76.854672][ T7277] ? __pfx__kstrtoull+0x10/0x10 [ 76.854686][ T7277] ___sys_sendmsg+0x134/0x1d0 [ 76.854697][ T7277] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.854720][ T7277] ? __pfx___might_resched+0x10/0x10 [ 76.854737][ T7277] __sys_sendmmsg+0x200/0x420 [ 76.854749][ T7277] ? __pfx___sys_sendmmsg+0x10/0x10 [ 76.854764][ T7277] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 76.854784][ T7277] ? fput+0x70/0xf0 [ 76.854796][ T7277] ? ksys_write+0x1b9/0x240 [ 76.854811][ T7277] ? __pfx_ksys_write+0x10/0x10 [ 76.854829][ T7277] __x64_sys_sendmmsg+0x9c/0x100 [ 76.854839][ T7277] ? lockdep_hardirqs_on+0x7c/0x110 [ 76.854851][ T7277] do_syscall_64+0xcd/0x260 [ 76.854866][ T7277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 76.854876][ T7277] RIP: 0033:0x7f9ed658e969 [ 76.854886][ T7277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 76.854896][ T7277] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 76.854906][ T7277] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 76.854912][ T7277] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 76.854919][ T7277] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 76.854938][ T7277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 76.854944][ T7277] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 76.854958][ T7277] [ 76.982712][ T7277] Mem-Info: [ 76.983720][ T7277] active_anon:5848 inactive_anon:0 isolated_anon:0 [ 76.983720][ T7277] active_file:148 inactive_file:56887 isolated_file:0 [ 76.983720][ T7277] unevictable:1768 dirty:25 writeback:0 [ 76.983720][ T7277] slab_reclaimable:7946 slab_unreclaimable:73140 [ 76.983720][ T7277] mapped:24097 shmem:2453 pagetables:812 [ 76.983720][ T7277] sec_pagetables:303 bounce:0 [ 76.983720][ T7277] kernel_misc_reclaimable:0 [ 76.983720][ T7277] free:464179 free_pcp:7022 free_cma:0 [ 76.997043][ T7277] Node 0 active_anon:23392kB inactive_anon:0kB active_file:592kB inactive_file:227472kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:96388kB dirty:100kB writeback:0kB shmem:6276kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12048kB pagetables:3248kB sec_pagetables:1212kB all_unreclaimable? no Balloon:0kB [ 77.007316][ T7277] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:3536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:144kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 77.016877][ T7277] Node 0 DMA free:15360kB boost:0kB min:340kB low:424kB high:508kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 77.025085][ T7277] lowmem_reserve[]: 0 1238 1238 1238 1238 [ 77.026893][ T7277] Node 0 DMA32 free:265696kB boost:0kB min:27576kB low:34468kB high:41360kB reserved_highatomic:0KB active_anon:23392kB inactive_anon:0kB active_file:592kB inactive_file:227472kB unevictable:3536kB writepending:100kB present:2080628kB managed:1268580kB mlocked:0kB bounce:0kB free_pcp:12332kB local_pcp:8860kB free_cma:0kB [ 77.036125][ T7277] lowmem_reserve[]: 0 0 0 0 0 [ 77.037709][ T7277] Node 1 Normal free:1575660kB boost:0kB min:39660kB low:49572kB high:59484kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:76kB unevictable:3536kB writepending:0kB present:2097152kB managed:1781964kB mlocked:0kB bounce:0kB free_pcp:15452kB local_pcp:11384kB free_cma:0kB [ 77.047227][ T7277] lowmem_reserve[]: 0 0 0 0 0 [ 77.048747][ T7277] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 77.052645][ T7277] Node 0 DMA32: 614*4kB (UME) 331*8kB (UME) 120*16kB (UME) 275*32kB (UME) 235*64kB (UME) 82*128kB (UME) 39*256kB (UME) 10*512kB (UME) 2*1024kB (ME) 3*2048kB (UM) 49*4096kB (UM) = 265360kB [ 77.058436][ T7277] Node 1 Normal: 33*4kB (UME) 13*8kB (UME) 6*16kB (E) 11*32kB (UME) 11*64kB (ME) 5*128kB (ME) 1*256kB (U) 3*512kB (UM) 1*1024kB (U) 3*2048kB (UME) 382*4096kB (M) = 1575660kB [ 77.063783][ T7277] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 77.066769][ T7277] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 77.069958][ T7277] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 77.072876][ T7277] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 77.075842][ T7277] 59488 total pagecache pages [ 77.077395][ T7277] 0 pages in swap cache [ 77.078720][ T7277] Free swap = 124996kB [ 77.080096][ T7277] Total swap = 124996kB [ 77.081378][ T7277] 1048443 pages RAM [ 77.082578][ T7277] 0 pages HighMem/MovableOnly [ 77.084071][ T7277] 281967 pages reserved [ 77.086225][ T7277] 0 pages cma reserved [ 77.095470][ T1145] : left promiscuous mode [ 77.112630][ T7289] netlink: 'syz.0.452': attribute type 9 has an invalid length. [ 77.301650][ T7301] ptm ptm1: ldisc open failed (-12), clearing slot 1 [ 77.417926][ T7310] netlink: 'syz.0.459': attribute type 10 has an invalid length. [ 77.421859][ T7310] FAULT_INJECTION: forcing a failure. [ 77.421859][ T7310] name failslab, interval 1, probability 0, space 0, times 0 [ 77.425936][ T7310] CPU: 0 UID: 0 PID: 7310 Comm: syz.0.459 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 77.425952][ T7310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 77.425959][ T7310] Call Trace: [ 77.425963][ T7310] [ 77.425967][ T7310] dump_stack_lvl+0x16c/0x1f0 [ 77.425984][ T7310] should_fail_ex+0x512/0x640 [ 77.425998][ T7310] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 77.426016][ T7310] should_failslab+0xc2/0x120 [ 77.426027][ T7310] __kmalloc_cache_noprof+0x6a/0x3e0 [ 77.426043][ T7310] ? ____ip_mc_inc_group+0x403/0x10f0 [ 77.426055][ T7310] ____ip_mc_inc_group+0x403/0x10f0 [ 77.426065][ T7310] ? ib_device_get_by_netdev+0x1b8/0x520 [ 77.426081][ T7310] ? __pfx_____ip_mc_inc_group+0x10/0x10 [ 77.426099][ T7310] ? ib_device_get_by_netdev+0x1c2/0x520 [ 77.426116][ T7310] ip_mc_up+0x154/0x3b0 [ 77.426126][ T7310] inetdev_event+0xafb/0x18a0 [ 77.426139][ T7310] ? ib_netdevice_event+0xfc/0x330 [ 77.426153][ T7310] ? __pfx_inetdev_event+0x10/0x10 [ 77.426164][ T7310] ? wext_netdev_notifier_call+0xe/0x20 [ 77.426178][ T7310] ? cfg802154_netdev_notifier_call+0x391/0xa00 [ 77.426193][ T7310] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 77.426213][ T7310] notifier_call_chain+0xb9/0x410 [ 77.426227][ T7310] ? __pfx_inetdev_event+0x10/0x10 [ 77.426241][ T7310] call_netdevice_notifiers_info+0xbe/0x140 [ 77.426258][ T7310] netif_open+0x142/0x160 [ 77.426274][ T7310] ? __pfx_netif_open+0x10/0x10 [ 77.426302][ T7310] dev_open+0xb2/0x260 [ 77.426319][ T7310] bond_enslave+0x9f3/0x6050 [ 77.426360][ T7310] ? __pfx_bond_enslave+0x10/0x10 [ 77.426380][ T7310] ? lock_acquire+0x179/0x350 [ 77.426403][ T7310] ? do_raw_spin_lock+0x12c/0x2b0 [ 77.426432][ T7310] ? __pfx___dev_change_flags+0x10/0x10 [ 77.426457][ T7310] ? validate_linkmsg+0x57c/0xb60 [ 77.426478][ T7310] ? __pfx_bond_enslave+0x10/0x10 [ 77.426497][ T7310] do_set_master+0x40c/0x730 [ 77.426521][ T7310] ? netif_change_flags+0x70/0x160 [ 77.426539][ T7310] do_setlink.constprop.0+0xe66/0x44b0 [ 77.426561][ T7310] ? __lock_acquire+0xaa4/0x1ba0 [ 77.426585][ T7310] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 77.426603][ T7310] ? find_held_lock+0x2b/0x80 [ 77.426626][ T7310] ? __mutex_trylock_common+0xe9/0x250 [ 77.426653][ T7310] ? __pfx___mutex_trylock_common+0x10/0x10 [ 77.426679][ T7310] ? __pfx___might_resched+0x10/0x10 [ 77.426702][ T7310] ? rcu_is_watching+0x12/0xc0 [ 77.426720][ T7310] ? trace_contention_end+0xdd/0x130 [ 77.426745][ T7310] ? __mutex_lock+0x1ca/0xb90 [ 77.426768][ T7310] ? rtnl_newlink+0x600/0x2000 [ 77.426786][ T7310] ? __pfx___mutex_lock+0x10/0x10 [ 77.426805][ T7310] ? cap_capable+0xb3/0x250 [ 77.426832][ T7310] ? netlink_ns_capable+0xfa/0x130 [ 77.426852][ T7310] rtnl_newlink+0x1446/0x2000 [ 77.426877][ T7310] ? __pfx_rtnl_newlink+0x10/0x10 [ 77.426891][ T7310] ? find_held_lock+0x2b/0x80 [ 77.426911][ T7310] ? avc_has_perm_noaudit+0x117/0x3b0 [ 77.426949][ T7310] ? avc_has_perm_noaudit+0x149/0x3b0 [ 77.426982][ T7310] ? __lock_acquire+0x5ca/0x1ba0 [ 77.427020][ T7310] ? find_held_lock+0x2b/0x80 [ 77.427037][ T7310] ? __pfx_rtnl_newlink+0x10/0x10 [ 77.427052][ T7310] ? __pfx_rtnl_newlink+0x10/0x10 [ 77.427066][ T7310] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 77.427084][ T7310] ? __pfx_rtnl_newlink+0x10/0x10 [ 77.427099][ T7310] rtnetlink_rcv_msg+0x95b/0xe90 [ 77.427114][ T7310] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 77.427132][ T7310] netlink_rcv_skb+0x16a/0x440 [ 77.427144][ T7310] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 77.427156][ T7310] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 77.427175][ T7310] ? netlink_deliver_tap+0x1ae/0xd30 [ 77.427189][ T7310] netlink_unicast+0x53a/0x7f0 [ 77.427202][ T7310] ? __pfx_netlink_unicast+0x10/0x10 [ 77.427218][ T7310] netlink_sendmsg+0x8d1/0xdd0 [ 77.427231][ T7310] ? __pfx_netlink_sendmsg+0x10/0x10 [ 77.427248][ T7310] ____sys_sendmsg+0xa95/0xc70 [ 77.427263][ T7310] ? copy_msghdr_from_user+0x10a/0x160 [ 77.427272][ T7310] ? __pfx_____sys_sendmsg+0x10/0x10 [ 77.427292][ T7310] ___sys_sendmsg+0x134/0x1d0 [ 77.427303][ T7310] ? __pfx____sys_sendmsg+0x10/0x10 [ 77.427330][ T7310] __sys_sendmsg+0x16d/0x220 [ 77.427345][ T7310] ? __pfx___sys_sendmsg+0x10/0x10 [ 77.427359][ T7310] ? rcu_is_watching+0x12/0xc0 [ 77.427375][ T7310] do_syscall_64+0xcd/0x260 [ 77.427390][ T7310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 77.427401][ T7310] RIP: 0033:0x7f9ed658e969 [ 77.427410][ T7310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 77.427421][ T7310] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 77.427431][ T7310] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 77.427438][ T7310] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 77.427457][ T7310] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 77.427464][ T7310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 77.427470][ T7310] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 77.427484][ T7310] [ 77.428349][ T7310] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 77.597891][ T1145] hsr_slave_0: left promiscuous mode [ 77.605204][ T1145] hsr_slave_1: left promiscuous mode [ 77.632986][ T1145] veth1_macvtap: left promiscuous mode [ 77.636206][ T1145] veth0_macvtap: left promiscuous mode [ 77.638151][ T1145] veth1_vlan: left promiscuous mode [ 78.055261][ T7323] overlayfs: missing 'lowerdir' [ 78.509156][ T7325] bond0: (slave wlan1): Releasing backup interface [ 78.554772][ T40] kauditd_printk_skb: 17 callbacks suppressed [ 78.554782][ T40] audit: type=1400 audit(1745984680.043:439): avc: denied { name_bind } for pid=7333 comm="syz.3.468" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1 [ 78.619182][ T7335] netem: incorrect gi model size [ 78.620809][ T7335] netem: change failed [ 78.630356][ T40] audit: type=1400 audit(1745984680.113:440): avc: denied { link } for pid=7333 comm="syz.3.468" name="file1" dev="9p" ino=35913838 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 78.742885][ T7344] overlayfs: statfs failed on './file0' [ 78.749795][ T7347] netlink: 'syz.0.472': attribute type 9 has an invalid length. [ 78.752565][ T7347] __nla_validate_parse: 4 callbacks suppressed [ 78.752573][ T7347] netlink: 212012 bytes leftover after parsing attributes in process `syz.0.472'. [ 78.782038][ T7349] FAULT_INJECTION: forcing a failure. [ 78.782038][ T7349] name failslab, interval 1, probability 0, space 0, times 0 [ 78.788512][ T7349] CPU: 1 UID: 0 PID: 7349 Comm: syz.0.473 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 78.788533][ T7349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 78.788542][ T7349] Call Trace: [ 78.788547][ T7349] [ 78.788552][ T7349] dump_stack_lvl+0x16c/0x1f0 [ 78.788574][ T7349] should_fail_ex+0x512/0x640 [ 78.788591][ T7349] ? __kmalloc_node_noprof+0xc5/0x500 [ 78.788607][ T7349] should_failslab+0xc2/0x120 [ 78.788622][ T7349] __kmalloc_node_noprof+0xd8/0x500 [ 78.788633][ T7349] ? __get_vm_area_node+0x1e5/0x300 [ 78.788650][ T7349] ? __vmalloc_node_range_noprof+0x3eb/0x1540 [ 78.788672][ T7349] __vmalloc_node_range_noprof+0x3eb/0x1540 [ 78.788689][ T7349] ? ____sys_sendmsg+0xa95/0xc70 [ 78.788704][ T7349] ? ___sys_sendmsg+0x134/0x1d0 [ 78.788717][ T7349] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.788735][ T7349] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 78.788753][ T7349] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 78.788778][ T7349] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 78.788790][ T7349] __vmalloc_noprof+0x6d/0x90 [ 78.788807][ T7349] ? bpf_prog_alloc_no_stats+0x54/0x630 [ 78.788820][ T7349] bpf_prog_alloc_no_stats+0x54/0x630 [ 78.788835][ T7349] bpf_prog_alloc+0x3b/0x230 [ 78.788849][ T7349] bpf_prog_create+0xa5/0x240 [ 78.788865][ T7349] cls_bpf_change+0x804/0x1f50 [ 78.788888][ T7349] ? __pfx_cls_bpf_change+0x10/0x10 [ 78.788902][ T7349] ? tc_new_tfilter+0x1e00/0x2340 [ 78.788933][ T7349] ? __pfx_cls_bpf_change+0x10/0x10 [ 78.788948][ T7349] tc_new_tfilter+0xa32/0x2340 [ 78.788976][ T7349] ? __pfx_tc_new_tfilter+0x10/0x10 [ 78.788998][ T7349] ? __lock_acquire+0x5ca/0x1ba0 [ 78.789032][ T7349] ? find_held_lock+0x2b/0x80 [ 78.789050][ T7349] ? __pfx_tc_new_tfilter+0x10/0x10 [ 78.789066][ T7349] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 78.789082][ T7349] ? __pfx_tc_new_tfilter+0x10/0x10 [ 78.789101][ T7349] rtnetlink_rcv_msg+0x95b/0xe90 [ 78.789119][ T7349] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 78.789148][ T7349] netlink_rcv_skb+0x16a/0x440 [ 78.789166][ T7349] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 78.789185][ T7349] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 78.789217][ T7349] ? netlink_deliver_tap+0x1ae/0xd30 [ 78.789242][ T7349] netlink_unicast+0x53a/0x7f0 [ 78.789263][ T7349] ? __pfx_netlink_unicast+0x10/0x10 [ 78.789284][ T7349] netlink_sendmsg+0x8d1/0xdd0 [ 78.789301][ T7349] ? __pfx_netlink_sendmsg+0x10/0x10 [ 78.789324][ T7349] ____sys_sendmsg+0xa95/0xc70 [ 78.789340][ T7349] ? copy_msghdr_from_user+0x10a/0x160 [ 78.789352][ T7349] ? __pfx_____sys_sendmsg+0x10/0x10 [ 78.789371][ T7349] ? kfree+0x252/0x4d0 [ 78.789388][ T7349] ? __pfx__kstrtoull+0x10/0x10 [ 78.789405][ T7349] ___sys_sendmsg+0x134/0x1d0 [ 78.789424][ T7349] ? __pfx____sys_sendmsg+0x10/0x10 [ 78.789456][ T7349] ? __pfx___might_resched+0x10/0x10 [ 78.789478][ T7349] __sys_sendmmsg+0x200/0x420 [ 78.789494][ T7349] ? __pfx___sys_sendmmsg+0x10/0x10 [ 78.789513][ T7349] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 78.789540][ T7349] ? fput+0x70/0xf0 [ 78.789554][ T7349] ? ksys_write+0x1b9/0x240 [ 78.789572][ T7349] ? __pfx_ksys_write+0x10/0x10 [ 78.789594][ T7349] __x64_sys_sendmmsg+0x9c/0x100 [ 78.789606][ T7349] ? lockdep_hardirqs_on+0x7c/0x110 [ 78.789622][ T7349] do_syscall_64+0xcd/0x260 [ 78.789640][ T7349] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 78.789653][ T7349] RIP: 0033:0x7f9ed658e969 [ 78.789664][ T7349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 78.789677][ T7349] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 78.789690][ T7349] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 78.789699][ T7349] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 78.789707][ T7349] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 78.789715][ T7349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 78.789723][ T7349] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 78.789741][ T7349] [ 78.831172][ T67] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 78.880487][ T7353] overlayfs: missing 'lowerdir' [ 78.884395][ T67] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 78.942055][ T67] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 78.950503][ T67] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 78.957120][ T67] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 79.034883][ T40] audit: type=1326 audit(1745984680.523:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.1.474" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6ad378e969 code=0x0 [ 79.092275][ T40] audit: type=1326 audit(1745984680.573:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7355 comm="syz.1.474" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6ad378e969 code=0x0 [ 79.109042][ T1145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 79.115614][ T7350] chnl_net:caif_netlink_parms(): no params data found [ 79.219749][ T7350] bridge0: port 1(bridge_slave_0) entered blocking state [ 79.222824][ T7350] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.226816][ T7350] bridge_slave_0: entered allmulticast mode [ 79.230966][ T7350] bridge_slave_0: entered promiscuous mode [ 79.237591][ T7350] bridge0: port 2(bridge_slave_1) entered blocking state [ 79.240679][ T7350] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.243622][ T7350] bridge_slave_1: entered allmulticast mode [ 79.247472][ T7350] bridge_slave_1: entered promiscuous mode [ 79.299793][ T7350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 79.304844][ T7350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 79.331889][ T40] audit: type=1400 audit(1745984680.813:443): avc: denied { connect } for pid=7368 comm="syz.0.478" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 79.361974][ T7350] team0: Port device team_slave_0 added [ 79.367170][ T7350] team0: Port device team_slave_1 added [ 79.415067][ T7350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 79.415687][ T40] audit: type=1400 audit(1745984680.903:444): avc: denied { getopt } for pid=7373 comm="syz.0.480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 79.417307][ T7350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.417332][ T7350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 79.418196][ T7350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 79.444319][ T7350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 79.456248][ T7350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 79.526803][ T7350] hsr_slave_0: entered promiscuous mode [ 79.529018][ T7350] hsr_slave_1: entered promiscuous mode [ 79.556420][ T7379] netlink: 'syz.3.482': attribute type 9 has an invalid length. [ 79.559863][ T7379] netlink: 212012 bytes leftover after parsing attributes in process `syz.3.482'. [ 79.623209][ T7383] overlayfs: missing 'lowerdir' [ 79.667416][ T40] audit: type=1400 audit(1745984681.153:445): avc: denied { setopt } for pid=7384 comm="syz.3.486" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 79.672976][ T7385] hub 9-0:1.0: USB hub found [ 79.676038][ T7385] hub 9-0:1.0: 1 port detected [ 79.709621][ T40] audit: type=1400 audit(1745984681.193:446): avc: denied { read } for pid=7386 comm="syz.3.487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 79.761182][ T7389] netlink: 'syz.0.485': attribute type 9 has an invalid length. [ 79.763719][ T7389] netlink: 212012 bytes leftover after parsing attributes in process `syz.0.485'. [ 79.874984][ T40] audit: type=1400 audit(1745984681.363:447): avc: denied { ioctl } for pid=7397 comm="syz.0.491" path="/dev/hpet" dev="devtmpfs" ino=630 ioctlcmd=0x6804 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1 [ 79.916819][ T7400] FAULT_INJECTION: forcing a failure. [ 79.916819][ T7400] name failslab, interval 1, probability 0, space 0, times 0 [ 79.920729][ T7400] CPU: 2 UID: 0 PID: 7400 Comm: syz.0.492 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 79.920743][ T7400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 79.920750][ T7400] Call Trace: [ 79.920754][ T7400] [ 79.920758][ T7400] dump_stack_lvl+0x16c/0x1f0 [ 79.920775][ T7400] should_fail_ex+0x512/0x640 [ 79.920789][ T7400] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 79.920803][ T7400] should_failslab+0xc2/0x120 [ 79.920815][ T7400] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 79.920826][ T7400] ? vfs_parse_fs_string+0xc3/0x150 [ 79.920839][ T7400] kmemdup_nul+0x49/0xf0 [ 79.920851][ T7400] vfs_parse_fs_string+0xc3/0x150 [ 79.920861][ T7400] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 79.920875][ T7400] ? ovl_next_opt+0x143/0x1c0 [ 79.920891][ T7400] ? __pfx_ovl_next_opt+0x10/0x10 [ 79.920906][ T7400] vfs_parse_monolithic_sep+0x16f/0x1f0 [ 79.920917][ T7400] ? __pfx_vfs_parse_monolithic_sep+0x10/0x10 [ 79.920928][ T7400] ? alloc_fs_context+0x59b/0x9c0 [ 79.920941][ T7400] path_mount+0x148d/0x1f20 [ 79.920953][ T7400] ? kmem_cache_free+0x2d4/0x4d0 [ 79.920968][ T7400] ? __pfx_path_mount+0x10/0x10 [ 79.920981][ T7400] ? putname+0x154/0x1a0 [ 79.920994][ T7400] __x64_sys_mount+0x28d/0x310 [ 79.921005][ T7400] ? __pfx___x64_sys_mount+0x10/0x10 [ 79.921015][ T7400] ? rcu_is_watching+0x12/0xc0 [ 79.921031][ T7400] do_syscall_64+0xcd/0x260 [ 79.921047][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 79.921058][ T7400] RIP: 0033:0x7f9ed658e969 [ 79.921066][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 79.921077][ T7400] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 79.921087][ T7400] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 79.921093][ T7400] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 79.921100][ T7400] RBP: 00007f9ed7322090 R08: 0000200000000080 R09: 0000000000000000 [ 79.921106][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 79.921112][ T7400] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 79.921125][ T7400] [ 80.004347][ C2] vkms_vblank_simulate: vblank timer overrun [ 80.153272][ T7405] overlayfs: missing 'lowerdir' [ 80.311464][ T5288] Bluetooth: hci1: unknown advertising packet type: 0xff [ 80.311490][ T5288] Bluetooth: hci1: Malformed LE Event: 0x02 [ 80.318436][ T7408] bond0: (slave wlan1): Releasing backup interface [ 80.330889][ T7408] ip6gretap1: left allmulticast mode [ 80.333143][ T7408] ip6gretap1: left promiscuous mode [ 80.336165][ T7408] bridge1: port 1(ip6gretap1) entered disabled state [ 80.343584][ T7408] veth3: left allmulticast mode [ 80.346362][ T7408] bridge1: port 2(veth3) entered disabled state [ 80.401060][ T40] audit: type=1400 audit(1745984681.883:448): avc: denied { ioctl } for pid=7412 comm="syz.0.497" path="socket:[18138]" dev="sockfs" ino=18138 ioctlcmd=0x9435 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1 [ 80.474120][ T7422] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks [ 80.568070][ T7425] netlink: 211944 bytes leftover after parsing attributes in process `syz.0.501'. [ 80.570792][ T7429] FAULT_INJECTION: forcing a failure. [ 80.570792][ T7429] name failslab, interval 1, probability 0, space 0, times 0 [ 80.576420][ T7429] CPU: 3 UID: 0 PID: 7429 Comm: syz.1.503 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 80.576457][ T7429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.576468][ T7429] Call Trace: [ 80.576474][ T7429] [ 80.576480][ T7429] dump_stack_lvl+0x16c/0x1f0 [ 80.576505][ T7429] should_fail_ex+0x512/0x640 [ 80.576527][ T7429] ? __kvmalloc_node_noprof+0x122/0x600 [ 80.576555][ T7429] should_failslab+0xc2/0x120 [ 80.576572][ T7429] __kvmalloc_node_noprof+0x135/0x600 [ 80.576598][ T7429] ? bpf_jit_binary_pack_alloc+0xc1/0x2b0 [ 80.576625][ T7429] ? bpf_jit_binary_pack_alloc+0xc1/0x2b0 [ 80.576645][ T7429] bpf_jit_binary_pack_alloc+0xc1/0x2b0 [ 80.576664][ T7429] ? __pfx_jit_fill_hole+0x10/0x10 [ 80.576693][ T7429] bpf_int_jit_compile+0x573/0x1830 [ 80.576718][ T7429] ? __pfx_bpf_int_jit_compile+0x10/0x10 [ 80.576750][ T7429] bpf_prog_select_runtime+0x42d/0x780 [ 80.576771][ T7429] ? __asan_memcpy+0x3c/0x60 [ 80.576796][ T7429] bpf_prepare_filter+0xd3b/0x1100 [ 80.576818][ T7429] ? __pfx_bpf_prepare_filter+0x10/0x10 [ 80.576846][ T7429] bpf_prog_create+0x16f/0x240 [ 80.576866][ T7429] cls_bpf_change+0x804/0x1f50 [ 80.576891][ T7429] ? __pfx_cls_bpf_change+0x10/0x10 [ 80.576909][ T7429] ? tc_new_tfilter+0x77c/0x2340 [ 80.576926][ T7429] ? __mutex_unlock_slowpath+0x161/0x6a0 [ 80.576953][ T7429] ? __pfx_cls_bpf_change+0x10/0x10 [ 80.576965][ T7429] tc_new_tfilter+0xa32/0x2340 [ 80.576984][ T7429] ? avc_has_perm_noaudit+0x117/0x3b0 [ 80.577003][ T7429] ? __pfx_tc_new_tfilter+0x10/0x10 [ 80.577020][ T7429] ? __lock_acquire+0x5ca/0x1ba0 [ 80.577043][ T7429] ? find_held_lock+0x2b/0x80 [ 80.577056][ T7429] ? __pfx_tc_new_tfilter+0x10/0x10 [ 80.577067][ T7429] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 80.577078][ T7429] ? __pfx_tc_new_tfilter+0x10/0x10 [ 80.577093][ T7429] rtnetlink_rcv_msg+0x95b/0xe90 [ 80.577105][ T7429] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.577123][ T7429] netlink_rcv_skb+0x16a/0x440 [ 80.577135][ T7429] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.577146][ T7429] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 80.577166][ T7429] ? netlink_deliver_tap+0x1ae/0xd30 [ 80.577180][ T7429] netlink_unicast+0x53a/0x7f0 [ 80.577193][ T7429] ? __pfx_netlink_unicast+0x10/0x10 [ 80.577208][ T7429] netlink_sendmsg+0x8d1/0xdd0 [ 80.577222][ T7429] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.577239][ T7429] ____sys_sendmsg+0xa95/0xc70 [ 80.577253][ T7429] ? copy_msghdr_from_user+0x10a/0x160 [ 80.577263][ T7429] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.577278][ T7429] ? kfree+0x252/0x4d0 [ 80.577291][ T7429] ? __pfx__kstrtoull+0x10/0x10 [ 80.577305][ T7429] ___sys_sendmsg+0x134/0x1d0 [ 80.577316][ T7429] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.577343][ T7429] ? __pfx___might_resched+0x10/0x10 [ 80.577360][ T7429] __sys_sendmmsg+0x200/0x420 [ 80.577372][ T7429] ? __pfx___sys_sendmmsg+0x10/0x10 [ 80.577387][ T7429] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 80.577406][ T7429] ? fput+0x70/0xf0 [ 80.577418][ T7429] ? ksys_write+0x1b9/0x240 [ 80.577433][ T7429] ? __pfx_ksys_write+0x10/0x10 [ 80.577447][ T7429] ? rcu_is_watching+0x12/0xc0 [ 80.577462][ T7429] __x64_sys_sendmmsg+0x9c/0x100 [ 80.577472][ T7429] ? lockdep_hardirqs_on+0x7c/0x110 [ 80.577484][ T7429] do_syscall_64+0xcd/0x260 [ 80.577499][ T7429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.577510][ T7429] RIP: 0033:0x7f6ad378e969 [ 80.577519][ T7429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.577530][ T7429] RSP: 002b:00007f6ad4578038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 80.577540][ T7429] RAX: ffffffffffffffda RBX: 00007f6ad39b5fa0 RCX: 00007f6ad378e969 [ 80.577547][ T7429] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000004 [ 80.577553][ T7429] RBP: 00007f6ad4578090 R08: 0000000000000000 R09: 0000000000000000 [ 80.577559][ T7429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 80.577565][ T7429] R13: 0000000000000000 R14: 00007f6ad39b5fa0 R15: 00007ffdcdf9e228 [ 80.577579][ T7429] [ 80.608269][ T7431] FAULT_INJECTION: forcing a failure. [ 80.608269][ T7431] name failslab, interval 1, probability 0, space 0, times 0 [ 80.653963][ T7438] netlink: 'syz.0.506': attribute type 10 has an invalid length. [ 80.655416][ T7431] CPU: 2 UID: 0 PID: 7431 Comm: syz.3.504 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 80.655431][ T7431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.655438][ T7431] Call Trace: [ 80.655442][ T7431] [ 80.655446][ T7431] dump_stack_lvl+0x16c/0x1f0 [ 80.655463][ T7431] should_fail_ex+0x512/0x640 [ 80.655478][ T7431] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 80.655491][ T7431] should_failslab+0xc2/0x120 [ 80.655503][ T7431] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 80.655514][ T7431] ? ovl_mount_dir+0x26/0x1f0 [ 80.655533][ T7431] kstrdup+0x53/0x100 [ 80.655544][ T7431] ovl_mount_dir+0x26/0x1f0 [ 80.655552][ T1473] ------------[ cut here ]------------ [ 80.655561][ T7431] ovl_parse_param+0x10ae/0x1570 [ 80.655578][ T7431] ? selinux_fs_context_parse_param+0xd8/0x130 [ 80.655596][ T7431] ? __pfx_ovl_parse_param+0x10/0x10 [ 80.655612][ T7431] ? trace_kmalloc+0x2b/0xd0 [ 80.655623][ T7431] ? __kmalloc_node_track_caller_noprof+0x23e/0x510 [ 80.655635][ T7431] ? static_key_count+0x5a/0x70 [ 80.655651][ T7431] ? __pfx_ovl_parse_param+0x10/0x10 [ 80.655667][ T7431] vfs_parse_fs_param+0x208/0x3c0 [ 80.655678][ T7431] vfs_parse_fs_string+0xe9/0x150 [ 80.655688][ T7431] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 80.655702][ T7431] ? ovl_next_opt+0x143/0x1c0 [ 80.655718][ T7431] ? __pfx_ovl_next_opt+0x10/0x10 [ 80.655732][ T7431] vfs_parse_monolithic_sep+0x16f/0x1f0 [ 80.655743][ T7431] ? __pfx_vfs_parse_monolithic_sep+0x10/0x10 [ 80.655755][ T7431] ? alloc_fs_context+0x59b/0x9c0 [ 80.655767][ T7431] path_mount+0x148d/0x1f20 [ 80.655779][ T7431] ? kmem_cache_free+0x2d4/0x4d0 [ 80.655795][ T7431] ? __pfx_path_mount+0x10/0x10 [ 80.655807][ T7431] ? putname+0x154/0x1a0 [ 80.655820][ T7431] __x64_sys_mount+0x28d/0x310 [ 80.655831][ T7431] ? __pfx___x64_sys_mount+0x10/0x10 [ 80.655842][ T7431] ? rcu_is_watching+0x12/0xc0 [ 80.655859][ T7431] do_syscall_64+0xcd/0x260 [ 80.655873][ T7431] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.655884][ T7431] RIP: 0033:0x7f0b0b18e969 [ 80.655893][ T7431] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.655904][ T7431] RSP: 002b:00007f0b0bfcb038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 80.655914][ T7431] RAX: ffffffffffffffda RBX: 00007f0b0b3b5fa0 RCX: 00007f0b0b18e969 [ 80.655921][ T7431] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000 [ 80.655927][ T7431] RBP: 00007f0b0bfcb090 R08: 0000200000000080 R09: 0000000000000000 [ 80.655934][ T7431] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 80.655940][ T7431] R13: 0000000000000000 R14: 00007f0b0b3b5fa0 R15: 00007fffb87971e8 [ 80.655952][ T7431] [ 80.659356][ T7438] FAULT_INJECTION: forcing a failure. [ 80.659356][ T7438] name failslab, interval 1, probability 0, space 0, times 0 [ 80.660057][ T1473] WARNING: CPU: 3 PID: 1473 at kernel/bpf/core.c:2357 __bpf_prog_ret0_warn+0xa/0x20 [ 80.662339][ T7438] CPU: 0 UID: 0 PID: 7438 Comm: syz.0.506 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 80.662362][ T7438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.662372][ T7438] Call Trace: [ 80.662378][ T7438] [ 80.662385][ T7438] dump_stack_lvl+0x16c/0x1f0 [ 80.662409][ T7438] should_fail_ex+0x512/0x640 [ 80.662430][ T7438] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 80.662460][ T7438] should_failslab+0xc2/0x120 [ 