Warning: Permanently added '[localhost]:39014' (ECDSA) to the list of known hosts. 2023/06/30 18:44:46 fuzzer started 2023/06/30 18:44:47 dialing manager at localhost:30001 [ 46.935132][ T5136] cgroup: Unknown subsys name 'net' [ 47.044312][ T5136] cgroup: Unknown subsys name 'rlimit' [ 47.952744][ T5136] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k FS 2023/06/30 18:44:49 syscalls: 3834 2023/06/30 18:44:49 code coverage: enabled 2023/06/30 18:44:49 comparison tracing: enabled 2023/06/30 18:44:49 extra coverage: enabled 2023/06/30 18:44:49 delay kcov mmap: enabled 2023/06/30 18:44:49 setuid sandbox: enabled 2023/06/30 18:44:49 namespace sandbox: enabled 2023/06/30 18:44:49 Android sandbox: /sys/fs/selinux/policy does not exist 2023/06/30 18:44:49 fault injection: enabled 2023/06/30 18:44:49 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 2023/06/30 18:44:49 net packet injection: enabled 2023/06/30 18:44:49 net device setup: enabled 2023/06/30 18:44:49 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 2023/06/30 18:44:49 devlink PCI setup: PCI device 0000:00:10.0 is not available 2023/06/30 18:44:49 NIC VF setup: PCI device 0000:00:11.0 is not available 2023/06/30 18:44:49 USB emulation: enabled 2023/06/30 18:44:49 hci packet injection: enabled 2023/06/30 18:44:49 wifi device emulation: enabled 2023/06/30 18:44:49 802.15.4 emulation: enabled 2023/06/30 18:44:49 swap file: enabled 2023/06/30 18:44:49 fetching corpus: 0, signal 0/2000 (executing program) 2023/06/30 18:44:49 fetching corpus: 49, signal 38518/41986 (executing program) 2023/06/30 18:44:50 fetching corpus: 99, signal 60589/65378 (executing program) 2023/06/30 18:44:50 fetching corpus: 148, signal 79222/85092 (executing program) 2023/06/30 18:44:50 fetching corpus: 198, signal 88719/95710 (executing program) 2023/06/30 18:44:50 fetching corpus: 248, signal 100972/108888 (executing program) 2023/06/30 18:44:50 fetching corpus: 298, signal 118967/127350 (executing program) 2023/06/30 18:44:51 fetching corpus: 348, signal 128176/137255 (executing program) 2023/06/30 18:44:51 fetching corpus: 398, signal 137705/147345 (executing program) 2023/06/30 18:44:51 fetching corpus: 448, signal 142695/153049 (executing program) 2023/06/30 18:44:51 fetching corpus: 497, signal 147251/158357 (executing program) 2023/06/30 18:44:52 fetching corpus: 547, signal 153541/165104 (executing program) 2023/06/30 18:44:52 fetching corpus: 597, signal 159142/171190 (executing program) 2023/06/30 18:44:52 fetching corpus: 647, signal 164905/177357 (executing program) 2023/06/30 18:44:52 fetching corpus: 697, signal 171208/183917 (executing program) 2023/06/30 18:44:52 fetching corpus: 746, signal 175692/188726 (executing program) 2023/06/30 18:44:53 fetching corpus: 794, signal 177831/191461 (executing program) 2023/06/30 18:44:53 fetching corpus: 844, signal 184489/198057 (executing program) 2023/06/30 18:44:53 fetching corpus: 892, signal 187602/201557 (executing program) 2023/06/30 18:44:53 fetching corpus: 942, signal 193254/207113 (executing program) 2023/06/30 18:44:53 fetching corpus: 990, signal 198760/212451 (executing program) 2023/06/30 18:44:54 fetching corpus: 1037, signal 203562/217146 (executing program) 2023/06/30 18:44:54 fetching corpus: 1087, signal 206570/220297 (executing program) 2023/06/30 18:44:54 fetching corpus: 1136, signal 208950/222855 (executing program) 2023/06/30 18:44:54 fetching corpus: 1185, signal 211790/225796 (executing program) 2023/06/30 18:44:55 fetching corpus: 1235, signal 214202/228320 (executing program) 2023/06/30 18:44:55 fetching corpus: 1283, signal 216599/230856 (executing program) 2023/06/30 18:44:55 fetching corpus: 1331, signal 218902/233308 (executing program) 2023/06/30 18:44:55 fetching corpus: 1380, signal 221085/235618 (executing program) 2023/06/30 18:44:56 fetching corpus: 1428, signal 222596/237252 (executing program) 2023/06/30 18:44:56 fetching corpus: 1476, signal 224711/239389 (executing program) 2023/06/30 18:44:56 fetching corpus: 1522, signal 229151/243335 (executing program) 2023/06/30 18:44:56 fetching corpus: 1572, signal 231635/245688 (executing program) 2023/06/30 18:44:56 fetching corpus: 1622, signal 233773/247740 (executing program) 2023/06/30 18:44:57 fetching corpus: 1672, signal 236063/249914 (executing program) 2023/06/30 18:44:57 fetching corpus: 1716, signal 237748/251628 (executing program) 2023/06/30 18:44:57 fetching corpus: 1766, signal 239642/253430 (executing program) 2023/06/30 18:44:57 fetching corpus: 1816, signal 241885/255428 (executing program) 2023/06/30 18:44:57 fetching corpus: 1864, signal 244064/257417 (executing program) 2023/06/30 18:44:58 fetching corpus: 1914, signal 245823/259026 (executing program) 2023/06/30 18:44:58 fetching corpus: 1964, signal 248541/261294 (executing program) 2023/06/30 18:44:58 fetching corpus: 2014, signal 250358/262920 (executing program) 2023/06/30 18:44:58 fetching corpus: 2064, signal 254195/265921 (executing program) 2023/06/30 18:44:58 fetching corpus: 2110, signal 255637/267212 (executing program) 2023/06/30 18:44:59 fetching corpus: 2160, signal 257746/268945 (executing program) 2023/06/30 18:44:59 fetching corpus: 2210, signal 259213/270166 (executing program) 2023/06/30 18:44:59 fetching corpus: 2259, signal 262117/272342 (executing program) 2023/06/30 18:44:59 fetching corpus: 2306, signal 263878/273724 (executing program) 2023/06/30 18:45:00 fetching corpus: 2356, signal 267317/276214 (executing program) 2023/06/30 18:45:00 fetching corpus: 2406, signal 268874/277423 (executing program) 2023/06/30 18:45:00 fetching corpus: 2456, signal 270310/278541 (executing program) 2023/06/30 18:45:00 fetching corpus: 2505, signal 272660/280214 (executing program) 2023/06/30 18:45:00 fetching corpus: 2555, signal 275277/282007 (executing program) 2023/06/30 18:45:01 fetching corpus: 2604, signal 277236/283375 (executing program) 2023/06/30 18:45:01 fetching corpus: 2654, signal 278751/284440 (executing program) 2023/06/30 18:45:02 fetching corpus: 2701, signal 280464/285645 (executing program) 2023/06/30 18:45:02 fetching corpus: 2746, signal 282915/287225 (executing program) 2023/06/30 18:45:02 fetching corpus: 2792, signal 284333/288199 (executing program) 2023/06/30 18:45:02 fetching corpus: 2840, signal 285330/288875 (executing program) 2023/06/30 18:45:03 fetching corpus: 2889, signal 286237/289493 (executing program) 2023/06/30 18:45:03 fetching corpus: 2938, signal 287873/290546 (executing program) 2023/06/30 18:45:03 fetching corpus: 2988, signal 289689/291617 (executing program) 2023/06/30 18:45:03 fetching corpus: 3038, signal 290879/292359 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292773 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292791 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292819 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292844 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292861 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292877 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292885 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292901 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292926 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292941 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292962 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292974 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/292989 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293008 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293033 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293049 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293081 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293093 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293112 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293128 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293148 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291571/293166 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293181 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293196 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293214 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293236 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293254 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293272 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293290 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293310 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293339 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293359 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293376 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293397 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293416 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293435 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293457 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293475 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293500 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293516 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293537 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293554 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293572 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293590 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293613 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293628 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293653 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293662 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293687 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293702 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293719 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293736 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293760 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293777 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293788 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293807 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293818 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293833 (executing program) 2023/06/30 18:45:03 fetching corpus: 3060, signal 291572/293849 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293866 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293882 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293907 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293916 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293934 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293954 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293971 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/293997 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294012 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294028 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294050 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294067 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294083 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291572/294103 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294121 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294134 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294149 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294161 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294185 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294210 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294231 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294242 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294268 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294291 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294314 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294314 (executing program) 2023/06/30 18:45:04 fetching corpus: 3060, signal 291573/294314 (executing program) [ 65.458691][ T5135] memfd_create() without MFD_EXEC nor MFD_NOEXEC_SEAL, pid=5135 'syz-fuzzer' 2023/06/30 18:45:07 starting 4 fuzzer processes 18:45:07 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) 18:45:07 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0xffffc90000000000, 0x0, &(0x7f0000000380)={0x0, 0x0}) 18:45:07 executing program 3: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:45:07 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) [ 65.597255][ T5149] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 65.597824][ T5151] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 65.600975][ T5149] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 65.604038][ T5151] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 65.607187][ T5149] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 65.609384][ T5151] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 65.612326][ T5149] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 65.618366][ T5149] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 65.619177][ T5153] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 65.621440][ T5149] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 65.623550][ T5159] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 65.623782][ T5153] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.626750][ T5149] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 65.629465][ T5159] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 65.632597][ T5149] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 65.636489][ T5159] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 65.636641][ T5153] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 65.637045][ T5153] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 65.637337][ T5161] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 65.639022][ T5149] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 65.643983][ T5159] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 65.646878][ T5161] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 65.650184][ T5159] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 65.652980][ T5161] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 65.862369][ T5147] chnl_net:caif_netlink_parms(): no params data found [ 65.866961][ T5156] chnl_net:caif_netlink_parms(): no params data found [ 65.881965][ T5148] chnl_net:caif_netlink_parms(): no params data found [ 65.912150][ T5160] chnl_net:caif_netlink_parms(): no params data found [ 66.020645][ T5147] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.024639][ T5147] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.027631][ T5147] bridge_slave_0: entered allmulticast mode [ 66.031076][ T5147] bridge_slave_0: entered promiscuous mode [ 66.049242][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.051841][ T5156] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.054578][ T5156] bridge_slave_0: entered allmulticast mode [ 66.057517][ T5156] bridge_slave_0: entered promiscuous mode [ 66.072692][ T5147] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.075358][ T5147] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.078391][ T5147] bridge_slave_1: entered allmulticast mode [ 66.081226][ T5147] bridge_slave_1: entered promiscuous mode [ 66.084634][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.087970][ T5148] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.091123][ T5148] bridge_slave_0: entered allmulticast mode [ 66.094078][ T5148] bridge_slave_0: entered promiscuous mode [ 66.097358][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.099960][ T5156] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.102514][ T5156] bridge_slave_1: entered allmulticast mode [ 66.105134][ T5156] bridge_slave_1: entered promiscuous mode [ 66.135451][ T5148] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.138331][ T5148] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.140949][ T5148] bridge_slave_1: entered allmulticast mode [ 66.143579][ T5148] bridge_slave_1: entered promiscuous mode [ 66.165807][ T5160] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.169123][ T5160] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.172249][ T5160] bridge_slave_0: entered allmulticast mode [ 66.175401][ T5160] bridge_slave_0: entered promiscuous mode [ 66.179487][ T5147] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.203052][ T5156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.208846][ T5147] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.222879][ T5160] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.225624][ T5160] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.228376][ T5160] bridge_slave_1: entered allmulticast mode [ 66.231052][ T5160] bridge_slave_1: entered promiscuous mode [ 66.234669][ T5148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.239916][ T5156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.272626][ T5148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.287721][ T5147] team0: Port device team_slave_0 added [ 66.313216][ T5156] team0: Port device team_slave_0 added [ 66.316531][ T5147] team0: Port device team_slave_1 added [ 66.319956][ T5160] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.332318][ T5156] team0: Port device team_slave_1 added [ 66.352488][ T5160] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.357388][ T5148] team0: Port device team_slave_0 added [ 66.392152][ T5148] team0: Port device team_slave_1 added [ 66.403750][ T5156] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.407184][ T5156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.417285][ T5156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.422552][ T5147] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.425154][ T5147] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.435479][ T5147] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.463197][ T5156] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.465852][ T5156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.475800][ T5156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.480425][ T5147] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.482889][ T5147] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.492195][ T5147] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.497865][ T5160] team0: Port device team_slave_0 added [ 66.500882][ T5148] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.503478][ T5148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.514516][ T5148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.524040][ T5160] team0: Port device team_slave_1 added [ 66.526892][ T5148] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.530074][ T5148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.539637][ T5148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.614402][ T5160] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 66.617080][ T5160] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.626336][ T5160] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 66.649434][ T5156] hsr_slave_0: entered promiscuous mode [ 66.652726][ T5156] hsr_slave_1: entered promiscuous mode [ 66.658967][ T5147] hsr_slave_0: entered promiscuous mode [ 66.661680][ T5147] hsr_slave_1: entered promiscuous mode [ 66.663962][ T5147] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.667367][ T5147] Cannot create hsr debugfs directory [ 66.670363][ T5160] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 66.673467][ T5160] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.684400][ T5160] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 66.707194][ T5148] hsr_slave_0: entered promiscuous mode [ 66.710526][ T5148] hsr_slave_1: entered promiscuous mode [ 66.712818][ T5148] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.716220][ T5148] Cannot create hsr debugfs directory [ 66.854710][ T5160] hsr_slave_0: entered promiscuous mode [ 66.857398][ T5160] hsr_slave_1: entered promiscuous mode [ 66.859870][ T5160] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 66.863255][ T5160] Cannot create hsr debugfs directory [ 67.043273][ T5156] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 67.054402][ T5156] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 67.062935][ T5156] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 67.073054][ T5156] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 67.101488][ T5147] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 67.107483][ T5147] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 67.113049][ T5147] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 67.128688][ T5147] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 67.153820][ T5148] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 67.159066][ T5148] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 67.162871][ T5148] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 67.170186][ T5148] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 67.195884][ T5160] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 67.208218][ T5160] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 67.212088][ T5160] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 67.216385][ T5160] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 67.246406][ T5156] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.281729][ T5156] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.293325][ T805] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.296429][ T805] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.309598][ T1249] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.312386][ T1249] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.342136][ T5148] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.350130][ T5147] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.383210][ T5160] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.388529][ T5148] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.393787][ T5147] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.401201][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.403829][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.412546][ T5191] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.415319][ T5191] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.419486][ T5191] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.422334][ T5191] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.440718][ T5195] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.444107][ T5195] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.457431][ T5160] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.479956][ T5137] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.482668][ T5137] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.486833][ T5137] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.489779][ T5137] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.502495][ T5148] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.531908][ T5160] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 67.535885][ T5160] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.546799][ T5156] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.573503][ T5156] veth0_vlan: entered promiscuous mode [ 67.579383][ T5156] veth1_vlan: entered promiscuous mode [ 67.590156][ T5156] veth0_macvtap: entered promiscuous mode [ 67.598058][ T5156] veth1_macvtap: entered promiscuous mode [ 67.606989][ T5156] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.612157][ T5156] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.619193][ T5156] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.622388][ T5156] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.625554][ T5156] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.630038][ T5156] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.642817][ T5148] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.657224][ T5147] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.665299][ T5160] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.676685][ T5161] Bluetooth: hci2: command 0x0409 tx timeout [ 67.678958][ T64] Bluetooth: hci1: command 0x0409 tx timeout [ 67.679877][ T5161] Bluetooth: hci0: command 0x0409 tx timeout [ 67.686311][ T5161] Bluetooth: hci3: command 0x0409 tx timeout [ 67.740406][ T5191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.740436][ T5147] veth0_vlan: entered promiscuous mode [ 67.743602][ T5191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.762016][ T5148] veth0_vlan: entered promiscuous mode [ 67.768507][ T5160] veth0_vlan: entered promiscuous mode [ 67.773972][ T5147] veth1_vlan: entered promiscuous mode [ 67.779843][ T5148] veth1_vlan: entered promiscuous mode [ 67.783510][ T5195] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.786776][ T5195] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.787820][ T5160] veth1_vlan: entered promiscuous mode [ 67.813566][ T5148] veth0_macvtap: entered promiscuous mode [ 67.818618][ T5148] veth1_macvtap: entered promiscuous mode [ 67.823428][ T5147] veth0_macvtap: entered promiscuous mode [ 67.833418][ T5160] veth0_macvtap: entered promiscuous mode [ 67.840809][ T5147] veth1_macvtap: entered promiscuous mode [ 67.862083][ T5160] veth1_macvtap: entered promiscuous mode 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 67.874607][ T5147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.883057][ T5147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.889677][ T5147] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.894779][ T5148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.900652][ T5148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.904891][ T5148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.910153][ T5148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 67.916785][ T5148] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.924354][ T5148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.928890][ T5148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.934031][ T5148] batman_adv: batadv0: Interface activated: batadv_slave_1 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 67.942537][ T5147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.947750][ T5147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.952395][ T5147] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.956960][ T5147] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.962220][ T5147] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.968531][ T5148] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.971750][ T5148] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.975250][ T5148] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.978648][ T5148] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.987126][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.995077][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 68.002173][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.008468][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.012114][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 68.016734][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.021358][ T5160] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 68.025964][ T5147] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 68.029903][ T5147] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.033340][ T5147] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.036704][ T5147] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.052588][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.057745][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.062070][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.067252][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.071412][ T5160] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 68.075837][ T5160] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 68.082615][ T5160] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.108348][ T5160] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.112322][ T5160] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.116312][ T5160] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.119430][ T5160] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.134153][ T5137] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.138292][ T5137] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.168862][ T5192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.171848][ T5192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.184552][ T5191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.184569][ T5195] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.187580][ T5191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.191768][ T5195] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.214028][ T5137] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.217604][ T5137] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.234452][ T5192] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.235570][ T5229] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. [ 68.238317][ T5192] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 18:45:09 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) 18:45:09 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0xffffc90000000000, 0x0, &(0x7f0000000380)={0x0, 0x0}) 18:45:09 executing program 3: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:45:09 executing program 0: mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000009000/0x3000)=nil, 0x3000, 0x64) mremap(&(0x7f0000007000/0x3000)=nil, 0x3000, 0x3000, 