last executing test programs: 19.13344402s ago: executing program 0 (id=444): mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x8, 0x3032, 0xffffffffffffffff, 0x1000) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000400)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x3, 0x0, 0xd, 0x6000000, [{0x6, 0x2}, {0x3}, {0x3, 0x4}]}]}}, &(0x7f0000000f40)=""/4096, 0x3e, 0x1000, 0x1, 0x0, 0x0, @void, @value}, 0x28) 19.133192999s ago: executing program 0 (id=445): openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_STRSET_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x14, r4, 0x705, 0x70bd25, 0x10000000}, 0x14}}, 0x0) 13.644765997s ago: executing program 0 (id=446): seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f00000001c0)=[{0x54}, {0x0, 0x0, 0x0, 0x53}]}) r0 = syz_io_uring_setup(0x1ef2, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f0000000140)=0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0}) io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0) 13.048887145s ago: executing program 0 (id=447): syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x3e00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'wlan0\x00', &(0x7f0000000000)=@ethtool_stats={0x11}}) 11.728408272s ago: executing program 0 (id=449): r0 = socket(0x2a, 0x2, 0x0) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x6c, 0x28, 0x4ee4e6a52ff56541, 0x4004, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0x1}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x3c, 0x2, [@TCA_GRED_PARMS={0x38, 0x1, {0x6, 0x3, 0x8, 0xc, 0x9, 0xfffffffb, 0xffffffff, 0x200, 0x7, 0x0, 0x6, 0xa, 0x23, 0x9, 0x5, 0x5}}]}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x400dc}, 0x4008094) 10.807211319s ago: executing program 0 (id=450): socket$nl_route(0x10, 0x3, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x1e, 0x4, 0x0) socket(0x1e, 0x4, 0x0) r4 = socket$netlink(0x10, 0x3, 0x15) sendmsg$nl_generic(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x18, 0x14, 0x301, 0x0, 0x0, {0x1e}, [@generic="c1"]}, 0x18}}, 0x0) socket$packet(0x11, 0x3, 0x300) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'tunl0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @multicast1}}}}) 6.23920412s ago: executing program 1 (id=451): r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) io_setup(0xb4, &(0x7f0000002340)=0x0) io_submit(r1, 0x1, &(0x7f0000003140)=[&(0x7f00000018c0)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f0000002140)="0f3ff355e0db7cbd1b", 0x9, 0x8000000000000000, 0x0, 0x2}]) 5.947898009s ago: executing program 1 (id=452): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB], 0xbf}}, 0x4000) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) tkill(r0, 0x35) socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0xb) r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000240)={0xc, 0x0, 0x0}) ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000280)={0x28, 0x7, r6, 0x0, &(0x7f00007ff000/0x800000)=nil, 0x800000}) ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000180)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1}) ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000680)={0x48, 0x7, r7, 0x3f, 0x10001, 0x0, 0x1000, 0x2000001, 0x314d1e}) ioctl$IOMMU_IOAS_UNMAP$ALL(r3, 0x3b86, &(0x7f0000000200)={0x18, r6}) ioctl$LOOP_CTL_REMOVE(0xffffffffffffffff, 0x4c81, 0xb) 539.369264ms ago: executing program 1 (id=453): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)={0x1c, 0x32, 0xb, 0x0, 0x25dfdbfb, {0x2}, [@nested={0x5, 0x8, 0x0, 0x1, [@generic="f3"]}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x0) 410.116448ms ago: executing program 1 (id=454): timer_create(0x0, 0x0, &(0x7f0000bbdffc)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) timer_getoverrun(0x0) 183.660674ms ago: executing program 1 (id=455): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)={0x1c, 0x140f, 0x1, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_CHARDEV_TYPE={0xb, 0x45, 'smc_ib\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000) 0s ago: executing program 1 (id=456): sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x4000) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() set_mempolicy(0x5, &(0x7f0000000080)=0x3, 0x961) kexec_load(0x0, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0xc1000000}], 0x0) sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) tkill(r0, 0x35) r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$LOOP_CTL_ADD(r3, 