last executing test programs: 25.735179123s ago: executing program 1 (id=229): sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000340)='kfree\x00', r0}, 0x18) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1) sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01030000000000000000320000000c009900000000000000000005001801"], 0x40}}, 0x0) 25.454065327s ago: executing program 1 (id=230): setreuid(0x0, 0xee00) unshare(0x480) 25.356700211s ago: executing program 1 (id=231): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x2, 0x0) r2 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000) sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x68, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x38, 0x2, [@TCA_FLOW_ACT={0x34, 0x9, 0x0, 0x1, [@m_mirred={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x68}}, 0x0) 25.066408487s ago: executing program 1 (id=232): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(0x0, &(0x7f0000000400)='./file0/../file0\x00', 0x0, 0x84000, 0x0) 24.903662694s ago: executing program 1 (id=233): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0) mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0) mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) umount2(&(0x7f00000006c0)='./file0/file0\x00', 0x0) 24.59365206s ago: executing program 1 (id=236): socket(0x11, 0x3, 0x4000000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) pwritev2(r0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x5412, 0x0, 0x0) statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x100, 0x100, 0x0) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000400)={0x84, 0x4, 0x1, 0x8, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @private2]}, 0x28) r2 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) fallocate(r2, 0x0, 0x0, 0x200) 24.569951862s ago: executing program 32 (id=236): socket(0x11, 0x3, 0x4000000) r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0xf0) pwritev2(r0, &(0x7f00000000c0)=[{0x0}], 0x1, 0x5412, 0x0, 0x0) statx(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x100, 0x100, 0x0) r1 = socket$inet6_icmp(0xa, 0x2, 0x3a) setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000400)={0x84, 0x4, 0x1, 0x8, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}, @private2]}, 0x28) r2 = openat(0xffffffffffffff9c, 0x0, 0x42, 0x0) fallocate(r2, 0x0, 0x0, 0x200) 3.18955598s ago: executing program 2 (id=294): bpf$MAP_CREATE(0x0, 0x0, 0x50) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[], 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x48) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2) sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) 2.364445911s ago: executing program 2 (id=295): symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x20040, 0x0) ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x1018, 0xffffffffffffffff, {0x1}}, './file0\x00'}) 2.079002155s ago: executing program 2 (id=297): openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) r0 = io_uring_setup(0x6ecd, &(0x7f0000000140)={0x0, 0x49fd, 0x10003, 0x20002, 0x185}) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r1) r2 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c) listen(r2, 0x0) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) r4 = accept(r1, 0x0, 0x0) sendmsg$TEAM_CMD_OPTIONS_SET(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x40001}, 0x1) close_range(r0, 0xffffffffffffffff, 0x0) 1.482583266s ago: executing program 0 (id=300): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000ac0)=@allocspi={0x104, 0x16, 0x1, 0x0, 0x0, {{{@in, @in6=@mcast1}, {@in6=@loopback, 0x0, 0x32}, @in6=@private2, {}, {}, {0x0, 0xc08}}}, [@mark={0xc}]}, 0x104}}, 0x0) 1.370056591s ago: executing program 0 (id=301): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000840)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) r2 = socket$kcm(0x29, 0x2, 0x0) sendmmsg$inet(r2, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000600)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x4) close(r2) 1.19423948s ago: executing program 2 (id=302): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10) r1 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$can_raw(r1, &(0x7f00000005c0), 0x10) read(r1, &(0x7f00000027c0)=""/4073, 0xfe9) setsockopt$CAN_RAW_RECV_OWN_MSGS(r1, 0x65, 0x4, &(0x7f00000008c0)=0x1, 0x4) sendmsg$can_raw(r1, &(0x7f0000000240)={&(0x7f0000000780)={0x1d, r2}, 0x10, &(0x7f0000000200)={&(0x7f00000007c0)=@can={{0x2, 0x0, 0x1, 0x1}, 0x1, 0x3f57955e7be81d83, 0x0, 0x0, "f97003b8750e5566"}, 0x10}}, 0x4000040) 1.19384748s ago: executing program 0 (id=303): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x2400, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x20010814) close(r2) 549.014862ms ago: executing program 0 (id=304): mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) 457.045267ms ago: executing program 2 (id=305): r0 = add_key$keyring(&(0x7f0000000500), &(0x7f00000003c0)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff) r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x20}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1004}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0xeb48195b69e85694, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r2, 0x0, 0x5}, 0x18) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, &(0x7f0000000000)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', 0x0, 0x2}) 456.675488ms ago: executing program 0 (id=306): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000280)={'pim6reg1\x00', 0x2}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r2}, 0x10) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000140)={'pim6reg1\x00', @broadcast}) 267.429117ms ago: executing program 2 (id=307): r0 = socket$netlink(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1, 0x0, 0x8}, 0x18) r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x8000) 0s ago: executing program 0 (id=308): r0 = socket(0x28, 0x5, 0x0) bind$vsock_stream(r0, &(0x7f0000000040), 0x10) listen(r0, 0x0) r1 = socket(0x28, 0x5, 0x0) connect$vsock_stream(r1, &(0x7f0000000080), 0x10) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) write$tun(r2, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x452c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0xffffdd86}}}}}}}, 0xfdef) setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000180)={0x1, 0x5}, 0x8) sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x11}}], 0x1, 0x24008094) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:35936' (ED25519) to the list of known hosts. syzkaller login: [ 126.268384][ T3304] cgroup: Unknown subsys name 'net' [ 126.533801][ T3304] cgroup: Unknown subsys name 'cpuset' [ 126.569892][ T3304] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 127.304872][ T3304] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 140.929899][ T3310] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 140.961480][ T3310] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 141.187553][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 141.220009][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 142.639768][ T3310] hsr_slave_0: entered promiscuous mode [ 142.652243][ T3310] hsr_slave_1: entered promiscuous mode [ 143.284797][ T3309] hsr_slave_0: entered promiscuous mode [ 143.294854][ T3309] hsr_slave_1: entered promiscuous mode [ 143.303630][ T3309] debugfs: 'hsr0' already exists in 'hsr' [ 143.304573][ T3309] Cannot create hsr debugfs directory [ 144.279366][ T3310] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 144.361017][ T3310] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 144.423080][ T3310] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 144.494124][ T3310] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 144.790070][ T3309] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 144.815545][ T3309] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 144.835327][ T3309] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 144.860055][ T3309] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 146.154662][ T3310] 8021q: adding VLAN 0 to HW filter on device bond0 [ 146.412973][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0 [ 151.850103][ T3310] veth0_vlan: entered promiscuous mode [ 151.960820][ T3310] veth1_vlan: entered promiscuous mode [ 152.065635][ T3309] veth0_vlan: entered promiscuous mode [ 152.181965][ T3309] veth1_vlan: entered promiscuous mode [ 152.242813][ T3310] veth0_macvtap: entered promiscuous mode [ 152.334321][ T3310] veth1_macvtap: entered promiscuous mode [ 152.539456][ T3309] veth0_macvtap: entered promiscuous mode [ 152.627627][ T3309] veth1_macvtap: entered promiscuous mode [ 152.665013][ T40] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.673960][ T40] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.674967][ T40] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.675372][ T40] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.927089][ T146] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.930895][ T146] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.937757][ T146] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 152.941614][ T146] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 153.562088][ T3309] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 153.958865][ T3457] netlink: 256 bytes leftover after parsing attributes in process `syz.1.2'. [ 153.959512][ T3457] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2'. [ 164.218794][ T11] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 164.397507][ T11] usb 1-1: Using ep0 