last executing test programs: 6.005471952s ago: executing program 0 (id=321): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000008b7080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r1, &(0x7f0000000680)={&(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x8040}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 5.812492336s ago: executing program 0 (id=323): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0) write(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x45, 0x1488, 0xffffffffffffffff, 0x5}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 4.009013874s ago: executing program 0 (id=326): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000c00)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20) r2 = socket$inet6(0xa, 0x800000000000002, 0x0) sendto$inet6(r2, 0x0, 0x5c4, 0x404c844, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @local}, 0x1c) 3.87844408s ago: executing program 0 (id=327): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000008b7080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r1, &(0x7f0000000680)={&(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x8040}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 3.746470157s ago: executing program 0 (id=328): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000ff41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0) 3.619975573s ago: executing program 0 (id=330): bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) r0 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0) write(r0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0x45, 0x1488, 0xffffffffffffffff, 0x5}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000300000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) mount(&(0x7f00000001c0)=@filename='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000001200)='vfat\x00', 0x0, 0x0) 900.145706ms ago: executing program 1 (id=341): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0}, 0x10) setregid(0x0, 0x0) 729.452698ms ago: executing program 1 (id=342): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYBLOB="0000000000000008b70800000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x8}, 0x18) r1 = socket$rds(0x15, 0x5, 0x0) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) sendmsg$rds(r1, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0) sendmsg$rds(r1, &(0x7f0000000680)={&(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x8040}, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r1, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) 499.832627ms ago: executing program 1 (id=343): r0 = socket$packet(0x11, 0x3, 0x300) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000001180)='kfree\x00', r1, 0x0, 0x4}, 0x18) setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x3}, 0x4) close_range(r0, r0, 0x0) 267.130386ms ago: executing program 1 (id=344): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="d40000001900010000000000000000001c140000fe030001000000008400120000"], 0xd4}}, 0x0) 147.619912ms ago: executing program 1 (id=345): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r1}, 0x10) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f00000009c0)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x200000000500, 0x0, 0x0, 0x200000000530, 0x200000000560], 0x0, 0x0, &(0x7f0000000500)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}]}, 0x108) 0s ago: executing program 1 (id=346): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48) mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x200000a, 0x13, r0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000003c0)='mm_page_alloc\x00', r2, 0x0, 0xffffffffffffffff}, 0x18) r3 = gettid() process_vm_writev(r3, &(0x7f0000000080)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/230, 0xe6}], 0x1, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:42056' (ED25519) to the list of known hosts. syzkaller login: [ 83.309231][ T3313] cgroup: Unknown subsys name 'net' [ 83.497564][ T3313] cgroup: Unknown subsys name 'cpuset' [ 83.520507][ T3313] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.907402][ T3313] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 93.580823][ T3319] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.624246][ T3319] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 93.639817][ T3318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 93.697176][ T3318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 94.691837][ T3319] hsr_slave_0: entered promiscuous mode [ 94.703532][ T3319] hsr_slave_1: entered promiscuous mode [ 94.860934][ T3318] hsr_slave_0: entered promiscuous mode [ 94.871729][ T3318] hsr_slave_1: entered promiscuous mode [ 94.881367][ T3318] debugfs: 'hsr0' already exists in 'hsr' [ 94.883751][ T3318] Cannot create hsr debugfs directory [ 95.839766][ T3319] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 95.874760][ T3319] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 95.928899][ T3319] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 95.960378][ T3319] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 96.158745][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 96.183111][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 