last executing test programs: 29.05435479s ago: executing program 1 (id=1019): r0 = io_uring_setup(0x1d48, &(0x7f0000000340)={0x0, 0x0, 0x1000, 0x2, 0x30c}) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/sem\x00', 0x0, 0x0) ioctl$NBD_SET_SIZE_BLOCKS(r1, 0xab07, 0x1) read$FUSE(r1, &(0x7f0000001640)={0x2020}, 0x2020) r2 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r2, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24) listen(r2, 0x4) recvmmsg(r2, &(0x7f0000000200), 0x0, 0x40000100, 0x0) close_range(r0, r2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f28000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[], 0xe8}}, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000016c0)={0x88, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_NETMASK={0x5, 0x14, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x10}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x802}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0xd}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x88}}, 0x810) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000140)={0x1f, 0xffff, 0xffffffffffffffff}, 0x6) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x440240, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$EXT4_IOC_GETFSUUID(r6, 0x8008662c, &(0x7f0000000080)) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2) r9 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r9, 0x84, 0x72, &(0x7f0000000100)={0x0, 0x8000}, 0xc) ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000180)=ANY=[@ANYRES16=r3]) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000001680)={'syztnl0\x00', &(0x7f0000001600)={'ip6_vti0\x00', 0x0, 0x3f, 0xb, 0xd, 0x3, 0x32, @dev={0xfe, 0x80, '\x00', 0x11}, @private1, 0x40, 0x80, 0x10, 0xfffffff9}}) sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001a80)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x3ff, @private1={0xfc, 0x1, '\x00', 0x1}, 0x7fffffff}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000280)="dc0c138423b34a73f094aafc1f630d854153cfbec3fc22da0eaf12080957f2586a66c39c7e45e4631433381e27acc5b676a5058f25706be802c55eed5eaa17ac420dd72a6c20a976ff04dc031a0c4a510563edf0872e99bf332c4211148035dfdc367c5c52e0db04317edfcf44e34710dd88e0f3ba8302a3b1c5592838f83d25c03aa561ef951a7862ddfac5213d12f105d8c4b787e25e377ebe5a6c65e55b7f535606ab460daf51589b3af137f40f57007b", 0xb2}, {&(0x7f0000000340)="48fb90219edf4b055e7db420c6274eb87f3067a43fc77df1a8ec8dee676dab02251fd95f93a2cc947d2bf2f50f6a49ade266ee3e0857b97b6d72566d8d208daa3776250533467c848dfe4c2126ad71bd773401e33b71c4784e3f40e96dca4650b58a361182bb4aa3bb5ae6f63dba1c0fc7b2ca489f76510f46c1b5ed80", 0x7d}], 0x2, &(0x7f00000003c0)=[@flowinfo={{0x14, 0x29, 0xb, 0x1}}, @tclass={{0x14}}, @hopopts={{0x48, 0x29, 0x36, {0x67, 0x6, '\x00', [@calipso={0x7, 0x28, {0x3, 0x8, 0x8, 0x0, [0x10, 0xa1c2, 0x1, 0x7fffffff]}}, @jumbo={0xc2, 0x4, 0x3}]}}}, @rthdr={{0x78, 0x29, 0x39, {0x2e, 0xc, 0x3, 0x6, 0x0, [@mcast1, @dev={0xfe, 0x80, '\x00', 0x17}, @ipv4={'\x00', '\xff\xff', @local}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @remote, @private2={0xfc, 0x2, '\x00', 0x1}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x3}}, @dstopts_2292={{0x28, 0x29, 0x4, {0x29, 0x1, '\x00', [@pad1, @ra={0x5, 0x2, 0x3fd}, @pad1, @pad1]}}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x3c, 0x0, 0x2, 0x6}}}, @flowinfo={{0x14, 0x29, 0xb, 0x1}}, @rthdr={{0x98, 0x29, 0x39, {0x3b, 0x10, 0x2, 0x2, 0x0, [@rand_addr=' \x01\x00', @loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @dev={0xfe, 0x80, '\x00', 0x2e}, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}]}}}], 0x1f8}}, {{&(0x7f00000001c0)={0xa, 0x4e22, 0xffffffff, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x7}, 0x1c, &(0x7f00000015c0)=[{&(0x7f00000005c0)="dd44a0ccf80b1a877bf8ca68cf03855254a31291d90caf544eb65d3cdf83539d316e1c8227ce17af256c4362f1078c29e985c2a879b38e568042ab2538714b7f485f1d5f76849c5c1896c1f69c4aa6550292eabec6edcf48e4bc6f76c93a16706f8665ce0eb63f19b7d1bec54fc510f5619cd25810b73114718243917465744f30ba267ab97bedf910567aa555a7162e862e39697190b8a55246800dcb3a33307de0cd7550af14c4c1c2f50b647d13e0245c872a163f632ada6d78a53e97e91ce94c41fefa026c67d0f99cf78bffef196c68d1c719cbfa7adebe248d3fa103a7d9655c834b750c94e61ef699556189a97c0016656bc8c26740192edad189e3f2c671f16fc84697f00e99369e3449f8a2fd24c1255af7573cae286987df0305698dc6688adf184c98c119fdadf16ab9651fedb9bf3d82b50eede0885229a3d1d5c860d6d2ee3a687cd7d987da38508b03a5f14aadb6c15c4a434ca9db217a18e7a961abd0bb3e2f7221fde9a85776d7da90d34a27607c88dc9e55c5a27869ff83b0ffbe928efcd1b0231875d079df7b9b4e6884e5609fef7e2ae1825963a8e4492be5490e8c78679dea5cef11ad3ca5dd9231e238636403f892ffe4215b26b26da167eb097c4e7a6911190103155c4ac4731f2275da168ae1efbbcb416908c0c32a9de0245afee29c9afdf444470e42eaaf2c78f9a60a5d09d26a9f1574b6c78bc44030fa49424b2934a04a167295d7f5428d77e483309a7a4d88db3afd2c178128bfdf0e6bb40fee1283e9da24e29da3481e69f0098698fde359493f5d3b5217aff0db558fafb464f319cfac48dd61eb0dbbbbaa1371bce225cbd55aadd51a694846be43b9d048d7430eb478dea7cc6d8abcf384dd6a937e297e39c92bab130948ac5672f6782bae49e1b8b7a90593e90873a837461d5352f3cf3eae41c55fc3fa6cc8fb6afdfb0715ebd71fa309fde6db15a410fc5cc14c5a59d3b84bc4ad1563f800f0eea27ebbc950c433e76c1c130973bffcc1ad63ebec54aa76688aab7b7f9999dcf1c80f9b386a6120e97f3746f1640652b512a434e31b0abf7e7b3ec0cb7ca2c9a8bbcf1eccc87503938797ebe84b6b4639ad6d2696ad4688ae5cb1c142838b72e6ef976a74e97f6639ec4583e9f986f9da662eeeac3610297c288a7609a4a1b466151b7e1cd9f29ea0e7e4ce17c656471d5117f57d22f4a1352cd0275cfe2b84f0aa62cb7b5c6909a3a577188e096b183b100cf700ac96947ce3115934f247d29d29035597272c2b33e51032f6016c93f5ab86188fd234e15a7ada5b49df459672ae992a2b7aa977ffcdc904b5451a7fbcc6483f53bec6f999bcf0a74887e65f4f2bcfe24a43012a2e239e3ee8ae1f616c777f1c108ff23c9de7efcd13c8064ef8935d860462242455e426fae4047ffa7be046397cbbc3c4c9cdc9632c3b7393ca1daf8e90d22cb8fc2458d1f2aeb5052eacb3611db0ead12a46f43952d455e795b3167f3f98b05ce4f92124e165f9668871d187263f2be86ff9af7020ca1de0f8bc02c8eba07a5837bf1339a3829d48bfc31feee9bbef66556772a80f48c19f8a697a4b95c83967360d2212b5d4e2afb48a25af5357966636bb269fd76d18d7cc4afe1e7ae987ba771a8759789de350593527e6aee066896686fcc023d257fc43a90f7a325e7e7cbfbb65e717058958082e90bff501d5564c1937114b7389d350059e8b4e0837a4a065297b633b0cc3c9e2a9f861830c2dd5422ce7ea3e2016d99825c8fec9469c4230d1f840bbff4c6b4be55156421066eab5a72067adffe9f777e85b2453da67cec7b3a579d04c6fef8b6909e8648a787daa39bbcaf29ea4a8ac677db1e2e3d23e475afead12d01694f89f03d3e90e18e69074a0be7a41ea2e980c09f288601468a740a1d5271dd2f39cf1e6e3f660f9d3757fdeb6464b46038fe2ebb75fbf83edec535af47b8ffa4df78f11f9db50e8c3e7cf64954047c99e4cf59998d2bdcf527b3e10985e67f23dfb39ab558b1303e2019090fd1a52496674b444c0a07e07714a5514867919744d5a9e8d9d2700b4a98fe3c2e6428979036afa0c1b5e0b78fcc431c61ab78bc4e45dfc9f37e49db488b1bf5e6eab0ea9edcd3741208dae4012e67422e857d216c160b0b49a32aaa1171c8c1ad8855272fb057511cb00ba0f34b3b95d66812cbcb03fb73c1aeb4c7423bf6efc2c5f2f9b9bbe6eb44dea8eb89b1be8226aea530a1b27c9780da41f81b92e146ec6b361c8a9f27fa465f80e64fd0d8a58a43e74bdcb74d189c5b54c29e2310a6cdd48bae7f0a22a82b810af5d1d2c47718d6b4b79f3b7f0ff9ca131eacae225a62e496225ae6477cfaaa93835e1e50cb0c98fa6d03a70d31bd9c3bb2dc902ec5fdab63e60af40c4254bd0e44ac3f53b34129b62120d86639effb006d46fe3f3655d4819a3dec8a63455d68e36c2cba19897c8f13d0428194d63b1c4413422630834338e580fe37c7789be9f15ce0f0b37fb51fb67df15b4e522861714c60fa698f53f5316bfd1dae31319af695d7d03a31f61de5aa08cc46a12a05706296cc405d0ef557cc14eca06445290edd94c3ad2373823f97d45b7cf375a1764fac702d3618b002da340f0c741544161b18a26552ac600cd148f43d5e7765ff81aa42ef205a4286b34b3d0f6dd9f1c1bf096d6843d29b8a9735aac13e642892c0756e711642b0ff4265a34a2e280736f3124e0d3b9ff60f61d4d674bb9b9c21ec65585cb2a0b79d568477ac5a33ad824d509a3c186f78931fca026a81bacc9b8bf42d4f17a5ee165a1ef721afebf33f4c0c23ee7e0ec42669b6dda9f10a6be521e913037d9de929089f9c2b21f218117bd7232fc669b25cc53488ed1039cc282165ea008514e9b62dc94597485a18e885f1c242d120eb4a1715e5f770a13ce59f84040eae6a9dbe2c59a98dfc91e1953ca5a32dfbc5cb33adabeed02eae206189f99aba97d45e111c6b486d75de69a294a6feaeb2a34a1c18d53f48bfaecf5587d3ea5ffda7d39fcd28aa00fd6a18694abd30294743260d8abecefebe12a1340da5f9203e36cc45368e20ef9fd74fb2448f07952fbb8362a1cefd3424701012d9e4693a7861ac80ae99df1cc43c71ebf2c51ae2a099fc845493ad03f7bf063ba56e075800a40df79d42722dfb8cb09e6e407b4615cc6d8d41c92ef0ebb30a9fdd6e6686d314211f1ca123c844848dc9f372b41f9c67faecc015d159b76db4e4a19aad10db3a5fbd40d186ddaa1e8e685785193b2a3b360a9e83f3359258c75fd6c538281752cb1926a1892b54e984a90249ad9d7b2d8e7e00bdfe8fc918e5f4d752e6366124ab5c21d563676c08af7d428aad0a6fb79adc1277b9aa85e75fa6139f008df2b7e4a6093683608a4aa5552d581e1c560b9d7da8997f5b3b02da7af0070d8d383caaf212675f2343d7117ed8d1531c93b076641981fb2455314d9f6ec4bc3daddfce5d96b0cb715968862b3b7c49bbd6e87e8dc992c73d842a3bf38635a43b3ce310bfcf81a30addf980c54502d64b2a9c3ea53d4803a082142f7113ccc18198d6cbafe2f5134d18e2f9fdb22b7ba216c91392f3e325df53e0b67a2f5bcf66c04405416147b23b9d64eff2353bd6c57053dd7f87533c089866ba0a6c84d420d10851901985b593119588036c0ab3a626db7934d0044b7a25b0cea682155d2b2b5456971dacd91081d12a51cc0a82bca023816090bab283912820c0e33c8b321f596dc895680f01f4aecfe5a7d5d1d1aeedf1fbbbff2e0411b72034e93156bc86e3c9b9d742276bed1ca80710a3350952f370489e01477dd16448ab78738beaf0f1d192df61ff60f2bee3e2365d737ee0e7ebd732d6097b1018ce0e0f15dc3763aa784ba673a3b497ac9376b0c66eeb7e62e09b6e9e70512d7f3d8e6b3e230481f6e175235e27a387d1d664001b51e14d1c396d6ee03937cd2905c3e21b65f403c359b22cc30fea1bd5cca93f3a3e7000bcc869e51e4bb9eaa39095504c93d7698e5b7ac2097127954905185ad7cae9fd3e95a359388691561c356571d28186ba57fa95d5f3dc900eb38ac2194634e993263116aceef6907e36b5dbfc691b6de70fe0d24217985ca21f908855fc67a56d55540c4c989da15acbfe96aadffde9246a07289d351a72ed9660228e96ced1ea1561ca77c5d1e084c3117f6a06e9a62dfe5fa21df168b38680e18b26157dfb929bcde40a890c85485264f78146db7626d59df51dc64683c5b57dfb662d322242f12810d525ceeec76217838dce43972819550302cdc1c4384efe165fce5ac6b4f86b0af72e828ce4d5613528bc590fb10b79d02e3a6182a0435431402bc74cec82411354f400941447c942eed3657b53117c97eb981929a37b68d5982687ce73a82388b2d5ba034bb4ca18e51c6963c0b8ee78987c859f845019e790fd74a85fddfafe890bd32070c52daa1de8acf53da877a25e6f2a93f56e38fb07c32e9bc1b48f78257e1020c35c29fd0d2a2d48bdbee57d82022bbf36e2df5a916e8624c4ad9ed72ce8bf4033bc4cf247dbb1ea2630ac7f6740e653b1af24dd89fcb399c9bf6ee06cd08509ebb751c4c7a1479d450054535c198b012418381cdd53188a5428c149e43bca584af5fa672ccce9c9161cbb0f62fc91bc0b6f793836c2c7a68aa851e3045a4b932870ea6689ebb95bb8868b3a6cf69f754bc8b79782ac3b49e7ace2bca627b581ab6e5163572c632ae754cdf79708b89830a7ce8a094dcee3de33bcdb366bf94698d109d413cb3b09c5651d56e6da7931d51228ca34470da67ffa265d68d1a442c88a13fc0306e1886ba99017b188e5ef063d6e6ce45c58adb206026cb0aa19154795f39937abaa982a1d2f517196a5b579c86474c4d8142a8743524eb6189381cb7c48412d22e5407cbf3374daf988ce03be7e66388cc555106757596e6de1549a777b1146a55a9aa9ba81a0f7f53d27297c3fa7c13f56b4e2990ca0ebe9bad5dd12aee2ecdb4c4ce46b516e8f0ebeb7eeab2878fdfb9ec3de77d722c544dd168f1ceed33f2068f594ea5a7fe47d0dd2141a0c108bf7d74be7767a95b3797be7d7a0b048ee6e12521f85920072ecbb8b471959c780994eb62c1f75a31d55e77ffa583b5c585cd4f6fd3346cfa8f820319596e769926e91e0022060148569675e07364741869d46ceb1f9ca5487da5444962ccb6427ca43ce0abccce51bb22d0a36df704d3049c7abcf2eadfdf4d9c3bc80b07b9bcfcf6a2e405da5e2272b99f16a33e149912e3bd4e365cbfabb4bb827d1e553e93ea1cb451e67adbc70ae29f98321689c4ed57202fd8809b5c88901e6c2c36282d475411c5f2922a72f1825f07343694cc1fe781473d8169ea31798f1c8ac7d404172f000fa83327e574e4ee2643b9d7054bfe5c5048ae74e73ab989ec5a3fa68cfe2ba32a503cab7507976f98965dec3c1d3851c5c3bd9d6af4e8a9ff00fcd8d9bf6f8668ad0cf763c3d34f671318086946a5264c2e72ee89faf11e2df7390722f1ff36f9f5f264b19e49b58a2800d61454bba4a769d5acd0b14eea316ceddd9edb1d73e6ba4a6707c4d5c0fb2e78022809af53b22d8a453fdc45a6da20559898b0f3da5ef8c09e459fe206c9d9a848f66fad93f835da49ccc905d7f13830e1580aed4bbdf09b334cc6f8e80b1f5e166e0202a36febe8f6f45669d2036f18e4ce8a7833408ffe4ba6fd19e497cc66caa3e7f1d6b398e7a943dd4cd9fc8e7c83e14e618ff67d626cca746a9647e00edaa6336b37cc", 0x1000}], 0x1, &(0x7f0000001bc0)=ANY=[@ANYBLOB="24000000000000002900000032000000fe8000000000000000000000000000aa", @ANYRES32=r10, @ANYBLOB="000000001400000000000000290000000b0000000000000900000000400000000000000029000000370000003b04000000000000072000000002060504000a00000000000000060000000000000003000000000000000100000000001400000000000000290000004300000070fe00000000000014000000000000002900000008000000e35a0000000000004800000000000000290000003900000006060101000000002001000000000000000000000000000100000000000000000000000000000000fe8800000000000000000000000000010ed17db8105ece03c74b50c9bf198ff2f8c9ab621634fdba953e39ec026012d15596b70a3dfe8a358911e2501fa1776d0ed6450689a97dae1c0663625ec4ad04ce8332e72ff7a8f83f174782"], 0xf8}}, {{&(0x7f00000017c0)={0xa, 0x4e20, 0x4, @mcast2, 0x19}, 0x1c, &(0x7f0000001a40)=[{&(0x7f0000001800)="533d0e2085f6e8b49c1fa2c4c3e8bd1e47dfa78cb91d9af74098ee0ab6f1cf27e2621acdeae3bd30668c399b64f46ec8d0fcde3dac29e13e3cf05ef9e7b4cfc5fcc078fed596becf43fef342d58e94e60045aa6acc3dd695f4f0a0f2e67f842bbc3e88d9fc60b8b34fa2716b24ccabaac04913f842f1140154182625cfe28f3ed9ac7c26cc116fcc6116493b33066aec78363e156822e39d4a993437b0e34240869811b60cbc813c8565f80c1d9cf8589ff71659777c2d235f0e63972b8336178bab06d4ee4d", 0xc6}, {&(0x7f0000001900)="334c2468a05d93b5c19da886b20670c3d9feaa4266f210d881f916f7be012e95930c9cdc45632de6c9b47c7b4902bb98e67c92742d820ab6", 0x38}, {&(0x7f0000001940)="21d46e9bac1cfb20830fc8a0628789d4196d010712b28ea5c66757a8063ed4fdf68c20091025667883ea325f252e0817e6cf7b8996312f218d3aa706b07a40bb8985256fbbbfd2ac5b77aa4d27698bec686bdd9fde1da527ad0d5a98c6821c276b9168e5bf114f719336e14aea01984e29ff901cbfa3b25314fa0a7d150c74dcd14cf870932e1758ae565de5cca50883c9118d99bb8cbcd7c071d388b06d1e8dc5bb5dfd38f181576b93f10ce025dbe98266cc7d20f25e218d762097f690a399d4e273580c68a4f460a59f4629bc8f6e44bab2af", 0xd4}], 0x3}}], 0x3, 0x4008800) r11 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000240)='/proc/asound/card0/oss_mixer\x00', 0x298f3cc22e12b39a, 0x0) write$proc_mixer(r11, 0x0, 0xf8) 28.704327093s ago: executing program 1 (id=1020): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x15) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000501c0007800c0001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00158018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r1) write$FUSE_BMAP(r3, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='\b\x00fdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap,\x00']) 22.886643878s ago: executing program 1 (id=1020): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x15) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000501c0007800c0001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00158018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r1) write$FUSE_BMAP(r3, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='\b\x00fdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap,\x00']) 22.272889294s ago: executing program 0 (id=1112): r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0) r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x7) ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000013c0)=0x87) r2 = userfaultfd(0x80001) r3 = userfaultfd(0x801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000600)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x40000, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r4, &(0x7f0000000040), 0x6) bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0x1, 0x1}, 0x6) io_setup(0x1, &(0x7f00000004c0)=0x0) io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000000140)={0x3a0012fb, 0x2759, 0x7, 0x0, 0x0, r3, &(0x7f0000000500)="9814208b7d54ac9e0b0034c62d89c231c73709656da5dcc32892b92a8233000000e929475a36260be796c3b24c6f2c756a60569f1f2e17805ce2c8c0d2dfdc19dd36ebee8a104c3f1226d73f4a5afc871b641f84a1372888a07e5f49c2f7be93b0ad72c19d10278ba1519b21953daea82d5fd3bf594ddf32eb326d187de6964d9cbd44323ec85fcda774f943c1c0e98235ccc3b662240957d7fa6d96f1baf30cb176324e1279a35288c5384aed8ae6bb05fccd43d406d8118c5825502500feffff4db9ac179e2c8293bd9a3f658bfc2fcf563583", 0xd4, 0x8000, 0x0, 0x10}]) ioctl$TCXONC(r1, 0x540a, 0x0) syz_io_uring_submit(r0, 0x0, 0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x47d}) mkdir(0x0, 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) recvmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)=[{0x0}, {&(0x7f0000001400)=""/4080, 0xff0}], 0x2}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=@getqdisc={0x28, 0x26, 0x200, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff3}, {0x10, 0xd}, {0x3, 0xc}}, [{0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040000) r6 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) sendmsg$nl_route_sched(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x68, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r8, {0x0, 0x8}, {0xffff, 0xe}}, [@TCA_STAB={0xfffffcd4, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0xe, 0x4, 0x47, 0x2, 0x2, 0x2cf, 0x8d2, 0x1}}, {0x6, 0x2, [0xffff]}}]}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}, @qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x401}}]}, 0x68}, 0x1, 0x0, 0x0, 0x80d1}, 0x34008098) sendmmsg(r6, &(0x7f0000000b00)=[{{&(0x7f0000000440)=@in6={0xa, 0x4e20, 0x6ba, @remote, 0xd}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000640)}, {&(0x7f0000000680)=')#\v8s', 0x5}, {&(0x7f0000002400)="00781e96ac262be7aa7e35bf3da927e574b918ba6c364adf4de75eed7ddf63d95e6496ab062f221da203568aa80be0494b30832abd3724015f775d3ba8561cfac72c16b2da2dbfeb72a44aadec71889a5c9df0bca72c5ee999afa2f5f4b692fb3a7a46d7927201293c82b1adaa7aab6858c5e4e3099a49855cac4d6d4425af3d0d3985ba335b7e63f3f3b1ef252b4ab5d2cf4813230d76abf4ad0e5408cab69bb980455f1a034584d856999c842c46295aedf9e6bf2263483156b398933fe489d56a00a20c2ec72f55b86531695c433d5da53fcc7163271c2e6b79f31f9842389948a29d3563e9b47b01cb3e263752dc39cead60542b6be5537bad5d75660d48685a8218828a5bfab7bebbeb975d0e8df53f8b446dec7086e3319a9a60049e7d0efd59961ab5f9429ee078e707b4160140349bcd652920f5f815bdcac2e8b9530be840abb65e89bf22f5b50ce3d6b5f0ba2179f6e4c6602c03ef8be1fa892ecccc9b664f894fa1572d5b708b772a8356b19dac94ea0c1554b201bbfb9b3561676d549227b70f735b11b5d19e92b34666dc5af232d2d18700f7b08ef055b1277a852805cb64c2774cc1b1d649768d99fdf0f864283377af698e2f2e930a1b1d011c679e706827356d86c3a5370bea1b91050e35c8cf1786ef4bd61448f9292e231a77b42cb7c6621d5283350fe38dc8004c312a9b7d4c96b3a2df11f7b2cd2be225c085d99c427a975191d8cd3717a5b397bef7846a6c2cbdc1c9f900529e50c543b164f20a5102651df8fc5c5b87ffe7c4987d8d5065ab7af0d114340e69ee1b926b3ed7a84ca5b19d8740e954ec423965c32c0d2d4664b2e22e2d2942a045b569d8b8251c0fad0bab39afc98a226ea386e555d286d42eef3e8b48ed6adb03e1bb4848b2c40c29b758098c63077c7eac97f17f4f5fdc10d3d26ff079f4afae0e92f30ccd6092bdf9a5415e7a61de4b831775e4adf8c2ac10fc63a7cb000988d47737cff79a35a0eceb3fddd80db58375c6014aa70bb1ac9219d430e95dbb2829cb8ac969234e7a79e2fcc6397344df00f2628bd73a2d7157ca61d83eda9a2882819290459fc2d16f0a3b7c9523f9f786cf1fa645fbff8babee04296b0d1ca17a1e986004b2329c827527fa625c95dcae6b837ed555326e30d097eb1bf49dbf99306636b3f03a1a267cbb0f3a6b614627e93fcc92021332f92d4be5b64f6135ab94e7dcaf9889411c719e19c587502e3bf5f41d25118c96913c45d30fcd28a07ca0df7b70887f16cdcfb77350a281dc44155615addce50122cd15d34f4bc0cf8a94d79d35aee89b33c8887cd44faaa068300ce9f193c1bfc0e93123580390ab171e7ec56efc9919da6c6cef1ff5835f3a7123cbba04b08a53eea63a790e6e1df1ca592802b67e0cbe47eb72c39da3210483bdbd9c3aab4f712a70ed1bea9bbf6429f82def9ab17a3209a1ab4ecc7497197ae6bbc4bc4f2c5f9e38cf86b041fa14ed6e8f0e6c316d116f933b345629aea6895460301b3922e7588a6ff48b8ab8f6261fb0359bb84fc1b405a6cea9bd9e0cca5a02b3ff87edbc058db3c20896436be86e1968d57dab848a05191dcef515cd698b6b461bc54602e56a9e6c63d71571ec59e7277714f1b38938a22f97cd1064151e6cccd633fa079ee4eb81b9909c6faf542dbdfa82969faa0efe283b8dfa354dc1e5ca7c129b7e61f5b1be75955f0941e831050041cc6afa98faad7a723331fc74504c432b885866b45a5afaf9651a83bad690c62e68e25c7b0941f58d1ab4e249a887dfc751df2e386467734bb2b4f78f8b1e2ef7a5f4b388eb4ff9361fd7da0da525b247c27696b06cab5855480f504add56f95c3b179f7c11dd3c34b7c01538159ac019c487e5a07d98ef7e52793153bd847f95b204e41ec3e2396a8bab58b1f7ea630d0f19228c448168d23f1f9f5a9fa176d1f6f8f78123d7bb001d138a8eb3156860299989b471263970703465ca8f1e78b847bc29e0ccfa01408680f46a2f3c59e544c24a755497cc576640ca4bd15d06f05976c3ae1e56e2ffb886ae7ce630d02d7bc3ea90c54e8a71388e1c29707e53bd2e0c1c7bbb380ea3d054fe5e0e439297d309b0cea8c8d61aeed41078e5d8cb59f8580fd905fcdbd73e7b719868b275c75035f72fca5502c517af8c7f7f576f7afa1a68aa0db41213b4e3c0e1801fdfedb88e25d6e0efdfa44d3e55a07ca2bfcc222ee386cf622fb78fb9321c04e10683af2abed9f51f4c592582193e3bcb19cdd70c7258641a3c1183d537efeff82fce06dc75d23aae7df8cfb4a486a1919cdd4018bacdda10f500ebb9055b1e5bf0a2319530c708d419b5150a811a9d2047d572982cc4e8c750e816f988c5fbaa579ba09f4698d55885ba37aca0a4a0cbf4a9a6f8c8f144fd546b64319bcdffd1e4f4ad5e03777027ed266ba1f5c8e5bbad7bb205c903ad93439f3ea21988708b4399bf1476bae71f102415bdaee5868557844a5c4153fe3f95e67f03f37c44bc0bc660973cfb5bbe8d7746eecf9f5563340c66fa44f65706e2fcfa6471724afc6a0bf95c0f1968824a711cf5cbf2e78161ac58b3271f845b6113d54ab2a5ecbfcd472588e33de0ca5c94d2127409acca0f6e660ca5c81beaac670e08ccc2c51a926bac0644d7c0d766efc67b65c20d1df0d4c2ba65612133e49cd0a9c24aac53d95e54d6c9277932653d0f3b04e3b218b82cbad01141a44408d1762a4396b55d390b5c5839aa5dd846a261484d454a7a400a9f84be0a7b0ec31066905d978f03d804c2c9840c72accf948a038c3b6e75a2dbeca5e0264e2c270b39f52fa9dd4d1cd7153bb93a2ae704b3d3a36ca9a6e9448b56e9f442b5e95f96a50928dd22e06b9c4695d196eacb96fc274a4fc5da4aad653c23455b513ebe46fef56ab5cf2690b0d0518a0945e1771b8b168ee1f19db9981715d7ca5277251bc61a54da36791934b50882d0e75a764fe8e6c3987eb819c6a03462e839bba19a1044abdcbc229160a45d3b701d1dafc3169b884c1935958d8515b0518cd2ea1ad2875de6e2ed0aa963e890465000d832da25493eec6b20fb8d375c9989a9eaf5f7425708c5b99c685678a90760f09e2e538f687e62ce2a1117cfb09dc49aeaca7899383c3d794846e71556f8b8f90792c40b16ff292be1181d7c975f1d67adba4d905fab965f18d3701c6ce8fa68e13c15bb0fccc924238e6f41ffa2027acf1aad5b696853fe84e42b9c81c99a3aa4964245aec9a8178912950f8615933f36fa2ec2174e96bf3f5ac33f9ab6823f6529e7f3bd4f717da243b59955389d8881b6bda59ffe6d353779ac8dd0bfe9629c3ad97400da5f8dfe6390f75c80107d40f553db630755897e7a5ddc2fbea7c633e788dfe3003ff12ef85be8549376ff1aaa28870dd24883408ee9952e19d3d64407109e7a44684399635c8b0814a2b114ad7d8dcb36feb9b3458471753d63e53ebd086b4c04d3d5270274fc40c5f10d57ad371f522e99f53ad7175ca671742a89b145de5c455a2e4d0b014c77772c9d96d73c8655c352028a36efe6a4109282a5bdf6527411c34f8cd3a4825e102d033a57675952c42a023080e6a9ec5d7b481d3163fba1b3e293082468e9a6fdd85e4a0b27a0dd3dcd811b4bdb1a1bf9c263d3c0febafd85c4399a2bffa466e9e2a94a9f1f169c9a9d8e54b77e6fd47f1fa13c555a2a4e46e7b1c08d62a1d085a949f84244015122bacb2a45f9628d464ba67a683fa3a03d5202eeba9ea23781fc650c31ddf295b327d0a1ff4ae6f19975ee1ba5c1b769ff70011c57a3c1608091f9f10a226478b0be81774f6cdf5bf06e1801fc9440264aee177f537ae65aaef805804e02b34808266535cc60b06c5ee2a1d16e48bf6b6b632e83bfecc8ad32435f455b39a2c53e3365d7b1f39293c77804cf70fd86c5412f72fe186d4c802db97d789cff4e5a39ca60b8e34b4e89be01cc318de7d0d7b5935414474f9746b0f7661396ca9b37df2d2bdaf03abfe15ff6dff00e163d9f0668ae9939c872793860701d21515d6594e5dd0d0a486b8c6152c3e6605a2ee366bec01dc4f97e12d7faefbceab1c492a2446c95eb2ae46b6bbf4de03b87f3cbfa3944ddbf548078218681a1a82a57f237fc925db2fa3858b9c1618ff4259a420630c91357989f1e8f22f6a4d94b60b6d634a77ac9e574804ae32d34cb7e223fd83ebce50746c85f6c6daf0e55d8f7487bd46c91dc30a9a401752ced082de5b488f9555d91b5b443e25dfd4bf9f65691b3efa4bc6c541be28108886655f9b3e72d81ccc8343cfca635798cb24cfec9bcc3fbe2b88289e289e413f73b80084b522d0ef2622cdf8c137acb597968ad39fe70aacd2c2ca3f508bbdb8017597426e1920d7b36dc3cb1370dfc8cb72d956b01f208f3e489206c830cbb052d1473c56f29e472b0b18da67cba658c1b4eb9acf30d69ee40046de5db8d2018201fe5527775364d90fed4d1e143c90a5807db6530987c5590b8d970793b845942a06228ddb67096bd5c5760223b630b00af0ac234e095858192c66d1f3e305f4cfe0399a69d87f435dd6ab5f92993dc6f78ccd045faa36802df6ad30fab12e8174ef879349b7ec3262f7f682ba167825ecafbc298db599b54a877a74db9d179a20cb15f5502b50cfb602db49c737afa9289ba7263a5aff81b341398ec154d7a89468d2513aada7a363269e39182e993463d345153799244bfc3dd4ceaf51c9dc7c22819a4629f2d8c18f451274c1a21dc50fc396514f7e52c2a6ecf79b012ccfdb5b35aad3065070b52d5a09a3d8933a22c62cefe3a8a9c55fcff16657e86971a021e916186627d368f9bb396d3f433aeebbb1d32a5a0113dcabdb630d723ba196f457a6b9946168e582b53a9daaba27a93fec8bcc2947ea105c8e3c275fe4a6c5bddee28f3a1b2497a10d8441a2dec49fdc2963ceb0a1ddf60c1d620b9777417f76b97cb7f3e8027565fe2f4952cb49042a5eab0312ddb752068d821ec03f67683643ec9c9a56df2ed4795366fb07552ed6d673589a930d5e0d5aeff7fa1aec510acf94aa261950062fd73045ac55ccf613dd5a1e7176c5767dc0ee407afd69c7322e8d94dcef0d57477212f48f26897bd19bacd94075c9ae134d7d230d48176d604e367e6e1c01969261404f23dc419fb7e701da8131d8994355f84ae35c5b4aa78b5fc0d2cedc93589129131d70000c83b1d020c548ea9da85a46e72540b8c22129db03f20d6ed7a7cf5c42d63dae7aeda466c748c2b9faec5ae5f64e0d8b6ee586df2a034442f2eac459d27021a982508d1fb91e2e1b6b660ec6665324e0c2f503a0c72399a1bb431a219eac4cf7bf25c9c3047d4ce3900c7d91d78ee6f54f36a82a121c8ea38cc818b1385f804a58145991e5e4e26ffb85a66d466cffc7456871305bd7edf0d4096cfd8925b112792e1f1f3ed0a63746a350c1e1742ddaac8db72711faa3d9cd7cf07af4c890da19736bbc433e823984d1bc5da00c29575481d6fbc82a002bdc896d04b4d2b670a3048688816defdf42c01122a526dc60aa621921af823494ff277c6e26e427b02e8fbcc2f8f52ebb0a6817408aece9ec328e1e080a13ae1a69e2badf18993315c885c77b1a7254c005b4af5a5d6f9608f9a088876d27b977e754f60ebe998820519bc57a77c3d8a412f4511c324be1d1cb7b769585d0e1871526af7bf5a98e039c74d82dfad847664d86b62793ca4dd3ec16dc836765d6327645470b3c91a690253bb2745359f69f001b0440112d0645f836f6e", 