last executing test programs: 42.11434367s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 34.863467627s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 27.494400412s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 20.105119777s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 11.975607022s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 5.274292223s ago: executing program 2 (id=395): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000380)=0x1000, 0x4) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c) bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r0, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x9}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c) 4.976342161s ago: executing program 2 (id=396): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x40007) (fail_nth: 2) 4.207239859s ago: executing program 3 (id=12): prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) futex(0x0, 0x109, 0x0, 0x0, 0x0, 0x0) write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f}}, 0x50) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) sendmsg$NFT_BATCH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a7c000000060a0b04000000000000000002000000500004804c0001800a000100696e6e65720000003c00028008000040000000840800034000000007080004400000000f08000140de000000000000000e000100696d6d65646961746500aa4b22fa777720a1e124440000040002800900010073797a30000000000900020073797a320000000014ddffff1000010020000000000000000300000a"], 0xa4}}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x6) sched_setaffinity(0x0, 0x0, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}, @val={@val={0x88a8, 0x2, 0x1, 0x1}, {0x8100, 0x0, 0x0, 0x1}}, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x48, 0x3a, 0x0, @remote, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "98cec1", 0x0, 0x0, 0x0, @loopback, @mcast2, [@hopopts={0x3b, 0x0, '\x00', [@enc_lim]}, @fragment={0x0, 0x0, 0x4, 0x0, 0x0, 0xe, 0x67}]}}}}}}}, 0x0) syz_usb_connect(0x3, 0x0, 0x0, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000006, 0x38011, 0xffffffffffffffff, 0xdfb8c000) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) quotactl$Q_GETQUOTA(0x0, &(0x7f00000001c0)=@loop={'/dev/loop', 0x0}, 0xee00, 0x0) ioctl$FS_IOC_SETFLAGS(r2, 0x125f, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_opts(r3, 0x0, 0x4, &(0x7f0000000080)="441f0810000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d) socket$netlink(0x10, 0x3, 0x6) r4 = socket$inet6(0xa, 0x1, 0x0) r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x0) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r5, 0x54a2) setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) 1.135653276s ago: executing program 0 (id=409): r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7f) syz_open_dev$tty20(0xc, 0x4, 0x0) (async) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7f) (async) 1.045875817s ago: executing program 0 (id=410): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='2\x00', 0x2) bind$bt_hci(r4, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) write$binfmt_misc(r4, &(0x7f0000000000), 0xd) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x3c, 0x28, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x0, r3, {0x4, 0x9}, {0x6}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x7}}, @filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x3c}}, 0x20000000) 966.404324ms ago: executing program 0 (id=411): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x3, 0x0) r2 = socket(0x10, 0x803, 0x2) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2) getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x3c, 0x28, 0xd27, 0x1000000, 0x0, {0x0, 0x0, 0x0, r3, {0x4, 0x9}, {0x6}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x7}}, @filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x3c}}, 0x20000000) (fail_nth: 2) 436.065309ms ago: executing program 0 (id=414): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) bpf$PROG_LOAD(0x5, 0x0, 0x0) write$cgroup_devices(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="1e03"], 0xffdd) 435.794346ms ago: executing program 1 (id=415): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x7fff, 0x4, 0x1, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000840), &(0x7f0000000880)=r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000e80)={r1, &(0x7f0000000d40), 0x0}, 0x20) 385.833162ms ago: executing program 1 (id=416): r0 = bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000100), 0x200df000, r0, 0x0, 0x40000000}, 0x38) 341.307139ms ago: executing program 2 (id=397): r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x404400, 0x9) mknodat$loop(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0xc000, 0x0) ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000100)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, r4}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)) ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000200)={0x9, [[0x5, 0x4, 0x0, 0x3, 0x9, 0xff, 0xff, 0x7fff], [0x4, 0x80000001, 0x4, 0x9, 0xb, 0x92e7, 0xffff, 0x5], [0x4, 0x1, 0x1, 0x4be, 0xfffffff9, 0x8, 0x7, 0x9]], '\x00', [{0x4, 0x0, 0x1, 0x1, 0x1}, {0xbf, 0x5, 0x0, 0x1}, {0x7, 0x2, 0x0, 0x1, 0x0, 0x1}, {0x6, 0x0, 0x0, 0x0, 0x1, 0x1}, {0x6, 0x3, 0x0, 0x1}, {0x5a92, 0x5, 0x0, 0x1, 0x1}, {0xfffffffc, 0x5, 0x0, 0x0, 0x0, 0x1}, {0x8, 0x41db, 0x0, 0x0, 0x1, 0x1}, {0x4, 0x800, 0x0, 0x1, 0x1}, {0xc9, 0x1000, 0x1, 0x1}, {0x800, 0x0, 0x1, 0x0, 0x1}, {0x10e4, 0x4, 0x1, 0x0, 0x0, 0x1}], '\x00', 0x3}) ioctl$CDROMVOLCTRL(r2, 0x530a, &(0x7f0000000480)={0x32, 0x8, 0x3, 0x1}) ioctl$sock_ax25_SIOCADDRT(r0, 0x890b, &(0x7f00000004c0)={@null, @bcast, 0x4, [@null, @null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) syz_init_net_socket$netrom(0x6, 0x5, 0x0) r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0) ioctl$UI_END_FF_UPLOAD(r5, 0x406855c9, &(0x7f0000000580)={0x4, 0x8, {0x53, 0x0, 0x0, {0x9, 0x8}, {0x9, 0x2}, @ramp={0x0, 0x5, {0x0, 0xff, 0x5, 0x3ff}}}, {0x56, 0x4, 0x5, {0x0, 0x8}, {0x7, 0x6}, @ramp={0x2, 0x1, {0x9, 0x738, 0x9, 0x1}}}}) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r3, &(0x7f0000000740)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000700)={&(0x7f0000000680)={0x5c, r6, 0x2, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x2, 0x56}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x80}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x27}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x25}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x72}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x3e}]}, 0x5c}, 0x1, 0x0, 0x0, 0x20040000}, 0x801) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r7, &(0x7f0000000940)={&(0x7f0000000780)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000900)={&(0x7f0000000800)={0xd0, r8, 0x200, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1ff}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x10000}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8a2f}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4048004}, 0x40) ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x13) r9 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000a40)={0xffffffffffffffff, 0x58, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0}}, 0x10) sendmsg$nl_route(r9, &(0x7f0000000b40)={&(0x7f0000000980)={0x10, 0x0, 0x0, 0x10400004}, 0xc, &(0x7f0000000b00)={&(0x7f0000000a80)=@ipv4_delroute={0x68, 0x19, 0x400, 0x70bd28, 0x25dfdbff, {0x2, 0x80, 0x80, 0x8, 0xfc, 0x2, 0xff, 0x4, 0x400}, [@RTA_GATEWAY={0x8, 0x5, @multicast2}, @RTA_MARK={0x8}, @RTA_SRC={0x8, 0x2, @broadcast}, @RTA_TABLE={0x8}, @RTA_SRC={0x8, 0x2, @rand_addr=0x64010102}, @RTA_IIF={0x8, 0x3, r10}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_TOS={0x5, 0x5, 0xf}}, @RTA_NH_ID={0x8, 0x1e, 0x9}, @RTA_SPORT={0x6, 0x1c, 0x4e22}]}, 0x68}, 0x1, 0x0, 0x0, 0x4000800}, 0x48040) r11 = userfaultfd(0x0) ioctl$UFFDIO_ZEROPAGE(r11, 0xc020aa04, &(0x7f0000000b80)={{&(0x7f0000ffa000/0x4000)=nil, 0x4000}}) r12 = socket$inet6_tcp(0xa, 0x1, 0x0) sendmsg$inet(r12, &(0x7f0000001ec0)={&(0x7f0000000bc0)={0x2, 0x4e23, @multicast1}, 0x10, &(0x7f0000001d80)=[{&(0x7f0000000c00)="1de299958896fa336fbcc9a0e507815e46948bf8bb0ab522a48944d4db207920da0f77eec2e46a025160b7dce079ace7380a77", 0x33}, {&(0x7f0000000c40)="a07d6ef3738d58a48301224974cfba9d33bfc661cea2120c3dcb9c5b7036d8825146c9739f640e5b4297dea16e4d92bc9f7f81b366e69b6d4117603d8068281ad28b71b14f68edfc69707ac22e13dd021a7b6a8998d3b15a911576c2b5bf6b79195191452f6880dfc62d1287fe74b6e251cff37fb160cc2645d14e81186bf738547e15947ff7ea4835aaaca7ffdb0fc339dac0b0ee9aa7c91f0d4036e999e205462166ee4e8981ebde5b0648e9623c4def92c1ad4a0a6af5a1bdd37192d018c07e7dd674ae536d083d81aa6d60caf2b546bcf24242422be5af", 0xd9}, {&(0x7f0000000d40)="62ded11323d5c83c22ed5255830523265a2826eab317156427c059818ff178e6d8903590cebca8a01b94c862eea0100d6ef52e780d403b59b62a1a", 0x3b}, {&(0x7f0000000d80)="d162d848cad5c31536812fd761611ed1552aca8a7b4c64b054d1ddd9022e342f7c0f5d089e238e61facbade8b8fd3eb91972e9cd55f094e4cf7cbcefe98181f46a6bf2de2c0d5996ce9436f20d4f02568e73f308562967d0f99cf7d1ba8127838e82388669df0b335a419b8de233e5ad85f1e8b73a4a70465eed1b143e619f5c61bfdba41923310d5419c67ccf84895e973c268c7ad63e315f37116bd4bc7e234bba654c9df33f3a1ba7a44aab903f32c73062f3615a887d32501b28644fb4749bebb598b5cad2dfa466639ca41e9f5b34302a75a3f24e9784e0ca832ba05060481c50d23ef750ac8eb4a2f116414df5ab25a702cd47338f7b511d6f9f85bb0a7def033fcfd32f017f8a5c4736740144796bf760dfc40932d2ff2214dee2bf6465e0238594306f093999a6b9f97b4e0e3ef4fd20ed0825dfc2b2a88d6165e476c4914301a7f56e03d8420915946c82a43dde3aad7c5fcd20f79d3649ff4a1a9eb2feaacc8ba77030449900052dfd190624fdcfcb42085e8de6c12837fb244b46ea055a10d10dd5e2f7ad550810a8d1191e8fd2b9a6349f9b97ecec77d6619900214cfc91069327cf778fa0924b9aea90ab4a2f1b2eefc333b9cd087171f0618db4df9c5a2cb6d99e11b14705719af9601c9ac6c55ceea5938f92000b65c32be0921dc90d7bea13b585d26a4b6e09fc56a8327f8d202e8a1159d8bf0de6b7fe20673df6bfc34bc5090329a58b77dc066578debaf5f516902243c1cd882ce5f8f97fdb4ac874039ad16ef4ed746961e7e28bbf0849704847846d6159003a896dc7f5168433b1bcc4cd80de4771f05005f5843286717ab535a95c8e6c23e3ba035406152705823f7503a1267497aa1d1b70c97c892619f057c40221730333612c951581066eeed169595994a9e13539de64b8d4d3af0166f1a45eb49d3e8a929c3b85116effc600ca6d2fcddffac6d9b72874145552bb6d64216c6e615a14721d7912e4d098fa39231e74555beba4569de77f9c96d7a49cfc378b2dc5866710f65a20f83edfe88dfcfaad560fd08fef21c21db9aa43e3b91c73ec973d3e08ec2d47110d7e1c805f68a6b9fe236a9e25eac551ca31571a4cc9f75a1e5109da2b51a1502d776fc0c8f53489a65e71a6cc412c2aaa51edbbc29a1eb239781815bac230ffdb924741c0f4d53910526f41877e18ed9c19517ae44b3f1f9d4de6f6ac5b83e487725644aab6b534b9d5a398e4ff7cbffe7607c98c724703c43b527a6a828150ec011e5688f9915da8da6c7f82706a8913a1f37613b12c0c01220b4719b0a2f6fbd57ba56f6ac9e668c931ab0c36d91ac0beeb5e9420c10a6617de44e17769261fe1e1f92c9da8bb6d748e572d794277e2af13a059c709df9d8c560ff09c88ecdaad68e47a7ff3e5e035d62e382a14eaf3b1e514882893e79acde53129ef430f194bb0d70a8993038d2a89d9f27dd9924029ac0c43922273c16f945bffb39ea4ed245d0ef3eadba8a124c2a3d48c6e3c17f2d35e665c85c789b2c335d1add349f3b7ccd8cf7720f01c84e62211106a627f68b275cbd14eaef81d38263fa8e656e35cdc9d3fee4e69c529c5c3fd11d3629f7c686cd4ccf9760241028990de7e580ac7ea0a645de13cf039a5b4624d0d41593671679e0c67f2b7a915f5ec4a65810e4753af3be1310a5372135c4c0f34d57c6d4f30db19c658538cacecae613def41c6412ad498c2e87efec2fb605140e6b045fad151f19fca2e71a7f083c38ec47d519de50ab2209e887ec290ee54555cbf8aaecfd61fdea7821fbf69cb74b02559f278e5def55860c69494bee8516458646c061d3b2cf50264e73ffbf76c90bd63d824e62f610777ceac14ebf9e6333a3bc4c9fa0a2b76086e288bd3992eac667af6db605a6009dbd65a41b35794ca8df4379a86f44364b72e5b8cd350592278e19be912de718a4dd162bc5e1004fab0883b76286637486dbace03f0159f6200d90e3d30620955a0d473e7cfcabc0829a9f783aca482101ab4094e5f76924ce8d3a177325c7445774426ea9d740538029a5fc137fb7b01cf583a69bfb7d0f3bc48d3b2f9e6904d802ef62491eb2b213c65488fcd9c1b9b8623d1782c7ee1a22de8cf9b82cbe24f48a59bf02a60ee4da26671c7b19636bf21c194c6db40914a51323a2f1e39a0064771b3cbcc9fa48f70e444500c05a000bf78a5d9753652788339456633bbe4e76376f33f6d7439e3736c77797dad3941a50424bc048781d30de8a4a9447afe10573d4457c4fdae199f185f0b6389ed47a3a8bc8b6ba29aa3e3d8a40fa50f8846f1e2b7357f5029eb63a28da82ca500e54cbc66bdbb12aea9e7d5e54a691342dfea917d72d77d83db79f3ac6ca38ce7d0df5298a9b97c9e06fce076d05224c4722d9e9b2b5f70e1f5cb5186174303ab223d957d4c2a465a5b1c5e77fc012649e4c6f81efd66d18a329338b03f87c6e00750c1317fb4706a832b034f53f42b7e588bc0c985da798b22fc6359363a8f32d506f2ba91dc74c66f5be9b9200393c8411294d4f013ea7566c7be816b0a3700f959d31e9f792ddd94d136256f24a4c8887fbd3aa139c6773828c93317b7245baf16d41ee3c23003fd60c4095c8330ced7ca24c6b5aa59ddde93979674806359a69276fdad2238add473929045e959e24e0e383c7b74bc07f2084fdfc14bd2058aabd821b32debe1e64f3bc674d78ead77b3f9d151b7a245e9e5ac9fe05495894a4d131c500c062aea5570cf0dc70396c2a739944b004d462bfa347bfcc496887ca1892b6e7bb8925ad6673a99f5b48ef8f3a051dc5d2f400be358d49f63386fb79f95fc0e1305348b0ca176e0a2901b80dcc3a8014a7079932c2387fcf7763b980c940e28fc6dc674f69ddb8b92aed4aa1a2cdc5805e1adc80abbabf11b7e94989a4cfd93a8e3de31ae9a717b519b85802850f7af8ba44e19f91ac6f20c40404fac5036661f1b69a420f765b6e39a73a454b2c44843b17ea663d18cbbf3baeff0995eeaa2f63ca42e10cec7b4ae2169a0174641c94dc7c81eb8b7e29d4b895aa2c6b411b2b2c6348b2b4eb5127d2fba68019e188e2867ce5452c6b5432211d0527cd8b5d6d8387653d18956e35b53a5e088926ae14eba20c903b57b3397b44b3a6b63c5ffee9af02a039e43210c4cdc7a5e58bfabbfa4a4f5fc6410673ef599dab5595e0dee0cd828e1c9a23eb3a5185a481d07d48c97e0ae7fb90e196d8961fbd3756c627ee9777674a2f3d920bce96937a7c06e98dd6292c67cb51e8f3dd012409779069e603dc92781b7ad1765635a91b84a63653316716a5fdaf84132a2d5425ad0ab1ff5287a1c496dba1e8a98cb0f75d611dfab3e65087a2e9f45156f7a960f43a1bd0920da8f1cf28f4ebcfb02846d4ffd8d6ba26ced9239d2ecae1bc37335e6bbf72a5b9954dd2607421312d95f00554b7929ff5d545f656d37d8dfd03d1f81dbbf2b642f185c233874f0e99a77438d602fb61709ea68fdd647b4f9385786408d1afc8e935c94fa658c7a025a72a7df39bbf68df87ae2608ef311d78752800bec97a08af431c2d8e8f6ec6d4dd386aa15b033f5bed480aaf7d33df0666e656e13dbb681361e4ec6d61d044b093568c06dafc51471aaf09fb86fa9398af263163b262b3739f90016aad31e36c4b39273d636df6c2021fb211be6871c02ef8dc75d6999bf2213e03f7c895db37f99eb5b1b1c9989549da34565315922a5601e9ed37fa51f3503e406c14d1ac08aa6736849836ad22a953b0e0e0de254964e8200f7e16b9d51075e0d8b6d712f43146ae57160454355b31bd033488262be2a96677567e2ce2055b9164807ab7c34820167c58c3dd2c801a41816f363e082f861e5839dd3e427d8b21dabf8b154107f994f8d54e21a474b3e3146efe71cc90e845a91fff081b9462ff5ddbeae7ad8256b0f345366f5ddbbe606fbf9c63fea25895c834d2786c7472b64054a791d79f9d846bccefb8085ec9a815e8a683eb66dfa68af08a0ef1810ee11ac044c2397e2b10ed6dfcb21349d0a68559f6df8eb1e119f61e20e074deac43ad4c0fee26520f76253f449473edc22faad06ea5886f4054dda04930ffdf7907d66211ac35a4d208c37b0e137e5b2b80396ff1e2d00221f7a07aac034f9ab4de82574703de64e99e6662af7dd08b0e1564ebd1046719de515056788c0609f21d6eebde14e723401a84720a648d79b83585b5e77251244c6a325cfad1761e5f43366d3ee6565ef475e72ef3f40d2b91184095a1375c846665447b8b07b6f257246745901c07cca64d0d3bbff4dd518ac9d2cb59e7fb8f7a746ce60b8950d3ade1f7aebe260b62db3ea8c39653071304501abba43b174ff396561b85d8edc19e6000ed88dc2b15e4c3324a5959969fa717d05bddcd47618ee9da5776abf52f675f25e410dbbcc71c8265095d8ccdcce94bb0d11b16550cb8e0a3d097680668da3f817b251f48eefb473fd9f1805b9ed9748ed0f5aa4b5bd635cb363e81a31e6c862d7b435e2e09295f6b0e616e156f5cd68cead91732c7315f64fffe91af1e9f05edfab708fdf5cf900329ef0dd5d04e4860748e086af90d3d427ed40db4bbba244a6761f02cc85ac0f268fa1d8ad9cf30341492785b4e8f03f3fde8d914730c69cf27a8a5689322cd8b58cfc062f8bf5a58ef7bcc0eb1332d938b6891fa28e2ff5a5d732d201b95f6cd20c328197b252f512ddcc645918133787601e8c08234df1fa5d0f54300e4fc7ba43d3a4d91b4a2ceff5f556d136b8de3314264ee099ef4e3cb338b5f9e12722f10b6c487b38fc70eb2580f7e156ce4c74771ca01407339a05862f2b5e28124bd93889fb6c000f01827ff108618957647b9d8f3016a8ff434d3932f28767cb393c7f841cb83c4e1d0245ad2100f232f7d9beee64cb1a2fa129cd8ff79323d569eb994728f613e39e64ca04f783e5aad304c5adeed4ee814aa7210b3ad3d01d0a850925268d04bf3844c4a31f24ebffb3b9e6c49b84fa851977b1860dd34dce566937bc95422887155a03c0fcf46e48313f3d4d5ca55061e46270452ff5ecbb79fadefe60ba26e78b541cfc4416c85d853b7f2393678be6b8c801433254a0778627c7a0f0461aa8564c0dd2d79b966296806bbf42ca4c61bf86f1b6712135078c993261fb678c361c04da33f0aca127f582a9a17a825957775cce86372594415a86d9a88dd05a09df554938a42a988e730336c7651453011dda1042a267adbd7b091036f92b872505012a0ea80a760571b1a63ed6132d2ead5e10007a93c918828db28bca3360d53db3da32dfc3222e12726119adb59a0cfa50b6be92e63858a7721dcb67db6b366f5902c6c1f7372cd06e6d24570c556796ed7aa784b2b9e2af99d0c71a90516253c70825b381e9441e565352ad7e338767c0ca92a059ed6e7ad02f1aaa608ad7682d42f6f5bfc8c0e2663ab9491c5c6b8d01731fc8cac3d78315dc57d1305b8e2701f086f71a44dfb765b459e7210db79bd1d7645b0ac76e17237c72eecdbff1f0b643b1a184530f3f422252048a9682dbf336ac35aa0c0df901b42a382dd44f69542933df4f38ccc9baa566b1b11e4c033c649e69b27a5f49b7d6dba1815f7ff113cf6713d9208cf08f305f17931bd561b93adf08893298f67d1defb90f109e19d2df07e1d061168dfaa952a0d166fadbc3e2059108d56d074bfc5d85aec59b8f7941bf201b3d9dd344024de10fdbaf84a98cf44d29c371684ff28adc935b7269db9a9ba876e5b1bb6e87359335", 0x1000}], 0x4, &(0x7f0000001dc0)=[@ip_retopts={{0xa0, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x44, 0xaa, 0x3, 0x1, [{@broadcast, 0xf}, {@multicast1, 0x9}, {@local, 0x540}, {@remote}, {@dev={0xac, 0x14, 0x14, 0x18}, 0x7}, {@loopback, 0x9}, {@broadcast, 0xfffffff7}, {@local, 0x2}]}, @ssrr={0x89, 0xf, 0xb2, [@empty, @multicast2, @empty]}, @timestamp_prespec={0x44, 0x1c, 0xfc, 0x3, 0x7, [{@broadcast, 0x2}, {@remote, 0x3}, {@loopback, 0x6}]}, @rr={0x7, 0xf, 0x0, [@rand_addr=0x64010102, @multicast1, @private=0xa010102]}, @generic={0x44, 0x12, "1e06e2c9418848e0ac2523f12cc7a4c9"}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x100}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x3}}, @ip_ttl={{0x14, 0x0, 0x2, 0x6f18}}], 0xe8}, 0x4000800) bind$llc(0xffffffffffffffff, &(0x7f0000001f00)={0x1a, 0x200, 0x1d, 0xfc, 0x5, 0x5, @local}, 0x10) openat$tun(0xffffffffffffff9c, &(0x7f0000001f40), 0x400000, 0x0) ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f0000001f80)='virt_wifi0\x00') ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000002000)=0x8) 266.378928ms ago: executing program 1 (id=417): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000006000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000500)='mm_page_alloc\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_clone(0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0) 205.809388ms ago: executing program 2 (id=418): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0xe) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[], 0xffdd) 125.940907ms ago: executing program 0 (id=419): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x5, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='tlb_flush\x00', r0}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa1"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x0, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="850000000f00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a9b030074bfbcd4b09012175484135f0e519f0b1e4aaa026d570ecb5e8cddbed65ff702000000a3ff4f8a4cf796b07a6ff61c5552417fd703f7f14d8b78a602ca3cdf6a662d8bc9c89c9120072a5d00dcdd8595356c9b2492aaf1264d4ef4a410c882834867bcd2b6e558d17879570c8ad943e392955f4f979ea13201bafe4f0f6e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x29fd, 0x84, 0x105, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r1}, 0x38) bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000100)={0x0, &(0x7f0000000040)=""/129, &(0x7f0000000680), &(0x7f0000000000), 0x6c, r1}, 0x38) 66.3629ms ago: executing program 1 (id=420): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000540)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000882b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0) 66.159222ms ago: executing program 2 (id=421): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x9d, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001400)={{r2}, &(0x7f0000001380), &(0x7f00000013c0)='%-010d \x00'}, 0x20) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000080)={r2, &(0x7f0000000080), 0x0}, 0x20) 12.172695ms ago: executing program 1 (id=422): r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x60}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x95}}}, &(0x7f0000000200)='syzkaller\x00', 0x2, 0xf7, &(0x7f0000001e40)=""/4107, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x4c) 11.980864ms ago: executing program 2 (id=423): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$tipc(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0) setsockopt$sock_attach_bpf(r2, 0x1, 0x21, &(0x7f0000000040), 0x4) sendmsg$tipc(r3, &(0x7f0000001000)={0x0, 0x0, 0x0}, 0x0) recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1, &(0x7f00000032c0)=""/4096, 0x1000}, 0x0) sendmsg$tipc(r2, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0) 1.552405ms ago: executing program 0 (id=424): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, 0x0, &(0x7f0000000040)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0xe) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) write$cgroup_devices(r2, &(0x7f00000000c0)=ANY=[], 0xffdd) 0s ago: executing program 1 (id=425): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000080b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940)) kernel console output (not intermixed with test programs): vsim netdevsim3 netdevsim3: renamed from eth3 [ 83.089521][ T6380] 8021q: adding VLAN 0 to HW filter on device bond0 [ 83.101497][ T6380] 8021q: adding VLAN 0 to HW filter on device team0 [ 83.108243][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 83.110159][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 83.116886][ T6479] FAULT_INJECTION: forcing a failure. [ 83.116886][ T6479] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 83.118757][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 83.120239][ T6479] CPU: 2 UID: 0 PID: 6479 Comm: syz.0.257 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 83.122072][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 83.124735][ T6479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.129395][ T6479] Call Trace: [ 83.130265][ T6479] [ 83.131036][ T6479] dump_stack_lvl+0x16c/0x1f0 [ 83.132269][ T6479] should_fail_ex+0x497/0x5b0 [ 83.133509][ T6479] strncpy_from_user+0x3b/0x2a0 [ 83.134777][ T6479] bpf_prog_load+0x1c30/0x2660 [ 83.136031][ T6479] ? __pfx_bpf_prog_load+0x10/0x10 [ 83.137368][ T6479] ? avc_has_perm_noaudit+0x143/0x3a0 [ 83.138774][ T6479] ? selinux_bpf+0xde/0x130 [ 83.139965][ T6479] __sys_bpf+0x402b/0x49a0 [ 83.141139][ T6479] ? ksys_write+0x21e/0x260 [ 83.142325][ T6479] ? reacquire_held_locks+0x450/0x4c0 [ 83.143730][ T6479] ? __pfx___sys_bpf+0x10/0x10 [ 83.145007][ T6479] ? vfs_write+0x14d/0x1140 [ 83.146238][ T6479] ? __mutex_unlock_slowpath+0x164/0x650 [ 83.147702][ T6479] ? fput+0x30/0x390 [ 83.148756][ T6479] ? ksys_write+0x1ad/0x260 [ 83.149968][ T6479] ? __pfx_ksys_write+0x10/0x10 [ 83.151260][ T6479] __x64_sys_bpf+0x78/0xc0 [ 83.152427][ T6479] ? lockdep_hardirqs_on+0x7c/0x110 [ 83.153797][ T6479] do_syscall_64+0xcd/0x250 [ 83.154992][ T6479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 83.156927][ T6479] RIP: 0033:0x7f9437d7dff9 [ 83.158481][ T6479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 83.165350][ T6479] RSP: 002b:00007f9438c44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 83.168283][ T6479] RAX: ffffffffffffffda RBX: 00007f9437f36058 RCX: 00007f9437d7dff9 [ 83.171060][ T6479] RDX: 0000000000000048 RSI: 0000000020000100 RDI: 0000000000000005 [ 83.174030][ T6479] RBP: 00007f9438c44090 R08: 0000000000000000 R09: 0000000000000000 [ 83.176795][ T6479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 83.179537][ T6479] R13: 0000000000000001 R14: 00007f9437f36058 R15: 00007ffc318c26c8 [ 83.182320][ T6479] [ 83.238678][ T6380] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 83.257127][ T6380] veth0_vlan: entered promiscuous mode [ 83.261426][ T6380] veth1_vlan: entered promiscuous mode [ 83.280572][ T6380] veth0_macvtap: entered promiscuous mode [ 83.287316][ T6380] veth1_macvtap: entered promiscuous mode [ 83.291709][ T6489] netlink: 32 bytes leftover after parsing attributes in process `syz.2.259'. [ 83.294916][ T6491] netlink: 32 bytes leftover after parsing attributes in process `syz.2.259'. [ 83.301282][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.304199][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.308047][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.311364][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.314152][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 83.317223][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.320587][ T6380] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 83.327568][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.330420][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.333042][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.336087][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.339703][ T6380] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 83.342874][ T6380] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 83.346779][ T6380] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 83.352187][ T6380] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.355017][ T6380] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.357881][ T6380] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.360140][ T6380] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.402164][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.405427][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.419619][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 83.423200][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 83.968172][ T6512] FAULT_INJECTION: forcing a failure. [ 83.968172][ T6512] name failslab, interval 1, probability 0, space 0, times 0 [ 83.971552][ T6512] CPU: 2 UID: 0 PID: 6512 Comm: syz.0.263 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 83.974391][ T6512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.977293][ T6512] Call Trace: [ 83.978198][ T6512] [ 83.979006][ T6512] dump_stack_lvl+0x16c/0x1f0 [ 83.980288][ T6512] should_fail_ex+0x497/0x5b0 [ 83.981589][ T6512] ? fs_reclaim_acquire+0xae/0x150 [ 83.982983][ T6512] should_failslab+0xc2/0x120 [ 83.984364][ T6512] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 83.985856][ T6512] ? __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 83.987954][ T6512] __kvm_mmu_topup_memory_cache+0x18f/0x600 [ 83.989762][ T6512] mmu_topup_memory_caches+0x22/0xd0 [ 83.991205][ T6512] kvm_mmu_load+0xda/0x20d0 [ 83.992449][ T6512] ? mark_held_locks+0x9f/0xe0 [ 83.993883][ T6512] ? kvm_apic_has_interrupt+0xb6/0x190 [ 83.995768][ T6512] ? __pfx_kvm_apic_has_interrupt+0x10/0x10 [ 83.997418][ T6512] ? vmx_flush_tlb_guest+0x113/0x2e0 [ 83.998852][ T6512] ? __pfx_vmx_flush_tlb_guest+0x10/0x10 [ 84.000778][ T6512] ? __pfx_kvm_mmu_load+0x10/0x10 [ 84.002533][ T6512] ? kvm_cpu_has_injectable_intr+0x9b/0x1a0 [ 84.004613][ T6512] ? kvm_check_and_inject_events+0x57f/0x12e0 [ 84.006844][ T6512] ? kvm_invalidate_pcid+0x341/0x370 [ 84.008787][ T6512] vcpu_run+0x337c/0x4f80 [ 84.010352][ T6512] ? __pfx_vmx_vcpu_load_vmcs+0x10/0x10 [ 84.012301][ T6512] ? __pfx_vcpu_run+0x10/0x10 [ 84.014053][ T6512] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 84.016022][ T6512] ? rcu_is_watching+0x12/0xc0 [ 84.017721][ T6512] ? trace_lock_acquire+0x14a/0x1d0 [ 84.019642][ T6512] ? __local_bh_enable_ip+0xa4/0x120 [ 84.021587][ T6512] ? kvm_arch_vcpu_ioctl_run+0x14d/0x1730 [ 84.023678][ T6512] ? kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 84.025279][ T6512] kvm_arch_vcpu_ioctl_run+0x447/0x1730 [ 84.026762][ T6512] kvm_vcpu_ioctl+0x6c7/0x1510 [ 84.028061][ T6512] ? do_vfs_ioctl+0x513/0x1990 [ 84.029391][ T6512] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 84.030797][ T6512] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 84.032530][ T6512] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 84.034361][ T6512] ? trace_lock_acquire+0x14a/0x1d0 [ 84.035769][ T6512] ? selinux_file_ioctl+0x180/0x270 [ 84.037174][ T6512] ? selinux_file_ioctl+0xb4/0x270 [ 84.038561][ T6512] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 84.039965][ T6512] __x64_sys_ioctl+0x18f/0x220 [ 84.041276][ T6512] do_syscall_64+0xcd/0x250 [ 84.042506][ T6512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.044096][ T6512] RIP: 0033:0x7f9437d7dff9 [ 84.045308][ T6512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.050427][ T6512] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 84.052661][ T6512] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 84.054785][ T6512] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 84.056897][ T6512] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 84.059016][ T6512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.061134][ T6512] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 84.063252][ T6512] [ 84.164412][ T6525] FAULT_INJECTION: forcing a failure. [ 84.164412][ T6525] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 84.168676][ T6525] CPU: 0 UID: 0 PID: 6525 Comm: syz.1.267 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 84.171449][ T6525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.174251][ T6525] Call Trace: [ 84.175243][ T6525] [ 84.176057][ T6525] dump_stack_lvl+0x16c/0x1f0 [ 84.177364][ T6525] should_fail_ex+0x497/0x5b0 [ 84.178659][ T6525] _copy_from_user+0x30/0xf0 [ 84.179918][ T6525] generic_map_update_batch+0x391/0x5f0 [ 84.181398][ T6525] ? __pfx_generic_map_update_batch+0x10/0x10 [ 84.182982][ T6525] ? __pfx_generic_map_update_batch+0x10/0x10 [ 84.184558][ T6525] bpf_map_do_batch+0x5a8/0x670 [ 84.185882][ T6525] __sys_bpf+0x1ce4/0x49a0 [ 84.187044][ T6525] ? ksys_write+0x21e/0x260 [ 84.188236][ T6525] ? reacquire_held_locks+0x450/0x4c0 [ 84.189669][ T6525] ? __pfx___sys_bpf+0x10/0x10 [ 84.190920][ T6525] ? vfs_write+0x14d/0x1140 [ 84.192117][ T6525] ? __mutex_unlock_slowpath+0x164/0x650 [ 84.193606][ T6525] ? fput+0x30/0x390 [ 84.194659][ T6525] ? ksys_write+0x1ad/0x260 [ 84.196002][ T6525] ? __pfx_ksys_write+0x10/0x10 [ 84.197302][ T6525] __x64_sys_bpf+0x78/0xc0 [ 84.198476][ T6525] ? lockdep_hardirqs_on+0x7c/0x110 [ 84.199839][ T6525] do_syscall_64+0xcd/0x250 [ 84.201042][ T6525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.202584][ T6525] RIP: 0033:0x7f300977dff9 [ 84.203753][ T6525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.208735][ T6525] RSP: 002b:00007f300a492038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 84.210912][ T6525] RAX: ffffffffffffffda RBX: 00007f3009936058 RCX: 00007f300977dff9 [ 84.212951][ T6525] RDX: 0000000000000038 RSI: 0000000020000200 RDI: 000000000000001a [ 84.215171][ T6525] RBP: 00007f300a492090 R08: 0000000000000000 R09: 0000000000000000 [ 84.217251][ T6525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 84.219329][ T6525] R13: 0000000000000000 R14: 00007f3009936058 R15: 00007ffcf6d67f68 [ 84.221387][ T6525] [ 84.421579][ T6529] fuse: Bad value for 'fd' [ 84.569110][ T6535] FAULT_INJECTION: forcing a failure. [ 84.569110][ T6535] name failslab, interval 1, probability 0, space 0, times 0 [ 84.572414][ T6535] CPU: 2 UID: 0 PID: 6535 Comm: syz.0.270 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 84.575194][ T6535] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 84.578199][ T6535] Call Trace: [ 84.579135][ T6535] [ 84.579924][ T6535] dump_stack_lvl+0x16c/0x1f0 [ 84.581275][ T6535] should_fail_ex+0x497/0x5b0 [ 84.582538][ T6535] should_failslab+0xc2/0x120 [ 84.583797][ T6535] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 84.585223][ T6535] ? skb_clone+0x190/0x3f0 [ 84.586414][ T6535] skb_clone+0x190/0x3f0 [ 84.587540][ T6535] netlink_deliver_tap+0xab3/0xd90 [ 84.588917][ T6535] netlink_unicast+0x5e1/0x7f0 [ 84.590200][ T6535] ? __pfx_netlink_unicast+0x10/0x10 [ 84.591592][ T6535] netlink_sendmsg+0x8b8/0xd70 [ 84.592862][ T6535] ? __pfx_netlink_sendmsg+0x10/0x10 [ 84.594264][ T6535] sock_write_iter+0x4fe/0x5b0 [ 84.595535][ T6535] ? __pfx_sock_write_iter+0x10/0x10 [ 84.596930][ T6535] ? bpf_lsm_file_permission+0x9/0x10 [ 84.598333][ T6535] ? security_file_permission+0x71/0x210 [ 84.599807][ T6535] vfs_write+0x6b5/0x1140 [ 84.600964][ T6535] ? __pfx_sock_write_iter+0x10/0x10 [ 84.602361][ T6535] ? trace_lock_acquire+0x14a/0x1d0 [ 84.603732][ T6535] ? __pfx_vfs_write+0x10/0x10 [ 84.605010][ T6535] ? __fget_files+0x40/0x3f0 [ 84.606251][ T6535] ksys_write+0x1fa/0x260 [ 84.607389][ T6535] ? __pfx_ksys_write+0x10/0x10 [ 84.608668][ T6535] do_syscall_64+0xcd/0x250 [ 84.609890][ T6535] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 84.611431][ T6535] RIP: 0033:0x7f9437d7dff9 [ 84.612608][ T6535] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 84.617616][ T6535] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 84.619759][ T6535] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 84.621811][ T6535] RDX: 0000000000000024 RSI: 0000000020000040 RDI: 0000000000000003 [ 84.623856][ T6535] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 84.625900][ T6535] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 84.627940][ T6535] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 84.630011][ T6535] [ 85.148911][ T6544] netlink: 'syz.1.272': attribute type 4 has an invalid length. [ 85.595391][ T39] kauditd_printk_skb: 19 callbacks suppressed [ 85.595408][ T39] audit: type=1400 audit(1729578553.537:412): avc: denied { create } for pid=6552 comm="syz.2.275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1 [ 85.603293][ T39] audit: type=1400 audit(1729578553.547:413): avc: denied { listen } for pid=6555 comm="syz.0.276" lport=44038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.630745][ T39] audit: type=1400 audit(1729578553.577:414): avc: denied { accept } for pid=6555 comm="syz.0.276" lport=44038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 85.641645][ T39] audit: type=1400 audit(1729578553.587:415): avc: denied { setopt } for pid=6555 comm="syz.0.276" lport=44038 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1 [ 85.864626][ T6566] FAULT_INJECTION: forcing a failure. [ 85.864626][ T6566] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 85.868960][ T6566] CPU: 2 UID: 0 PID: 6566 Comm: syz.1.278 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 85.871713][ T6566] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.874504][ T6566] Call Trace: [ 85.875426][ T6566] [ 85.876224][ T6566] dump_stack_lvl+0x16c/0x1f0 [ 85.877495][ T6566] should_fail_ex+0x497/0x5b0 [ 85.878738][ T6566] _copy_from_user+0x30/0xf0 [ 85.879961][ T6566] sctp_setsockopt+0x204a/0xb810 [ 85.881270][ T6566] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 85.883018][ T6566] ? __pfx_sctp_setsockopt+0x10/0x10 [ 85.884402][ T6566] ? find_held_lock+0x2d/0x110 [ 85.885699][ T6566] ? selinux_socket_setsockopt+0x6a/0x80 [ 85.887191][ T6566] ? sock_common_setsockopt+0x2e/0xf0 [ 85.888607][ T6566] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 85.890189][ T6566] do_sock_setsockopt+0x222/0x480 [ 85.891522][ T6566] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 85.892992][ T6566] ? fdget+0x176/0x210 [ 85.894079][ T6566] __sys_setsockopt+0x1a4/0x270 [ 85.895374][ T6566] ? __pfx___sys_setsockopt+0x10/0x10 [ 85.896781][ T6566] ? fput+0x30/0x390 [ 85.897829][ T6566] ? ksys_write+0x1ad/0x260 [ 85.899041][ T6566] ? __pfx_ksys_write+0x10/0x10 [ 85.900347][ T6566] __x64_sys_setsockopt+0xbd/0x160 [ 85.901703][ T6566] ? do_syscall_64+0x91/0x250 [ 85.902948][ T6566] ? lockdep_hardirqs_on+0x7c/0x110 [ 85.904318][ T6566] do_syscall_64+0xcd/0x250 [ 85.905530][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.907102][ T6566] RIP: 0033:0x7f300977dff9 [ 85.908288][ T6566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.913267][ T6566] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 85.915431][ T6566] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 85.917583][ T6566] RDX: 000000000000007c RSI: 0000000000000084 RDI: 0000000000000004 [ 85.919647][ T6566] RBP: 00007f300a4b3090 R08: 0000000000000008 R09: 0000000000000000 [ 85.921739][ T6566] R10: 0000000020000200 R11: 0000000000000246 R12: 0000000000000001 [ 85.923802][ T6566] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 85.925894][ T6566] [ 85.950792][ T6568] FAULT_INJECTION: forcing a failure. [ 85.950792][ T6568] name failslab, interval 1, probability 0, space 0, times 0 [ 85.954071][ T6568] CPU: 2 UID: 0 PID: 6568 Comm: syz.1.279 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 85.956822][ T6568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 85.959594][ T6568] Call Trace: [ 85.960482][ T6568] [ 85.961286][ T6568] dump_stack_lvl+0x16c/0x1f0 [ 85.962533][ T6568] should_fail_ex+0x497/0x5b0 [ 85.963766][ T6568] ? fs_reclaim_acquire+0xae/0x150 [ 85.965137][ T6568] should_failslab+0xc2/0x120 [ 85.966408][ T6568] __kmalloc_noprof+0xcb/0x400 [ 85.967673][ T6568] tomoyo_encode2+0x100/0x3e0 [ 85.968931][ T6568] tomoyo_encode+0x29/0x50 [ 85.970132][ T6568] tomoyo_realpath_from_path+0x19d/0x720 [ 85.971602][ T6568] ? tomoyo_path_number_perm+0x232/0x590 [ 85.973102][ T6568] tomoyo_path_number_perm+0x245/0x590 [ 85.974534][ T6568] ? tomoyo_path_number_perm+0x232/0x590 [ 85.976009][ T6568] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 85.977609][ T6568] ? trace_lock_acquire+0x14a/0x1d0 [ 85.978979][ T6568] ? lock_acquire+0x2f/0xb0 [ 85.980184][ T6568] ? __fget_files+0x40/0x3f0 [ 85.981430][ T6568] ? __fget_files+0x244/0x3f0 [ 85.982684][ T6568] security_file_ioctl+0x9b/0x240 [ 85.984019][ T6568] __x64_sys_ioctl+0xbb/0x220 [ 85.985279][ T6568] do_syscall_64+0xcd/0x250 [ 85.986488][ T6568] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 85.988050][ T6568] RIP: 0033:0x7f300977dff9 [ 85.989338][ T6568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 85.994306][ T6568] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 85.996473][ T6568] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 85.998528][ T6568] RDX: 0000000020000000 RSI: 0000000000008b15 RDI: 0000000000000003 [ 86.000582][ T6568] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 86.002628][ T6568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 86.004653][ T6568] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 86.006695][ T6568] [ 86.008518][ T6568] ERROR: Out of memory at tomoyo_realpath_from_path. [ 86.010671][ T39] audit: type=1400 audit(1729578553.957:416): avc: denied { ioctl } for pid=6567 comm="syz.1.279" path="socket:[20154]" dev="sockfs" ino=20154 ioctlcmd=0x8b15 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 86.045632][ T39] audit: type=1400 audit(1729578553.987:417): avc: denied { setopt } for pid=6569 comm="syz.1.