0x4c80, 0xb) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$UI_BEGIN_FF_UPLOAD(r4, 0xc06855c8, &(0x7f0000000300)={0x8, 0x9ad, {0x57, 0x0, 0x4, {0x9, 0x1}, {0x7fff, 0x3}, @const={0x0, {0x8, 0x8000, 0x13, 0xee}}}, {0x54, 0x2, 0x1c0, {0x9, 0xd0}, {0x9, 0xfffa}, @period={0x5d, 0x1, 0x401, 0x7, 0x5, {0x0, 0x7, 0x9, 0x3f}, 0x1, &(0x7f0000000280)=[0xf]}}}) socket$inet_udplite(0x2, 0x2, 0x88) add_key(&(0x7f0000000040)='dns_resolver\x00', 0x0, &(0x7f0000000080)="0018010202", 0x5, 0xfffffffffffffffb) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:43251' (ED25519) to the list of known hosts. syzkaller login: [ 122.753770][ T3262] cgroup: Unknown subsys name 'net' [ 123.223073][ T3262] cgroup: Unknown subsys name 'cpuset' [ 123.261708][ T3262] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 124.212613][ T3262] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 133.502476][ T3267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.584753][ T3267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 133.603060][ T3268] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 133.662621][ T3268] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 135.564496][ T3267] hsr_slave_0: entered promiscuous mode [ 135.630010][ T3267] hsr_slave_1: entered promiscuous mode [ 135.950548][ T3268] hsr_slave_0: entered promiscuous mode [ 135.989366][ T3268] hsr_slave_1: entered promiscuous mode [ 136.047172][ T3268] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 136.048407][ T3268] Cannot create hsr debugfs directory [ 137.309777][ T3267] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 137.353152][ T3267] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 137.405239][ T3267] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 137.471023][ T3267] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 137.634529][ T3268] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 137.655015][ T3268] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 137.703570][ T3268] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 137.724824][ T3268] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 139.309320][ T3268] 8021q: adding VLAN 0 to HW filter on device bond0 [ 139.351252][ T3267] 8021q: adding VLAN 0 to HW filter on device bond0 [ 145.662768][ T3268] veth0_vlan: entered promiscuous mode [ 145.728189][ T3267] veth0_vlan: entered promiscuous mode [ 145.762294][ T3268] veth1_vlan: entered promiscuous mode [ 145.792896][ T3267] veth1_vlan: entered promiscuous mode [ 145.960063][ T3268] veth0_macvtap: entered promiscuous mode [ 145.984171][ T3268] veth1_macvtap: entered promiscuous mode [ 146.128599][ T3267] veth0_macvtap: entered promiscuous mode [ 146.220411][ T3267] veth1_macvtap: entered promiscuous mode [ 146.262841][ T3268] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.264285][ T3268] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.265401][ T3268] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.268117][ T3268] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.699417][ T3267] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.700667][ T3267] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.701703][ T3267] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 146.702764][ T3267] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 147.083671][ T3268] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 154.026884][ T3424] netlink: 68 bytes leftover after parsing attributes in process `syz.0.5'. [ 165.852382][ T3454] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies. [ 166.783330][ T3458] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 166.799452][ T3458] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 171.943339][ T3477] netlink: 'syz.0.20': attribute type 27 has an invalid length. [ 173.050699][ T3480] ALSA: mixer_oss: invalid OSS volume 'ÅsàÑ­ "dPùmüXaØ' [ 173.892495][ T3477] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.893864][ T3477] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.899626][ T3477] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 173.902851][ T3477] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 174.726952][ T3478] 8021q: adding VLAN 0 to HW filter on device bond0 [ 175.152774][ T3478] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 175.157146][ T3478] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 175.205288][ T3478] veth1_vlan: left promiscuous mode [ 175.218689][ T3478] veth0_vlan: left promiscuous mode [ 175.227488][ T3478] veth0_vlan: entered promiscuous mode [ 175.244976][ T3478] veth1_vlan: entered promiscuous mode [ 175.292947][ T3478] veth1_macvtap: left promiscuous mode [ 175.302449][ T3478] veth0_macvtap: left promiscuous mode [ 175.311902][ T3478] veth0_macvtap: entered promiscuous mode [ 175.319491][ T3478] veth1_macvtap: entered promiscuous mode [ 175.329749][ T3478] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.331148][ T3478] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.332320][ T3478] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 175.333468][ T3478] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 177.175671][ C0] hrtimer: interrupt took 32197744 ns [ 187.297736][ T3532] netlink: 312 bytes leftover after parsing attributes in process `syz.0.41'. [ 189.290319][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 192.992246][ T3565] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (65535) [ 192.993677][ T3565] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255 [ 193.651992][ T3567] block nbd1: shutting down sockets [ 194.233750][ T3577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 194.242973][ T3577] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 194.577210][ T3583] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 194.590983][ T3583] netlink: 16 bytes leftover after parsing attributes in process `syz.1.63'. [ 195.291258][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 199.022503][ T3616] dvmrp8: entered allmulticast mode [ 199.030580][ T3616] dvmrp8: left allmulticast mode [ 199.804130][ C0] vkms_vblank_simulate: vblank timer overrun [ 200.470871][ T3630] Zero length message leads to an empty skb [ 202.186674][ T3649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 202.206601][ T3649] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 204.815041][ T3673] dlm: plock device version mismatch: kernel (1.2.0), user (0.0.0) [ 204.924388][ T3669] netlink: 4 bytes leftover after parsing attributes in process `syz.0.100'. [ 206.468391][ T3685] sctp: [Deprecated]: syz.0.107 (pid 3685) Use of int in max_burst socket option deprecated. [ 206.468391][ T3685] Use struct sctp_assoc_value instead [ 207.817347][ T3704] random: crng reseeded on system resumption [ 210.082782][ T3735] ptrace attach of "/syz-executor exec"[3736] was attempted by "/syz-executor exec"[3735] [ 212.704040][ T3766] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 216.212452][ T3787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 216.226175][ T3787] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 219.979217][ T3812] netlink: 68 bytes leftover after parsing attributes in process `syz.1.162'. [ 221.482257][ T3823] batadv_slave_0: entered promiscuous mode [ 223.178594][ T3844] batadv_slave_0: left promiscuous mode [ 223.327583][ T3844] 8021q: adding VLAN 0 to HW filter on device bond1 [ 224.069343][ T3851] ip6gre1: entered allmulticast mode [ 228.713847][ T3884] syz.0.195 uses obsolete (PF_INET,SOCK_PACKET) [ 231.184307][ T3916] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 231.198394][ T3916] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 232.879442][ T3940] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 232.886836][ T3940] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 233.326493][ T3946] 8021q: VLANs not supported on lo [ 233.463040][ T3950] netlink: 8 bytes leftover after parsing attributes in process `syz.0.222'. [ 233.698373][ T3954] process 'syz.0.224' launched './file1' with NULL argv: empty string added [ 235.077160][ T3401] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 235.317086][ T3401] usb 1-1: Using ep0 maxpacket: 32 [ 235.433950][ T3401] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 235.440203][ T3401] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 235.441757][ T3401] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 235.443840][ T3401] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 235.445157][ T3401] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 235.464517][ T3401] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 235.468662][ T3401] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 235.470002][ T3401] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.542782][ T3401] usb 1-1: config 0 descriptor?? [ 235.813304][ T3401] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 235.865348][ T3401] usb 1-1: USB disconnect, device