last executing test programs: 5.759833098s ago: executing program 0 (id=564): socket(0x21, 0x1, 0x2) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="3dff00000000000000000500f9ff070003"], 0x1c}}, 0x0) r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1}) socket$nl_netfilter(0x10, 0x3, 0xc) r3 = socket$inet_udplite(0x2, 0x2, 0x88) bind$inet(r3, 0x0, 0x0) setsockopt$sock_int(r3, 0x1, 0x28, &(0x7f0000000200)=0x5, 0x4) sendto$inet(r3, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x38}}, 0x10) recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) r4 = getpid() r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002140)={&(0x7f0000000180)='tlb_flush\x00', r5}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r6 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) sendfile(r6, 0xffffffffffffffff, 0x0, 0x0) openat$uinput(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) socket$inet6_mptcp(0xa, 0x1, 0x106) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000002840)=@newqdisc={0x1c4, 0x24, 0x0, 0x0, 0x0, {}, [@TCA_STAB={0x188, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x7, 0xd0, 0x88, 0x8000, 0x1, 0x0, 0x4, 0x2}}, {0x8, 0x2, [0xffff, 0x0]}}, {{0x1c, 0x1, {0x7, 0xc0, 0x3, 0x0, 0x0, 0x4, 0x4, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x7, 0x5, 0x1f, 0x5, 0x2, 0x5, 0x0, 0x1}}, {0x6, 0x2, [0x0]}}, {{0x1c, 0x1, {0x6, 0x8, 0xfffd, 0x0, 0x2, 0x7, 0x8, 0x3}}, {0xa, 0x2, [0x200, 0x0, 0x4]}}, {{0x1c, 0x1, {0x3f, 0x1, 0xbcf, 0x1, 0x0, 0x7, 0x7fffffff, 0x6}}, {0x10, 0x2, [0x200, 0x8, 0x4, 0x0, 0x8, 0x984a]}}, {{0x1c, 0x1, {0x4, 0x4, 0x6, 0x2, 0x2, 0x272, 0x10000, 0x3}}, {0xa, 0x2, [0x100, 0x814, 0x0]}}, {{0x1c, 0x1, {0x7, 0x1, 0x101, 0x200, 0x0, 0x81, 0x5, 0x8}}, {0x14, 0x2, [0x7, 0x3ff, 0x2, 0x1, 0x81, 0x7ff, 0x0, 0x7]}}, {{0x1c, 0x1, {0x0, 0x80, 0x4, 0x2, 0x1, 0x7fff, 0x0, 0x2}}, {0x8, 0x2, [0x8001, 0x44]}}, {{0x1c, 0x1, {0x3f, 0x2, 0x6, 0xfffffffe, 0x2, 0x1, 0x0, 0x1}}, {0x6, 0x2, [0x7]}}, {{0x1c, 0x1, {0x7f, 0x7, 0x7, 0x7, 0x1, 0x9, 0x2, 0x1}}, {0x6, 0x2, [0x1]}}]}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}, @TCA_EGRESS_BLOCK={0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1}]}, 0x1c4}}, 0x0) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000740)={'wlan1\x00', 0x0}) r10 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r9, @ANYBLOB="1d005b"], 0x3c}}, 0x0) syz_open_dev$I2C(&(0x7f0000003000), 0x1, 0x0) 4.632606194s ago: executing program 0 (id=567): r0 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001403) r4 = memfd_create(&(0x7f0000004480)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\xb9\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\x01\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00#\x00d\x1d\x06sNE4{\xdev\f\xbe\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xc1pI[\x1c\x00\x00\x00\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb80x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_START_AP(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000740)={0x80, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x2d, 0xe, {{{}, {}, @broadcast, @device_b}, 0x0, @default, 0x0, @void, @void, @void, @void, @void, @void, @val={0x25, 0x3}, @void, @void, @void, @void, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x18, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0x0, 0x0, 0x0, 0xfffc]}}]}]}]}, 0x80}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_NAN(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r2, 0x200, 0x70bd27, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @val={0xc, 0x99, {0x1, 0x57}}}}, [@NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x30}]}, 0x30}, 0x1, 0x0, 0x0, 0x4c000}, 0x800) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) mknod$loop(&(0x7f0000000180)='./file0\x00', 0x0, 0x1) mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='cifs\x00', 0x48, &(0x7f00000002c0)='cache=none') kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x10000}], 0x320000) pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async) ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x20001403) (async) memfd_create(&(0x7f0000004480)='\x00\xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\xb9\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\x01\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00\x00\x00#\x00d\x1d\x06sNE4{\xdev\f\xbe\xeb0\xdd\xe8\x87\x05=\xfb\x8b$\xdcQ\xee\xc5\x1f\x8bQ\xf7fo\"i\xa1hk\x1d\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xc1pI[\x1c\x00\x00\x00\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94Tr@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\xcb\xaf\xb3\xe3\'}\x18\xe8O\xa8#K\xb80x0}) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000900)={0x24, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x24}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000200)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="0600000000000000c7c89d42033955f9b092651e5d27b65c9f4b12ce3104d371232339c098df35", @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050000000000f8010880800000801400040002000000e000000100000000000000001400040002000000e0000001000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1d0004000a00000000000000fe880000000000000000000000000001000000000800030000000000060005000000000074010080080109807c000080060001000200000008000200ac1414bb0500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000200000008000200000000000500030000000000060001000a00000014000200ff020000000000000000000000000001050003000000000088000080060001000200000008000200e00000020500030000000000060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200fe8000000000000000000000000000000500030000000000060001000a0000001400020000000000000000000000ffffac1414000500030000000000240002002767b524f45e9dfaf001c414581741c92349c3b6661d9864680582bd184ef1a6200004000a00000000000000fe8000000000000000000000000000aa0000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080007000000000008000100", @ANYRES32=r8, @ANYBLOB], 0x248}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04160eaaaaaaaaaa12"], 0x9) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f00000000c0)) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r9) 3.429337624s ago: executing program 0 (id=578): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x324) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$UFFDIO_CONTINUE(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, 0x0, &(0x7f0000000080), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) userfaultfd(0x80001) 3.059746622s ago: executing program 2 (id=583): syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x6) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8) r2 = memfd_create(&(0x7f0000000100)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x4) fcntl$addseals(r2, 0x409, 0x7) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0) r4 = io_uring_setup(0x10004d63, &(0x7f0000000300)={0x0, 0x800877f, 0x8, 0x3, 0xfffffffe}) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f000001b700)=""/4102, 0x1006}], 0x1) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) r5 = creat(&(0x7f0000000000)='./file0\x00', 0x0) r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080), 0xa000, 0x0) write$P9_RSTATu(r6, &(0x7f00000004c0)=ANY=[@ANYBLOB="930200007d00000005f0000000000000000000000000000000000000000000000000000000000000000000000000000000001f00046e6f6465767b6376666f7892ffffff8102000000000031ffcebc920000003800f04a86cec602007dfa673effeb09b5351f5bde05f700000000187b8200b500003b595fcb14034354b9fd9ef196a51cd5157adc8106b494e11200cfc2001000000000000000000000f313f6005500f8f669fb716dcf315ecaf385409ac65b9408678c2c3b9e1d52c36cde7ba4a400b4b0b4f174a666a8529a451b3407dbdab2884baf050000000000000047ec21cabff20f9c1cbe36f4fd1a4cc280e8d489da649a37002c016f6465762d6eb17b2300f9daa5ee23266ecf85fea65e42d979a3fde5f475daf03b1172d97badc7095afd76fe4f0441f7f7741eac030000ecff0000dba0c2f7f09ff53c7e4d1ad66e2d070198019f30118447aa9a74f51685f506ae894806878267d5a1298d792c4a37f2e1cbbd2482929a0d8972b5cf732ea5b0d723859dba3f93aed3b42ee7cac07de09d1d68a60333a882467d2b31aacdf9188549b1125d6c4c9b18c2fb56c57d7dc626e4390796a1eb48274669ab13f8b11d146059f310e2634d593fec65d529f382066664df244e4c90570a70049f399f061f75b7797ce1fe11ea919609d51a41dd3de304bd7c7ed0a456f0ae12516105c9ce887df5a6e0b6a77d596cf88ba6e5c6397c7d5021d7989528fd1739e1c2d87fff00"/550, @ANYRES32=0x0, @ANYRES32=0x0], 0x232) close_range(r5, 0xffffffffffffffff, 0x0) openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0) syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote, 0xc}, 0x20) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x0, &(0x7f0000000100)}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1) 2.349869814s ago: executing program 3 (id=584): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)=ANY=[@ANYRESDEC=r0], 0x7c}, 0x1, 0x0, 0x0, 0x24044850}, 0x0) syz_open_dev$sndctrl(0x0, 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0xc0844123, &(0x7f0000000300)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18020000000000000000000000000000850000000800000095"], &(0x7f0000000040)='GPL\x00'}, 0x90) r2 = socket$inet_udplite(0x2, 0x2, 0x88) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0xffffffffffffff2e}}, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="0202"], 0x60}}, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmmsg(r3, &(0x7f0000001a40)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000600)="51a791bfa427096ebb7891d1886e4c1d3d88b13ba12928074bb56fece257b19bfd0ae3bb7a030150d82623fccf408baa95fb8035cd41a48af63a4fdcdf22d2b996fa2b2dd92fad70537c37ec2767256f9f495bb7b9649887a850e5ef79dff315677960e34a44150a6bdf7764e0bd166f5cd9ca06d2800be512f727826e39aa65a2a470c0dd4176581f306b99b6c34605129632dd715c74af432323328eee1ae4e9de8c70151bcf8c31620046471a379a1c545de835d700e50c548b2928cb078082e16b158935a5ced7b6ea8ac32661a30949c336b1921cb63f", 0xd9}, {&(0x7f00000000c0)="acb10b88af7d57585151ccd6b5306001faf09cb0", 0x14}, {&(0x7f00000002c0)="3fa7db6ad38814f7383b64e5717962705f4a2a", 0x13}, {&(0x7f00000007c0)="75561e551f9fd908ce9cba2de035bb6e3032af6ddd581a4ab25ac49d1fe42291b5d22c8f4e60d693894b07893f7a172391b69d31492d55414320157b98f8fbaae2e1774bd886973e9b3d0a9266564bb4ff66abf569561c01c188953355b84e52772141f0d863410cfa8169911191663176b2ce4c9079691ea63ebfaa94252c6e4dd978f58681b7dcb676da07e94a07175b870ff8e65e3ae3d6c61f5d45343a9d5adc3fe4c71ed000aacad252b47de5d0583c693dca68b72c4c0b00c4a1439d4c7d5a4ced08d910058a0a646e05e0ef7785b538", 0xd3}, {&(0x7f00000008c0)="d624417087bfb1dab15e5b445912bb134c5ddea81fb6d862f9dd2440edb36551dada3a91b32d55e123f9b1b3ac479a20886c436ce11e49ab1a5b5d4091afd8f8c957ca18464584766ba9afff1b98bc1754350f0f66c771892decd15726080d1109ebdfc7a0bb4a3705705958016d7562e1fce5bd4deaefd8a639eb9c764917b1d73ecf5be2319bd412c346d1ef1a418693a4b3fd2abe5b5c0304c2640499a274604cefb6fc6c9361698c5473820fd83a0f649fdc0c014e1f1b67be29b99ac74018", 0xc1}], 0x5, &(0x7f00000004c0)=[{0x90, 0x113, 0x4e944a9d, "3e8e7f84f6cddd8b824a551fd8dc8649608d141767bfe8c548bc1d27533ac491f752de80d08656947400c886986e7bb5764ae8a5e55e001fe21e6cfbc246d46c561fe1e434611ed5828dd2482da0fd2ae94fbd3a8664945bdd6b8808eb006d2e3822c68a2d3aee7885dadc774f1ba36ad759f517c31783d146e803b7117b01121b01ca"}], 0x90}}, {{&(0x7f00000009c0)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x3, 0x1, 0x2, 0x0, {0xa, 0x4e20, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x1}}}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000a40)="564342f5f53ecc725cd146ff789a4aa27dedb9d6eef352f97807ea98f63f3be7aa84fa42f2a5cc3d2d7c5285b457a5fa4ac9fe49357591215f7eb3f01277b661000e9eeafa3c18cd3a58bf0cd3c1d43c441f54adc43b2e821ae880cbc91e25a8cdf15f781709ad", 0x67}, {&(0x7f0000000ac0)="6bcfb7fd73a5fdf5a36dedf54f084f4b322c5052d2f0ed755ca7f2175359fd2aaa33767d27186efe78b1c1729966fda0a7f4bca172b86c35ec9847a85270a32cba3a38e668ceca876cd2d2c7e5505f202d743bc7fbf8b38e", 0x58}], 0x2, &(0x7f0000000b40)=[{0x88, 0x102, 0x5, "b31499112282d667e1f0a2a67aad1e391a8d25629e3a86b7687f98ba83b24bc45d491771cd14da2e86dc521fb04f645023b885095b22b9c98eb34884be21cf0d39d200f342118efbe4c691e15565400cd3cf6abf10fcf701640363e7b138b28a73ec1bde53445f1a2f1f2a620fd39f477da084b59abf7e8c43f89d4d"}, {0xe8, 0x0, 0x1, "147e9f60df0bbc37921c314048e1b8b15ddda3e266d836c736b287115a45d3fa27e1e8af21f847dcb84c92c165b3cc2788bd90200253177b5b072c8f71c4a4566935a957806839b2fa73f4f5fa81c307e04a76ed47013508d30831a1317ea9b56efc8d3534230c18b9b7ee245efb6c9b585f53cc1596785de1ad59f9d37127f37a278b4d54f7636586f5ddd1ea1b9ff5ca0407de1a8cf537e8a59eaee903ce264372b7d5add1dc4a3d79fe4cc19d4ba98c294929462a78a6672868a78acbf25fdacb4590c6638689fa3248efb028b6edde3241ac981f49b61dd4"}, {0x2c, 0x115, 0x48e, "b4d8a933068370e7aab3010b6397a7174b3d7129bb15bf8b55687dfd9e78d797"}, {0x80, 0x10b, 0xc4, "a6de845682349a1ef91ed0ac035755aacdffcf76031d5d0b0c9c3878c7640f6402a6ad9e81b2975bbfaee941b9a91c0ed3f2658e32bc083b2e5cbfe16e367001168d3cfa8736b7144aa846fe3563655f6d12cb532e7bd62201a995b2620fb9e6a004db0a8b5eb5e4c7cce961eb60af9eff"}, {0x70, 0x104, 0x7, "3e46d424b5f8876de18c9f64db4a9bdd128f3101a7850f4897aaa011d39b814a7679b315e38fe709c3b20c4485b8946f138edd896957bb6540a15fdbf6af114a56a354b2e5d449064705ad46e101d3ab8d54bf23e35212cc68f037617a75cbf319197b"}, {0xcc, 0x10d, 0x8, "79d3984a15318f542b14e60c676ef5f63317387955e41bc5815d9aa7a4cf7d69c1f8cad9ab8a4e6c52fc44c463560404de091bc7ad675ab9927e388100760a78e95fe19793f68439c611794ce5fe4a568ed1bdb7933ea2ba5ce3c4a9a0bd30cc909e36d35f0e974f0dd3c4ce16b87700f50359a3dbd846cb38a4da0106b58d3068d4a4bc944abedadee7e093561e201a9894f4711f7b81b1f116bd42d25b610c94fad0cc74f02ba41d313a675480955f5d0da3be5d051e49a8ba181ca0db4142"}, {0xa8, 0x114, 0x4, "00c37ba130a2812430c773e2a99e00cf1847edfa59ae68d705c47e2fa106dd38af8d3de27e30fca1c876915c9d3e70484ab40d8ee54a7e43f2368bd051c9297bc254cae35ee45ef07d25745e5ad67ea3ba4d34d0167fc2257612449b75e12908e694daecbf2e9278e6a90cec36e68b9cb36198b76832bd716b2f646c4c501c989fec5aa9a910fc5a478c4b9402e7d06e28c58957280e31d0e5c4cf4b"}, {0xf4, 0x119, 0x8, "86da4edd5b3a7f3e2e922a4603b0d7701fc5af5dfb308313cb071add1f63c19acda04d6c21a3afc0818b866146ed79dfc881d6ad1b3b8a55a357a4effeda96906953db3f03e4f242315a2cc19e0c94df07a30bd921c2658c5b740e479876fe43ece7f799c82ced894de2a68c213086f86f6b861b282281a8e0e79a471988caaf29cb154c98a2e49a8d4a193b2da2bec9ccdab357a79303234db9dff4541e6281ccc8ba6ce9a0b3e0b1333f75600f691679cd040b02fdc8b292e4e45bad10c7c5910c7c1a67f680492b3050eb4220cec0023e063b682fd089f95704a399fa32ddfeb08a84ab80"}, {0xa4, 0x102, 0xf, "a55cbddbe92dfbb77a90337f495b256a493ba8eb107b9dcddc1f29d3744ddf51b4f968a9a7d13a73568d9c08b5b67a3b8d5cc556ea169103881a5329dbaafaae38e162a6dd75d2fbd76c6098098a3937e9a4a9bdf6e638680145ac2ea72c2f9f273b4d9a340015f629427a150d8ae36147e6b1678e9d30357514fc25a6671790a48be48706cb712d76fdaa414a1e8d63dca597a9d3"}], 0x598}}, {{0x0, 0x0, &(0x7f00000015c0)=[{&(0x7f0000001100)="7b945eaaf9988a3dc44702ccc8b26dbcc3011bd66f98105dc6dcacde66d57fd09661b3c503822c73d2e9bb7db1f6ba1690b1ea3ba99477eeac9cc881aa2bd15507be2f9d97d1fa4908fc5e81dabe8dcec051cb62cab49797066d40d1430c11327e45b021f1e61655fc4aee668b87b4675d61c83f61ba19bb18b167d1b605af604aff10809c7d8dd61dcc3a838462b60ce80106c6c5fac0e69e90326eedd5ee45043b72", 0xa3}, {&(0x7f00000011c0)="f2c911a607ae30efe3c4fd39d805413b8475648eaee4fbc061c389a63b5a1ffbb9efa3fe291ab2c2564f38152e017d7d8276ccd86392403c2df352852c5092be4217357b59a44a139477bdc0730865fcc62f93488856f78fbceb232113a06310f7e121fe77ca638d2747", 0x6a}, {&(0x7f0000001240)="b285389b6f2f07795df88a507a51a209bfe148bad3c2523720edad6df6ced94e9bbd9c4a59605b379e233d18ea9c892155c2c5bd996f557cb01cf2455a20b6e7fab3e36a9c2ea38aa89a15eb2f8c891ea515225c2b9b29bbfab137613094ff1179db5dd0b708ddfb21a600e7c3d073db95436cbc1784ca434cb511b3bf2710901dfdb6e4835767f86ad36fa4d7daa90345cc0162f0b628898a72916ee977e23923b26b15728efc6e3a97b4ee602e4c1d6dab9ef85f5f9289655f8cf4e111e4cca5a45aa3a4001f9cf7f6d2ec29c385f47fb577e52c1d9e13d7e9cdd936a9080067deef8399024b0c5c2d6566bd5368ba2241465f6c0c091a832e64f055", 0xfd}, {&(0x7f0000001340)="4a8908bab5d70736e0cba83a56ef603a9dd9c18635a3301d6f863b056587db866a06c8fa22615f836d9602a9939d36f1df3f4881d25f2bcc641421e85935bb168432675c666de2141ad98995c0ee7e60e1923d202ee3316f525a08", 0x5b}, {&(0x7f00000013c0)="a8608d3e267f2207480821cf3107f79248c514fc08d1a2a1c45aad1860177775bbaf842aba5b69b34d4bee778767ba7e57", 0x31}, {&(0x7f0000001400)="f700ed80b5e9d229613d6528a60bcef96398685ef7f9cd9684c3ed2e28032a09c8c011bd7c63fac14c1b4cc2f78b7f27c4591111c663406b0eed3ee0216568223130c1703aa22059addfd52bca4bba7a765d84bd4f0c01acd712de711c2fe6d1d0b9953f09fa3d4c102964f72b6efc5ec5bcc4fabaee1643902879fc30097a4542f85eb30122e9a322f7726b1d62b71a5c37520e07c25dacb42f57ebb32c182848e0309dba04cd802a7a6754113e56dc0578141ae782c4f4d00c0c7b495b7a952a497d64e5ad78a801d0cfcbec30e61a2eac50355c8e68ddab8223513a6742d6f9f941753f68f5ce3d27d6d1e0e3", 0xee}, {&(0x7f0000001500)="6131fed8627eeb304bb3019610714ae753cabf30fd68e0bce187716651600b58932f900b5d83e81591caef474b21f0558e339219f1aa04f7b557ed3fa1de88da7fc9eeb89e09", 0x46}, {&(0x7f0000001580)="ebc09d8ccfebe4dcdddb551218511ecd", 0x10}], 0x8, &(0x7f0000001600)=[{0x10c, 0x110, 0x800, "84ba7f2f0f17bbdc6713ac47da7f921ac18ac1ab3fe151e7434791ae4391f23b7157b11599199a56251b5684204da23771395dc8d6add5e9e6f87d4ff819bc8f4bbaf85f9c182fff8954f022deab2a86ead860ec1b0a08ace1e27caa173133e7e8cecf0e34809d3b71841e356ab129e42601bad694e48250df21859bc57920e357c03006890aa8a064508052cc14a3e2110afed7a46d0ad11b5aa1f9acfff878d1c40cc3bf22cb3119c05dcb3d769fd38a816e171b43d9a64dc1add34bd6f1767dcf05d247e49d2b877760005eb88cbac3c2724fd58a477078967c9a3bc1db0cef479fb2539de7597c218d4965b66a112185a66f22b789474d902a2743"}, {0x18, 0x1, 0xff, "a51471035507efb2c5d5"}], 0x124}}, {{&(0x7f0000001740)=@sco={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x80, &(0x7f0000001a00)=[{&(0x7f00000017c0)="c0def46836e2b9c48b5b9076525ac330f9df05aa5733206f51c69b6576854419178e8c8346a4fd238a833d645bf490d2eddbc14121ec76e764425c4ce0fa3d0b924559006c3f0c4bae41515e2231c351d9267baf9322a784689b1756c2dd92bea466dff2725742b078c8d239fcbd2af0cdb6eb01b915a6c62d2972df25d54b199b28434633a8df8f3147abdf05caca91b16d2324", 0x94}, {&(0x7f0000001880)="4cf4d7c14648bc36b961124a7bbdd4ee683b630fdd15fdd991ab8341b2edd5e4900aff03e3c128833504e4488b7bf9efc750e6b5c5221cb7e16c9edd110dc1288f2447803f4ab2be5ba586ed4e84419a9523e3699851f4acacee5e", 0x5b}, {&(0x7f0000001900)="dffc501968b8adf42e54a45e232adae7b962ffa3aeeef948d1db0c80a5bad1438bf5d215aa29a5c4c399254f00948dd3c0d996ff4f4b56e4a6945cd4f4f69f308d7f7cb6a544c82506347224d41f09d3cf3008da9fb4b4fdf69356a5e96a7557f0605aeee6b38abbea087126c30d742ce21bc141f8e7d24e217aaaeda4ef34e39536eedafeb3ab9ae8d935f87998ce7d632cd7f9141240af3409cbb7d79ac865691391b9166ead99dc5eae14024d44a94e6cd46cd72f82774f45406102769afc0fa0030c1d7419dceda2479c7d9f9b54e682e48882d0c8ef", 0xd8}], 0x3}}], 0x4, 0x0) r4 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0xc, &(0x7f00000005c0)=@assoc_value, &(0x7f0000000480)=0x8) r5 = socket(0x2a, 0x1, 0xfffffffc) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r4, 0x84, 0x18, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="03c9008d33938999fe3e72942a3508e1d4fed3ca9db4b24f528905b75c2bbdca5036dae7a78e3a52e48b7a32a3756a712a810849922dc703c5cf741d4c43709070576ef54d0e57d1fde29cb31180471552c503a95f577a178d10f7be21e55984f2aed6ad1d7fb74164b9f2bdae07602c3eff97c7013343155c02f01de227abdc781252306a98ff23e63e97a4d713cce9f1"], 0x91) r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYRES64=r1, @ANYRES8=r5, @ANYRES32=r2], 0xf) read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8) r7 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0) ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r7, 0xc0305602, &(0x7f0000000040)) r8 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r8, 0x1, 0x0, 0x0, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000400)=ANY=[@ANYRESHEX=r6], 0x0) r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000740)='/proc/asound/timers\x00', 0x0, 0x0) read$FUSE(r9, &(0x7f0000003c80)={0x2020}, 0x2020) getsockopt$inet_mreqn(r5, 0x0, 0x23, 0x0, &(0x7f0000000240)) socket$can_j1939(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff) 1.923067471s ago: executing program 3 (id=585): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x9eff, &(0x7f0000000000)={&(0x7f00000008c0)=@can_newroute={0x44, 0x18, 0x1, 0x0, 0x0, {}, [@CGW_MOD_XOR={0x15, 0x3, {{{}, 0x0, 0x0, 0x0, 0x0, "ab36f1265625e6c2"}}}, @CGW_MOD_OR={0x15, 0x2, {{{}, 0x0, 0x0, 0x0, 0x0, "9bb35248001592ce"}, 0x6}}]}, 0x44}}, 0x0) 1.830077087s ago: executing program 3 (id=586): openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x101) write$binfmt_aout(r0, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000000c0)={@rand_addr, @private}, &(0x7f0000000100)=0xc) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000007000000070000000002000700000000010000000000000a030000000000615f612e00"], &(0x7f0000000340)=""/153, 0x37, 0x99, 0x0, 0x7}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x2, 0x0, r0, 0xcbb, '\x00', 0x0, r1, 0x4, 0x5, 0x5}, 0x48) pipe2(&(0x7f0000000140), 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000680001"], 0x1c}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x56}, 