0x1000}, {&(0x7f00000006c0)="97a110909f80015218f936edc3ff0fda5d", 0x11}, {&(0x7f0000000700)="b7884f077309932aac70316e32bad34d2aa14bccd21f", 0x16}, {&(0x7f0000000b80)="a39efb205e05b0f1f4b342009105d5ff846aa0da10e0e251358a761483e2af53f966b275e392769550eca1a814e750aff9371a3ee5415d8afd78240e5fb629920aeaabdf5ff1a0066cf0ae3c28487cc27a32657bb02b005cce9145deee25d1d51afd7f286027c8b0bdfb16655cdce2af7587fed5c2da75feddc60a0a07616bc35d93673eb527704fe7e29b135c0e0a263089ef042cb3d5d30e", 0x99}, {&(0x7f0000003400)="ceb865d46906bfca42d7429a24bee558d4b976acebb8f3f7f6d969136625034b64fdc2008471f1e0cd2f90dc178b8b1907da3cc3a2fc11ec13b3d494a1d1585bc1aec87a7acf989d474e6b032c688a67556bff6ea1c74e01fcf604b34f5e484971f93638a9f512717030a14d1f826566305af445ffa73381ad6ba390ba21c68ad253ad6c8934ede090c476ecb7e881d79ff45ed291a0936b47b7b80486ea6b0bf6b4107745c0b67a614e28abfe238359a81d80144e204995febe1dafcd580403bbede2247001537f32b0a8589fe67624e09608022118757beca2b17f908bad794b9f31158abb9d59abc04b082d153a50c9f4d93c905c6bb7399ba154a8a6ba7da0251e54d33ef7a47ab741519cb034284afe47b8c019ac403f4a851039e7e7c738545bb18d92571ea4e863fd44c2ad5fc316a5e74c84cd3bd672068a3da72594a17eacb85a2072614dfe9c6c16a6ea14b3692a0504bbfedeae0a732a20491f41d1adc90e87131ab9f8bc519d94892696cb51a6baaf0ece7dd3e96c452a5e44d32e66d151a8270c87f26034bef9bd7481b117884cd57a369e2492d74750176cf1452bb36f6a32b0240ac8b80a1d802158cef5c4ebd4848ecd31ea9e2f1e07b7ad05194eee4708f496bf9f0aea82eda8b78f5f8bde45ce0603702763eb5830ec4c246500a8dd31f958cd212d2794146d5dcc4405e48b6d4e14eefbad48f9a5cc64e3d3de851bef4e0bbda68b5091d1ee36401a5783cf8469f801484886308ad506fe64fbc7e0204174f1fc469b7596c4c976addb5a86506dcc1d81ae6d074c24192321aa0c2502ac3d8abe55a29d9ab630bbd2089bbc87d347345c1f4ab94324b9cd193d940bc38640b5f0a598e906a1f4fa485ab4c67a0a109362cfb7c297d58b948e512a2ba0ef9cad63c684d0b6774cad6b29744eba131f3ac7f4d58f5219352f7991031c6e177ded909604afda7ec25d449a5437b934ad1b0f7b086965c99252052e6ee1e6f5fefdd337bdb2846ee708f95e4e967a8aa102622fc50b48777a0a3ccb151333af97c8e7131bd4da088b4083379149719c400f8526b411ff1f6312ddbb4aa442e8b06316a6ab6c7cfe758263e82ca565854cc9db5659a996d4a924233fc78522049ca8a9a0e86da7afb69c06671ce0559c2e17a27bd727230f1069a8c3661523a9188d698adc83429ded0efd5d3a6990bae5d82b13fd4857185756da26dcdab42b4efe76adbbfbee6c6eb715d1feaeb804c58b3a00df7fd0cdda4856f9e8471e99aef9f65f147a6ff798a239759eaff9dcc50fb3ed042bf64b19cb5a238494c01b611ed7330b7c7a66cd9e5a7e95be1a4dc58860bab74dcf1c50702652226751732d696cac0f9290fc95e4f9bfdd7cb064c9e86a18621bf6589d4dd94b0775a2017d02362029827fca29919389a18f49d1d4299f2e643241cc4db7f4f2a2c4f995a709c89043343358ee59d6c990cf330f199a0146c5b3232a048ed0522f3599fc44ebd4c5d846514d6409b00185968b2675c40b95f91859f3d41b9daf444edaae6a5044ca0feb9580dc546e8d4fd3643798133bb1838150a781c1ec83792ab79c778c647ca4cf368e5872ad5ef56044ac2c9647fdde46d0f46bd3b3ddb21ff02df6c2d1d67675449a448824b07f38b4eab630a76466619e891bb94c469ba05b36668364558b9ee12706ebd3f6e00b680750bd3e22ec4fa13334e6dcef8a59455b02b52ef8a4bdefc31698cada199d7262068f39236ea7671c90233523eb7e6c4c112dafeee91893420608774d99c189c23c44f70cb07b9cb5faa32296a50fa6c7be64bfa3de3fb103299251482a5cf8a7b0b784d1faa9fec5aaf38744ab77c4320cecd2bef84a220a32fdec1fe8aac03bfea71b99d121becc58a1d4c515b84623ef5cd7266ad320e53457532ff8b6eb1abdef76f9db0f0bf992ba10b83291bc149aaebae61d0080c529e5aa1928deaf046553e2bd253ba4e0b27cb175e31864e154d6372f6a85f68791713ad0be08bb1e44993da8fd99855403ec4b8ac6a2e2cc781fbb84e8a9fe8c97181787af2c5a410f9296619ee2b6397de011b0d09437b606c66bfa1ddbbc10eb4ab8da9d425e0be63db60e78748bc90c6d91b3213736215cfcef4d9dde9fffbeca99d3d3e45a315bc51ab31ae063ac0d602cfbe25addebe1137702882ae269535422b855c05c6b501f1f76f1ae5b01744fe573b07ccf25101d6394638aa593aaa3b365c15bdc8e1a760534daeea2bf580c49f3958bac3d3d34c8451c50ebe85dec2b75545f8a1a4c8e8b3c59ac9f6e9c284af5f3f24b92248680b92d0f67f9526883a18865a0d6af9bf57f9a402a8453fa37da4ec2dbf4f03a19ba04768808e9627d370c6f3fd9a5606c3048c478cba22f217f1e98b6266f89634d94921961a9727a9b5e2ad97adfb3d13e0538507f4d849b90b167c8d2cd730e3b31d4700eab2b3e07101540644d4ec34941eecf27e39f276af98d6f54cdb7132d83bc0fcf51311d10ebd622ed51046155ae3c68bab90b1034742f1bc0b5bf1ba551fc076a97e1560c074a622da8203564522a5e17502f43ac119b1b5f217e17c334e072729a3e2afe1022dfd5b54940d23ccaa636b7dfc79ee32da7edbbc965ef4d6d31a8c8cf59e2b51e4ee881344078c1b806e58b8083d185fb26487f0c326a7b0ab0c800ee717551ec99fc49a9577a622bd411ecdaad2f194c97acc3815aedcabc4b5c813f1920840ffed99b0bd3eadcc342e1aabe2793ef52922e367c87d60469aaad22f55e193509b37415e6823f5c9f8bac1cba2aac2c1b3e7429999aee3f85fd7964f89dc46f616b2e26b0313376d5b5228b5da0212075f6953b857d2ecf387561991d6fe573b5acb4ee0a6010c7081112bc9dbce3b3cea29b0d0c8849ffadc800d2d092c060cf702a534c21b9880735854aa99127a13e0168f4141b533f0e3a4a61080ae1ee6fa6029cd88c9038bfaa7edf2cf14c3647433bd2a497deb1dbca650051b39a833d5f03b2d67d7fcfb11a3f09f4cb3b3c920930fcf937c9a3a322593aad38d991e16776689e832418d60c2418e56221f12112aa19ad3dbb0508bf7fb5a03f6e8af5dbb223c8b635dc6c7ba469ca33afac304c3b0d6351ef3bc7aba0cdd5337cf2796cdfbdc1b8e082a4d746d56deb520b809cd7fa969fb04ec398de14a05cb311cdf1ed101e19352f690950739cd2ec874b555b683f6b36aaffdd9f850994ac91604f9bf6a7b6c6f247031790ba9c8e7e29db1b3d5158f4a3e16aba8436381b0e8d48824ede4b8d814f2c16846e61432728a13e9e6188528ef816e0b089b1a23ce2a34fb6b85e5c410f361de98973046e5dc473baaf06104d478ffcb0fd3ddd225935953f34fa461a19958370108527ca9efe14c2cd7ccf7cd71bb1205f01d2869ec0b251325e8af302ba73897e594a74ac4089f58062b7048a48a66242e47244d0f7c7f45a7f7985ab3e775e7c3f229b32e2967c88b703a30d144374c2ade8cdfb19ce704edc12a841ad372150a6b87719c2ebecef2b34eb326dd83446e23c3ea57de680521002db23d585b8c2cf7500a97ab46f6b0ce3f17bc68b908dbc56fb8524f1673b2a47f9ede0875dac9c83fe238e85187d7eba2f9df5260defd3d298319ef101c091b4932f8d8675afe265364c01721ce9cd8a137fc9910e2233d1a59356c7eed095fe27431ba13d51abd1173377ded434e62d95b670cf3b596fe6b91b12b27e1ac0cd195e5a4b996ce0f0acc5f442a2c77df9f3e319685402d0e6f63bc95161e48604d6b15c665bb287a2118807b4c76c859e982d4c1c7c946048ba1aafdd6281109b76af0828d2548e1bba880cc96c8b38305550113ec81217c25ffa35956cf90887b4bd4d1d383ffeea7bd72b15c8a71780b6ca9be8e45a2a379ade902a8a6f14440af75785bd9668d45d514f9693be0d150a9ba28b25f730596bdb5b9d7c25a0e8506d1f2f56c43c688748c13255b82b650fa58eae5d91288efd6b034c47d15e015e07e3ca94f841df5335089987a170df782c0da226d162f432273a1291361efdf41dd03d2de00eba1cfaeebe075a063ffe05e3a0aad1fd3c3167ce6e868afbd97599ce0189d7e8ed1095364f04d60f63ae8319de81d287ee7ef5474321ee55ff4920f99ed7b646f80e987968b2e93714fded920def0c54c484b4d7be6c25c8c7aecf4a36a5ef98cfa67e8e698c68925de305abb9250f32b075ef1d4bfe66d2534aead4814e4e39e2615e0ff862e8c8855ed06f6e7d391285893b8a7c4727320b83713e25673ea49ee4db6785abed2618ce539dbac7a209aca5551843f0123793c149130107641acb8b4e71d726342944f665b194f204ad0a64a017318032cbd3a7bcdcafff0349a0a8bf57ef3b73054934cbdf181176348085d01b89ec98a44b034db1c564f547629dacdba97d9d190f78bba961caea370a4040eb56fa31a1002ddf8d414d4755fc60c0ece7eb05452a766abfdbf05daa801eaf86380f958aa2923c0a8e8e6438bd3b8067632dee79697e12b107c00a87eb8b6560683848e85e58188fd05e9add6cf7fc93acf353525e7d1f9f858f14d651eab8300c834d36abbc3d5145250600df756931c0137b60c536645328831f34301d2baf71dce9ed9f37bb36ca2005db230d90f051e9cdc5ca38d08dbab9c7865eb993b8c907bb889dc8d77b700e55bdc435b11f84cf29438de4d287db131f277ac6c1e3ded12fbcde014383e9d3f1ee28e28fb6e0d998b2819e43a5c109293be47f38eae15e4fb710408b519caf7a4a92d1d567ae47f9adafe7a6d8d7bd944fb23df94a58ce1e856a7d98eb00250753bf530173410f2597b0a5bb8debd275d65267630c34b94a06a3325a3553d3323dfdb527480eda7f7502cea0de3160f1586ae47592f89a4bec6d864f4fdfe8cec4a4e57a2468c23f88e6643cb83aa25bd70fd3c66a1936ee2dc7f74c20285d7701e7e7210734e292b0e52fd51cd218acf57ed4bdad52ae687ba9e52f022adec91742c99793625b13feea8dc9c826d675c960d8e54f5d77b194749a830633aa52962ddd47fc453299196ca37390a180410632b353fd1deba17c8e78b853d62a4d0189d8d6b946c799b41bae70b10022e67677646d0cfe070ba335f2dc680d00aec71fbfe6bd96cf85688564de45183fb927efe8ea1858c17f8d6ff8faa7e03cd760db00afd0708df7637ccf2e2cde04d212b7606a32f473daf93e6d816b8cee1c167e12be5248a7bf933b6f117247ca08b2c2cdd0b034a67ecb785080664227a753f617c01f1096b35b642930b01ac920d904e5d1d01e99643fb5c5f27e0582f75837d0c0ad561e7b19a432b627118607f820966d5a17ca6d3543213964aa36506a30fe3b21db4127d2fabb9737c23566b5a2a82affccaa437257021d9a26c0b4e2c05c6b9142b1c91012933909964781a481e50e5480926844d5a9f4b9b5a781207b9ce51310994b67b3f2cbe1d7f55e7d1fb487479530b439ebd6e53bd206fe09840854bef5cbcdd6dc05809622d4870d81b377b0c4515822315de04e546efc7d5ca1076fe881050c72417fd6ba006452279ce38ea19f49d564bf521700cff3faf447164a0c8c255b9781134375b6290195b6fda0b0985fcfd4c7c0ae22c1159b8497357ff72e532db31e295723d7765a91ef6118ee2f1c1ed8fd1430d5221ce02c065812e0433114e47153dd517b584ac09adcf466a0251f4bfe670afb43c305ae47df7b34973f7004e4ff6ac59b8fbb4fa69134bb262d9558490a762091", 0x1000}, {&(0x7f0000004400)="1ccc92c20b322ad794bb583c8298c4b686c784c830de91075eb462670e49688ba2ed433713424e73abc5c7d1629cfff5394a38c27914f44de2f4f6c0a10ca147b648e9a3a82e9ec6b59f0b1147cf5ee26957b235a76041705f0cb341746bb4ebc8b0bce35e6bc4c6a5ed81cf96742f31af9e245a8afe93842b9555000802ed2afd552a553b536484d571533ae6466b5f6153145218305b4e74ea2043237d49c07c74936f3501e534b20cd9eddbe804836eb08d4076bcc226adc60a94fb37515a41bfd2a5e69298ed072af235a834d44097394c86ba3c708266dcdfcc6e92d65d7fec259c2534608f5d71afd503f686d37ff81421b363b7c1844a42916def85d20fc6a1ca6f8292bf89f92540416afeef6cedea2c264be8f0c912c1da34dbcf9476341da3434a82c4be86c5e86f076afff9fc040da548866fad0f70fe21cdccfe305a257aea4b0eafe41ab72b2756ae4971b61594e61b86a1e44fc6ccc62a90ba4dfa9a63ffb772d5aa68a2fbc219ec99f91d314e4ca3416dbb5ea32850b7f0cb17c3afbda5f1b185500c6c4a5e8621a2b145ea5a0a753f3b6910435938f0ca73b42049e01fee0c61ce0b0df4ca31fffd382d39e5c758324215016148ea5945a68ade990e45832e04a584810af84d5eee3ecf6171eebcf757401f2ac228a2291b56e245d9ac16d4f195a95196f56f278d5b209dbdfbf50827500c9370ea9e7b1d08feef4375e116d6eadc6d1908c781743427b4d0e68d5b90d4b9cf475d219704487fcd2e5d3b2f5943a6633d327f9b69716b9bbec86395812bc98108ac74b5b1df74319c4c154d6a6e18d50c8ddd1c739065154ba87fa458ba5b3a482531f1cb15037820c711f21a5c3c8c49648ae01782d2c2cb4291bed1890cd0b1442aa48f873c5444919a17ec33823006c550ac29154f8528d29a3e947a47cd0d5700cdd8eb9be89388a83cf4da74228b2996d234cb6656f040615f6b6d824c82607e1cc8aef41097518b1fd73096d0f8bc198af444ae38230cd9075999fb85890de6775c4369259dc55340ccc99359110893028b6f6b345d09076448dcb5ec75143f2fa401ef8fd3bfe12aba3429f96f59ef22eace953f66ff3807c49cf47169505a22c23406cd9a627f7a62bac7ee777b32622e3d9405886bcdbe96362372d1cf09dd1b569607c1f229f2f3f2db9e84ff324735a9f396e4ff04d7d2b4b0a942fb12af2b39313084ce3a3e2d51e09c7cb323215eb900309f6caf01bb2c1e16c024331e574b9f760615c5557d574ef43fb8ae2a9d8c8b4af98d1809c4fca38051d4924fdd843bca6f74e14923ae3172f46405493f8e0030cfae0f492043a040e9b5b951202e65ca56a8b23609d4107d0e9b4d1816e5df435c3a92f9da36d4bf20afade4a1b8f36cde15bd5e58660546e30f2e8829a22ec32f12058ea9dd0ced9202d207b6abb84b534c15683354e9aab6a7133d67d13bd5572bf1233fbb9671e4c89f95acc867a385e92e3cad481dff69b6af4861919578bc5659d7ba82e589171aa54db810836db19e40bf533f87b96840f796383bf35403b7fb5043ff864c89237a50503399360cc515dbc1ae22cab2097c87e353ee02171129ca13e72027fa9d4b2869de862e8edb9c094562905b493fc09c8fc2e75e3e6aab468146d857a1b36e600912bd28970fda8378dcd1af0e2ef005df42998772ef1839047fe979982655d15f430721f7e1a029a65ccfeaa47395d0d3f3f1310de76783bf15a4c2c23940dd9f523a23d5f6527e2c5c66da84705cd7faf13d1b3e785452d89f33139de4dd0773c58bc14cd74ef9681e00971628d407d31d02a98bb4ac81d6b5a06b0b35c4dbeb5ce1d226e34ac954d68c8e2efd5293d95b008ab05ef188d6a8cda70c4f2e0c8ccab6333e0f9726a04edbf791ab1c30bc2345e176b903899c092bfdcda8709b9827cbc713e4e1b5856cf9f5a57845641ee573003544cdda78b61f8b1a0c2c3ebbea218865968c8b85dad697a32cff7966fee30e9a5b99323f69d5622b521cdcf326caa851675d9e385ce45c56d3fba30afca8a2279ce6ac38298613ab21de1c3f10731d55ac2e468ae41b652dbc47b38a5f73a78da7e25c56c473900fd792ec1c7369f846d23ce4db0d0ae47a7164dd692b9d34b1ed00167ad0ddb8ae16c0395b36bbac901fc2770009112877a32d1c9573f55b705b216e3d095ee94ccf7af53539e758513eebb656e732af07594edac1caa03e0db8dc25002895ac3edce2f34bcdc8dea06ebd49efdceeb1b63bd858aeba8de545439d4004ac3b6ef964b2d2db756f982d8c2236dd85b4e2a4e1e6d86dd3fd22f3050820711bdeddbd440ef22c8589f8ea64817a2295b68942ca558dd05062dddfbf6d460d6a63edb14879b88ae96b95adda1bed71c7233ea322e95517e77ace5f4cb8a09dbea86d80d1234cd7a433b5673d77a85b5bf3381d28a8c2702d138a2f7e77412eab0c150378e4b192118e018229b028bee720bcd0cf7422af03d2a762f118bd2ab364ab98e9d16df0265334438c7178f24c80ece79f1c9f7cf5bd2d9ca959c6f7e983aa4ecd748d5f9d94ed3c1185c8cb0df3035de2a04ee8276af43fb8c2aaccfba9f4e94736ed2dfbee75355f37098166021a1d9ab4dde589e90756f4c096e822f08c9594424c1d3a7bdabd943c055f05445196cd6c86efde1efa4dda0df9ec7ef1bf1869bcd1344fa623053ece5cf6fdaa0dda0fd8e74e2d103957dbec5823f03dc3d970d6e1578784a0ec76e50d95e962f599ce7836dccfcae24fb063b7f79dc4f0e713be827de2ae8db341023d0c97b34ee6c63542314aa469fa3517ef5f7be60d45496763ac91b67821bb0afd1b0443af4203f24aaf761f295d1c5bef9194494b0fedac684879ac230fc09051190f10bb7f948cdc6a99c87bd02a38a9a179602b0dc5bc5bb0ef1312dacaefe4ab134fb0669681ffecd34422941f6ddc8d3e9d02dbefcebcc15120b0c77c9c9db7d6df24664d249f19ca2fa0633576b2d95f1fb131ddd30f13a0367926196cc1a0fa4b682fc3b0d8c01395ec35df037a0fbeee902011c3a1bfd7366f38389063e01e2df81866437d9cd48db4dce263cf848caae8e9bd0324b5160bb0a81525db3412a2f4feb2c9859be56dc9e389b7eabad0575b5a4ca054ab4b68f86e71e7403dab7f69d1cdeb2c567a05a192bb627458eb747193f4b962c7ba438fcd7caf3a85150529d89bd637b40e6e95378e0218687ff2f5f7bbbc7c331b0bcd03780accb6b5d2ec6ef842c34fc2470b6fc7602e10c27c908ca3e063819d4e30b848d2940495b17d54b5882c89c3794291510b1d8fb72953284a4813107bd4c74b44472cc3adfb6ed250117ec093f983a2e039c7501c82770d37ba14c66cfe732cd4ad69fe5a4b06514d7d4f05d0cdd22280df63aa23a59a35a45010755501d1fdbba7ce8703c14c73c05fabc929cc7628fbe35c5e8a1316404e5370788b4ac21414ebe53587a7c8829d9ae8ae9e1d62a569ab0efe249e388841fee6bf17bf2a5e208f16effe21ee28c6d29032c946b6d27c6bd3be2f6b98d28e9e207bfd9e0adf6118597103f84f806cdc078fd8f49b6bbad4d32ac3d8de9aae7c2ebf38ae5b0b1d9c9702ca748bc370f2984cfefd5b7d6730016a7ba6b9002d7bc0a6fe50fa4d71046dc5c4106356c2e511ae26064866cf38320feba3f7c7bb1834be3f3c9afd9c4e2622d3666b561a95f78930a431e3a734d9c00df90a5b7eb859f76cb70843323253d660d8020c991425ad8fe7cf9d647e4fe25f8558cc0da92d3e18e3a79c12648b77fad40b30b7a33de3ba7795f06a97340d25069c3b427d20fdeada93f2c5989b333eae796464ee6d3aa82badf78ac6c5445539d8a655adad88e417447b112a4b094a8ccdfb3819befa5504f509619a9fd4de8f42ffeb68926769397fef62df4bf1ec2884fe160c3bf509b17bed43309de51cebe10c8491911e9b889db0919609e5cdb7d791633418142c0292e5c20856675a25cfd764c49de4b5f66ccd64a76eadeae57886eb59d13bab9fe2b6afe55d583935a4570f25acccf1b5d4c4150abd4715147b929ef3cd422cd4742900b4b7a614c85e271297c91395fda8aaee74eb8e93f968029e42081c3f7826cfa460431653f165a5ecfd95c3fcbfa0176ff982e493ddd90e543932f1b85a74f9a730f442a04dfd5679cbb4b9b781c3da38975ae20893d8ed4dc03db4f66d7d742c8ce8b7b6b6bbb11f79b4d9391b5782a5f3c51f905b8a2623a5b27d56b63ac55b75d56faee4c2724c488f13fb2701b0b13021a2962a02035f9732bc34df617ad2be3ed5050368d3528685c63fcbc690d92866258ce56d7fa66c3f2f3cfe2d065c9f952e83053f198f4af430d35760b275d9f75589484e96a9f4f6672b6bc8e83837669d1882b706250bd5cedab67f44cf0857605189b6103317b584c18c208e99e9358020f4af290fccb205f188e091c598b7811b9f8cce19abe4c710f07b0fdbefde66344cf9957d5ee8066c3ac598d411260827b647278afeabbcc94425704fa1096d878ba4952689f8712d53581048ce52c7a80ba418eb7054e45ee9656a0f115767db12ef57a5a7b7a96bffb1afa680624990b8c255c6442743c108b8bc00f4d525a5e82898cf51e4cb60fe534c29e6eccf44ba157a158a2b4a8b91186c47e53e47a8326644807f941c96c8d226126df27d847f67cdc1bfc02df1edc351569f6cbb5e658bc32d54f52347817a3f30a7a9dfbb510177324e454934c961c24c14add6e4cb483aff3b5b60a0aa5a2bc8832953c69c80ce126001de8055a3c2756cee744c33953aa1c536500d5e3db125a2ce0238f885135e28e1df08846da39a1c0011a6ea77f092b69099bd7cbedfb7499cc84bacd3e5ef4f9a93a54ff0747e326a603ecb0d574d37ca9c719e093b7a0de91e82021d4288f4cc2446a17d59c4ff7466900732b7b0b483eae2069453defaa0eb6143158d99aec3f72192cf5510ea96b53af55dae525c072403622028b582d969027ff77cd202429c25d5f7fa7c1d288c1d42108e45ca43e3cc4e6c5003a2c747da8120b305be348b8a133cfeb2fb25a8333f3186477699fa48486f69451cbffd17e98baf68dfd14bda8146d5b4051758c47dc34ec0c2624171367912f36eb74300e7cfa7d131f7903f01252de907592f562e70d254972740aa47e57ceadc917b59bab23ca7e0f5724e3b659951bad151087711145d5258b4366936e27c92718959f48120e4891dbc058665f6171ee7b44a03b3f9f1c51d74492594c07dd593bbe9f4dc416f02bc8c29922da324af8e0a12322c2d0f3af9bdac273342f17b808f061cd54c63947c94db5d166f43bd61d5385bd993ec82b43031e72aa36636f2bd6b821de8acfd18d16829d270cabef060f4a6141e05ca7470f07ee540c9cee5d198c15afbff9aafa1cd32b87b625b0aa35acad8c65bbc67a08a3bc3e37e1544b560f595f7cb6eba5a020104705d1b4164e63f815b004dab32492dce70bca0d55c12daf8d9d8ec0cedd389a3c1f832b65f76662c4f27664e8e581128389adc84deaebefb319215c5182e6e983c1c5797f0e0e47ddf909c043cf3c87a9541fb9a8ca20aef4462a39c8d7e982c83f72a685655a22e805c40e9be6660b12d7a4171ae51cbd1c65af2a39ec9ede7092c6b4ae0ef7f2f7d07a552c9eb66445246f3b2c60297458b55f01a01411acacd5ff18d277a7d0c6702f32e3911993dcdb9df85ac810b40c9e286155a7f225ca9d6d196308979d96a1f77998a", 0x1000}, {&(0x7f0000000800)="4d7eb4dc736312e89d12d1eeba116dd7aa3f3d3575d8cb780bb0838492a86185977503466be76f5772741eb489325990d4cd14cb7faabea3e753d292bdbd2329baf3378443e4ddbc535d43e9d10741284a8de42df29e22683da31cd0d93b3fdaa763c07991", 0x65}, {&(0x7f0000000880)="310e5cf1d8a29410db34bf84b71ddf4443a82b0f0e619ed7dd59", 0x1a}], 0xa, &(0x7f0000000980)=[{0x50, 0x118, 0x2, "9e2e9b58535f0a6658af07c4e40dc4f7aa1ff2ae6e683d244affb254d029c08c8d9b35d470c7dcc19e265d81324ee5af6ad2e5bee6a39aa1bbd7"}], 0x50}}, {{&(0x7f0000000a00)=@rxrpc=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e20, 0x766, @remote, 0x4}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f0000000a80)="af33bf768f55eba194d0b03505318e00fb5f7f14e2d97f6a8c802565bb486cdc", 0x20}], 