number 2 [ 235.907881][ T3401] usblp0: removed [ 236.387184][ T3401] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 236.556781][ T3401] usb 1-1: Using ep0 maxpacket: 32 [ 236.699491][ T3401] usb 1-1: config index 0 descriptor too short (expected 29220, got 36) [ 236.700676][ T3401] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 236.701810][ T3401] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 236.703246][ T3401] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 236.704705][ T3401] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 236.723214][ T3401] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 236.724990][ T3401] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 236.727853][ T3401] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 236.752839][ T3401] usb 1-1: config 0 descriptor?? [ 237.083739][ T3401] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 240.513828][ T3997] netlink: 8 bytes leftover after parsing attributes in process `syz.1.241'. [ 240.933697][ T1882] usb 1-1: USB disconnect, device number 3 [ 240.977774][ T1882] usblp0: removed [ 263.536705][ T4058] random: crng reseeded on system resumption [ 273.296724][ T1882] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 273.467417][ T1882] usb 1-1: Using ep0 maxpacket: 32 [ 273.516917][ T1882] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 273.519234][ T1882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 273.556670][ T1882] usb 1-1: config 0 descriptor?? [ 273.814261][ T1882] usb 1-1: USB disconnect, device number 4 [ 274.286796][ T3401] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 274.391990][ T29] audit: type=1326 audit(274.150:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4135 comm="syz.1.283" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa534a2a8 code=0x7ffc0000 [ 274.405287][ T29] audit: type=1326 audit(274.160:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4135 comm="syz.1.283" exe="/syz-executor" sig=0 arch=c00000b7 syscall=113 compat=0 ip=0xffffa534a2a8 code=0x7ffc0000 [ 274.412454][ T29] audit: type=1326 audit(274.170:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4135 comm="syz.1.283" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa534a2a8 code=0x7ffc0000 [ 274.426382][ T29] audit: type=1326 audit(274.180:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4135 comm="syz.1.283" exe="/syz-executor" sig=0 arch=c00000b7 syscall=112 compat=0 ip=0xffffa534a2a8 code=0x7ffc0000 [ 274.430801][ T29] audit: type=1326 audit(274.190:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4135 comm="syz.1.283" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa534a2a8 code=0x7ffc0000 [ 274.456953][ T3401] usb 1-1: Using ep0 maxpacket: 32 [ 274.523641][ T3401] usb 1-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64 [ 274.524386][ T3401] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 274.546957][ T3401] usb 1-1: config 0 descriptor?? [ 274.789184][ T3401] usb 1-1: USB disconnect, device number 5 [ 276.675210][ T29] audit: type=1326 audit(276.430:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.295" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 276.690598][ T29] audit: type=1326 audit(276.450:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.295" exe="/syz-executor" sig=0 arch=c00000b7 syscall=26 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 276.696321][ T29] audit: type=1326 audit(276.450:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.295" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 276.704532][ T29] audit: type=1326 audit(276.460:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.295" exe="/syz-executor" sig=0 arch=c00000b7 syscall=27 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 276.713512][ T29] audit: type=1326 audit(276.470:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4160 comm="syz.0.295" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 279.269792][ T4169] netlink: 'syz.0.298': attribute type 4 has an invalid length. [ 279.276678][ T4169] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.298'. [ 281.352588][ T4184] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 281.354179][ T4184] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 281.496617][ T3401] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 281.850751][ T3401] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 281.852418][ T3401] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 