maxpacket: 32 [ 164.457820][ T11] usb 1-1: config 0 has no interfaces? [ 164.492365][ T11] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 164.498671][ T11] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 164.507618][ T11] usb 1-1: Product: syz [ 164.514193][ T11] usb 1-1: Manufacturer: syz [ 164.519142][ T11] usb 1-1: SerialNumber: syz [ 164.568405][ T11] usb 1-1: config 0 descriptor?? [ 164.821276][ T11] usb 1-1: USB disconnect, device number 2 [ 166.321416][ T3507] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 166.329536][ T3507] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.797696][ T3515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.902208][ T3515] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.586528][ T3515] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 168.663325][ T3515] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 171.785562][ T3528] random: crng reseeded on system resumption [ 174.065548][ T3535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 174.079588][ T3535] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 174.517272][ T3396] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 174.716705][ T3396] usb 1-1: Using ep0 maxpacket: 32 [ 174.739252][ T3396] usb 1-1: config 1 interface 0 altsetting 16 bulk endpoint 0x3 has invalid maxpacket 1024 [ 174.742058][ T3396] usb 1-1: config 1 interface 0 has no altsetting 0 [ 174.748993][ T3396] usb 1-1: language id specifier not provided by device, defaulting to English [ 174.774463][ T3396] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 174.777280][ T3396] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 174.779341][ T3396] usb 1-1: Product: syz [ 174.780452][ T3396] usb 1-1: Manufacturer: 黥렰윑ﰡﮜ䊘姠䗁ᴁ⽅될鈘銯臛胦ᾶⲄ䰒뿁딸䔘࣮󶣠 [ 174.782451][ T3396] usb 1-1: SerialNumber: syz [ 174.820371][ T3541] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 175.080271][ T3396] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -71 [ 175.118102][ T3396] usb 1-1: USB disconnect, device number 3 [ 175.342213][ T3547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.33'. [ 175.342878][ T3547] netlink: 20 bytes leftover after parsing attributes in process `syz.0.33'. [ 175.455129][ T3545] block device autoloading is deprecated and will be removed. [ 175.976679][ T9] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 176.171601][ T9] usb 1-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 176.172382][ T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 176.176742][ T9] usb 1-1: Product: syz [ 176.176953][ T9] usb 1-1: Manufacturer: syz [ 176.177111][ T9] usb 1-1: SerialNumber: syz [ 176.212078][ T9] usb 1-1: config 0 descriptor?? [ 176.440686][ T9] usb 1-1: ignoring: probably an ADSL modem [ 182.223974][ T3574] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 182.230324][ T3574] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 182.410324][ T3577] input: syz1 as /devices/virtual/input/input1 [ 185.503870][ T3585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 185.509647][ T3585] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 186.730975][ T3246] usb 1-1: USB disconnect, device number 4 [ 198.570324][ T3659] binder: 3657:3659 ioctl 541b 0 returned -22 [ 199.419397][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.424706][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.433493][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.437461][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.440162][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.442694][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.446358][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.448984][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.451397][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.453817][ T3396] hid-generic 000C:0002:0ED3.0001: unknown main item tag 0x0 [ 199.470965][ T3396] hid-generic 000C:0002:0ED3.0001: hidraw0: HID v0.20 Device [syz0] on syz1 [ 200.627690][ T30] audit: type=1326 audit(200.410:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.638910][ T30] audit: type=1326 audit(200.430:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.646595][ T30] audit: type=1326 audit(200.430:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.672255][ T30] audit: type=1326 audit(200.460:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.689655][ T30] audit: type=1326 audit(200.460:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.706763][ T30] audit: type=1326 audit(200.460:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.713343][ T30] audit: type=1326 audit(200.500:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.713797][ T30] audit: type=1326 audit(200.500:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.738309][ T30] audit: type=1326 