96.223172][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 96.244851][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 97.028303][ T3319] 8021q: adding VLAN 0 to HW filter on device bond0 [ 97.168848][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0 [ 100.363426][ T3319] veth0_vlan: entered promiscuous mode [ 100.404485][ T3318] veth0_vlan: entered promiscuous mode [ 100.434957][ T3319] veth1_vlan: entered promiscuous mode [ 100.500971][ T3318] veth1_vlan: entered promiscuous mode [ 100.670813][ T3319] veth0_macvtap: entered promiscuous mode [ 100.684838][ T3318] veth0_macvtap: entered promiscuous mode [ 100.708341][ T3319] veth1_macvtap: entered promiscuous mode [ 100.723534][ T3318] veth1_macvtap: entered promiscuous mode [ 100.917664][ T1178] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.918404][ T1178] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.918597][ T1178] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.942628][ T1178] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.963217][ T1178] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 100.977832][ T1178] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.011829][ T1178] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.033048][ T1178] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.512458][ T3318] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 101.512473][ T3319] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 105.717150][ T24] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0 [ 105.724219][ T24] hid-generic 0000:0000:0000.0001: hidraw0: HID v0.00 Device [syz1] on syz0 [ 106.070799][ T3487] fido_id[3487]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 106.422261][ T3494] Zero length message leads to an empty skb [ 107.207166][ T784] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 107.229151][ T784] hid-generic 0000:0000:0000.0002: hidraw0: HID v0.00 Device [syz1] on syz0 [ 110.054871][ T3508] netlink: 'syz.1.14': attribute type 10 has an invalid length. [ 110.073895][ T3508] netlink: 'syz.1.14': attribute type 10 has an invalid length. [ 110.834883][ T30] audit: type=1326 audit(110.650:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3515 comm="syz.1.18" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 110.842656][ T30] audit: type=1326 audit(110.660:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3515 comm="syz.1.18" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 110.844674][ T30] audit: type=1326 audit(110.660:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3515 comm="syz.1.18" exe="/syz-executor" sig=0 arch=c00000b7 syscall=123 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 110.852332][ T30] audit: type=1326 audit(110.670:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3515 comm="syz.1.18" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.094841][ T30] audit: type=1326 audit(110.910:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3519 comm="syz.1.20" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.105624][ T30] audit: type=1326 audit(110.920:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3519 comm="syz.1.20" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.108953][ T30] audit: type=1326 audit(110.920:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3519 comm="syz.1.20" exe="/syz-executor" sig=0 arch=c00000b7 syscall=41 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.112191][ T30] audit: type=1326 audit(110.920:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3519 comm="syz.1.20" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.115566][ T30] audit: type=1326 audit(110.920:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3519 comm="syz.1.20" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 111.204409][ T3522] ..@: renamed from bond_slave_0 (while UP) [ 114.397634][ T3388] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 114.413146][ T3388] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 114.640957][ T3552] netlink: 96 bytes leftover after parsing attributes in process `syz.0.33'. [ 115.005692][ T3551] fido_id[3551]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 115.337416][ T39] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0 [ 115.348163][ T39] hid-generic 0000:0000:0000.0004: hidraw0: HID v0.00 Device [syz1] on syz0 [ 115.885439][ T30] audit: type=1326 audit(115.690:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3571 comm="syz.1.39" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 115.887866][ T30] audit: type=1326 audit(115.690:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3571 comm="syz.1.39" exe="/syz-executor" sig=0 arch=c00000b7 syscall=222 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 115.888076][ T30] audit: type=1326 audit(115.690:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3571 comm="syz.1.39" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 115.888222][ T30] audit: type=1326 audit(115.690:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3571 comm="syz.1.39" exe="/syz-executor" sig=0 arch=c00000b7 syscall=83 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 115.888398][ T30] audit: type=1326 audit(115.690:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3571 