281.853702][ T3401] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 281.855349][ T3401] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 281.857760][ T3401] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 281.884918][ T3401] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 281.887315][ T3401] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 281.888536][ T3401] usb 1-1: Product: syz [ 281.889382][ T3401] usb 1-1: Manufacturer: syz [ 281.957900][ T3401] cdc_wdm 1-1:1.0: skipping garbage [ 281.958861][ T3401] cdc_wdm 1-1:1.0: skipping garbage [ 281.977918][ T3401] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 296.190799][ T1882] usb 1-1: USB disconnect, device number 6 [ 297.665123][ T4249] [U] ^A [ 317.544593][ T4277] ALSA: mixer_oss: invalid OSS volume '00000000000000000000' [ 317.547557][ T4277] ALSA: mixer_oss: invalid OSS volume 'OGAINWÁ”1õ›' [ 329.393737][ T4314] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 329.458966][ T4314] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 337.093338][ T4326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 337.094799][ T4326] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 337.110595][ T4320] syz.0.347 (4320): drop_caches: 2 [ 337.776804][ T8] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 337.994075][ T8] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 337.994841][ T8] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 337.996546][ T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 337.997286][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 337.998008][ T8] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 338.029108][ T8] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 338.029845][ T8] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 338.030374][ T8] usb 1-1: Product: syz [ 338.030818][ T8] usb 1-1: Manufacturer: syz [ 338.117235][ T8] cdc_wdm 1-1:1.0: skipping garbage [ 338.117902][ T8] cdc_wdm 1-1:1.0: skipping garbage [ 338.141858][ T8] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device [ 338.350243][ T8] usb 1-1: USB disconnect, device number 7 [ 350.131631][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 354.598627][ T4383] can0: slcan on ttyS3. [ 354.700037][ T4383] can0 (unregistered): slcan off ttyS3. [ 354.766371][ T4383] can0: slcan on ttyS3. [ 354.879512][ T4382] can0 (unregistered): slcan off ttyS3. [ 357.368660][ T29] kauditd_printk_skb: 1 callbacks suppressed [ 357.368922][ T29] audit: type=1326 audit(357.120:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 357.802596][ T29] audit: type=1326 audit(357.120:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 357.854535][ T29] audit: type=1326 audit(357.120:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 357.912410][ T29] audit: type=1326 audit(357.130:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 357.932870][ T29] audit: type=1326 audit(357.130:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 357.997075][ T29] audit: type=1326 audit(357.140:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 358.024823][ T29] audit: type=1326 audit(357.140:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 358.066488][ T29] audit: type=1326 audit(357.140:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 358.087429][ T29] audit: type=1326 audit(357.140:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=131 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 358.154650][ T29] audit: type=1326 audit(357.140:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4387 comm="syz.0.368" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 366.396448][ T4408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 366.404329][ T4408] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 367.137199][ T4412] netlink: 165 bytes leftover after parsing attributes in process `syz.1.377'. [ 367.364853][ T4414] netlink: 8 bytes leftover after parsing attributes in process `syz.1.378'. [ 368.356854][ T1882] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 368.536955][ T1882] usb 1-1: Using ep0 maxpacket: 16 [ 368.608580][ T1882] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83 [ 368.610089][ T1882] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7 [ 368.682746][ T1882] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1 [ 368.684358][ T1882] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 368.685345][ T1882] usb 1-1: Product: syz [ 368.691200][ T1882] usb 1-1: Manufacturer: syz [ 368.692013][ T1882] usb 1-1: SerialNumber: syz [ 368.715070][ T1882] usb 1-1: config 0 descriptor?? [ 379.023965][ T3343] usb 1-1: USB disconnect, device number 8 [ 387.697999][ T4453] random: crng reseeded on system resumption [ 389.633709][ T4464] veth0_to_team: entered promiscuous mode [ 389.634706][ T4464] veth0_to_team: entered allmulticast mode [ 390.822779][ T4467] Illegal XDP return value 4032943360 on prog (id 6) dev N/A, expect packet loss! [ 394.101250][ T4479] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 394.102772][ T4479] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 407.071676][ T4488] udevd[4488]: inotify_add_watch(7, /dev/loop11, 10) failed: No such file or directory [ 416.709181][ T4529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.416'. [ 416.710425][ T4529] netlink: 24 bytes leftover after parsing attributes in process `syz.1.416'. [ 416.711720][ T4529] netlink: 16 bytes leftover after parsing attributes in process `syz.1.416'. [ 416.712921][ T4529] netlink: 56 bytes leftover after parsing attributes in process `syz.1.416'. [ 416.713912][ T4529] netlink: 72 bytes leftover after parsing attributes in process `syz.1.416'. [ 417.887166][ T4533] netlink: 'syz.1.418': attribute type 10 has an invalid length. [ 419.209501][ T29] kauditd_printk_skb: 19 callbacks suppressed [ 419.209697][ T29] audit: type=1326 audit(418.950:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4545 comm="syz.0.423" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 419.217370][ T29] audit: type=1326 audit(418.950:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4545 comm="syz.0.423" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 419.243291][ T29] audit: type=1326 audit(419.000:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4545 comm="syz.0.423" exe="/syz-executor" sig=0 arch=c00000b7 syscall=149 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 419.269021][ T29] audit: type=1326 audit(419.000:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4545 comm="syz.0.423" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 419.271151][ T29] audit: type=1326 audit(419.000:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4545 comm="syz.0.423" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9ed4a2a8 code=0x7ffc0000 [ 419.481499][ T4548] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 419.482747][ T4548] IPv6: NLM_F_CREATE should be set when creating new route [ 419.483959][ T4548] IPv6: NLM_F_CREATE should be set when creating new route [ 427.226799][ T4571] netlink: 16 bytes leftover after parsing attributes in process `syz.1.433'. [ 436.398534][ T4579] KVM: debugfs: duplicate directory 4579-4 [ 437.529349][ T4587] netlink: 104 bytes leftover after parsing attributes in process `syz.1.438'. [ 460.198567][ T4631] netlink: 8 bytes leftover after parsing attributes in process `syz.0.450'. [ 466.401530][ T4650] Unable to handle kernel paging request at virtual address ffffffffc0000000 [ 466.402793][ T4650] Mem abort info: [ 466.405170][ T4650] ESR = 0x0000000096000006 [ 466.408698][ T4650] EC = 0x25: DABT (current EL), IL = 32 bits [ 466.409478][ T4650] SET = 0, FnV = 0 [ 466.410061][ T4650] EA = 0, S1PTW = 0 [ 466.410735][ T4650] FSC = 0x06: level 2 translation fault [ 466.411501][ T4650] Data abort info: [ 466.412062][ T4650] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000 [ 466.412841][ T4650] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 466.413692][ T4650] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 466.414575][ T4650] swapper pgtable: 4k pages, 52-bit VAs, pgdp=00000000427bd000 [ 466.416571][ T4650] [ffffffffc0000000] pgd=1000000042c9d003, p4d=0000000042ba9403, pud=0000000042baa403, pmd=0000000000000000 [ 466.419497][ T4650] Internal error: Oops: 0000000096000006 [#1] PREEMPT SMP [ 466.420542][ T4650] Modules linked in: [ 466.421772][ T4650] CPU: 0 UID: 0 PID: 4650 Comm: syz.1.456 Not tainted 6.12.0-syzkaller-07749-g28eb75e178d3 #0 [ 466.423073][ T4650] Hardware name: linux,dummy-virt (DT) [ 466.424108][ T4650] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 466.425207][ T4650] pc : trans_pgd_create_copy+0x21c/0x82c [ 466.426458][ T4650] lr : trans_pgd_create_copy+0x34/0x82c [ 466.427723][ T4650] sp : ffff8000886e3c30 [ 466.428646][ T4650] x29: ffff8000886e3c30 x28: fff0008000000000 x27: ffff8000825bd000 [ 466.430032][ T4650] x26: fff000007fdff000 x25: fff1000000000000 