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1 [ 86.318444][ T1103] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 87.109901][ T6587] tipc: Failed to remove unknown binding: 66,1,1/0:4276306419/4276306421 [ 87.138343][ T39] audit: type=1400 audit(1729578555.077:418): avc: denied { bind } for pid=6588 comm="syz.1.286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.143270][ T39] audit: type=1400 audit(1729578555.087:419): avc: denied { name_bind } for pid=6588 comm="syz.1.286" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1 [ 87.149572][ T39] audit: type=1400 audit(1729578555.087:420): avc: denied { node_bind } for pid=6588 comm="syz.1.286" src=512 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1 [ 87.159781][ T39] audit: type=1400 audit(1729578555.097:421): avc: denied { read } for pid=6588 comm="syz.1.286" path="socket:[18707]" dev="sockfs" ino=18707 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 87.177180][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 87.186162][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 87.189229][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 87.191807][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 87.194055][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 87.196064][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 87.289371][ T6597] FAULT_INJECTION: forcing a failure. [ 87.289371][ T6597] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 87.298458][ T6597] CPU: 2 UID: 0 PID: 6597 Comm: syz.2.284 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 87.301268][ T6597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.304045][ T6597] Call Trace: [ 87.304946][ T6597] [ 87.305735][ T6597] dump_stack_lvl+0x16c/0x1f0 [ 87.307004][ T6597] should_fail_ex+0x497/0x5b0 [ 87.308252][ T6597] _copy_from_user+0x30/0xf0 [ 87.309602][ T6597] get_user_ifreq+0xf1/0x250 [ 87.310907][ T6597] sock_do_ioctl+0x16c/0x280 [ 87.312156][ T6597] ? __pfx_sock_do_ioctl+0x10/0x10 [ 87.313516][ T6597] ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460 [ 87.315216][ T6597] ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460 [ 87.317080][ T6597] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 87.318914][ T6597] sock_ioctl+0x228/0x6c0 [ 87.320072][ T6597] ? __pfx_sock_ioctl+0x10/0x10 [ 87.321494][ T6597] ? selinux_file_ioctl+0x180/0x270 [ 87.322867][ T6597] ? selinux_file_ioctl+0xb4/0x270 [ 87.324236][ T6597] ? __pfx_sock_ioctl+0x10/0x10 [ 87.325539][ T6597] __x64_sys_ioctl+0x18f/0x220 [ 87.326808][ T6597] do_syscall_64+0xcd/0x250 [ 87.328025][ T6597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.329635][ T6597] RIP: 0033:0x7f0ec657dff9 [ 87.330821][ T6597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.335906][ T6597] RSP: 002b:00007f0ec729a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 87.338187][ T6597] RAX: ffffffffffffffda RBX: 00007f0ec6736058 RCX: 00007f0ec657dff9 [ 87.340288][ T6597] RDX: 0000000020000280 RSI: 0000000000008914 RDI: 000000000000000a [ 87.342442][ T6597] RBP: 00007f0ec729a090 R08: 0000000000000000 R09: 0000000000000000 [ 87.344630][ T6597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.346723][ T6597] R13: 0000000000000000 R14: 00007f0ec6736058 R15: 00007ffdfeaa68f8 [ 87.348851][ T6597] [ 87.374170][ T6591] chnl_net:caif_netlink_parms(): no params data found [ 87.460224][ T6609] FAULT_INJECTION: forcing a failure. [ 87.460224][ T6609] name failslab, interval 1, probability 0, space 0, times 0 [ 87.463511][ T6609] CPU: 0 UID: 0 PID: 6609 Comm: syz.1.288 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 87.466295][ T6609] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 87.469215][ T6609] Call Trace: [ 87.470098][ T6609] [ 87.470880][ T6609] dump_stack_lvl+0x16c/0x1f0 [ 87.472115][ T6609] should_fail_ex+0x497/0x5b0 [ 87.473364][ T6609] ? fs_reclaim_acquire+0xae/0x150 [ 87.474702][ T6609] should_failslab+0xc2/0x120 [ 87.475940][ T6609] kmem_cache_alloc_node_noprof+0x71/0x310 [ 87.477466][ T6609] ? __alloc_skb+0x2b1/0x380 [ 87.478741][ T6609] __alloc_skb+0x2b1/0x380 [ 87.479912][ T6609] ? __pfx___alloc_skb+0x10/0x10 [ 87.481202][ T6609] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 87.482759][ T6609] netlink_alloc_large_skb+0x69/0x130 [ 87.484157][ T6609] netlink_sendmsg+0x689/0xd70 [ 87.485399][ T6609] ? __pfx_netlink_sendmsg+0x10/0x10 [ 87.486782][ T6609] ? __import_iovec+0x1fd/0x6e0 [ 87.488057][ T6609] ____sys_sendmsg+0xaaf/0xc90 [ 87.489357][ T6609] ? copy_msghdr_from_user+0x10b/0x160 [ 87.490778][ T6609] ? __pfx_____sys_sendmsg+0x10/0x10 [ 87.492158][ T6609] ? __pfx___lock_acquire+0x10/0x10 [ 87.493516][ T6609] ___sys_sendmsg+0x135/0x1e0 [ 87.494754][ T6609] ? __pfx____sys_sendmsg+0x10/0x10 [ 87.496118][ T6609] ? lock_acquire+0x2f/0xb0 [ 87.497318][ T6609] ? __fget_files+0x40/0x3f0 [ 87.498532][ T6609] ? fdget+0x176/0x210 [ 87.499606][ T6609] __sys_sendmsg+0x117/0x1f0 [ 87.500830][ T6609] ? __pfx___sys_sendmsg+0x10/0x10 [ 87.502189][ T6609] ? __fget_files+0x244/0x3f0 [ 87.503466][ T6609] do_syscall_64+0xcd/0x250 [ 87.504682][ T6609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 87.506247][ T6609] RIP: 0033:0x7f300977dff9 [ 87.507388][ T6609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 87.512329][ T6609] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 87.514472][ T6609] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 87.516522][ T6609] RDX: 0000000000008000 RSI: 00000000200004c0 RDI: 0000000000000003 [ 87.518554][ T6609] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 87.520596][ T6609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 87.522665][ T6609] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 87.524825][ T6609] [ 87.553674][ T6591] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.555652][ T6591] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.557876][ T6591] bridge_slave_0: entered allmulticast mode [ 87.559956][ T6591] bridge_slave_0: entered promiscuous mode [ 87.563742][ T6591] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.565632][ T6591] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.565649][ T6611] af_packet: packet_mmap: vma is busy: 1 [ 87.567906][ T6591] bridge_slave_1: entered allmulticast mode [ 87.571389][ T6591] bridge_slave_1: entered promiscuous mode [ 87.602747][ T6591] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.606462][ T6591] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.627807][ T6591] team0: Port device team_slave_0 added [ 87.630714][ T6591] team0: Port device team_slave_1 added [ 87.649386][ T6591] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.651241][ T6591] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.658554][ T6591] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.663136][ T6591] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.665101][ T6591] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.671799][ T6591] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.695822][ T6591] hsr_slave_0: entered promiscuous mode [ 87.698600][ T6591] hsr_slave_1: entered promiscuous mode [ 87.700446][ T6591] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.702528][ T6591] Cannot create hsr debugfs directory [ 87.942080][ T6623] tipc: Failed to remove unknown binding: 66,1,1/0:1950035875/1950035877 [ 87.969632][ T6621] kvm: requested 7542 ns i8254 timer period limited to 200000 ns [ 87.971621][ T6626] tipc: Failed to remove unknown binding: 66,1,1/0:1483933241/1483933243 [ 88.025318][ T6632] FAULT_INJECTION: forcing a failure. [ 88.025318][ T6632] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 88.028788][ T6632] CPU: 2 UID: 0 PID: 6632 Comm: syz.0.296 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 88.031485][ T6632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.034249][ T6632] Call Trace: [ 88.035162][ T6632] [ 88.035934][ T6632] dump_stack_lvl+0x16c/0x1f0 [ 88.037470][ T6632] should_fail_ex+0x497/0x5b0 [ 88.039085][ T6632] _copy_to_user+0x30/0xc0 [ 88.040628][ T6632] simple_read_from_buffer+0xd0/0x160 [ 88.042460][ T6632] proc_fail_nth_read+0x198/0x270 [ 88.044112][ T6632] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.046008][ T6632] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 88.047791][ T6632] vfs_read+0x1ce/0xbd0 [ 88.049191][ T6632] ? __fget_files+0x23a/0x3f0 [ 88.050744][ T6632] ? fdget_pos+0x24c/0x360 [ 88.052224][ T6632] ? __pfx_lock_release+0x10/0x10 [ 88.053854][ T6632] ? trace_lock_acquire+0x14a/0x1d0 [ 88.055570][ T6632] ? __pfx_vfs_read+0x10/0x10 [ 88.057203][ T6632] ? __pfx___mutex_lock+0x10/0x10 [ 88.058938][ T6632] ? __fget_files+0x244/0x3f0 [ 88.060577][ T6632] ksys_read+0x12f/0x260 [ 88.062058][ T6632] ? __pfx_ksys_read+0x10/0x10 [ 88.063710][ T6632] do_syscall_64+0xcd/0x250 [ 88.065298][ T6632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 88.067182][ T6632] RIP: 0033:0x7f9437d7ca3c [ 88.068395][ T6632] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 88.073490][ T6632] RSP: 002b:00007f9438c65030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 88.075692][ T6632] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7ca3c [ 88.077799][ T6632] RDX: 000000000000000f RSI: 00007f9438c650a0 RDI: 0000000000000007 [ 88.079874][ T6632] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 88.081967][ T6632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 88.084003][ T6632] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 88.086142][ T6632] [ 88.135889][ T1103] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.272497][ T1103] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.576493][ T1103] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 88.682331][ T1103] bridge_slave_1: left allmulticast mode [ 88.683893][ T1103] bridge_slave_1: left promiscuous mode [ 88.685433][ T1103] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.689144][ T1103] bridge_slave_0: left allmulticast mode [ 88.690654][ T1103] bridge_slave_0: left promiscuous mode [ 88.692170][ T1103] bridge0: port 1(bridge_slave_0) entered disabled state [ 88.952671][ T1103] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 88.958209][ T1103] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 88.962167][ T1103] bond0 (unregistering): Released all slaves [ 89.039577][ T6654] FAULT_INJECTION: forcing a failure. [ 89.039577][ T6654] name failslab, interval 1, probability 0, space 0, times 0 [ 89.043219][ T6654] CPU: 0 UID: 0 PID: 6654 Comm: syz.1.302 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 89.046381][ T6654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.049205][ T6654] Call Trace: [ 89.050093][ T6654] [ 89.050882][ T6654] dump_stack_lvl+0x16c/0x1f0 [ 89.052152][ T6654] should_fail_ex+0x497/0x5b0 [ 89.053427][ T6654] ? fs_reclaim_acquire+0xae/0x150 [ 89.055205][ T6654] should_failslab+0xc2/0x120 [ 89.056845][ T6654] __kmalloc_node_noprof+0xd1/0x430 [ 89.058665][ T6654] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 89.060564][ T6654] __kvmalloc_node_noprof+0xad/0x1a0 [ 89.062401][ T6654] vmemdup_user+0x25/0x100 [ 89.063996][ T6654] __sys_bpf+0x4568/0x49a0 [ 89.065564][ T6654] ? ksys_write+0x21e/0x260 [ 89.067159][ T6654] ? __pfx___sys_bpf+0x10/0x10 [ 89.068834][ T6654] ? vfs_write+0x14d/0x1140 [ 89.070442][ T6654] ? __mutex_unlock_slowpath+0x164/0x650 [ 89.072403][ T6654] ? fput+0x30/0x390 [ 89.073783][ T6654] ? ksys_write+0x1ad/0x260 [ 89.075366][ T6654] ? __pfx_ksys_write+0x10/0x10 [ 89.077078][ T6654] __x64_sys_bpf+0x78/0xc0 [ 89.078630][ T6654] ? lockdep_hardirqs_on+0x7c/0x110 [ 89.080436][ T6654] do_syscall_64+0xcd/0x250 [ 89.082027][ T6654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 89.084119][ T6654] RIP: 0033:0x7f300977dff9 [ 89.085681][ T6654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 89.091464][ T6654] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 89.093630][ T6654] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 89.095677][ T6654] RDX: 0000000000000020 RSI: 0000000020002180 RDI: 0000000000000001 [ 89.097741][ T6654] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 89.099816][ T6654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 89.101877][ T6654] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 89.103923][ T6654] [ 89.265348][ T6673] netlink: 8 bytes leftover after parsing attributes in process `syz.2.301'. [ 89.286713][ T5355] Bluetooth: hci1: command tx timeout [ 89.515475][ T1103] hsr_slave_0: left promiscuous mode [ 89.521538][ T1103] hsr_slave_1: left promiscuous mode [ 89.524729][ T1103] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 89.527404][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 89.530017][ T1103] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 89.531973][ T1103] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 89.561291][ T1103] veth1_macvtap: left promiscuous mode [ 89.562803][ T1103] veth0_macvtap: left promiscuous mode [ 89.570108][ T1103] veth1_vlan: left promiscuous mode [ 89.571531][ T1103] veth0_vlan: left promiscuous mode [ 89.965084][ T6701] FAULT_INJECTION: forcing a failure. [ 89.965084][ T6701] name failslab, interval 1, probability 0, space 0, times 0 [ 89.968715][ T6701] CPU: 2 UID: 0 PID: 6701 Comm: syz.2.308 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 89.971491][ T6701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.974283][ T6701] Call Trace: [ 89.975181][ T6701] [ 89.975969][ T6701] dump_stack_lvl+0x16c/0x1f0 [ 89.977239][ T6701] should_fail_ex+0x497/0x5b0 [ 89.978464][ T6701] ? fs_reclaim_acquire+0xae/0x150 [ 89.979819][ T6701] should_failslab+0xc2/0x120 [ 89.981079][ T6701] kmem_cache_alloc_node_noprof+0x71/0x310 [ 89.982626][ T6701] ? __alloc_skb+0x2b1/0x380 [ 89.983858][ T6701] __alloc_skb+0x2b1/0x380 [ 89.985055][ T6701] ? __pfx___alloc_skb+0x10/0x10 [ 89.986364][ T6701] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 89.988013][ T6701] netlink_alloc_large_skb+0x69/0x130 [ 89.989624][ T6701] netlink_sendmsg+0x689/0xd70 [ 89.990907][ T6701] ? __pfx_netlink_sendmsg+0x10/0x10 [ 89.992299][ T6701] ? __import_iovec+0x1fd/0x6e0 [ 89.993613][ T6701] ____sys_sendmsg+0xaaf/0xc90 [ 89.994873][ T6701] ? copy_msghdr_from_user+0x10b/0x160 [ 89.996316][ T6701] ? __pfx_____sys_sendmsg+0x10/0x10 [ 89.997738][ T6701] ? __pfx___lock_acquire+0x10/0x10 [ 89.999127][ T6701] ___sys_sendmsg+0x135/0x1e0 [ 90.000374][ T6701] ? __pfx____sys_sendmsg+0x10/0x10 [ 90.001770][ T6701] ? lock_acquire+0x2f/0xb0 [ 90.002979][ T6701] ? __fget_files+0x40/0x3f0 [ 90.004233][ T6701] ? fdget+0x176/0x210 [ 90.005326][ T6701] __sys_sendmsg+0x117/0x1f0 [ 90.006547][ T6701] ? __pfx___sys_sendmsg+0x10/0x10 [ 90.007900][ T6701] ? __fget_files+0x244/0x3f0 [ 90.009181][ T6701] do_syscall_64+0xcd/0x250 [ 90.010391][ T6701] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 90.012040][ T6701] RIP: 0033:0x7f0ec657dff9 [ 90.013234][ T6701] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 90.018268][ T6701] RSP: 002b:00007f0ec72bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 90.020452][ T6701] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657dff9 [ 90.022533][ T6701] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 90.024604][ T6701] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 90.026752][ T6701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 90.028847][ T6701] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 90.030935][ T6701] [ 90.290376][ T1103] team0 (unregistering): Port device team_slave_1 removed [ 90.362869][ T1103] team0 (unregistering): Port device team_slave_0 removed [ 90.927977][ T6591] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.936091][ T6591] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.950243][ T6591] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.962869][ T6591] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.966059][ T6716] tipc: Failed to remove unknown binding: 66,1,1/0:597947676/597947678 [ 91.010016][ T6717] FAULT_INJECTION: forcing a failure. [ 91.010016][ T6717] name failslab, interval 1, probability 0, space 0, times 0 [ 91.013324][ T6717] CPU: 1 UID: 0 PID: 6717 Comm: syz.2.311 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 91.016055][ T6717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.018840][ T6717] Call Trace: [ 91.019716][ T6717] [ 91.020493][ T6717] dump_stack_lvl+0x16c/0x1f0 [ 91.021882][ T6717] should_fail_ex+0x497/0x5b0 [ 91.022948][ T6591] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.023129][ T6717] ? fs_reclaim_acquire+0xae/0x150 [ 91.026831][ T6717] should_failslab+0xc2/0x120 [ 91.028094][ T6717] __kmalloc_noprof+0xcb/0x400 [ 91.029419][ T6717] tomoyo_encode2+0x100/0x3e0 [ 91.030676][ T6717] tomoyo_encode+0x29/0x50 [ 91.031869][ T6717] tomoyo_realpath_from_path+0x19d/0x720 [ 91.032587][ T6591] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.033357][ T6717] ? tomoyo_path_number_perm+0x232/0x590 [ 91.036968][ T6717] tomoyo_path_number_perm+0x245/0x590 [ 91.038410][ T6717] ? tomoyo_path_number_perm+0x232/0x590 [ 91.039889][ T6717] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 91.041482][ T6717] ? trace_lock_acquire+0x14a/0x1d0 [ 91.042944][ T6717] ? lock_acquire+0x2f/0xb0 [ 91.044176][ T6717] ? __fget_files+0x40/0x3f0 [ 91.045448][ T6717] ? __fget_files+0x244/0x3f0 [ 91.046712][ T6717] security_file_ioctl+0x9b/0x240 [ 91.048053][ T6717] __x64_sys_ioctl+0xbb/0x220 [ 91.049331][ T6717] do_syscall_64+0xcd/0x250 [ 91.050547][ T6717] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.052101][ T6717] RIP: 0033:0x7f0ec657dff9 [ 91.053289][ T6717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.058279][ T6717] RSP: 002b:00007f0ec729a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 91.060476][ T6717] RAX: ffffffffffffffda RBX: 00007f0ec6736058 RCX: 00007f0ec657dff9 [ 91.062686][ T6717] RDX: 0000000020005280 RSI: 0000000080047453 RDI: 0000000000000009 [ 91.064745][ T6717] RBP: 00007f0ec729a090 R08: 0000000000000000 R09: 0000000000000000 [ 91.066827][ T6717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.068914][ T6717] R13: 0000000000000000 R14: 00007f0ec6736058 R15: 00007ffdfeaa68f8 [ 91.070983][ T6717] [ 91.073580][ T6717] ERROR: Out of memory at tomoyo_realpath_from_path. [ 91.091148][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.093077][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.102111][ T1110] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.104124][ T1110] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.221757][ T6591] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.240472][ T6591] veth0_vlan: entered promiscuous mode [ 91.244349][ T6591] veth1_vlan: entered promiscuous mode [ 91.260169][ T6591] veth0_macvtap: entered promiscuous mode [ 91.263112][ T6591] veth1_macvtap: entered promiscuous mode [ 91.268783][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.271499][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.274042][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.277157][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.279661][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 91.282357][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.285828][ T6591] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.289762][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.292576][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.295199][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.298976][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.301535][ T6591] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 91.304269][ T6591] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 91.307604][ T6591] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.316703][ T6591] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.319032][ T6591] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.321313][ T6591] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.323647][ T6591] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.367100][ T1103] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.367392][ T5355] Bluetooth: hci1: command 0x041b tx timeout [ 91.369485][ T1103] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.383171][ T1103] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.384096][ T6728] tipc: Failed to remove unknown binding: 66,1,1/0:3958445641/3958445643 [ 91.385452][ T1103] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.387544][ T6728] FAULT_INJECTION: forcing a failure. [ 91.387544][ T6728] name failslab, interval 1, probability 0, space 0, times 0 [ 91.387578][ T6728] CPU: 2 UID: 0 PID: 6728 Comm: syz.1.315 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 91.395616][ T6728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.398423][ T6728] Call Trace: [ 91.399309][ T6728] [ 91.400101][ T6728] dump_stack_lvl+0x16c/0x1f0 [ 91.401527][ T6728] should_fail_ex+0x497/0x5b0 [ 91.403208][ T6728] should_failslab+0xc2/0x120 [ 91.404931][ T6728] __kmalloc_cache_noprof+0x6b/0x300 [ 91.406407][ T6728] ? tipc_topsrv_queue_evt+0x124/0x400 [ 91.407827][ T6728] tipc_topsrv_queue_evt+0x124/0x400 [ 91.409234][ T6728] tipc_sub_report_overlap+0x555/0x9c0 [ 91.410657][ T6728] tipc_nametbl_remove_publ+0x40b/0x1600 [ 91.412443][ T6728] ? tipc_nametbl_withdraw+0xcf/0x390 [ 91.414027][ T6728] tipc_nametbl_withdraw+0xe0/0x390 [ 91.415377][ T6728] ? find_held_lock+0x2d/0x110 [ 91.416694][ T6728] tipc_sk_withdraw+0x46c/0x660 [ 91.418016][ T6728] ? __pfx_tipc_sk_withdraw+0x10/0x10 [ 91.419422][ T6728] ? __local_bh_enable_ip+0xa4/0x120 [ 91.420740][ T6728] tipc_sk_bind+0x2ff/0x380 [ 91.422220][ T6728] tipc_bind+0x190/0x2a0 [ 91.423352][ T6728] __sys_bind+0x1eb/0x220 [ 91.424420][ T6728] ? __pfx___sys_bind+0x10/0x10 [ 91.425704][ T6728] ? __fget_files+0x244/0x3f0 [ 91.427386][ T6728] ? __pfx_ksys_write+0x10/0x10 [ 91.429199][ T6728] __x64_sys_bind+0x72/0xb0 [ 91.430879][ T6728] ? lockdep_hardirqs_on+0x7c/0x110 [ 91.432770][ T6728] do_syscall_64+0xcd/0x250 [ 91.434454][ T6728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.436579][ T6728] RIP: 0033:0x7f300977dff9 [ 91.438222][ T6728] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 91.444464][ T6728] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 91.447029][ T6728] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 91.449015][ T6728] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 91.451019][ T6728] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 91.453089][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.455696][ T6728] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 91.457906][ T6728] [ 91.510705][ T6730] netlink: 16 bytes leftover after parsing attributes in process `syz.1.316'. [ 91.575402][ T39] kauditd_printk_skb: 10 callbacks suppressed [ 91.575414][ T39] audit: type=1400 audit(1729578559.517:432): avc: denied { read } for pid=6729 comm="syz.1.316" name="mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 91.584550][ T39] audit: type=1400 audit(1729578559.517:433): avc: denied { open } for pid=6729 comm="syz.1.316" path="/dev/input/mice" dev="devtmpfs" ino=860 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1 [ 91.613751][ T6730] xt_CT: No such helper "syz1" [ 91.671764][ T39] audit: type=1400 audit(1729578559.617:434): avc: denied { getopt } for pid=6734 comm="syz.1.317" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1 [ 91.788206][ T6737] 9pnet_virtio: no channels available for device syz [ 91.791197][ T6737] FAULT_INJECTION: forcing a failure. [ 91.791197][ T6737] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 91.794617][ T6737] CPU: 2 UID: 0 PID: 6737 Comm: syz.2.318 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 91.797624][ T6737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.800926][ T6737] Call Trace: [ 91.802110][ T6737] [ 91.802943][ T6737] dump_stack_lvl+0x16c/0x1f0 [ 91.804668][ T6737] should_fail_ex+0x497/0x5b0 [ 91.806252][ T6737] _copy_to_user+0x30/0xc0 [ 91.807427][ T6737] simple_read_from_buffer+0xd0/0x160 [ 91.808846][ T6737] proc_fail_nth_read+0x198/0x270 [ 91.810173][ T6737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.811915][ T6737] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 91.813868][ T6737] vfs_read+0x1ce/0xbd0 [ 91.815128][ T6737] ? __fget_files+0x23a/0x3f0 [ 91.816352][ T6737] ? fdget_pos+0x24c/0x360 [ 91.817528][ T6737] ? __pfx_lock_release+0x10/0x10 [ 91.818836][ T6737] ? trace_lock_acquire+0x14a/0x1d0 [ 91.820271][ T6737] ? __pfx_vfs_read+0x10/0x10 [ 91.821527][ T6737] ? __pfx___mutex_lock+0x10/0x10 [ 91.822827][ T6737] ? __fget_files+0x244/0x3f0 [ 91.824051][ T6737] ksys_read+0x12f/0x260 [ 91.825228][ T6737] ? __pfx_ksys_read+0x10/0x10 [ 91.826469][ T6737] do_syscall_64+0xcd/0x250 [ 91.827917][ T6737] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 91.829819][ T6737] RIP: 0033:0x7f0ec657ca3c [ 91.830973][ T6737] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 91.836868][ T6737] RSP: 002b:00007f0ec72bb030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 91.839005][ T6737] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657ca3c [ 91.841089][ T6737] RDX: 000000000000000f RSI: 00007f0ec72bb0a0 RDI: 0000000000000005 [ 91.843455][ T6737] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 91.845590][ T6737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 91.847648][ T6737] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 91.850379][ T6737] [ 91.997008][ T35] IPVS: starting estimator thread 0... [ 92.043167][ T6751] FAULT_INJECTION: forcing a failure. [ 92.043167][ T6751] name failslab, interval 1, probability 0, space 0, times 0 [ 92.046995][ T6751] CPU: 0 UID: 0 PID: 6751 Comm: syz.0.323 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 92.049811][ T6751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.052553][ T6751] Call Trace: [ 92.053426][ T6751] [ 92.054196][ T6751] dump_stack_lvl+0x16c/0x1f0 [ 92.055473][ T6751] should_fail_ex+0x497/0x5b0 [ 92.056729][ T6751] ? fs_reclaim_acquire+0xae/0x150 [ 92.058081][ T6751] should_failslab+0xc2/0x120 [ 92.059389][ T6751] kmem_cache_alloc_node_noprof+0x71/0x310 [ 92.060916][ T6751] ? __alloc_skb+0x2b1/0x380 [ 92.062136][ T6751] __alloc_skb+0x2b1/0x380 [ 92.063329][ T6751] ? __pfx___alloc_skb+0x10/0x10 [ 92.064643][ T6751] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 92.066255][ T6751] netlink_alloc_large_skb+0x69/0x130 [ 92.067669][ T6751] netlink_sendmsg+0x689/0xd70 [ 92.069002][ T6751] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.070389][ T6751] ? __import_iovec+0x1fd/0x6e0 [ 92.071686][ T6751] ____sys_sendmsg+0xaaf/0xc90 [ 92.072976][ T6751] ? copy_msghdr_from_user+0x10b/0x160 [ 92.074380][ T6751] ? __pfx_____sys_sendmsg+0x10/0x10 [ 92.076095][ T6751] ? __pfx___lock_acquire+0x10/0x10 [ 92.077582][ T6751] ___sys_sendmsg+0x135/0x1e0 [ 92.078810][ T6751] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.080192][ T6751] ? lock_acquire+0x2f/0xb0 [ 92.081404][ T6751] ? __fget_files+0x40/0x3f0 [ 92.082627][ T6751] ? fdget+0x176/0x210 [ 92.083686][ T6751] __sys_sendmmsg+0x1a1/0x450 [ 92.084937][ T6751] ? __pfx___sys_sendmmsg+0x10/0x10 [ 92.086301][ T6751] ? vfs_write+0x14d/0x1140 [ 92.087506][ T6751] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 92.089082][ T6751] ? fput+0x30/0x390 [ 92.090111][ T6751] ? ksys_write+0x1ad/0x260 [ 92.091287][ T6751] ? __pfx_ksys_write+0x10/0x10 [ 92.092573][ T6751] __x64_sys_sendmmsg+0x9c/0x100 [ 92.093875][ T6751] ? lockdep_hardirqs_on+0x7c/0x110 [ 92.095443][ T6751] do_syscall_64+0xcd/0x250 [ 92.096698][ T6751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.098433][ T6751] RIP: 0033:0x7f9437d7dff9 [ 92.099804][ T6751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.104777][ T6751] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 92.106996][ T6751] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 92.109022][ T6751] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004 [ 92.111034][ T6751] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 92.113068][ T6751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.115313][ T6751] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 92.117403][ T6751] [ 92.120304][ T6743] IPVS: using max 33 ests per chain, 79200 per kthread [ 92.149240][ T39] audit: type=1400 audit(1729578560.097:435): avc: denied { bind } for pid=6753 comm="syz.0.325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 92.237412][ T6759] FAULT_INJECTION: forcing a failure. [ 92.237412][ T6759] name failslab, interval 1, probability 0, space 0, times 0 [ 92.240764][ T6759] CPU: 1 UID: 0 PID: 6759 Comm: syz.0.326 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 92.241158][ T6763] netlink: 36 bytes leftover after parsing attributes in process `syz.1.322'. [ 92.243532][ T6759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.243548][ T6759] Call Trace: [ 92.243553][ T6759] [ 92.243558][ T6759] dump_stack_lvl+0x16c/0x1f0 [ 92.252060][ T6759] should_fail_ex+0x497/0x5b0 [ 92.253315][ T6759] ? fs_reclaim_acquire+0xae/0x150 [ 92.254673][ T6759] should_failslab+0xc2/0x120 [ 92.255955][ T6759] kmem_cache_alloc_node_noprof+0x71/0x310 [ 92.257634][ T6759] ? __alloc_skb+0x2b1/0x380 [ 92.258865][ T6759] __alloc_skb+0x2b1/0x380 [ 92.260047][ T6759] ? __pfx___alloc_skb+0x10/0x10 [ 92.261364][ T6759] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 92.262964][ T6759] netlink_alloc_large_skb+0x69/0x130 [ 92.264414][ T6759] netlink_sendmsg+0x689/0xd70 [ 92.265693][ T6759] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.267088][ T6759] ? __pfx_netlink_sendmsg+0x10/0x10 [ 92.268485][ T6759] ____sys_sendmsg+0xaaf/0xc90 [ 92.269821][ T6759] ? copy_msghdr_from_user+0x10b/0x160 [ 92.270348][ T39] audit: type=1400 audit(1729578560.217:436): avc: denied { write } for pid=4819 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 92.271320][ T6759] ? __pfx_____sys_sendmsg+0x10/0x10 [ 92.277747][ T39] audit: type=1400 audit(1729578560.217:437): avc: denied { remove_name } for pid=4819 comm="syslogd" name="messages" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 92.278394][ T6759] ? __pfx___lock_acquire+0x10/0x10 [ 92.284163][ T39] audit: type=1400 audit(1729578560.217:438): avc: denied { add_name } for pid=4819 comm="syslogd" name="messages.0" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1 [ 92.285534][ T6759] ___sys_sendmsg+0x135/0x1e0 [ 92.292524][ T6759] ? __pfx____sys_sendmsg+0x10/0x10 [ 92.293918][ T6759] ? lock_acquire+0x2f/0xb0 [ 92.295133][ T6759] ? __fget_files+0x40/0x3f0 [ 92.296344][ T6759] ? fdget+0x176/0x210 [ 92.297402][ T6759] __sys_sendmsg+0x117/0x1f0 [ 92.298594][ T6759] ? __pfx___sys_sendmsg+0x10/0x10 [ 92.300000][ T6759] ? __fget_files+0x244/0x3f0 [ 92.301265][ T6759] do_syscall_64+0xcd/0x250 [ 92.302461][ T6759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.304016][ T6759] RIP: 0033:0x7f9437d7dff9 [ 92.305181][ T6759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 92.310168][ T6759] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 92.312335][ T6759] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 92.314377][ T6759] RDX: 0000000000000000 RSI: 0000000020001980 RDI: 0000000000000004 [ 92.316416][ T6759] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 92.318465][ T6759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 92.320563][ T6759] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 92.322628][ T6759] [ 92.375097][ T6767] netlink: 8 bytes leftover after parsing attributes in process `syz.2.328'. [ 92.384388][ T6767] netlink: 36 bytes leftover after parsing attributes in process `syz.2.328'. [ 92.614910][ T6781] FAULT_INJECTION: forcing a failure. [ 92.614910][ T6781] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 92.620201][ T6781] CPU: 1 UID: 0 PID: 6781 Comm: syz.2.333 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 92.622963][ T6781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.625745][ T6781] Call Trace: [ 92.626664][ T6781] [ 92.627460][ T6781] dump_stack_lvl+0x16c/0x1f0 [ 92.628724][ T6781] should_fail_ex+0x497/0x5b0 [ 92.629984][ T6781] _copy_from_iter+0x2a1/0x1540 [ 92.631268][ T6781] ? __pfx__copy_from_iter+0x10/0x10 [ 92.632657][ T6781] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 92.634300][ T6781] ? tun_build_skb.constprop.0+0x1b8/0x1120 [ 92.635861][ T6781] ? __pfx_lock_release+0x10/0x10 [ 92.637196][ T6781] ? trace_lock_acquire+0x14a/0x1d0 [ 92.638570][ T6781] ? __pfx_lock_release+0x10/0x10 [ 92.639897][ T6781] copy_page_from_iter+0xa5/0x120 [ 92.641274][ T6781] tun_build_skb.constprop.0+0x294/0x1120 [ 92.642845][ T6781] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 92.644462][ T6781] ? __pfx___lock_acquire+0x10/0x10 [ 92.645842][ T6781] ? __pfx_mark_lock+0x10/0x10 [ 92.647140][ T6781] ? __pfx_mark_lock+0x10/0x10 [ 92.648433][ T6781] ? __lock_acquire+0xbdd/0x3ce0 [ 92.649768][ T6781] tun_get_user+0x872/0x3d80 [ 92.650997][ T6781] ? find_held_lock+0x2d/0x110 [ 92.652268][ T6781] ? __pfx_tun_get_user+0x10/0x10 [ 92.653612][ T6781] ? find_held_lock+0x2d/0x110 [ 92.654892][ T6781] ? __pfx_lock_release+0x10/0x10 [ 92.656261][ T6781] tun_chr_write_iter+0xdc/0x210 [ 92.657576][ T6781] vfs_write+0x6b5/0x1140 [ 92.658723][ T6781] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 92.660180][ T6781] ? trace_lock_acquire+0x14a/0x1d0 [ 92.661597][ T6781] ? __pfx_vfs_write+0x10/0x10 [ 92.662863][ T6781] ? __fget_files+0x40/0x3f0 [ 92.664084][ T6781] ksys_write+0x12f/0x260 [ 92.665232][ T6781] ? __pfx_ksys_write+0x10/0x10 [ 92.666516][ T6781] do_syscall_64+0xcd/0x250 [ 92.667714][ T6781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 92.669359][ T6781] RIP: 0033:0x7f0ec657cadf [ 92.670534][ T6781] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48 [ 92.675547][ T6781] RSP: 002b:00007f0ec72bb000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 92.677709][ T6781] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657cadf [ 92.679747][ T6781] RDX: 000000000000003a RSI: 0000000020000440 RDI: 00000000000000c8 [ 92.681828][ T6781] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 92.683853][ T6781] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001 [ 92.685852][ T6781] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 92.687899][ T6781] [ 92.986255][ T39] audit: type=1400 audit(1729578560.927:439): avc: denied { bind } for pid=6789 comm="syz.1.