comm="syz.1.39" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 115.980604][ T3569] fido_id[3569]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 116.018365][ T30] audit: type=1326 audit(115.840:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3573 comm="syz.1.40" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 116.018953][ T30] audit: type=1326 audit(115.840:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3573 comm="syz.1.40" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 116.044973][ T30] audit: type=1326 audit(115.860:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3573 comm="syz.1.40" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 116.057786][ T30] audit: type=1326 audit(115.870:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3573 comm="syz.1.40" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 116.060604][ T30] audit: type=1326 audit(115.870:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3573 comm="syz.1.40" exe="/syz-executor" sig=0 arch=c00000b7 syscall=270 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 116.285736][ T3497] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0 [ 116.294298][ T3497] hid-generic 0000:0000:0000.0005: hidraw0: HID v0.00 Device [syz1] on syz0 [ 118.020817][ T3583] netlink: 8 bytes leftover after parsing attributes in process `syz.1.43'. [ 121.133791][ T3591] syzkaller0: entered promiscuous mode [ 121.136944][ T3591] syzkaller0: entered allmulticast mode [ 121.841932][ T24] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0 [ 121.873767][ T24] hid-generic 0000:0000:0000.0006: hidraw0: HID v0.00 Device [syz1] on syz0 [ 121.940830][ T3604] netlink: 16 bytes leftover after parsing attributes in process `syz.0.52'. [ 122.360617][ T30] kauditd_printk_skb: 133 callbacks suppressed [ 122.364437][ T30] audit: type=1326 audit(122.170:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.364834][ T30] audit: type=1326 audit(122.180:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.377874][ T30] audit: type=1326 audit(122.190:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.381200][ T30] audit: type=1326 audit(122.200:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.573461][ T30] audit: type=1326 audit(122.390:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.583406][ T30] audit: type=1326 audit(122.400:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=199 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.589526][ T30] audit: type=1326 audit(122.410:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.599476][ T30] audit: type=1326 audit(122.420:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.607742][ T30] audit: type=1326 audit(122.420:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.613570][ T30] audit: type=1326 audit(122.430:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3606 comm="syz.1.53" exe="/syz-executor" sig=0 arch=c00000b7 syscall=208 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 122.892740][ T3608] fido_id[3608]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 123.600084][ T3614] process 'syz.0.52' launched '/dev/fd/10' with NULL argv: empty string added [ 127.671268][ T3381] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0 [ 127.682929][ T3381] hid-generic 0000:0000:0000.0007: hidraw0: HID v0.00 Device [syz1] on syz0 [ 128.165400][ T3625] fido_id[3625]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 131.042304][ T30] kauditd_printk_skb: 10 callbacks suppressed [ 131.045427][ T30] audit: type=1326 audit(130.860:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.052481][ T30] audit: type=1326 audit(130.870:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.059927][ T30] audit: type=1326 audit(130.880:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.068467][ T30] audit: type=1326 audit(130.880:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.073409][ T30] audit: type=1326 audit(130.890:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.084958][ T30] audit: type=1326 audit(130.900:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.094048][ T30] audit: type=1326 audit(130.900:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.105040][ T30] audit: type=1326 audit(130.920:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=223 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 131.110743][ T30] audit: type=1326 audit(130.930:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3642 comm="syz.0.63" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 135.671588][ T3679] syz.1.79 uses obsolete (PF_INET,SOCK_PACKET) [ 136.657466][ T3698] kernel profiling enabled (shift: 63) [ 136.657870][ T3698] profiling shift: 63 too large [ 140.646344][ C1] hrtimer: interrupt took 655470 ns [ 140.988459][ T30] audit: type=1326 audit(140.810:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 140.992331][ T30] audit: type=1326 audit(140.810:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 140.997216][ T30] audit: type=1326 audit(140.820:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=189 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.002210][ T30] audit: type=1326 audit(140.820:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.009230][ T30] audit: type=1326 audit(140.830:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.012473][ T30] audit: type=1326 audit(140.830:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.019627][ T30] audit: type=1326 audit(140.840:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.022982][ T30] audit: type=1326 audit(140.840:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.024478][ T30] audit: type=1326 audit(140.840:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 141.182325][ T30] audit: type=1326 audit(141.000:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3718 comm="syz.1.97" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 142.847580][ T3742] capability: warning: `syz.0.108' uses deprecated v2 capabilities in a way that may be insecure [ 142.872801][ T3740] loop7: detected capacity change from 0 to 7 [ 142.889711][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 142.890421][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 142.894516][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 142.895029][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 142.908434][ T3740] loop7: unable to read partition table [ 142.911394][ T3740] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X %`ր{֐ȵ4FLQk݊) failed (rc=-5) [ 143.053660][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 143.054089][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 143.063429][ T3740] VFS: Mount too revealing [ 143.097260][ C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 143.097581][ C0] Buffer I/O error on dev loop7, logical block 0, async page read [ 143.107872][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 143.108234][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 143.198677][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 143.199168][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 143.216752][ C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2 [ 143.217111][ C1] Buffer I/O error on dev loop7, logical block 0, async page read [ 143.426923][ T784] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x4 [ 143.429101][ T784] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x2 [ 143.429527][ T784] hid-generic 0000:3000000:0000.0008: unknown main item tag 0x3 [ 143.434835][ T784] hid-generic 0000:3000000:0000.0008: hidraw0: HID v0.00 Device [sy] on syz0 [ 143.993602][ T3752] fido_id[3752]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 147.948911][ T3780] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 149.803220][ T30] kauditd_printk_skb: 26 callbacks suppressed [ 149.805548][ T30] audit: type=1326 audit(149.620:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.806868][ T30] audit: type=1326 audit(149.620:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.823803][ T30] audit: type=1326 audit(149.620:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.824288][ T30] audit: type=1326 audit(149.640:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.824508][ T30] audit: type=1326 audit(149.640:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.824673][ T30] audit: type=1326 audit(149.640:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=89 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.831380][ T30] audit: type=1326 audit(149.650:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3794 comm="syz.0.129" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 149.911012][ T3797] netlink: 24 bytes leftover after parsing attributes in process `syz.0.130'. [ 151.534659][ T3802] IPv4: Oversized IP packet from 127.202.26.0 [ 152.604557][ T3812] bond1: Unable to set down delay as MII monitoring is disabled [ 152.619702][ T3812] bond1 (unregistering): Released all slaves [ 154.808074][ T3833] serio: Serial port ptm0 [ 157.394471][ T30] audit: type=1326 audit(157.210:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3843 comm="syz.1.151" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 157.414790][ T30] audit: type=1326 audit(157.230:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3843 comm="syz.1.151" exe="/syz-executor" sig=0 arch=c00000b7 syscall=102 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 157.421196][ T30] audit: type=1326 audit(157.240:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3843 comm="syz.1.151" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 169.405271][ T1725] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.405579][ T1725] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.407582][ T1725] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.407701][ T1725] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 172.200791][ T3896] netlink: 64 bytes leftover after parsing attributes in process `syz.1.167'. [ 173.735792][ T3905] netlink: 4 bytes leftover after parsing attributes in process `syz.0.170'. [ 177.473731][ T3935] Process accounting resumed [ 182.211875][ T3973] netlink: 8 bytes leftover after parsing attributes in process `syz.0.198'. [ 182.212100][ T3973] netlink: 'syz.0.198': attribute type 1 has an invalid length. [ 182.612166][ T30] audit: type=1326 audit(182.430:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.613393][ T30] audit: type=1326 audit(182.430:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.618922][ T30] audit: type=1326 audit(182.440:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.619981][ T30] audit: type=1326 audit(182.440:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.621482][ T30] audit: type=1326 audit(182.440:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.623006][ T30] audit: type=1326 audit(182.440:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.625167][ T30] audit: type=1326 audit(182.440:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.633572][ T30] audit: type=1326 audit(182.450:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.635362][ T30] audit: type=1326 audit(182.450:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 182.650349][ T30] audit: type=1326 audit(182.470:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3978 comm="syz.0.201" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 190.331631][ T30] kauditd_printk_skb: 58 callbacks suppressed [ 190.337975][ T30] audit: type=1326 audit(190.150:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.354132][ T30] audit: type=1326 audit(190.150:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.355066][ T30] audit: type=1326 audit(190.170:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=425 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.382856][ T30] audit: type=1326 audit(190.200:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.389828][ T30] audit: type=1326 audit(190.210:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=427 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.394241][ T30] audit: type=1326 audit(190.210:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.406453][ T30] audit: type=1326 audit(190.210:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.412129][ T30] audit: type=1326 audit(190.230:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=435 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.415324][ T30] audit: type=1326 audit(190.230:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.419761][ T30] audit: type=1326 audit(190.230:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4049 comm="syz.1.229" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 190.585321][ T4054] netlink: 28 bytes leftover after parsing attributes in process `syz.1.231'. [ 190.722003][ T39] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0 [ 190.741100][ T39] hid-generic 0000:0000:0000.0009: hidraw0: HID v0.00 Device [syz1] on syz0 [ 194.897045][ T4074] netlink: 104 bytes leftover after parsing attributes in process `syz.1.239'. [ 195.337089][ T30] kauditd_printk_skb: 20 callbacks suppressed [ 195.340773][ T30] audit: type=1326 audit(195.150:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.341244][ T30] audit: type=1326 audit(195.160:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.341388][ T30] audit: type=1326 audit(195.160:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.345316][ T30] audit: type=1326 audit(195.160:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.350365][ T30] audit: type=1326 audit(195.170:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.353970][ T30] audit: type=1326 audit(195.170:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.355343][ T30] audit: type=1326 audit(195.170:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.380483][ T30] audit: type=1326 audit(195.200:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.381952][ T30] audit: type=1326 audit(195.200:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.383211][ T30] audit: type=1326 audit(195.200:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4079 comm="syz.0.242" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 195.501001][ T4082] syzkaller1: entered promiscuous mode [ 195.501401][ T4082] syzkaller1: entered allmulticast mode [ 196.043821][ T4090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.247'. [ 196.095417][ T4090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.247'. [ 198.557196][ T4116] macvtap0: refused to change device tx_queue_len [ 204.830103][ T30] kauditd_printk_skb: 17 callbacks suppressed [ 204.836955][ T30] audit: type=1326 audit(204.650:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.842970][ T30] audit: type=1326 audit(204.650:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.850711][ T30] audit: type=1326 audit(204.650:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.854595][ T30] audit: type=1326 audit(204.650:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.860283][ T30] audit: type=1326 audit(204.650:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.865553][ T30] audit: type=1326 audit(204.650:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=109 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 204.869053][ T30] audit: type=1326 audit(204.660:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4154 comm="syz.0.273" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 205.192915][ T30] audit: type=1326 audit(205.010:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.276" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 205.200494][ T30] audit: type=1326 audit(205.010:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.276" exe="/syz-executor" sig=0 arch=c00000b7 syscall=461 