0x1, &(0x7f0000005400)=ANY=[@ANYBLOB="50000000000000000f01000000000000f8d80c8f9be245b0c826c0cd3c91ae17dba02c185fefbfd1c954d6d87ec7c00344f4284fe5705dfcf70abfd23701c7a650e46ca3fbe79093f478e49879eaf9fb1010000000000000070100007fce0000f91d68d753be9d0bf4ba3d036e64d45bb95d75ed75fc7b1366778ff17974e4acb3d70fb16286120f660e35f89b403bee5bc794336b94320c8caa5ace70b56539023f319c14b2b79767b9a352a80de4cf6974716500e3283be8c42777b9b21f85d8f3303b239a61bc7eec862a7daec68817814c7363390b6a7fe64091a8a3e7c52d580e46793c23e897fbf471c827d089497cfb31dade169371a409965d4fe69b82fb5f24319fc54c671d0f44c94a7cff55e3c3eebfa5ef2960ee5b7dafd3c186eb1b96e9f20ed1b6ac130fb9b3e748ba9e151acfce6529f92d8d8aa9da835a8a078ae5cb0a82cf08cc06d3c8a1f05bb0db31c6c77ef6136e4cdd11a85558fb8cd3960d930c8cc4472797c12f4fe78f912c04cdec5ce567fe918b304049da4b43b32cd194a2ff2fd4a33a45a4bcf81ea3509a2be2442043353920016c7ddf2418abae25d71d3c9c7334d7383ffc635388a240e34d6cededf6710e1d64cc39ee7be99a82ce56d885bd4bc4f8e7fb71cfffca1b9b5b4b31fbff945b45617e2d88331cfe41ae5c41f84609ad8299e407ae4e1ddc5fd32b86001b93b6eda2df3065f4d3492e5002049ea3210cd9dd06242ca839a959e157808474b63903cd2a6de41dbb2c41bf0561aa4029f6fc73c26a11d5328ef9458e437949b3f373e0349a0343598f073a7f0225a08882792c3dab348f903918e6c66a02e3eaa6863e552115c06c249ea2cc4213af84d7db1e6645fe8ccdcb6f1923a86e0af7f0bd82fd8c793da808a5fa04bcd526cf5ae00719c8a10c47f720f9e387708dd19b440576f3f9e64aa17f97864008d3c82d99e604f7c91e136dccf78af78b89f526f1aaf5c1174da60b17360b09f8e2b1ae118bc8a094a7d85f88f8cbd2eceb35dab5715be01d83d6d9cdfee15d40610dc954e1a1ba1be3fab132ac438e4e85f0637cf34e4a41b08d4e787385e21d68d4370996afc400cf6945af2e332b3f87684883938f25aa059b6ae47c7bb83c02613d63817bf1f5fc9f079fa4f911cc29276988a417aa303e2e41d57281b22c1045a7653b0804244cbf55c1e219969696459218d67c2347b78bf05e4a858bb76901f9ea4f88d1216aa42f125d48bb6b739ee0548af228cbe9a863b56127f55f1b1d07aa716945471853c3d8735f2eb502b35a03bb8a7453a8962cc32b7cb38f3d94a463e6f5d2a4d4171068fe8d99ae55b1d9d6ef3e00849db42101d9834f3fb320b75541928553445273f7731b7207896ee1ef5b6513e447d3aaf32af7fba690257a7e716a7a836e1d01bc121f25927a820f36d2c0c6d2c69220884fe8df02825c28a37856a2d2e3f0719ce46073d98f77f29bd5cf9e40e96aeb140607b9e88b4b602f7f045f24752137c52fad77b7d05ea79ee2ae042512fbe1b6fce6f157d5d7aa026cabc5f84d1b8d1400f982cec0c73349446c6df9f896eea5c4e6b839b7a31f701ffba8cb8060e4d1b5ca0a006da204c615bc6defdc96e5ef17bff3fc946a9b5316f504fefe78a1a843a4a03e120e90e8de0c6d88a0a85afe587585ce3e852c874166bf03e4e2ae1389957e967ae31ae2b8080b9311f8b6b33440a049322c8cf83d343c8d5168233b2482f25937a3de3952cd0cc2fc4df76efb2ff098d7e44ee80924061f2b3ff4a4d7b26788772b6a7ff5646360ce0f9d99425227f85aa71bf53bc98ae4e6335f1713477468f7a94ed3993a6eef78ee08a7a7ed59558b3e897d647563461948f3e3dfd8f3a51d6600d28b6022e3fb4fef36a78deed9c49ab2883f9ccae720c32d8ef98a34764839539d51b7ed76869c94019ae317eba3f7d0c9f9096c3d623d461cd9ef253fa10027b20044a5ae67eb45604d6d060c61aa06854207b2698ee4368ae9298b1d24fef23f6ac126422c3f4e1329f6d0b184b973cbf1e330b948f66a3d17ee0c1c14d19d030365ad768fd440f898154ce79773ce6a6b89297637410a13fcf0ac14e8128017ea65002535b41e856219e10d773e4d50a398152416bf256bce2ae5f34c32e70a737d78afb5580220208a42a41d1c8e5075c7083878de789c27db017caa347e0b333c4e27990735389b63872889affe90661e8db242ece67cc319f5e2c36d2de5e37759ab1ac33c1edbda7e83cb97e5723c05e49100fc0b0155cc1f685bd4d18548066f9079404c7d77d88db7d370dcccf3f389d067f73878620dbda662d593a598974956a74d514c2392d8b18a0230a6b760691acf9fb0750dc425d76b0849e934462cc464709b3270da8160f5ce015feb2fb9735eba544f0dacc49078b702b8375edc2850369b2e23cf28c3bf3341bcfeac312ed773a6f5c3a215ba8a9c3ae326d878060d1c3022d2f0ed417f8366970dee63fe9ed75d61290358f31c07272c5c1020b5cd71bd7de053f8237879ba297132815c92646b8cb59f20bc8838fe4758805a19312e92adddc82533a8362dbb3f70c99f90bd4259bb8dbcbecb67e8515e72e189ff395ae2acb3b2cdc71156360aea9784ea0e6713d04363f5af3517dad6a066b2a09e954d547dc57a1077ca0d4ed3ea55c4d9575fc4ec4184602244760662e302bf6f9fe066bb6249e5ec12f71afcdd639e9a3131241738f5178bd5bb07d9436469bed55802fb9dea721e918985fe2e4c8892fe94bda551c99a486b5216d8a64010f2bbee33249767884880fbc1a39c3f669653751e490fcac3e6e64201a45a98191cd3f363caaf776590227debd94207eb43a71a4c5e0e113f72c3d05933318f3eeceb8758fab4dcad90d3180f8cca69ab37aed56ced6f0df4157cbd8e1ea91030d25d04a10287b83056a26ad082f6915a3c428f9e8adc0d46294d17203f95ff54ae42a5739d9b33fd19b88ce97397f74825a4280c91a6ff00ae1cc9b482994ddced2f889d13e780123d868ca1dfd9df91193abc2955f96faf8e82fd499cfa835df912f2c24c14ca345fb2aa94931425efa5ec62fa5c9e25b613d1f66f74a8f726dbb80d0ba39b038dfcfd12c1eb6a446175c02b252163f9be43a3d98ff48fa88dd40f756d4a5d253a77155f46a0a90d38496b1efcf1cbfafc1bee19930bf9438db8e27708f6fa9acdf48d9da26abf2a37ca91e1b888a11a80af7a56c3189da778867618f4cdbf03e040d2ae0012a68f4a923bf8331c8a2d94b0480b77ecb51aa04765d1a595b02f4036d27b6abf4d8183d7c820a7b7bd11546a3ac942498804ae8b5f15808bcb5c91acc15a05843e34d6b1106ca9cc91b83b2445149c0a28646806a3857c05b51e78bbd78dfc35de2bb14879e427becf70b91084df0dfcf90a0e24c618854e89a2a6dc49c26e133c8a409f53cd807f0adf321cb1101d751c145f4a879816ac2a65370c4adbe006f992068eef89506f994a38a5d6d4b3279d0be2f7c214a8eb9c74708851f2ad794a5481e534d461afcfbd477eed1bc129a3687dd729d2d95e3ab0e60f130915716e98debee9078e40ec1226a2af9577e6cf29e90d2393dc557314381138ff54f1652639761a34bd4697594c4b93e987a653b78205816e1dcb84137514ab0aaf132b1cb1f3bc841ab55f74162778d41fc458679d57ca2ceb562e22a277e726a28551744755a5ab748e9d0bce547d1a8d37147c20c13968665ea93e480e3c55a16674d49b16dc1072ec12aa34f57866aca6450ffe0f4c1ae7ae77ffc65b7b5561048e544750b365a2615bd0ccf3f36a02031390398245c76a1cb307f8eaa89b83b46d653a0372942abdac2b1453d6fe5e7953d67f35168c9c38efab87bf3278b48c072f241db4eb6aa25b4b02f3869a8fa7fda74e93d7f7207579031dfa2981afd64f920e693a232f7784f0c3b806827dbe69957497ccf5ab29437a0e23b57180e12a309ea93848b5404e3158dcebc7f4e499f2fa48ec887f1b6cd1d161abd98930b38b01ed237d60e8c5812e632e3f16a957b8d4946ac57a154f2c68a4c41b3fdeef90312f3882b48c71aed21ccdab3e402cc9fabe6d9a7933917d4ca1037d2d34c65e0f5cba6c85f18b3dee911ab4415681141c01e882a5231c53e00770e225f927c8e6c630f3d1a5c0cb6a0125be9fea083ce0a66633f06dbeec7c8d4ef9ee4038ea4249eeef93fcd4ee2c3eff45a6ac19d56cdd89ef99e0db25e6ece1d2333da5051ef81a3e4b6ca8a9bc0c9e3f74ad971553eb363939f34501274bb5f4aecb323d47a16058762a55ac20cf0b46f7cceaaedc960250d059ddbbfd0d93e68876506f2363201c6444737c1fe5f868991eed0d2760bee03351b5bfbaa9ce98413e381bd72f1c4e374fd9b34fbe7c6c032d9930632ac0fddc9a99ac91426c44b085423577be9bf905672775cf18393b010e07d89d54c315d828a1aabf0a1c229da366664015f32be1108dddc9df8a8a2380ec496391cbd738090401529a9cc9c76d723208d98503370497327a59db90a77e60c41fb1f21b4a00c762425127c743f05e50928552dac18e798d41f9a8db3002bd59ac7bb1554e3c3a1dfd6893a0ab1b81b4ec48edfbdbab8a101a5f528d79784da3156b1302ecc26b6f043762ff440301de650650d89b95c311f51bb5b7f8c15c6bc08d69cb742a324e97c96a8efb643125b24f2a2c0e7d85f10fd30bf260dc4cd0a53af0bd5454f0fb3c525dacf4a04e112bdc4c28838e9db7b241435d3f3ee686aeaf263cc4b153f6ae79402c4352c0a7999d4eef75608b5d6497c4ea02191ab6cc43b4462249e136998489ba1d2c3fa682d69d78562759f986abd21106379661ae2c9d72464de15e3f74b914bbd70ced37870f2bc0fd8b336580d9b2721e2647c6739e0018863100d73e751a6e960e92f45834a7a8bcaf997f10fd650770ba590f0020cb0d530cc52e4476d510f760cdb566e83646da7a28ae181cd5f72d2f9db6d4ca921ff7fe6b178b427886a041346a455fe5a7ac8ed5702af601ea4d3fe185cc3a41465982409f4315a4f830ac9eb4af7cfdc749195e8c970e113b143a9e023b3fc40ce9a26bddf0a63f2f05e16bc9c0783b29fdfdac08da92d25a8cb5a1fc6115861cc890c5036835f228727c2d280e089d67195e73c5b9bf38f82d019d3e9cee1f49521c886bf87d4c6153893e19ec60198b96c6011b91ec22d90a3a670640b6d0ca0be614a2544313503e526e90cb7ad4c21f01311cbce1bd4154076f18f785ecc659a91c75d1c48a37b4539d06626ca46740fb0018117a7628766fabe7b76d0ccf49666fa49b339a096ed6fa6e022c02dc9b31d5a5b8cf9a56fc41c45e813e20404adbccc34be1e4436a6038773bd70297b62a79c4f21beaf6e76561e55d61a9e56f0fd12797f139f2489dd267d7a6fccfbfe6c339481f46a6b58a58196604ca3a026617c72037ba2cbcc927e7f0371b7097fabdca2f7d1fb77ca9f6d7ddc364fe946c02e46adad6d55b6a1ba84c3ab01bdfda85e1b91f2eb484dd3cba91da7dc79968f53c3048ba9c2a53b3ed68c8fc9cce442c5c77eadd28ae232f780aaab56d7b910253793ee1c3271c654353683a5f68c29955e6b2835236c5001eb6083e851516afaa5de8241001fca10d67e7fa4d51b70eb339bcc6a3526b20e1baa98eee48769584a2cb98a3681cf1828430c3342942ec1a76ad39d1a0cf85260c75734fbdf9704a5fcc8b7162ea784c6eadfe1ecb7e404c9cfd530269b126ab163bf088c8b602b8390d8a81047a59b91904096595098ee224fcf9aaaca2add288a3b450db851508b01e303d068340bf029d4aa4b42a152fe3f52fe75c5a7ffbb28356136e0211480da704bff9b0143c36c26b118d6adc2dda6cc423153defe770000000000000003a00000009000000175f602392eb368ea2c6e1f7f48d4b4183ced7c855ef2c2dd5e63f3a221c02b61ae30a19edf0f046d3b26b2899dce54b986d78c919c758d98402ef2dc5018bd8daf5ce63ed0f26546f58e388dc686a95e052119e3b3dfc86304d69d922000000"], 0x10d0}}], 0x2, 0x0) ioctl$UFFDIO_REGISTER(r2, 0x8010aa01, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}}) 21.234348242s ago: executing program 0 (id=1132): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x202, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CAP_DISABLE_QUIRKS(r4, 0x4068aea3, &(0x7f0000000140)={0x74, 0x0, 0x40}) sendmsg$NL80211_CMD_SET_COALESCE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002dbd700000001b000200000008000300", @ANYRES32=0x0, @ANYBLOB="0c0099000100000000000000080001"], 0x30}, 0x1, 0x0, 0x0, 0x44000}, 0x8000) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000001800090000000000000000001c140000fe"], 0x30}}, 0x0) r7 = socket$inet_mptcp(0x2, 0x1, 0x106) recvmmsg(r7, &(0x7f0000003e40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000003780)=[{&(0x7f0000003740)=""/4, 0x4}], 0x1}}], 0x2, 0x40000121, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), r8) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)={0x24, r9, 0x200, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xb}, @NL80211_ATTR_WIPHY_RETRY_SHORT={0x5, 0x3d, 0xff}]}, 0x24}, 0x1, 0x0, 0x0, 0x80d0}, 0x0) sendmsg$NL80211_CMD_SET_COALESCE(r8, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, r9, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r10}, @void}}}, 0x28}}, 0x0) sendmsg$NL80211_CMD_SET_TID_CONFIG(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000140)={&(0x7f0000001140)=ANY=[@ANYBLOB="69f01b4be1547506948a69c72065e50447ede7dc7e00d96cb838de4bbb5e85fe231dfcc22d1ed748584441622a99f99ee9d30a8b4a92e1c5daa5568eaec7ab70c8fa81750d55c8adc7f1372558c57f468e6f6c615216e1867b3ef77b4201c5aeceff0f000068a0e06b5a96244d", @ANYRES16=r5, @ANYBLOB="040026bd7000fbdbdf258900000008000300", @ANYRES32=r10, @ANYBLOB="50001d80300000800c0003000900000000000000050009000000000005000b000100000005000800d000000005000b00010000001c000080040004000500060000000000040004000500060001000000d4051d801c000080050008007600000005000b000100000005000900010000001000008005000b0000000000040004000c000080050006000100000004000080e00200800600050088000000050007007900000068010d809c0001801f0001000524023016004804090912160618062460050903040b1b0902021b0005000400010000000500060002000000140005000300040007000400c20003000200ff0f06000100121b000033000200524c56330433240f432a023917221c30332b3a3d10222210032e3414194819162630354310281b2d3d01430910384b0018000100020b0c0016166c300b024830160c16090b030501740003803d00020000402a435028113c3e2f56525306385256261f36160811103e4220322e54254b2946450a33212e3d002c2a162a3037233903572a190718311e0000001400050009000200ff0003000400a70102000900050004000200000014000300040002000080060002000e0005000000540002804800020017522c1a3a09404f4e26362000082c50514a22413b0f2541494851271907541628104c57553149264b363e181a18003c30280c134d230040253500022754023d12341e19050006000200000005000a000000000005000b000100000054010d807c000080140005004c000500000202000f00490e0800060e1400030006000b00050005fa000801807f000700050007000000000040000200212e5328073a4d0f433735333f17401e37081a0c29111a080a4e47552013362830382b174b4f33510e0614202f0102232453171b524f253629154c260500040001000000540001804800020037411a3842523e2c494f56501c10072a08260e51390a2439154c4b0d5610375445431c34133a0b1e44403b361d3e530913541b46244a12103f4f4012272f0a180533313405000700020000002000008014000500010004007d4802006200200809000000050006000200000060000080160001000b010487241630360c363006360b362401160000050004000200000014000500fbff9c0fff030700040004000700ff0314000500070001005a0b02000800b9070800000014000300020008004000010108000800800001040c00008005000a0008000000a80200800c0002000e0000000000000088020d80500003800e000100241c1816063016120c160000140003002001000810000b000500050007004b0114000500100002000400ff030700050000000000140003000500008000000300400025040400de021400008005000400020000000500040000000000bc0001801400050005000700008000800900ff0f0900000014000500020008000900080001000100fbff0d0014000500040000800000ff000700040000f0050005000400020000002d0002000b044d4a55510c21063e2f4c4c0228083913384809070d4439014023510133092a1a372e1a0e3d121c00000005000400020000001d0002002752513222291e1d453d4eb155452f36531d1b4b5416560651000000050006000200000014000500ff00080081000900723a04000000050020000380050007000000000014000500f65101000800080009000100070040007c00008014000500000804005e3f0e00faff0600ff0fff0748000200353a444b09490a3e0047503a151a28453b505709530a52483a064f3a021a54552d021128461c1b3b43312af32918113b3a48002c0d3c4b50393345502d26573723563a45050004000100000014000300c30002008c00da00ff003a000100ff0f9c000180140003000000d50201000c0006000004370e0000140005000600010140040800040069f20200090005000700010000001400030008006603580b07000800070052000800140005000a000600f10e10000000330403000700050004000200000014000500020000020500ffff00000002ed06080014000300060001000000c3040300000003000300050007000100000005000700020000002c00018005000400010000001d000200154f57532e293b0f281055141e012118003f363d292f22512700000005000a000000000006000500b90000001c011d801000008006000500a000000004000400300000800c0002000700000000000000050006000000000005000700eb00000005000b000000000005000a00010000001400008005000a000100000005000800c70000002000008005000a00000000000c000300010000000000000005000a00000000005c000080050009000000000006000500b800000005000600010000000c00030000040000000000000c000300010001000000000005000b00010000000400040005000a00010000000c000300d6f000000000000005000700110000003c000080060005007d0000000c000300000001000000000005000c0001000000040004000500060001000000050009000100000006000500ed0000000c000080050009000100000084061d804c00008005000c00020000000c000200070000000000000005000c0001000000050006000000000006000500870000000400040005000800c0000000060005007700000005000a00000000009c01008005000c0000000000060005006800000005000a000100000070010d8074000280170001000336020c16684805091806030a210b24000524000c0001000606030905820b6005000600010000000500040002000000140003005f1b0f002e3fe103f8ffff00fb76080005000100240000000c00010016131b09600416051400050000000500050004003c120700050001000c0000800500070000000000900003801400050003000600010405000d0005000c000a00050004000000000014000300040007003afc05000800f8ff0a0008000f0001000c162432240b05053004480005000700000000002e0002002a2e1b031c5113223b31143c413d46391b1f2d28204537490e0f072f102d28314648163c451506345534000014000500ff00050001001c0440000100040099d95c0002800500060000000000050007000100000023000200381942320c093d1751381f32440817230e1a460d081910574e000d392d373e0012000100300602120a120503090209486c03000005000700010000000500040001000000050006000000000005000800000000004c03008005000900010000000500060001000000050009000000000004030d8020000180050004000000000014000500040004000500879c0900fcff6d0f0600140001800f0001000405216c09181b4848041b004c0000800400010014000300090003000d000f0005000300a0000700270002002d301f2a180f314035424905195121143c233a18224a29293c3b19121156332b4748010005000400010000004c00008005000400000000000500070002000000140005005b00001003000400ff07080000000100140005000500010007000008040005000100ff0105000600000000000500070001000000a8000180050006000100000012000200214d4f31100e173c182920294c5600000500070001000000340002002908214f022031362a0f4e2044422f37541755552f532802093b1a4b180e56082e404d34184e101219384c3d2f3031041400030005000002070064000100c4bd0800008014000500430b01000100050008008009c800986505000400020000001100020020461a484c4746004e044d0b180000000500070000000000c4000080140005000400090006000900010000200600800005000700000000003c0002002d032d004407500c04325038424c1b3535492b4f514734243d4923481408301a3902342218483327564019521f091a1317043e2b501322410500060001000000050004000200000014000300f2b9400003000600500007000700008005000400000000001400030002000d009001040001000f00020008001400030001000400e70e3003010304000100030014000300feff0b0009000e000800530e7fff50097800018005000400020000000d00010029021b056c0c0106360000001400030003000100a50f01000900010000005eff47000200190e5254093e174952395048060050431b08390a551e015030521a0e223516480557330e48413f3c4a142050012a2b3b3c3849343739183d20300d272a2f3548552b1700500002803600020029550708344a0e2e4a2a5740f64905484a3e4330363f1f182b2f23011328240f1d3940252d22042e092957342256263801000000140005000400010009000300070002000d00080005000700f50000000c000300060000000000000005000c000300000005000b000000000005000700a50000004c01008048010d80400001801c0001000b010005011b0904366c1605051803051624161b030612020f0001000c1b1b0616092e0c160b6c000500040000000000070001001b1648003800028014000300170000000800040001fc0001fbff010020000100051609300c021b0502186c03090102120430600105230406066012121c0003801000010036121201010348050018020b05000400000000003c0001800500070001000000140003000900b4005a0003000100feff0c00070005000400060000001400050003006a0008000000080008000400020018000080140005000000da001988060005000500ff7f06085c00008005000600010000001400050005000000060005b004000300290201000a00010002121818012400000500010003000000140003000400070002004bd9c47f0100070005001400050000000000050002000000010107000700"], 0xde0}, 0x1, 0x0, 0x0, 0x800}, 0x40) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2193, 0xd000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0xfa41}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4040) 21.074227468s ago: executing program 0 (id=1133): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = socket$kcm(0x2, 0x1000000000000005, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) ioctl$UI_SET_EVBIT(r2, 0x40045564, 0x3) r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYRES32=r3], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$UI_DEV_CREATE(r2, 0x5501) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$alg(0x26, 0x5, 0x0) bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r6 = accept4(r5, 0x0, 0x0, 0x800) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b800000019000100000000f7ffffff00e0000002"], 0xb8}}, 0x4004) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80) sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYBLOB="010000000000000000004400000008000300", @ANYRES32], 0x4c}}, 0x4000804) sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800) recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b000000080003", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0) write$uinput_user_dev(r2, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x3, 0x0, 0x1, 0x1ff]}, 0x45c) sendmsg$inet(r1, &(0x7f0000007940)={&(0x7f0000000100)={0x2, 0x0, @rand_addr=0x94040000}, 0x140, &(0x7f0000000140)=[{&(0x7f0000000380), 0xff7a}], 0x1, &(0x7f0000007880)=ANY=[@ANYBLOB="1100000000000000004003001100000000000000000000001c00000000000000000f00fdffff0700", @ANYRES32=0x0, @ANYBLOB="ac1414bbe0000001000000001c0000000000000000078f020c000000", @ANYRES32=0x0, @ANYBLOB="a005000000e1ffffff000000240000000000000084000000070000009404000044100000000000000000004000000000000000001100000000000000000001160100"/76], 0x98}, 0x0) dup(r0) 21.074054622s ago: executing program 0 (id=1134): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') r0 = open(&(0x7f0000000580)='./file0\x00', 0x181242, 0x1df2a23c5997fa5f) write$FUSE_CREATE_OPEN(r0, &(0x7f00000002c0)={0xa0, 0x0, 0x0, {{0x80000000, 0x3, 0x5, 0xffffffffffffff80, 0x3, 0x1, {0x1, 0x180, 0x20ff, 0x8, 0x200000008b, 0x800000000000d615, 0x3f7, 0x7ffffffb, 0x6, 0x1000, 0x8, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x12}}}, 0xa0) sendfile(r0, r0, &(0x7f0000000080), 0x2) r1 = syz_io_uring_setup(0x5ce, &(0x7f0000000240)={0x0, 0x7732, 0x1, 0x0, 0x34f, 0x0, r0}, &(0x7f0000000000), &(0x7f0000000080)) open(&(0x7f0000000000)='./bus\x00', 0x105c42, 0x5) mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000e00)={[{@none}, {}]}) r2 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xe133, 0x10100}, &(0x7f0000000000)=0x0, &(0x7f0000000100)=0x0) syz_io_uring_submit(r3, r4, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31}) io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, &(0x7f0000000140)}) io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0) 20.944462722s ago: executing program 0 (id=1135): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000002400)=ANY=[@ANYBLOB="0100000000f2ffff010000"]) 20.71406585s ago: executing program 0 (id=1137): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000180)=0x1) write$binfmt_elf32(r0, 0x0, 0x4cd) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000040)) write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141d513969bd8", 0xffaa) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003404000100e140010"], 0x80}}, 0x0) close_range(r0, r1, 0x0) 20.693047707s ago: executing program 32 (id=1137): r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000180)=0x1) write$binfmt_elf32(r0, 0x0, 0x4cd) ioctl$SNDCTL_DSP_STEREO(r0, 0xc0045003, &(0x7f0000000040)) write$dsp(r0, &(0x7f0000000140)="755a5398d512d39077459e67ee110daaf0413bc745ef85b89f2141d513969bd8", 0xffaa) ioctl$EXT4_IOC_CLEAR_ES_CACHE(r0, 0x6628) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003404000100e140010"], 0x80}}, 0x0) close_range(r0, r1, 0x0) 15.843975017s ago: executing program 1 (id=1020): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x15) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000501c0007800c0001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00158018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r1) write$FUSE_BMAP(r3, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='\b\x00fdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap,\x00']) 8.471010535s ago: executing program 1 (id=1020): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x15) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000501c0007800c0001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00158018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r1) write$FUSE_BMAP(r3, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='\b\x00fdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap,\x00']) 2.253090995s ago: executing program 2 (id=1287): pipe2$9p(0x0, 0x4000) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) unshare(0x6a040000) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000340)={'broute\x00', 0x0, 0x0, 0x0, [0x8, 0x0, 0xfffffffffffffffb, 0x4, 0x7ff, 0x3], 0x1, 0x0, 0x0, [{}]}, 0x88) (fail_nth: 4) 2.252690281s ago: executing program 3 (id=1288): r0 = socket$inet6(0xa, 0x1, 0x84) r1 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'team0\x00', 0x0}) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056842bb002552d215f6", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x48}}, 0x0) r3 = socket(0x10, 0x3, 0x0) sendmmsg$alg(r3, &(0x7f0000000140), 0x4924b68, 0x0) sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0xfff2, 0xf}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x55, 0x1, {0x4, '\x00', 0x5, 0x3, 0x6, 0x5}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x8094}, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000700)=ANY=[@ANYBLOB="500000000104010800000000000000000a00000808000440000000060500010004000000080005400000800008000540000000030500010001"], 0x50}, 0x1, 0x0, 0x0, 0x4000800}, 0x4000040) bind$inet6(r0, &(0x7f0000ed3fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) r6 = socket$inet6(0xa, 0x3, 0x5) setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588) sendto$inet6(r0, &(0x7f0000000100)="bc", 0x1, 0x0, &(0x7f00000000c0)={0xa, 0x4e20, 0x0, @loopback, 0x1}, 0x1c) close(r0) 2.193788646s ago: executing program 2 (id=1289): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) mremap(&(0x7f0000bfb000/0x6000)=nil, 0x6000, 0x1000, 0x3, &(0x7f000055b000/0x1000)=nil) r1 = userfaultfd(0x80001) r2 = userfaultfd(0x801) socket$inet6(0x2d, 0x2, 0x0) r3 