80.662477][ T7438] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 80.662502][ T7438] ? __alloc_skb+0x2b2/0x380 [ 80.662533][ T7438] __alloc_skb+0x2b2/0x380 [ 80.662557][ T7438] ? __pfx___alloc_skb+0x10/0x10 [ 80.662579][ T7438] ? __local_bh_enable_ip+0x107/0x120 [ 80.662600][ T7438] ? dev_mc_add+0xb0/0x110 [ 80.662621][ T7438] ? igmp_group_added+0x1db/0x980 [ 80.662650][ T7438] inet_ifmcaddr_notify+0xc7/0x1c0 [ 80.662676][ T7438] ? __pfx_inet_ifmcaddr_notify+0x10/0x10 [ 80.662707][ T7438] ? __local_bh_enable_ip+0xa4/0x120 [ 80.662729][ T7438] ____ip_mc_inc_group+0x802/0x10f0 [ 80.662745][ T7438] ? ib_device_get_by_netdev+0x1b8/0x520 [ 80.662771][ T7438] ? __pfx_____ip_mc_inc_group+0x10/0x10 [ 80.662798][ T7438] ? ib_device_get_by_netdev+0x1c2/0x520 [ 80.662825][ T7438] ip_mc_up+0x154/0x3b0 [ 80.662842][ T7438] inetdev_event+0xafb/0x18a0 [ 80.662862][ T7438] ? ib_netdevice_event+0xfc/0x330 [ 80.662884][ T7438] ? __pfx_inetdev_event+0x10/0x10 [ 80.662903][ T7438] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 80.662934][ T7438] notifier_call_chain+0xb9/0x410 [ 80.662956][ T7438] ? __pfx_inetdev_event+0x10/0x10 [ 80.662980][ T7438] call_netdevice_notifiers_info+0xbe/0x140 [ 80.663003][ T7438] netif_open+0x142/0x160 [ 80.663028][ T7438] ? __pfx_netif_open+0x10/0x10 [ 80.663058][ T7438] dev_open+0xb2/0x260 [ 80.663077][ T7438] bond_enslave+0x9f3/0x6050 [ 80.663110][ T7438] ? __schedule+0x1186/0x5de0 [ 80.663129][ T7438] ? __pfx_bond_enslave+0x10/0x10 [ 80.663152][ T7438] ? lock_acquire+0x179/0x350 [ 80.663177][ T7438] ? do_raw_spin_lock+0x12c/0x2b0 [ 80.663209][ T7438] ? __pfx___dev_change_flags+0x10/0x10 [ 80.663233][ T7438] ? validate_linkmsg+0x57c/0xb60 [ 80.663254][ T7438] ? __pfx_bond_enslave+0x10/0x10 [ 80.663274][ T7438] do_set_master+0x40c/0x730 [ 80.663304][ T7438] ? netif_change_flags+0x70/0x160 [ 80.663322][ T7438] do_setlink.constprop.0+0xe66/0x44b0 [ 80.663347][ T7438] ? __lock_acquire+0xaa4/0x1ba0 [ 80.663371][ T7438] ? __pfx_do_setlink.constprop.0+0x10/0x10 [ 80.663389][ T7438] ? find_held_lock+0x2b/0x80 [ 80.663412][ T7438] ? __mutex_trylock_common+0xe9/0x250 [ 80.663438][ T7438] ? __pfx___mutex_trylock_common+0x10/0x10 [ 80.663464][ T7438] ? __pfx___might_resched+0x10/0x10 [ 80.663486][ T7438] ? rcu_is_watching+0x12/0xc0 [ 80.663505][ T7438] ? trace_contention_end+0xdd/0x130 [ 80.663532][ T7438] ? __mutex_lock+0x1ca/0xb90 [ 80.663555][ T7438] ? rtnl_newlink+0x600/0x2000 [ 80.663572][ T7438] ? __pfx___mutex_lock+0x10/0x10 [ 80.663592][ T7438] ? cap_capable+0xb3/0x250 [ 80.663620][ T7438] ? netlink_ns_capable+0xfa/0x130 [ 80.663641][ T7438] rtnl_newlink+0x1446/0x2000 [ 80.663666][ T7438] ? __pfx_rtnl_newlink+0x10/0x10 [ 80.663682][ T7438] ? find_held_lock+0x2b/0x80 [ 80.663702][ T7438] ? avc_has_perm_noaudit+0x117/0x3b0 [ 80.663733][ T7438] ? avc_has_perm_noaudit+0x149/0x3b0 [ 80.663766][ T7438] ? __lock_acquire+0x5ca/0x1ba0 [ 80.663803][ T7438] ? find_held_lock+0x2b/0x80 [ 80.663821][ T7438] ? __pfx_rtnl_newlink+0x10/0x10 [ 80.663836][ T7438] ? __pfx_rtnl_newlink+0x10/0x10 [ 80.663851][ T7438] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 80.663868][ T7438] ? __pfx_rtnl_newlink+0x10/0x10 [ 80.663886][ T7438] rtnetlink_rcv_msg+0x95b/0xe90 [ 80.663906][ T7438] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.663936][ T7438] netlink_rcv_skb+0x16a/0x440 [ 80.663956][ T7438] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 80.663976][ T7438] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 80.664008][ T7438] ? netlink_deliver_tap+0x1ae/0xd30 [ 80.664032][ T7438] netlink_unicast+0x53a/0x7f0 [ 80.664052][ T7438] ? __pfx_netlink_unicast+0x10/0x10 [ 80.664077][ T7438] netlink_sendmsg+0x8d1/0xdd0 [ 80.664101][ T7438] ? __pfx_netlink_sendmsg+0x10/0x10 [ 80.664149][ T7438] ____sys_sendmsg+0xa95/0xc70 [ 80.664173][ T7438] ? copy_msghdr_from_user+0x10a/0x160 [ 80.664189][ T7438] ? __pfx_____sys_sendmsg+0x10/0x10 [ 80.664221][ T7438] ___sys_sendmsg+0x134/0x1d0 [ 80.664240][ T7438] ? __pfx____sys_sendmsg+0x10/0x10 [ 80.664294][ T7438] __sys_sendmsg+0x16d/0x220 [ 80.664312][ T7438] ? __pfx___sys_sendmsg+0x10/0x10 [ 80.664361][ T7438] do_syscall_64+0xcd/0x260 [ 80.664385][ T7438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 80.664402][ T7438] RIP: 0033:0x7f9ed658e969 [ 80.664416][ T7438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 80.664431][ T7438] RSP: 002b:00007f9ed7322038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 80.664447][ T7438] RAX: ffffffffffffffda RBX: 00007f9ed67b5fa0 RCX: 00007f9ed658e969 [ 80.664459][ T7438] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000003 [ 80.664469][ T7438] RBP: 00007f9ed7322090 R08: 0000000000000000 R09: 0000000000000000 [ 80.664478][ T7438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 80.664488][ T7438] R13: 0000000000000000 R14: 00007f9ed67b5fa0 R15: 00007ffccc6302c8 [ 80.664511][ T7438] [ 80.668930][ T7438] bond0: (slave wlan1): Enslaving as an active interface with a down link [ 80.670601][ T1473] Modules linked in: [ 80.997055][ T1473] CPU: 3 UID: 0 PID: 1473 Comm: kworker/3:2 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 81.000704][ T1473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.003984][ T1473] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 81.005966][ T1473] RIP: 0010:__bpf_prog_ret0_warn+0xa/0x20 [ 81.007815][ T1473] Code: f3 0f 1e fa e8 a7 c7 f0 ff 31 c0 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa e8 87 c7 f0 ff 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 [ 81.013693][ T1473] RSP: 0018:ffffc9000723f398 EFLAGS: 00010293 [ 81.015635][ T1473] RAX: 0000000000000000 RBX: ffffc90003b63000 RCX: 1ffff9200076c606 [ 81.018079][ T1473] RDX: ffff888028b2c880 RSI: ffffffff81ca6979 RDI: ffff888058461540 [ 81.020515][ T1473] RBP: ffffc9000723f438 R08: 0000000000000001 R09: 0000000000000000 [ 81.022956][ T1473] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888023d26406 [ 81.024654][ T5288] Bluetooth: hci3: command tx timeout [ 