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 205.206864][ T30] audit: type=1326 audit(205.010:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.276" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa6f5c3e8 code=0x7ffc0000 [ 207.647433][ T4182] Process accounting paused [ 213.674469][ T4254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.317'. [ 213.683173][ T4254] netlink: 28 bytes leftover after parsing attributes in process `syz.0.317'. [ 214.836990][ T30] kauditd_printk_skb: 84 callbacks suppressed [ 214.838691][ T30] audit: type=1107 audit(214.650:448): pid=4265 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='!mݧ' [ 218.254979][ T30] audit: type=1326 audit(218.060:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.255420][ T30] audit: type=1326 audit(218.070:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.255582][ T30] audit: type=1326 audit(218.070:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.261970][ T30] audit: type=1326 audit(218.080:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.264432][ T30] audit: type=1326 audit(218.080:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.275430][ T30] audit: type=1326 audit(218.090:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.283640][ T30] audit: type=1326 audit(218.100:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=39 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.291637][ T30] audit: type=1326 audit(218.110:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.292096][ T30] audit: type=1326 audit(218.110:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4298 comm="syz.1.336" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa755c3e8 code=0x7ffc0000 [ 218.906432][ T4306] pim6reg: entered allmulticast mode [ 219.199868][ T4306] pim6reg: left allmulticast mode [ 219.497622][ T4310] dvmrp1: entered allmulticast mode [ 220.830481][ T1194] ================================================================== [ 220.834554][ T1194] BUG: KASAN: slab-use-after-free in defer_free+0x3c/0xbc [ 220.836957][ T1194] Write at addr f1f000000ff806e0 by task kworker/u8:11/1194 [ 220.837432][ T1194] Pointer tag: [f1], memory tag: [fe] [ 220.837508][ T1194] [ 220.838324][ T1194] CPU: 0 UID: 0 PID: 1194 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT [ 220.838698][ T1194] Hardware name: linux,dummy-virt (DT) [ 220.839128][ T1194] Workqueue: events_unbound bpf_map_free_deferred [ 220.840330][ T1194] Call trace: [ 220.840647][ T1194] show_stack+0x18/0x24 (C) [ 220.840963][ T1194] dump_stack_lvl+0x78/0x90 [ 220.841078][ T1194] print_report+0x108/0x61c [ 220.841130][ T1194] kasan_report+0x88/0xac [ 220.841174][ T1194] __do_kernel_fault+0x170/0x1c8 [ 220.841253][ T1194] do_bad_area+0x68/0x78 [ 220.841300][ T1194] do_tag_check_fault+0x34/0x44 [ 220.841347][ T1194] do_mem_abort+0x44/0x94 [ 220.841401][ T1194] el1_abort+0x44/0x68 [ 220.841449][ T1194] el1h_64_sync_handler+0x50/0xac [ 220.841495][ T1194] el1h_64_sync+0x6c/0x70 [ 220.841643][ T1194] defer_free+0x3c/0xbc (P) [ 220.841698][ T1194] kfree_nolock+0x1a0/0x1d4 [ 220.841745][ T1194] range_tree_destroy+0x74/0x90 [ 220.841795][ T1194] arena_map_free+0x64/0x90 [ 220.841839][ T1194] bpf_map_free_deferred+0x70/0x180 [ 220.841886][ T1194] process_one_work+0x178/0x2cc [ 220.841937][ T1194] worker_thread+0x24c/0x354 [ 220.841983][ T1194] kthread+0x130/0x1fc [ 220.842027][ T1194] ret_from_fork+0x10/0x20 [ 220.842263][ T1194] [ 220.842325][ T1194] Allocated by task 4324: [ 220.842522][ T1194] kasan_save_stack+0x3c/0x64 [ 220.842757][ T1194] save_stack_info+0x40/0x158 [ 220.842795][ T1194] kasan_save_alloc_info+0x14/0x20 [ 220.842830][ T1194] __kasan_kmalloc+0xb4/0xb8 [ 220.842861][ T1194] kmalloc_nolock_noprof+0x1dc/0x4fc [ 220.842893][ T1194] range_tree_set+0x644/0x778 [ 220.842924][ T1194] arena_map_alloc+0x11c/0x17c [ 220.842955][ T1194] map_create+0x19c/0xa98 [ 220.842988][ T1194] __sys_bpf+0x348/0x1a88 [ 220.843018][ T1194] __arm64_sys_bpf+0x24/0x34 [ 220.843053][ T1194] invoke_syscall+0x48/0x110 [ 220.843089][ T1194] el0_svc_common.constprop.0+0x40/0xe0 [ 220.843124][ T1194] do_el0_svc+0x1c/0x28 [ 220.843157][ T1194] el0_svc+0x34/0x128 [ 220.843187][ T1194] el0t_64_sync_handler+0xa0/0xe4 [ 220.843217][ T1194] el0t_64_sync+0x1a4/0x1a8 [ 220.843287][ T1194] [ 220.843334][ T1194] Freed by task 1194: [ 220.843386][ T1194] kasan_save_stack+0x3c/0x64 [ 220.843419][ T1194] save_stack_info+0x40/0x158 [ 220.843451][ T1194] kasan_save_free_info+0x18/0x24 [ 220.843482][ T1194] __kasan_slab_free+0x7c/0x8c [ 220.843514][ T1194] kfree_nolock+0xcc/0x1d4 [ 220.843545][ T1194] range_tree_destroy+0x74/0x90 [ 220.843577][ T1194] arena_map_free+0x64/0x90 [ 220.843609][ T1194] bpf_map_free_deferred+0x70/0x180 [ 220.843647][ T1194] process_one_work+0x178/0x2cc [ 220.843681][ T1194] worker_thread+0x24c/0x354 [ 220.843715][ T1194] kthread+0x130/0x1fc [ 220.843747][ T1194] ret_from_fork+0x10/0x20 [ 220.843793][ T1194] [ 220.843832][ T1194] The buggy address belongs to the object at fff000000ff806c0 [ 220.843832][ T1194] which belongs to the cache kmalloc-64 of size 64 [ 220.843935][ T1194] The buggy address is located 32 bytes inside of [ 220.843935][ T1194] 64-byte region [fff000000ff806c0, fff000000ff80700) [ 220.843983][ T1194] [ 220.844192][ T1194] The buggy address belongs to the physical page: [ 220.844677][ T1194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xf2f000000ff805c0 pfn:0x4ff80 [ 220.845041][ T1194] ksm flags: 0x1ffc00000000000(node=0|zone=0|lastcpupid=0x7ff|kasantag=0x0) [ 220.845472][ T1194] page_type: f5(slab) [ 220.846129][ T1194] raw: 01ffc00000000000 fbf0000003001600 ffffc1ffc01a6200 dead000000000003 [ 220.846190][ T1194] raw: f2f000000ff805c0 0000000080400020 00000000f5000000 0000000000000000 [ 220.846310][ T1194] page dumped because: kasan: bad access detected [ 220.846353][ T1194] [ 220.846497][ T1194] Memory state around the buggy address: [ 220.846793][ T1194] fff000000ff80400: fe fe fe fe fe fe fe fe f1 f1 f1 f1 fe fe fe fe [ 220.846934][ T1194] fff000000ff80500: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 220.846997][ T1194] >fff000000ff80600: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 220.847096][ T1194] ^ [ 220.847211][ T1194] fff000000ff80700: fe fe fe fe fe fe fe fe fe fe fe fe f1 f1 f1 f1 [ 220.847242][ T1194] fff000000ff80800: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 220.847316][ T1194] ================================================================== [ 220.848845][ T1194] Disabling lock debugging due to kernel taint SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 221.878145][ T104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 221.950964][ T104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.013747][ T104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.101443][ T104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 222.717297][ T104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 222.751127][ T104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 222.793591][ T104] bond0 (unregistering): Released all slaves [ 222.959424][ T104] hsr_slave_0: left promiscuous mode [ 222.963740][ T104] hsr_slave_1: left promiscuous mode [ 222.989721][ T104] veth1_macvtap: left promiscuous mode [ 222.991559][ T104] veth0_macvtap: left promiscuous mode [ 222.994026][ T104] veth1_vlan: left promiscuous mode [ 222.995022][ T104] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 14:25:20 Registers: info registers vcpu 0 CPU#0 PC=ffff8000816ebd4c X00=f9f00000059da008 X01=ffff800082debeaf X02=0000000000000011 X03=00000000ffffe109 X04=ffff8000829e2e80 X05=99b706d72fe8bd57 X06=b898a45426924d3c X07=d7c24ba1632f040d X08=ffff800082debf48 X09=00000000000000c0 X10=609f7e8d7367802b X11=00000000000000c0 X12=0000000000000000 X13=0000000000000000 X14=000000000000031f X15=0000000000000001 X16=ffff800082de8000 X17=fff07ffffcef4000 X18=ffff8000856cbb60 X19=f9f00000059da008 X20=0000000000000000 X21=0000000000000040 X22=ffff800082debeaf X23=fff000007f8d8f80 X24=ffff800082debeb8 X25=f9f00000059da010 X26=ffff800082debec8 X27=00000000ffffe107 X28=f9f00000059da008 X29=ffff800082debdd0 X30=ffff8000816ebd58 SP=ffff800082debdd0 PSTATE=00402009 ---- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000000000a2bf:00000000fff88a7b Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b700000008000003:b7fffffff8000002 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:9500000016000000:8500000000000004 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000008000003b7:fffffff800000207 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000001600000085:00000000000004b7 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa7776478:0000ffffa7776470 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa7776488:0000ffffa7776480 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff399b960:0000fffff399b960 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000fffff399b930 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff80008092ef48 X00=0000000000000002 X01=0000000000000018 X02=ffff800082e15018 X03=ffff800082baded0 X04=f3f00000030e5880 X05=0000000000000031 X06=0000000000000020 X07=0000000000000000 X08=7f7f7f7f7f7f7f7f X09=ffff800082badf00 X10=0000000000000001 X11=ffff8000831ebe20 X12=ffff800082adf208 X13=ffff8000831ebb8d X14=ffff8000831ebb98 X15=ffff8000831eba00 X16=0000000000000000 X17=0000000000000000 X18=00000000ffffffff X19=f6f0000003043042 X20=ffff80008092f0ec X21=f3f00000030e5880 X22=f6f0000003043042 X23=ffff80008092f0ec X24=0000000000000065 X25=f0f000000323b180 X26=0000000000000001 X27=0000000000000000 X28=0000000000000000 X29=ffff8000831ebca0 X30=ffff80008092f114 SP=ffff8000831ebca0 PSTATE=814020c9 N--- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2525252525252525:2525252525252525 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:742064656c696146:0000000000006425 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000f00f00000000 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffffffffff00ff Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000ffffff0f Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000cccccc00 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000073:0000aaaadbe05c90 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000074:0000aaaadbe02f70 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffd5c62840:0000ffffd5c62840 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd8:0000ffffd5c62810 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000