0x3, &(0x7f0000004000/0x3000)=nil) [ 68.304812][ T5235] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 18:45:09 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0xffffc90000000000, 0x0, &(0x7f0000000380)={0x0, 0x0}) 18:45:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) 18:45:09 executing program 2: seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0xffffc90000000000, 0x0, &(0x7f0000000380)={0x0, 0x0}) 18:45:09 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) [ 68.351736][ T5245] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 18:45:09 executing program 3: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) [ 68.376703][ T5250] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 18:45:09 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) 18:45:09 executing program 3: bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x18, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x80) 18:45:09 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89eb, &(0x7f0000000000)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0x0, 'ip6tnl0\x00'}) 18:45:10 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) [ 68.411574][ T5253] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. [ 68.423885][ T5259] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'. 18:45:10 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89eb, &(0x7f0000000000)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0x0, 'ip6tnl0\x00'}) 18:45:10 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) r1 = socket(0x10, 0x3, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) getsockname$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01002000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x48, 0x2, {{0x0, 0x1ff, 0x0, 0x0, 0xffffffff}, [@TCA_NETEM_SLOT={0x2c, 0xc, {0x0, 0x0, 0x2, 0x0, 0x0, 0x5}}]}}}]}, 0x78}}, 0x0) bind$packet(r0, &(0x7f0000000300)={0x11, 0x0, r4}, 0x14) sendto$packet(r0, &(0x7f0000000240)="93a749700b71659fbc09a7b50800", 0x12, 0x0, 0x0, 0x0) [ 68.444873][ T5263] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.0'. 18:45:10 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89eb, &(0x7f0000000000)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0x0, 'ip6tnl0\x00'}) 18:45:10 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x40}}, 0x0) 18:45:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote, {[@ra={0x94, 0x4}]}}}}}) 18:45:10 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x40}}, 0x0) 18:45:10 executing program 2: r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$sock_x25_SIOCADDRT(r0, 0x89eb, &(0x7f0000000000)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0x0, 'ip6tnl0\x00'}) 18:45:10 executing program 0: r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setresuid(0x0, r1, 0x0) mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x6, 0x2172, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000005000/0x4000)=nil, 0x4000, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil) setrlimit(0x8, &(0x7f0000000080)) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1) [ 68.503329][ T5270] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list 18:45:10 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x40}}, 0x0) 18:45:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote, {[@ra={0x94, 0x4}]}}}}}) [ 68.532868][ T5275] ------------[ cut here ]------------ [ 68.534986][ T5275] WARNING: CPU: 3 PID: 5275 at mm/gup.c:1173 __get_user_pages+0xd49/0x1080 [ 68.538346][ T5275] Modules linked in: [ 68.540589][ T5275] CPU: 3 PID: 5275 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-08881-g533925cb7604 #0 [ 68.545266][ T5275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 18:45:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote, {[@ra={0x94, 0x4}]}}}}}) [ 68.549325][ T5275] RIP: 0010:__get_user_pages+0xd49/0x1080 18:45:10 executing program 3: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x40, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6}]}}}]}, 0x40}}, 0x0) [ 68.551648][ T5275] Code: 89 f8 48 c1 e8 03 80 3c 08 00 0f 85 bc 02 00 00 48 8b 44 24 20 48 8b 80 c0 00 00 00 48 8d 1c e8 e9 ad f7 ff ff e8 17 31 c3 ff <0f> 0b e9 32 f6 ff ff e8 0b 31 c3 ff 0f 0b e8 04 31 c3 ff 44 89 ed [ 68.559103][ T5275] RSP: 0018:ffffc90006e7f538 EFLAGS: 00010216 [ 68.561564][ T5275] RAX: 0000000000000267 RBX: 0000000000000100 RCX: ffffc9000c001000 [ 68.564856][ T5275] RDX: 0000000000040000 RSI: ffffffff81c186f9 RDI: 0000000000000007 [ 68.568153][ T5275] RBP: 0000000020006000 R08: 0000000000000007 R09: 0000000000000000 [ 68.571019][ T5275] R10: 0000000000000100 R11: 0000000000000001 R12: ffff888025828700 18:45:10 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote, {[@ra={0x94, 0x4}]}}}}}) [ 68.573904][ T5275] R13: 0000000000210002 R14: ffff88801c3c9300 R15: 0000000000000000 [ 68.577651][ T5275] FS: 0000000000000000(0000) GS:ffff88802c900000(0063) knlGS:00000000f7feab40 [ 68.582000][ T5275] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 18:45:10 executing program 3: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000880)={0x2, 0x2, 0x0, 0x0, 0x2}, 0x10}, 0x17}, 0x0) [ 68.585843][ T5275] CR2: 00000000f72b24d6 CR3: 000000001ce4d000 CR4: 0000000000350ee0 18:45:10 executing program 2: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000480)={'tunl0\x00', &(0x7f0000000440)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @remote, {[@ra={0x94, 0x4}]}}}}}) [ 68.589743][ T5275] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 68.593351][ T5275] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 68.597313][ T5275] Call Trace: [ 68.598777][ T5275] [ 68.600114][ T5275] ? __warn+0xe6/0x390 [ 68.601933][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.604222][ T5275] ? report_bug+0x2da/0x500 [ 68.606439][ T5275] ? handle_bug+0x3c/0x70 [ 68.608489][ T5275] ? exc_invalid_op+0x18/0x50 [ 68.610846][ T5275] ? asm_exc_invalid_op+0x1a/0x20 [ 68.612856][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.614886][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.617002][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.619304][ T5275] ? follow_page_mask+0xdc0/0xdc0 [ 68.621551][ T5275] ? down_read_killable+0x14a/0x4f0 [ 68.623869][ T5275] ? down_read+0x480/0x480 [ 68.625866][ T5275] ? mark_lock.part.0+0xee/0x1960 [ 68.628222][ T5275] __gup_longterm_locked+0x6f9/0x23e0 [ 68.630408][ T5275] ? print_usage_bug.part.0+0x670/0x670 [ 68.632877][ T5275] ? find_held_lock+0x2d/0x110 [ 68.635021][ T5275] ? get_user_pages_unlocked+0x810/0x810 [ 68.637705][ T5275] ? internal_get_user_pages_fast+0x1258/0x32f0 [ 68.640468][ T5275] ? mark_held_locks+0x9f/0xe0 [ 68.642616][ T5275] internal_get_user_pages_fast+0x16e6/0x32f0 [ 68.645310][ T5275] ? __lock_acquire+0x1984/0x5e20 [ 68.647658][ T5275] ? __gup_device_huge+0x6c0/0x6c0 [ 68.649931][ T5275] ? __lock_acquire+0xc1b/0x5e20 [ 68.652115][ T5275] get_user_pages_fast+0xa8/0xf0 [ 68.654677][ T5275] ? get_user_pages_fast_only+0xf0/0xf0 [ 68.657470][ T5275] ? lock_sync+0x190/0x190 [ 68.659601][ T5275] ? first_iovec_segment+0x16b/0x280 [ 68.662115][ T5275] __iov_iter_get_pages_alloc+0x28c/0x1950 [ 68.664889][ T5275] ? rcu_is_watching+0x12/0xb0 [ 68.667586][ T5275] ? trace_contention_end+0xd8/0x100 [ 68.670071][ T5275] ? iov_iter_extract_pages+0x18f0/0x18f0 [ 68.672767][ T5275] ? __fget_files+0x23f/0x470 [ 68.675064][ T5275] ? pipe_lock+0x5e/0x70 [ 68.677210][ T5275] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 68.679820][ T5275] ? import_ubuf+0x1fd/0x270 [ 68.682012][ T5275] iov_iter_get_pages2+0xa8/0x100 [ 68.684381][ T5275] ? __iov_iter_get_pages_alloc+0x1950/0x1950 [ 68.687373][ T5275] ? wait_for_space+0x18b/0x2c0 [ 68.689997][ T5275] __do_sys_vmsplice+0x50c/0xaa0 [ 68.692382][ T5275] ? __splice_from_pipe+0x8a0/0x8a0 [ 68.694821][ T5275] ? do_raw_spin_unlock+0x175/0x230 [ 68.697415][ T5275] ? futex_wake+0x159/0x490 [ 68.699595][ T5275] ? find_held_lock+0x2d/0x110 [ 68.701866][ T5275] ? do_futex+0x132/0x360 [ 68.703900][ T5275] ? __ia32_sys_get_robust_list+0x400/0x400 [ 68.706782][ T5275] ? xfd_validate_state+0x5d/0x180 [ 68.709220][ T5275] ? __x64_sys_futex_time32+0x480/0x480 [ 68.711827][ T5275] ? syscall_enter_from_user_mode_prepare+0x1d/0x50 [ 68.714879][ T5275] __do_fast_syscall_32+0x65/0xf0 [ 68.717363][ T5275] do_fast_syscall_32+0x33/0x70 [ 68.719707][ T5275] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 68.722731][ T5275] RIP: 0023:0xf7fef579 [ 68.724686][ T5275] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 68.733770][ T5275] RSP: 002b:00000000f7fea5cc EFLAGS: 00000296 ORIG_RAX: 000000000000013c [ 68.737751][ T5275] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 68.741540][ T5275] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 68.745270][ T5275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.749131][ T5275] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 68.752806][ T5275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.756616][ T5275] [ 68.758112][ T5275] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 68.761516][ T5275] CPU: 3 PID: 5275 Comm: syz-executor.0 Not tainted 6.4.0-syzkaller-08881-g533925cb7604 #0 [ 68.766192][ T5275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014 [ 68.770430][ T5275] Call Trace: [ 68.772063][ T5275] [ 68.773553][ T5275] dump_stack_lvl+0xd9/0x150 [ 68.775845][ T5275] panic+0x686/0x730 [ 68.777709][ T5275] ? panic_smp_self_stop+0xa0/0xa0 [ 68.780129][ T5275] ? show_trace_log_lvl+0x284/0x390 [ 68.782569][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.784992][ T5275] check_panic_on_warn+0xb1/0xc0 [ 68.787315][ T5275] __warn+0xf2/0x390 [ 68.789167][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.791582][ T5275] report_bug+0x2da/0x500 [ 68.793622][ T5275] handle_bug+0x3c/0x70 [ 68.795616][ T5275] exc_invalid_op+0x18/0x50 [ 68.797815][ T5275] asm_exc_invalid_op+0x1a/0x20 [ 68.800110][ T5275] RIP: 0010:__get_user_pages+0xd49/0x1080 [ 68.802755][ T5275] Code: 89 f8 48 c1 e8 03 80 3c 08 00 0f 85 bc 02 00 00 48 8b 44 24 20 48 8b 80 c0 00 00 00 48 8d 1c e8 e9 ad f7 ff ff e8 17 31 c3 ff <0f> 0b e9 32 f6 ff ff e8 0b 31 c3 ff 0f 0b e8 04 31 c3 ff 44 89 ed [ 68.811767][ T5275] RSP: 0018:ffffc90006e7f538 EFLAGS: 00010216 [ 68.814606][ T5275] RAX: 0000000000000267 RBX: 0000000000000100 RCX: ffffc9000c001000 [ 68.818247][ T5275] RDX: 0000000000040000 RSI: ffffffff81c186f9 RDI: 0000000000000007 [ 68.821907][ T5275] RBP: 0000000020006000 R08: 0000000000000007 R09: 0000000000000000 [ 68.825549][ T5275] R10: 0000000000000100 R11: 0000000000000001 R12: ffff888025828700 [ 68.829271][ T5275] R13: 0000000000210002 R14: ffff88801c3c9300 R15: 0000000000000000 [ 68.832993][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.835406][ T5275] ? __get_user_pages+0xd49/0x1080 [ 68.837803][ T5275] ? follow_page_mask+0xdc0/0xdc0 [ 68.840287][ T5275] ? down_read_killable+0x14a/0x4f0 [ 68.842716][ T5275] ? down_read+0x480/0x480 [ 68.844804][ T5275] ? mark_lock.part.0+0xee/0x1960 [ 68.847131][ T5275] __gup_longterm_locked+0x6f9/0x23e0 [ 68.849399][ T5275] ? print_usage_bug.part.0+0x670/0x670 [ 68.851886][ T5275] ? find_held_lock+0x2d/0x110 [ 68.854004][ T5275] ? get_user_pages_unlocked+0x810/0x810 [ 68.856484][ T5275] ? internal_get_user_pages_fast+0x1258/0x32f0 [ 68.859243][ T5275] ? mark_held_locks+0x9f/0xe0 [ 68.861170][ T5275] internal_get_user_pages_fast+0x16e6/0x32f0 [ 68.863823][ T5275] ? __lock_acquire+0x1984/0x5e20 [ 68.865887][ T5275] ? __gup_device_huge+0x6c0/0x6c0 [ 68.868225][ T5275] ? __lock_acquire+0xc1b/0x5e20 [ 68.870560][ T5275] get_user_pages_fast+0xa8/0xf0 [ 68.872828][ T5275] ? get_user_pages_fast_only+0xf0/0xf0 [ 68.875264][ T5275] ? lock_sync+0x190/0x190 [ 68.877211][ T5275] ? first_iovec_segment+0x16b/0x280 [ 68.879498][ T5275] __iov_iter_get_pages_alloc+0x28c/0x1950 [ 68.882086][ T5275] ? rcu_is_watching+0x12/0xb0 [ 68.884126][ T5275] ? trace_contention_end+0xd8/0x100 [ 68.886351][ T5275] ? iov_iter_extract_pages+0x18f0/0x18f0 [ 68.888923][ T5275] ? __fget_files+0x23f/0x470 [ 68.891092][ T5275] ? pipe_lock+0x5e/0x70 [ 68.893080][ T5275] ? mutex_lock_io_nested+0x11a0/0x11a0 [ 68.895593][ T5275] ? import_ubuf+0x1fd/0x270 [ 68.897595][ T5275] iov_iter_get_pages2+0xa8/0x100 [ 68.899740][ T5275] ? __iov_iter_get_pages_alloc+0x1950/0x1950 [ 68.902425][ T5275] ? wait_for_space+0x18b/0x2c0 [ 68.904575][ T5275] __do_sys_vmsplice+0x50c/0xaa0 [ 68.906743][ T5275] ? __splice_from_pipe+0x8a0/0x8a0 [ 68.908946][ T5275] ? do_raw_spin_unlock+0x175/0x230 [ 68.911209][ T5275] ? futex_wake+0x159/0x490 [ 68.913183][ T5275] ? find_held_lock+0x2d/0x110 [ 68.915250][ T5275] ? do_futex+0x132/0x360 [ 68.917171][ T5275] ? __ia32_sys_get_robust_list+0x400/0x400 [ 68.919605][ T5275] ? xfd_validate_state+0x5d/0x180 [ 68.921841][ T5275] ? __x64_sys_futex_time32+0x480/0x480 [ 68.924367][ T5275] ? syscall_enter_from_user_mode_prepare+0x1d/0x50 [ 68.927300][ T5275] __do_fast_syscall_32+0x65/0xf0 [ 68.929640][ T5275] do_fast_syscall_32+0x33/0x70 [ 68.931882][ T5275] entry_SYSENTER_compat_after_hwframe+0x70/0x82 [ 68.934773][ T5275] RIP: 0023:0xf7fef579 [ 68.936606][ T5275] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 68.945456][ T5275] RSP: 002b:00000000f7fea5cc EFLAGS: 00000296 ORIG_RAX: 000000000000013c [ 68.949363][ T5275] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200000c0 [ 68.952854][ T5275] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 68.956340][ T5275] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.960000][ T5275] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 68.963627][ T5275] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.967292][ T5275] Connection to localhost closed by remote host. VM DIAGNOSIS: 18:45:10 Registers: info registers vcpu 0 RAX=ffff8880695ea000 RBX=0000000000400cc0 RCX=ffff88807e475008 RDX=0000000000000000 RSI=ffffffff8a20008b RDI=0000000000000000 RBP=ffff888012850280 RSP=ffffc90003e37c08 R8 =0000000084d24258 R9 =fffffbfff1d12c1a R10=ffffffff8e8960d7 R11=0000000000000001 R12=0000000000001000 R13=00000000ffffffff R14=ffffffff81bc0b62 R15=ffff8880695ea000 RIP=ffffffff81be5264 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa9591a1280 ffffffff 00c00000 GS =0000 ffff88802c600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f734e1b0 CR3=000000006655f000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=4b5f5455504e495f4449006b636f6c62 XMM01=00007ffd0118a5900000003000000018 XMM02=2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a2a XMM03=00000000000000000000000000000000 XMM04=ffffffffff0000000000000000000000 XMM05=ffff000000000000ffffff00ffffff00 XMM06=ffffffffff0000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 1 RAX=00000000000000d9 RBX=000055fc93b19e00 RCX=00007fa958cf9910 RDX=0000000000008000 RSI=000055fc93b19e30 RDI=000000000000000d RBP=000055fc93b19e04 RSP=00007ffd0118a788 R8 =000055fc93b19e00 R9 =0000000001000000 R10=0000000000000812 R11=0000000000000293 R12=000055fc93aefa50 R13=fffffffffffffe60 R14=0000000000000002 R15=000055fc93b19e30 RIP=ffffffff8a200000 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fa9591a1280 ffffffff 00c00000 GS =0000 0000000000000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002d523000 CR3=000000001f2e7000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=000055fc93aea910000055fc93af2c00 XMM01=00007ffd0118a8100000003000000010 XMM02=00007ffd01189db00000003000000010 XMM03=000000ff0000000000ff000000000000 XMM04=000000000000000000ff000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 2 RAX=fffff52000debe7d RBX=ffff88801b1c0b3a RCX=c50386ee5b4fee99 RDX=1ffff11003638158 RSI=0000000000000001 RDI=00000000ac012b76 RBP=ffff88801b1c0b18 RSP=ffffc90006f5f348 R8 =0000000000000000 R9 =fffffbfff22c63d0 R10=ffffffff91631e87 R11=0000000000000001 R12=ffff88801b1c0000 R13=0000000000000000 R14=dffffc0000000000 R15=0000000000000001 RIP=ffffffff8165c281 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f72be628 CR3=0000000066549000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000000000000000000000 XMM03=00000000000000000000000000000000 XMM04=00000000000000000000000000000000 XMM05=00000000000000000000000000000000 XMM06=00000000000000000000000000000000 XMM07=00000000000000000000000000000000 XMM08=00000000000000000000000000000000 XMM09=00000000000000000000000000000000 XMM10=00000000000000000000000000000000 XMM11=00000000000000000000000000000000 XMM12=00000000000000000000000000000000 XMM13=00000000000000000000000000000000 XMM14=00000000000000000000000000000000 XMM15=00000000000000000000000000000000 info registers vcpu 3 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff848a9805 RDI=ffffffff921ee220 RBP=ffffffff921ee1e0 RSP=ffffc90006e7ef18 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=000000000000005b R14=ffffffff848a97a0 R15=0000000000000000 RIP=ffffffff848a982f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c900000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f72b24d6 CR3=000000001ce4d000 CR4=00350ee0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001fa1 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 XMM00=00000000000000000000000000000000 XMM01=00000000000000000000000000000000 XMM02=00000000000000004171855100000000 XMM03=41414141414141414141414141414141 XMM04=782f58693039706a542f2f6330365763 XMM05=41414141414141414141414141414141 XMM06=41414141414141414141414141414141 XMM07=41414141414141414141414141414141 XMM08=41414141414141414141414141414141 XMM09=41414141414141414141414141414141 XMM10=41414141414141414141414141414141 XMM11=41444141414141414141414141414141 XMM12=3d4d43324638372f2f4441412f302f57 XMM13=7435324d356444664839617278487845 XMM14=31572f535762376270496c7631643265 XMM15=00000000000000000000000000000000