81.025434][ T1473] R13: ffff888058461540 R14: 000000000000004a R15: ffff888031427800 [ 81.030150][ T1473] FS: 0000000000000000(0000) GS:ffff8880d6ce2000(0000) knlGS:0000000000000000 [ 81.032886][ T1473] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 81.035011][ T1473] CR2: 00007f9ed43d4f98 CR3: 000000000e180000 CR4: 0000000000352ef0 [ 81.037494][ T1473] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 81.039976][ T1473] DR3: 000000000000000c DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 81.042423][ T1473] Call Trace: [ 81.043477][ T1473] [ 81.044463][ T1473] cls_bpf_classify+0x74a/0x1110 [ 81.046033][ T1473] ? __pfx_cls_bpf_classify+0x10/0x10 [ 81.047753][ T1473] tcf_classify+0x7ef/0x1380 [ 81.049218][ T1473] htb_enqueue+0x2f6/0x12d0 [ 81.050655][ T1473] ? __pfx_htb_enqueue+0x10/0x10 [ 81.052205][ T1473] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 81.053877][ T1473] __dev_queue_xmit+0x2142/0x43e0 [ 81.055490][ T1473] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.057108][ T1473] ? ipt_do_table+0xd48/0x1ac0 [ 81.058613][ T1473] ? __local_bh_enable_ip+0xa4/0x120 [ 81.060259][ T1473] ? ipt_do_table+0xd78/0x1ac0 [ 81.061750][ T1473] ? __pfx___dev_queue_xmit+0x10/0x10 [ 81.063434][ T1473] ? __lock_acquire+0xaa4/0x1ba0 [ 81.065051][ T1473] ? lock_acquire+0x179/0x350 [ 81.066534][ T1473] ? mark_held_locks+0x49/0x80 [ 81.068085][ T1473] ip_finish_output2+0xc38/0x21a0 [ 81.069669][ T1473] ? ip_skb_dst_mtu+0x3a3/0xe90 [ 81.071178][ T1473] ? __pfx_ip_finish_output2+0x10/0x10 [ 81.072864][ T1473] ? ip_skb_dst_mtu+0x496/0xe90 [ 81.074450][ T1473] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 81.076075][ T1473] ? __pfx_nf_hook+0x10/0x10 [ 81.077523][ T1473] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.079178][ T1473] __ip_finish_output+0x49e/0x950 [ 81.080762][ T1473] ip_finish_output+0x35/0x380 [ 81.082280][ T1473] ip_output+0x13b/0x2a0 [ 81.083619][ T1473] ? __pfx_ip_output+0x10/0x10 [ 81.085176][ T1473] ip_local_out+0x33e/0x4a0 [ 81.086640][ T1473] iptunnel_xmit+0x5d5/0xa00 [ 81.088169][ T1473] send4+0x410/0x1070 [ 81.089431][ T1473] ? __pfx_send4+0x10/0x10 [ 81.090841][ T1473] wg_socket_send_skb_to_peer+0x18f/0x210 [ 81.092612][ T1473] wg_packet_tx_worker+0x1aa/0x810 [ 81.094276][ T1473] process_one_work+0x9cc/0x1b70 [ 81.095826][ T1473] ? __pfx_process_one_work+0x10/0x10 [ 81.097493][ T1473] ? assign_work+0x1a0/0x250 [ 81.098945][ T1473] worker_thread+0x6c8/0xf10 [ 81.100397][ T1473] ? __kthread_parkme+0x19e/0x250 [ 81.101944][ T1473] ? __pfx_worker_thread+0x10/0x10 [ 81.103538][ T1473] kthread+0x3c2/0x780 [ 81.104868][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.106324][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.107808][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.109256][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.110737][ T1473] ? rcu_is_watching+0x12/0xc0 [ 81.112231][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.113673][ T1473] ret_from_fork+0x45/0x80 [ 81.115128][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.116574][ T1473] ret_from_fork_asm+0x1a/0x30 [ 81.118084][ T1473] [ 81.119066][ T1473] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 81.121321][ T1473] CPU: 3 UID: 0 PID: 1473 Comm: kworker/3:2 Not tainted 6.15.0-rc4-syzkaller-00040-g8bac8898fe39 #0 PREEMPT(full) [ 81.124947][ T1473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.128267][ T1473] Workqueue: wg-crypt-wg0 wg_packet_tx_worker [ 81.130174][ T1473] Call Trace: [ 81.131220][ T1473] [ 81.132154][ T1473] dump_stack_lvl+0x3d/0x1f0 [ 81.133603][ T1473] panic+0x71c/0x800 [ 81.134887][ T1473] ? __pfx_panic+0x10/0x10 [ 81.136290][ T1473] ? show_trace_log_lvl+0x29b/0x3e0 [ 81.137917][ T1473] ? check_panic_on_warn+0x1f/0xb0 [ 81.139546][ T1473] ? __bpf_prog_ret0_warn+0xa/0x20 [ 81.141143][ T1473] check_panic_on_warn+0xab/0xb0 [ 81.142692][ T1473] __warn+0xf6/0x3c0 [ 81.143923][ T1473] ? __bpf_prog_ret0_warn+0xa/0x20 [ 81.145517][ T1473] report_bug+0x3c3/0x580 [ 81.146923][ T1473] ? __bpf_prog_ret0_warn+0xa/0x20 [ 81.148512][ T1473] handle_bug+0x184/0x210 [ 81.149872][ T1473] exc_invalid_op+0x17/0x50 [ 81.151300][ T1473] asm_exc_invalid_op+0x1a/0x20 [ 81.152813][ T1473] RIP: 0010:__bpf_prog_ret0_warn+0xa/0x20 [ 81.154579][ T1473] Code: f3 0f 1e fa e8 a7 c7 f0 ff 31 c0 c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa e8 87 c7 f0 ff 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00 00 00 90 [ 81.160450][ T1473] RSP: 0018:ffffc9000723f398 EFLAGS: 00010293 [ 81.162327][ T1473] RAX: 0000000000000000 RBX: ffffc90003b63000 RCX: 1ffff9200076c606 [ 81.164748][ T1473] RDX: ffff888028b2c880 RSI: ffffffff81ca6979 RDI: ffff888058461540 [ 81.167231][ T1473] RBP: ffffc9000723f438 R08: 0000000000000001 R09: 0000000000000000 [ 81.169666][ T1473] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888023d26406 [ 81.172102][ T1473] R13: ffff888058461540 R14: 000000000000004a R15: ffff888031427800 [ 81.174538][ T1473] ? __bpf_prog_ret0_warn+0x9/0x20 [ 81.176130][ T1473] ? __bpf_prog_ret0_warn+0x9/0x20 [ 81.177710][ T1473] cls_bpf_classify+0x74a/0x1110 [ 81.179267][ T1473] ? __pfx_cls_bpf_classify+0x10/0x10 [ 81.180935][ T1473] tcf_classify+0x7ef/0x1380 [ 81.182398][ T1473] htb_enqueue+0x2f6/0x12d0 [ 81.183827][ T1473] ? __pfx_htb_enqueue+0x10/0x10 [ 81.185369][ T1473] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 81.187054][ T1473] __dev_queue_xmit+0x2142/0x43e0 [ 81.188624][ T1473] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.190273][ T1473] ? ipt_do_table+0xd48/0x1ac0 [ 81.191762][ T1473] ? __local_bh_enable_ip+0xa4/0x120 [ 81.193401][ T1473] ? ipt_do_table+0xd78/0x1ac0 [ 81.194902][ T1473] ? __pfx___dev_queue_xmit+0x10/0x10 [ 81.196568][ T1473] ? __lock_acquire+0xaa4/0x1ba0 [ 81.197988][ T1473] ? lock_acquire+0x179/0x350 [ 81.199465][ T1473] ? mark_held_locks+0x49/0x80 [ 81.200963][ T1473] ip_finish_output2+0xc38/0x21a0 [ 81.202538][ T1473] ? ip_skb_dst_mtu+0x3a3/0xe90 [ 81.204062][ T1473] ? __pfx_ip_finish_output2+0x10/0x10 [ 81.205750][ T1473] ? ip_skb_dst_mtu+0x496/0xe90 [ 81.207316][ T1473] ? __pfx_ip_skb_dst_mtu+0x10/0x10 [ 81.208950][ T1473] ? __pfx_nf_hook+0x10/0x10 [ 81.210435][ T1473] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.212057][ T1473] __ip_finish_output+0x49e/0x950 [ 81.213627][ T1473] ip_finish_output+0x35/0x380 [ 81.215136][ T1473] ip_output+0x13b/0x2a0 [ 81.216462][ T1473] ? __pfx_ip_output+0x10/0x10 [ 81.217964][ T1473] ip_local_out+0x33e/0x4a0 [ 81.219387][ T1473] iptunnel_xmit+0x5d5/0xa00 [ 81.220815][ T1473] send4+0x410/0x1070 [ 81.222047][ T1473] ? __pfx_send4+0x10/0x10 [ 81.223453][ T1473] wg_socket_send_skb_to_peer+0x18f/0x210 [ 81.225215][ T1473] wg_packet_tx_worker+0x1aa/0x810 [ 81.226853][ T1473] process_one_work+0x9cc/0x1b70 [ 81.228413][ T1473] ? __pfx_process_one_work+0x10/0x10 [ 81.230120][ T1473] ? assign_work+0x1a0/0x250 [ 81.231565][ T1473] worker_thread+0x6c8/0xf10 [ 81.233015][ T1473] ? __kthread_parkme+0x19e/0x250 [ 81.234598][ T1473] ? __pfx_worker_thread+0x10/0x10 [ 81.236195][ T1473] kthread+0x3c2/0x780 [ 81.237475][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.238917][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.240380][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.241807][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.243252][ T1473] ? rcu_is_watching+0x12/0xc0 [ 81.244710][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.246110][ T1473] ret_from_fork+0x45/0x80 [ 81.247557][ T1473] ? __pfx_kthread+0x10/0x10 [ 81.249003][ T1473] ret_from_fork_asm+0x1a/0x30 [ 81.250546][ T1473] [ 81.252242][ T1473] Kernel Offset: disabled [ 81.253589][ T1473] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:44:42 Registers: info registers vcpu 0 CPU#0 RAX=000000000010be57 RBX=0000000000000000 RCX=ffffffff8b6c8419 RDX=0000000000000000 RSI=ffffffff8dbe08b9 RDI=ffffffff8bf47e20 RBP=fffffbfff1c12ee8 RSP=ffffffff8e007e10 R8 =0000000000000001 R9 =ffffed100d4865bd R10=ffff88806a432deb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8e097740 R14=ffffffff9084fd10 R15=0000000000000000 RIP=ffffffff8b6c6caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d69e2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f6ad4556f98 CR3=000000004bb84000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000040000400 Opmask01=0000000000000000 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb8797570 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffff88810a7c4888 RBX=0000000000000001 RCX=ffffffff8198596c RDX=1ffff110214f8911 RSI=0000000000000000 RDI=ffff88810a7c48a0 RBP=ffffc90003a4f378 RSP=ffffc90003a4f250 R8 =0000000000000001 R9 =fffff52000749e38 R10=0000000000000003 R11=0000000000000000 R12=dffffc0000000000 R13=ffff8880373be000 R14=ffff88810a7c4850 R15=ffff8880373bf000 RIP=ffffffff84d64930 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ae2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fcde28e7d60 CR3=0000000024397000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000007fff Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fcde1d836a3 00007fcde1d836a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffce9201a0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555931a5034 00005555931a4ec0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005555931a442f 00005555931a4330 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 01ffffffffffffff ffcf085003000000 0000000001ffffff ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0100100005ba8008 0001000004080606 011eae0004088485 babc080001000006 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 080606011f820000 0000000000000000 0000000000000000 00000000000001ff ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffcf 0850030000000000 000001ffffffffff fffffff108420334 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0200400308100030 030a100020030180 8080801000100306 8080808080808080 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000008d397 RBX=0000000000000002 RCX=ffffffff8b6c8419 RDX=0000000000000000 RSI=ffffffff8dbe08b9 RDI=ffffffff8bf47e20 RBP=ffffed1003ad0910 RSP=ffffc90000187df8 R8 =0000000000000001 R9 =ffffed100d4c65bd R10=ffff88806a632deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801d684880 R14=ffffffff9084fd10 R15=0000000000000000 RIP=ffffffff8b6c6caf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6be2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c3616d4 CR3=000000002a29e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000004090001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb8797310 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f0b0b211c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 732064616200786c 6c36313025783000 657a697320786568 7274000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5605414447005d49 49131415005d1500 405f4c56055d404d 5751560541444700 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000028 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854f2575 RDI=ffffffff9adf64e0 RBP=ffffffff9adf64a0 RSP=ffffc9000723ecf0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000028 R14=ffffffff9adf64a0 R15=ffffffff854f2510 RIP=ffffffff854f259f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c01300 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c01300 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6ce2000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f9ed43d4f98 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000c DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000008001 Opmask01=0000000000000000 Opmask02=000000000000003f Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3983488 00007f6ad3983480 00007f6ad3983478 00007f6ad3983450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad44ed100 00007f6ad3983440 00007f6ad3983458 0004000700080006 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f6ad3983498 00007f6ad3983490 00007f6ad3983488 00007f6ad3983480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000