0x20) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000040000000000000000000085000000500000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000900)={0x24, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x24}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000200)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="0600000000000000c7c89d42033955f9b092651e5d27b65c9f4b12ce3104d371232339c098df35", @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050000000000f8010880800000801400040002000000e000000100000000000000001400040002000000e0000001000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1d0004000a00000000000000fe880000000000000000000000000001000000000800030000000000060005000000000074010080080109807c000080060001000200000008000200ac1414bb0500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000200000008000200000000000500030000000000060001000a00000014000200ff020000000000000000000000000001050003000000000088000080060001000200000008000200e00000020500030000000000060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200fe8000000000000000000000000000000500030000000000060001000a0000001400020000000000000000000000ffffac1414000500030000000000240002002767b524f45e9dfaf001c414581741c92349c3b6661d9864680582bd184ef1a6200004000a00000000000000fe8000000000000000000000000000aa0000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080007000000000008000100", @ANYRES32=r8, @ANYBLOB], 0x248}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04160eaaaaaaaaaa12"], 0x9) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f00000000c0)) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r9) 1.829682199s ago: executing program 3 (id=587): r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r1, &(0x7f0000000080)={0x2a, 0xffffffff, 0xfffffffe}, 0xc) write$binfmt_misc(r1, 0x0, 0x4d) ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000040)={'team0\x00', 0x44}) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ip6_tables_matches\x00') ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, &(0x7f0000000000)={0x9a, 0x80000009, 0x2, 0x1, 0x85}) socket$l2tp6(0xa, 0x2, 0x73) syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x100, 0x1}, 0x70) bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x0, 0x1}, 0xe) r4 = socket(0x10, 0x3, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f0000000380)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r5, 0xc0182101, &(0x7f0000000180)={r6}) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r5, 0xc0502100, &(0x7f00000004c0)={0x0}) r8 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7fff, 0x2) preadv(r8, &(0x7f0000000340)=[{&(0x7f0000000200)=""/152, 0x98}, {&(0x7f0000000540)=""/118, 0x76}, {&(0x7f0000000400)=""/103, 0x67}], 0x3, 0x19df, 0x0) open$dir(&(0x7f0000000100)='./file0\x00', 0x109080, 0x1) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x40182103, &(0x7f0000000080)={r7, 0x3, r3, 0x5}) connect$unix(r4, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e22}, 0xffffff89) write(r4, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24) pipe2$watch_queue(&(0x7f0000000040), 0x80) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000080)=0x3) ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f00000001c0)) pwritev(r0, &(0x7f0000000040)=[{&(0x7f00000000c0)="00e80600079b", 0x6}], 0x1, 0x0, 0x0) 1.812317808s ago: executing program 0 (id=588): pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$binfmt_misc(r0, 0x0, 0x5) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r1, 0x0, r2, 0x0, 0x8000f28, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r3, &(0x7f0000000140)={0x2, 0x4e22, @multicast2}, 0x10) connect$inet(r3, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10) shutdown(r3, 0x1) recvfrom$inet(r3, &(0x7f0000000000)=""/125, 0x7d, 0x0, 0x0, 0x0) read(r3, &(0x7f00000007c0)=""/4096, 0x1000) syz_80211_inject_frame(&(0x7f0000000300)=@device_b, &(0x7f00000015c0)=@mgmt_frame=@beacon={{{}, {}, @device_b}, 0x0, @default, 0x1, @val={0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x1, [{0xb}]}, @void, @void, @void, @val={0x5, 0x3, {0x0, 0x4}}, @void, @void, @void, @val={0x2d, 0x1a}, @void, @val={0x71, 0x7}, @void}, 0x59) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@newlink={0x38, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ppp={{0x8}, {0xc, 0x2, 0x0, 0x1, {0x8}}}}]}, 0x38}}, 0x0) r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={r4}) accept4$packet(r8, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000280)=0x14, 0x80800) sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x2c, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_PRIVACY={0x4}]}, 0x2c}}, 0x0) 1.480170325s ago: executing program 2 (id=589): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)=ANY=[@ANYBLOB="144b25c51c3ee76daf000000000000000000000a48000000060a00000000002100000000000095002800048024000180090001006d6173710000000014000280080021400000000008000240000000000900010073797a30000000001400000011000100000000000000000000000a18f12bf410a08d7801f6060000000000000061ca625dfa78e12d97c78a825d537a430a3848a78b10862c5e25ea2bc587a152c147637bcb6a9e3017e169655f0ff8d1a2c13d1fded6bd9721d534ff894b841ac1dad0bc028069f0522fc87d092dc5764a8b26f603d6db587843fa71b9320dc234c333ef8916d355c8ac39483a035f2053b237223da2a3b4151e90267b2a9d669c903090eb3e620f7e924379aaf444bdabcfa15271d15c2fd93d7d17034dadda505fd5bbd7a0c07b5ebed8978c50e5cb719a12982945965c0d8be9cba597429cc6c05a6f848d1859abcbe18574e38cb065df5734fc32f7a0d78595e92c40c1aa7671c13e4c7d965d3333b7d005ea3ced10170981b4b69edec34160f89dfc3db6d6305c771d35"], 0x70}}, 0x0) r3 = dup(r2) ioctl$KVM_SET_MSRS(r3, 0x4080aea2, &(0x7f00000000c0)=ANY=[]) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) r7 = dup(r6) ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000280)={0xbe, 0x0, 0x1}) ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000ebffff11"]) r8 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0xfffffffffffffe7e) open(0x0, 0x0, 0x0) open(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) r10 = socket(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) r11 = socket(0x10, 0x803, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r7) getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route_sched(r10, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001500)=@newqdisc={0x19c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {}, {0xa, 0xffff}}, [@TCA_STAB={0x178, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x1, 0x7, 0x0, 0x200, 0x1, 0x7, 0x4, 0x3}}, {0xa, 0x2, [0x101, 0x9, 0x1]}}, {{0x1c, 0x1, {0x80, 0x4, 0xe, 0x5, 0x0, 0x1, 0x400, 0x4}}, {0xc, 0x2, [0xdf, 0x3, 0x81, 0x0]}}, {{0x1c, 0x1, {0x8, 0x13, 0x0, 0x8, 0x2, 0x0, 0xf2, 0x7}}, {0x12, 0x2, [0x4, 0x6, 0xa, 0x5702, 0x1, 0x2, 0x80]}}, {{0x1c, 0x1, {0x7, 0xa, 0x8, 0x3ff, 0x0, 0x7, 0x4, 0x4}}, {0xc, 0x2, [0x5, 0x5, 0xfdd6, 0x7]}}, {{0x1c, 0x1, {0x0, 0x1, 0x5, 0x50000, 0x2, 0x7, 0x3, 0x4}}, {0xc, 0x2, [0x2, 0x1, 0x3, 0x6]}}, {{0x1c, 0x1, {0xfe, 0x77, 0x8000, 0x1, 0x1, 0x8001, 0x7, 0x6}}, {0x10, 0x2, [0x4, 0xb, 0x9, 0x402, 0xb, 0x4]}}, {{0x1c, 0x1, {0x81, 0xf, 0xee5d, 0x9, 0x0, 0x81, 0x80000000, 0x5}}, {0xe, 0x2, [0x7, 0xe, 0x3, 0x0, 0x5]}}, {{0x1c, 0x1, {0x2, 0x5b, 0x6d1, 0x2, 0x2, 0x2, 0x6, 0x3}}, {0xa, 0x2, [0x4, 0x4, 0xc]}}, {{0x1c, 0x1, {0x2b, 0x1, 0x5, 0x8, 0x0, 0x0, 0x1fffc00, 0x2}}, {0x8, 0x2, [0x5d, 0x5]}}]}]}, 0x19c}, 0x1, 0x0, 0x0, 0x800}, 0x4000000) sendmsg$nl_route_sched(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=@newtfilter={0x44, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x8}, {}, {0xffe0, 0xa}}, [@filter_kind_options=@f_u32={{0x8}, {0x18, 0x2, [@TCA_U32_POLICE={0x4}, @TCA_U32_DIVISOR={0x8, 0x4, 0xc6}, @TCA_U32_FLAGS={0x8}]}}]}, 0x44}}, 0x0) write$UHID_INPUT(r8, &(0x7f0000000300)={0x8, {"d218d27a537ffc75dddd5c40c83df590dacf1fa268e0c92708e2e9a4dcf14b071bc7fd2ab69f06fc861ff340f975728e38423573cc91528c30f52b842c7da984b4b63b23430c535c96eeb36fbc189073a6f1c6b9dd4b958241404842fa8c4f57a3b17f213612a3e4fe061780fa475de6714912a014390be8d3b8b5fbe5b6245fe5718cd81351ebb09e9322b8520b9ebf6d37f03e85288b7894a0d393a318d61ea2cd0d46c6d98cb709894e4c7fc1755f1b32d4f04ed9b967f957b6b94320feb0a32fc818905ba06f180b1179ea74a1983f449f29ae5f065ec2bf327762d666fea2dfdb89e1b359b7892aca761953866c3cdb060de67bc037e613088744289b236ccd8cdebe8b39c5bcfc08a8bb4eaba90ff6c1b4cf5428f491b2e4a4dd35a256d4987908e399fbb9b9ef97e9ca5d8cd809728b0887f7b9389c356f8f41a2f984bf662d71f601b0fd5be585a2bc59be2a7fc8f0165351653bfabdb14af8a0361acbff53dc834971d9afc2bc60871bd5b311d546a5568d2684eceeafa3a4fd1b4086d08148ddd8da2957c3ea7ff31c00db7e5e2f40a3a101cc2056a1c241d19e6b594bfa643f3ea1fb64fc6cd16b929da2148550728302f29e3eb87756f6ce9f9fa47b82b2ae9b920f2732a248a264917162ae63cdc6f1533dfc6bc594c051d5bf7ed22e1ff2da25b29d7799344c0d89b69cbd1e1e96db43cfc0557fce403ca02d7c704d3321a06df36153de8182d95de24c14dd6cef0fdf13961eef43268100388ab0bcff0bdcd2e7dd98093ca4caf03a5f9b753a2f1288dae9231f4e64f8af771cfa99e46301e9444a7fc2f30968904c7aacbe060df82d13cbd9967cd0e9859142514244954fc6421857fd7988ee3111e9eaa2bcbd4d7179bb99669951d222f17a0f00fc445c8aada4df2ea919178b5383bc434ed930640b1f834717fc9ca0b491b981724cf6fd97bad4c65ddbd245445d2005d7b0d5c1e23cad3f675dbaea415393a7868526e7f0a45638719d54b410e8b61b96ebb98366c8dc2e88fec6c376e3ef86761fb1a2f1d11e24189f5e1142f66e11b4487d52ba52700b3d4d232c2c83aa04e5f822924c590ea2ff8fb59cbc5f51609b0dda07664b180c22a181890012152d6ec88f7ef71fa797dab8c719407d2ada6a5e113a94a7100f6b120ac893193a2557ee89c91205b39938a2ea64ec52230880602438d0575207071ca58bfc19078a7d9147bde910d38251cb7b93958704061298be4457f5fdfcdbaf2a4405a962f38555b8062a68538330f6deaa2c63061788f4fe9426e3136f704b139b4bbab12d3a4f8a2dbff0a4260370bbc71f7d82d0d5c4b132f8556c1ebffe11ec1143b1fc882121ae70a4f80dc682336efc179938fd14abaad3df54fadd6eb8953be169fff96fc5e2db29b25c22a4ffa242d4122f2a17217dc24872e165e93eca6b8ef0d351f3e979b7b6be4176d0eac540b2d41c87e8eac0d104d06498ce2f544037e1030e37a0e92e98ed60af8633f3ebaf75e2f3601bcd7b62e43b572b8d869813ac49cc4584c4d80c40445c799cc165503859bb32315889688481d9754217e15ca0572920cd179a2436d389e07988d711f7737a8c705a5407ff17a8d2ccb41d45430312ef6aa622f0fe3aa0a5a064a4a01f9d2397de93ef4e87a1e728a655c726fdea7b8add42dea6a60679d8db5f16f778b73a327c9df8998721f6edf54c0971c0c666258bf44b5053e6a6ad2f23d6fce56dbad5929b6a0a0a915f98a424e80b17967d599e594eb30efd13f4f90c18f724b8d929d3d0015f70ca58be44b434fc56857b2015b838960ed0bc382f83278b93c78426b4cbb564f5269f31ba2c19d3595ba1aecfdb65283c4102ed823f3df75378eec7bb06b20bc7755f764aa9d6da35ec02a4020d9f9986fddbb53cd07d072561914a983f1648187d917fa5c9450f551d51dec57db1980a84118e12fe7732bc3c6403273462b33058750b6a799aed3e663c0a0b6879fc9fd9cf70ec0c32481fae62242aff4d3200694cab6e337edfc5768bac61f099a3e7c044d28d92a8ea2f7e4b9fc3ae9a31adae231e64d8791d82f54882f066aecc1bd8ec72808ad30e77d35f2469e3e9494c2e95d1f234cc39ef6bc273dcbd03be8d3b873e43d188ef22a08a7beec53c62227e49279044c6c9255e07635793c1a685743a13866431b6cc2b492d530d0ea4b5cecece2540c6d9881ce9a6d52570ad72bca8d39fb743b30c56704d59a3baba221aafba82be20a7f74ce8b3aa972f6467e9195f188c7ee90a5f042321c555117bece71980a75f6ddb76547ac34ff5d58a8e4d7c45e67b192cdc053c9f978282fda35240e353355935cb7305ed56cd5013e0dfa8fe552910cf31c758d786ca5e37f6055df78420de91ecf3e7e8020c8d765ce3e96dd484b73881a9bc05eb591e24c13686ea6fef4942589f19b75dd2d005368e9ca63ce97191fc82b9dd446dade3c4abb8269ed016128ac2c9ca8bd3e783edd4353696d5ebd61303a107cb0b8b6075642e940af786da9d2a68bdcd6be3699b562586a63c3f80609184014f2c48c77c61305f90d5f27c3250d5229e5e618a5c7bfef1fb3cac4642f27b41402f7b3ed2554df788c25b4989b00fa7a857c8b8350ea9c79ab6455fd075bb84acf6a02fbfa75e134d88d46f868019dc5a5c64e23825169ca833f3355f9d084678b4ebfb29bf08a85eb9d574ce8bd51704bfbec3ff90d580204b88d224922f0b9f6294c673562952d5305ffcd2d5ca657620515b13ac412d758c463f23368b26ff4b240b08db89b2b2e4d9d48a5f6f39b78363a23650488461a2ac85a75cc74d1a1003297b42f816412927d7cd068e2256400c87b33597c558e6f0c474aeecc917bed351cf994368b4759b6261bf6492a06ef34ba447f1c13df52704253ded1658fe19918cbabafd00c4bf34c9e281eaaf1c4821b4eee2bb339e4dc5db57bab80be7aa8f1f2d6d33be342b1809b6ce3944febdb6c610981e8077e5fbd4049fd4e30a7946015c9eed8d64dca46634cd4f46527c146ad32ec245035500b9b3d427eafe1232b1074a566381bb0f1e05722db62627a7a4fd5fbfec11c52ce51ce478d1bfe1d873ba1394a1c842d5bad83dc63b04c97de0d26eb6d1bf3bbf01f5f78fba889c3e432d2ce98de267bd939dfadb1cd4d5b35985206f2dcb10b6dac6fe06bb398107f577339bbabbd877f9ac4a1d1a6b24e30824404e3f51f8599e26de14ecb578038c102d1ce63778ddb85c96efd6a5342f35b80617ec6cae1c0b1dc44febbe93b4812b3161b086377fa33ef54be929034f202861f6e77155bbb783bfc5585d000ccd6d15818c49b0d788a521468bf36a976455640308aa0a3e1caabd9945cf5f321af4a4a316065183253dc26c40c773159d26e3452acce53c35eb361c7b8f1af9769b33be98388087508ed673854b896eadaff8459210c8fe019a46b25d3165f9fdf1f4e782485b4edcf4c38cd09a7717e71c82ad4ae627134b765ce9bcdb3389253ee6bb3fa62ec13f1ad152ec1e6bd46359cad41c8018c65a9ce3729008d0ff73612e7f280240df41b0dd03c67afc8198caf754e6438efc0a28b8e97fae3198393276167f9e4dcb2f688b54353e118bafce3ea2a92c779b144482953afbb03d0bbe6bb8fbc640387c7b577cd34f61ca04c9af93035d0cdfdc6b8c0f5bec527e91183ea21f0f4923c245a5160565e4b34264326e687d0e2585756f39045f453a30a7be1979a40c6cfe803c5e08381b03790cb5e2983d0b76c013531a6b5958ffd05824e409e901af1eb6d5e639c3b0cee75856665ce6fd5cdf0b46e25a30dba99c1be2b779be29d1b4d0d48bb11ae72b0a950f755e674330537cc8a79649e0797485091012268b8e4818c5a33c39ef9e5d53012cbf94a6e7751442bc51fe511cdbadaf2d55d78f36cccdca9a99b7af74fcd2211a91ee2e25fb2528afc3a8536f3cab5e981c291848d447eef3ee492b116aa8e848d5bb5d4fc026f846ddd17c54b8dcb7cb8510ea0b390e209f6a10af09c22c2d98830c7c1bfe7b8213b55556564138656a4fdbd4068b2689a67a80cf5ba2d2677df31868e849a05a92cc7d6870c46f8119a6e05ac6811c6446df398e7af336beaa8527c11889c3d0281d9ced9c2eab6d6668d0bdafb5b65e3c436ea97827314f0b555fa5b832de7c2d4339d07d3bfddae3b00dbd86010051d2d5c5c73ffe001eeb6284fc457c7269195b104c0220af38257cafea696d15e8086e0a5f7e9f58cb34dcf763c1797e3541325632663990119a643f1cf7754b87c807da6dfeccd4f3413e1dd691d1137f27cbfeb0ac65f1b9a362ed3d0b19bfb2f9493abf3b8cbe59a97f433d63be3131abcf22d25050516328ee037c9d6a9279e56548a5e0ad82b0d44b9dd744a71d81b0a73a0f226bf0ab569bc4ebbdcbdc7e488db2d6ee20398c4cadddd7df2e43100955ac18088d19e8e71b41e49750d5f58fd0dd09183e02112b461d7c6f0a04b19e418f7699385eeeba70c55f3d94e13fa4777e66f266de3e70c374af991a41c6ba2996ed3b9165d36f1a9e8267fed8f5819327ed12e26e6c4261be3243fb713a55311a00f8e6bc1a98906ff0fbc6b9d072527713c50ed691d1638826ab7dc12f5362c6092fd6c33cd41ddea682774f646e05e3251abe90f76d80629bfb02bc2de1f8e2840a19af8b6cff67ef8a61a59f3041b22abb427567170aa61d9087e26648432ab433c196ce6bd00bd2857b84d46de4bfc030a3527d23bd94ebf1b1ac4ecae3b665818d5db006acdbd4a41272b71a6757af0cf48d0b3c44caeae7e2f48b41f0e122129a7fd2a976c625ac261d37fe5280bd83b07662bea27890a4be491cd3614d32c1f4f6ce963b3029b67d2ba31baff09939c565f772c6ece15eb816f4f5f9ced5a82acb498d4b987a3bbfa3e8413bf8f1900df8e3c6878386cc08586bc1fffb98b18164871222bb85b45f5fb7198fbf95f42ea5679fbf51887abe96e1ee0e3f1342717b3df9a22037db61dbfd72c20b3e316025cf9133c297d960f37ca7a8d56160179873a77b3de89dfc548e03a7c021820b389aeef1fcad6cfccbbefb418eb44a6a7b9be3c7f5108aa570ebd453a2a8538b8ccaab6233cc4b04b0c507c41625f9c0b5ece162da8c613d387556a551b53155809fef24826da5b791998218180414feae316e2982d504a695edd47caf1caed1f32952ecb329e4dd58c9062125d10ed5149f50c21f15fa37372e811c072ddf44a5ca1a331375d1d3fedb4a56be12052a71bc9236b2aaad3a375e82a8cfbdf6e1b718f76b2377a97fcfac3ded53017faaf6e0ff086b1ad7a2fee83c9e0913d6b3938fcd309f2b90b811fef8a90659cd531d60d8651f8f1c5cfe3b586d75327a21afec006e52b9521d27962609b046cf973494e930b62a95b256750fcf95e844ce84dbd465ad81e30f37a9bf1ea8b8083f25d12b5de2f87325cd3d11725554c321fb4cfe6beda08d4bd4c44d9b5cd27f17c760e78a09b5449a681fcaeae930e389b7236c43fed58e1d6b1a6d38295bcee0e1ed9f57140cce4a56c2db3542d3468a65c53c1447125de60cde30ff31e3dd44a05ef95dbe38a569b2c5adc5e155756052385ce5ad11c6a7850212388188bb3df5ab77f508b787438b1943a205cb079235ae005c21998da1c6794e64cae25775b3608ebd90cf9ec7b7ceffbeabd7b1f50cb483779810d921bed14989d1ca08cd822acbfe5a55a8bb5c2cade9423f1f334a8f27c5467e483251f43427421d5d466a3d3798e9", 0x1000}}, 0x1006) r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000000000000000000000000008500dd00d0000000c5000000a000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x22, r8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffff497}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r13, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50) syz_init_net_socket$llc(0x1a, 0x1, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x10, 0x38a, &(0x7f0000000000)=ANY=[@ANYRES16=r6], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xf9}, 0x90) 1.06041601s ago: executing program 2 (id=591): r0 = creat(&(0x7f0000000300)='./bus\x00', 0x0) close(r0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) r3 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r3, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r3, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r2, 0x0, 0x4000}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fe47, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x80}}, 0x0) 960.086816ms ago: executing program 2 (id=592): r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$TUNGETVNETHDRSZ(r0, 0x800454d7, &(0x7f00000000c0)) ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f00000002c0)={{0x1, 0x1, 0x18, r0}, './file0\x00'}) r1 = socket$nl_route(0x10, 0x3, 0x0) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0) ioctl$X86_IOC_RDMSR_REGS(r3, 0xc02063a0, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x15}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x30, 0x2, {{0x0, 0x0, 0x0, 0x2}, [@TCA_NETEM_RATE={0x14, 0xd, {0x0, 0x1, 0x200000}}]}}}, @TCA_RATE={0x6, 0x5, {0x2, 0x1}}]}, 0x68}, 0x1, 0x0, 0x0, 0x10}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$inet_udplite(0x2, 0x2, 0x88) r7 = socket$can_j1939(0x1d, 0x2, 0x7) recvmsg$can_j1939(r7, &(0x7f00000001c0)={&(0x7f0000000040)=@hci, 0x80, &(0x7f00000000c0), 0x0, &(0x7f0000000100)=""/175, 0xaf}, 0x23) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r9 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x400001, 0x10) mknodat$loop(r9, &(0x7f0000000280)='./file0\x00', 0x40, 0x1) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000200)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_GET_WIPHY(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)={0x28, r8, 0x301, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r10}, @val={0xc}}}}, 0x28}}, 0x10008495) 959.847519ms ago: executing program 1 (id=593): process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000240)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000280)={0x1d, r1}, 0x18) sendmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff06, 0x0) 952.997511ms ago: executing program 3 (id=594): process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000240)={0x1d, r1}, 0x18) connect$can_j1939(r0, &(0x7f0000000280)={0x1d, r1}, 0x18) sendmmsg(r0, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x3ffffffffffff06, 0x0) (fail_nth: 1) 926.415979ms ago: executing program 1 (id=595): openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x101) write$binfmt_aout(r0, 0x0, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f00000000c0)={@rand_addr, @private}, &(0x7f0000000100)=0xc) r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000007000000070000000002000700000000010000000000000a030000000000615f612e00"], &(0x7f0000000340)=""/153, 0x37, 0x99, 0x0, 0x7}, 0x20) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)={0x1b, 0x0, 0x0, 0x2, 0x0, r0, 0xcbb, '\x00', 0x0, r1, 0x4, 0x5, 0x5}, 0x48) pipe2(&(0x7f0000000140), 0x0) openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="14000000680001"], 0x1c}}, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0, 0x56}, 0x20) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) syz_emit_vhci(&(0x7f0000000000)=@HCI_VENDOR_PKT={0xff, 0x1}, 0x2) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000040000000000000000000085000000500000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x90) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) r4 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000080)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f00000008c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000900)={0x24, r3, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_FLAGS={0x8, 0x5, 0x1}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r5}]}, 0x24}}, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000200)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="0600000000000000c7c89d42033955f9b092651e5d27b65c9f4b12ce3104d371232339c098df35", @ANYRES16=r7, @ANYBLOB="010000000000000000000100000024000300a05ca84f6c9c8e3853e2fd7a70ae0fb20fa152600cb00845174f08076f8d78430800050000000000f8010880800000801400040002000000e000000100000000000000001400040002000000e0000001000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1d0004000a00000000000000fe880000000000000000000000000001000000000800030000000000060005000000000074010080080109807c000080060001000200000008000200ac1414bb0500030000000000060001000a00000014000200ff0100000000000000000000000000010500030000000000060001000200000008000200000000000500030000000000060001000a00000014000200ff020000000000000000000000000001050003000000000088000080060001000200000008000200e00000020500030000000000060001000a00000014000200ff0200000000000000000000000000010500030000000000060001000a00000014000200fe8000000000000000000000000000000500030000000000060001000a0000001400020000000000000000000000ffffac1414000500030000000000240002002767b524f45e9dfaf001c414581741c92349c3b6661d9864680582bd184ef1a6200004000a00000000000000fe8000000000000000000000000000aa0000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080007000000000008000100", @ANYRES32=r8, @ANYBLOB], 0x248}}, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="04160eaaaaaaaaaa12"], 0x9) ioctl$DRM_IOCTL_MODE_GETENCODER(0xffffffffffffffff, 0xc01464a6, &(0x7f00000000c0)) r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0) close(r9) 920.344096ms ago: executing program 2 (id=596): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x20, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0) epoll_create1(0x0) r7 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) unshare(0x8000600) userfaultfd(0x80001) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r7, 0x40045532, &(0x7f0000000100)) openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2f, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r9}, 0x10) syz_io_uring_submit(0x0, 0x0, 0x0) syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x181400) socket$inet_udp(0x2, 0x2, 0x0) pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f00000000c0)={0x3ff2, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) 800.177425ms ago: executing program 1 (id=597): socket$nl_xfrm(0x10, 0x3, 0x6) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) r1 = getpid() bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x0, 0x0, 0x10001}, 0x48) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) fcntl$dupfd(r4, 0x0, r4) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000080eff95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000002c0)='contention_end\x00', r5}, 0x10) r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_GETCRTC(r7, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r8, 0x0}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000440)={r9, 0x0, 0x0, 0x0, 0x0, [0x0]}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r10, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000200)={r9}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r7, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r11}) 740.084034ms ago: executing program 3 (id=598): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) bpf$MAP_CREATE(0x0, &(0x7f0000000600)=@bloom_filter={0x1e, 0x1, 0x2, 0x2, 0x1901, 0x1, 0x1adf, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x3, 0x2, 0x3}, 0x48) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) socket$nl_audit(0x10, 0x3, 0x9) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x324) r2 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000c80)={'lo\x00'}) sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r3 = userfaultfd(0x1) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_WRITEPROTECT(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2}) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, &(0x7f0000000400)={&(0x7f0000b36000/0x12000)=nil, &(0x7f0000841000/0x4000)=nil, 0x12000}) r4 = fcntl$dupfd(r3, 0x0, r3) ioctl$UFFDIO_CONTINUE(r4, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1}) syz_io_uring_setup(0x6866, &(0x7f00000003c0), &(0x7f0000000080), &(0x7f0000000140)) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil) syz_open_procfs$userns(0x0, &(0x7f00000002c0)) userfaultfd(0x80001) 274.310243ms ago: executing program 1 (id=599): r0 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00'}) r1 = socket$kcm(0x10, 0x0, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f00000000c0)='GPL\x00'}, 0x90) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r4, @ANYBLOB="25003300d0000000080211000001080211000000505050505050000003"], 0x44}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x0, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61155000000000006113500000000000bfa000000000000007000000ee0016055e03010000000000250500000000000069163e0000000000bf07000000000000260507000fff0720670600003f000000140300000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x60}, 0x90) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @union={0x0, 0x0, 0x0, 0xb, 0x0, 0x2}]}}, 0x0, 0x4e}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="b9ff03076003008cb89e08f086dd", 0x0, 0x0, 0x60000000, 0x0, 0xfffffffffffffce7, 0x0, 0x0}, 0x50) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000500), &(0x7f0000000540)=0xe) bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) socket(0x10, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_xfrm(0x10, 0x3, 0x6) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=@newlink={0x7c, 0x10, 0x421, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x61}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0x4}, @IFLA_GRE_OKEY={0x8}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e21}, @IFLA_GRE_ERSPAN_DIR={0x5, 0x17, 0x1}, @IFLA_GRE_ENCAP_DPORT={0x6}]}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x7c}}, 0x0) write$binfmt_misc(r5, &(0x7f0000000200)=ANY=[@ANYBLOB="4900030007"], 0xd) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000480)=ANY=[@ANYBLOB="d22ce94860e13c29fedacabc40ec199bea0000000000e3ffffffffff840000006100000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x16, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ZONE={0x6}, @TCA_CT_NAT_PORT_MAX={0x6, 0xe, 0x4e22}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r8, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) sendmsg$NL80211_CMD_DEL_KEY(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x2c, r3, 0x200, 0x70bd2a, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x5, 0x1}}}}, [@NL80211_ATTR_MAC={0xa}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040801}, 0x8805) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$smc(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$SMC_PNETID_GET(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x14, r11, 0x403}, 0x14}}, 0x0) 148.962133ms ago: executing program 1 (id=600): creat(&(0x7f0000000300)='./bus\x00', 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000003c0)={'vxcan0\x00', 0x0}) r2 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r2, &(0x7f0000000000), 0x10) sendmsg$can_bcm(r2, &(0x7f0000000480)={&(0x7f0000000340)={0x1d, r1, 0x0, 0x4000}, 0x10, &(0x7f00000000c0)={&(0x7f0000000580)={0x1, 0x7ab0715dca68fe47, 0x0, {}, {}, {}, 0x4, @canfd={{}, 0x0, 0x0, 0x0, 0x0, "b8ee0816756b62187804752330b2b55830d7228ef1593c0639bd084bba0bfd8db72f70e5b2e7f90e11cbc6ec61a03fc316d5d47970907af5fc4a27f6cf718909"}}, 0x80}}, 0x0) 88.819488ms ago: executing program 1 (id=601): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r1, 0x0) r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = socket$unix(0x1, 0x2, 0x0) bind$unix(r3, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r4 = socket$unix(0x1, 0x2, 0x0) connect$unix(r4, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r5 = socket$netlink(0x10, 0x3, 0x4) write(r5, &(0x7f00000002c0)="29000000140005b7ff00000004eabdeb0101b6ff02159f7e5520756b0f33b49db96ad24d12595fbea5", 0x29) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x15) read(r4, &(0x7f0000000100)=""/48, 0x30) ioctl$TCFLSH(r2, 0x80044704, 0x20000000) setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x20004002, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c) 0s ago: executing program 2 (id=602): openat$uhid(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000300)={0xe0001, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2da7]}) lchown(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)=@delchain={0xd0, 0x65, 0x0, 0x0, 0xfffffffd, {}, [@TCA_CHAIN={0x8}, @TCA_CHAIN={0x8}, @TCA_CHAIN={0x8, 0xb, 0x7}, @filter_kind_options=@f_route={{0xa}, {0x88, 0x2, [@TCA_ROUTE4_ACT={0x84, 0x6, [@m_sample={0x80, 0x3ffe, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_TRUNC_SIZE={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8}, @TCA_SAMPLE_RATE={0x8}]}, {0x29, 0x6, "845cd14d6348c08dbdb762af165861ac63450de3ca8bd1f96b5b407bdcb4fdced358527722"}, {0xc}, {0xc}}}]}]}}]}, 0xd0}, 0x1, 0x0, 0x0, 0x4000010}, 0x0) r4 = socket(0x10, 0x803, 0x0) sendto(r4, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r4, &(0x7f0000000b80)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000580)=""/111, 0x6f}, {&(0x7f0000000280)=""/85, 0x55}, {&(0x7f0000002040)=""/4101, 0x1005}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000001fc0)=""/89, 0x59}, {&(0x7f00000007c0)=""/154, 0x9a}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}, {{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f00000006c0)=""/108, 0x6c}, {&(0x7f0000000780)=""/2, 0x2}, {&(0x7f0000000880)=""/180, 0xb4}, {&(0x7f00000003c0)=""/59, 0x3b}, {&(0x7f0000000ac0)=""/133, 0x85}, {&(0x7f0000000a00)=""/95, 0x5f}, {&(0x7f0000000d40)=""/156, 0x9c}, {&(0x7f0000000780)}, {&(0x7f0000000940)=""/53, 0x35}, {&(0x7f0000000e00)=""/200, 0xc8}], 0xa}, 0x6}], 0x2, 0x0, &(0x7f0000003700)={0x77359400}) ioctl$VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0xf0f046}) r5 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl(r5, 0xfffff000, &(0x7f0000000000)) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) close_range(r6, 0xffffffffffffffff, 0x0) openat$capi20(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r8}, 0x10) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301) kernel console output (not intermixed with test programs): check. [ 65.913464][ T5383] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 66.095526][ T5383] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 66.100389][ T5383] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 66.104894][ T5383] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 66.108568][ T5383] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 66.118157][ T5469] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 66.126872][ T5383] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 66.148105][ T5483] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.358840][ T5383] usb 6-1: USB disconnect, device number 3 [ 66.513430][ T66] Bluetooth: hci3: command tx timeout [ 66.523656][ T66] Bluetooth: hci0: command tx timeout [ 66.526118][ T5346] Bluetooth: hci2: command tx timeout [ 66.776235][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 67.148053][ T5505] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 67.595372][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 67.599833][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 67.748340][ T5524] netlink: 9 bytes leftover after parsing attributes in process `syz.1.35'. [ 67.752348][ T5524] 0·X: renamed from hsr0 (while UP) [ 67.765232][ T5524] 0·X: entered allmulticast mode [ 67.767504][ T5524] hsr_slave_0: entered allmulticast mode [ 67.770017][ T5524] hsr_slave_1: entered allmulticast mode [ 67.773048][ T5524] A link change request failed with some changes committed already. Interface c0·X may have been left with an inconsistent configuration, please check. [ 68.355697][ T5530] netlink: 12 bytes leftover after parsing attributes in process `syz.3.37'. [ 68.462741][ T5530] syz.3.37 uses obsolete (PF_INET,SOCK_PACKET) [ 68.602758][ T5544] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.607919][ T5346] Bluetooth: hci0: command tx timeout [ 69.193585][ T1285] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 69.403384][ T1285] usb 8-1: Using ep0 maxpacket: 32 [ 69.406944][ T1285] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 69.431897][ T1285] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 69.443911][ T1285] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 69.447521][ T1285] usb 8-1: Product: syz [ 69.449470][ T1285] usb 8-1: Manufacturer: syz [ 69.451570][ T1285] usb 8-1: SerialNumber: syz [ 69.493659][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 69.572707][ T5558] FAULT_INJECTION: forcing a failure. [ 69.572707][ T5558] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 69.578983][ T5558] CPU: 2 UID: 0 PID: 5558 Comm: syz.0.47 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 69.583512][ T5558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.589796][ T5558] Call Trace: [ 69.591515][ T5558] [ 69.592888][ T5558] dump_stack_lvl+0x16c/0x1f0 [ 69.595227][ T5558] should_fail_ex+0x497/0x5b0 [ 69.598600][ T5558] _copy_from_user+0x30/0xf0 [ 69.600677][ T5558] __sys_bpf+0x239/0x5600 [ 69.602508][ T5558] ? __pfx___sys_bpf+0x10/0x10 [ 69.617474][ T5558] ? ksys_write+0x12f/0x260 [ 69.619441][ T5558] ? find_held_lock+0x2d/0x110 [ 69.621474][ T5558] ? ksys_write+0x21c/0x260 [ 69.623396][ T5558] ? __pfx_lock_release+0x10/0x10 [ 69.625329][ T5558] ? vfs_write+0x14d/0x1140 [ 69.627200][ T5558] ? __mutex_unlock_slowpath+0x164/0x650 [ 69.629588][ T5558] ? fput+0x32/0x390 [ 69.631328][ T5558] ? ksys_write+0x1ab/0x260 [ 69.633252][ T5558] ? __pfx_ksys_write+0x10/0x10 [ 69.635086][ T5558] __ia32_sys_bpf+0x76/0xe0 [ 69.636892][ T5558] __do_fast_syscall_32+0x73/0x120 [ 69.639091][ T5558] do_fast_syscall_32+0x32/0x80 [ 69.640791][ T5558] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.643090][ T5558] RIP: 0023:0xf7f40579 [ 69.644454][ T5558] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 69.651558][ T5558] RSP: 002b:00000000f56f657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 69.655146][ T5558] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000202a0fb8 [ 69.658464][ T5558] RDX: 000000000000002d RSI: 0000000000000000 RDI: 0000000000000000 [ 69.661831][ T5558] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.665386][ T5558] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 69.668822][ T5558] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.672099][ T5558] [ 69.812677][ T5346] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 69.817420][ T5346] Bluetooth: hci1: Injecting HCI hardware error event [ 69.822281][ T5346] Bluetooth: hci1: hardware error 0x00 [ 69.848076][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 69.873558][ T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 69.929870][ T5550] input: syz0 as /devices/virtual/input/input6 [ 69.947402][ T5550] input: syz0 as /devices/virtual/input/input5 [ 70.052814][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 70.096242][ T10] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 70.101188][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 70.110998][ T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 70.129043][ T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 70.137109][ T10] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 70.142284][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.157502][ T10] usb 6-1: config 0 descriptor?? [ 70.306596][ C0] hrtimer: interrupt took 58575 ns [ 70.438520][ T5571] program syz.2.51 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 70.594254][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 70.611650][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.615846][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.619566][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.622696][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.626601][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.629947][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.633464][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.636825][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.640365][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.645980][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.649501][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.654394][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.661979][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.665639][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.670101][ T10] plantronics 0003:047F:FFFF.0002: unknown main item tag 0x0 [ 70.695797][ T10] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 70.726739][ T10] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 70.844563][ T1285] cdc_ncm 8-1:1.0: failed to get mac address [ 70.848106][ T1285] cdc_ncm 8-1:1.0: bind() failure [ 70.877196][ T1285] cdc_ncm 8-1:1.1: probe with driver cdc_ncm failed with error -71 [ 70.882561][ T1285] cdc_mbim 8-1:1.1: probe with driver cdc_mbim failed with error -71 [ 70.887696][ T1285] usbtest 8-1:1.1: probe with driver usbtest failed with error -71 [ 70.899080][ T1285] usb 8-1: USB disconnect, device number 2 [ 70.983819][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 71.377309][ T57] usb 6-1: USB disconnect, device number 4 [ 71.584957][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.588142][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.803615][ T66] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0 [ 71.807338][ T66] Bluetooth: hci2: Injecting HCI hardware error event [ 71.811236][ T66] Bluetooth: hci2: hardware error 0x00 [ 71.893449][ T5346] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 73.030805][ T5608] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 73.195702][ T5612] FAULT_INJECTION: forcing a failure. [ 73.195702][ T5612] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 73.201450][ T5612] CPU: 2 UID: 0 PID: 5612 Comm: syz.1.60 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 73.205796][ T5612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 73.210322][ T5612] Call Trace: [ 73.211832][ T5612] [ 73.213145][ T5612] dump_stack_lvl+0x16c/0x1f0 [ 73.215348][ T5612] should_fail_ex+0x497/0x5b0 [ 73.217472][ T5612] _copy_from_iter+0x27a/0xfc0 [ 73.219532][ T5612] ? __pfx__copy_from_iter+0x10/0x10 [ 73.221818][ T5612] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 73.224486][ T5612] ? tun_build_skb.constprop.0+0x1b8/0x1390 [ 73.226787][ T5612] ? __pfx_lock_release+0x10/0x10 [ 73.228705][ T5612] copy_page_from_iter+0xa5/0x120 [ 73.230468][ T5612] tun_build_skb.constprop.0+0x294/0x1390 [ 73.232703][ T5612] ? __pfx_tun_build_skb.constprop.0+0x10/0x10 [ 73.235144][ T5612] tun_get_user+0x888/0x3c20 [ 73.237000][ T5612] ? __pfx_tun_get_user+0x10/0x10 [ 73.239005][ T5612] ? find_held_lock+0x2d/0x110 [ 73.240938][ T5612] ? __pfx_lock_release+0x10/0x10 [ 73.242939][ T5612] tun_chr_write_iter+0xe8/0x210 [ 73.244902][ T5612] vfs_write+0x6b6/0x1140 [ 73.246613][ T5612] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 73.249059][ T5612] ? __pfx_vfs_write+0x10/0x10 [ 73.251161][ T5612] ? __fget_files+0x256/0x400 [ 73.253278][ T5612] ? __fget_light+0x173/0x210 [ 73.255384][ T5612] ksys_write+0x12f/0x260 [ 73.257323][ T5612] ? __pfx_ksys_write+0x10/0x10 [ 73.259526][ T5612] __do_fast_syscall_32+0x73/0x120 [ 73.261812][ T5612] do_fast_syscall_32+0x32/0x80 [ 73.263997][ T5612] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 73.266811][ T5612] RIP: 0023:0xf7f85579 [ 73.268656][ T5612] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 73.278450][ T5612] RSP: 002b:00000000f5736540 EFLAGS: 00000293 ORIG_RAX: 0000000000000004 [ 73.282123][ T5612] RAX: ffffffffffffffda RBX: 00000000000000c8 RCX: 0000000020000100 [ 73.285718][ T5612] RDX: 0000000000000036 RSI: 00000000f740bff4 RDI: 0000000000000000 [ 73.289313][ T5612] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 73.293483][ T5612] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 73.297261][ T5612] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 73.301418][ T5612] [ 73.557703][ T5614] warning: `syz.1.61' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 73.842376][ T5346] Bluetooth: hci2: unexpected event for opcode 0x1003 [ 73.873607][ T66] Bluetooth: hci2: Opcode 0x0c03 failed: -110 [ 74.748402][ T5661] FAULT_INJECTION: forcing a failure. [ 74.748402][ T5661] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 74.756135][ T5661] CPU: 3 UID: 0 PID: 5661 Comm: syz.3.73 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 74.759747][ T5661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.764149][ T5661] Call Trace: [ 74.765605][ T5661] [ 74.767072][ T5661] dump_stack_lvl+0x16c/0x1f0 [ 74.769288][ T5661] should_fail_ex+0x497/0x5b0 [ 74.771278][ T5661] _copy_to_user+0x30/0xc0 [ 74.772949][ T5661] simple_read_from_buffer+0xd0/0x160 [ 74.774766][ T5661] proc_fail_nth_read+0x1b0/0x290 [ 74.776855][ T5661] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 74.778758][ T5661] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 74.780788][ T5661] vfs_read+0x1d4/0xbd0 [ 74.782575][ T5661] ? __fdget_pos+0xeb/0x180 [ 74.784551][ T5661] ? __pfx_vfs_read+0x10/0x10 [ 74.786600][ T5661] ? __pfx___mutex_lock+0x10/0x10 [ 74.788806][ T5661] ? __fget_files+0x256/0x400 [ 74.790843][ T5661] ksys_read+0x12f/0x260 [ 74.792674][ T5661] ? __pfx_ksys_read+0x10/0x10 [ 74.794785][ T5661] __do_fast_syscall_32+0x73/0x120 [ 74.797010][ T5661] do_fast_syscall_32+0x32/0x80 [ 74.799160][ T5661] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 74.801839][ T5661] RIP: 0023:0xf743e579 [ 74.803600][ T5661] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 74.811698][ T5661] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 74.815374][ T5661] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5756630 [ 74.818467][ T5661] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 74.821405][ T5661] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 74.824772][ T5661] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 74.828152][ T5661] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 74.831543][ T5661] [ 75.054761][ T5663] netfs: Couldn't get user pages (rc=-14) [ 76.324746][ T5679] block nbd0: shutting down sockets [ 77.457173][ T5689] netfs: Couldn't get user pages (rc=-14) [ 77.609650][ T5697] x_tables: duplicate underflow at hook 1 [ 79.752978][ T5731] netfs: Couldn't get user pages (rc=-14) [ 80.546868][ T5751] netlink: 'syz.0.103': attribute type 7 has an invalid length. [ 80.580464][ T5751] netlink: 'syz.0.103': attribute type 6 has an invalid length. [ 81.464706][ T5751] netlink: 28 bytes leftover after parsing attributes in process `syz.0.103'. [ 81.835307][ T981] cfg80211: failed to load regulatory.db [ 82.307266][ T5779] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 83.090716][ T5786] FAULT_INJECTION: forcing a failure. [ 83.090716][ T5786] name failslab, interval 1, probability 0, space 0, times 1 [ 