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1 [ 92.992776][ T39] audit: type=1400 audit(1729578560.937:440): avc: denied { name_bind } for pid=6789 comm="syz.1.336" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1 [ 92.998263][ T39] audit: type=1400 audit(1729578560.937:441): avc: denied { node_bind } for pid=6789 comm="syz.1.336" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1 [ 93.006574][ T1416] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 93.166766][ T1416] usb 7-1: Using ep0 maxpacket: 8 [ 93.170738][ T1416] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 93.173288][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 93.176247][ T1416] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 93.179322][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 93.182190][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 93.186021][ T1416] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 93.188205][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 93.191108][ T1416] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 93.194129][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 93.197297][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 93.201287][ T1416] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 93.203234][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 93.206234][ T1416] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 93.210095][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 93.212982][ T1416] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 93.218493][ T1416] usb 7-1: string descriptor 0 read error: -22 [ 93.220220][ T1416] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 93.222577][ T1416] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 93.236839][ T1416] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 93.434612][ T55] usb 7-1: USB disconnect, device number 6 [ 93.444578][ T6784] netlink: 'syz.2.334': attribute type 27 has an invalid length. [ 94.021490][ T6803] FAULT_INJECTION: forcing a failure. [ 94.021490][ T6803] name failslab, interval 1, probability 0, space 0, times 0 [ 94.024817][ T6803] CPU: 0 UID: 0 PID: 6803 Comm: syz.2.339 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 94.027548][ T6803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.030357][ T6803] Call Trace: [ 94.031247][ T6803] [ 94.032040][ T6803] dump_stack_lvl+0x16c/0x1f0 [ 94.033307][ T6803] should_fail_ex+0x497/0x5b0 [ 94.034555][ T6803] ? fs_reclaim_acquire+0xae/0x150 [ 94.035915][ T6803] should_failslab+0xc2/0x120 [ 94.037178][ T6803] __kmalloc_noprof+0xcb/0x400 [ 94.038448][ T6803] ? d_absolute_path+0x137/0x1b0 [ 94.039761][ T6803] tomoyo_encode2+0x100/0x3e0 [ 94.041009][ T6803] tomoyo_encode+0x29/0x50 [ 94.042190][ T6803] tomoyo_realpath_from_path+0x19d/0x720 [ 94.043664][ T6803] tomoyo_path_number_perm+0x245/0x590 [ 94.045110][ T6803] ? tomoyo_path_number_perm+0x232/0x590 [ 94.046588][ T6803] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 94.048176][ T6803] ? trace_lock_acquire+0x14a/0x1d0 [ 94.049572][ T6803] ? lock_acquire+0x2f/0xb0 [ 94.050769][ T6803] ? __fget_files+0x40/0x3f0 [ 94.051998][ T6803] ? __fget_files+0x244/0x3f0 [ 94.053254][ T6803] security_file_ioctl+0x9b/0x240 [ 94.054610][ T6803] __x64_sys_ioctl+0xbb/0x220 [ 94.055861][ T6803] do_syscall_64+0xcd/0x250 [ 94.057084][ T6803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.058643][ T6803] RIP: 0033:0x7f0ec657dff9 [ 94.059838][ T6803] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 94.064885][ T6803] RSP: 002b:00007f0ec729a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 94.067079][ T6803] RAX: ffffffffffffffda RBX: 00007f0ec6736058 RCX: 00007f0ec657dff9 [ 94.069164][ T6803] RDX: 0000000020000080 RSI: 0000000081785501 RDI: 000000000000000b [ 94.071244][ T6803] RBP: 00007f0ec729a090 R08: 0000000000000000 R09: 0000000000000000 [ 94.073323][ T6803] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.075394][ T6803] R13: 0000000000000000 R14: 00007f0ec6736058 R15: 00007ffdfeaa68f8 [ 94.077477][ T6803] [ 94.078653][ T6803] ERROR: Out of memory at tomoyo_realpath_from_path. [ 94.351301][ T6809] FAULT_INJECTION: forcing a failure. [ 94.351301][ T6809] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 94.354713][ T6809] CPU: 2 UID: 0 PID: 6809 Comm: syz.0.341 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 94.357518][ T6809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 94.360388][ T6809] Call Trace: [ 94.361285][ T6809] [ 94.362071][ T6809] dump_stack_lvl+0x16c/0x1f0 [ 94.363320][ T6809] should_fail_ex+0x497/0x5b0 [ 94.364566][ T6809] _copy_to_user+0x30/0xc0 [ 94.365754][ T6809] simple_read_from_buffer+0xd0/0x160 [ 94.367170][ T6809] proc_fail_nth_read+0x198/0x270 [ 94.368851][ T6809] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 94.370421][ T6809] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 94.371873][ T6809] vfs_read+0x1ce/0xbd0 [ 94.372985][ T6809] ? __fget_files+0x23a/0x3f0 [ 94.374227][ T6809] ? fdget_pos+0x24c/0x360 [ 94.375450][ T6809] ? __pfx_lock_release+0x10/0x10 [ 94.376770][ T6809] ? trace_lock_acquire+0x14a/0x1d0 [ 94.378188][ T6809] ? __pfx_vfs_read+0x10/0x10 [ 94.379428][ T6809] ? __pfx___mutex_lock+0x10/0x10 [ 94.380757][ T6809] ? __fget_files+0x244/0x3f0 [ 94.382013][ T6809] ksys_read+0x12f/0x260 [ 94.383137][ T6809] ? __pfx_ksys_read+0x10/0x10 [ 94.384409][ T6809] do_syscall_64+0xcd/0x250 [ 94.385636][ T6809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.387198][ T6809] RIP: 0033:0x7f9437d7ca3c [ 94.388669][ T6809] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 94.393763][ T6809] RSP: 002b:00007f9438c44030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 94.395947][ T6809] RAX: ffffffffffffffda RBX: 00007f9437f36058 RCX: 00007f9437d7ca3c [ 94.398041][ T6809] RDX: 000000000000000f RSI: 00007f9438c440a0 RDI: 000000000000000b [ 94.400092][ T6809] RBP: 00007f9438c44090 R08: 0000000000000000 R09: 0000000000000000 [ 94.402295][ T6809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 94.404355][ T6809] R13: 0000000000000000 R14: 00007f9437f36058 R15: 00007ffc318c26c8 [ 94.406420][ T6809] [ 94.451870][ T1124] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 95.343189][ T6819] FAULT_INJECTION: forcing a failure. [ 95.343189][ T6819] name failslab, interval 1, probability 0, space 0, times 0 [ 95.347667][ T6819] CPU: 3 UID: 0 PID: 6819 Comm: syz.0.345 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 95.351314][ T6819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.354593][ T6819] Call Trace: [ 95.355507][ T6819] [ 95.356352][ T6819] dump_stack_lvl+0x16c/0x1f0 [ 95.357607][ T6819] should_fail_ex+0x497/0x5b0 [ 95.358753][ T6819] ? fs_reclaim_acquire+0xae/0x150 [ 95.360087][ T6819] should_failslab+0xc2/0x120 [ 95.361332][ T6819] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 95.362738][ T6819] ? security_inode_alloc+0x3b/0x2b0 [ 95.364129][ T6819] security_inode_alloc+0x3b/0x2b0 [ 95.365477][ T6819] inode_init_always_gfp+0xc5f/0xfb0 [ 95.366860][ T6819] alloc_inode+0x82/0x230 [ 95.368052][ T6819] sock_alloc+0x40/0x280 [ 95.369212][ T6819] do_accept+0x144/0x530 [ 95.370331][ T6819] ? __pfx_do_accept+0x10/0x10 [ 95.371605][ T6819] __sys_accept4+0x102/0x1c0 [ 95.372827][ T6819] ? __pfx___sys_accept4+0x10/0x10 [ 95.374172][ T6819] ? __pfx_ksys_write+0x10/0x10 [ 95.375500][ T6819] __x64_sys_accept4+0x96/0x100 [ 95.377008][ T6819] ? lockdep_hardirqs_on+0x7c/0x110 [ 95.378987][ T6819] do_syscall_64+0xcd/0x250 [ 95.380563][ T6819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.382135][ T6819] RIP: 0033:0x7f9437d7dff9 [ 95.383300][ T6819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.388464][ T6819] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 95.390752][ T6819] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 95.392834][ T6819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 95.395621][ T6819] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 95.398249][ T6819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 95.400317][ T6819] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 95.402339][ T6819] [ 95.409223][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 95.413222][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 95.415554][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 95.423886][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 95.427699][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 95.431194][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 95.495889][ T6829] FAULT_INJECTION: forcing a failure. [ 95.495889][ T6829] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 95.499788][ T6829] CPU: 1 UID: 0 PID: 6829 Comm: syz.0.347 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 95.502529][ T6829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 95.505295][ T6829] Call Trace: [ 95.506176][ T6829] [ 95.506956][ T6829] dump_stack_lvl+0x16c/0x1f0 [ 95.508196][ T6829] should_fail_ex+0x497/0x5b0 [ 95.509458][ T6829] _copy_from_user+0x30/0xf0 [ 95.510672][ T6829] sctp_setsockopt+0x204a/0xb810 [ 95.511965][ T6829] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 95.513157][ T6820] chnl_net:caif_netlink_parms(): no params data found [ 95.513661][ T6829] ? __pfx_sctp_setsockopt+0x10/0x10 [ 95.516919][ T6829] ? find_held_lock+0x2d/0x110 [ 95.518185][ T6829] ? selinux_socket_setsockopt+0x6a/0x80 [ 95.519639][ T6829] ? sock_common_setsockopt+0x2e/0xf0 [ 95.521026][ T6829] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 95.522584][ T6829] do_sock_setsockopt+0x222/0x480 [ 95.523898][ T6829] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 95.525366][ T6829] ? fdget+0x176/0x210 [ 95.526457][ T6829] __sys_setsockopt+0x1a4/0x270 [ 95.527757][ T6829] ? __pfx___sys_setsockopt+0x10/0x10 [ 95.529192][ T6829] ? fput+0x30/0x390 [ 95.530234][ T6829] ? ksys_write+0x1ad/0x260 [ 95.531441][ T6829] ? __pfx_ksys_write+0x10/0x10 [ 95.532734][ T6829] __x64_sys_setsockopt+0xbd/0x160 [ 95.534114][ T6829] ? do_syscall_64+0x91/0x250 [ 95.535367][ T6829] ? lockdep_hardirqs_on+0x7c/0x110 [ 95.536751][ T6829] do_syscall_64+0xcd/0x250 [ 95.537972][ T6829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 95.539531][ T6829] RIP: 0033:0x7f9437d7dff9 [ 95.540713][ T6829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 95.545713][ T6829] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 95.547888][ T6829] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 95.549960][ T6829] RDX: 000000000000007d RSI: 0000000000000084 RDI: 0000000000000004 [ 95.552013][ T6829] RBP: 00007f9438c65090 R08: 0000000000000008 R09: 0000000000000000 [ 95.554082][ T6829] R10: 00000000200003c0 R11: 0000000000000246 R12: 0000000000000001 [ 95.556139][ T6829] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 95.558214][ T6829] [ 95.618421][ T6820] bridge0: port 1(bridge_slave_0) entered blocking state [ 95.620980][ T6820] bridge0: port 1(bridge_slave_0) entered disabled state [ 95.623491][ T6820] bridge_slave_0: entered allmulticast mode [ 95.627316][ T6838] ======================================================= [ 95.627316][ T6838] WARNING: The mand mount option has been deprecated and [ 95.627316][ T6838] and is ignored by this kernel. Remove the mand [ 95.627316][ T6838] option from the mount to silence this warning. [ 95.627316][ T6838] ======================================================= [ 95.627726][ T6820] bridge_slave_0: entered promiscuous mode [ 95.647841][ T6820] bridge0: port 2(bridge_slave_1) entered blocking state [ 95.649865][ T6820] bridge0: port 2(bridge_slave_1) entered disabled state [ 95.651771][ T6820] bridge_slave_1: entered allmulticast mode [ 95.654091][ T6820] bridge_slave_1: entered promiscuous mode [ 95.678683][ T6820] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 95.682317][ T6820] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 95.708197][ T6820] team0: Port device team_slave_0 added [ 95.711192][ T6820] team0: Port device team_slave_1 added [ 95.745481][ T6820] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 95.747660][ T6820] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.754604][ T6820] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 95.763739][ T6820] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 95.765799][ T6820] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 95.773022][ T6820] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 95.831864][ T6820] hsr_slave_0: entered promiscuous mode [ 95.843685][ T6820] hsr_slave_1: entered promiscuous mode [ 95.845828][ T6820] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 95.849656][ T6820] Cannot create hsr debugfs directory [ 96.149711][ T1124] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.211594][ T1124] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.294541][ T1124] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 96.418798][ T1124] bridge_slave_1: left allmulticast mode [ 96.420401][ T1124] bridge_slave_1: left promiscuous mode [ 96.421957][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 96.429042][ T1124] bridge_slave_0: left allmulticast mode [ 96.430585][ T1124] bridge_slave_0: left promiscuous mode [ 96.432118][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 96.748432][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 96.762823][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 96.771703][ T1124] bond0 (unregistering): Released all slaves [ 96.773742][ T39] kauditd_printk_skb: 9 callbacks suppressed [ 96.773802][ T39] audit: type=1400 audit(1729578564.717:451): avc: denied { ioctl } for pid=6861 comm="syz.2.355" path="socket:[21941]" dev="sockfs" ino=21941 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 96.861937][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.864998][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.868821][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.871346][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.873849][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.876747][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.879335][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.882066][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.884542][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.887522][ C0] dccp_invalid_packet: P.type (REQUEST) not Data || [Data]Ack, while P.X == 0 [ 96.974028][ T6880] netlink: 8 bytes leftover after parsing attributes in process `syz.1.357'. [ 96.989552][ T6880] netlink: 8 bytes leftover after parsing attributes in process `syz.1.357'. [ 97.013088][ T6884] FAULT_INJECTION: forcing a failure. [ 97.013088][ T6884] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 97.016747][ T6884] CPU: 3 UID: 0 PID: 6884 Comm: syz.1.359 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 97.019480][ T6884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.022253][ T6884] Call Trace: [ 97.023143][ T6884] [ 97.023926][ T6884] dump_stack_lvl+0x16c/0x1f0 [ 97.025200][ T6884] should_fail_ex+0x497/0x5b0 [ 97.026486][ T6884] _copy_from_user+0x30/0xf0 [ 97.027716][ T6884] copy_msghdr_from_user+0x99/0x160 [ 97.029135][ T6884] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 97.030673][ T6884] ? __pfx___lock_acquire+0x10/0x10 [ 97.032052][ T6884] ___sys_sendmsg+0xff/0x1e0 [ 97.033305][ T6884] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.034682][ T6884] ? lock_acquire+0x2f/0xb0 [ 97.035885][ T6884] ? __fget_files+0x40/0x3f0 [ 97.037219][ T6884] ? fdget+0x176/0x210 [ 97.038296][ T6884] __sys_sendmsg+0x117/0x1f0 [ 97.039520][ T6884] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.040875][ T6884] ? __fget_files+0x244/0x3f0 [ 97.042124][ T6884] do_syscall_64+0xcd/0x250 [ 97.043312][ T6884] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.044852][ T6884] RIP: 0033:0x7f300977dff9 [ 97.046016][ T6884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.050898][ T6884] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.053068][ T6884] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 97.055123][ T6884] RDX: 0000000000008000 RSI: 0000000020000000 RDI: 0000000000000003 [ 97.057164][ T6884] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 97.059174][ T6884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.061202][ T6884] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 97.063215][ T6884] [ 97.064086][ C3] vkms_vblank_simulate: vblank timer overrun [ 97.197281][ T6900] FAULT_INJECTION: forcing a failure. [ 97.197281][ T6900] name failslab, interval 1, probability 0, space 0, times 0 [ 97.200895][ T6900] CPU: 3 UID: 0 PID: 6900 Comm: syz.1.362 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 97.203712][ T6900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.206485][ T6900] Call Trace: [ 97.207363][ T6900] [ 97.208152][ T6900] dump_stack_lvl+0x16c/0x1f0 [ 97.209433][ T6900] should_fail_ex+0x497/0x5b0 [ 97.210678][ T6900] ? fs_reclaim_acquire+0xae/0x150 [ 97.212025][ T6900] should_failslab+0xc2/0x120 [ 97.213284][ T6900] __kmalloc_node_track_caller_noprof+0xcf/0x430 [ 97.214928][ T6900] ? llcp_sock_bind+0x366/0x6d0 [ 97.216212][ T6900] kmemdup_noprof+0x29/0x60 [ 97.217432][ T6900] llcp_sock_bind+0x366/0x6d0 [ 97.218662][ T6900] ? __pfx_llcp_sock_bind+0x10/0x10 [ 97.220036][ T6900] __sys_bind+0x1eb/0x220 [ 97.221205][ T6900] ? __pfx___sys_bind+0x10/0x10 [ 97.222489][ T6900] ? __fget_files+0x244/0x3f0 [ 97.223735][ T6900] ? __pfx_ksys_write+0x10/0x10 [ 97.225048][ T6900] __x64_sys_bind+0x72/0xb0 [ 97.226242][ T6900] ? lockdep_hardirqs_on+0x7c/0x110 [ 97.227603][ T6900] do_syscall_64+0xcd/0x250 [ 97.228817][ T6900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.230426][ T6900] RIP: 0033:0x7f300977dff9 [ 97.231595][ T6900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.236594][ T6900] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 97.238778][ T6900] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 97.240816][ T6900] RDX: 0000000000000074 RSI: 0000000020000000 RDI: 0000000000000006 [ 97.242882][ T6900] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 97.244964][ T6900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.247014][ T6900] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 97.249112][ T6900] [ 97.250028][ C3] vkms_vblank_simulate: vblank timer overrun [ 97.318432][ T6907] FAULT_INJECTION: forcing a failure. [ 97.318432][ T6907] name failslab, interval 1, probability 0, space 0, times 0 [ 97.328502][ T6907] CPU: 3 UID: 0 PID: 6907 Comm: syz.1.365 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 97.331292][ T6907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.333609][ T6909] FAULT_INJECTION: forcing a failure. [ 97.333609][ T6909] name failslab, interval 1, probability 0, space 0, times 0 [ 97.334172][ T6907] Call Trace: [ 97.334179][ T6907] [ 97.339138][ T6907] dump_stack_lvl+0x16c/0x1f0 [ 97.340400][ T6907] should_fail_ex+0x497/0x5b0 [ 97.341847][ T6907] ? fs_reclaim_acquire+0xae/0x150 [ 97.343187][ T6907] should_failslab+0xc2/0x120 [ 97.344444][ T6907] kmem_cache_alloc_node_noprof+0x71/0x310 [ 97.346144][ T6907] ? __alloc_skb+0x2b1/0x380 [ 97.347389][ T6907] __alloc_skb+0x2b1/0x380 [ 97.348578][ T6907] ? __pfx___alloc_skb+0x10/0x10 [ 97.350010][ T6907] ? selinux_socket_getpeersec_dgram+0x1a5/0x370 [ 97.351676][ T6907] ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10 [ 97.353472][ T6907] netlink_alloc_large_skb+0x69/0x130 [ 97.354885][ T6907] netlink_sendmsg+0x689/0xd70 [ 97.356155][ T6907] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.357542][ T6907] ? __import_iovec+0x1fd/0x6e0 [ 97.358817][ T6907] ____sys_sendmsg+0xaaf/0xc90 [ 97.360078][ T6907] ? copy_msghdr_from_user+0x10b/0x160 [ 97.361490][ T6907] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.362944][ T6907] ? __pfx___lock_acquire+0x10/0x10 [ 97.364604][ T6907] ___sys_sendmsg+0x135/0x1e0 [ 97.366202][ T6907] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.368023][ T6907] ? lock_acquire+0x2f/0xb0 [ 97.369710][ T6907] ? __fget_files+0x40/0x3f0 [ 97.371419][ T6907] ? fdget+0x176/0x210 [ 97.372873][ T6907] __sys_sendmsg+0x117/0x1f0 [ 97.374425][ T6907] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.376134][ T6907] ? __fget_files+0x244/0x3f0 [ 97.377979][ T6907] do_syscall_64+0xcd/0x250 [ 97.379515][ T6907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.381495][ T6907] RIP: 0033:0x7f300977dff9 [ 97.382789][ T6907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.387765][ T6907] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.389958][ T6907] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 97.391995][ T6907] RDX: 0000000000000000 RSI: 00000000200009c0 RDI: 0000000000000004 [ 97.394061][ T6907] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 97.396115][ T6907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.398195][ T6907] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 97.400284][ T6907] [ 97.401123][ T6909] CPU: 1 UID: 0 PID: 6909 Comm: syz.2.366 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 97.401172][ C3] vkms_vblank_simulate: vblank timer overrun [ 97.404658][ T6909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.409513][ T6909] Call Trace: [ 97.410400][ T6909] [ 97.411183][ T6909] dump_stack_lvl+0x16c/0x1f0 [ 97.412470][ T6909] should_fail_ex+0x497/0x5b0 [ 97.413735][ T6909] ? fs_reclaim_acquire+0xae/0x150 [ 97.415155][ T6909] should_failslab+0xc2/0x120 [ 97.416401][ T6909] kmem_cache_alloc_node_noprof+0x71/0x310 [ 97.418095][ T6909] ? __alloc_skb+0x2b1/0x380 [ 97.419376][ T6909] __alloc_skb+0x2b1/0x380 [ 97.420558][ T6909] ? __pfx___alloc_skb+0x10/0x10 [ 97.421896][ T6909] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 97.423471][ T6909] netlink_alloc_large_skb+0x69/0x130 [ 97.424900][ T6909] netlink_sendmsg+0x689/0xd70 [ 97.426164][ T6909] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.427550][ T6909] ? __import_iovec+0x1fd/0x6e0 [ 97.428898][ T6909] ____sys_sendmsg+0xaaf/0xc90 [ 97.430160][ T6909] ? copy_msghdr_from_user+0x10b/0x160 [ 97.431582][ T6909] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.432990][ T6909] ? __pfx___lock_acquire+0x10/0x10 [ 97.434340][ T6909] ___sys_sendmsg+0x135/0x1e0 [ 97.435561][ T6909] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.436968][ T6909] ? lock_acquire+0x2f/0xb0 [ 97.438283][ T6909] ? __fget_files+0x40/0x3f0 [ 97.439495][ T6909] ? fdget+0x176/0x210 [ 97.440555][ T6909] __sys_sendmsg+0x117/0x1f0 [ 97.441797][ T6909] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.443137][ T6909] ? __fget_files+0x244/0x3f0 [ 97.444386][ T6909] do_syscall_64+0xcd/0x250 [ 97.445617][ T6909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.447171][ T6909] RIP: 0033:0x7f0ec657dff9 [ 97.448355][ T6909] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.453365][ T6909] RSP: 002b:00007f0ec72bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.455532][ T6909] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657dff9 [ 97.457628][ T6909] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000009 [ 97.459678][ T6909] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 97.461759][ T6909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.463816][ T6909] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 97.465896][ T6909] [ 97.473540][ T1124] hsr_slave_0: left promiscuous mode [ 97.476176][ T1124] hsr_slave_1: left promiscuous mode [ 97.478965][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 97.480963][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 97.483217][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 97.485270][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 97.516634][ T4781] Bluetooth: hci1: command tx timeout [ 97.519429][ T1124] veth1_macvtap: left promiscuous mode [ 97.520977][ T1124] veth0_macvtap: left promiscuous mode [ 97.522532][ T1124] veth1_vlan: left promiscuous mode [ 97.524374][ T1124] veth0_vlan: left promiscuous mode [ 97.526610][ T39] audit: type=1400 audit(1729578565.467:452): avc: denied { read } for pid=6922 comm="syz.2.370" name="autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 97.532565][ T39] audit: type=1400 audit(1729578565.467:453): avc: denied { open } for pid=6922 comm="syz.2.370" path="/dev/autofs" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 97.539697][ T39] audit: type=1400 audit(1729578565.467:454): avc: denied { ioctl } for pid=6922 comm="syz.2.370" path="/dev/autofs" dev="devtmpfs" ino=104 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1 [ 97.543267][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.369'. [ 97.549134][ T6928] FAULT_INJECTION: forcing a failure. [ 97.549134][ T6928] name failslab, interval 1, probability 0, space 0, times 0 [ 97.549152][ T6928] CPU: 2 UID: 0 PID: 6928 Comm: syz.2.371 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 97.549165][ T6928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 97.549172][ T6928] Call Trace: [ 97.549175][ T6928] [ 97.549180][ T6928] dump_stack_lvl+0x16c/0x1f0 [ 97.549199][ T6928] should_fail_ex+0x497/0x5b0 [ 97.549210][ T6928] ? fs_reclaim_acquire+0xae/0x150 [ 97.549222][ T6928] should_failslab+0xc2/0x120 [ 97.549235][ T6928] kmem_cache_alloc_node_noprof+0x71/0x310 [ 97.549248][ T6928] ? __alloc_skb+0x2b1/0x380 [ 97.549267][ T6928] __alloc_skb+0x2b1/0x380 [ 97.549282][ T6928] ? __pfx___alloc_skb+0x10/0x10 [ 97.549299][ T6928] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 97.573553][ T6928] netlink_alloc_large_skb+0x69/0x130 [ 97.575135][ T6928] netlink_sendmsg+0x689/0xd70 [ 97.576902][ T6928] ? __pfx_netlink_sendmsg+0x10/0x10 [ 97.578937][ T6928] ? __import_iovec+0x1fd/0x6e0 [ 97.580224][ T6928] ____sys_sendmsg+0xaaf/0xc90 [ 97.581702][ T6928] ? copy_msghdr_from_user+0x10b/0x160 [ 97.583545][ T6928] ? __pfx_____sys_sendmsg+0x10/0x10 [ 97.584974][ T6928] ? __pfx___lock_acquire+0x10/0x10 [ 97.586339][ T6928] ___sys_sendmsg+0x135/0x1e0 [ 97.587590][ T6928] ? __pfx____sys_sendmsg+0x10/0x10 [ 97.588999][ T6928] ? lock_acquire+0x2f/0xb0 [ 97.590198][ T6928] ? __fget_files+0x40/0x3f0 [ 97.591422][ T6928] ? fdget+0x176/0x210 [ 97.592500][ T6928] __sys_sendmsg+0x117/0x1f0 [ 97.593726][ T6928] ? __pfx___sys_sendmsg+0x10/0x10 [ 97.595370][ T6928] ? __fget_files+0x244/0x3f0 [ 97.596756][ T6928] do_syscall_64+0xcd/0x250 [ 97.597961][ T6928] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.599506][ T6928] RIP: 0033:0x7f0ec657dff9 [ 97.600683][ T6928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 97.605672][ T6928] RSP: 002b:00007f0ec72bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 97.608636][ T6928] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657dff9 [ 97.610883][ T6928] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003 [ 97.612976][ T6928] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 97.615084][ T6928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 97.617693][ T6928] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 97.620569][ T6928] [ 98.171866][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 98.245448][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 98.794831][ T39] audit: type=1400 audit(1729578566.737:455): avc: denied { setopt } for pid=6933 comm="syz.1.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1 [ 98.813574][ T6820] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 98.823886][ T6820] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 98.847518][ T6820] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 98.861921][ T6820] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 98.876052][ T6947] FAULT_INJECTION: forcing a failure. [ 98.876052][ T6947] name failslab, interval 1, probability 0, space 0, times 0 [ 98.881216][ T6947] CPU: 2 UID: 0 PID: 6947 Comm: syz.2.377 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 98.883992][ T6947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 98.886928][ T6947] Call Trace: [ 98.887807][ T6947] [ 98.888592][ T6947] dump_stack_lvl+0x16c/0x1f0 [ 98.890029][ T6947] should_fail_ex+0x497/0x5b0 [ 98.891278][ T6947] ? fs_reclaim_acquire+0xae/0x150 [ 98.892627][ T6947] should_failslab+0xc2/0x120 [ 98.893888][ T6947] kmem_cache_alloc_node_noprof+0x71/0x310 [ 98.895422][ T6947] ? __alloc_skb+0x2b1/0x380 [ 98.896864][ T6947] __alloc_skb+0x2b1/0x380 [ 98.898049][ T6947] ? __pfx___alloc_skb+0x10/0x10 [ 98.899349][ T6947] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 98.901041][ T6947] netlink_alloc_large_skb+0x69/0x130 [ 98.902464][ T6947] netlink_sendmsg+0x689/0xd70 [ 98.903722][ T6947] ? __pfx_netlink_sendmsg+0x10/0x10 [ 98.905238][ T6947] ? __import_iovec+0x1fd/0x6e0 [ 98.905473][ T6820] 8021q: adding VLAN 0 to HW filter on device bond0 [ 98.906548][ T6947] ____sys_sendmsg+0xaaf/0xc90 [ 98.906567][ T6947] ? copy_msghdr_from_user+0x10b/0x160 [ 98.906578][ T6947] ? __pfx_____sys_sendmsg+0x10/0x10 [ 98.906594][ T6947] ? __pfx___lock_acquire+0x10/0x10 [ 98.906607][ T6947] ___sys_sendmsg+0x135/0x1e0 [ 98.906619][ T6947] ? __pfx____sys_sendmsg+0x10/0x10 [ 98.906635][ T6947] ? lock_acquire+0x2f/0xb0 [ 98.906644][ T6947] ? __fget_files+0x40/0x3f0 [ 98.906664][ T6947] ? fdget+0x176/0x210 [ 98.906684][ T6947] __sys_sendmsg+0x117/0x1f0 [ 98.906695][ T6947] ? __pfx___sys_sendmsg+0x10/0x10 [ 98.906705][ T6947] ? __fget_files+0x244/0x3f0 [ 98.906727][ T6947] do_syscall_64+0xcd/0x250 [ 98.906744][ T6947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 98.906759][ T6947] RIP: 0033:0x7f0ec657dff9 [ 98.906770][ T6947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 98.906780][ T6947] RSP: 002b:00007f0ec72bb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 98.906793][ T6947] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657dff9 [ 98.906800][ T6947] RDX: 0000000004000010 RSI: 0000000020000140 RDI: 0000000000000003 [ 98.906807][ T6947] RBP: 00007f0ec72bb090 R08: 0000000000000000 R09: 0000000000000000 [ 98.906814][ T6947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 98.906820][ T6947] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 98.906833][ T6947] [ 98.995437][ T39] audit: type=1400 audit(1729578566.937:456): avc: denied { map } for pid=6932 comm="syz.0.373" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 98.998764][ T6820] 8021q: adding VLAN 0 to HW filter on device team0 [ 99.024258][ T6955] binder: BINDER_SET_CONTEXT_MGR already set [ 99.028602][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 99.030599][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 99.035423][ T6955] binder: 6932:6955 ioctl 4018620d 20000040 returned -16 [ 99.038876][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 99.041191][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 99.073433][ T6958] netlink: 8 bytes leftover after parsing attributes in process `syz.2.378'. [ 99.397897][ T6820] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 99.430738][ T6820] veth0_vlan: entered promiscuous mode [ 99.443924][ T6820] veth1_vlan: entered promiscuous mode [ 99.470458][ T6820] veth0_macvtap: entered promiscuous mode [ 99.488221][ T6820] veth1_macvtap: entered promiscuous mode [ 99.513321][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.516274][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.520316][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.523340][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.526906][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 99.529858][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.534323][ T6820] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 99.537610][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.540513][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.543177][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.546603][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.549311][ T6820] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 99.552393][ T6820] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 99.557150][ T6820] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 99.581190][ T6820] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.583736][ T6820] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.586081][ T6820] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.588673][ T6820] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 99.596593][ T4781] Bluetooth: hci1: command tx timeout [ 99.665382][ T6955] syz.0.373 (6955): drop_caches: 2 [ 99.740363][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.742484][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.750728][ T6980] FAULT_INJECTION: forcing a failure. [ 99.750728][ T6980] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 99.754198][ T6980] CPU: 0 UID: 0 PID: 6980 Comm: syz.1.381 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 99.756956][ T6980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 99.759393][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 99.759754][ T6980] Call Trace: [ 99.761819][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 99.762701][ T6980] [ 99.765425][ T6980] dump_stack_lvl+0x16c/0x1f0 [ 99.766710][ T6980] should_fail_ex+0x497/0x5b0 [ 99.768112][ T6980] strncpy_from_user+0x3b/0x2a0 [ 99.769426][ T6980] getname_flags.part.0+0x8f/0x550 [ 99.770795][ T6980] getname_flags+0x93/0xf0 [ 99.771990][ T6980] user_path_at+0x24/0x60 [ 99.773164][ T6980] __x64_sys_umount+0x10b/0x1a0 [ 99.774816][ T6980] ? __pfx___x64_sys_umount+0x10/0x10 [ 99.777014][ T6980] do_syscall_64+0xcd/0x250 [ 99.778289][ T6980] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 99.779900][ T6980] RIP: 0033:0x7f300977dff9 [ 99.781092][ T6980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 99.786080][ T6980] RSP: 002b:00007f300a4b3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 99.788279][ T6980] RAX: ffffffffffffffda RBX: 00007f3009935f80 RCX: 00007f300977dff9 [ 99.790443][ T6980] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200002c0 [ 99.792535][ T6980] RBP: 00007f300a4b3090 R08: 0000000000000000 R09: 0000000000000000 [ 99.794718][ T6980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 99.796777][ T6980] R13: 0000000000000000 R14: 00007f3009935f80 R15: 00007ffcf6d67f68 [ 99.799331][ T6980] [ 99.858044][ T39] audit: type=1400 audit(1729578567.807:457): avc: denied { map } for pid=6984 comm="syz.0.384" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 99.894954][ T39] audit: type=1400 audit(1729578567.837:458): avc: denied { ioctl } for pid=6987 comm="syz.1.385" path="socket:[23038]" dev="sockfs" ino=23038 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 99.908252][ T39] audit: type=1400 audit(1729578567.847:459): avc: denied { setattr } for pid=6984 comm="syz.0.384" name="ptmx" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1 [ 99.924899][ T39] audit: type=1400 audit(1729578567.867:460): avc: denied { watch_mount watch_reads } for pid=6984 comm="syz.0.384" path="/134" dev="tmpfs" ino=784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1 [ 100.262179][ T6995] FAULT_INJECTION: forcing a failure. [ 100.262179][ T6995] name failslab, interval 1, probability 0, space 0, times 0 [ 100.265570][ T6995] CPU: 0 UID: 0 PID: 6995 Comm: syz.0.386 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 100.268545][ T6995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.271316][ T6995] Call Trace: [ 100.272194][ T6995] [ 100.272983][ T6995] dump_stack_lvl+0x16c/0x1f0 [ 100.274221][ T6995] should_fail_ex+0x497/0x5b0 [ 100.275457][ T6995] ? fs_reclaim_acquire+0xae/0x150 [ 100.276826][ T6995] should_failslab+0xc2/0x120 [ 100.278307][ T6995] __kmalloc_cache_noprof+0x6b/0x300 [ 100.279985][ T6995] ? resv_map_alloc+0x7e/0x400 [ 100.281273][ T6995] ? kasan_save_track+0x14/0x30 [ 100.282579][ T6995] resv_map_alloc+0x7e/0x400 [ 100.283804][ T6995] hugetlbfs_get_inode+0x2bd/0x530 [ 100.285310][ T6995] hugetlb_file_setup+0x15b/0x620 [ 100.286645][ T6995] ksys_mmap_pgoff+0x189/0x5c0 [ 100.287984][ T6995] __x64_sys_mmap+0x125/0x190 [ 100.289260][ T6995] do_syscall_64+0xcd/0x250 [ 100.290479][ T6995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.292035][ T6995] RIP: 0033:0x7f9437d7dff9 [ 100.293216][ T6995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.298428][ T6995] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 100.300824][ T6995] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 100.302892][ T6995] RDX: 0000000001000002 RSI: 0000000000ff5000 RDI: 0000000020000000 [ 100.304984][ T6995] RBP: 00007f9438c65090 R08: ffffffffffffffff R09: 0000000000000000 [ 100.307040][ T6995] R10: 000200000005c831 R11: 0000000000000246 R12: 0000000000000001 [ 100.309139][ T6995] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 100.311211][ T6995] [ 100.670383][ T6998] usb usb9: usbfs: process 6998 (syz.0.387) did not claim interface 32 before use [ 100.934725][ T7005] FAULT_INJECTION: forcing a failure. [ 100.934725][ T7005] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 100.938339][ T7005] CPU: 2 UID: 0 PID: 7005 Comm: syz.2.390 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 100.941106][ T7005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 100.943892][ T7005] Call Trace: [ 100.944819][ T7005] [ 100.945612][ T7005] dump_stack_lvl+0x16c/0x1f0 [ 100.946948][ T7005] should_fail_ex+0x497/0x5b0 [ 100.948216][ T7005] _copy_from_user+0x30/0xf0 [ 100.949486][ T7005] sctp_setsockopt+0x204a/0xb810 [ 100.950819][ T7005] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 100.952661][ T7005] ? __pfx_sctp_setsockopt+0x10/0x10 [ 100.954115][ T7005] ? find_held_lock+0x2d/0x110 [ 100.955412][ T7005] ? selinux_socket_setsockopt+0x6a/0x80 [ 100.956928][ T7005] ? sock_common_setsockopt+0x2e/0xf0 [ 100.958369][ T7005] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 100.960018][ T7005] do_sock_setsockopt+0x222/0x480 [ 100.961539][ T7005] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 100.963038][ T7005] ? fdget+0x176/0x210 [ 100.964153][ T7005] __sys_setsockopt+0x1a4/0x270 [ 100.965489][ T7005] ? __pfx___sys_setsockopt+0x10/0x10 [ 100.966932][ T7005] ? fput+0x30/0x390 [ 100.967992][ T7005] ? ksys_write+0x1ad/0x260 [ 100.969292][ T7005] ? __pfx_ksys_write+0x10/0x10 [ 100.970615][ T7005] __x64_sys_setsockopt+0xbd/0x160 [ 100.971999][ T7005] ? do_syscall_64+0x91/0x250 [ 100.973280][ T7005] ? lockdep_hardirqs_on+0x7c/0x110 [ 100.974712][ T7005] do_syscall_64+0xcd/0x250 [ 100.975958][ T7005] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.977575][ T7005] RIP: 0033:0x7f0ec657dff9 [ 100.978777][ T7005] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 100.983883][ T7005] RSP: 002b:00007f0ec72bb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 100.986215][ T7005] RAX: ffffffffffffffda RBX: 00007f0ec6735f80 RCX: 00007f0ec657dff9 [ 100.988316][ T7005] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003 [ 100.990464][ T7005] RBP: 00007f0ec72bb090 R08: 000000000000009c R09: 0000000000000000 [ 100.992667][ T7005] R10: 0000000020000a00 R11: 0000000000000246 R12: 0000000000000001 [ 100.994809][ T7005] R13: 0000000000000000 R14: 00007f0ec6735f80 R15: 00007ffdfeaa68f8 [ 100.996925][ T7005] [ 101.161216][ T7018] netlink: 56 bytes leftover after parsing attributes in process `syz.1.394'. [ 101.406270][ T1124] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.508995][ T5355] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.510795][ T1124] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.513317][ T5355] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.517315][ T5355] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.520413][ T5355] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.523148][ T5355] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 101.525169][ T5355] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.581888][ T1124] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.670561][ T1124] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 101.686434][ T7029] netlink: 8 bytes leftover after parsing attributes in process `syz.0.399'. [ 101.698438][ T7022] chnl_net:caif_netlink_parms(): no params data found [ 101.769539][ T7022] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.771559][ T7022] bridge0: port 1(bridge_slave_0) entered disabled state [ 101.773701][ T7022] bridge_slave_0: entered allmulticast mode [ 101.776160][ T7022] bridge_slave_0: entered promiscuous mode [ 101.781259][ T7022] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.783414][ T7022] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.785736][ T7022] bridge_slave_1: entered allmulticast mode [ 101.789967][ T7022] bridge_slave_1: entered promiscuous mode [ 101.822089][ T7022] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 101.835348][ T7022] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 101.908432][ T7022] team0: Port device team_slave_0 added [ 101.916080][ T7022] team0: Port device team_slave_1 added [ 101.956704][ T7038] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.961290][ T1124] bridge_slave_1: left allmulticast mode [ 101.963397][ T1124] bridge_slave_1: left promiscuous mode [ 101.965124][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 101.967388][ T39] kauditd_printk_skb: 2 callbacks suppressed [ 101.967401][ T39] audit: type=1400 audit(1729578569.917:463): avc: denied { getopt } for pid=7037 comm="syz.0.401" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1 [ 101.976673][ T1124] bridge_slave_0: left allmulticast mode [ 101.978156][ T1124] bridge_slave_0: left promiscuous mode [ 101.979806][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.004917][ T7042] fuse: Unknown parameter 'r' [ 102.355233][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 102.360631][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 102.365617][ T1124] bond0 (unregistering): Released all slaves [ 102.404626][ T7022] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 102.408774][ T7022] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.415141][ T7022] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 102.423416][ T7022] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 102.426217][ T7022] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 102.433332][ T7022] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 102.468475][ T7022] hsr_slave_0: entered promiscuous mode [ 102.470872][ T7022] hsr_slave_1: entered promiscuous mode [ 102.472615][ T7022] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 102.474536][ T7022] Cannot create hsr debugfs directory [ 102.699160][ T1124] hsr_slave_0: left promiscuous mode [ 102.701196][ T1124] hsr_slave_1: left promiscuous mode [ 102.703814][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 102.705819][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 102.708519][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 102.710508][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 102.726964][ T1124] veth1_macvtap: left promiscuous mode [ 102.728468][ T1124] veth0_macvtap: left promiscuous mode [ 102.731303][ T1124] veth1_vlan: left promiscuous mode [ 102.732688][ T1124] veth0_vlan: left promiscuous mode [ 103.250230][ T7061] netlink: 'syz.1.404': attribute type 72 has an invalid length. [ 103.252568][ T7061] netlink: 8 bytes leftover after parsing attributes in process `syz.1.404'. [ 103.367033][ T5355] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 103.375806][ T5355] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 103.383314][ T5355] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 103.385963][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 103.387556][ T5355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 103.390868][ T5355] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 103.392939][ T5355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 103.472699][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 103.596323][ T5355] Bluetooth: hci1: command tx timeout [ 104.308089][ T7076] FAULT_INJECTION: forcing a failure. [ 104.308089][ T7076] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 104.313211][ T7076] CPU: 1 UID: 0 PID: 7076 Comm: syz.0.407 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 104.316169][ T7076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 104.319158][ T7076] Call Trace: [ 104.320241][ T7076] [ 104.321288][ T7076] dump_stack_lvl+0x16c/0x1f0 [ 104.322630][ T7076] should_fail_ex+0x497/0x5b0 [ 104.323954][ T7076] _copy_from_user+0x30/0xf0 [ 104.325446][ T7076] sctp_setsockopt+0x204a/0xb810 [ 104.326839][ T7076] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10 [ 104.328803][ T7076] ? __pfx_sctp_setsockopt+0x10/0x10 [ 104.330553][ T7076] ? find_held_lock+0x2d/0x110 [ 104.332327][ T7076] ? selinux_socket_setsockopt+0x6a/0x80 [ 104.334363][ T7076] ? sock_common_setsockopt+0x2e/0xf0 [ 104.336216][ T7076] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 104.338185][ T7076] do_sock_setsockopt+0x222/0x480 [ 104.339848][ T7076] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 104.341688][ T7076] ? fdget+0x176/0x210 [ 104.343122][ T7076] __sys_setsockopt+0x1a4/0x270 [ 104.344979][ T7076] ? __pfx___sys_setsockopt+0x10/0x10 [ 104.347070][ T7076] ? fput+0x30/0x390 [ 104.348674][ T7076] ? ksys_write+0x1ad/0x260 [ 104.350636][ T7076] ? __pfx_ksys_write+0x10/0x10 [ 104.352351][ T7076] __x64_sys_setsockopt+0xbd/0x160 [ 104.354157][ T7076] ? do_syscall_64+0x91/0x250 [ 104.355718][ T7076] ? lockdep_hardirqs_on+0x7c/0x110 [ 104.357407][ T7076] do_syscall_64+0xcd/0x250 [ 104.358920][ T7076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.360830][ T7076] RIP: 0033:0x7f9437d7dff9 [ 104.362021][ T7062] chnl_net:caif_netlink_parms(): no params data found [ 104.362277][ T7076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.362298][ T7076] RSP: 002b:00007f9438c44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 104.371974][ T7076] RAX: ffffffffffffffda RBX: 00007f9437f36058 RCX: 00007f9437d7dff9 [ 104.374246][ T7076] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000003 [ 104.376548][ T7076] RBP: 00007f9438c44090 R08: 0000000000000008 R09: 0000000000000000 [ 104.378869][ T7076] R10: 0000000020000280 R11: 0000000000000246 R12: 0000000000000001 [ 104.381385][ T7076] R13: 0000000000000000 R14: 00007f9437f36058 R15: 00007ffc318c26c8 [ 104.383599][ T7076] [ 104.499415][ T7062] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.501464][ T7062] bridge0: port 1(bridge_slave_0) entered disabled state [ 104.503418][ T7062] bridge_slave_0: entered allmulticast mode [ 104.505566][ T7062] bridge_slave_0: entered promiscuous mode [ 104.509580][ T7062] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.511490][ T7062] bridge0: port 2(bridge_slave_1) entered disabled state [ 104.513510][ T7062] bridge_slave_1: entered allmulticast mode [ 104.516867][ T7062] bridge_slave_1: entered promiscuous mode [ 104.544297][ T7062] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 104.557987][ T7062] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 104.602804][ T7022] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 104.612268][ T7062] team0: Port device team_slave_0 added [ 104.615445][ T7022] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 104.618944][ T7022] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 104.622521][ T7062] team0: Port device team_slave_1 added [ 104.639544][ T7022] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 104.653483][ T7062] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 104.655343][ T7062] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.660745][ T1124] IPVS: stop unused estimator thread 0... [ 104.670556][ T7062] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.675634][ T7062] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.678007][ T7062] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.688259][ T7062] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.737687][ T7062] hsr_slave_0: entered promiscuous mode [ 104.740830][ T7062] hsr_slave_1: entered promiscuous mode [ 104.822563][ T1124] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.881416][ T7022] 8021q: adding VLAN 0 to HW filter on device bond0 [ 104.909704][ T7022] 8021q: adding VLAN 0 to HW filter on device team0 [ 104.932141][ T1124] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 104.948208][ T1110] bridge0: port 1(bridge_slave_0) entered blocking state [ 104.950389][ T1110] bridge0: port 1(bridge_slave_0) entered forwarding state [ 104.958391][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 104.961281][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.005384][ T7022] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 105.009306][ T7022] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 105.029265][ T1124] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.097697][ T1124] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 105.115847][ T7095] FAULT_INJECTION: forcing a failure. [ 105.115847][ T7095] name failslab, interval 1, probability 0, space 0, times 0 [ 105.119414][ T7095] CPU: 2 UID: 0 PID: 7095 Comm: syz.0.408 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 105.122184][ T7095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.125834][ T7095] Call Trace: [ 105.127094][ T7095] [ 105.128207][ T7095] dump_stack_lvl+0x16c/0x1f0 [ 105.130012][ T7095] should_fail_ex+0x497/0x5b0 [ 105.131767][ T7095] ? fs_reclaim_acquire+0xae/0x150 [ 105.133657][ T7095] should_failslab+0xc2/0x120 [ 105.135422][ T7095] kmem_cache_alloc_node_noprof+0x71/0x310 [ 105.137593][ T7095] ? __alloc_skb+0x2b1/0x380 [ 105.139324][ T7095] __alloc_skb+0x2b1/0x380 [ 105.141008][ T7095] ? __pfx___alloc_skb+0x10/0x10 [ 105.142805][ T7095] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 105.144615][ T7095] netlink_alloc_large_skb+0x69/0x130 [ 105.146805][ T7095] netlink_sendmsg+0x689/0xd70 [ 105.148668][ T7095] ? __pfx_netlink_sendmsg+0x10/0x10 [ 105.149196][ T7022] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 105.150559][ T7095] ? __import_iovec+0x1fd/0x6e0 [ 105.154129][ T7095] ____sys_sendmsg+0xaaf/0xc90 [ 105.155924][ T7095] ? copy_msghdr_from_user+0x10b/0x160 [ 105.157947][ T7095] ? __pfx_____sys_sendmsg+0x10/0x10 [ 105.159921][ T7095] ? __pfx___lock_acquire+0x10/0x10 [ 105.161859][ T7095] ___sys_sendmsg+0x135/0x1e0 [ 105.163482][ T7095] ? __pfx____sys_sendmsg+0x10/0x10 [ 105.164829][ T7095] ? lock_acquire+0x2f/0xb0 [ 105.165975][ T7095] ? __fget_files+0x40/0x3f0 [ 105.167620][ T7095] ? fdget+0x176/0x210 [ 105.169195][ T7095] __sys_sendmsg+0x117/0x1f0 [ 105.170957][ T7095] ? __pfx___sys_sendmsg+0x10/0x10 [ 105.172875][ T7095] ? __fget_files+0x244/0x3f0 [ 105.174639][ T7095] do_syscall_64+0xcd/0x250 [ 105.176342][ T7095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.178457][ T7095] RIP: 0033:0x7f9437d7dff9 [ 105.180074][ T7095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.185876][ T7095] RSP: 002b:00007f9438c65038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 105.186218][ T7022] veth0_vlan: entered promiscuous mode [ 105.188032][ T7095] RAX: ffffffffffffffda RBX: 00007f9437f35f80 RCX: 00007f9437d7dff9 [ 105.188044][ T7095] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 105.195276][ T7022] veth1_vlan: entered promiscuous mode [ 105.195728][ T7095] RBP: 00007f9438c65090 R08: 0000000000000000 R09: 0000000000000000 [ 105.200265][ T7095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.203146][ T7095] R13: 0000000000000000 R14: 00007f9437f35f80 R15: 00007ffc318c26c8 [ 105.205998][ T7095] [ 105.216374][ T7022] veth0_macvtap: entered promiscuous mode [ 105.224354][ T7022] veth1_macvtap: entered promiscuous mode [ 105.238665][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.242261][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.255504][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.255525][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.255542][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.255554][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.256736][ T7022] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 105.262858][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.262876][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.262885][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.262896][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.262905][ T7022] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 105.262917][ T7022] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.263739][ T7022] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 105.311640][ T7022] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.314908][ T7022] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.319022][ T7022] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.322351][ T7022] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 105.394817][ T1124] bridge_slave_1: left allmulticast mode [ 105.396496][ T1124] bridge_slave_1: left promiscuous mode [ 105.398139][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 105.404813][ T1124] bridge_slave_0: left allmulticast mode [ 105.407422][ T1124] bridge_slave_0: left promiscuous mode [ 105.409508][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 105.447377][ T5355] Bluetooth: hci3: command tx timeout [ 105.470243][ T7104] FAULT_INJECTION: forcing a failure. [ 105.470243][ T7104] name failslab, interval 1, probability 0, space 0, times 0 [ 105.473966][ T7104] CPU: 2 UID: 0 PID: 7104 Comm: syz.0.411 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 105.477082][ T7104] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 105.479930][ T7104] Call Trace: [ 105.481112][ T7104] [ 105.482152][ T7104] dump_stack_lvl+0x16c/0x1f0 [ 105.483818][ T7104] should_fail_ex+0x497/0x5b0 [ 105.485391][ T7104] ? fs_reclaim_acquire+0xae/0x150 [ 105.486876][ T7104] should_failslab+0xc2/0x120 [ 105.488115][ T7104] kmem_cache_alloc_node_noprof+0x71/0x310 [ 105.489676][ T7104] ? __alloc_skb+0x2b1/0x380 [ 105.491224][ T7104] __alloc_skb+0x2b1/0x380 [ 105.492814][ T7104] ? __pfx___alloc_skb+0x10/0x10 [ 105.494231][ T7104] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 105.495827][ T7104] netlink_alloc_large_skb+0x69/0x130 [ 105.497257][ T7104] netlink_sendmsg+0x689/0xd70 [ 105.498703][ T7104] ? __pfx_netlink_sendmsg+0x10/0x10 [ 105.500486][ T7104] ? __import_iovec+0x1fd/0x6e0 [ 105.501773][ T7104] ____sys_sendmsg+0xaaf/0xc90 [ 105.503221][ T7104] ? copy_msghdr_from_user+0x10b/0x160 [ 105.504807][ T7104] ? __pfx_____sys_sendmsg+0x10/0x10 [ 105.506246][ T7104] ? __pfx___lock_acquire+0x10/0x10 [ 105.507606][ T7104] ___sys_sendmsg+0x135/0x1e0 [ 105.508849][ T7104] ? __pfx____sys_sendmsg+0x10/0x10 [ 105.510214][ T7104] ? lock_acquire+0x2f/0xb0 [ 105.511414][ T7104] ? __fget_files+0x40/0x3f0 [ 105.513028][ T7104] ? fdget+0x176/0x210 [ 105.514318][ T7104] __sys_sendmsg+0x117/0x1f0 [ 105.515569][ T7104] ? __pfx___sys_sendmsg+0x10/0x10 [ 105.516930][ T7104] ? __fget_files+0x244/0x3f0 [ 105.518176][ T7104] do_syscall_64+0xcd/0x250 [ 105.519368][ T7104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.520921][ T7104] RIP: 0033:0x7f9437d7dff9 [ 105.522129][ T7104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 105.527244][ T7104] RSP: 002b:00007f9438c44038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 105.529440][ T7104] RAX: ffffffffffffffda RBX: 00007f9437f36058 RCX: 00007f9437d7dff9 [ 105.531488][ T7104] RDX: 0000000020000000 RSI: 0000000020000140 RDI: 0000000000000003 [ 105.533860][ T7104] RBP: 00007f9438c44090 R08: 0000000000000000 R09: 0000000000000000 [ 105.536819][ T7104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 105.539758][ T7104] R13: 0000000000000001 R14: 00007f9437f36058 R15: 00007ffc318c26c8 [ 105.541990][ T7104] [ 105.677072][ T5355] Bluetooth: hci1: command tx timeout [ 105.809028][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 105.815334][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 105.827735][ T1124] bond0 (unregistering): Released all slaves [ 105.898180][ T1110] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.900606][ T1110] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.953728][ T1110] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 105.967565][ T1110] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 106.266477][ T1124] hsr_slave_0: left promiscuous mode [ 106.269198][ T1124] hsr_slave_1: left promiscuous mode [ 106.278198][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 106.281499][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 106.300586][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 106.302685][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 106.323902][ T1124] veth1_macvtap: left promiscuous mode [ 106.325989][ T1124] veth0_macvtap: left promiscuous mode [ 106.328244][ T1124] veth1_vlan: left promiscuous mode [ 106.330246][ T1124] veth0_vlan: left promiscuous mode [ 106.451356][ T75] [ 106.452030][ T75] ====================================================== [ 106.453855][ T75] WARNING: possible circular locking dependency detected [ 106.456294][ T75] 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 Not tainted [ 106.460491][ T75] ------------------------------------------------------ [ 106.463351][ T75] kworker/u32:4/75 is trying to acquire lock: [ 106.465496][ T75] ffff88806a929598 (krc.lock){..-.}-{2:2}, at: kvfree_call_rcu+0xda/0xbe0 [ 106.468478][ T75] [ 106.468478][ T75] but task is already holding lock: [ 106.471108][ T75] ffff88806a92a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 106.474043][ T75] [ 106.474043][ T75] which lock already depends on the new lock. [ 106.474043][ T75] [ 106.476765][ T75] [ 106.476765][ T75] the existing dependency chain (in reverse order) is: [ 106.479078][ T75] [ 106.479078][ T75] -> #1 (&base->lock){-.-.}-{2:2}: [ 106.480985][ T75] _raw_spin_lock_irqsave+0x3a/0x60 [ 106.482469][ T75] lock_timer_base+0x5d/0x220 [ 106.484009][ T75] __mod_timer+0x426/0xdc0 [ 106.485447][ T75] add_timer_global+0x8a/0xc0 [ 106.486770][ T75] __queue_delayed_work+0x1ba/0x2e0 [ 106.488374][ T75] queue_delayed_work_on+0x12a/0x150 [ 106.490065][ T75] kvfree_call_rcu+0x749/0xbe0 [ 106.491484][ T75] pwq_release_workfn+0x4dd/0xa50 [ 106.493075][ T75] kthread_worker_fn+0x305/0xba0 [ 106.495011][ T75] kthread+0x2c1/0x3a0 [ 106.496579][ T75] ret_from_fork+0x45/0x80 [ 106.498130][ T75] ret_from_fork_asm+0x1a/0x30 [ 106.499490][ T75] [ 106.499490][ T75] -> #0 (krc.lock){..-.}-{2:2}: [ 106.501354][ T75] __lock_acquire+0x250b/0x3ce0 [ 106.502858][ T75] lock_acquire.part.0+0x11b/0x380 [ 106.504903][ T75] _raw_spin_lock+0x2e/0x40 [ 106.506715][ T75] kvfree_call_rcu+0xda/0xbe0 [ 106.508626][ T75] trie_delete_elem+0x5c5/0x820 [ 106.510393][ T75] bpf_prog_2e5e7763945ac34e+0x45/0x49 [ 106.512026][ T75] bpf_trace_run2+0x231/0x590 [ 106.513438][ T75] __bpf_trace_timer_start+0xc7/0x100 [ 106.515019][ T75] enqueue_timer+0x2b4/0x550 [ 106.516479][ T75] __mod_timer+0x8d7/0xdc0 [ 106.518255][ T75] add_timer_global+0x8a/0xc0 [ 106.519689][ T75] __queue_delayed_work+0x1ba/0x2e0 [ 106.521664][ T75] queue_delayed_work_on+0x12a/0x150 [ 106.523760][ T75] batadv_nc_worker+0xb08/0x1060 [ 106.525754][ T75] process_one_work+0x9c5/0x1ba0 [ 106.527514][ T75] worker_thread+0x6c8/0xf00 [ 106.528893][ T75] kthread+0x2c1/0x3a0 [ 106.530057][ T75] ret_from_fork+0x45/0x80 [ 106.531308][ T75] ret_from_fork_asm+0x1a/0x30 [ 106.532643][ T75] [ 106.532643][ T75] other info that might help us debug this: [ 106.532643][ T75] [ 106.535315][ T75] Possible unsafe locking scenario: [ 106.535315][ T75] [ 106.537191][ T75] CPU0 CPU1 [ 106.538504][ T75] ---- ---- [ 106.539838][ T75] lock(&base->lock); [ 106.540880][ T75] lock(krc.lock); [ 106.542495][ T75] lock(&base->lock); [ 106.544083][ T75] lock(krc.lock); [ 106.545196][ T75] [ 106.545196][ T75] *** DEADLOCK *** [ 106.545196][ T75] [ 106.547286][ T75] 4 locks held by kworker/u32:4/75: [ 106.548632][ T75] #0: ffff888020f04148 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0 [ 106.551321][ T75] #1: ffffc90000fe7d80 ((work_completion)(&(&bat_priv->nc.work)->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0 [ 106.554376][ T75] #2: ffff88806a92a858 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x5d/0x220 [ 106.557323][ T75] #3: ffffffff8e1b8380 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 106.560637][ T75] [ 106.560637][ T75] stack backtrace: [ 106.562671][ T75] CPU: 3 UID: 0 PID: 75 Comm: kworker/u32:4 Not tainted 6.12.0-rc4-syzkaller-00047-gc2ee9f594da8 #0 [ 106.565509][ T75] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 106.568159][ T75] Workqueue: bat_events batadv_nc_worker [ 106.569599][ T75] Call Trace: [ 106.570441][ T75] [ 106.571193][ T75] dump_stack_lvl+0x116/0x1f0 [ 106.572420][ T75] print_circular_bug+0x41c/0x610 [ 106.573732][ T75] check_noncircular+0x31a/0x400 [ 106.575005][ T75] ? __pfx_check_noncircular+0x10/0x10 [ 106.576773][ T75] ? lockdep_lock+0x1b8/0x200 [ 106.578405][ T75] ? __pfx_lockdep_lock+0x10/0x10 [ 106.579626][ T75] __lock_acquire+0x250b/0x3ce0 [ 106.580811][ T75] ? __pfx___lock_acquire+0x10/0x10 [ 106.582154][ T75] lock_acquire.part.0+0x11b/0x380 [ 106.583451][ T75] ? kvfree_call_rcu+0xda/0xbe0 [ 106.584712][ T75] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 106.586716][ T75] ? rcu_is_watching+0x12/0xc0 [ 106.588473][ T75] ? trace_lock_acquire+0x14a/0x1d0 [ 106.590416][ T75] ? kvfree_call_rcu+0xda/0xbe0 [ 106.592088][ T75] ? lock_acquire+0x2f/0xb0 [ 106.593293][ T75] ? kvfree_call_rcu+0xda/0xbe0 [ 106.594567][ T75] _raw_spin_lock+0x2e/0x40 [ 106.595955][ T75] ? kvfree_call_rcu+0xda/0xbe0 [ 106.597219][ T75] kvfree_call_rcu+0xda/0xbe0 [ 106.598435][ T75] ? trie_delete_elem+0xb0/0x820 [ 106.599726][ T75] ? do_raw_spin_unlock+0x172/0x230 [ 106.601080][ T75] trie_delete_elem+0x5c5/0x820 [ 106.602345][ T75] bpf_prog_2e5e7763945ac34e+0x45/0x49 [ 106.603752][ T75] bpf_trace_run2+0x231/0x590 [ 106.605027][ T75] ? __pfx_bpf_trace_run2+0x10/0x10 [ 106.606376][ T75] ? exc_int3+0xe/0x80 [ 106.607442][ T75] __bpf_trace_timer_start+0xc7/0x100 [ 106.608865][ T75] ? __pfx___bpf_trace_timer_start+0x10/0x10 [ 106.610420][ T75] ? enqueue_timer+0xfd/0x550 [ 106.611643][ T75] ? enqueue_timer+0x1fc/0x550 [ 106.612906][ T75] enqueue_timer+0x2b4/0x550 [ 106.614122][ T75] __mod_timer+0x8d7/0xdc0 [ 106.615517][ T75] ? __pfx___mod_timer+0x10/0x10 [ 106.617250][ T75] ? __pfx_lock_release+0x10/0x10 [ 106.619004][ T75] ? clear_pending_if_disabled+0xa9/0x210 [ 106.620991][ T75] add_timer_global+0x8a/0xc0 [ 106.622643][ T75] __queue_delayed_work+0x1ba/0x2e0 [ 106.624449][ T75] queue_delayed_work_on+0x12a/0x150 [ 106.626285][ T75] batadv_nc_worker+0xb08/0x1060 [ 106.628007][ T75] ? __pfx_batadv_nc_worker+0x10/0x10 [ 106.629894][ T75] ? trace_lock_acquire+0x14a/0x1d0 [ 106.631701][ T75] ? process_one_work+0x921/0x1ba0 [ 106.633478][ T75] ? process_one_work+0x921/0x1ba0 [ 106.635236][ T75] process_one_work+0x9c5/0x1ba0 [ 106.636929][ T75] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 106.638812][ T75] ? __pfx_process_one_work+0x10/0x10 [ 106.640668][ T75] ? assign_work+0x1a0/0x250 [ 106.642299][ T75] worker_thread+0x6c8/0xf00 [ 106.643906][ T75] ? __kthread_parkme+0x148/0x220 [ 106.645456][ T75] ? __pfx_worker_thread+0x10/0x10 [ 106.646797][ T75] kthread+0x2c1/0x3a0 [ 106.647864][ T75] ? _raw_spin_unlock_irq+0x23/0x50 [ 106.649240][ T75] ? __pfx_kthread+0x10/0x10 [ 106.650452][ T75] ret_from_fork+0x45/0x80 [ 106.651622][ T75] ? __pfx_kthread+0x10/0x10 [ 106.652842][ T75] ret_from_fork_asm+0x1a/0x30 [ 106.654088][ T75] SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 107.249508][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 107.321212][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 107.519092][ T5355] Bluetooth: hci3: command tx timeout [ 108.410488][ T1124] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.689759][ T1124] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.750724][ T1124] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.809489][ T1124] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.872803][ T1124] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.918881][ T1124] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 109.989878][ T1124] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.058845][ T1124] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 110.152049][ T1124] bridge_slave_1: left allmulticast mode [ 110.153937][ T1124] bridge_slave_1: left promiscuous mode [ 110.155813][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.160456][ T1124] bridge_slave_0: left allmulticast mode [ 110.161847][ T1124] bridge_slave_0: left promiscuous mode [ 110.163380][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.167280][ T1124] bridge_slave_1: left allmulticast mode [ 110.168834][ T1124] bridge_slave_1: left promiscuous mode [ 110.170305][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.172773][ T1124] bridge_slave_0: left allmulticast mode [ 110.174295][ T1124] bridge_slave_0: left promiscuous mode [ 110.175710][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.178894][ T1124] bridge_slave_1: left allmulticast mode [ 110.180412][ T1124] bridge_slave_1: left promiscuous mode [ 110.182061][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state [ 110.184699][ T1124] bridge_slave_0: left allmulticast mode [ 110.186347][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state [ 110.499948][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.503306][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.506283][ T1124] bond0 (unregistering): Released all slaves [ 110.509819][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.512848][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.515675][ T1124] bond0 (unregistering): Released all slaves [ 110.520593][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 110.523936][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 110.527099][ T1124] bond0 (unregistering): Released all slaves [ 110.965628][ T1124] hsr_slave_0: left promiscuous mode [ 110.967428][ T1124] hsr_slave_1: left promiscuous mode [ 110.969257][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.971056][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.973131][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.974948][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.978483][ T1124] hsr_slave_0: left promiscuous mode [ 110.980070][ T1124] hsr_slave_1: left promiscuous mode [ 110.981555][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.983372][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 110.987151][ T1124] hsr_slave_0: left promiscuous mode [ 110.988726][ T1124] hsr_slave_1: left promiscuous mode [ 110.990258][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 110.992013][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 110.994056][ T1124] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 110.995801][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 111.000359][ T1124] veth1_macvtap: left promiscuous mode [ 111.001774][ T1124] veth0_macvtap: left promiscuous mode [ 111.003192][ T1124] veth1_vlan: left promiscuous mode [ 111.004489][ T1124] veth0_vlan: left promiscuous mode [ 111.006570][ T1124] veth1_macvtap: left promiscuous mode [ 111.007992][ T1124] veth0_macvtap: left promiscuous mode [ 111.009354][ T1124] veth1_vlan: left promiscuous mode [ 111.010674][ T1124] veth0_vlan: left promiscuous mode [ 111.184983][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 111.224137][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 111.452518][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 111.486470][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 111.799330][ T1124] team0 (unregistering): Port device team_slave_1 removed [ 111.839315][ T1124] team0 (unregistering): Port device team_slave_0 removed [ 112.125298][ T39] audit: type=1400 audit(1729578580.067:464): avc: denied { setrlimit } for pid=7222 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1 [ 112.898727][ T1124] IPVS: stop unused estimator thread 0... VM DIAGNOSIS: 06:29:34 Registers: info registers vcpu 0 CPU#0 RAX=0000000000250fd4 RBX=0000000000000000 RCX=ffffffff8b226579 RDX=ffffed100d4c7026 RSI=ffffffff8bd1aa00 RDI=ffffffff81647b8c RBP=fffffbfff1bd2af8 RSP=ffffffff8de07e20 R8 =0000000000000000 R9 =ffffed100d4c7025 R10=ffff88806a63812b R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de957c0 R14=ffffffff905f4b48 R15=0000000000000000 RIP=ffffffff8b22795f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000555562c96808 CR3=0000000046fc8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008000100 Opmask01=0000000000000000 Opmask02=000000007ffbffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcf6d68300 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813ca88e RDX=ffff88802bdb8000 RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffff88806a92a840 RSP=ffffc900008b0940 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=ffffffff8b6e5f20 R12=0000000000000003 R13=0000000000000003 R14=ffff88806a73fdc0 R15=ffffed100d525508 RIP=ffffffff813ca8ac RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f300a4b36c0 ffffffff 00c00000 GS =0000 ffff88806a700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f1e88db2d58 CR3=00000000236aa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e8810b488 00007f1e8810b480 00007f1e8810b478 00007f1e8810b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e88c6d100 00007f1e8810b440 00007f1e8810b458 00007f1e8810b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e8810b498 00007f1e8810b490 00007f1e8810b488 00007f1e8810b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000003 RCX=ffffffff813ca88e RDX=ffff88801de8a440 RSI=ffffffff813ca8ab RDI=0000000000000000 RBP=ffffffff8e235bd0 RSP=ffffc9000082f9a8 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=ffffffff8b6e5f20 R12=0000000000000003 R13=0000000000000003 R14=ffff88806a83fdc0 R15=fffffbfff1c46b7a RIP=ffffffff813ca8ac RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a800000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f3009937a8c CR3=00000000236aa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=000000007ffbffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f30097f12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f300990b488 00007f300990b480 00007f300990b478 00007f300990b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f300a46d100 00007f300990b440 00007f300990b458 00007f300990b4a0 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f300990b498 00007f300990b490 00007f300990b488 00007f300990b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000000002e RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff850b00a5 RDI=ffffffff9aae6bc0 RBP=ffffffff9aae6b80 RSP=ffffc90000fe6eb0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=000000000000002e R14=ffffffff850b0040 R15=0000000000000000 RIP=ffffffff850b00cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88806a900000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f1e88db1f98 CR3=0000000023fc6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000208001 Opmask01=0000000000000000 Opmask02=00000000000003ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff1133 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff1140 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff113a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff114e ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff11d4 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e87ff12b2 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e8810b488 00007f1e8810b480 00007f1e8810b478 00007f1e8810b450 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e88c6d100 00007f1e8810b440 00007f1e88100004 0000000b000c000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f1e8810b498 00007f1e8810b490 00007f1e8810b488 00007f1e8810b480 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000