x24: 0000000000000001 [ 466.431457][ T4650] x23: ffff800000000000 x22: fff0000000000000 x21: ffff8000886e3d68 [ 466.432787][ T4650] x20: fdf000000cfa0000 x19: ffff800000000000 x18: 0000000000000000 [ 466.434201][ T4650] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000001 [ 466.435700][ T4650] x14: 0000000000000000 x13: 0000000000000002 x12: 0000000000072758 [ 466.437127][ T4650] x11: 0000000000000000 x10: 0000000000000001 x9 : 00000000000000fd [ 466.438429][ T4650] x8 : fdf000000cfa1000 x7 : 0000000000000000 x6 : 000000004cfa0fff [ 466.439894][ T4650] x5 : 000000004cfa0000 x4 : ffffc1ffc0250a48 x3 : fff000007fdff000 [ 466.440943][ T4650] x2 : ffffffffc0000000 x1 : fff0ffffffffffff x0 : 18000000bfdfe403 [ 466.442197][ T4650] Call trace: [ 466.442948][ T4650] trans_pgd_create_copy+0x21c/0x82c (P) [ 466.443838][ T4650] trans_pgd_create_copy+0x34/0x82c (L) [ 466.444619][ T4650] machine_kexec_post_load+0x158/0x2c0 [ 466.445344][ T4650] do_kexec_load+0x28c/0x2e4 [ 466.446243][ T4650] __arm64_sys_kexec_load+0x9c/0xe8 [ 466.446951][ T4650] invoke_syscall+0x48/0x110 [ 466.447583][ T4650] el0_svc_common.constprop.0+0x40/0xe0 [ 466.448275][ T4650] do_el0_svc+0x1c/0x28 [ 466.448891][ T4650] el0_svc+0x30/0xe0 [ 466.449500][ T4650] el0t_64_sync_handler+0x10c/0x138 [ 466.450340][ T4650] el0t_64_sync+0x1a4/0x1a8 [ 466.451652][ T4650] Code: f900027c a94573fb 1400017a b40007c0 (f9400040) [ 466.452761][ T4650] ---[ end trace 0000000000000000 ]--- [ 466.453765][ T4650] Kernel panic - not syncing: Oops: Fatal exception [ 466.454716][ T4650] SMP: stopping secondary CPUs [ 466.456554][ T4650] Kernel Offset: disabled [ 466.457591][ T4650] CPU features: 0x00,00000034,189ef2f8,2b67f6bf [ 466.459437][ T4650] Memory Limit: none [ 466.460729][ T4650] Rebooting in 86400 seconds.. VM DIAGNOSIS: 20:38:20 Registers: info registers vcpu 0 CPU#0 PC=ffff800081a5fb1c X00=fff000007f8d0c00 X01=00000000000000c0 X02=0000000000000011 X03=7fffffffffffffff X04=0000000000000041 X05=0000006c8a7e4900 X06=0000006c89e5b280 X07=7fffffffffffffff X08=0000006c89e5b280 X09=0000000000000001 X10=0000000000000006 X11=0000000000000001 X12=0000000000000001 X13=00000000000000a8 X14=0000000000000009 X15=ffff8000886e35e0 X16=ffff800080000000 X17=fff07ffffd1b7000 X18=0000000000000010 X19=fff000007f8d0c00 X20=0000006c8a064880 X21=00000000000000c0 X22=0000006c89e889a0 X23=0000000000000003 X24=7fffffffffffffff X25=fff000007f8d0c0c X26=fff000007f8d0d38 X27=fff000007f8d0cf8 X28=fff000007f8d0cb8 X29=ffff800080003f00 X30=ffff80008015c4f0 SP=ffff800080003f00 PSTATE=204000c9 --C- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6418:0000ffffa54d6430 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6428:0000ffffa54d6470 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa603ca20:0000ffffa54d6410 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6448:0000ffffa54d6420 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6458:0000ffffa54d6450 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6458:0000ffffa54d6450 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffa54d6468:0000ffffa54d6460 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffc60d0fd0:0000ffffc60d0fd0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffc60d0fa0 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800081a54f4c X00=ffff800081a54f48 X01=f9f0000005ee0000 X02=f9f0000005ee0000 X03=fff000007f8eefe8 X04=ffff80008276d438 X05=000073746e657665 X06=0000000000000020 X07=f5f0000003bdef80 X08=f9f0000005ee11d8 X09=d9d14fb4439e7972 X10=247b9d0c453b0daf X11=0000006c98061a20 X12=0000000000000000 X13=0000000000000000 X14=f9f0000005ee0080 X15=0000fffff4d77aa8 X16=ffff800080008000 X17=fff07ffffd1cf000 X18=0000000000000000 X19=0000000000000000 X20=ffff800082851008 X21=ffff800082851000 X22=ffff80008276d3c0 X23=0000000000000004 X24=ffff800082851008 X25=0000000000000028 X26=fff000007f8eefe8 X27=0000000000000000 X28=0000000000000000 X29=ffff8000887a3d00 X30=ffff80008016cd94 SP=ffff8000887a3d00 PSTATE=60400009 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00524f5252450040:0000000000000000 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00524f5252450040:0000000000000000 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6edc4d3a2914b135:d8e9c869e2695c88 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff4d77ac0:0000fffff4d77ac0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000fffff4d77a90 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000