83.096194][ T5786] CPU: 2 UID: 0 PID: 5786 Comm: syz.0.111 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 83.100405][ T5786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 83.105081][ T5786] Call Trace: [ 83.106595][ T5786] [ 83.107920][ T5786] dump_stack_lvl+0x16c/0x1f0 [ 83.109948][ T5786] should_fail_ex+0x497/0x5b0 [ 83.111983][ T5786] ? fs_reclaim_acquire+0xae/0x160 [ 83.114258][ T5786] should_failslab+0xc2/0x120 [ 83.116403][ T5786] kmem_cache_alloc_lru_noprof+0x72/0x2f0 [ 83.118853][ T5786] ? sock_alloc_inode+0x25/0x1c0 [ 83.120884][ T5786] ? __pfx_sock_alloc_inode+0x10/0x10 [ 83.123079][ T5786] sock_alloc_inode+0x25/0x1c0 [ 83.125132][ T5786] alloc_inode+0x5d/0x230 [ 83.126901][ T5786] sock_alloc+0x40/0x280 [ 83.128782][ T5786] do_accept+0x150/0x540 [ 83.130680][ T5786] ? __pfx_do_accept+0x10/0x10 [ 83.132879][ T5786] __sys_accept4+0x102/0x1c0 [ 83.134488][ T5786] ? __pfx___sys_accept4+0x10/0x10 [ 83.136373][ T5786] ? __pfx_ksys_write+0x10/0x10 [ 83.138305][ T5786] __ia32_sys_accept4+0x94/0x100 [ 83.140316][ T5786] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 83.142963][ T5786] __do_fast_syscall_32+0x73/0x120 [ 83.144920][ T5786] do_fast_syscall_32+0x32/0x80 [ 83.146996][ T5786] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 83.149304][ T5786] RIP: 0023:0xf7f40579 [ 83.150831][ T5786] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 83.158370][ T5786] RSP: 002b:00000000f56d557c EFLAGS: 00000292 ORIG_RAX: 000000000000016c [ 83.161712][ T5786] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 0000000000000000 [ 83.164854][ T5786] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 83.168117][ T5786] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 83.170801][ T5786] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 83.174060][ T5786] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 83.177012][ T5786] [ 85.392436][ T981] IPVS: starting estimator thread 0... [ 85.494345][ T5821] IPVS: using max 34 ests per chain, 81600 per kthread [ 86.266760][ T5836] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7) [ 86.269635][ T5836] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 86.275418][ T5836] vhci_hcd vhci_hcd.0: Device attached [ 86.282812][ T5836] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 86.291213][ T5836] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN [ 86.297758][ T5836] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(13) [ 86.300587][ T5836] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed) [ 86.308315][ T5836] vhci_hcd vhci_hcd.0: Device attached [ 86.332473][ T5844] vhci_hcd: connection closed [ 86.334719][ T5840] vhci_hcd: connection closed [ 86.334751][ T64] vhci_hcd: stop threads [ 86.341163][ T64] vhci_hcd: release socket [ 86.343225][ T64] vhci_hcd: disconnect device [ 86.346995][ T64] vhci_hcd: stop threads [ 86.348667][ T64] vhci_hcd: release socket [ 86.350182][ T64] vhci_hcd: disconnect device [ 87.249116][ T5858] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 87.333451][ T4390] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 87.554847][ T4390] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 87.558792][ T4390] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 87.563419][ T4390] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 87.566985][ T4390] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 87.608224][ T4390] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 87.614360][ T4390] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 87.617944][ T4390] usb 7-1: Product: syz [ 87.619844][ T4390] usb 7-1: Manufacturer: syz [ 87.627318][ T4390] cdc_wdm 7-1:1.0: skipping garbage [ 87.629692][ T4390] cdc_wdm 7-1:1.0: skipping garbage [ 87.632727][ T4390] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 87.832171][ T30] usb 7-1: USB disconnect, device number 2 [ 88.433523][ T30] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 88.635832][ T30] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 88.639271][ T30] usb 7-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 88.643804][ T30] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 88.647905][ T30] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 88.657026][ T30] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 88.660759][ T30] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 88.664484][ T30] usb 7-1: Product: syz [ 88.666336][ T30] usb 7-1: Manufacturer: syz [ 88.673112][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 88.675413][ T30] cdc_wdm 7-1:1.0: skipping garbage [ 88.677763][ T30] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 88.878961][ T4390] usb 7-1: USB disconnect, device number 3 [ 91.132755][ T5900] netlink: 20 bytes leftover after parsing attributes in process `syz.1.144'. [ 91.924603][ T5383] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 92.047995][ T5923] FAULT_INJECTION: forcing a failure. [ 92.047995][ T5923] name failslab, interval 1, probability 0, space 0, times 0 [ 92.057407][ T5923] CPU: 3 UID: 0 PID: 5923 Comm: syz.1.151 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 92.062387][ T5923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 92.067688][ T5923] Call Trace: [ 92.069180][ T5923] [ 92.070520][ T5923] dump_stack_lvl+0x16c/0x1f0 [ 92.072684][ T5923] should_fail_ex+0x497/0x5b0 [ 92.075484][ T5923] ? fs_reclaim_acquire+0xae/0x160 [ 92.078200][ T5923] should_failslab+0xc2/0x120 [ 92.080381][ T5923] __kmalloc_noprof+0xcb/0x410 [ 92.082518][ T5923] tomoyo_encode2+0x100/0x3e0 [ 92.084632][ T5923] tomoyo_realpath_from_path+0x1a7/0x710 [ 92.087129][ T5923] ? tomoyo_profile+0x47/0x60 [ 92.089184][ T5923] tomoyo_path_number_perm+0x245/0x5b0 [ 92.091551][ T5923] ? tomoyo_path_number_perm+0x232/0x5b0 [ 92.094007][ T5923] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 92.096622][ T5923] ? __pfx_lock_release+0x10/0x10 [ 92.098826][ T5923] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 92.101424][ T5923] ? __fget_files+0x256/0x400 [ 92.103365][ T5923] security_file_ioctl_compat+0x75/0xc0 [ 92.105710][ T5923] __do_compat_sys_ioctl+0x5d/0x330 [ 92.107704][ T5923] __do_fast_syscall_32+0x73/0x120 [ 92.109790][ T5923] do_fast_syscall_32+0x32/0x80 [ 92.111950][ T5923] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 92.114686][ T5923] RIP: 0023:0xf7f85579 [ 92.116395][ T5923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 92.123946][ T5923] RSP: 002b:00000000f571557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 92.127346][ T5923] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004010ae68 [ 92.130570][ T5923] RDX: 0000000020000500 RSI: 0000000000000000 RDI: 0000000000000000 [ 92.133545][ T5923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 92.136807][ T5923] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 92.139777][ T5923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 92.143116][ T5923] [ 92.146399][ T5923] ERROR: Out of memory at tomoyo_realpath_from_path. [ 92.178831][ T5383] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 92.182369][ T5383] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 92.186965][ T5383] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 92.190822][ T5383] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 92.200237][ T5383] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 92.203964][ T5383] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 92.206973][ T5383] usb 5-1: Product: syz [ 92.208949][ T5383] usb 5-1: Manufacturer: syz [ 92.220585][ T5383] cdc_wdm 5-1:1.0: skipping garbage [ 92.222950][ T5383] cdc_wdm 5-1:1.0: skipping garbage [ 92.226040][ T5383] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 92.424642][ T58] usb 5-1: USB disconnect, device number 2 [ 92.603437][ T5383] usb 6-1: new full-speed USB device number 5 using dummy_hcd [ 92.774904][ T5383] usb 6-1: device descriptor read/64, error -71 [ 93.053435][ T58] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 93.056715][ T5383] usb 6-1: new full-speed USB device number 6 using dummy_hcd [ 93.213666][ T5383] usb 6-1: device descriptor read/64, error -71 [ 93.247782][ T58] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 93.251454][ T58] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 93.256172][ T58] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 93.260189][ T58] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 14129, setting to 64 [ 93.266735][ T58] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 93.270577][ T58] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 93.275548][ T58] usb 5-1: Product: syz [ 93.277042][ T58] usb 5-1: Manufacturer: syz [ 93.287039][ T58] cdc_wdm 5-1:1.0: skipping garbage [ 93.289404][ T58] cdc_wdm 5-1:1.0: skipping garbage [ 93.291722][ T58] cdc_wdm 5-1:1.0: probe with driver cdc_wdm failed with error -22 [ 93.334805][ T5383] usb usb6-port1: attempt power cycle [ 93.493095][ T8] usb 5-1: USB disconnect, device number 3 [ 93.753423][ T5383] usb 6-1: new full-speed USB device number 7 using dummy_hcd [ 93.794747][ T5383] usb 6-1: device descriptor read/8, error -71 [ 94.103399][ T5383] usb 6-1: new full-speed USB device number 8 using dummy_hcd [ 94.134318][ T5383] usb 6-1: device descriptor read/8, error -71 [ 94.263881][ T5383] usb usb6-port1: unable to enumerate USB device [ 94.590875][ T5954] fuse: Unknown parameter '?pE' [ 95.410519][ T5978] ======================================================= [ 95.410519][ T5978] WARNING: The mand mount option has been deprecated and [ 95.410519][ T5978] and is ignored by this kernel. Remove the mand [ 95.410519][ T5978] option from the mount to silence this warning. [ 95.410519][ T5978] ======================================================= [ 95.473591][ T58] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 95.553982][ T5981] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 95.634762][ T58] usb 8-1: device descriptor read/64, error -71 [ 95.923394][ T58] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 96.103414][ T58] usb 8-1: device descriptor read/64, error -71 [ 96.233936][ T58] usb usb8-port1: attempt power cycle [ 96.363401][ T39] audit: type=1326 audit(2000000030.110:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.373377][ T39] audit: type=1326 audit(2000000030.110:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.383417][ T5994] FAULT_INJECTION: forcing a failure. [ 96.383417][ T5994] name failslab, interval 1, probability 0, space 0, times 0 [ 96.383441][ T5994] CPU: 3 UID: 0 PID: 5994 Comm: syz.0.173 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 96.383460][ T5994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.383471][ T5994] Call Trace: [ 96.383478][ T5994] [ 96.383486][ T5994] dump_stack_lvl+0x16c/0x1f0 [ 96.383510][ T5994] should_fail_ex+0x497/0x5b0 [ 96.383526][ T5994] ? fs_reclaim_acquire+0xae/0x160 [ 96.383544][ T5994] should_failslab+0xc2/0x120 [ 96.383563][ T5994] __kmalloc_cache_noprof+0x6b/0x310 [ 96.383581][ T5994] ? audit_log_d_path+0xce/0x1e0 [ 96.383607][ T5994] audit_log_d_path+0xce/0x1e0 [ 96.383630][ T5994] audit_log_d_path_exe+0x46/0x70 [ 96.383652][ T5994] audit_log_task+0x279/0x300 [ 96.383677][ T5994] ? __pfx_audit_log_task+0x10/0x10 [ 96.383703][ T5994] ? migrate_enable+0x1a8/0x260 [ 96.383724][ T5994] ? __pfx_migrate_enable+0x10/0x10 [ 96.383749][ T5994] audit_seccomp+0x7a/0x280 [ 96.383771][ T5994] __seccomp_filter+0x816/0xf40 [ 96.383793][ T5994] ? __pfx___seccomp_filter+0x10/0x10 [ 96.383818][ T5994] ? ksys_write+0x1ab/0x260 [ 96.383846][ T5994] __secure_computing+0x26c/0x3f0 [ 96.383866][ T5994] syscall_trace_enter+0x8b/0x240 [ 96.383895][ T5994] __do_fast_syscall_32+0xc2/0x120 [ 96.383920][ T5994] do_fast_syscall_32+0x32/0x80 [ 96.383943][ T5994] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.383964][ T5994] RIP: 0023:0xf7f40579 [ 96.383978][ T5994] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.383993][ T5994] RSP: 002b:00000000f56f65b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 96.384011][ T5994] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 00000000f56f6630 [ 96.384027][ T5994] RDX: 000000000000000f RSI: 00000000f73cbff4 RDI: 0000000000000000 [ 96.384038][ T5994] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 96.384048][ T5994] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 96.384058][ T5994] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.384079][ T5994] [ 96.486886][ T39] audit: type=1326 audit(2000000030.110:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.496765][ T39] audit: type=1326 audit(2000000030.120:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.506501][ T39] audit: type=1326 audit(2000000030.120:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.516016][ T39] audit: type=1326 audit(2000000030.120:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.525748][ T39] audit: type=1326 audit(2000000030.120:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.536268][ T39] audit: type=1326 audit(2000000030.120:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.545647][ T39] audit: type=1326 audit(2000000030.120:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.555012][ T39] audit: type=1326 audit(2000000030.120:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5993 comm="syz.0.173" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 96.597240][ T6001] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 96.664657][ T58] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 96.706484][ T58] usb 8-1: device descriptor read/8, error -71 [ 96.973454][ T58] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 97.017165][ T58] usb 8-1: device descriptor read/8, error -71 [ 97.136898][ T58] usb usb8-port1: unable to enumerate USB device [ 97.182520][ C0] vkms_vblank_simulate: vblank timer overrun [ 98.227792][ T6019] netlink: 16 bytes leftover after parsing attributes in process `syz.3.180'. [ 98.411532][ T6022] netlink: 20 bytes leftover after parsing attributes in process `syz.0.181'. [ 98.478646][ T6031] fuse: Unknown parameter '?pE' [ 98.976772][ T6052] netlink: 16 bytes leftover after parsing attributes in process `syz.2.192'. [ 99.439573][ T6064] netlink: 20 bytes leftover after parsing attributes in process `syz.2.193'. [ 99.555228][ T6069] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 100.214181][ T6079] netlink: 36 bytes leftover after parsing attributes in process `syz.3.199'. [ 100.843256][ T6091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.203'. [ 101.822983][ T6111] capability: warning: `syz.3.209' uses 32-bit capabilities (legacy support in use) [ 102.165514][ T6121] mkiss: ax0: crc mode is auto. [ 103.964983][ T6160] netlink: 20 bytes leftover after parsing attributes in process `syz.0.220'. [ 104.130228][ T39] kauditd_printk_skb: 36 callbacks suppressed [ 104.130242][ T39] audit: type=1326 audit(2000000037.880:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.153426][ T39] audit: type=1326 audit(2000000037.880:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.163513][ T39] audit: type=1326 audit(2000000037.880:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.173158][ T39] audit: type=1326 audit(2000000037.880:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.193792][ T39] audit: type=1326 audit(2000000037.880:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.204540][ T39] audit: type=1326 audit(2000000037.880:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.232496][ T39] audit: type=1326 audit(2000000037.880:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.243430][ T39] audit: type=1326 audit(2000000037.880:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.252479][ T39] audit: type=1326 audit(2000000037.880:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.262507][ T39] audit: type=1326 audit(2000000037.890:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6162 comm="syz.0.222" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f40579 code=0x7ffc0000 [ 104.313391][ T981] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 104.362776][ T66] Bluetooth: hci3: link tx timeout [ 104.367339][ T66] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 104.493461][ T981] usb 7-1: Using ep0 maxpacket: 8 [ 104.500148][ T981] usb 7-1: config index 0 descriptor too short (expected 301, got 45) [ 104.504072][ T981] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 104.507303][ T981] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 104.511523][ T981] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 104.515688][ T981] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 104.521259][ T981] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23 [ 104.525203][ T981] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 104.704906][ T6181] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 104.713853][ T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 104.780227][ T981] usb 7-1: usb_control_msg returned -32 [ 104.782760][ T981] usbtmc 7-1:16.0: can't read capabilities [ 104.792890][ T981] usb 7-1: USB disconnect, device number 4 [ 104.863649][ T10] usb 5-1: device descriptor read/64, error -71 [ 105.153633][ T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 105.313968][ T10] usb 5-1: device descriptor read/64, error -71 [ 105.444477][ T10] usb usb5-port1: attempt power cycle [ 105.877108][ T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 105.904242][ T10] usb 5-1: device descriptor read/8, error -71 [ 106.150092][ T6192] netlink: 20 bytes leftover after parsing attributes in process `syz.2.230'. [ 106.193385][ T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 106.224198][ T10] usb 5-1: device descriptor read/8, error -71 [ 106.343898][ T10] usb usb5-port1: unable to enumerate USB device [ 106.433588][ T66] Bluetooth: hci3: command 0x0406 tx timeout [ 107.050863][ T5346] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 107.211387][ T6213] netlink: 'syz.3.236': attribute type 21 has an invalid length. [ 107.221325][ T6213] netlink: 'syz.3.236': attribute type 6 has an invalid length. [ 107.226953][ T6213] netlink: 14320 bytes leftover after parsing attributes in process `syz.3.236'. [ 107.773026][ T6230] netlink: 20 bytes leftover after parsing attributes in process `syz.1.241'. [ 108.999778][ T6253] netlink: 20 bytes leftover after parsing attributes in process `syz.1.246'. [ 112.165846][ T6302] block device autoloading is deprecated and will be removed. [ 112.400698][ T6312] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 112.427049][ T6313] netlink: 20 bytes leftover after parsing attributes in process `syz.1.264'. [ 112.989534][ T6322] netlink: 8 bytes leftover after parsing attributes in process `syz.2.267'. [ 114.760170][ T6344] netlink: 8 bytes leftover after parsing attributes in process `syz.2.273'. [ 114.863848][ T39] kauditd_printk_skb: 26 callbacks suppressed [ 114.863863][ T39] audit: type=1326 audit(2000000048.620:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6343 comm="syz.2.273" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf743e579 code=0x0 [ 115.518974][ T5382] IPVS: starting estimator thread 0... [ 115.613488][ T6352] IPVS: using max 23 ests per chain, 55200 per kthread [ 115.662773][ T6355] netlink: 8 bytes leftover after parsing attributes in process `syz.2.276'. [ 115.721669][ T6357] netlink: 64 bytes leftover after parsing attributes in process `syz.2.277'. [ 116.936042][ T6389] netlink: 8 bytes leftover after parsing attributes in process `syz.1.286'. [ 117.936521][ T6401] netlink: 8 bytes leftover after parsing attributes in process `syz.0.289'. [ 117.945052][ T6401] netlink: 'syz.0.289': attribute type 3 has an invalid length. [ 117.948744][ T6401] netlink: 196520 bytes leftover after parsing attributes in process `syz.0.289'. [ 118.766348][ T5346] Bluetooth: hci3: unexpected event for opcode 0x0c23 [ 118.857437][ T6423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.295'. [ 119.064962][ T831] IPVS: starting estimator thread 0... [ 119.166484][ T6442] IPVS: using max 20 ests per chain, 48000 per kthread [ 119.265406][ T6452] netlink: 8 bytes leftover after parsing attributes in process `syz.0.308'. [ 119.460539][ T6455] overlay: Unknown parameter 'fowner' [ 119.513510][ T5382] usb 8-1: new high-speed USB device number 7 using dummy_hcd [ 119.748922][ T5382] usb 8-1: config index 0 descriptor too short (expected 23569, got 27) [ 119.773489][ T5382] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.779707][ T5382] usb 8-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 119.784050][ T5382] usb 8-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 119.787502][ T5382] usb 8-1: Manufacturer: syz [ 119.804660][ T5382] usb 8-1: config 0 descriptor?? [ 119.827532][ T6460] netlink: 8 bytes leftover after parsing attributes in process `syz.1.310'. [ 119.873557][ T5382] rc_core: IR keymap rc-hauppauge not found [ 119.876023][ T5382] Registered IR keymap rc-empty [ 119.881452][ T5382] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0 [ 119.888535][ T5382] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb8/8-1/8-1:0.0/rc/rc0/input7 [ 120.042706][ T5382] usb 8-1: USB disconnect, device number 7 [ 121.573518][ T5382] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 121.727625][ T5382] usb 7-1: device descriptor read/64, error -71 [ 121.993739][ T5382] usb 7-1: new high-speed USB device number 6 using dummy_hcd [ 122.153635][ T5382] usb 7-1: device descriptor read/64, error -71 [ 122.274337][ T5382] usb usb7-port1: attempt power cycle [ 122.686659][ T5382] usb 7-1: new high-speed USB device number 7 using dummy_hcd [ 122.714131][ T5382] usb 7-1: device descriptor read/8, error -71 [ 122.985070][ T5382] usb 7-1: new high-speed USB device number 8 using dummy_hcd [ 123.016467][ T5382] usb 7-1: device descriptor read/8, error -71 [ 123.136385][ T5382] usb usb7-port1: unable to enumerate USB device [ 125.814471][ T6487] 9pnet: p9_errstr2errno: server reported unknown error œæç [ 125.884876][ T6489] FAULT_INJECTION: forcing a failure. [ 125.884876][ T6489] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.890324][ T6489] CPU: 2 UID: 0 PID: 6489 Comm: syz.3.321 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 125.894607][ T6489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 125.899055][ T6489] Call Trace: [ 125.900461][ T6489] [ 125.901729][ T6489] dump_stack_lvl+0x16c/0x1f0 [ 125.903661][ T6489] should_fail_ex+0x497/0x5b0 [ 125.905623][ T6489] _copy_to_user+0x30/0xc0 [ 125.907611][ T6489] simple_read_from_buffer+0xd0/0x160 [ 125.909809][ T6489] proc_fail_nth_read+0x1b0/0x290 [ 125.912064][ T6489] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.914533][ T6489] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 125.916959][ T6489] vfs_read+0x1d4/0xbd0 [ 125.918823][ T6489] ? __fdget_pos+0xeb/0x180 [ 125.920650][ T6489] ? __pfx_vfs_read+0x10/0x10 [ 125.922664][ T6489] ? __pfx___mutex_lock+0x10/0x10 [ 125.924559][ T6489] ? __fget_files+0x256/0x400 [ 125.926581][ T6489] ksys_read+0x12f/0x260 [ 125.928394][ T6489] ? __pfx_ksys_read+0x10/0x10 [ 125.930332][ T6489] __do_fast_syscall_32+0x73/0x120 [ 125.932577][ T6489] do_fast_syscall_32+0x32/0x80 [ 125.934801][ T6489] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 125.937265][ T6489] RIP: 0023:0xf743e579 [ 125.939171][ T6489] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 125.948088][ T6489] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 125.951950][ T6489] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5756630 [ 125.955621][ T6489] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 125.959113][ T6489] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 125.962966][ T6489] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 125.966402][ T6489] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 125.970130][ T6489] [ 126.314036][ T6495] netlink: 60 bytes leftover after parsing attributes in process `syz.3.322'. [ 126.377395][ T6495] Êü: entered promiscuous mode [ 127.411077][ T6502] FAULT_INJECTION: forcing a failure. [ 127.411077][ T6502] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 127.429917][ T6502] CPU: 0 UID: 0 PID: 6502 Comm: syz.3.324 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 127.434386][ T6502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 127.438831][ T6502] Call Trace: [ 127.440298][ T6502] [ 127.441569][ T6502] dump_stack_lvl+0x16c/0x1f0 [ 127.443644][ T6502] should_fail_ex+0x497/0x5b0 [ 127.445577][ T6502] _copy_to_user+0x30/0xc0 [ 127.447119][ T6502] simple_read_from_buffer+0xd0/0x160 [ 127.448961][ T6502] proc_fail_nth_read+0x1b0/0x290 [ 127.451085][ T6502] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.453315][ T6502] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 127.455676][ T6502] vfs_read+0x1d4/0xbd0 [ 127.457426][ T6502] ? __fdget_pos+0xeb/0x180 [ 127.458968][ T6502] ? __pfx_vfs_read+0x10/0x10 [ 127.460535][ T6502] ? __pfx___mutex_lock+0x10/0x10 [ 127.462476][ T6502] ? __fget_files+0x256/0x400 [ 127.464455][ T6502] ksys_read+0x12f/0x260 [ 127.465911][ T6502] ? __pfx_ksys_read+0x10/0x10 [ 127.467534][ T6502] __do_fast_syscall_32+0x73/0x120 [ 127.469292][ T6502] do_fast_syscall_32+0x32/0x80 [ 127.471342][ T6502] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 127.473547][ T6502] RIP: 0023:0xf743e579 [ 127.474958][ T6502] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 127.481598][ T6502] RSP: 002b:00000000f57355b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 127.485036][ T6502] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f5735630 [ 127.488380][ T6502] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 127.491549][ T6502] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 127.494560][ T6502] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 127.497857][ T6502] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 127.501179][ T6502] [ 127.710972][ T6506] mkiss: ax0: crc mode is auto. [ 127.998691][ T6516] fuse: Unknown parameter 'fRßþ"²TÇ!B0xffffffffffffffff' [ 128.014705][ T6516] fuse: Unknown parameter 'fd0xffffffffffffffff' [ 128.017935][ T6516] syz.2.328(6516): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 128.025711][ T6515] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 128.802432][ T6524] FAULT_INJECTION: forcing a failure. [ 128.802432][ T6524] name failslab, interval 1, probability 0, space 0, times 0 [ 128.807971][ T6524] CPU: 2 UID: 0 PID: 6524 Comm: syz.2.331 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 128.811738][ T6524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 128.815300][ T6524] Call Trace: [ 128.816585][ T6524] [ 128.817947][ T6524] dump_stack_lvl+0x16c/0x1f0 [ 128.820064][ T6524] should_fail_ex+0x497/0x5b0 [ 128.822285][ T6524] ? fs_reclaim_acquire+0xae/0x160 [ 128.824689][ T6524] should_failslab+0xc2/0x120 [ 128.826892][ T6524] __kmalloc_noprof+0xcb/0x410 [ 128.829091][ T6524] ? __pfx_lock_acquire+0x10/0x10 [ 128.831459][ T6524] tomoyo_realpath_from_path+0xbf/0x710 [ 128.834008][ T6524] ? tomoyo_profile+0x47/0x60 [ 128.836181][ T6524] tomoyo_path_number_perm+0x245/0x5b0 [ 128.838890][ T6524] ? tomoyo_path_number_perm+0x232/0x5b0 [ 128.843200][ T6524] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 128.845623][ T6524] ? __pfx_lock_release+0x10/0x10 [ 128.847988][ T6524] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 128.850810][ T6524] ? __fget_files+0x256/0x400 [ 128.853110][ T6524] security_file_ioctl_compat+0x75/0xc0 [ 128.855349][ T6524] __do_compat_sys_ioctl+0x5d/0x330 [ 128.857194][ T6524] __do_fast_syscall_32+0x73/0x120 [ 128.859290][ T6524] do_fast_syscall_32+0x32/0x80 [ 128.861499][ T6524] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 128.864085][ T6524] RIP: 0023:0xf743e579 [ 128.865866][ T6524] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 128.873916][ T6524] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 128.877478][ T6524] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000891a [ 128.880905][ T6524] RDX: 0000000020001200 RSI: 0000000000000000 RDI: 0000000000000000 [ 128.884539][ T6524] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 128.888039][ T6524] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 128.891593][ T6524] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 128.895006][ T6524] [ 128.898695][ T6524] ERROR: Out of memory at tomoyo_realpath_from_path. [ 129.350189][ T6530] openvswitch: netlink: EtherType 200 is less than min 600 [ 129.856475][ T66] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 129.862037][ T66] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 129.879688][ T66] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 129.900909][ T66] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 129.904727][ T66] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 129.907937][ T66] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 130.254251][ T6549] chnl_net:caif_netlink_parms(): no params data found [ 130.511770][ T6549] bridge0: port 1(bridge_slave_0) entered blocking state [ 130.514930][ T6549] bridge0: port 1(bridge_slave_0) entered disabled state [ 130.517659][ T6549] bridge_slave_0: entered allmulticast mode [ 130.521590][ T6549] bridge_slave_0: entered promiscuous mode [ 130.526737][ T6549] bridge0: port 2(bridge_slave_1) entered blocking state [ 130.529328][ T6549] bridge0: port 2(bridge_slave_1) entered disabled state [ 130.532092][ T6549] bridge_slave_1: entered allmulticast mode [ 130.539345][ T6549] bridge_slave_1: entered promiscuous mode [ 130.618489][ T6549] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 130.630806][ T6549] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 130.757407][ T6549] team0: Port device team_slave_0 added [ 130.762679][ T6549] team0: Port device team_slave_1 added [ 130.909549][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 130.912496][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.928096][ T6549] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 130.940595][ T6549] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 130.943689][ T6549] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 130.955190][ T6549] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 131.237686][ T6549] hsr_slave_0: entered promiscuous mode [ 131.271636][ T6549] hsr_slave_1: entered promiscuous mode [ 131.761869][ T6549] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.878030][ T6549] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 131.963417][ T5346] Bluetooth: hci4: command tx timeout [ 132.016971][ T6549] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.125841][ T6549] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 132.332760][ T6549] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 132.338839][ T6549] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 132.383430][ T6549] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 132.396414][ T6549] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 132.479825][ T6578] FAULT_INJECTION: forcing a failure. [ 132.479825][ T6578] name failslab, interval 1, probability 0, space 0, times 0 [ 132.486800][ T6578] CPU: 3 UID: 0 PID: 6578 Comm: syz.1.345 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 132.491894][ T6578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.496367][ T6578] Call Trace: [ 132.497561][ T6578] [ 132.499016][ T6578] dump_stack_lvl+0x16c/0x1f0 [ 132.504510][ T6578] should_fail_ex+0x497/0x5b0 [ 132.506683][ T6578] ? fs_reclaim_acquire+0xae/0x160 [ 132.508919][ T6578] should_failslab+0xc2/0x120 [ 132.511049][ T6578] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 132.513388][ T6578] ? vm_area_dup+0x21/0x300 [ 132.515368][ T6578] ? __pfx_mark_lock+0x10/0x10 [ 132.517505][ T6578] vm_area_dup+0x21/0x300 [ 132.519442][ T6578] __split_vma+0x181/0x11a0 [ 132.521533][ T6578] ? __pfx_mark_lock+0x10/0x10 [ 132.523602][ T6578] ? __pfx___split_vma+0x10/0x10 [ 132.525817][ T6578] ? hlock_class+0x4e/0x130 [ 132.528156][ T6578] ? __pfx_mark_lock+0x10/0x10 [ 132.530581][ T6578] do_vmi_align_munmap+0x362/0x19c0 [ 132.532799][ T6578] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 132.535242][ T6578] do_vmi_munmap+0x231/0x410 [ 132.537232][ T6578] mmap_region+0x17f/0x2760 [ 132.539120][ T6578] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 132.541662][ T6578] ? __pfx_mmap_region+0x10/0x10 [ 132.544051][ T6578] ? security_mmap_addr+0x8e/0xb0 [ 132.546251][ T6578] ? __get_unmapped_area+0x271/0x3a0 [ 132.548440][ T6578] do_mmap+0xbfb/0xfb0 [ 132.550149][ T6578] ? security_mmap_file+0x192/0x1d0 [ 132.552293][ T6578] vm_mmap_pgoff+0x1ba/0x360 [ 132.554377][ T6578] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 132.556607][ T6578] ksys_mmap_pgoff+0x332/0x5d0 [ 132.558537][ T6578] ? __ia32_sys_mmap_pgoff+0x11/0x1b0 [ 132.560549][ T6578] __do_fast_syscall_32+0x73/0x120 [ 132.562703][ T6578] do_fast_syscall_32+0x32/0x80 [ 132.564867][ T6578] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.567563][ T6578] RIP: 0023:0xf7f85579 [ 132.569285][ T6578] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 132.575819][ T6578] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 00000000000000c0 [ 132.585873][ T6578] RAX: ffffffffffffffda RBX: 0000000020000000 RCX: 0000000000001000 [ 132.589133][ T6578] RDX: 0000000000000001 RSI: 0000000000008012 RDI: 0000000000000004 [ 132.592496][ T6578] RBP: 0000000083000000 R08: 0000000000000000 R09: 0000000000000000 [ 132.595776][ T6578] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 132.599098][ T6578] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.602532][ T6578] [ 132.604067][ C3] vkms_vblank_simulate: vblank timer overrun [ 132.629564][ T6549] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.678544][ T6549] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.695675][ T1285] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.698682][ T1285] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.721847][ T1285] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.725414][ T1285] bridge0: port 2(bridge_slave_1) entered forwarding state [ 132.797653][ T6583] FAULT_INJECTION: forcing a failure. [ 132.797653][ T6583] name failslab, interval 1, probability 0, space 0, times 0 [ 132.802899][ T6583] CPU: 2 UID: 0 PID: 6583 Comm: syz.3.347 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 132.807119][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 132.811791][ T6583] Call Trace: [ 132.813208][ T6583] [ 132.814523][ T6583] dump_stack_lvl+0x16c/0x1f0 [ 132.816487][ T6583] should_fail_ex+0x497/0x5b0 [ 132.818456][ T6583] ? fs_reclaim_acquire+0xae/0x160 [ 132.820592][ T6583] should_failslab+0xc2/0x120 [ 132.822639][ T6583] __kmalloc_noprof+0xcb/0x410 [ 132.824532][ T6583] ? __pfx_lock_acquire+0x10/0x10 [ 132.826611][ T6583] tomoyo_realpath_from_path+0xbf/0x710 [ 132.828883][ T6583] ? tomoyo_profile+0x47/0x60 [ 132.831065][ T6583] tomoyo_path_number_perm+0x245/0x5b0 [ 132.834355][ T6583] ? tomoyo_path_number_perm+0x232/0x5b0 [ 132.836736][ T6583] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 132.839344][ T6583] ? __pfx_lock_release+0x10/0x10 [ 132.841525][ T6583] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 132.844683][ T6583] ? __fget_files+0x256/0x400 [ 132.846717][ T6583] security_file_ioctl_compat+0x75/0xc0 [ 132.849073][ T6583] __do_compat_sys_ioctl+0x5d/0x330 [ 132.851354][ T6583] __do_fast_syscall_32+0x73/0x120 [ 132.854327][ T6583] do_fast_syscall_32+0x32/0x80 [ 132.856408][ T6583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 132.859129][ T6583] RIP: 0023:0xf743e579 [ 132.860827][ T6583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 132.869011][ T6583] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 132.872881][ T6583] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000004b2f [ 132.876142][ T6583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 132.879371][ T6583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 132.882647][ T6583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 132.885899][ T6583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 132.889179][ T6583] [ 132.896700][ T6583] ERROR: Out of memory at tomoyo_realpath_from_path. [ 133.008069][ T1377] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.010955][ T1377] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.079044][ T6549] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 133.179715][ T6549] veth0_vlan: entered promiscuous mode [ 133.189444][ T6549] veth1_vlan: entered promiscuous mode [ 133.217414][ T6549] veth0_macvtap: entered promiscuous mode [ 133.226613][ T6549] veth1_macvtap: entered promiscuous mode [ 133.243799][ T58] hid (null): global environment stack underflow [ 133.246804][ T58] hid (null): unknown global tag 0xe [ 133.249032][ T58] hid (null): report_id 0 is invalid [ 133.256802][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 133.259877][ T58] hid-generic 007F:0001:0009.0003: global environment stack underflow [ 133.273453][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.278130][ T58] hid-generic 007F:0001:0009.0003: item 0 2 1 11 parsing failed [ 133.279806][ T58] hid-generic 007F:0001:0009.0003: probe with driver hid-generic failed with error -22 [ 133.281527][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 133.291427][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.295597][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 133.300570][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.307175][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 133.311545][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.317566][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 133.323110][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.328327][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.332682][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.338286][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.342294][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.348060][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.352692][ T6549] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 133.357695][ T6549] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 133.364306][ T6549] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 133.377659][ T6549] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.381753][ T6549] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.385911][ T6549] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.388848][ T6549] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 133.451899][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.455566][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.485826][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 133.492610][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 133.564295][ T6601] FAULT_INJECTION: forcing a failure. [ 133.564295][ T6601] name failslab, interval 1, probability 0, space 0, times 0 [ 133.593613][ T6601] CPU: 0 UID: 0 PID: 6601 Comm: syz.1.352 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 133.598170][ T6601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 133.602921][ T6601] Call Trace: [ 133.607130][ T6601] [ 133.608668][ T6601] dump_stack_lvl+0x16c/0x1f0 [ 133.611154][ T6601] should_fail_ex+0x497/0x5b0 [ 133.613380][ T6601] ? fs_reclaim_acquire+0xae/0x160 [ 133.615671][ T6601] should_failslab+0xc2/0x120 [ 133.617823][ T6601] __kmalloc_noprof+0xcb/0x410 [ 133.619970][ T6601] ? __pfx_lock_acquire+0x10/0x10 [ 133.622203][ T6601] tomoyo_realpath_from_path+0xbf/0x710 [ 133.624588][ T6601] ? tomoyo_profile+0x47/0x60 [ 133.626684][ T6601] tomoyo_path_number_perm+0x245/0x5b0 [ 133.629118][ T6601] ? tomoyo_path_number_perm+0x232/0x5b0 [ 133.631598][ T6601] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 133.634312][ T6601] ? __pfx_lock_release+0x10/0x10 [ 133.636574][ T6601] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 133.639204][ T6601] ? __fget_files+0x256/0x400 [ 133.641112][ T6601] security_file_ioctl_compat+0x75/0xc0 [ 133.643272][ T6601] __do_compat_sys_ioctl+0x5d/0x330 [ 133.645298][ T6601] __do_fast_syscall_32+0x73/0x120 [ 133.647301][ T6601] do_fast_syscall_32+0x32/0x80 [ 133.649230][ T6601] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 133.651892][ T6601] RIP: 0023:0xf7f85579 [ 133.653773][ T6601] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 133.662356][ T6601] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 133.666234][ T6601] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000005423 [ 133.669718][ T6601] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 133.673392][ T6601] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 133.676904][ T6601] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 133.680630][ T6601] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 133.684865][ T6601] [ 133.689491][ T6601] ERROR: Out of memory at tomoyo_realpath_from_path. [ 134.034084][ T5346] Bluetooth: hci4: command tx timeout [ 134.079186][ T5346] Bluetooth: hci3: unexpected event for opcode 0x0c23 [ 134.473693][ T4390] usb 7-1: new high-speed USB device number 9 using dummy_hcd [ 134.675262][ T4390] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 134.678943][ T4390] usb 7-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 134.693423][ T4390] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 134.697469][ T4390] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 134.711616][ T4390] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 134.715823][ T4390] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 134.719307][ T4390] usb 7-1: Product: syz [ 134.721144][ T4390] usb 7-1: Manufacturer: syz [ 134.771799][ T4390] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 134.847131][ T6625] FAULT_INJECTION: forcing a failure. [ 134.847131][ T6625] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 134.853053][ T6625] CPU: 2 UID: 0 PID: 6625 Comm: syz.0.358 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 134.857547][ T6625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 134.862944][ T6625] Call Trace: [ 134.864503][ T6625] [ 134.866129][ T6625] dump_stack_lvl+0x16c/0x1f0 [ 134.868267][ T6625] should_fail_ex+0x497/0x5b0 [ 134.870452][ T6625] _copy_to_user+0x30/0xc0 [ 134.872841][ T6625] simple_read_from_buffer+0xd0/0x160 [ 134.875505][ T6625] proc_fail_nth_read+0x1b0/0x290 [ 134.877777][ T6625] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.880154][ T6625] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 134.882478][ T6625] vfs_read+0x1d4/0xbd0 [ 134.884306][ T6625] ? __fdget_pos+0xeb/0x180 [ 134.886399][ T6625] ? __pfx_vfs_read+0x10/0x10 [ 134.888388][ T6625] ? __pfx___mutex_lock+0x10/0x10 [ 134.890693][ T6625] ? __fget_files+0x256/0x400 [ 134.892922][ T6625] ksys_read+0x12f/0x260 [ 134.894838][ T6625] ? __pfx_ksys_read+0x10/0x10 [ 134.897042][ T6625] __do_fast_syscall_32+0x73/0x120 [ 134.899723][ T6625] do_fast_syscall_32+0x32/0x80 [ 134.901928][ T6625] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 134.904714][ T6625] RIP: 0023:0xf743e579 [ 134.906469][ T6625] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 134.914866][ T6625] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 134.918490][ T6625] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5756630 [ 134.921971][ T6625] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 134.925306][ T6625] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 134.928696][ T6625] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 134.931994][ T6625] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 134.935428][ T6625] [ 134.989712][ T4390] usb 7-1: USB disconnect, device number 9 [ 135.596073][ T4390] usb 7-1: new high-speed USB device number 10 using dummy_hcd [ 135.788155][ T4390] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 135.792399][ T4390] usb 7-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config [ 135.817324][ T4390] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 135.821341][ T4390] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 135.831689][ T4390] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 135.842045][ T4390] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 135.852186][ T4390] usb 7-1: Product: syz [ 135.856174][ T4390] usb 7-1: Manufacturer: syz [ 135.875730][ T4390] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22 [ 136.123516][ T5346] Bluetooth: hci4: command tx timeout [ 136.146295][ T10] usb 7-1: USB disconnect, device number 10 [ 137.155071][ T6656] FAULT_INJECTION: forcing a failure. [ 137.155071][ T6656] name failslab, interval 1, probability 0, space 0, times 0 [ 137.186079][ T6656] CPU: 0 UID: 0 PID: 6656 Comm: syz.0.367 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 137.191725][ T6656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 137.197089][ T6656] Call Trace: [ 137.198526][ T6656] [ 137.199796][ T6656] dump_stack_lvl+0x16c/0x1f0 [ 137.201730][ T6656] should_fail_ex+0x497/0x5b0 [ 137.203931][ T6656] ? fs_reclaim_acquire+0xae/0x160 [ 137.206358][ T6656] should_failslab+0xc2/0x120 [ 137.208826][ T6656] __kmalloc_noprof+0xcb/0x410 [ 137.211341][ T6656] ? __pfx_lock_acquire+0x10/0x10 [ 137.216026][ T6656] tomoyo_realpath_from_path+0xbf/0x710 [ 137.218534][ T6656] ? tomoyo_profile+0x47/0x60 [ 137.220385][ T6656] tomoyo_path_number_perm+0x245/0x5b0 [ 137.222759][ T6656] ? tomoyo_path_number_perm+0x232/0x5b0 [ 137.225675][ T6656] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 137.228655][ T6656] ? __pfx_lock_release+0x10/0x10 [ 137.231314][ T6656] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 137.246591][ T6656] ? __fget_files+0x256/0x400 [ 137.248739][ T6656] security_file_ioctl_compat+0x75/0xc0 [ 137.251259][ T6656] __do_compat_sys_ioctl+0x5d/0x330 [ 137.253595][ T6656] __do_fast_syscall_32+0x73/0x120 [ 137.255873][ T6656] do_fast_syscall_32+0x32/0x80 [ 137.258043][ T6656] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 137.261073][ T6656] RIP: 0023:0xf743e579 [ 137.262755][ T6656] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 137.272226][ T6656] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 137.276322][ T6656] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000c01064c7 [ 137.280716][ T6656] RDX: 0000000020000080 RSI: 0000000000000000 RDI: 0000000000000000 [ 137.283967][ T6656] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 137.287741][ T6656] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 137.291399][ T6656] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 137.295585][ T6656] [ 137.307488][ T6656] ERROR: Out of memory at tomoyo_realpath_from_path. [ 138.229673][ T6686] FAULT_INJECTION: forcing a failure. [ 138.229673][ T6686] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.235482][ T4390] usb 6-1: new high-speed USB device number 9 using dummy_hcd [ 138.239126][ T6686] CPU: 1 UID: 0 PID: 6686 Comm: syz.2.378 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 138.243340][ T6686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 138.247643][ T6686] Call Trace: [ 138.249121][ T6686] [ 138.250412][ T6686] dump_stack_lvl+0x16c/0x1f0 [ 138.252543][ T6686] should_fail_ex+0x497/0x5b0 [ 138.254635][ T6686] _copy_to_user+0x30/0xc0 [ 138.256623][ T6686] simple_read_from_buffer+0xd0/0x160 [ 138.258924][ T6686] proc_fail_nth_read+0x1b0/0x290 [ 138.261123][ T6686] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 138.263387][ T6686] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 138.265596][ T6686] vfs_read+0x1d4/0xbd0 [ 138.267166][ T6686] ? __fdget_pos+0xeb/0x180 [ 138.268985][ T6686] ? __pfx_vfs_read+0x10/0x10 [ 138.270972][ T6686] ? __pfx___mutex_lock+0x10/0x10 [ 138.272954][ T6686] ? __fget_files+0x256/0x400 [ 138.274783][ T6686] ksys_read+0x12f/0x260 [ 138.276540][ T6686] ? __pfx_ksys_read+0x10/0x10 [ 138.278827][ T6686] __do_fast_syscall_32+0x73/0x120 [ 138.281075][ T6686] do_fast_syscall_32+0x32/0x80 [ 138.283221][ T6686] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 138.285965][ T6686] RIP: 0023:0xf743e579 [ 138.287782][ T6686] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 138.296001][ T6686] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 138.299448][ T6686] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5756630 [ 138.302851][ T6686] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 138.306261][ T6686] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 138.309477][ T6686] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 138.312890][ T6686] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 138.316208][ T6686] [ 138.416600][ T4390] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 138.441346][ T4390] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 138.453770][ T4390] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 138.479334][ T4390] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 138.482921][ T4390] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 138.488482][ T4390] usb 6-1: Product: syz [ 138.490373][ T4390] usb 6-1: Manufacturer: syz [ 138.498312][ T4390] cdc_wdm 6-1:1.0: skipping garbage [ 138.500584][ T4390] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 138.701466][ T10] usb 6-1: USB disconnect, device number 9 [ 139.193460][ T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd [ 139.397612][ T10] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 139.400970][ T10] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 139.404677][ T10] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 139.411350][ T10] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 139.416091][ T10] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 139.419943][ T10] usb 6-1: Product: syz [ 139.423646][ T10] usb 6-1: Manufacturer: syz [ 139.474655][ T10] cdc_wdm 6-1:1.0: skipping garbage [ 139.477991][ T10] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 139.478204][ T5386] IPVS: starting estimator thread 0... [ 139.613487][ T6703] IPVS: using max 22 ests per chain, 52800 per kthread [ 139.685149][ T10] usb 6-1: USB disconnect, device number 10 [ 140.812558][ T6724] FAULT_INJECTION: forcing a failure. [ 140.812558][ T6724] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 140.843451][ T6724] CPU: 3 UID: 0 PID: 6724 Comm: syz.1.389 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 140.847315][ T6724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 140.851607][ T6724] Call Trace: [ 140.852889][ T6724] [ 140.854192][ T6724] dump_stack_lvl+0x16c/0x1f0 [ 140.856312][ T6724] should_fail_ex+0x497/0x5b0 [ 140.858301][ T6724] _copy_from_user+0x30/0xf0 [ 140.860043][ T6724] get_compat_msghdr+0xa8/0x170 [ 140.862169][ T6724] ? __pfx_get_compat_msghdr+0x10/0x10 [ 140.864271][ T6724] ? __pfx___lock_acquire+0x10/0x10 [ 140.866681][ T6724] ? __might_fault+0x13b/0x190 [ 140.868704][ T6724] ___sys_sendmsg+0x1b0/0x1e0 [ 140.870814][ T6724] ? __pfx____sys_sendmsg+0x10/0x10 [ 140.872873][ T6724] ? __pfx_lock_release+0x10/0x10 [ 140.874953][ T6724] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 140.876896][ T6724] ? __fget_light+0x173/0x210 [ 140.878895][ T6724] __sys_sendmmsg+0x2a5/0x450 [ 140.880956][ T6724] ? __pfx___sys_sendmmsg+0x10/0x10 [ 140.883224][ T6724] ? vfs_write+0x14d/0x1140 [ 140.885310][ T6724] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 140.888005][ T6724] ? fput+0x32/0x390 [ 140.889689][ T6724] ? ksys_write+0x1ab/0x260 [ 140.891427][ T6724] ? __pfx_ksys_write+0x10/0x10 [ 140.893646][ T6724] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 140.896137][ T6724] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 140.899056][ T6724] __do_fast_syscall_32+0x73/0x120 [ 140.901217][ T6724] do_fast_syscall_32+0x32/0x80 [ 140.903400][ T6724] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 140.906186][ T6724] RIP: 0023:0xf7f85579 [ 140.907949][ T6724] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 140.916216][ T6724] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 140.919657][ T6724] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001840 [ 140.922931][ T6724] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000000 [ 140.926476][ T6724] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 140.929864][ T6724] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 140.933189][ T6724] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 140.936186][ T6724] [ 140.937381][ C3] vkms_vblank_simulate: vblank timer overrun [ 141.289104][ T6731] Bluetooth: MGMT ver 1.23 [ 147.493816][ T6808] FAULT_INJECTION: forcing a failure. [ 147.493816][ T6808] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 147.499055][ T6808] CPU: 0 UID: 0 PID: 6808 Comm: syz.2.412 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 147.502848][ T6808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 147.506761][ T6808] Call Trace: [ 147.508074][ T6808] [ 147.509230][ T6808] dump_stack_lvl+0x16c/0x1f0 [ 147.511236][ T6808] should_fail_ex+0x497/0x5b0 [ 147.513218][ T6808] _copy_to_user+0x30/0xc0 [ 147.514887][ T6808] simple_read_from_buffer+0xd0/0x160 [ 147.517087][ T6808] proc_fail_nth_read+0x1b0/0x290 [ 147.519096][ T6808] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 147.521160][ T6808] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 147.523636][ T6808] vfs_read+0x1d4/0xbd0 [ 147.525489][ T6808] ? __fdget_pos+0xeb/0x180 [ 147.527526][ T6808] ? __pfx_vfs_read+0x10/0x10 [ 147.529626][ T6808] ? __pfx___mutex_lock+0x10/0x10 [ 147.531812][ T6808] ? __fget_files+0x256/0x400 [ 147.533741][ T6808] ksys_read+0x12f/0x260 [ 147.535480][ T6808] ? __pfx_ksys_read+0x10/0x10 [ 147.537460][ T6808] __do_fast_syscall_32+0x73/0x120 [ 147.539719][ T6808] do_fast_syscall_32+0x32/0x80 [ 147.541944][ T6808] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 147.544650][ T6808] RIP: 0023:0xf743e579 [ 147.546343][ T6808] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 147.553996][ T6808] RSP: 002b:00000000f57355b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 147.557665][ T6808] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000f5735630 [ 147.561124][ T6808] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 147.564406][ T6808] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 147.567465][ T6808] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 147.570553][ T6808] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 147.573688][ T6808] [ 147.694420][ T5346] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 151.102837][ T6855] FAULT_INJECTION: forcing a failure. [ 151.102837][ T6855] name failslab, interval 1, probability 0, space 0, times 0 [ 151.110082][ T6855] CPU: 1 UID: 0 PID: 6855 Comm: syz.1.424 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 151.114796][ T6855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 151.119499][ T6855] Call Trace: [ 151.120971][ T6855] [ 151.122237][ T6855] dump_stack_lvl+0x16c/0x1f0 [ 151.124210][ T6855] should_fail_ex+0x497/0x5b0 [ 151.126208][ T6855] ? fs_reclaim_acquire+0xae/0x160 [ 151.128470][ T6855] should_failslab+0xc2/0x120 [ 151.130323][ T6855] __kmalloc_noprof+0xcb/0x410 [ 151.132360][ T6855] kernfs_fop_write_iter+0x229/0x500 [ 151.134489][ T6855] vfs_write+0x6b6/0x1140 [ 151.136241][ T6855] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 151.138825][ T6855] ? __pfx_vfs_write+0x10/0x10 [ 151.140904][ T6855] ? __pfx___mutex_lock+0x10/0x10 [ 151.143144][ T6855] ? __fget_files+0x256/0x400 [ 151.145236][ T6855] ksys_write+0x12f/0x260 [ 151.147152][ T6855] ? __pfx_ksys_write+0x10/0x10 [ 151.149274][ T6855] __do_fast_syscall_32+0x73/0x120 [ 151.151530][ T6855] do_fast_syscall_32+0x32/0x80 [ 151.153684][ T6855] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 151.156348][ T6855] RIP: 0023:0xf7f85579 [ 151.158146][ T6855] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 151.165830][ T6855] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000004 [ 151.169276][ T6855] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 151.172858][ T6855] RDX: 0000000000000031 RSI: 0000000000000000 RDI: 0000000000000000 [ 151.176250][ T6855] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 151.179443][ T6855] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 151.182670][ T6855] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 151.185720][ T6855] [ 151.533554][ T1111] bridge_slave_1: left allmulticast mode [ 151.536307][ T1111] bridge_slave_1: left promiscuous mode [ 151.539749][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state [ 151.569769][ T1111] bridge_slave_0: left allmulticast mode [ 151.572066][ T1111] bridge_slave_0: left promiscuous mode [ 151.574912][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.069779][ T1111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 152.092785][ T1111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 152.101568][ T1111] bond0 (unregistering): Released all slaves [ 152.562257][ T1111] hsr_slave_0: left promiscuous mode [ 152.569730][ T1111] hsr_slave_1: left promiscuous mode [ 152.576880][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 152.579595][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 152.595283][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 152.598579][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 152.662574][ T1111] veth1_macvtap: left promiscuous mode [ 152.665482][ T1111] veth0_macvtap: left promiscuous mode [ 152.667764][ T1111] veth1_vlan: left promiscuous mode [ 152.670085][ T1111] veth0_vlan: left promiscuous mode [ 153.694613][ T4390] IPVS: starting estimator thread 0... [ 153.793591][ T6893] IPVS: using max 19 ests per chain, 45600 per kthread [ 154.107933][ T1111] team0 (unregistering): Port device team_slave_1 removed [ 154.268183][ T6904] FAULT_INJECTION: forcing a failure. [ 154.268183][ T6904] name failslab, interval 1, probability 0, space 0, times 0 [ 154.274155][ T6904] CPU: 2 UID: 0 PID: 6904 Comm: syz.3.439 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 154.278235][ T6904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 154.282607][ T6904] Call Trace: [ 154.284115][ T6904] [ 154.285603][ T6904] dump_stack_lvl+0x16c/0x1f0 [ 154.287688][ T6904] should_fail_ex+0x497/0x5b0 [ 154.289740][ T6904] ? fs_reclaim_acquire+0xae/0x160 [ 154.292027][ T6904] should_failslab+0xc2/0x120 [ 154.294172][ T6904] kmem_cache_alloc_node_noprof+0x71/0x310 [ 154.296455][ T6904] ? __alloc_skb+0x2b3/0x380 [ 154.298114][ T6904] __alloc_skb+0x2b3/0x380 [ 154.299814][ T6904] ? __pfx___alloc_skb+0x10/0x10 [ 154.301688][ T6904] ? __pfx___might_resched+0x10/0x10 [ 154.303954][ T6904] netlink_alloc_large_skb+0x69/0x130 [ 154.306179][ T6904] netlink_sendmsg+0x689/0xd70 [ 154.308141][ T6904] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.310308][ T6904] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 154.312448][ T6904] ____sys_sendmsg+0x9b4/0xb50 [ 154.314444][ T6904] ? __pfx_____sys_sendmsg+0x10/0x10 [ 154.316519][ T6904] ? get_compat_msghdr+0x11b/0x170 [ 154.318475][ T6904] ? __pfx___lock_acquire+0x10/0x10 [ 154.320610][ T6904] ___sys_sendmsg+0x135/0x1e0 [ 154.322750][ T6904] ? __pfx____sys_sendmsg+0x10/0x10 [ 154.325052][ T6904] ? ksys_write+0x21c/0x260 [ 154.327096][ T6904] ? __fget_light+0x173/0x210 [ 154.329165][ T6904] __sys_sendmsg+0x117/0x1f0 [ 154.331178][ T6904] ? __pfx___sys_sendmsg+0x10/0x10 [ 154.333325][ T6904] __do_fast_syscall_32+0x73/0x120 [ 154.335508][ T6904] do_fast_syscall_32+0x32/0x80 [ 154.337562][ T6904] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 154.340262][ T6904] RIP: 0023:0xf743e579 [ 154.341750][ T6904] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 154.349425][ T6904] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 154.352825][ T6904] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020001200 [ 154.355792][ T6904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 154.359044][ T6904] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 154.362417][ T6904] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 154.365644][ T6904] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 154.368770][ T6904] [ 154.390271][ T1111] team0 (unregistering): Port device team_slave_0 removed [ 155.147078][ T6929] cgroup2: Unknown parameter 'memor' [ 155.629389][ T6929] netlink: 'syz.1.448': attribute type 4 has an invalid length. [ 156.066228][ T1111] IPVS: stop unused estimator thread 0... [ 156.175858][ T66] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 156.181125][ T66] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 156.187062][ T66] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 156.194503][ T66] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 156.198349][ T66] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 156.201737][ T66] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 156.376942][ T1104] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.410369][ T6951] netlink: 12 bytes leftover after parsing attributes in process `syz.2.455'. [ 156.455547][ T1104] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.485869][ T6944] chnl_net:caif_netlink_parms(): no params data found [ 156.555074][ T1104] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.665321][ T1104] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 156.679376][ T5382] usb 7-1: new high-speed USB device number 11 using dummy_hcd [ 156.718792][ T6944] bridge0: port 1(bridge_slave_0) entered blocking state [ 156.721971][ T6944] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.726812][ T6944] bridge_slave_0: entered allmulticast mode [ 156.730063][ T6944] bridge_slave_0: entered promiscuous mode [ 156.734662][ T6944] bridge0: port 2(bridge_slave_1) entered blocking state [ 156.737897][ T6944] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.740496][ T6944] bridge_slave_1: entered allmulticast mode [ 156.744191][ T6944] bridge_slave_1: entered promiscuous mode [ 156.820539][ T6944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 156.827993][ T6944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 156.876666][ T5382] usb 7-1: config 0 has no interfaces? [ 156.879263][ T5382] usb 7-1: New USB device found, idVendor=12d1, idProduct=1c1f, bcdDevice=63.46 [ 156.883144][ T5382] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.888840][ T5382] usb 7-1: config 0 descriptor?? [ 156.950303][ T6944] team0: Port device team_slave_0 added [ 156.956170][ T6944] team0: Port device team_slave_1 added [ 157.027379][ T1104] bridge_slave_1: left allmulticast mode [ 157.030083][ T1104] bridge_slave_1: left promiscuous mode [ 157.032834][ T1104] bridge0: port 2(bridge_slave_1) entered disabled state [ 157.039231][ T1104] bridge_slave_0: left allmulticast mode [ 157.041603][ T1104] bridge_slave_0: left promiscuous mode [ 157.046449][ T1104] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.158767][ T5565] usb 7-1: USB disconnect, device number 11 [ 157.375567][ T1104] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 157.384337][ T1104] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 157.390207][ T1104] bond0 (unregistering): Released all slaves [ 157.410471][ T6944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 157.413257][ T6944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.426100][ T6944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 157.459015][ T6944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 157.462068][ T6944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 157.475185][ T6944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 157.595592][ T6944] hsr_slave_0: entered promiscuous mode [ 157.598713][ T6944] hsr_slave_1: entered promiscuous mode [ 157.618604][ T6944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 157.621952][ T6944] Cannot create hsr debugfs directory [ 157.849177][ T6976] netlink: 'syz.1.459': attribute type 10 has an invalid length. [ 157.893654][ T6976] FAULT_INJECTION: forcing a failure. [ 157.893654][ T6976] name failslab, interval 1, probability 0, space 0, times 0 [ 157.899623][ T6976] CPU: 3 UID: 0 PID: 6976 Comm: syz.1.459 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 157.903899][ T6976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 157.908211][ T6976] Call Trace: [ 157.909618][ T6976] [ 157.911008][ T6976] dump_stack_lvl+0x16c/0x1f0 [ 157.913231][ T6976] should_fail_ex+0x497/0x5b0 [ 157.915274][ T6976] ? fs_reclaim_acquire+0xae/0x160 [ 157.917486][ T6976] should_failslab+0xc2/0x120 [ 157.919229][ T6976] __kmalloc_cache_noprof+0x6b/0x310 [ 157.921444][ T6976] ? nf_nat_masq_schedule.part.0+0x294/0x620 [ 157.923981][ T6976] ? nf_flow_table_cleanup+0x323/0x3d0 [ 157.926205][ T6976] nf_nat_masq_schedule.part.0+0x294/0x620 [ 157.928261][ T6976] ? __pfx_device_cmp+0x10/0x10 [ 157.929966][ T6976] ? __pfx_nf_nat_masq_schedule.part.0+0x10/0x10 [ 157.932663][ T6976] ? nf_tables_flowtable_event+0x35/0x480 [ 157.935120][ T6976] ? __pfx_virt_wifi_event+0x10/0x10 [ 157.937385][ T6976] masq_device_event+0xf7/0x120 [ 157.939299][ T6976] notifier_call_chain+0xb9/0x410 [ 157.941269][ T6976] ? __pfx_masq_device_event+0x10/0x10 [ 157.943616][ T6976] call_netdevice_notifiers_info+0xbe/0x140 [ 157.946150][ T6976] __dev_notify_flags+0x1f9/0x2e0 [ 157.948284][ T6976] ? __pfx___dev_notify_flags+0x10/0x10 [ 157.950598][ T6976] ? __pfx___dev_change_flags+0x10/0x10 [ 157.952890][ T6976] ? __pfx_llist_add_batch+0x10/0x10 [ 157.955100][ T6976] ? console_unlock+0x248/0x290 [ 157.957181][ T6976] dev_change_flags+0x10c/0x160 [ 157.959291][ T6976] do_setlink+0x19a6/0x3ea0 [ 157.961045][ T6976] ? vprintk_emit+0x1ca/0x5a0 [ 157.962849][ T6976] ? __pfx_do_setlink+0x10/0x10 [ 157.964711][ T6976] ? vprintk+0x86/0xa0 [ 157.966421][ T6976] ? _printk+0xc8/0x100 [ 157.968214][ T6976] ? __pfx__printk+0x10/0x10 [ 157.970214][ T6976] ? ___ratelimit+0x24c/0x580 [ 157.972168][ T6976] ? __pfx____ratelimit+0x10/0x10 [ 157.974324][ T6976] ? __kernel_text_address+0xd/0x40 [ 157.976538][ T6976] ? unwind_get_return_address+0x45/0xe0 [ 157.978959][ T6976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 157.981515][ T6976] ? __nla_validate_parse+0x605/0x2b10 [ 157.983692][ T6976] ? __pfx___nla_validate_parse+0x10/0x10 [ 157.985884][ T6976] ? stack_trace_save+0x95/0xd0 [ 157.987982][ T6976] ? __pfx_stack_trace_save+0x10/0x10 [ 157.990301][ T6976] ? stack_depot_save_flags+0x28/0x900 [ 157.992659][ T6976] ? find_held_lock+0x2d/0x110 [ 157.994726][ T6976] ? __nla_parse+0x40/0x60 [ 157.996653][ T6976] __rtnl_newlink+0xc3a/0x1960 [ 157.998783][ T6976] ? __pfx___rtnl_newlink+0x10/0x10 [ 158.001014][ T6976] rtnl_newlink+0x67/0xa0 [ 158.002870][ T6976] ? __pfx_rtnl_newlink+0x10/0x10 [ 158.005209][ T6976] rtnetlink_rcv_msg+0x3c7/0xea0 [ 158.007304][ T6976] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 158.009489][ T6976] ? __pfx___dev_queue_xmit+0x10/0x10 [ 158.011923][ T6976] netlink_rcv_skb+0x165/0x410 [ 158.014094][ T6976] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 158.016364][ T6976] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 158.018639][ T6976] ? netlink_deliver_tap+0x1ae/0xcf0 [ 158.020944][ T6976] netlink_unicast+0x544/0x830 [ 158.023038][ T6976] ? __pfx_netlink_unicast+0x10/0x10 [ 158.025324][ T6976] ? __phys_addr_symbol+0x30/0x80 [ 158.027481][ T6976] ? __check_object_size+0x497/0x720 [ 158.029800][ T6976] netlink_sendmsg+0x8b8/0xd70 [ 158.031669][ T6976] ? __pfx_netlink_sendmsg+0x10/0x10 [ 158.033656][ T6976] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 158.035668][ T6976] ____sys_sendmsg+0x9b4/0xb50 [ 158.037659][ T6976] ? __pfx_____sys_sendmsg+0x10/0x10 [ 158.040015][ T6976] ? get_compat_msghdr+0x11b/0x170 [ 158.042344][ T6976] ? __pfx___lock_acquire+0x10/0x10 [ 158.044650][ T6976] ___sys_sendmsg+0x135/0x1e0 [ 158.046775][ T6976] ? __pfx____sys_sendmsg+0x10/0x10 [ 158.049122][ T6976] ? ksys_write+0x21c/0x260 [ 158.051120][ T6976] ? __fget_light+0x173/0x210 [ 158.053151][ T6976] __sys_sendmsg+0x117/0x1f0 [ 158.055226][ T6976] ? __pfx___sys_sendmsg+0x10/0x10 [ 158.057467][ T6976] __do_fast_syscall_32+0x73/0x120 [ 158.059419][ T6976] do_fast_syscall_32+0x32/0x80 [ 158.060953][ T6976] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 158.063374][ T6976] RIP: 0023:0xf7f85579 [ 158.065005][ T6976] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 158.073201][ T6976] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 158.076203][ T6976] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000600 [ 158.079503][ T6976] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 158.082977][ T6976] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 158.086912][ T6976] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 158.090075][ T6976] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 158.093501][ T6976] [ 158.095111][ C3] vkms_vblank_simulate: vblank timer overrun [ 158.130129][ T6976] team0: Port device netdevsim0 added [ 158.260875][ T1104] hsr_slave_0: left promiscuous mode [ 158.268153][ T1104] hsr_slave_1: left promiscuous mode [ 158.271492][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.273452][ T5346] Bluetooth: hci1: command tx timeout [ 158.276620][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.291881][ T1104] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.295372][ T1104] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.351379][ T1104] veth1_macvtap: left promiscuous mode [ 158.354205][ T1104] veth0_macvtap: left promiscuous mode [ 158.357119][ T1104] veth1_vlan: left promiscuous mode [ 158.359680][ T1104] veth0_vlan: left promiscuous mode [ 159.481266][ T1104] team0 (unregistering): Port device team_slave_1 removed [ 159.554654][ T1104] team0 (unregistering): Port device team_slave_0 removed [ 160.353621][ T5346] Bluetooth: hci1: command tx timeout [ 160.762572][ T5346] Bluetooth: hci3: unexpected event for opcode 0x1003 [ 160.884264][ T1104] IPVS: stop unused estimator thread 0... [ 161.025902][ T6944] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 161.050441][ T6944] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 161.062200][ T7041] overlayfs: overlapping lowerdir path [ 161.066385][ T6944] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 161.090856][ T6944] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 161.219748][ T6944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 161.238155][ T6944] 8021q: adding VLAN 0 to HW filter on device team0 [ 161.247500][ T5383] bridge0: port 1(bridge_slave_0) entered blocking state [ 161.250768][ T5383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 161.261883][ T5382] bridge0: port 2(bridge_slave_1) entered blocking state [ 161.265917][ T5382] bridge0: port 2(bridge_slave_1) entered forwarding state [ 161.471771][ T6944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 161.523134][ T6944] veth0_vlan: entered promiscuous mode [ 161.534884][ T6944] veth1_vlan: entered promiscuous mode [ 161.563730][ T6944] veth0_macvtap: entered promiscuous mode [ 161.574460][ T6944] veth1_macvtap: entered promiscuous mode [ 161.599560][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.607607][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.611827][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.620593][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.624833][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 161.629258][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.635897][ T6944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 161.642183][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.646646][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.650783][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.655268][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.659340][ T6944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 161.664510][ T6944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 161.670302][ T6944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 161.681167][ T6944] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.685086][ T6944] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.688931][ T6944] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.692579][ T6944] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 161.765555][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.768210][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 161.813741][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 161.817106][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 162.353201][ T5382] IPVS: starting estimator thread 0... [ 162.453480][ T5346] Bluetooth: hci1: command tx timeout [ 162.485254][ T7073] IPVS: using max 35 ests per chain, 84000 per kthread [ 163.129069][ T7082] pim6reg1: entered promiscuous mode [ 163.131480][ T7082] pim6reg1: entered allmulticast mode [ 163.482780][ T7088] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 163.632068][ T7090] FAULT_INJECTION: forcing a failure. [ 163.632068][ T7090] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 163.641279][ T7090] CPU: 2 UID: 0 PID: 7090 Comm: syz.3.485 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 163.645603][ T7090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 163.649995][ T7090] Call Trace: [ 163.651256][ T7090] [ 163.652509][ T7090] dump_stack_lvl+0x16c/0x1f0 [ 163.654541][ T7090] should_fail_ex+0x497/0x5b0 [ 163.656487][ T7090] _copy_to_user+0x30/0xc0 [ 163.658277][ T7090] simple_read_from_buffer+0xd0/0x160 [ 163.660530][ T7090] proc_fail_nth_read+0x1b0/0x290 [ 163.662688][ T7090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.665076][ T7090] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 163.667383][ T7090] vfs_read+0x1d4/0xbd0 [ 163.668959][ T7090] ? __fdget_pos+0xeb/0x180 [ 163.670704][ T7090] ? __pfx_vfs_read+0x10/0x10 [ 163.672473][ T7090] ? __pfx___mutex_lock+0x10/0x10 [ 163.674733][ T7090] ? __fget_files+0x256/0x400 [ 163.676842][ T7090] ksys_read+0x12f/0x260 [ 163.678704][ T7090] ? __pfx_ksys_read+0x10/0x10 [ 163.680763][ T7090] __do_fast_syscall_32+0x73/0x120 [ 163.682905][ T7090] do_fast_syscall_32+0x32/0x80 [ 163.684806][ T7090] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 163.687302][ T7090] RIP: 0023:0xf743e579 [ 163.688991][ T7090] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 163.697179][ T7090] RSP: 002b:00000000f57565b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 163.700740][ T7090] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5756630 [ 163.704181][ T7090] RDX: 000000000000000f RSI: 00000000f742bff4 RDI: 0000000000000000 [ 163.707476][ T7090] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 163.710832][ T7090] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 163.714131][ T7090] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 163.717437][ T7090] [ 164.029404][ T7101] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 164.171110][ T7108] syz.1.490 (7108): drop_caches: 0 [ 164.174713][ T7108] FAULT_INJECTION: forcing a failure. [ 164.174713][ T7108] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 164.180062][ T7108] CPU: 1 UID: 0 PID: 7108 Comm: syz.1.490 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 164.184424][ T7108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 164.188912][ T7108] Call Trace: [ 164.190222][ T7108] [ 164.191248][ T7108] dump_stack_lvl+0x16c/0x1f0 [ 164.193140][ T7108] should_fail_ex+0x497/0x5b0 [ 164.194840][ T7108] _copy_to_user+0x30/0xc0 [ 164.196560][ T7108] simple_read_from_buffer+0xd0/0x160 [ 164.198695][ T7108] proc_fail_nth_read+0x1b0/0x290 [ 164.200532][ T7108] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 164.202714][ T7108] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 164.205183][ T7108] vfs_read+0x1d4/0xbd0 [ 164.207066][ T7108] ? __fdget_pos+0xeb/0x180 [ 164.208964][ T7108] ? __pfx_vfs_read+0x10/0x10 [ 164.210807][ T7108] ? __pfx___mutex_lock+0x10/0x10 [ 164.213057][ T7108] ? __fget_files+0x256/0x400 [ 164.215136][ T7108] ksys_read+0x12f/0x260 [ 164.216981][ T7108] ? __pfx_ksys_read+0x10/0x10 [ 164.219117][ T7108] __do_fast_syscall_32+0x73/0x120 [ 164.221349][ T7108] do_fast_syscall_32+0x32/0x80 [ 164.223480][ T7108] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 164.226230][ T7108] RIP: 0023:0xf7f85579 [ 164.228017][ T7108] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 164.235876][ T7108] RSP: 002b:00000000f57365b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 164.239408][ T7108] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f5736630 [ 164.242829][ T7108] RDX: 000000000000000f RSI: 00000000f740bff4 RDI: 0000000000000000 [ 164.246294][ T7108] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000 [ 164.249673][ T7108] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 164.253047][ T7108] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 164.256064][ T7108] [ 164.528630][ T5346] Bluetooth: hci1: command tx timeout [ 165.234800][ T7136] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 165.258053][ T7136] FAULT_INJECTION: forcing a failure. [ 165.258053][ T7136] name failslab, interval 1, probability 0, space 0, times 0 [ 165.266928][ T7136] CPU: 2 UID: 0 PID: 7136 Comm: syz.1.500 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 165.271610][ T7136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 165.276651][ T7136] Call Trace: [ 165.278327][ T7136] [ 165.279707][ T7136] dump_stack_lvl+0x16c/0x1f0 [ 165.281951][ T7136] should_fail_ex+0x497/0x5b0 [ 165.284083][ T7136] ? fs_reclaim_acquire+0xae/0x160 [ 165.286446][ T7136] should_failslab+0xc2/0x120 [ 165.288431][ T7136] __kmalloc_node_noprof+0xd1/0x440 [ 165.290836][ T7136] ? shmem_xattr_handler_set+0x2ee/0x3b0 [ 165.293349][ T7136] ? __kvmalloc_node_noprof+0x9d/0x1a0 [ 165.295801][ T7136] __kvmalloc_node_noprof+0x9d/0x1a0 [ 165.298401][ T7136] simple_xattr_set+0x68/0x450 [ 165.300546][ T7136] shmem_xattr_handler_set+0x31b/0x3b0 [ 165.303027][ T7136] ? __pfx_shmem_xattr_handler_set+0x10/0x10 [ 165.305874][ T7136] __vfs_setxattr+0x173/0x1e0 [ 165.308015][ T7136] ? __pfx___vfs_setxattr+0x10/0x10 [ 165.310402][ T7136] ? apparmor_capable+0x126/0x1e0 [ 165.312791][ T7136] __vfs_setxattr_noperm+0x127/0x660 [ 165.315261][ T7136] __vfs_setxattr_locked+0x182/0x260 [ 165.317660][ T7136] ? up_write+0x1b2/0x520 [ 165.319800][ T7136] vfs_setxattr+0x146/0x350 [ 165.322065][ T7136] ? __pfx_vfs_setxattr+0x10/0x10 [ 165.324452][ T7136] ? __pfx_lock_acquire+0x10/0x10 [ 165.326896][ T7136] ovl_check_setxattr+0x181/0x320 [ 165.329232][ T7136] ovl_set_impure+0x13e/0x1e0 [ 165.331481][ T7136] ovl_lookup+0x1e92/0x21f0 [ 165.333646][ T7136] ? __pfx_ovl_lookup+0x10/0x10 [ 165.336062][ T7136] ? lookup_open.isra.0+0x236/0x13c0 [ 165.338572][ T7136] ? __pfx_lock_release+0x10/0x10 [ 165.340889][ T7136] ? __pfx_d_alloc_parallel+0x10/0x10 [ 165.343712][ T7136] ? __d_lookup+0x266/0x4a0 [ 165.345857][ T7136] ? __pfx_ovl_lookup+0x10/0x10 [ 165.348135][ T7136] lookup_open.isra.0+0x928/0x13c0 [ 165.350570][ T7136] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 165.353095][ T7136] ? __startup_64+0x120/0x2a0 [ 165.355037][ T7136] ? __startup_64+0x120/0x2a0 [ 165.356960][ T7136] ? lookup_fast+0x155/0x540 [ 165.359153][ T7136] path_openat+0xa3b/0x2d20 [ 165.361890][ T7136] ? __pfx_path_openat+0x10/0x10 [ 165.364240][ T7136] ? __pfx___lock_acquire+0x10/0x10 [ 165.366682][ T7136] ? find_held_lock+0x2d/0x110 [ 165.368985][ T7136] do_filp_open+0x1dc/0x430 [ 165.371246][ T7136] ? __pfx_do_filp_open+0x10/0x10 [ 165.373716][ T7136] ? find_held_lock+0x2d/0x110 [ 165.376024][ T7136] ? _raw_spin_unlock+0x28/0x50 [ 165.378388][ T7136] ? alloc_fd+0x2d7/0x6c0 [ 165.380483][ T7136] do_sys_openat2+0x17a/0x1e0 [ 165.382685][ T7136] ? __pfx_do_sys_openat2+0x10/0x10 [ 165.385045][ T7136] __ia32_compat_sys_openat+0x16e/0x210 [ 165.387587][ T7136] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 165.390446][ T7136] ? ksys_write+0x1ab/0x260 [ 165.392695][ T7136] __do_fast_syscall_32+0x73/0x120 [ 165.395228][ T7136] do_fast_syscall_32+0x32/0x80 [ 165.397487][ T7136] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 165.400168][ T7136] RIP: 0023:0xf7f85579 [ 165.401835][ T7136] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 165.410246][ T7136] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000127 [ 165.413970][ T7136] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000020000100 [ 165.417580][ T7136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 165.420853][ T7136] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 165.424349][ T7136] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 165.427596][ T7136] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 165.430189][ T7136] [ 166.052254][ T7163] overlayfs: missing 'lowerdir' [ 166.358911][ T39] audit: type=1800 audit(2000000100.110:85): pid=7172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.511" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0 [ 166.408537][ C3] vkms_vblank_simulate: vblank timer overrun [ 166.869662][ T7180] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 167.163413][ T981] usb 7-1: new high-speed USB device number 12 using dummy_hcd [ 167.343560][ T981] usb 7-1: Using ep0 maxpacket: 32 [ 167.351108][ T981] usb 7-1: config index 0 descriptor too short (expected 35577, got 27) [ 167.356324][ T981] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32 [ 167.360263][ T981] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 167.364890][ T981] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92 [ 167.368639][ T981] usb 7-1: config 1 has no interface number 0 [ 167.371148][ T981] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8 [ 167.379547][ T981] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.396905][ T981] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found [ 167.635205][ T66] Bluetooth: hci1: command 0x0405 tx timeout [ 168.474063][ T5386] usb 8-1: new high-speed USB device number 8 using dummy_hcd [ 168.686985][ T5386] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 168.691233][ T5386] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 168.695918][ T5386] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 168.706040][ T5386] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 168.710012][ T5386] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 168.714442][ T5386] usb 8-1: Product: syz [ 168.716510][ T5386] usb 8-1: Manufacturer: syz [ 168.732284][ T5386] cdc_wdm 8-1:1.0: skipping garbage [ 168.735131][ T5386] cdc_wdm 8-1:1.0: skipping garbage [ 168.737891][ T5386] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 168.959269][ T5382] usb 8-1: USB disconnect, device number 8 [ 169.135406][ T7195] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8) [ 169.138221][ T7195] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 169.141743][ T7195] vhci_hcd vhci_hcd.0: Device attached [ 169.353698][ T57] vhci_hcd: vhci_device speed not set [ 169.423531][ T57] usb 13-1: new full-speed USB device number 2 using vhci_hcd [ 169.457188][ T7204] pim6reg: entered allmulticast mode [ 169.533735][ T5382] usb 8-1: new high-speed USB device number 9 using dummy_hcd [ 169.740060][ T5382] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 169.743751][ T5382] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 169.747694][ T5382] usb 8-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 169.755143][ T5382] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 169.760916][ T5382] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 169.766507][ T5382] usb 8-1: Product: syz [ 169.768441][ T5382] usb 8-1: Manufacturer: syz [ 169.778711][ T5382] cdc_wdm 8-1:1.0: skipping garbage [ 169.781377][ T5382] cdc_wdm 8-1:1.0: skipping garbage [ 169.784007][ T5382] cdc_wdm 8-1:1.0: probe with driver cdc_wdm failed with error -22 [ 169.836887][ T981] snd_usb_pod 7-1:1.1: set_interface failed [ 169.845571][ T981] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected [ 169.849146][ T981] snd_usb_pod 7-1:1.1: probe with driver snd_usb_pod failed with error -71 [ 169.870627][ T981] usb 7-1: USB disconnect, device number 12 [ 169.919585][ T7196] vhci_hcd: connection reset by peer [ 169.922871][ T1111] vhci_hcd: stop threads [ 169.925233][ T1111] vhci_hcd: release socket [ 169.931893][ T1111] vhci_hcd: disconnect device [ 169.996708][ T5382] usb 8-1: USB disconnect, device number 9 [ 171.085810][ T4390] usb 8-1: new high-speed USB device number 10 using dummy_hcd [ 171.297806][ T4390] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 171.302674][ T4390] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 171.326832][ T4390] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 171.330830][ T4390] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 171.341907][ T7225] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 171.350492][ T4390] usb 8-1: Quirk or no altset; falling back to MIDI 1.0 [ 171.531940][ T7243] FAULT_INJECTION: forcing a failure. [ 171.531940][ T7243] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 171.538140][ T7243] CPU: 2 UID: 0 PID: 7243 Comm: syz.0.534 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 171.542570][ T7243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 171.547058][ T7243] Call Trace: [ 171.548485][ T7243] [ 171.549766][ T7243] dump_stack_lvl+0x16c/0x1f0 [ 171.551846][ T7243] should_fail_ex+0x497/0x5b0 [ 171.553874][ T7243] _copy_to_user+0x30/0xc0 [ 171.555786][ T7243] simple_read_from_buffer+0xd0/0x160 [ 171.558082][ T7243] proc_fail_nth_read+0x1b0/0x290 [ 171.560222][ T7243] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.562509][ T7243] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 171.564900][ T7243] vfs_read+0x1d4/0xbd0 [ 171.566728][ T7243] ? __fdget_pos+0xeb/0x180 [ 171.568750][ T7243] ? __pfx_vfs_read+0x10/0x10 [ 171.570810][ T7243] ? __pfx___mutex_lock+0x10/0x10 [ 171.573089][ T7243] ? __fget_files+0x256/0x400 [ 171.575162][ T7243] ksys_read+0x12f/0x260 [ 171.577038][ T7243] ? __pfx_ksys_read+0x10/0x10 [ 171.579142][ T7243] __do_fast_syscall_32+0x73/0x120 [ 171.581362][ T7243] do_fast_syscall_32+0x32/0x80 [ 171.583491][ T7243] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 171.586225][ T7243] RIP: 0023:0xf741e579 [ 171.587999][ T7243] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 