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x40) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x610}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) syz_io_uring_submit(r3, 0x0, 0x0) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f000012a000/0x2000)=nil, 0x2000}, 0x1}) ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, 0x0) 2.011250737s ago: executing program 1 (id=1020): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0x15) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000501c0007800c0001"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00158018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15) r3 = dup(r1) write$FUSE_BMAP(r3, &(0x7f0000000140)={0x18, 0x0, 0x0, {0x4}}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB='\b\x00fdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=mmap,\x00']) 1.332743399s ago: executing program 4 (id=1291): r0 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="d8000000180081054e81f782db44b904021d005c06007c09e8fe55a10a0015400100142603600e1208000b0000000401a80016000800014003001100036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0) r1 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x800, 0x0, @void, @value}, 0xffae) r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0) bind$x25(r2, &(0x7f0000000e00), 0x12) bind$x25(r1, &(0x7f0000000080), 0x12) 1.33197795s ago: executing program 3 (id=1292): r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0), 0x13f}}, 0x20) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)={0x28, r3, 0x301, 0x0, 0x20000000, {{}, {@val={0x8, 0x7}, @void, @val={0xc, 0x99, {0xfffffffe, 0x14}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x48045}, 0x20004000) sendmsg$NL80211_CMD_PROBE_CLIENT(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[@ANYBLOB="ac000000", @ANYRES16=r3, @ANYBLOB="040028bd7000fcdbdf25540000000a000600ffffffffffff00000a0006000802110000010000"], 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtaction={0xd4, 0x30, 0x1, 0x0, 0x0, {}, [{0xc0, 0x1, [@m_mpls={0xbc, 0x14, 0x0, 0x0, {{0x9}, {0x34, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x16}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_PROTO={0x6, 0x4, 0x2}, @TCA_MPLS_BOS={0x5}, @TCA_MPLS_PROTO={0x6, 0x4, 0x6}, @TCA_MPLS_BOS={0x5}]}, {0x60, 0x6, "58c411926e7f217f6a334af29a965cce72f444aa8a4beefc372fd4dc1824ef57457959adf0a19a78867f18c55ed0848a4c662e9524305f3e122b2f394d1e12233c08b58fdc2ed73f291fa103aa7aa4bbef19f927a4dcb2720f6488dc"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x4}, 0x40882) sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0) write$RDMA_USER_CM_CMD_LISTEN(r0, 0x0, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r5, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="24000000330001002bbd7000fedbdb2505000000080004"], 0x24}, 0x1, 0x0, 0x0, 0x50}, 0x4000000) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@getrule={0x14, 0x22, 0x300, 0x70bd25, 0x25dfdbfc, {}, ["", "", "", ""]}, 0x6c}, 0x1, 0x0, 0x0, 0x20008000}, 0x10) ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x6, 'dvmrp1\x00'}) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000700)={'veth0_to_bond\x00', 0x0}) r7 = socket(0x10, 0x3, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000000040)={'vxcan0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000900)=ANY=[@ANYBLOB="240000001800010000000000fedbdf251d01060008000900", @ANYRES32=r9, @ANYRES32=r9, @ANYBLOB], 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$ETHTOOL_MSG_LINKSTATE_GET(r5, &(0x7f00000008c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x230000}, 0xc, &(0x7f0000000740)={&(0x7f0000000a00)={0xc4, 0x0, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'netpci0\x00'}]}, @HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x44080}, 0x18) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev, 0x4e24, 0x2, 'sed\x00', 0x0, 0xfffffffc}, 0x2c) mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f000015bffc)='nfs\x00', 0x0, &(0x7f0000000000)) r10 = socket$nl_rdma(0x10, 0x3, 0x14) r11 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_vs\x00') pread64(r11, &(0x7f0000001600)=""/4098, 0x1002, 0x800000008) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="38000000031401002cbd7000fcdbdf250900020073000000800000000800410073697700140033006c6f00000000000000f9ff0000000000"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) sendmsg$RDMA_NLDEV_CMD_SET(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x24, 0x1402, 0x1, 0x70bd2c, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz0\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000801}, 0x0) 1.331746399s ago: executing program 2 (id=1293): r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r1 = syz_io_uring_setup(0x24fd, &(0x7f00000004c0)={0x0, 0x0, 0x10100, 0x0, 0x201}, &(0x7f0000000200)=0x0, &(0x7f0000000140)=0x0) syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0}) io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0}) write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x8, 0x2, 0x6, 0xfffa}, 0x3e, [0x8003, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x401, 0x4d, 0x6, 0x61, 0x9, 0x5, 0xffff2d37, 0xff7fff01, 0x6, 0x3, 0x7, 0x7, 0x4, 0x0, 0x7, 0x3c5e, 0x1, 0x25, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0xffffebf2, 0x7, 0x3, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xb, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8e, 0x2, 0x106, 0x0, 0x5, 0x4, 0x8, 0x3ff, 0x9, 0x0, 0x5, 0x2006, 0x8, 0x4000074, 0x1, 0xe], [0x10000007, 0x9, 0x8000012f, 0x100, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0x384, 0x2, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4007, 0x7fff, 0x6, 0x400, 0x401, 0x7, 0x1, 0xff, 0x5, 0x7, 0x5f31, 0xd, 0x4e0, 0x80000002, 0x4, 0xb, 0x4, 0x5662, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0x2000bc45, 0x48c93690, 0x80, 0x3], [0x7, 0x408, 0x4, 0x5, 0xfffffffe, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0x80b, 0x3, 0x5, 0x800, 0x0, 0x4d4, 0x5, 0x8, 0x86, 0x3, 0xcc, 0x3e7, 0xb, 0x5, 0x2, 0x6, 0x3, 0x2000000c, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x9, 0xa9, 0x5, 0x6, 0x10000ac8, 0xbf, 0x2, 0x3, 0x3, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x7, 0x120000, 0x3, 0x6, 0x712, 0xc, 0x25], [0xc, 0xbb35, 0x7b304120, 0x3ff, 0x5, 0x80000938, 0x6, 0x6, 0x0, 0x8, 0x7f, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x3f51, 0x4, 0x1, 0xffff, 0xa620, 0x1, 0x5, 0x2000001, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0x4, 0x9, 0x3, 0x7e, 0x100, 0xa, 0x7, 0xaf, 0x8, 0xa, 0x223, 0x5, 0x5, 0x0, 0x6, 0xa1f, 0xf40, 0x6, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x1000d5, 0x200, 0x9, 0xfff]}, 0x45c) ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x2c, 0x10, 0x20, 0x70bd25, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x6f015, 0x44702}, [@IFLA_BROADCAST={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4005010}, 0x20000801) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)=@newtaction={0x6c, 0x30, 0x36eac49ec043b62f, 0x0, 0x25dfdbbf, {}, [{0x58, 0x1, [@m_gact={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x8, 0x6, 0xd, 0xe}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x320, 0x6}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0) sendmsg$can_bcm(0xffffffffffffffff, 0x0, 0x0) r5 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0) 1.331667632s ago: executing program 4 (id=1294): timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) sendto$llc(r0, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x10) (fail_nth: 10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000020000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94) 1.331228079s ago: executing program 3 (id=1295): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) ioctl$FS_IOC_SETFLAGS(r1, 0x40186f40, &(0x7f0000000440)=0x20000) ioctl$FS_IOC_SETFLAGS(r0, 0x40046f41, &(0x7f0000000440)=0x10) ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000100)=0x20000) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff) getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000200)={@initdev, @dev, 0x0}, &(0x7f0000000240)=0xc) r4 = socket(0x10, 0x803, 0x0) r5 = socket(0x1, 0x803, 0x0) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) r7 = socket(0x400000000010, 0x3, 0x0) r8 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000940)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x800) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) getsockname$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000340)=0x14) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000003c0)={'gre0\x00', &(0x7f0000000380)={'syztnl1\x00', 0x0, 0x20, 0x7, 0x0, 0x1, {{0x7, 0x4, 0x0, 0x15, 0x1c, 0x66, 0x0, 0x87, 0x2f, 0x0, @remote, @local, {[@ra={0x94, 0x4}, @end]}}}}}) r13 = socket(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r13, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x3fe3aa0262d8c583, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r14, {0x0, 0x10}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_FLOWS={0x8, 0x2, 0x893c}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000000600)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)={0x174, r2, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HEADER={0x4}, @HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x54, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}]}, @HEADER={0x4c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg2\x00'}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x4}, 0x4048884) 1.205193323s ago: executing program 2 (id=1296): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000000a499d0000000000000000020000010900010073797a310000000008000240000000030400060014000000110001"], 0x54}}, 0x0) (async) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1) (async) r3 = socket$nl_generic(0x10, 0x3, 0x10) (async) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000240)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_NOACK_MAP(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, r2, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x4008080) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) (async, rerun: 64) r6 = socket$pppl2tp(0x18, 0x1, 0x1) (rerun: 64) sendmsg$NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH(r3, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)={0x80, r2, 0x0, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x1000, 0x3}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @broadcast}]}, 0x80}, 0x1, 0x0, 0x0, 0x400c0}, 0x0) (async) ioctl$SIOCSIFMTU(r6, 0x8922, &(0x7f0000000180)={'veth0_vlan\x00', 0x44}) sendmsg$NFT_MSG_GETTABLE(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x20, 0x1, 0xa, 0x407, 0x0, 0x0, {0x2, 0x0, 0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c895}, 0x20000000) 1.181387514s ago: executing program 4 (id=1297): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c) listen(r0, 0x0) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) syz_emit_ethernet(0x4a, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa2586dd6000000000140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000001e61208d31beb229fd992782e79fde31299f2763031ac5895d1b531926c5fa5a4f2a79b59a9bbc0d5394281ec35cf8e763eae84024e791b7719018f0d276cae404db201465672ebc48"], 0x0) prctl$PR_GET_NO_NEW_PRIVS(0x27) 1.102587685s ago: executing program 2 (id=1298): munmap(&(0x7f0000901000/0x3000)=nil, 0x3000) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x300, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e77, 0x20000000, 0x94a, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x2c, 0x3ffa, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) r0 = gettid() sched_setscheduler(r0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dc52) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r6 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x1, 0x18e}, &(0x7f0000000000)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r6, 0x3516, 0x0, 0x0, 0x0, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x14, r4, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0) 1.102009131s ago: executing program 3 (id=1299): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6d", 0x9) r1 = accept4(r0, 0x0, 0x0, 0x80000) sendmsg$nl_route_sched(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000900)=@deltclass={0x24, 0x29, 0x100, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xa, 0xfff2}, {0xfff5, 0x3}, {0xfff1}}}, 0x24}, 0x1, 0x0, 0x0, 0x20048851}, 0x894) syz_io_uring_setup(0x3a, &(0x7f0000000080)={0x0, 0x7244, 0x10100, 0x3}, &(0x7f0000000240), &(0x7f0000000580)) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f00000006c0)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f0000000440)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="34000000100001f8ffffff000000000000000000", @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB], 0x34}}, 0x4004010) r7 = socket(0x2, 0x3, 0x6) setsockopt$SO_TIMESTAMPING(r7, 0x1, 0x41, &(0x7f0000000240)=0x45d8, 0x4) mkdir(&(0x7f0000000540)='./cgroup/../file0\x00', 0x131) ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x57, 0xf7fe, 0x7ff, {0x0, 0x1}, {0x61, 0x1000}, @cond=[{0x7, 0x218, 0x7, 0x0, 0x2, 0x3}, {0x8, 0x5, 0x1, 0x52, 0x9, 0xd}]}) r8 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01) write$char_usb(r8, &(0x7f0000000040)="e2", 0x12d8) recvmsg$unix(r7, &(0x7f0000000140)={&(0x7f00000000c0)=@abs, 0x6e, &(0x7f0000000040)=[{&(0x7f0000000640)=""/202, 0xca}], 0x1, &(0x7f0000000380)=[@cred={{0x18}}, @cred={{0x18}}, @rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x18}}, @cred={{0x18}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88}, 0x40) 254.06892ms ago: executing program 4 (id=1300): connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$read(0xb, r0, &(0x7f0000000240)=""/112, 0x349b7f55) (async) syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000040)=ANY=[@ANYRES32=r0, @ANYRESHEX=r0, @ANYRES16=0x0], 0x0) (async) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) fchdir(r1) (async) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (async) rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./file5\x00') (async) r2 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/custom1\x00', 0x802, 0x0) (async) writev(r2, &(0x7f0000000000)=[{&(0x7f00000004c0)='4', 0x1}], 0x1) openat$cgroup_ro(r2, &(0x7f0000000080)='cgroup.events\x00', 0x0, 0x0) 170.76449ms ago: executing program 4 (id=1301): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) writev(r0, &(0x7f0000000c00)=[{&(0x7f0000000380)="2b683bc9a86e1f0a844428af73ebe3e78db54bfb", 0x14}, {0x0}, {0x0}], 0x3) (async) writev(r0, &(0x7f0000000c00)=[{&(0x7f0000000380)="2b683bc9a86e1f0a844428af73ebe3e78db54bfb", 0x14}, {0x0}, {0x0}], 0x3) ioctl$TUNSETTXFILTER(r0, 0x400454d1, &(0x7f0000000040)={0x0, 0x2, [@dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}]}) 170.386764ms ago: executing program 3 (id=1302): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) write$UHID_INPUT(r2, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32333b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f347cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea56777e001cd34e5cb2f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf054135bbafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd731a0bfc1cb1a4c78f9ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b01979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e49336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba80900000000000000d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0x20, &(0x7f0000000600)={&(0x7f0000000500)=""/152, 0x98, 0x0, &(0x7f00000005c0)=""/31, 0x1f}}, 0x10) r4 = openat$ndctl0(0xffffffffffffff9c, &(0x7f0000000680), 0x80000, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x7, 0x3, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x16, 0x13, &(0x7f00000003c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x26, 0x0, 0x0, 0x0, 0x92f}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @btf_id={0x18, 0x9, 0x3, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000140)='syzkaller\x00', 0x9, 0x0, &(0x7f00000002c0), 0x41000, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x8, &(0x7f0000000480)={0x2, 0x2}, 0x8, 0x10, &(0x7f00000004c0)={0x2, 0xb, 0x84fb, 0x400}, 0x10, r3, r4, 0x2, &(0x7f00000006c0)=[0x1, r5], &(0x7f0000000700)=[{0x5, 0x4, 0x7, 0xc}, {0x2, 0x3, 0x3, 0x4}], 0x10, 0x1, @void, @value}, 0x94) r6 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='ata_eh_link_autopsy_qc\x00', r6, 0x0, 0x8001}, 0x18) r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r9 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r10}, 0x0, 0x0}, 0x20) r11 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) syz_open_procfs(r11, &(0x7f0000000040)='environ\x00') sendmsg$NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL(r9, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="11e838c875a06d50082709974a41091c98176fee282d5ab27e032e43f05fa7a236e91f8a5e042c6a9d936f69c2cff71609954d2aedb36a6ad6460216f4c93620020521a0913b1573c31980f524c2085e5fba6f61bc0b03bb77ae17a837b38916abdfcb358b33f6b0e8028d32a55a852ce68eaf8b6fb6cfbb2130ee4a4c7775807020f181f599f60b812a7309e6dbedd68c7253b782c3", @ANYRES8, @ANYRES8=r10, @ANYRES32=r7, @ANYRES16=r11], 0x34}, 0x1, 0x0, 0x0, 0x880}, 0x4810) ioctl$KVM_SET_CLOCK(r8, 0x4188aec6, &(0x7f0000000040)) dup2(r0, r8) 607.739µs ago: executing program 3 (id=1303): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x7600, 0xfeff) (fail_nth: 9) bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x12, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 315.572µs ago: executing program 4 (id=1304): r0 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = dup(r3) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x6e, 0x0, 0x0) ioctl$KVM_X86_SET_MCE(r5, 0x4040ae9e, &(0x7f00000000c0)={0x2400000000000000, 0x8080000, 0x1, 0xa, 0x9}) sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x8c}, 0x1, 0x0, 0x0, 0x5}, 0x400c0) ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000}) ioctl$KVM_RUN(r5, 0xae80, 0x0) write$binfmt_elf64(r0, &(0x7f0000000000)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x9, 0x6, 0x6c, 0x3, 0x2, 0x3, 0x8, 0x13a, 0x40, 0x7e, 0xfffffffd, 0x3ff, 0x38, 0x1, 0x9891, 0xb90, 0x1}, [{0x1, 0xcec9, 0x0, 0x5, 0x8, 0x7, 0x3, 0x7}]}, 0x78) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)) r6 = socket$packet(0x11, 0x0, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) sendto$packet(r6, &(0x7f0000000100)="f257a8ea7bc273dfaeab96854305", 0xe, 0x11, &(0x7f0000000200)={0x11, 0x0, r7, 0x1, 0x2}, 0x14) 0s ago: executing program 2 (id=1305): syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0) r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000540)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000040)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01082cbd7000000000000b00000008000300", @ANYRES32=r2, @ANYBLOB="28005080110001004abee339084eeef16f162471f40000000500020000000000080003"], 0x50}, 0x1, 0x0, 0x0, 0x40905}, 0x0) kernel console output (not intermixed with test programs): etting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 165.631229][ T5970] usb 7-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f [ 165.634585][ T5970] usb 7-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3 [ 165.645041][ T5970] usb 7-1: Product: syz [ 165.655173][ T5970] usb 7-1: SerialNumber: syz [ 165.676053][ T5970] usb 7-1: config 0 descriptor?? [ 165.687815][ T5970] cm109 7-1:0.8: invalid payload size 0, expected 4 [ 165.705371][ T5970] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.8/input/input59 [ 165.804966][ T54] usb 5-1: Using ep0 maxpacket: 8 [ 165.808546][ T54] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 165.812832][ T54] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 165.828749][ T54] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.839627][ T54] usb 5-1: config 0 descriptor?? [ 165.949715][ T40] audit: type=1400 audit(1748791964.490:490): avc: denied { remount } for pid=8958 comm="syz.1.981" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 166.045169][ T54] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 166.204284][ T8966] FAULT_INJECTION: forcing a failure. [ 166.204284][ T8966] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 166.208722][ T8966] CPU: 3 UID: 0 PID: 8966 Comm: syz.3.984 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 166.208749][ T8966] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 166.208756][ T8966] Call Trace: [ 166.208761][ T8966] [ 166.208765][ T8966] dump_stack_lvl+0x16c/0x1f0 [ 166.208801][ T8966] should_fail_ex+0x512/0x640 [ 166.208824][ T8966] strncpy_from_user+0x3b/0x2e0 [ 166.208841][ T8966] getname_flags.part.0+0x8f/0x550 [ 166.208861][ T8966] getname_flags+0x93/0xf0 [ 166.208877][ T8966] user_path_at+0x24/0x60 [ 166.208889][ T8966] __x64_sys_mount+0x1fc/0x310 [ 166.208905][ T8966] ? __pfx___x64_sys_mount+0x10/0x10 [ 166.208925][ T8966] do_syscall_64+0xcd/0x4c0 [ 166.208941][ T8966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.208954][ T8966] RIP: 0033:0x7f026618e969 [ 166.208963][ T8966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.208974][ T8966] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 166.208984][ T8966] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 166.208991][ T8966] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000200000000040 [ 166.208997][ T8966] RBP: 00007f0263ff6090 R08: 0000200000000140 R09: 0000000000000000 [ 166.209004][ T8966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.209010][ T8966] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 166.209024][ T8966] [ 166.266768][ T8953] FAULT_INJECTION: forcing a failure. [ 166.266768][ T8953] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 166.270936][ T8953] CPU: 3 UID: 0 PID: 8953 Comm: syz.0.980 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 166.270952][ T8953] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 166.270958][ T8953] Call Trace: [ 166.270962][ T8953] [ 166.270966][ T8953] dump_stack_lvl+0x16c/0x1f0 [ 166.270984][ T8953] should_fail_ex+0x512/0x640 [ 166.271003][ T8953] should_fail_alloc_page+0xe7/0x130 [ 166.271032][ T8953] prepare_alloc_pages+0x3c2/0x610 [ 166.271051][ T8953] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 166.271064][ T8953] ? __lock_acquire+0x622/0x1c90 [ 166.271085][ T8953] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 166.271100][ T8953] ? is_bpf_text_address+0x8a/0x1a0 [ 166.271111][ T8953] ? bpf_ksym_find+0x127/0x1c0 [ 166.271125][ T8953] ? register_lock_class+0x41/0x4c0 [ 166.271140][ T8953] ? register_lock_class+0x41/0x4c0 [ 166.271155][ T8953] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.271174][ T8953] ? policy_nodemask+0xea/0x4e0 [ 166.271190][ T8953] alloc_pages_mpol+0x1fb/0x550 [ 166.271204][ T8953] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 166.271218][ T8953] ? do_raw_spin_lock+0x12c/0x2b0 [ 166.271238][ T8953] alloc_pages_noprof+0x131/0x390 [ 166.271252][ T8953] get_free_pages_noprof+0x10/0xb0 [ 166.271267][ T8953] __pollwait+0x295/0x490 [ 166.271280][ T8953] mptcp_poll+0x127/0x1020 [ 166.271291][ T8953] ? __pfx___pollwait+0x10/0x10 [ 166.271301][ T8953] ? find_held_lock+0x2b/0x80 [ 166.271311][ T8953] ? __pfx_mptcp_poll+0x10/0x10 [ 166.271325][ T8953] ? __pfx_mptcp_poll+0x10/0x10 [ 166.271335][ T8953] sock_poll+0x160/0x510 [ 166.271353][ T8953] ? __pfx_sock_poll+0x10/0x10 [ 166.271369][ T8953] do_select+0xd3d/0x17e0 [ 166.271391][ T8953] ? __pfx_do_select+0x10/0x10 [ 166.271404][ T8953] ? __pfx___pollwait+0x10/0x10 [ 166.271418][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271430][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271442][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271455][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271467][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271479][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271492][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271504][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271516][ T8953] ? __pfx_pollwake+0x10/0x10 [ 166.271528][ T8953] ? find_held_lock+0x2b/0x80 [ 166.271537][ T8953] ? __might_fault+0xe3/0x190 [ 166.271549][ T8953] ? __might_fault+0xe3/0x190 [ 166.271559][ T8953] ? __might_fault+0x13b/0x190 [ 166.271576][ T8953] ? core_sys_select+0x453/0xc10 [ 166.271587][ T8953] core_sys_select+0x453/0xc10 [ 166.271603][ T8953] ? __pfx_core_sys_select+0x10/0x10 [ 166.271630][ T8953] ? set_user_sigmask+0x21b/0x2b0 [ 166.271647][ T8953] ? __pfx_set_user_sigmask+0x10/0x10 [ 166.271667][ T8953] do_pselect.constprop.0+0x19f/0x1e0 [ 166.271680][ T8953] ? __pfx_do_pselect.constprop.0+0x10/0x10 [ 166.271699][ T8953] __x64_sys_pselect6+0x182/0x240 [ 166.271712][ T8953] ? __pfx___x64_sys_pselect6+0x10/0x10 [ 166.271729][ T8953] do_syscall_64+0xcd/0x4c0 [ 166.271745][ T8953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.271756][ T8953] RIP: 0033:0x7f67abd8e969 [ 166.271765][ T8953] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.271776][ T8953] RSP: 002b:00007f67acc16038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e [ 166.271786][ T8953] RAX: ffffffffffffffda RBX: 00007f67abfb5fa0 RCX: 00007f67abd8e969 [ 166.271793][ T8953] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000040 [ 166.271799][ T8953] RBP: 00007f67acc16090 R08: 0000200000000300 R09: 0000000000000000 [ 166.271806][ T8953] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 166.271812][ T8953] R13: 0000000000000000 R14: 00007f67abfb5fa0 R15: 00007ffe440a7e28 [ 166.271826][ T8953] [ 166.391011][ T54] usb 5-1: USB disconnect, device number 21 [ 166.393090][ C3] iowarrior 5-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19 [ 166.633929][ C3] cm109 7-1:0.8: cm109_urb_ctl_callback: urb status -71 [ 166.634318][ T60] usb 7-1: USB disconnect, device number 13 [ 166.636067][ C3] cm109 7-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19 [ 166.641263][ T60] cm109 7-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19 [ 166.899942][ T8981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.990'. [ 166.909962][ T8981] netlink: 8 bytes leftover after parsing attributes in process `syz.1.990'. [ 166.915628][ T8981] siw: device registration error -23 [ 166.949904][ T40] audit: type=1400 audit(1748791965.490:491): avc: denied { mounton } for pid=8982 comm="syz.0.991" path=2F3234342FE91F7189591E9233614B dev="tmpfs" ino=1320 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=sock_file permissive=1 [ 166.952755][ T8985] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 167.003323][ T8986] virtio-pci 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem [ 167.006618][ T40] audit: type=1400 audit(1748791965.540:492): avc: denied { ioctl } for pid=8982 comm="syz.0.991" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 ioctlcmd=0x9423 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1 [ 167.008704][ T8989] cgroup: Unknown subsys name 'cpuset' [ 167.276254][ T8999] netlink: 24 bytes leftover after parsing attributes in process `syz.1.997'. [ 167.279421][ T8999] netlink: 24 bytes leftover after parsing attributes in process `syz.1.997'. [ 167.283544][ T40] audit: type=1400 audit(1748791965.820:493): avc: denied { bind } for pid=8998 comm="syz.1.997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 167.284256][ T8999] netlink: 20 bytes leftover after parsing attributes in process `syz.1.997'. [ 167.298326][ T8999] xt_hashlimit: size too large, truncated to 1048576 [ 167.449703][ T9005] netlink: 28 bytes leftover after parsing attributes in process `syz.3.999'. [ 167.453848][ T9005] rdma_rxe: rxe_newlink: failed to add lo [ 167.507848][ T9007] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1000'. [ 167.820566][ T9019] lo speed is unknown, defaulting to 1000 [ 167.824399][ T9019] lo speed is unknown, defaulting to 1000 [ 167.942898][ T40] audit: type=1804 audit(167.833:494): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.1004" name="/newroot/235/bus/bus" dev="overlay" ino=1249 res=1 errno=0 [ 167.949884][ T9024] lo speed is unknown, defaulting to 1000 [ 167.955795][ T9024] lo speed is unknown, defaulting to 1000 [ 167.961621][ T40] audit: type=1804 audit(167.833:495): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.3.1004" name="/newroot/235/bus/bus" dev="overlay" ino=1249 res=1 errno=0 [ 168.161953][ T9040] siw: device registration error -23 [ 168.351811][ T9044] ieee802154 phy0 wpan0: encryption failed: -22 [ 168.561832][ T40] audit: type=1400 audit(168.453:496): avc: denied { connect } for pid=9051 comm="syz.2.1012" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 168.706326][ T9055] FAULT_INJECTION: forcing a failure. [ 168.706326][ T9055] name failslab, interval 1, probability 0, space 0, times 0 [ 168.711352][ T9055] CPU: 3 UID: 0 PID: 9055 Comm: syz.3.1013 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 168.711376][ T9055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 168.711388][ T9055] Call Trace: [ 168.711394][ T9055] [ 168.711401][ T9055] dump_stack_lvl+0x116/0x1f0 [ 168.711429][ T9055] should_fail_ex+0x512/0x640 [ 168.711456][ T9055] ? virtqueue_add_sgs+0x76c/0x1c70 [ 168.711480][ T9055] should_failslab+0xc2/0x120 [ 168.711502][ T9055] __kmalloc_noprof+0xd2/0x510 [ 168.711528][ T9055] virtqueue_add_sgs+0x76c/0x1c70 [ 168.711562][ T9055] ? __pfx_virtqueue_add_sgs+0x10/0x10 [ 168.711584][ T9055] ? __virt_addr_valid+0x81/0x610 [ 168.711610][ T9055] ? __phys_addr+0xe8/0x180 [ 168.711635][ T9055] ? pack_sg_list.constprop.0+0x2a8/0x320 [ 168.711662][ T9055] p9_virtio_request+0x26d/0x6c0 [ 168.711691][ T9055] ? __pfx_p9_virtio_request+0x10/0x10 [ 168.711710][ T9055] ? p9_client_prepare_req+0x112/0x4d0 [ 168.711734][ T9055] ? __pfx_p9_client_prepare_req+0x10/0x10 [ 168.711755][ T9055] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.711777][ T9055] ? __lock_acquire+0xb8a/0x1c90 [ 168.711803][ T9055] p9_client_rpc+0x341/0xc50 [ 168.711827][ T9055] ? node_tag_clear+0x105/0x290 [ 168.711851][ T9055] ? __pfx_p9_client_rpc+0x10/0x10 [ 168.711877][ T9055] ? idr_alloc_u32+0x20f/0x2f0 [ 168.711902][ T9055] ? idr_preload_end+0xc2/0x230 [ 168.711926][ T9055] ? rcu_is_watching+0x12/0xc0 [ 168.711948][ T9055] p9_client_walk+0x1ab/0x530 [ 168.711975][ T9055] ? __pfx_p9_client_walk+0x10/0x10 [ 168.712001][ T9055] ? v9fs_issue_read+0x60/0x380 [ 168.712021][ T9055] ? get_pid_task+0xfc/0x250 [ 168.712051][ T9055] v9fs_fid_lookup+0x291/0xeb0 [ 168.712082][ T9055] v9fs_vfs_getattr_dotl+0x12e/0x430 [ 168.712107][ T9055] vfs_getattr_nosec+0x2a9/0x430 [ 168.712130][ T9055] ? __pfx_v9fs_vfs_getattr_dotl+0x10/0x10 [ 168.712154][ T9055] vfs_fstat+0x71/0xe0 [ 168.712178][ T9055] __do_sys_newfstat+0x87/0x100 [ 168.712202][ T9055] ? __pfx___do_sys_newfstat+0x10/0x10 [ 168.712241][ T9055] ? __pfx_ksys_write+0x10/0x10 [ 168.712264][ T9055] ? rcu_is_watching+0x12/0xc0 [ 168.712283][ T9055] do_syscall_64+0xcd/0x4c0 [ 168.712308][ T9055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.712325][ T9055] RIP: 0033:0x7f026618e969 [ 168.712340][ T9055] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 168.712356][ T9055] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000005 [ 168.712375][ T9055] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 168.712387][ T9055] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 168.712397][ T9055] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 168.712408][ T9055] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 168.712420][ T9055] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 168.712445][ T9055] [ 168.885135][ T10] usb 7-1: new high-speed USB device number 14 using dummy_hcd [ 169.038297][ T10] usb 7-1: too many configurations: 9, using maximum allowed: 8 [ 169.041282][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.043928][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.048709][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.050489][ T9060] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 169.051446][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.055524][ T9060] FAULT_INJECTION: forcing a failure. [ 169.055524][ T9060] name failslab, interval 1, probability 0, space 0, times 0 [ 169.057471][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.061281][ T9060] CPU: 2 UID: 0 PID: 9060 Comm: syz.1.1015 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 169.061301][ T9060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 169.061310][ T9060] Call Trace: [ 169.061315][ T9060] [ 169.061321][ T9060] dump_stack_lvl+0x16c/0x1f0 [ 169.061343][ T9060] should_fail_ex+0x512/0x640 [ 169.061364][ T9060] ? __kmalloc_noprof+0xbf/0x510 [ 169.061381][ T9060] ? ovl_alloc_entry+0x21/0x70 [ 169.061393][ T9060] should_failslab+0xc2/0x120 [ 169.061410][ T9060] __kmalloc_noprof+0xd2/0x510 [ 169.061423][ T9060] ? trace_kmalloc+0x2b/0xd0 [ 169.061445][ T9060] ovl_alloc_entry+0x21/0x70 [ 169.061459][ T9060] ovl_lookup+0x842/0x2270 [ 169.061479][ T9060] ? __pfx_ovl_lookup+0x10/0x10 [ 169.061491][ T9060] ? __lock_acquire+0xb8a/0x1c90 [ 169.061518][ T9060] ? do_raw_spin_lock+0x12c/0x2b0 [ 169.061537][ T9060] ? find_held_lock+0x2b/0x80 [ 169.061553][ T9060] ? do_raw_spin_unlock+0x172/0x230 [ 169.061573][ T9060] ? _raw_spin_unlock+0x28/0x50 [ 169.061591][ T9060] lookup_one_qstr_excl_raw.part.0+0xec/0x160 [ 169.061613][ T9060] ? lookup_dcache+0x66/0x170 [ 169.061634][ T9060] lookup_one_qstr_excl+0x3e/0x120 [ 169.061657][ T9060] do_renameat2+0x56d/0xc90 [ 169.061682][ T9060] ? __pfx_do_renameat2+0x10/0x10 [ 169.061701][ T9060] ? find_held_lock+0x2b/0x80 [ 169.061713][ T9060] ? __might_fault+0xe3/0x190 [ 169.061728][ T9060] ? __might_fault+0x13b/0x190 [ 169.061753][ T9060] ? getname_flags.part.0+0x1c5/0x550 [ 169.061778][ T9060] __x64_sys_renameat2+0xe7/0x130 [ 169.061799][ T9060] do_syscall_64+0xcd/0x4c0 [ 169.061819][ T9060] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.061834][ T9060] RIP: 0033:0x7feeb738e969 [ 169.061846][ T9060] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 169.061860][ T9060] RSP: 002b:00007feeb82b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c [ 169.061875][ T9060] RAX: ffffffffffffffda RBX: 00007feeb75b5fa0 RCX: 00007feeb738e969 [ 169.061884][ T9060] RDX: ffffffffffffff9c RSI: 0000200000000a00 RDI: ffffffffffffff9c [ 169.061894][ T9060] RBP: 00007feeb82b2090 R08: 0000000000000002 R09: 0000000000000000 [ 169.061903][ T9060] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001 [ 169.061912][ T9060] R13: 0000000000000000 R14: 00007feeb75b5fa0 R15: 00007ffe47e8cf28 [ 169.061931][ T9060] [ 169.134137][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.136907][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.139511][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.142526][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.145277][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.147877][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.151069][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.153894][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.156626][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.159726][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.164566][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.167767][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.170889][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.173522][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.176304][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.179389][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.185572][ T10] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 169.188136][ T10] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 169.191204][ T10] usb 7-1: config 0 interface 0 has no altsetting 0 [ 169.195764][ T10] usb 7-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 169.198294][ T10] usb 7-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 169.200669][ T10] usb 7-1: Product: syz [ 169.201903][ T10] usb 7-1: Manufacturer: syz [ 169.203045][ T9066] sctp: [Deprecated]: syz.1.1018 (pid 9066) Use of int in maxseg socket option. [ 169.203045][ T9066] Use struct sctp_assoc_value instead [ 169.203248][ T10] usb 7-1: SerialNumber: syz [ 169.206119][ T10] usb 7-1: config 0 descriptor?? [ 169.216556][ T10] yurex 7-1:0.0: USB YUREX device now attached to Yurex #0 [ 169.265480][ T9067] nbd0: detected capacity change from 0 to 67108884 [ 169.268518][ T8900] block nbd0: Send control failed (result -89) [ 169.270393][ T8900] block nbd0: Request send failed, requeueing [ 169.273345][ T5293] block nbd0: Receive control failed (result -32) [ 169.276904][ T120] block nbd0: Dead connection, failed to find a fallback [ 169.278840][ T120] block nbd0: shutting down sockets [ 169.280293][ T120] blk_print_req_error: 25 callbacks suppressed [ 169.280300][ T120] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.284566][ T120] buffer_io_error: 25 callbacks suppressed [ 169.284573][ T120] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.289481][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.292253][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.294667][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.297565][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.300062][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.302841][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.305390][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.308092][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.310544][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.313316][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.315942][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.318679][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.321152][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.323911][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.326389][ T8900] ldm_validate_partition_table(): Disk read failed. [ 169.328453][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.331319][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.333853][ T8900] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 169.337257][ T8900] Buffer I/O error on dev nbd0, logical block 0, async page read [ 169.339721][ T8900] Dev nbd0: unable to read RDB block 0 [ 169.341641][ T8900] nbd0: unable to read partition table [ 169.345530][ T8900] ldm_validate_partition_table(): Disk read failed. [ 169.347741][ T8900] Dev nbd0: unable to read RDB block 0 [ 169.350696][ T8900] nbd0: unable to read partition table [ 169.622591][ T1144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.672432][ T40] kauditd_printk_skb: 2 callbacks suppressed [ 169.672447][ T40] audit: type=1400 audit(169.563:499): avc: denied { execute } for pid=9068 comm="syz-executor" name="syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 169.683902][ T40] audit: type=1400 audit(169.563:500): avc: denied { execute_no_trans } for pid=9068 comm="syz-executor" path="/syz-executor" dev="sda1" ino=2020 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:etc_runtime_t tclass=file permissive=1 [ 169.707332][ T1144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.786782][ T5937] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 169.791644][ T5937] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 169.794664][ T5937] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 169.800378][ T5937] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 169.807351][ T5937] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 169.817050][ T1144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.833725][ T9069] lo speed is unknown, defaulting to 1000 [ 169.836408][ T9069] lo speed is unknown, defaulting to 1000 [ 169.895451][ T1144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 169.931527][ T9069] chnl_net:caif_netlink_parms(): no params data found [ 169.996443][ T9081] FAULT_INJECTION: forcing a failure. [ 169.996443][ T9081] name failslab, interval 1, probability 0, space 0, times 0 [ 170.001004][ T9081] CPU: 1 UID: 0 PID: 9081 Comm: syz.0.1022 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 170.001020][ T9081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 170.001027][ T9081] Call Trace: [ 170.001032][ T9081] [ 170.001037][ T9081] dump_stack_lvl+0x16c/0x1f0 [ 170.001055][ T9081] should_fail_ex+0x512/0x640 [ 170.001074][ T9081] should_failslab+0xc2/0x120 [ 170.001088][ T9081] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 170.001102][ T9081] ? __alloc_skb+0x2b2/0x380 [ 170.001118][ T9081] __alloc_skb+0x2b2/0x380 [ 170.001131][ T9081] ? __pfx___alloc_skb+0x10/0x10 [ 170.001144][ T9081] ? __alloc_skb+0x200/0x380 [ 170.001157][ T9081] ? __pfx___alloc_skb+0x10/0x10 [ 170.001172][ T9081] create_monitor_ctrl_event+0x3b/0x450 [ 170.001190][ T9081] mgmt_cmd_complete+0x2de/0x550 [ 170.001207][ T9081] set_powered+0x46f/0x5c0 [ 170.001224][ T9081] ? __pfx_set_powered+0x10/0x10 [ 170.001242][ T9081] ? do_raw_read_unlock+0x44/0xe0 [ 170.001260][ T9081] ? _raw_read_unlock+0x28/0x50 [ 170.001272][ T9081] ? __pfx_mgmt_init_hdev+0x10/0x10 [ 170.001289][ T9081] hci_sock_sendmsg+0x1522/0x25f0 [ 170.001308][ T9081] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 170.001328][ T9081] sock_write_iter+0x4fc/0x5b0 [ 170.001346][ T9081] ? __pfx_sock_write_iter+0x10/0x10 [ 170.001369][ T9081] ? bpf_lsm_file_permission+0x9/0x10 [ 170.001385][ T9081] ? security_file_permission+0x71/0x210 [ 170.001404][ T9081] ? rw_verify_area+0xcf/0x680 [ 170.001423][ T9081] vfs_write+0x6c7/0x1150 [ 170.001436][ T9081] ? __pfx_sock_write_iter+0x10/0x10 [ 170.001455][ T9081] ? __pfx_vfs_write+0x10/0x10 [ 170.001465][ T9081] ? find_held_lock+0x2b/0x80 [ 170.001485][ T9081] ksys_write+0x1f8/0x250 [ 170.001497][ T9081] ? __pfx_ksys_write+0x10/0x10 [ 170.001512][ T9081] do_syscall_64+0xcd/0x4c0 [ 170.001528][ T9081] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 170.001540][ T9081] RIP: 0033:0x7f67abd8e969 [ 170.001549][ T9081] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 170.001560][ T9081] RSP: 002b:00007f67acc16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 170.001570][ T9081] RAX: ffffffffffffffda RBX: 00007f67abfb5fa0 RCX: 00007f67abd8e969 [ 170.001577][ T9081] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 0000000000000004 [ 170.001584][ T9081] RBP: 00007f67acc16090 R08: 0000000000000000 R09: 0000000000000000 [ 170.001590][ T9081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 170.001596][ T9081] R13: 0000000000000000 R14: 00007f67abfb5fa0 R15: 00007ffe440a7e28 [ 170.001610][ T9081] [ 170.113444][ T9069] bridge0: port 1(bridge_slave_0) entered blocking state [ 170.115837][ T9069] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.117993][ T9069] bridge_slave_0: entered allmulticast mode [ 170.120568][ T9069] bridge_slave_0: entered promiscuous mode [ 170.129921][ T9069] bridge0: port 2(bridge_slave_1) entered blocking state [ 170.132254][ T9069] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.135052][ T9069] bridge_slave_1: entered allmulticast mode [ 170.138039][ T9069] bridge_slave_1: entered promiscuous mode [ 170.190148][ T9069] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 170.199356][ T9069] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 170.231861][ T1144] bridge_slave_1: left allmulticast mode [ 170.233876][ T1144] bridge_slave_1: left promiscuous mode [ 170.237556][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 170.242965][ T1144] bridge_slave_0: left allmulticast mode [ 170.244839][ T1144] bridge_slave_0: left promiscuous mode [ 170.250433][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 170.568090][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 170.573195][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 170.577303][ T1144] bond0 (unregistering): Released all slaves [ 170.586553][ T9069] team0: Port device team_slave_0 added [ 170.598682][ T9069] team0: Port device team_slave_1 added [ 170.619657][ T9091] __nla_validate_parse: 4 callbacks suppressed [ 170.619668][ T9091] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1026'. [ 170.626058][ T9091] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1026'. [ 170.663925][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 170.666315][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.674409][ T9069] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 170.680046][ T1144] tipc: Left network mode [ 170.680634][ T9069] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 170.683754][ T9069] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 170.694957][ T9069] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 170.768522][ T9069] hsr_slave_0: entered promiscuous mode [ 170.770819][ T9069] hsr_slave_1: entered promiscuous mode [ 170.774460][ T9069] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 170.778477][ T9069] Cannot create hsr debugfs directory [ 171.007576][ T1144] hsr_slave_0: left promiscuous mode [ 171.010581][ T1144] hsr_slave_1: left promiscuous mode [ 171.013519][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 171.017808][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 171.021594][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 171.023971][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 171.029420][ T9115] openvswitch: netlink: EtherType 0 is less than min 600 [ 171.057951][ T1144] veth1_macvtap: left promiscuous mode [ 171.060157][ T1144] veth0_macvtap: left promiscuous mode [ 171.062240][ T40] audit: type=1400 audit(170.953:501): avc: denied { setattr } for pid=9116 comm="syz.3.1034" name="rdma_cm" dev="devtmpfs" ino=1294 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1 [ 171.121577][ T9117] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1034'. [ 171.189274][ T9120] netlink: 1688 bytes leftover after parsing attributes in process `syz.3.1035'. [ 171.505139][ C0] usb 7-1: yurex_control_callback - control failed: -2 [ 171.507937][ T10] usb 7-1: USB disconnect, device number 14 [ 171.517453][ T10] yurex 7-1:0.0: USB YUREX #0 now disconnected [ 171.562918][ T1144] team0 (unregistering): Port device team_slave_1 removed [ 171.747635][ T9125] No such timeout policy "syz1" [ 171.899319][ T5937] Bluetooth: hci2: command tx timeout [ 172.023548][ T9133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1039'. [ 172.151786][ T9143] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1041'. [ 172.174405][ T9143] 0ªX¹¦D: renamed from gretap0 (while UP) [ 172.178861][ T9143] 0ªX¹¦D: entered allmulticast mode [ 172.181371][ T9143] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 172.189661][ T9149] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 172.209405][ T9149] FAULT_INJECTION: forcing a failure. [ 172.209405][ T9149] name failslab, interval 1, probability 0, space 0, times 0 [ 172.221817][ T9149] CPU: 1 UID: 0 PID: 9149 Comm: syz.2.1043 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 172.221835][ T9149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.221843][ T9149] Call Trace: [ 172.221847][ T9149] [ 172.221851][ T9149] dump_stack_lvl+0x16c/0x1f0 [ 172.221876][ T9149] should_fail_ex+0x512/0x640 [ 172.221896][ T9149] should_failslab+0xc2/0x120 [ 172.221912][ T9149] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 172.221928][ T9149] ? security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 172.221944][ T9149] kstrdup+0x53/0x100 [ 172.221958][ T9149] security_netlbl_sid_to_secattr+0x1d8/0x4d0 [ 172.221973][ T9149] selinux_netlbl_sock_genattr+0x129/0x4f0 [ 172.221991][ T9149] selinux_netlbl_socket_post_create+0xb0/0x1b0 [ 172.222010][ T9149] selinux_socket_post_create+0x2f9/0x7d0 [ 172.222027][ T9149] ? __pfx_selinux_socket_post_create+0x10/0x10 [ 172.222044][ T9149] ? tcp_v4_init_sock+0x15/0x80 [ 172.222055][ T9149] ? __pfx_tcp_v4_init_sock+0x10/0x10 [ 172.222065][ T9149] ? inet_create+0x973/0x1090 [ 172.222080][ T9149] security_socket_post_create+0x247/0x260 [ 172.222097][ T9149] __sock_create+0x738/0x8d0 [ 172.222119][ T9149] mptcp_subflow_create_socket+0xf5/0xed0 [ 172.222141][ T9149] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 172.222165][ T9149] __mptcp_nmpc_sk+0x182/0x7d0 [ 172.222177][ T9149] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 172.222190][ T9149] ? __local_bh_enable_ip+0xa4/0x120 [ 172.222204][ T9149] mptcp_sendmsg+0x163d/0x1eb0 [ 172.222220][ T9149] ? sock_has_perm+0x259/0x2f0 [ 172.222235][ T9149] ? __pfx_sock_has_perm+0x10/0x10 [ 172.222251][ T9149] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 172.222269][ T9149] ? __might_fault+0xe3/0x190 [ 172.222281][ T9149] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 172.222297][ T9149] ? __import_iovec+0x1dd/0x650 [ 172.222309][ T9149] ? __pfx_mptcp_sendmsg+0x10/0x10 [ 172.222324][ T9149] inet_sendmsg+0x119/0x140 [ 172.222338][ T9149] ____sys_sendmsg+0x973/0xc70 [ 172.222357][ T9149] ? copy_msghdr_from_user+0x10a/0x160 [ 172.222372][ T9149] ? __pfx_____sys_sendmsg+0x10/0x10 [ 172.222398][ T9149] ___sys_sendmsg+0x134/0x1d0 [ 172.222413][ T9149] ? __pfx____sys_sendmsg+0x10/0x10 [ 172.222425][ T9149] ? __lock_acquire+0x622/0x1c90 [ 172.222458][ T9149] __sys_sendmsg+0x16d/0x220 [ 172.222472][ T9149] ? __pfx___sys_sendmsg+0x10/0x10 [ 172.222496][ T9149] do_syscall_64+0xcd/0x4c0 [ 172.222511][ T9149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.222523][ T9149] RIP: 0033:0x7fc05678e969 [ 172.222533][ T9149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.222543][ T9149] RSP: 002b:00007fc0576cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 172.222554][ T9149] RAX: ffffffffffffffda RBX: 00007fc0569b5fa0 RCX: 00007fc05678e969 [ 172.222561][ T9149] RDX: 0000000034004000 RSI: 0000200000000240 RDI: 0000000000000004 [ 172.222567][ T9149] RBP: 00007fc0576cc090 R08: 0000000000000000 R09: 0000000000000000 [ 172.222573][ T9149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.222579][ T9149] R13: 0000000000000000 R14: 00007fc0569b5fa0 R15: 00007fff8afeece8 [ 172.222593][ T9149] [ 172.289818][ T9155] FAULT_INJECTION: forcing a failure. [ 172.289818][ T9155] name failslab, interval 1, probability 0, space 0, times 0 [ 172.339399][ T9155] CPU: 3 UID: 0 PID: 9155 Comm: syz.0.1044 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 172.339418][ T9155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 172.339425][ T9155] Call Trace: [ 172.339429][ T9155] [ 172.339435][ T9155] dump_stack_lvl+0x16c/0x1f0 [ 172.339459][ T9155] should_fail_ex+0x512/0x640 [ 172.339479][ T9155] ? fs_reclaim_acquire+0xae/0x150 [ 172.339502][ T9155] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 172.339524][ T9155] should_failslab+0xc2/0x120 [ 172.339539][ T9155] __kmalloc_noprof+0xd2/0x510 [ 172.339555][ T9155] tomoyo_realpath_from_path+0xc2/0x6e0 [ 172.339577][ T9155] tomoyo_check_open_permission+0x2ab/0x3c0 [ 172.339593][ T9155] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 172.339607][ T9155] ? look_up_lock_class+0x6b/0x150 [ 172.339635][ T9155] ? find_held_lock+0x2b/0x80 [ 172.339651][ T9155] tomoyo_file_open+0x6b/0x90 [ 172.339662][ T9155] security_file_open+0x84/0x1e0 [ 172.339680][ T9155] do_dentry_open+0x596/0x1c10 [ 172.339710][ T9155] vfs_open+0x82/0x3f0 [ 172.339729][ T9155] path_openat+0x1de4/0x2cb0 [ 172.339748][ T9155] ? __pfx_path_openat+0x10/0x10 [ 172.339762][ T9155] ? __lock_acquire+0xb8a/0x1c90 [ 172.339778][ T9155] do_filp_open+0x20b/0x470 [ 172.339791][ T9155] ? __pfx_do_filp_open+0x10/0x10 [ 172.339814][ T9155] ? alloc_fd+0x471/0x7d0 [ 172.339831][ T9155] do_sys_openat2+0x11b/0x1d0 [ 172.339850][ T9155] ? __pfx_do_sys_openat2+0x10/0x10 [ 172.339868][ T9155] ? __fget_files+0x20e/0x3c0 [ 172.339884][ T9155] __x64_sys_openat+0x174/0x210 [ 172.339901][ T9155] ? __pfx___x64_sys_openat+0x10/0x10 [ 172.339916][ T9155] ? ksys_write+0x1ac/0x250 [ 172.339933][ T9155] do_syscall_64+0xcd/0x4c0 [ 172.339948][ T9155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.339960][ T9155] RIP: 0033:0x7f67abd8e969 [ 172.339969][ T9155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.339980][ T9155] RSP: 002b:00007f67acbf5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 172.339991][ T9155] RAX: ffffffffffffffda RBX: 00007f67abfb6080 RCX: 00007f67abd8e969 [ 172.339998][ T9155] RDX: 00000000000a4e01 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 172.340004][ T9155] RBP: 00007f67acbf5090 R08: 0000000000000000 R09: 0000000000000000 [ 172.340010][ T9155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 172.340017][ T9155] R13: 0000000000000001 R14: 00007f67abfb6080 R15: 00007ffe440a7e28 [ 172.340031][ T9155] [ 172.340161][ T9155] ERROR: Out of memory at tomoyo_realpath_from_path. [ 172.361257][ T9163] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 172.511756][ T9174] binder_alloc: 9173: binder_alloc_buf, no vma [ 172.513598][ T40] audit: type=1400 audit(172.403:502): avc: denied { call } for pid=9173 comm="syz.2.1048" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 172.583954][ T9179] misc userio: Begin command sent, but we're already running [ 172.757183][ T9069] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 172.765602][ T9069] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 172.770332][ T9069] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 172.774625][ T9069] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 172.817704][ T9069] 8021q: adding VLAN 0 to HW filter on device bond0 [ 172.831388][ T9069] 8021q: adding VLAN 0 to HW filter on device team0 [ 172.838642][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.841699][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 172.849528][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.851834][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 172.994060][ T9069] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 173.020894][ T9069] veth0_vlan: entered promiscuous mode [ 173.028241][ T9069] veth1_vlan: entered promiscuous mode [ 173.041129][ T9069] veth0_macvtap: entered promiscuous mode [ 173.044840][ T9069] veth1_macvtap: entered promiscuous mode [ 173.060154][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 173.067198][ T9069] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 173.071298][ T9069] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.074952][ T9069] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.078321][ T9069] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.080975][ T9069] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 173.126650][ T61] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.129081][ T61] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.148285][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 173.148767][ T9208] FAULT_INJECTION: forcing a failure. [ 173.148767][ T9208] name failslab, interval 1, probability 0, space 0, times 0 [ 173.150668][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 173.154385][ T9208] CPU: 0 UID: 0 PID: 9208 Comm: syz.0.1053 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 173.154402][ T9208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 173.154409][ T9208] Call Trace: [ 173.154414][ T9208] [ 173.154419][ T9208] dump_stack_lvl+0x16c/0x1f0 [ 173.154438][ T9208] should_fail_ex+0x512/0x640 [ 173.154455][ T9208] ? fs_reclaim_acquire+0xae/0x150 [ 173.154472][ T9208] ? tomoyo_encode2+0x100/0x3e0 [ 173.154488][ T9208] should_failslab+0xc2/0x120 [ 173.154515][ T9208] __kmalloc_noprof+0xd2/0x510 [ 173.154533][ T9208] tomoyo_encode2+0x100/0x3e0 [ 173.154551][ T9208] tomoyo_encode+0x29/0x50 [ 173.154567][ T9208] tomoyo_realpath_from_path+0x18f/0x6e0 [ 173.154585][ T9208] ? tomoyo_profile+0x47/0x60 [ 173.154597][ T9208] tomoyo_path_number_perm+0x245/0x580 [ 173.154611][ T9208] ? tomoyo_path_number_perm+0x237/0x580 [ 173.154627][ T9208] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 173.154642][ T9208] ? find_held_lock+0x2b/0x80 [ 173.154666][ T9208] ? find_held_lock+0x2b/0x80 [ 173.154676][ T9208] ? hook_file_ioctl_common+0x145/0x410 [ 173.154691][ T9208] ? __fget_files+0x20e/0x3c0 [ 173.154706][ T9208] security_file_ioctl+0x9b/0x240 [ 173.154724][ T9208] __x64_sys_ioctl+0xb7/0x210 [ 173.154743][ T9208] do_syscall_64+0xcd/0x4c0 [ 173.154759][ T9208] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.154771][ T9208] RIP: 0033:0x7f67abd8e969 [ 173.154780][ T9208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.154791][ T9208] RSP: 002b:00007f67acc16038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 173.154802][ T9208] RAX: ffffffffffffffda RBX: 00007f67abfb5fa0 RCX: 00007f67abd8e969 [ 173.154809][ T9208] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 173.154815][ T9208] RBP: 00007f67acc16090 R08: 0000000000000000 R09: 0000000000000000 [ 173.154821][ T9208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.154827][ T9208] R13: 0000000000000000 R14: 00007f67abfb5fa0 R15: 00007ffe440a7e28 [ 173.154841][ T9208] [ 173.155250][ T9208] ERROR: Out of memory at tomoyo_realpath_from_path. [ 173.170374][ T40] audit: type=1400 audit(173.063:503): avc: denied { mounton } for pid=9069 comm="syz-executor" path="/syzkaller.QVMguN/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1 [ 173.278604][ T9218] hpfs: Bad magic ... probably not HPFS [ 173.332942][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1058'. [ 173.338446][ T9224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1058'. [ 173.343671][ T9224] siw: device registration error -23 [ 173.376855][ T9226] FAULT_INJECTION: forcing a failure. [ 173.376855][ T9226] name failslab, interval 1, probability 0, space 0, times 0 [ 173.381848][ T9226] CPU: 1 UID: 0 PID: 9226 Comm: syz.0.1060 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 173.381866][ T9226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 173.381873][ T9226] Call Trace: [ 173.381877][ T9226] [ 173.381882][ T9226] dump_stack_lvl+0x16c/0x1f0 [ 173.381901][ T9226] should_fail_ex+0x512/0x640 [ 173.381918][ T9226] ? __kmalloc_noprof+0xbf/0x510 [ 173.381931][ T9226] ? alloc_port_data+0x12f/0x440 [ 173.381948][ T9226] should_failslab+0xc2/0x120 [ 173.381963][ T9226] __kmalloc_noprof+0xd2/0x510 [ 173.381979][ T9226] alloc_port_data+0x12f/0x440 [ 173.381998][ T9226] ib_device_set_netdev+0x100/0x860 [ 173.382016][ T9226] ? lockdep_init_map_type+0x5c/0x280 [ 173.382035][ T9226] siw_newlink+0x476/0xd70 [ 173.382047][ T9226] nldev_newlink+0x3a3/0x680 [ 173.382062][ T9226] ? __pfx_nldev_newlink+0x10/0x10 [ 173.382120][ T9226] ? cred_has_capability.isra.0+0x193/0x2f0 [ 173.382138][ T9226] ? __pfx_cred_has_capability.isra.0+0x10/0x10 [ 173.382164][ T9226] ? security_capable+0x7e/0x260 [ 173.382178][ T9226] ? ns_capable+0xd7/0x110 [ 173.382195][ T9226] ? __pfx_nldev_newlink+0x10/0x10 [ 173.382210][ T9226] rdma_nl_rcv_msg+0x387/0x6e0 [ 173.382226][ T9226] ? __pfx_rdma_nl_rcv_msg+0x10/0x10 [ 173.382243][ T9226] ? __lock_acquire+0x622/0x1c90 [ 173.382260][ T9226] rdma_nl_rcv_skb.constprop.0.isra.0+0x2d0/0x430 [ 173.382278][ T9226] ? __pfx_rdma_nl_rcv_skb.constprop.0.isra.0+0x10/0x10 [ 173.382299][ T9226] ? netlink_deliver_tap+0x1ae/0xd30 [ 173.382316][ T9226] ? is_vmalloc_addr+0x86/0xa0 [ 173.382332][ T9226] netlink_unicast+0x53a/0x7f0 [ 173.382351][ T9226] ? __pfx_netlink_unicast+0x10/0x10 [ 173.382373][ T9226] netlink_sendmsg+0x8d1/0xdd0 [ 173.382393][ T9226] ? __pfx_netlink_sendmsg+0x10/0x10 [ 173.382416][ T9226] ____sys_sendmsg+0xa98/0xc70 [ 173.382434][ T9226] ? copy_msghdr_from_user+0x10a/0x160 [ 173.382449][ T9226] ? __pfx_____sys_sendmsg+0x10/0x10 [ 173.382473][ T9226] ___sys_sendmsg+0x134/0x1d0 [ 173.382488][ T9226] ? __pfx____sys_sendmsg+0x10/0x10 [ 173.382501][ T9226] ? __lock_acquire+0x622/0x1c90 [ 173.382533][ T9226] __sys_sendmsg+0x16d/0x220 [ 173.382547][ T9226] ? __pfx___sys_sendmsg+0x10/0x10 [ 173.382571][ T9226] do_syscall_64+0xcd/0x4c0 [ 173.382587][ T9226] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.382599][ T9226] RIP: 0033:0x7f67abd8e969 [ 173.382609][ T9226] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 173.382620][ T9226] RSP: 002b:00007f67acc16038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 173.382631][ T9226] RAX: ffffffffffffffda RBX: 00007f67abfb5fa0 RCX: 00007f67abd8e969 [ 173.382638][ T9226] RDX: 0000000000000810 RSI: 0000200000000240 RDI: 0000000000000003 [ 173.382644][ T9226] RBP: 00007f67acc16090 R08: 0000000000000000 R09: 0000000000000000 [ 173.382651][ T9226] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 173.382657][ T9226] R13: 0000000000000000 R14: 00007f67abfb5fa0 R15: 00007ffe440a7e28 [ 173.382671][ T9226] [ 173.384732][ T40] audit: type=1400 audit(173.273:504): avc: denied { connect } for pid=9221 comm="syz.2.1059" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 173.806169][ T40] audit: type=1400 audit(173.703:505): avc: denied { read } for pid=9237 comm="syz.0.1064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 173.901431][ T9240] md: md2 stopped. [ 173.977806][ T9249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1068'. [ 173.982698][ T9249] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1068'. [ 173.989286][ T9249] siw: device registration error -23 [ 174.079799][ T40] audit: type=1800 audit(173.973:506): pid=9260 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.2.1073" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 174.118332][ T40] audit: type=1400 audit(174.013:507): avc: denied { getopt } for pid=9263 comm="syz.2.1075" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1 [ 174.221115][ T9267] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 174.566449][ T9288] FAULT_INJECTION: forcing a failure. [ 174.566449][ T9288] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 174.570680][ T9288] CPU: 1 UID: 0 PID: 9288 Comm: syz.0.1085 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 174.570697][ T9288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 174.570704][ T9288] Call Trace: [ 174.570709][ T9288] [ 174.570714][ T9288] dump_stack_lvl+0x16c/0x1f0 [ 174.570733][ T9288] should_fail_ex+0x512/0x640 [ 174.570753][ T9288] _copy_to_user+0x32/0xd0 [ 174.570772][ T9288] simple_read_from_buffer+0xcb/0x170 [ 174.570786][ T9288] proc_fail_nth_read+0x197/0x270 [ 174.570800][ T9288] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.570813][ T9288] ? rw_verify_area+0xcf/0x680 [ 174.570836][ T9288] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 174.570849][ T9288] vfs_read+0x1e4/0xc60 [ 174.570862][ T9288] ? __pfx___mutex_lock+0x10/0x10 [ 174.570878][ T9288] ? __pfx_vfs_read+0x10/0x10 [ 174.570893][ T9288] ? __fget_files+0x20e/0x3c0 [ 174.570911][ T9288] ksys_read+0x12a/0x250 [ 174.570922][ T9288] ? __pfx_ksys_read+0x10/0x10 [ 174.570935][ T9288] ? fput+0x70/0xf0 [ 174.570952][ T9288] do_syscall_64+0xcd/0x4c0 [ 174.570968][ T9288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 174.570980][ T9288] RIP: 0033:0x7f67abd8d37c [ 174.570990][ T9288] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 174.571001][ T9288] RSP: 002b:00007f67acc16030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 174.571012][ T9288] RAX: ffffffffffffffda RBX: 00007f67abfb5fa0 RCX: 00007f67abd8d37c [ 174.571020][ T9288] RDX: 000000000000000f RSI: 00007f67acc160a0 RDI: 0000000000000007 [ 174.571026][ T9288] RBP: 00007f67acc16090 R08: 0000000000000000 R09: 0000000000000000 [ 174.571032][ T9288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 174.571039][ T9288] R13: 0000000000000000 R14: 00007f67abfb5fa0 R15: 00007ffe440a7e28 [ 174.571053][ T9288] [ 174.659815][ T9290] xt_l2tp: missing protocol rule (udp|l2tpip) [ 174.677923][ T9294] openvswitch: netlink: Invalid MD length 0 for MD type 0 [ 174.680181][ T9294] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 174.766092][ T9306] 9p: Unknown access argument FãHžòogx™1+muž­eG¬Ù6#–ÏÜÞ&…û÷Zª¦ |Åv–¾™‹%´2@÷ã;â$=9«¹`³{_ÞkÖ c×`äCêgô“êxŽpÒè;ÓsœÂ%àìæ`YŒoºžkRœ´™°‹29›ÛLW} `Åwpç00000000000000000000: -22 [ 174.890129][ T9309] bridge1: entered promiscuous mode [ 174.928288][ T40] audit: type=1400 audit(174.823:508): avc: denied { bind } for pid=9314 comm="syz.3.1095" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1 [ 174.960207][ T9317] lo speed is unknown, defaulting to 1000 [ 174.963286][ T9317] lo speed is unknown, defaulting to 1000 [ 174.983328][ T9319] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 174.999711][ T9319] program syz.3.1097 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 175.212481][ T9334] FAULT_INJECTION: forcing a failure. [ 175.212481][ T9334] name failslab, interval 1, probability 0, space 0, times 0 [ 175.217620][ T9334] CPU: 1 UID: 0 PID: 9334 Comm: syz.3.1102 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 175.217636][ T9334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.217643][ T9334] Call Trace: [ 175.217647][ T9334] [ 175.217652][ T9334] dump_stack_lvl+0x16c/0x1f0 [ 175.217671][ T9334] should_fail_ex+0x512/0x640 [ 175.217687][ T9334] ? __kmalloc_noprof+0xbf/0x510 [ 175.217701][ T9334] ? __tipc_nl_compat_doit+0xe4/0x3d0 [ 175.217718][ T9334] should_failslab+0xc2/0x120 [ 175.217732][ T9334] __kmalloc_noprof+0xd2/0x510 [ 175.217744][ T9334] ? avc_has_perm_noaudit+0x149/0x3b0 [ 175.217759][ T9334] __tipc_nl_compat_doit+0xe4/0x3d0 [ 175.217776][ T9334] ? __dev_queue_xmit+0x7eb/0x43e0 [ 175.217792][ T9334] ? __pfx___tipc_nl_compat_doit+0x10/0x10 [ 175.217809][ T9334] ? ___sys_sendmsg+0x134/0x1d0 [ 175.217829][ T9334] ? bpf_lsm_capable+0x9/0x10 [ 175.217839][ T9334] ? security_capable+0x7e/0x260 [ 175.217861][ T9334] tipc_nl_compat_doit+0x11e/0x290 [ 175.217887][ T9334] tipc_nl_compat_recv+0x741/0xc50 [ 175.217915][ T9334] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 175.217942][ T9334] ? __pfx___tipc_nl_net_set+0x10/0x10 [ 175.217966][ T9334] ? __pfx_tipc_nl_compat_net_set+0x10/0x10 [ 175.217993][ T9334] ? __mutex_trylock_common+0xe9/0x250 [ 175.218025][ T9334] ? rcu_is_watching+0x12/0xc0 [ 175.218044][ T9334] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 175.218061][ T9334] genl_family_rcv_msg_doit+0x206/0x2f0 [ 175.218074][ T9334] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 175.218086][ T9334] ? genl_get_cmd+0x194/0x580 [ 175.218102][ T9334] ? __radix_tree_lookup+0x21f/0x2c0 [ 175.218131][ T9334] genl_rcv_msg+0x55c/0x800 [ 175.218145][ T9334] ? __pfx_genl_rcv_msg+0x10/0x10 [ 175.218158][ T9334] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 175.218181][ T9334] netlink_rcv_skb+0x155/0x420 [ 175.218199][ T9334] ? __pfx_genl_rcv_msg+0x10/0x10 [ 175.218211][ T9334] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 175.218235][ T9334] ? netlink_deliver_tap+0x1ae/0xd30 [ 175.218254][ T9334] genl_rcv+0x28/0x40 [ 175.218264][ T9334] netlink_unicast+0x53a/0x7f0 [ 175.218283][ T9334] ? __pfx_netlink_unicast+0x10/0x10 [ 175.218305][ T9334] netlink_sendmsg+0x8d1/0xdd0 [ 175.218325][ T9334] ? __pfx_netlink_sendmsg+0x10/0x10 [ 175.218348][ T9334] ____sys_sendmsg+0xa98/0xc70 [ 175.218366][ T9334] ? copy_msghdr_from_user+0x10a/0x160 [ 175.218380][ T9334] ? __pfx_____sys_sendmsg+0x10/0x10 [ 175.218405][ T9334] ___sys_sendmsg+0x134/0x1d0 [ 175.218420][ T9334] ? __pfx____sys_sendmsg+0x10/0x10 [ 175.218433][ T9334] ? __lock_acquire+0x622/0x1c90 [ 175.218465][ T9334] __sys_sendmsg+0x16d/0x220 [ 175.218480][ T9334] ? __pfx___sys_sendmsg+0x10/0x10 [ 175.218504][ T9334] do_syscall_64+0xcd/0x4c0 [ 175.218521][ T9334] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.218532][ T9334] RIP: 0033:0x7f026618e969 [ 175.218542][ T9334] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 175.218554][ T9334] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 175.218565][ T9334] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 175.218572][ T9334] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 175.218579][ T9334] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 175.218585][ T9334] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.218592][ T9334] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 175.218606][ T9334] [ 175.255203][ T9335] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 175.422290][ T9341] lo speed is unknown, defaulting to 1000 [ 175.426072][ T9341] lo speed is unknown, defaulting to 1000 [ 175.523524][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 175.533428][ T9341] FAULT_INJECTION: forcing a failure. [ 175.533428][ T9341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 175.539201][ T9341] CPU: 0 UID: 0 PID: 9341 Comm: syz.3.1104 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 175.539227][ T9341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 175.539238][ T9341] Call Trace: [ 175.539245][ T9341] [ 175.539252][ T9341] dump_stack_lvl+0x16c/0x1f0 [ 175.539281][ T9341] should_fail_ex+0x512/0x640 [ 175.539310][ T9341] _copy_to_user+0x32/0xd0 [ 175.539340][ T9341] simple_read_from_buffer+0xcb/0x170 [ 175.539363][ T9341] proc_fail_nth_read+0x197/0x270 [ 175.539385][ T9341] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 175.539407][ T9341] ? rw_verify_area+0xcf/0x680 [ 175.539434][ T9341] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 175.539454][ T9341] vfs_read+0x1e4/0xc60 [ 175.539477][ T9341] ? __pfx___mutex_lock+0x10/0x10 [ 175.539500][ T9341] ? __pfx_vfs_read+0x10/0x10 [ 175.539526][ T9341] ? __fget_files+0x20e/0x3c0 [ 175.539555][ T9341] ksys_read+0x12a/0x250 [ 175.539574][ T9341] ? __pfx_ksys_read+0x10/0x10 [ 175.539601][ T9341] do_syscall_64+0xcd/0x4c0 [ 175.539626][ T9341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 175.539644][ T9341] RIP: 0033:0x7f026618d37c [ 175.539660][ T9341] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 175.539677][ T9341] RSP: 002b:00007f0263ff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 175.539695][ T9341] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618d37c [ 175.539707][ T9341] RDX: 000000000000000f RSI: 00007f0263ff60a0 RDI: 000000000000000d [ 175.539718][ T9341] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 175.539729][ T9341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 175.539739][ T9341] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 175.539765][ T9341] [ 175.710794][ T40] audit: type=1400 audit(175.603:509): avc: denied { getopt } for pid=9351 comm="syz.0.