audit(200.500:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=459 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.744759][ T30] audit: type=1326 audit(200.530:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3692 comm="syz.0.95" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 200.832093][ T3678] fido_id[3678]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 205.419346][ T3736] Driver unsupported XDP return value 0 on prog (id 1) dev N/A, expect packet loss! [ 206.631311][ T30] kauditd_printk_skb: 9 callbacks suppressed [ 206.634410][ T30] audit: type=1326 audit(206.420:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3737 comm="syz.1.110" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7fc00000 [ 206.653784][ T30] audit: type=1326 audit(206.440:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3737 comm="syz.1.110" exe="/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffab35af28 code=0x7fc00000 [ 206.678180][ T30] audit: type=1326 audit(206.450:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3737 comm="syz.1.110" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7fc00000 [ 209.534246][ T30] audit: type=1326 audit(209.320:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3767 comm="syz.0.122" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 209.535015][ T30] audit: type=1326 audit(209.320:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3767 comm="syz.0.122" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 209.558085][ T30] audit: type=1326 audit(209.320:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3767 comm="syz.0.122" exe="/syz-executor" sig=0 arch=c00000b7 syscall=227 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 209.580448][ T30] audit: type=1326 audit(209.350:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3767 comm="syz.0.122" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 209.581269][ T30] audit: type=1326 audit(209.370:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3767 comm="syz.0.122" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 211.927320][ T3782] netlink: 'syz.1.128': attribute type 1 has an invalid length. [ 212.424001][ T3782] 8021q: adding VLAN 0 to HW filter on device bond1 [ 212.662641][ T3782] bond1: (slave gretap1): making interface the new active one [ 212.694667][ T3782] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 215.235332][ T3810] usb usb1: usbfs: process 3810 (syz.1.141) did not claim interface 0 before use [ 215.389340][ T3812] netlink: 24 bytes leftover after parsing attributes in process `syz.1.142'. [ 215.782212][ T30] audit: type=1326 audit(215.570:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3815 comm="syz.1.144" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 215.810743][ T30] audit: type=1326 audit(215.570:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3815 comm="syz.1.144" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 215.827413][ T30] audit: type=1326 audit(215.600:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3815 comm="syz.1.144" exe="/syz-executor" sig=0 arch=c00000b7 syscall=153 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 215.848911][ T30] audit: type=1326 audit(215.640:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3815 comm="syz.1.144" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 215.849814][ T30] audit: type=1326 audit(215.640:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3815 comm="syz.1.144" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 216.637344][ T3832] netlink: 8 bytes leftover after parsing attributes in process `syz.1.151'. [ 217.892913][ T30] audit: type=1326 audit(217.680:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3842 comm="syz.1.156" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 217.900188][ T30] audit: type=1326 audit(217.680:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3842 comm="syz.1.156" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 217.908192][ T30] audit: type=1326 audit(217.690:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3842 comm="syz.1.156" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 217.915344][ T30] audit: type=1326 audit(217.700:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3842 comm="syz.1.156" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 217.924248][ T30] audit: type=1326 audit(217.710:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3842 comm="syz.1.156" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffab35af28 code=0x7ffc0000 [ 218.932138][ T3853] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) ! [ 220.835431][ T3864] netlink: 4 bytes leftover after parsing attributes in process `syz.1.165'. [ 221.030092][ T3396] hid-generic 03FF:0005:0001.0002: hidraw0: HID v8.00 Device [syz0] on syz1 [ 221.441670][ T3868] fido_id[3868]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 223.234925][ T3883] netlink: 28 bytes leftover after parsing attributes in process `syz.0.172'. [ 223.675456][ T3885] tmpfs: Bad value for 'mpol' [ 224.272890][ T3894] netlink: 4 bytes leftover after parsing attributes in process `+}[@'. [ 224.278287][ T3894] netlink: 12 bytes leftover after parsing attributes in process `+}[@'. [ 224.804185][ T3902] RDS: rds_bind could not find a transport for fe88::2, load rds_tcp or rds_rdma? [ 225.271870][ T3910] syz.0.183 uses obsolete (PF_INET,SOCK_PACKET) [ 226.728766][ T3929] pim6reg1: entered promiscuous mode [ 226.729566][ T3929] pim6reg1: entered allmulticast mode [ 229.053037][ T3934] netlink: 104 bytes leftover after parsing attributes in process `syz.1.192'. [ 229.351149][ T3937] netlink: 16 bytes leftover after parsing attributes in process `syz.1.193'. [ 229.653758][ T3942] Zero length message leads to an empty skb [ 231.170234][ T3960] netlink: 44 bytes leftover after parsing attributes in process `syz.1.201'. [ 231.181720][ T3954] netlink: 44 bytes leftover after parsing attributes in process `syz.1.201'. [ 231.905130][ T30] kauditd_printk_skb: 11 callbacks suppressed [ 231.915539][ T30] audit: type=1326 audit(231.690:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.933493][ T30] audit: type=1326 audit(231.700:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=461 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.934306][ T30] audit: type=1326 audit(231.700:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.934684][ T30] audit: type=1326 audit(231.700:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=134 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.935044][ T30] audit: type=1326 audit(231.700:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.935435][ T30] audit: type=1326 audit(231.710:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.972163][ T30] audit: type=1326 audit(231.720:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=279 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.981103][ T30] audit: type=1326 audit(231.720:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.989394][ T30] audit: type=1326 audit(231.720:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 231.998212][ T30] audit: type=1326 audit(231.730:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=3961 comm="syz.0.204" exe="/syz-executor" sig=0 arch=c00000b7 syscall=47 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 235.580016][ T4015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 235.582707][ T4015] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 236.914827][ T30] kauditd_printk_skb: 112 callbacks suppressed [ 236.915560][ T30] audit: type=1326 audit(236.700:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 236.923191][ T30] audit: type=1326 audit(236.710:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 236.939803][ T30] audit: type=1326 audit(236.730:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 236.951367][ T30] audit: type=1326 audit(236.730:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 236.976237][ T30] audit: type=1326 audit(236.750:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 236.976921][ T30] audit: type=1326 audit(236.760:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 237.000144][ T30] audit: type=1326 audit(236.790:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 237.014412][ T30] audit: type=1326 audit(236.800:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 237.024465][ T30] audit: type=1326 audit(236.810:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 237.035019][ T30] audit: type=1326 audit(236.820:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4009 comm="syz.0.223" exe="/syz-executor" sig=0 arch=c00000b7 syscall=133 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 241.645048][ T4073] macvlan1: entered promiscuous mode [ 241.669944][ T4073] ipvlan0: entered promiscuous mode [ 241.684768][ T4073] ipvlan0: left promiscuous mode [ 241.690798][ T4073] macvlan1: left promiscuous mode [ 242.315021][ T4080] vlan2: entered allmulticast mode [ 242.323972][ T4080] bridge_slave_0: entered allmulticast mode [ 244.713343][ T4040] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 244.763474][ T4040] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 245.709492][ T4110] netlink: 44 bytes leftover after parsing attributes in process `syz.0.256'. [ 245.712197][ T4105] netlink: 44 bytes leftover after parsing attributes in process `syz.0.256'. [ 246.173017][ T4117] netlink: 16 bytes leftover after parsing attributes in process `wޣ'. [ 246.428714][ T4040] hsr_slave_0: entered promiscuous mode [ 246.434763][ T4040] hsr_slave_1: entered promiscuous mode [ 246.440497][ T4040] debugfs: 'hsr0' already exists in 'hsr' [ 246.440763][ T4040] Cannot create hsr debugfs directory [ 246.953307][ T4126] netlink: 156 bytes leftover after parsing attributes in process `syz.0.261'. [ 246.959168][ T4126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.261'. [ 248.226723][ T4040] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 248.250155][ T4040] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 248.289323][ T4040] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 248.325082][ T4040] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 249.414500][ T30] kauditd_printk_skb: 63 callbacks suppressed [ 249.420222][ T30] audit: type=1326 audit(249.200:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4153 comm="syz.0.269" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 249.430773][ T30] audit: type=1326 audit(249.220:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4153 comm="syz.0.269" exe="/syz-executor" sig=0 arch=c00000b7 syscall=277 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 249.447836][ T30] audit: type=1326 audit(249.230:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4153 comm="syz.0.269" exe="/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x0 [ 249.863759][ T4040] 8021q: adding VLAN 0 to HW filter on device bond0 [ 252.414666][ T30] audit: type=1326 audit(252.200:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.432972][ T30] audit: type=1326 audit(252.220:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.442950][ T30] audit: type=1326 audit(252.230:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.458976][ T30] audit: type=1326 audit(252.250:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.466591][ T30] audit: type=1326 audit(252.250:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.481453][ T30] audit: type=1326 audit(252.270:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 252.497017][ T30] audit: type=1326 audit(252.270:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4175 comm="syz.0.272" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 254.534312][ T4040] veth0_vlan: entered promiscuous mode [ 254.579431][ T4040] veth1_vlan: entered promiscuous mode [ 254.680678][ T4195] netlink: 16 bytes leftover after parsing attributes in process `syz.0.274'. [ 254.761123][ T4040] veth0_macvtap: entered promiscuous mode [ 254.813971][ T4040] veth1_macvtap: entered promiscuous mode [ 254.821670][ T4199] netlink: 14 bytes leftover after parsing attributes in process `syz.0.275'. [ 255.113840][ T146] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.131134][ T146] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.154436][ T146] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 255.161553][ T146] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 257.954883][ T4230] process 'syz.2.284' launched './file1' with NULL argv: empty string added [ 258.619638][ T4241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'. [ 258.624837][ T4241] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'. [ 258.633794][ T30] kauditd_printk_skb: 2 callbacks suppressed [ 258.638547][ T30] audit: type=1326 audit(258.420:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4238 comm="syz.0.289" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 258.647089][ T30] audit: type=1326 audit(258.430:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4238 comm="syz.0.289" exe="/syz-executor" sig=0 arch=c00000b7 syscall=31 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 258.656710][ T30] audit: type=1326 audit(258.430:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4238 comm="syz.0.289" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb315af28 code=0x7ffc0000 [ 260.892953][ T30] audit: type=1107 audit(260.680:260): pid=4263 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='h' [ 261.618846][ T30] audit: type=1326 audit(261.410:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 261.627426][ T30] audit: type=1326 audit(261.410:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 261.641031][ T30] audit: type=1326 audit(261.410:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 261.656626][ T30] audit: type=1326 audit(261.410:264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 261.665517][ T30] audit: type=1326 audit(261.420:265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 261.673089][ T30] audit: type=1326 audit(261.420:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4272 comm="syz.2.302" exe="/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff9e75af28 code=0x7ffc0000 [ 262.544957][ T4283] pim6reg1: entered promiscuous mode [ 262.545479][ T4283] pim6reg1: entered allmulticast mode [ 262.670154][ T4285] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.807046][ T4285] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.918764][ T4285] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 262.949287][ T4287] ------------[ cut here ]------------ [ 262.949727][ T4287] 'send_pkt()' returns 0, but 65536 expected [ 262.955191][ T4287] WARNING: CPU: 1 PID: 4287 at net/vmw_vsock/virtio_transport_common.c:426 virtio_transport_send_pkt_info+0x260/0x3f8 [ 262.964854][ T4287] Modules linked in: [ 262.969497][ T4287] CPU: 1 UID: 0 PID: 4287 Comm: syz.0.308 Not tainted 6.16.0-syzkaller-12063-g37816488247d #0 PREEMPT [ 262.970950][ T4287] Hardware name: linux,dummy-virt (DT) [ 262.971896][ T4287] pstate: 61402009 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--) [ 262.972726][ T4287] pc : virtio_transport_send_pkt_info+0x260/0x3f8 [ 262.973506][ T4287] lr : virtio_transport_send_pkt_info+0x260/0x3f8 [ 262.974194][ T4287] sp : ffff80008a6f38f0 [ 262.974738][ T4287] x29: ffff80008a6f38f0 x28: f5f0000006067680 x27: 0000000000000001 [ 262.976387][ T4287] x26: f1f000000d6b1f60 x25: 00000000ffffffff x24: faf000000b240a00 [ 262.979249][ T4287] x23: 0000000000010000 x22: ffff800082b8a740 x21: f1f000000d6b1f6c [ 262.980389][ T4287] x20: 0000000000010000 x19: ffff80008a6f39b0 x18: 00000000ffffffff [ 262.981489][ T4287] x17: 0000000000000000 x16: 0000000000000000 x15: ffff8000830c39f0 [ 262.982569][ T4287] x14: 000000000000023f x13: 0000000000000000 x12: ffff800082911258 [ 262.983621][ T4287] x11: 00000000000000c0 x10: 6472c3b4afcaf368 x9 : 889a46ad18774042 [ 262.984748][ T4287] x8 : f5f000000a064978 x7 : 0000000000000004 x6 : 0000002ccc6e776d [ 262.986130][ T4287] x5 : 0000000000000002 x4 : fbffff3fffffffff x3 : 000000000000ffff [ 262.987330][ T4287] x2 : 0000000000000000 x1 : 0000000000000000 x0 : f5f000000a063780 [ 262.988628][ T4287] Call trace: [ 262.989429][ T4287] virtio_transport_send_pkt_info+0x260/0x3f8 (P) [ 262.990486][ T4287] virtio_transport_seqpacket_enqueue+0x80/0xc0 [ 262.991328][ T4287] vsock_connectible_sendmsg+0x35c/0x3a4 [ 262.992049][ T4287] __sock_sendmsg+0x54/0x60 [ 262.992724][ T4287] ____sys_sendmsg+0x190/0x29c [ 262.993466][ T4287] ___sys_sendmsg+0xac/0x100 [ 262.994140][ T4287] __sys_sendmmsg+0x104/0x258 [ 262.994805][ T4287] __arm64_sys_sendmmsg+0x28/0x38 [ 262.995443][ T4287] invoke_syscall+0x48/0x110 [ 262.996367][ T4287] el0_svc_common.constprop.0+0x40/0xe0 [ 262.997223][ T4287] do_el0_svc+0x1c/0x28 [ 262.997864][ T4287] el0_svc+0x34/0x10c [ 262.998524][ T4287] el0t_64_sync_handler+0xa0/0xe4 [ 262.999257][ T4287] el0t_64_sync+0x1a4/0x1a8 [ 263.000261][ T4287] ---[ end trace 0000000000000000 ]--- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 263.161947][ T4285] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 263.700593][ T158] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.781212][ T158] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.851491][ T1449] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 263.876996][ T158] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 267.367243][ T158] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.433517][ T158] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.513681][ T158] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 267.599436][ T158] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 268.794006][ T158] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 268.847052][ T158] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 268.892184][ T158] bond0 (unregistering): Released all slaves [ 269.118450][ T158] hsr_slave_0: left promiscuous mode [ 269.134825][ T158] hsr_slave_1: left promiscuous mode [ 269.172721][ T158] veth1_macvtap: left promiscuous mode [ 269.177641][ T158] veth0_macvtap: left promiscuous mode [ 269.180460][ T158] veth1_vlan: left promiscuous mode [ 269.183057][ T158] veth0_vlan: left promiscuous mode [ 273.582011][ T2118] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.695171][ T2118] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.799764][ T2118] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 273.911559][ T2118] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 275.382658][ T2118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 275.419446][ T2118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 275.472350][ T2118] bond0 (unregistering): Released all slaves [ 275.693245][ T2118] hsr_slave_0: left promiscuous mode [ 275.703368][ T2118] hsr_slave_1: left promiscuous mode [ 275.724173][ T2118] veth1_macvtap: left promiscuous mode [ 275.724759][ T2118] veth0_macvtap: left promiscuous mode [ 275.725496][ T2118] veth1_vlan: left promiscuous mode [ 275.726974][ T2118] veth0_vlan: left promiscuous mode VM DIAGNOSIS: 10:21:39 Registers: info registers vcpu 0 CPU#0 PC=ffff8000808a007c X00=0000000000000001 X01=ffff8000830dd004 X02=fdf0000004333240 X03=0000000000000004 