171.596439][ T7243] RSP: 002b:00000000f57365b0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 171.599370][ T7243] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736630 [ 171.602757][ T7243] RDX: 000000000000000f RSI: 00000000f740bff4 RDI: 0000000000000000 [ 171.606163][ T7243] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 171.609538][ T7243] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 171.612868][ T7243] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 171.616303][ T7243] [ 171.713168][ T4390] usb 8-1: USB disconnect, device number 10 [ 172.254117][ T7260] netlink: 20 bytes leftover after parsing attributes in process `syz.2.540'. [ 172.264199][ T7260] ax25_connect(): syz.2.540 uses autobind, please contact jreuter@yaina.de [ 172.417490][ T7270] FAULT_INJECTION: forcing a failure. [ 172.417490][ T7270] name failslab, interval 1, probability 0, space 0, times 0 [ 172.423551][ T7270] CPU: 1 UID: 0 PID: 7270 Comm: syz.3.544 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 172.427835][ T7270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.432109][ T7270] Call Trace: [ 172.433522][ T7270] [ 172.434846][ T7270] dump_stack_lvl+0x116/0x1f0 [ 172.436843][ T7270] should_fail_ex+0x497/0x5b0 [ 172.438880][ T7270] should_failslab+0xc2/0x120 [ 172.440879][ T7270] kmem_cache_alloc_noprof+0x6e/0x2f0 [ 172.443122][ T7270] ? __sigqueue_alloc+0x244/0x6b0 [ 172.445215][ T7270] __sigqueue_alloc+0x244/0x6b0 [ 172.447263][ T7270] __send_signal_locked+0x74c/0x1090 [ 172.449080][ T7272] IPVS: set_ctl: invalid protocol: 0 127.0.0.1:0 [ 172.449489][ T7270] force_sig_info_to_task+0x31d/0x660 [ 172.454817][ T7270] force_sig_fault+0xad/0xf0 [ 172.456873][ T7270] ? __pfx_force_sig_fault+0x10/0x10 [ 172.458697][ T7272] xt_CHECKSUM: CHECKSUM should be avoided. If really needed, restrict with "-p udp" and only use in OUTPUT [ 172.459208][ T7270] ? __pfx_is_prefetch.constprop.0+0x10/0x10 [ 172.459243][ T7270] ? fixup_vdso_exception+0x34b/0x400 [ 172.468123][ T7270] __bad_area_nosemaphore+0x30d/0x6a0 [ 172.470028][ T7270] ? lock_mm_and_find_vma+0xa6/0x6a0 [ 172.472196][ T7270] do_user_addr_fault+0x920/0x13f0 [ 172.474352][ T7270] ? trace_irq_disable.constprop.0+0xe4/0x130 [ 172.476868][ T7270] exc_page_fault+0x5c/0xc0 [ 172.478758][ T7270] asm_exc_page_fault+0x26/0x30 [ 172.480781][ T7270] RIP: 0023:0xf71781a1 [ 172.482504][ T7270] Code: 00 00 6a 03 8b 45 40 8b 4d 00 8d 0c 88 8b 45 04 c1 e0 04 03 45 64 39 c1 0f 42 c8 51 6a 00 e8 a6 e6 13 00 8b 4c 24 28 83 c4 18 <89> 01 68 00 00 00 10 57 68 01 80 00 00 6a 03 8b 45 00 c1 e0 06 50 [ 172.485277][ T7272] xt_TPROXY: Can be used only with -p tcp or -p udp [ 172.489835][ T7270] RSP: 002b:00000000f5756558 EFLAGS: 00010282 [ 172.489854][ T7270] RAX: 00000000ffffffff RBX: 00000000f742bff4 RCX: 0000000000000000 [ 172.489866][ T7270] RDX: 00000000ffffffd4 RSI: 0000000000004919 RDI: 00000000ffffffff [ 172.489877][ T7270] RBP: 0000000020000000 R08: 0000000000000000 R09: 0000000000000000 [ 172.504952][ T7270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.508299][ T7270] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 172.511238][ T7270] [ 172.642406][ T5346] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 172.912084][ T7284] FAULT_INJECTION: forcing a failure. [ 172.912084][ T7284] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 172.917940][ T7284] CPU: 3 UID: 0 PID: 7284 Comm: syz.0.548 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 172.922235][ T7284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.926681][ T7284] Call Trace: [ 172.928103][ T7284] [ 172.929312][ T7284] dump_stack_lvl+0x16c/0x1f0 [ 172.931291][ T7284] should_fail_ex+0x497/0x5b0 [ 172.933270][ T7284] _copy_to_user+0x30/0xc0 [ 172.935081][ T7284] bpf_test_finish.isra.0+0x5b6/0x6b0 [ 172.937232][ T7284] ? __pfx___might_resched+0x10/0x10 [ 172.939370][ T7284] ? __pfx_bpf_test_finish.isra.0+0x10/0x10 [ 172.941740][ T7284] bpf_prog_test_run_xdp+0xa1f/0x1530 [ 172.943881][ T7284] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 172.946060][ T7284] ? fput+0x32/0x390 [ 172.947537][ T7284] ? __bpf_prog_get+0xa0/0x2f0 [ 172.949329][ T7284] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 172.951763][ T7284] __sys_bpf+0x141f/0x5600 [ 172.953657][ T7284] ? __pfx___sys_bpf+0x10/0x10 [ 172.955581][ T7284] ? ksys_write+0x12f/0x260 [ 172.957429][ T7284] ? find_held_lock+0x2d/0x110 [ 172.959378][ T7284] ? ksys_write+0x21c/0x260 [ 172.961233][ T7284] ? __pfx_lock_release+0x10/0x10 [ 172.963269][ T7284] ? vfs_write+0x14d/0x1140 [ 172.965118][ T7284] ? __mutex_unlock_slowpath+0x164/0x650 [ 172.967453][ T7284] ? fput+0x32/0x390 [ 172.969090][ T7284] ? ksys_write+0x1ab/0x260 [ 172.971013][ T7284] ? __pfx_ksys_write+0x10/0x10 [ 172.973064][ T7284] __ia32_sys_bpf+0x76/0xe0 [ 172.974797][ T7284] __do_fast_syscall_32+0x73/0x120 [ 172.976728][ T7284] do_fast_syscall_32+0x32/0x80 [ 172.978728][ T7284] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 172.981206][ T7284] RIP: 0023:0xf741e579 [ 172.982769][ T7284] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 172.990214][ T7284] RSP: 002b:00000000f573657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 172.993457][ T7284] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000600 [ 172.996563][ T7284] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 172.999475][ T7284] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 173.002677][ T7284] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 173.005888][ T7284] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 173.008947][ T7284] [ 174.513772][ T57] vhci_hcd: vhci_device speed not set [ 175.496791][ T39] audit: type=1326 audit(2000000109.250:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7318 comm="syz.0.557" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0xffff0000 [ 175.567745][ T66] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 176.595369][ T66] Bluetooth: hci1: command 0x0405 tx timeout [ 177.236565][ T7336] overlayfs: cannot append lower layer [ 178.518702][ T7348] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 178.536424][ T7348] CIFS mount error: No usable UNC path provided in device string! [ 178.536424][ T7348] [ 178.541313][ T7348] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 179.634586][ T58] usb 6-1: new high-speed USB device number 11 using dummy_hcd [ 179.827268][ T58] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 179.830796][ T58] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 179.835921][ T58] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 179.843367][ T58] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 179.856610][ T58] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 179.860340][ T58] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 179.867039][ T58] usb 6-1: Product: syz [ 179.879252][ T58] usb 6-1: Manufacturer: syz [ 179.898584][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 179.900647][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 179.903544][ T58] cdc_wdm 6-1:1.0: skipping garbage [ 179.905522][ T58] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 180.107104][ T5382] usb 6-1: USB disconnect, device number 11 [ 180.598734][ T5382] usb 6-1: new high-speed USB device number 12 using dummy_hcd [ 180.718613][ T66] Bluetooth: hci3: SCO packet for unknown connection handle 201 [ 180.721283][ T66] Bluetooth: hci3: Received unexpected HCI Event 0x00 [ 180.776364][ T5382] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 180.779115][ T5382] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 180.782681][ T5382] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 180.803804][ T5382] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 180.810590][ T5382] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 180.823339][ T5382] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 180.826446][ T5382] usb 6-1: Product: syz [ 180.828078][ T5382] usb 6-1: Manufacturer: syz [ 180.835124][ T5382] cdc_wdm 6-1:1.0: skipping garbage [ 180.837185][ T5382] cdc_wdm 6-1:1.0: skipping garbage [ 180.839222][ T5382] cdc_wdm 6-1:1.0: skipping garbage [ 180.841251][ T5382] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22 [ 181.049075][ T5382] usb 6-1: USB disconnect, device number 12 [ 181.156966][ T66] Bluetooth: hci0: command 0x0406 tx timeout [ 181.336576][ T7405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 182.150983][ T7425] FAULT_INJECTION: forcing a failure. [ 182.150983][ T7425] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 182.157877][ T7425] CPU: 2 UID: 0 PID: 7425 Comm: syz.3.594 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 182.162429][ T7425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 182.166639][ T7425] Call Trace: [ 182.167974][ T7425] [ 182.169156][ T7425] dump_stack_lvl+0x16c/0x1f0 [ 182.171209][ T7425] should_fail_ex+0x497/0x5b0 [ 182.173334][ T7425] _copy_from_user+0x30/0xf0 [ 182.175562][ T7425] get_compat_msghdr+0xa8/0x170 [ 182.177784][ T7425] ? __pfx_get_compat_msghdr+0x10/0x10 [ 182.180238][ T7425] ? __pfx___lock_acquire+0x10/0x10 [ 182.182590][ T7425] ? __might_fault+0x13b/0x190 [ 182.184764][ T7425] ___sys_sendmsg+0x1b0/0x1e0 [ 182.186899][ T7425] ? __pfx____sys_sendmsg+0x10/0x10 [ 182.189075][ T7425] ? __pfx_lock_release+0x10/0x10 [ 182.191308][ T7425] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 182.193858][ T7425] ? __fget_light+0x173/0x210 [ 182.196029][ T7425] __sys_sendmmsg+0x2a5/0x450 [ 182.198164][ T7425] ? __pfx___sys_sendmmsg+0x10/0x10 [ 182.200516][ T7425] ? vfs_write+0x14d/0x1140 [ 182.202355][ T7425] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 182.204695][ T7425] ? fput+0x32/0x390 [ 182.206283][ T7425] ? ksys_write+0x1ab/0x260 [ 182.208153][ T7425] ? __pfx_ksys_write+0x10/0x10 [ 182.210238][ T7425] __ia32_compat_sys_sendmmsg+0x9d/0x100 [ 182.212508][ T7425] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 182.215261][ T7425] __do_fast_syscall_32+0x73/0x120 [ 182.217446][ T7425] do_fast_syscall_32+0x32/0x80 [ 182.219219][ T7425] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 182.221790][ T7425] RIP: 0023:0xf743e579 [ 182.223354][ T7425] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 182.231059][ T7425] RSP: 002b:00000000f575657c EFLAGS: 00000292 ORIG_RAX: 0000000000000159 [ 182.234648][ T7425] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200038c0 [ 182.237995][ T7425] RDX: 00000000ffffff06 RSI: 0000000000000000 RDI: 0000000000000000 [ 182.241408][ T7425] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 182.244823][ T7425] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 182.248215][ T7425] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 182.251617][ T7425] [ 183.018459][ C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:2. Sending cookies. [ 183.048304][ T7431] ------------[ cut here ]------------ [ 183.050844][ T7431] WARNING: CPU: 0 PID: 7431 at mm/page_table_check.c:207 __page_table_check_ptes_set+0x2fa/0x3e0 [ 183.055118][ T7431] Modules linked in: [ 183.056886][ T7431] CPU: 0 UID: 0 PID: 7431 Comm: syz.3.598 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 183.063196][ T7431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.067939][ T7431] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 183.070809][ T7431] Code: e9 91 fe ff ff e8 46 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 65 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 27 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 19 48 97 ff eb 69 cc cc cc e8 0f 48 97 [ 183.079434][ T7431] RSP: 0000:ffffc90003737a28 EFLAGS: 00010293 [ 183.081818][ T7431] RAX: 0000000000000000 RBX: ffff88801c660000 RCX: ffffffff81f3ddfb [ 183.085118][ T7431] RDX: ffff88801cdd8000 RSI: ffffffff81f3de09 RDI: 0000000000000007 [ 183.088592][ T7431] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 183.092151][ T7431] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 183.096120][ T7431] R13: ffff88802863b900 R14: 0000000000000001 R15: 1ffff920006e6f47 [ 183.099202][ T7431] FS: 0000000000000000(0000) GS:ffff88802c000000(0063) knlGS:00000000583cc440 [ 183.102458][ T7431] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 183.105072][ T7431] CR2: 00000000200002c0 CR3: 000000005acfa000 CR4: 0000000000352ef0 [ 183.108165][ T7431] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 183.111101][ T7431] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 183.114307][ T7431] Call Trace: [ 183.115719][ T7431] [ 183.116813][ T7431] ? show_regs+0x8c/0xa0 [ 183.118363][ T7431] ? __warn+0xe5/0x3c0 [ 183.120175][ T7431] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 183.122679][ T7431] ? report_bug+0x3c0/0x580 [ 183.124608][ T7431] ? handle_bug+0x3d/0x70 [ 183.126409][ T7431] ? exc_invalid_op+0x17/0x50 [ 183.128036][ T7431] ? asm_exc_invalid_op+0x1a/0x20 [ 183.129771][ T7431] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 183.131904][ T7431] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 183.134239][ T7431] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 183.136930][ T7431] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 183.139726][ T7431] ? find_held_lock+0x2d/0x110 [ 183.141746][ T7431] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 183.144561][ T7431] ? rcu_read_unlock+0x17/0x60 [ 183.146735][ T7431] set_ptes.constprop.0+0x193/0x1d0 [ 183.148643][ T7431] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 183.150628][ T7431] do_swap_page+0x1214/0x3dc0 [ 183.152275][ T7431] ? __pfx_do_swap_page+0x10/0x10 [ 183.154381][ T7431] ? pte_offset_map_nolock+0xfe/0x1c0 [ 183.156603][ T7431] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 183.159162][ T7431] __handle_mm_fault+0x146b/0x5360 [ 183.161410][ T7431] ? down_read_trylock+0x1ed/0x3f0 [ 183.163190][ T7431] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 183.165052][ T7431] ? __pfx___handle_mm_fault+0x10/0x10 [ 183.167049][ T7431] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 183.169419][ T7431] handle_mm_fault+0x44e/0x7b0 [ 183.171550][ T7431] ? __pkru_allows_pkey+0x52/0xb0 [ 183.173805][ T7431] do_user_addr_fault+0x60d/0x13f0 [ 183.176071][ T7431] exc_page_fault+0x5c/0xc0 [ 183.177916][ T7431] asm_exc_page_fault+0x26/0x30 [ 183.179554][ T7431] RIP: 0023:0xf729f7d6 [ 183.181097][ T7431] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 [ 183.187723][ T7431] RSP: 002b:00000000ffb92788 EFLAGS: 00010246 [ 183.190221][ T7431] RAX: 0000000000000000 RBX: 00000000f742bff4 RCX: 0000000000000002 [ 183.193033][ T7431] RDX: 0000000000000008 RSI: 00000000f6d603ac RDI: 00000000200002c0 [ 183.196119][ T7431] RBP: 00000000ffb92a18 R08: 0000000000000000 R09: 0000000000000000 [ 183.199445][ T7431] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 183.202849][ T7431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 183.205594][ T7431] [ 183.206701][ T7431] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 183.209314][ T7431] CPU: 0 UID: 0 PID: 7431 Comm: syz.3.598 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0 [ 183.213112][ T7431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.216862][ T7431] Call Trace: [ 183.218152][ T7431] [ 183.219352][ T7431] dump_stack_lvl+0x3d/0x1f0 [ 183.221427][ T7431] panic+0x6f5/0x7a0 [ 183.222960][ T7431] ? __pfx_panic+0x10/0x10 [ 183.224430][ T7431] ? show_trace_log_lvl+0x363/0x500 [ 183.226468][ T7431] ? check_panic_on_warn+0x1f/0xb0 [ 183.228431][ T7431] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 183.230606][ T7431] check_panic_on_warn+0xab/0xb0 [ 183.232293][ T7431] __warn+0xf1/0x3c0 [ 183.234013][ T7431] ? __page_table_check_ptes_set+0x2fa/0x3e0 [ 183.236298][ T7431] report_bug+0x3c0/0x580 [ 183.238136][ T7431] handle_bug+0x3d/0x70 [ 183.239879][ T7431] exc_invalid_op+0x17/0x50 [ 183.241833][ T7431] asm_exc_invalid_op+0x1a/0x20 [ 183.243823][ T7431] RIP: 0010:__page_table_check_ptes_set+0x2fa/0x3e0 [ 183.246525][ T7431] Code: e9 91 fe ff ff e8 46 48 97 ff 48 8b 2c 24 31 ff 83 e5 02 48 89 ee e8 65 43 97 ff 48 85 ed 0f 84 85 00 00 00 e8 27 48 97 ff 90 <0f> 0b 90 e9 e9 fd ff ff e8 19 48 97 ff eb 69 cc cc cc e8 0f 48 97 [ 183.253693][ T7431] RSP: 0000:ffffc90003737a28 EFLAGS: 00010293 [ 183.256178][ T7431] RAX: 0000000000000000 RBX: ffff88801c660000 RCX: ffffffff81f3ddfb [ 183.258952][ T7431] RDX: ffff88801cdd8000 RSI: ffffffff81f3de09 RDI: 0000000000000007 [ 183.261852][ T7431] RBP: 0000000000000002 R08: 0000000000000007 R09: 0000000000000000 [ 183.265049][ T7431] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000001 [ 183.268362][ T7431] R13: ffff88802863b900 R14: 0000000000000001 R15: 1ffff920006e6f47 [ 183.271672][ T7431] ? __page_table_check_ptes_set+0x2eb/0x3e0 [ 183.274246][ T7431] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 183.276762][ T7431] ? __page_table_check_ptes_set+0x2f9/0x3e0 [ 183.279279][ T7431] ? find_held_lock+0x2d/0x110 [ 183.281298][ T7431] ? __pfx___page_table_check_ptes_set+0x10/0x10 [ 183.284062][ T7431] ? rcu_read_unlock+0x17/0x60 [ 183.286176][ T7431] set_ptes.constprop.0+0x193/0x1d0 [ 183.288381][ T7431] ? __pfx_set_ptes.constprop.0+0x10/0x10 [ 183.290587][ T7431] do_swap_page+0x1214/0x3dc0 [ 183.292222][ T7431] ? __pfx_do_swap_page+0x10/0x10 [ 183.293928][ T7431] ? pte_offset_map_nolock+0xfe/0x1c0 [ 183.295714][ T7431] ? __pfx_pte_offset_map_nolock+0x10/0x10 [ 183.297703][ T7431] __handle_mm_fault+0x146b/0x5360 [ 183.299582][ T7431] ? down_read_trylock+0x1ed/0x3f0 [ 183.301367][ T7431] ? lock_vma_under_rcu+0x1e2/0x8f0 [ 183.303037][ T7431] ? __pfx___handle_mm_fault+0x10/0x10 [ 183.304725][ T7431] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 183.306709][ T7431] handle_mm_fault+0x44e/0x7b0 [ 183.308707][ T7431] ? __pkru_allows_pkey+0x52/0xb0 [ 183.310916][ T7431] do_user_addr_fault+0x60d/0x13f0 [ 183.313127][ T7431] exc_page_fault+0x5c/0xc0 [ 183.314974][ T7431] asm_exc_page_fault+0x26/0x30 [ 183.316823][ T7431] RIP: 0023:0xf729f7d6 [ 183.318245][ T7431] Code: 03 76 37 f7 c6 03 00 00 00 74 16 a4 49 f7 c6 03 00 00 00 74 0c a4 49 f7 c6 03 00 00 00 74 02 a4 49 50 89 c8 c1 e9 02 83 e0 03 a5 89 c1 f3 a4 58 89 c7 89 d6 8b 44 24 04 c3 d1 e9 73 01 a4 d1 [ 183.325613][ T7431] RSP: 002b:00000000ffb92788 EFLAGS: 00010246 [ 183.327712][ T7431] RAX: 0000000000000000 RBX: 00000000f742bff4 RCX: 0000000000000002 [ 183.330941][ T7431] RDX: 0000000000000008 RSI: 00000000f6d603ac RDI: 00000000200002c0 [ 183.334181][ T7431] RBP: 00000000ffb92a18 R08: 0000000000000000 R09: 0000000000000000 [ 183.336894][ T7431] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 183.339560][ T7431] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 183.342449][ T7431] [ 183.344201][ T7431] Kernel Offset: disabled [ 183.346173][ T7431] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:55:30 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000038 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f9e6d5 RDI=ffffffff951153c0 RBP=ffffffff95115380 RSP=ffffc90003737400 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000038 R14=ffffffff84f9e670 R15=0000000000000000 RIP=ffffffff84f9e6ff RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000200002c0 CR3=000000005acfa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=00000000004a518b RBX=0000000000000001 RCX=ffffffff8b05aa19 RDX=0000000000000000 RSI=ffffffff8b4ccfe0 RDI=ffffffff8bb04860 RBP=ffffed1002ce5910 RSP=ffffc90000477e08 R8 =0000000000000001 R9 =ffffed1005826fe1 R10=ffff88802c137f0b R11=0000000000000000 R12=0000000000000001 R13=ffff88801672c880 R14=ffffffff9010e058 R15=0000000000000000 RIP=ffffffff8b05be0f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c100000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002002a000 CR3=000000002c1ee000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=0000000000000c4d RCX=ffffffff81e1a729 RDX=ffff88802123a440 RSI=0000000000000000 RDI=0000000000000000 RBP=0000000000000000 RSP=ffffc90003617a70 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000001 R14=ffffc90003617af0 R15=ffff88801c1ae000 RIP=ffffffff81e1a741 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbf76b1fd00 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00005567de665000 CR3=0000000025c38000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f f17e072ff17e072f ZMM22=a019e708a019e708 a019e708a019e708 a019e708a019e708 a019e708a019e708 a019e708a019e708 a019e708a019e708 a019e708a019e708 a019e708a019e708 ZMM23=215299bd215299bd 215299bd215299bd 215299bd215299bd 215299bd215299bd 215299bd215299bd 215299bd215299bd 215299bd215299bd 215299bd215299bd ZMM24=b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca b70ea8cab70ea8ca ZMM25=4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 4a0192a94a0192a9 ZMM26=eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 eaaf90f1eaaf90f1 ZMM27=ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ab40bb77ab40bb77 ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=ba090000ba090000 ba090000ba090000 ba090000ba090000 ba090000ba090000 ba090000ba090000 ba090000ba090000 ba090000ba090000 ba090000ba090000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=0000000000000001 RCX=ffffffff816901e8 RDX=fffffbfff28b5cd9 RSI=0000000000000008 RDI=ffffffff945ae6c0 RBP=0000000000000000 RSP=ffffc9000306f830 R8 =0000000000000000 R9 =fffffbfff28b5cd8 R10=ffffffff945ae6c7 R11=0000000000000000 R12=dffffc0000000000 R13=ffff88801fe4af48 R14=0000000000000002 R15=ffff88801fe4a440 RIP=ffffffff81e9abf8 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c3430ce CR3=000000002bc60000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000