X04=0000000000000001 X05=0000000000000004 X06=f8f0000004593000 X07=fdf0000004332000 X08=0000000000000128 X09=000000000000000d X10=0000000000000000 X11=f5f0000004d3f828 X12=0000000000000000 X13=0000000000000001 X14=0000000000000102 X15=ffff800081b63bd0 X16=ffff800080000000 X17=fff07ffffcfe1000 X18=0000000000000000 X19=fdf0000003eb9600 X20=0000000000000000 X21=f5f0000004d3f800 X22=f5f0000003103400 X23=f5f0000004d3f800 X24=f5f0000004d3f808 X25=0000000000000000 X26=0000000000000040 X27=000000000000000c X28=f9f000000b240100 X29=ffff8000800032b0 X30=ffff800080896b98 SP=ffff8000800032b0 PSTATE=00402009 ---- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0a0a0a0a0a0a0a0a:0a0a0a0a0a0a0a0a Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:223d657865202232:30332e0000646574 Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:7562202c3020736e:7275746572202729 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000ffff000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:00000000000ff000 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6574636570786520:3633353536207475 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:7265747369676572:6e752820316d6973 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:202c315b20746573:6e75203a29676e69 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000fffff6afcf70:0000fffff6afcf70 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd8:0000fffff6afcf40 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 info registers vcpu 1 CPU#1 PC=ffff800081ae5364 X00=0000000000000000 X01=f5f000000d533e40 X02=0000000000000000 X03=0000000000000000 X04=0000000000000000 X05=f5f000000a063780 X06=00000000000affa8 X07=ffff80008293f188 X08=c0000000ffffdfff X09=000000000002ffe8 X10=0000000000000001 X11=0000000000000001 X12=ffff8000829ef210 X13=ffff80008a6f33d8 X14=00000000ffffffea X15=ffff80008a6f3020 X16=0000000000000000 X17=0000000000000000 X18=00000000ffffffff X19=ffff80008a6f37a0 X20=f5f000000a063f00 X21=ffff80008261ce80 X22=ffff800081aa1dd8 X23=0000000000000009 X24=0000000000000001 X25=00000000000010bf X26=0000000000000000 X27=000000000000001d X28=f5f000000a063780 X29=ffff80008a6f3540 X30=ffff800081ae5364 SP=ffff80008a6f3510 PSTATE=624023c9 -ZC- EL2h SVCR=00000000 -- BTYPE=0 FPCR=00000000 FPSR=00000000 P00=0000000000000000 P01=0000000000000000 P02=0000000000000000 P03=0000000000000000 P04=0000000000000000 P05=0000000000000000 P06=0000000000000000 P07=0000000000000000 P08=0000000000000000 P09=0000000000000000 P10=0000000000000000 P11=0000000000000000 P12=0000000000000000 P13=0000000000000000 P14=0000000000000000 P15=0000000000000000 FFR=0000000000000000 Z00=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:2525252525252525:2525252525252525 Z01=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:000000756c6c2570:6f6f6c2f7665642f Z02=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:fff000f0000000f0 Z03=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff000000ff00:0000000000000000 Z04=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:fff000f000000000 Z05=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:bb448243222c92da:e3914ed4e87380b0 Z06=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:6edc4d3a2914b135:d8e9c869e2695c88 Z07=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:b20fae707afde253:388e9c6c4fa85ca0 Z08=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z09=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z10=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z11=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z12=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z13=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z14=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z15=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z16=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000ffffc64584a0:0000ffffc64584a0 Z17=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:ffffff80ffffffd0:0000ffffc6458470 Z18=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z19=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z20=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z21=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z22=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z23=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z24=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z25=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z26=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z27=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z28=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z29=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z30=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000 Z31=0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000:0000000000000000