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 175.718113][ T40] audit: type=1400 audit(175.613:510): avc: denied { ioctl } for pid=9351 comm="syz.0.1108" path="mnt:[4026533021]" dev="nsfs" ino=4026533021 ioctlcmd=0x940c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 175.758234][ T9354] __nla_validate_parse: 5 callbacks suppressed [ 175.758246][ T9354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1109'. [ 175.764111][ T9354] netlink: 244 bytes leftover after parsing attributes in process `syz.0.1109'. [ 175.768947][ T9354] netlink: 'syz.0.1109': attribute type 1 has an invalid length. [ 175.771439][ T9354] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1109'. [ 175.801837][ T5293] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 175.808644][ T5293] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 175.812586][ T5293] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 175.819596][ T5293] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 175.822438][ T5293] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 175.842932][ T9355] lo speed is unknown, defaulting to 1000 [ 175.845874][ T9355] lo speed is unknown, defaulting to 1000 [ 175.939715][ T9355] chnl_net:caif_netlink_parms(): no params data found [ 175.981511][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1111'. [ 175.985024][ T9365] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1111'. [ 175.993307][ T9365] siw: device registration error -23 [ 176.063988][ T9370] sp0: Synchronizing with TNC [ 176.066271][ T9355] bridge0: port 1(bridge_slave_0) entered blocking state [ 176.069360][ T9355] bridge0: port 1(bridge_slave_0) entered disabled state [ 176.072289][ T9355] bridge_slave_0: entered allmulticast mode [ 176.078908][ T9355] bridge_slave_0: entered promiscuous mode [ 176.086071][ T9355] bridge0: port 2(bridge_slave_1) entered blocking state [ 176.088966][ T9355] bridge0: port 2(bridge_slave_1) entered disabled state [ 176.092213][ T9355] bridge_slave_1: entered allmulticast mode [ 176.097044][ T9355] bridge_slave_1: entered promiscuous mode [ 176.147659][ T9355] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 176.150626][ T9376] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1112'. [ 176.154997][ T9355] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 176.192961][ T9355] team0: Port device team_slave_0 added [ 176.197474][ T9355] team0: Port device team_slave_1 added [ 176.230419][ T9355] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 176.232628][ T9355] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.241312][ T9355] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 176.245817][ T9355] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 176.246041][ T9382] fuse: Bad value for 'fd' [ 176.247964][ T9355] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 176.257446][ T9355] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 176.293719][ T9355] hsr_slave_0: entered promiscuous mode [ 176.296552][ T9355] hsr_slave_1: entered promiscuous mode [ 176.298565][ T9355] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 176.300837][ T9355] Cannot create hsr debugfs directory [ 176.367430][ T9390] x_tables: duplicate underflow at hook 3 [ 176.429209][ T9394] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1122'. [ 176.487244][ T9398] overlayfs: failed to resolve './file0': -2 [ 176.514018][ T40] audit: type=1400 audit(176.403:511): avc: denied { read } for pid=9399 comm="syz.2.1125" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 176.558556][ T9402] xt_l2tp: v2 doesn't support IP mode [ 176.591610][ T9405] FAULT_INJECTION: forcing a failure. [ 176.591610][ T9405] name failslab, interval 1, probability 0, space 0, times 0 [ 176.597042][ T9405] CPU: 2 UID: 0 PID: 9405 Comm: syz.3.1127 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 176.597067][ T9405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 176.597079][ T9405] Call Trace: [ 176.597085][ T9405] [ 176.597093][ T9405] dump_stack_lvl+0x16c/0x1f0 [ 176.597136][ T9405] should_fail_ex+0x512/0x640 [ 176.597161][ T9405] ? fs_reclaim_acquire+0xae/0x150 [ 176.597190][ T9405] ? tomoyo_encode2+0x100/0x3e0 [ 176.597216][ T9405] should_failslab+0xc2/0x120 [ 176.597239][ T9405] __kmalloc_noprof+0xd2/0x510 [ 176.597265][ T9405] tomoyo_encode2+0x100/0x3e0 [ 176.597294][ T9405] tomoyo_encode+0x29/0x50 [ 176.597319][ T9405] tomoyo_mount_acl+0x144/0x850 [ 176.597342][ T9405] ? kernel_text_address+0x8d/0x100 [ 176.597369][ T9405] ? __kernel_text_address+0xd/0x40 [ 176.597394][ T9405] ? unwind_get_return_address+0x59/0xa0 [ 176.597419][ T9405] ? arch_stack_walk+0xa6/0x100 [ 176.597445][ T9405] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 176.597476][ T9405] ? stack_trace_save+0x8e/0xc0 [ 176.597517][ T9405] ? tomoyo_domain+0xbb/0x150 [ 176.597534][ T9405] ? tomoyo_profile+0x47/0x60 [ 176.597555][ T9405] tomoyo_mount_permission+0x16d/0x420 [ 176.597578][ T9405] ? tomoyo_mount_permission+0x14f/0x420 [ 176.597604][ T9405] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 176.597645][ T9405] security_sb_mount+0x9b/0x260 [ 176.597671][ T9405] path_mount+0x128/0x1f70 [ 176.597698][ T9405] ? kmem_cache_free+0x2d1/0x4d0 [ 176.597715][ T9405] ? __pfx_path_mount+0x10/0x10 [ 176.597743][ T9405] ? putname+0x154/0x1a0 [ 176.597770][ T9405] __x64_sys_mount+0x28d/0x310 [ 176.597795][ T9405] ? __pfx___x64_sys_mount+0x10/0x10 [ 176.597819][ T9405] ? getname_flags.part.0+0x1c5/0x550 [ 176.597852][ T9405] do_syscall_64+0xcd/0x4c0 [ 176.597878][ T9405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.597898][ T9405] RIP: 0033:0x7f026618e969 [ 176.597913][ T9405] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 176.597931][ T9405] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 176.597949][ T9405] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 176.597967][ T9405] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000200000000040 [ 176.597979][ T9405] RBP: 00007f0263ff6090 R08: 0000200000000140 R09: 0000000000000000 [ 176.597991][ T9405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 176.598002][ T9405] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 176.598030][ T9405] [ 176.693856][ C2] vkms_vblank_simulate: vblank timer overrun [ 176.767678][ T40] audit: type=1400 audit(176.663:512): avc: denied { ioctl } for pid=9409 comm="syz.3.1129" path="socket:[31612]" dev="sockfs" ino=31612 ioctlcmd=0x8b22 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1 [ 177.095887][ T9416] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1132'. [ 177.100944][ T9416] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1132'. [ 177.239535][ T9418] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1133'. [ 177.276861][ T40] audit: type=1400 audit(177.173:513): avc: denied { read write } for pid=9419 comm="syz.0.1134" name="file0" dev="9p" ino=36047774 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 177.283880][ T40] audit: type=1400 audit(177.173:514): avc: denied { open } for pid=9419 comm="syz.0.1134" path="/292/file0/file0" dev="9p" ino=36047774 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 177.299449][ T40] audit: type=1400 audit(177.193:515): avc: denied { append } for pid=9419 comm="syz.0.1134" path="/292/file0/bus" dev="9p" ino=36047885 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 177.300401][ T9420] cgroup: none used incorrectly [ 177.306442][ T40] audit: type=1800 audit(177.193:516): pid=9420 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.0.1134" name="bus" dev="9p" ino=36047885 res=0 errno=0 [ 177.306470][ T40] audit: type=1400 audit(177.193:517): avc: denied { mounton } for pid=9419 comm="syz.0.1134" path="/292/file0" dev="9p" ino=36047757 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 177.332942][ T9421] netfs: Couldn't get user pages (rc=-14) [ 177.422558][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.504489][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.610189][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 177.761066][ T5937] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 177.765450][ T13] bridge_slave_1: left allmulticast mode [ 177.766008][ T5937] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 177.767784][ T13] bridge_slave_1: left promiscuous mode [ 177.772637][ T5937] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 177.774287][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 177.779962][ T5937] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 177.783876][ T5937] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 177.784626][ T13] bridge_slave_0: left allmulticast mode [ 177.789285][ T13] bridge_slave_0: left promiscuous mode [ 177.791846][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 177.898023][ T5937] Bluetooth: hci2: command tx timeout [ 178.080463][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 178.084483][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 178.090052][ T13] bond0 (unregistering): Released all slaves [ 178.117651][ T9426] lo speed is unknown, defaulting to 1000 [ 178.120355][ T9426] lo speed is unknown, defaulting to 1000 [ 178.283890][ T9426] chnl_net:caif_netlink_parms(): no params data found [ 178.394997][ T13] hsr_slave_0: left promiscuous mode [ 178.397968][ T13] hsr_slave_1: left promiscuous mode [ 178.400736][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 178.403858][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 178.408528][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 178.411929][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 178.431258][ T13] veth1_macvtap: left promiscuous mode [ 178.432996][ T13] veth0_macvtap: left promiscuous mode [ 178.434738][ T13] veth1_vlan: left promiscuous mode [ 178.436658][ T13] veth0_vlan: left promiscuous mode [ 179.057469][ T13] team0 (unregistering): Port device team_slave_1 removed [ 179.137815][ T13] team0 (unregistering): Port device team_slave_0 removed [ 179.642539][ T9445] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12 [ 179.650948][ T9445] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12 [ 179.654684][ T9445] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 179.672033][ T9426] bridge0: port 1(bridge_slave_0) entered blocking state [ 179.675665][ T9426] bridge0: port 1(bridge_slave_0) entered disabled state [ 179.678650][ T9426] bridge_slave_0: entered allmulticast mode [ 179.682559][ T9426] bridge_slave_0: entered promiscuous mode [ 179.689207][ T9426] bridge0: port 2(bridge_slave_1) entered blocking state [ 179.691776][ T9426] bridge0: port 2(bridge_slave_1) entered disabled state [ 179.694051][ T9426] bridge_slave_1: entered allmulticast mode [ 179.697314][ T9426] bridge_slave_1: entered promiscuous mode [ 179.786546][ T9426] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 179.812398][ T9426] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 179.815058][ T5937] Bluetooth: hci1: command tx timeout [ 179.871158][ T9426] team0: Port device team_slave_0 added [ 179.888550][ T9426] team0: Port device team_slave_1 added [ 179.941273][ T9355] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 179.948185][ T9426] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 179.950521][ T9426] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.965500][ T9426] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 179.970968][ T9426] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 179.973213][ T9426] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 179.981274][ T5937] Bluetooth: hci2: command tx timeout [ 179.983643][ T9426] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 179.988288][ T9355] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 179.993563][ T9355] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 180.007136][ T9355] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 180.080854][ T9426] hsr_slave_0: entered promiscuous mode [ 180.083892][ T9426] hsr_slave_1: entered promiscuous mode [ 180.095281][ T9426] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 180.097640][ T9426] Cannot create hsr debugfs directory [ 180.264393][ T9355] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.321006][ T9355] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.339148][ T1185] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.342068][ T1185] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.364684][ T9426] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 180.373311][ T9426] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 180.381836][ T9426] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 180.394569][ T1185] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.396781][ T1185] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.399695][ T9426] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 180.494049][ T9426] 8021q: adding VLAN 0 to HW filter on device bond0 [ 180.505210][ T9426] 8021q: adding VLAN 0 to HW filter on device team0 [ 180.519936][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 180.523117][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 180.546865][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 180.549113][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 180.563639][ T9355] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.601771][ T9355] veth0_vlan: entered promiscuous mode [ 180.608221][ T9355] veth1_vlan: entered promiscuous mode [ 180.623048][ T9355] veth0_macvtap: entered promiscuous mode [ 180.627543][ T9355] veth1_macvtap: entered promiscuous mode [ 180.638557][ T9355] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.646662][ T9355] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.652644][ T9355] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.656962][ T9355] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.659655][ T9355] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.662622][ T9355] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.713404][ T9426] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 180.719075][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.721635][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.749050][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.751759][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.891870][ T9426] veth0_vlan: entered promiscuous mode [ 180.896624][ T9426] veth1_vlan: entered promiscuous mode [ 180.914004][ T9426] veth0_macvtap: entered promiscuous mode [ 180.918443][ T9426] veth1_macvtap: entered promiscuous mode [ 180.926534][ T9426] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 180.933905][ T9426] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 180.939612][ T9426] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.942403][ T9426] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.945209][ T9426] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.948520][ T9426] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 180.983782][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 180.987052][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 180.999500][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 181.002201][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 181.044936][ T40] kauditd_printk_skb: 1 callbacks suppressed [ 181.044947][ T40] audit: type=1400 audit(180.933:519): avc: denied { lock } for pid=9490 comm="syz.2.1151" path="socket:[35143]" dev="sockfs" ino=35143 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 181.122854][ T9498] netlink: 'syz.4.1138': attribute type 10 has an invalid length. [ 181.132035][ T9498] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 181.207056][ T9502] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1155'. [ 181.461320][ T9512] fuse: Bad value for 'fd' [ 181.567344][ T6068] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 181.725489][ T6068] usb 9-1: too many configurations: 9, using maximum allowed: 8 [ 181.729557][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.733332][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.738514][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.743337][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.747652][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.752223][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.757323][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.760892][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.765431][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.769081][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.772618][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.777210][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.780736][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.784252][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.788893][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.792626][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.796402][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.800746][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.804224][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.808014][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.812082][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.816121][ T6068] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 181.818912][ T6068] usb 9-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 181.826361][ T6068] usb 9-1: config 0 interface 0 has no altsetting 0 [ 181.829972][ T6068] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 181.832819][ T6068] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 181.835441][ T6068] usb 9-1: Product: syz [ 181.836724][ T6068] usb 9-1: Manufacturer: syz [ 181.838117][ T6068] usb 9-1: SerialNumber: syz [ 181.840822][ T6068] usb 9-1: config 0 descriptor?? [ 181.855789][ T6068] yurex 9-1:0.0: USB YUREX device now attached to Yurex #0 [ 181.896070][ T5937] Bluetooth: hci1: command tx timeout [ 182.049147][ T6068] usb 9-1: USB disconnect, device number 2 [ 182.052858][ T9510] yurex 9-1:0.0: yurex_write - failed to send bulk msg, error -19 [ 182.055515][ T6068] yurex 9-1:0.0: USB YUREX #0 now disconnected [ 182.279267][ T9516] netlink: 5 bytes leftover after parsing attributes in process `syz.2.1160'. [ 182.283010][ T9516] 0ªX¹¦D: renamed from gretap0 (while UP) [ 182.287357][ T9516] 0ªX¹¦D: entered allmulticast mode [ 182.289903][ T9516] A link change request failed with some changes committed already. Interface 30ªX¹¦D may have been left with an inconsistent configuration, please check. [ 182.416874][ T9525] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 182.453870][ T9527] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1165'. [ 182.495767][ T1144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.613964][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 182.618129][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 182.697303][ T9536] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1169'. [ 182.701796][ T9536] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1169'. [ 182.710022][ T9536] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1169'. [ 182.716633][ T9536] xt_hashlimit: size too large, truncated to 1048576 [ 182.746305][ T5293] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 182.752795][ T5293] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 182.765144][ T5293] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 182.771998][ T5293] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 182.777557][ T5293] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 182.797826][ T9537] lo speed is unknown, defaulting to 1000 [ 182.800391][ T9537] lo speed is unknown, defaulting to 1000 [ 182.921498][ T9537] chnl_net:caif_netlink_parms(): no params data found [ 182.924398][ T9546] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1170'. [ 182.938515][ T9546] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1170'. [ 182.942819][ T9546] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1170'. [ 182.947262][ T40] audit: type=1326 audit(182.843:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9547 comm="syz.2.1171" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc05678e969 code=0x0 [ 182.980882][ T9550] netlink: 16810 bytes leftover after parsing attributes in process `syz.4.1172'. [ 183.052488][ T9537] bridge0: port 1(bridge_slave_0) entered blocking state [ 183.053840][ T9556] FAULT_INJECTION: forcing a failure. [ 183.053840][ T9556] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 183.054958][ T9537] bridge0: port 1(bridge_slave_0) entered disabled state [ 183.061189][ T9556] CPU: 3 UID: 0 PID: 9556 Comm: syz.4.1173 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 183.061206][ T9556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.061213][ T9556] Call Trace: [ 183.061217][ T9556] [ 183.061222][ T9556] dump_stack_lvl+0x16c/0x1f0 [ 183.061255][ T9556] should_fail_ex+0x512/0x640 [ 183.061275][ T9556] should_fail_alloc_page+0xe7/0x130 [ 183.061291][ T9556] prepare_alloc_pages+0x3c2/0x610 [ 183.061310][ T9556] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 183.061326][ T9556] ? get_page_from_freelist+0x1321/0x3890 [ 183.061343][ T9556] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 183.061358][ T9556] ? rcu_is_watching+0x12/0xc0 [ 183.061370][ T9556] ? trace_mm_page_alloc+0x11f/0x1a0 [ 183.061391][ T9556] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 183.061411][ T9556] ? policy_nodemask+0xea/0x4e0 [ 183.061426][ T9556] alloc_pages_mpol+0x1fb/0x550 [ 183.061441][ T9556] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 183.061460][ T9556] folio_alloc_mpol_noprof+0x36/0x2f0 [ 183.061478][ T9556] vma_alloc_folio_noprof+0xed/0x1e0 [ 183.061494][ T9556] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 183.061511][ T9556] ? rcu_read_unlock+0x2d/0xb0 [ 183.061526][ T9556] do_wp_page+0x1136/0x4f50 [ 183.061546][ T9556] ? __pfx_do_wp_page+0x10/0x10 [ 183.061563][ T9556] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 183.061584][ T9556] __handle_mm_fault+0x2223/0x53d0 [ 183.061607][ T9556] ? __pfx___handle_mm_fault+0x10/0x10 [ 183.061625][ T9556] ? __pte_offset_map_lock+0x174/0x310 [ 183.061640][ T9556] ? vm_normal_page+0x152/0x2e0 [ 183.061654][ T9556] ? find_held_lock+0x2b/0x80 [ 183.061664][ T9556] ? find_held_lock+0x2b/0x80 [ 183.061682][ T9556] ? follow_page_pte+0x3af/0x14c0 [ 183.061701][ T9556] handle_mm_fault+0x589/0xd10 [ 183.061715][ T9556] __get_user_pages+0x589/0x3b80 [ 183.061737][ T9556] ? __pfx___get_user_pages+0x10/0x10 [ 183.061754][ T9556] ? __pfx_down_read_killable+0x10/0x10 [ 183.061771][ T9556] ? get_user_pages_unlocked+0x4f4/0x780 [ 183.061791][ T9556] get_user_pages_unlocked+0x1c1/0x780 [ 183.061809][ T9556] ? __pfx_get_user_pages_unlocked+0x10/0x10 [ 183.061826][ T9556] ? get_user_pages_fast_only+0xae/0xf0 [ 183.061842][ T9556] ? __pfx_get_user_pages_fast_only+0x10/0x10 [ 183.061859][ T9556] ? __pfx___might_resched+0x10/0x10 [ 183.061871][ T9556] ? is_bpf_text_address+0x8a/0x1a0 [ 183.061884][ T9556] hva_to_pfn+0x886/0xe40 [ 183.061903][ T9556] ? __pfx_hva_to_pfn+0x10/0x10 [ 183.061921][ T9556] ? __lock_acquire+0x622/0x1c90 [ 183.061944][ T9556] kvm_follow_pfn+0x2d4/0x430 [ 183.061962][ T9556] __kvm_faultin_pfn+0x11c/0x1a0 [ 183.061978][ T9556] ? __pfx___kvm_faultin_pfn+0x10/0x10 [ 183.061995][ T9556] ? __pfx_xa_load+0x10/0x10 [ 183.062012][ T9556] ? fast_page_fault+0x1030/0x1450 [ 183.062031][ T9556] kvm_mmu_faultin_pfn+0x581/0x2170 [ 183.062050][ T9556] ? __pfx_fast_page_fault+0x10/0x10 [ 183.062066][ T9556] ? __pfx_kvm_mmu_faultin_pfn+0x10/0x10 [ 183.062082][ T9556] ? __kvm_mmu_topup_memory_cache+0x332/0x600 [ 183.062097][ T9556] ? find_held_lock+0x2b/0x80 [ 183.062112][ T9556] kvm_tdp_page_fault+0x186/0x3f0 [ 183.062125][ T9556] kvm_mmu_do_page_fault+0x588/0x6c0 [ 183.062138][ T9556] ? __pfx_kvm_mmu_do_page_fault+0x10/0x10 [ 183.062154][ T9556] ? __kernel_text_address+0xd/0x40 [ 183.062171][ T9556] ? unwind_get_return_address+0x59/0xa0 [ 183.062190][ T9556] ? arch_stack_walk+0xa6/0x100 [ 183.062208][ T9556] kvm_mmu_page_fault+0x225/0x1cb0 [ 183.062222][ T9556] ? stack_trace_save+0x8e/0xc0 [ 183.062237][ T9556] ? __pfx_kvm_mmu_page_fault+0x10/0x10 [ 183.062250][ T9556] ? __lock_acquire+0xb8a/0x1c90 [ 183.062265][ T9556] ? __vmx_complete_interrupts+0x111/0x4e0 [ 183.062276][ T9556] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 183.062297][ T9556] handle_ept_violation+0x2b4/0x6e0 [ 183.062308][ T9556] ? __pfx_handle_ept_violation+0x10/0x10 [ 183.062318][ T9556] vmx_handle_exit+0x1243/0x1bc0 [ 183.062340][ T9556] vcpu_run+0x3155/0x54b0 [ 183.062358][ T9556] ? __pfx_vcpu_run+0x10/0x10 [ 183.062373][ T9556] ? fpu_swap_kvm_fpstate+0x1be/0x410 [ 183.062390][ T9556] ? __local_bh_enable_ip+0xa4/0x120 [ 183.062403][ T9556] ? kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 183.062415][ T9556] kvm_arch_vcpu_ioctl_run+0x51e/0x18c0 [ 183.062432][ T9556] kvm_vcpu_ioctl+0x5e9/0x1680 [ 183.062447][ T9556] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 183.062464][ T9556] ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540 [ 183.062483][ T9556] ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10 [ 183.062505][ T9556] ? hook_file_ioctl_common+0x145/0x410 [ 183.062521][ T9556] ? selinux_file_ioctl+0x180/0x270 [ 183.062536][ T9556] ? selinux_file_ioctl+0xb4/0x270 [ 183.062553][ T9556] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 183.062567][ T9556] __x64_sys_ioctl+0x18b/0x210 [ 183.062586][ T9556] do_syscall_64+0xcd/0x4c0 [ 183.062602][ T9556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.062613][ T9556] RIP: 0033:0x7f0b0e78e969 [ 183.062623][ T9556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 183.062635][ T9556] RSP: 002b:00007f0b0f6b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 183.062646][ T9556] RAX: ffffffffffffffda RBX: 00007f0b0e9b5fa0 RCX: 00007f0b0e78e969 [ 183.062653][ T9556] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 183.062659][ T9556] RBP: 00007f0b0f6b3090 R08: 0000000000000000 R09: 0000000000000000 [ 183.062666][ T9556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 183.062672][ T9556] R13: 0000000000000000 R14: 00007f0b0e9b5fa0 R15: 00007ffd3fe1a648 [ 183.062691][ T9556] [ 183.181208][ T9560] FAULT_INJECTION: forcing a failure. [ 183.181208][ T9560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 183.185621][ T9537] bridge_slave_0: entered allmulticast mode [ 183.186328][ T9560] CPU: 2 UID: 0 PID: 9560 Comm: syz.3.1174 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 183.186352][ T9560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 183.186362][ T9560] Call Trace: [ 183.186369][ T9560] [ 183.186376][ T9560] dump_stack_lvl+0x16c/0x1f0 [ 183.186403][ T9560] should_fail_ex+0x512/0x640 [ 183.186431][ T9560] _copy_from_user+0x2e/0xd0 [ 183.186457][ T9560] kstrtouint_from_user+0xd6/0x1d0 [ 183.186477][ T9560] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 183.186497][ T9560] ? __lock_acquire+0xb8a/0x1c90 [ 183.186529][ T9560] proc_fail_nth_write+0x83/0x250 [ 183.186549][ T9560] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 183.186574][ T9560] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 183.186592][ T9560] vfs_write+0x29d/0x1150 [ 183.186614][ T9560] ? __pfx___mutex_lock+0x10/0x10 [ 183.186636][ T9560] ? __pfx_vfs_write+0x10/0x10 [ 183.186660][ T9560] ? __fget_files+0x20e/0x3c0 [ 183.186688][ T9560] ksys_write+0x12a/0x250 [ 183.186705][ T9560] ? __pfx_ksys_write+0x10/0x10 [ 183.186729][ T9560] do_syscall_64+0xcd/0x4c0 [ 183.186753][ T9560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.186772][ T9560] RIP: 0033:0x7f026618d41f [ 183.186786][ T9560] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 183.186801][ T9560] RSP: 002b:00007f0263ff6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 183.186816][ T9560] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f026618d41f [ 183.186827][ T9560] RDX: 0000000000000001 RSI: 00007f0263ff60a0 RDI: 0000000000000004 [ 183.186838][ T9560] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 183.186849][ T9560] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 183.186859][ T9560] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 183.186882][ T9560] [ 183.321550][ T9537] bridge_slave_0: entered promiscuous mode [ 183.326286][ T9537] bridge0: port 2(bridge_slave_1) entered blocking state [ 183.329194][ T9537] bridge0: port 2(bridge_slave_1) entered disabled state [ 183.332300][ T9537] bridge_slave_1: entered allmulticast mode [ 183.338774][ T9537] bridge_slave_1: entered promiscuous mode [ 183.402007][ T9537] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 183.408576][ T9537] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 183.460127][ T40] audit: type=1400 audit(183.353:521): avc: denied { accept } for pid=9569 comm="syz.3.1178" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 183.479162][ T9568] input: syz0 as /devices/virtual/input/input66 [ 183.531378][ T9537] team0: Port device team_slave_0 added [ 183.537044][ T9537] team0: Port device team_slave_1 added [ 183.623020][ T9537] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 183.629412][ T9537] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.637493][ T9537] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 183.643965][ T9537] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 183.646287][ T9537] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 183.654049][ T9537] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 183.701868][ T9537] hsr_slave_0: entered promiscuous mode [ 183.704191][ T9537] hsr_slave_1: entered promiscuous mode [ 183.706526][ T9537] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 183.708749][ T9537] Cannot create hsr debugfs directory [ 183.839219][ T9585] xt_hashlimit: size too large, truncated to 1048576 [ 183.975108][ T5293] Bluetooth: hci1: command tx timeout [ 183.985685][ T9597] syzkaller0: entered promiscuous mode [ 183.987414][ T9597] syzkaller0: entered allmulticast mode [ 184.388433][ T9609] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 184.675382][ T9621] FAULT_INJECTION: forcing a failure. [ 184.675382][ T9621] name failslab, interval 1, probability 0, space 0, times 0 [ 184.680177][ T9621] CPU: 2 UID: 0 PID: 9621 Comm: syz.4.1202 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 184.680200][ T9621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 184.680210][ T9621] Call Trace: [ 184.680217][ T9621] [ 184.680224][ T9621] dump_stack_lvl+0x16c/0x1f0 [ 184.680250][ T9621] should_fail_ex+0x512/0x640 [ 184.680273][ T9621] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 184.680295][ T9621] should_failslab+0xc2/0x120 [ 184.680316][ T9621] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 184.680335][ T9621] ? __alloc_skb+0x2b2/0x380 [ 184.680358][ T9621] __alloc_skb+0x2b2/0x380 [ 184.680377][ T9621] ? __pfx___alloc_skb+0x10/0x10 [ 184.680395][ T9621] ? rcu_is_watching+0x12/0xc0 [ 184.680412][ T9621] ? __kmalloc_noprof+0x242/0x510 [ 184.680427][ T9621] ? avc_has_perm_noaudit+0x149/0x3b0 [ 184.680473][ T9621] __tipc_nl_compat_doit+0x110/0x3d0 [ 184.680501][ T9621] ? __dev_queue_xmit+0x7eb/0x43e0 [ 184.680519][ T9621] ? __pfx___tipc_nl_compat_doit+0x10/0x10 [ 184.680542][ T9621] ? ___sys_sendmsg+0x134/0x1d0 [ 184.680568][ T9621] ? bpf_lsm_capable+0x9/0x10 [ 184.680578][ T9621] ? security_capable+0x7e/0x260 [ 184.680601][ T9621] tipc_nl_compat_doit+0x11e/0x290 [ 184.680628][ T9621] tipc_nl_compat_recv+0x741/0xc50 [ 184.680654][ T9621] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 184.680684][ T9621] ? __pfx___tipc_nl_net_set+0x10/0x10 [ 184.680706][ T9621] ? __pfx_tipc_nl_compat_net_set+0x10/0x10 [ 184.680733][ T9621] ? __mutex_trylock_common+0xe9/0x250 [ 184.680762][ T9621] ? rcu_is_watching+0x12/0xc0 [ 184.680776][ T9621] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 184.680801][ T9621] genl_family_rcv_msg_doit+0x206/0x2f0 [ 184.680821][ T9621] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 184.680838][ T9621] ? genl_get_cmd+0x194/0x580 [ 184.680862][ T9621] ? __radix_tree_lookup+0x21f/0x2c0 [ 184.680885][ T9621] genl_rcv_msg+0x55c/0x800 [ 184.680906][ T9621] ? __pfx_genl_rcv_msg+0x10/0x10 [ 184.680924][ T9621] ? __pfx_tipc_nl_compat_recv+0x10/0x10 [ 184.680958][ T9621] netlink_rcv_skb+0x155/0x420 [ 184.680983][ T9621] ? __pfx_genl_rcv_msg+0x10/0x10 [ 184.681001][ T9621] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 184.681036][ T9621] ? netlink_deliver_tap+0x1ae/0xd30 [ 184.681063][ T9621] genl_rcv+0x28/0x40 [ 184.681077][ T9621] netlink_unicast+0x53a/0x7f0 [ 184.681104][ T9621] ? __pfx_netlink_unicast+0x10/0x10 [ 184.681136][ T9621] netlink_sendmsg+0x8d1/0xdd0 [ 184.681164][ T9621] ? __pfx_netlink_sendmsg+0x10/0x10 [ 184.681195][ T9621] ____sys_sendmsg+0xa98/0xc70 [ 184.681220][ T9621] ? copy_msghdr_from_user+0x10a/0x160 [ 184.681240][ T9621] ? __pfx_____sys_sendmsg+0x10/0x10 [ 184.681276][ T9621] ___sys_sendmsg+0x134/0x1d0 [ 184.681292][ T9621] ? __pfx____sys_sendmsg+0x10/0x10 [ 184.681307][ T9621] ? __lock_acquire+0x622/0x1c90 [ 184.681360][ T9621] __sys_sendmsg+0x16d/0x220 [ 184.681382][ T9621] ? __pfx___sys_sendmsg+0x10/0x10 [ 184.681416][ T9621] do_syscall_64+0xcd/0x4c0 [ 184.681441][ T9621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.681459][ T9621] RIP: 0033:0x7f0b0e78e969 [ 184.681473][ T9621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 184.681490][ T9621] RSP: 002b:00007f0b0f6b3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 184.681507][ T9621] RAX: ffffffffffffffda RBX: 00007f0b0e9b5fa0 RCX: 00007f0b0e78e969 [ 184.681517][ T9621] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000004 [ 184.681527][ T9621] RBP: 00007f0b0f6b3090 R08: 0000000000000000 R09: 0000000000000000 [ 184.681537][ T9621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.681548][ T9621] R13: 0000000000000000 R14: 00007f0b0e9b5fa0 R15: 00007ffd3fe1a648 [ 184.681572][ T9621] [ 184.682170][ T1144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.788324][ T9628] xt_hashlimit: size too large, truncated to 1048576 [ 184.865379][ T5293] Bluetooth: hci2: command tx timeout [ 184.890527][ T1144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 184.981287][ T1144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.127126][ T1144] bridge_slave_1: left allmulticast mode [ 185.129605][ T1144] bridge_slave_1: left promiscuous mode [ 185.131777][ T1144] bridge0: port 2(bridge_slave_1) entered disabled state [ 185.136922][ T1144] bridge_slave_0: left allmulticast mode [ 185.138847][ T1144] bridge_slave_0: left promiscuous mode [ 185.140853][ T1144] bridge0: port 1(bridge_slave_0) entered disabled state [ 185.412163][ T1144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 185.416902][ T1144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 185.420375][ T1144] bond0 (unregistering): Released all slaves [ 185.613986][ T40] audit: type=1400 audit(185.503:522): avc: denied { read } for pid=9647 comm="syz.4.1200" name="ppp" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 185.840548][ T1144] hsr_slave_0: left promiscuous mode [ 185.843716][ T1144] hsr_slave_1: left promiscuous mode [ 185.852498][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 185.855886][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 185.861104][ T1144] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 185.864079][ T1144] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 185.894572][ T1144] veth1_macvtap: left promiscuous mode [ 185.897035][ T1144] veth0_macvtap: left promiscuous mode [ 185.900359][ T1144] veth1_vlan: left promiscuous mode [ 185.902610][ T1144] veth0_vlan: left promiscuous mode [ 186.046517][ T9672] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING [ 186.055049][ T5293] Bluetooth: hci1: command tx timeout [ 186.064637][ T9674] xt_hashlimit: size too large, truncated to 1048576 [ 186.623199][ T1144] team0 (unregistering): Port device team_slave_1 removed [ 186.696493][ T1144] team0 (unregistering): Port device team_slave_0 removed [ 186.945291][ T5293] Bluetooth: hci2: command tx timeout [ 187.275306][ T9671] __nla_validate_parse: 19 callbacks suppressed [ 187.275327][ T9671] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1208'. [ 187.348220][ T9682] netlink: 'syz.4.1211': attribute type 3 has an invalid length. [ 187.374575][ T9537] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 187.380036][ T9537] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 187.404757][ T9537] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 187.414255][ T9537] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 187.465106][ T9537] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.479944][ T9537] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.485126][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 187.487177][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 187.492696][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 187.494790][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 187.564809][ T9694] netlink: 'syz.3.1214': attribute type 5 has an invalid length. [ 187.636620][ T9537] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 187.670531][ T9537] veth0_vlan: entered promiscuous mode [ 187.675756][ T9537] veth1_vlan: entered promiscuous mode [ 187.680973][ T9702] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1218'. [ 187.691217][ T9537] veth0_macvtap: entered promiscuous mode [ 187.695793][ T9537] veth1_macvtap: entered promiscuous mode [ 187.704212][ T9537] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.711128][ T9537] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.717402][ T9537] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.720295][ T9537] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.723070][ T9537] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.726634][ T9537] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.769446][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.773270][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 187.791740][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 187.794208][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 188.330454][ T9721] No such timeout policy "syz0" [ 188.336235][ T9721] netlink: 4684 bytes leftover after parsing attributes in process `syz.4.1223'. [ 188.913883][ T9724] mmap: syz.3.1225 (9724) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 188.969497][ T9728] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1226'. [ 188.973220][ T9728] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1226'. [ 188.978356][ T9728] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1226'. [ 189.102691][ T40] audit: type=1400 audit(188.993:523): avc: denied { read } for pid=9730 comm="syz.4.1227" name="btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 189.111874][ T40] audit: type=1400 audit(188.993:524): avc: denied { open } for pid=9730 comm="syz.4.1227" path="/dev/btrfs-control" dev="devtmpfs" ino=1335 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:lvm_control_t tclass=chr_file permissive=1 [ 189.120692][ T40] audit: type=1400 audit(189.013:525): avc: denied { ioctl } for pid=9730 comm="syz.4.1227" path="socket:[35728]" dev="sockfs" ino=35728 ioctlcmd=0x9405 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1 [ 189.214391][ T9736] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes. [ 189.220501][ T9736] netlink: 'syz.2.1229': attribute type 21 has an invalid length. [ 189.223726][ T9736] netlink: 'syz.2.1229': attribute type 6 has an invalid length. [ 189.227209][ T9736] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1229'. [ 189.232333][ T9736] Cannot find del_set index 128 as target [ 189.270099][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'. [ 189.273914][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1230'. [ 189.355345][ T9748] lo speed is unknown, defaulting to 1000 [ 189.359089][ T9748] lo speed is unknown, defaulting to 1000 [ 189.404157][ T9750] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1234'. [ 189.724817][ T9772] lo speed is unknown, defaulting to 1000 [ 189.727417][ T9772] lo speed is unknown, defaulting to 1000 [ 189.923245][ T61] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 190.065068][ T1024] usb 9-1: new high-speed USB device number 3 using dummy_hcd [ 190.225306][ T1024] usb 9-1: Using ep0 maxpacket: 32 [ 190.228942][ T1024] usb 9-1: unable to get BOS descriptor or descriptor too short [ 190.232716][ T1024] usb 9-1: config index 0 descriptor too short (expected 34347, got 43) [ 190.235444][ T1024] usb 9-1: config 31 has too many interfaces: 196, using maximum allowed: 32 [ 190.238432][ T1024] usb 9-1: config 31 has an invalid descriptor of length 0, skipping remainder of the config [ 190.241932][ T1024] usb 9-1: config 31 has 1 interface, different from the descriptor's value: 196 [ 190.245197][ T1024] usb 9-1: config 31 has no interface number 0 [ 190.247372][ T1024] usb 9-1: config 31 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83 [ 190.251782][ T1024] usb 9-1: config 31 interface 81 altsetting 3 bulk endpoint 0x83 has invalid maxpacket 150 [ 190.255359][ T1024] usb 9-1: config 31 interface 81 has no altsetting 0 [ 190.261445][ T1024] usb 9-1: string descriptor 0 read error: -22 [ 190.263553][ T1024] usb 9-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac [ 190.266545][ T1024] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 190.271132][ T9788] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22 [ 190.275948][ T1024] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.4/usb9/9-1/9-1:31.81/input/input67 [ 190.489577][ T5937] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 190.493407][ T5937] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 190.497478][ T5937] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 190.501803][ T5937] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 190.506612][ T5937] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 190.533573][ T9803] lo speed is unknown, defaulting to 1000 [ 190.537417][ T9803] lo speed is unknown, defaulting to 1000 [ 190.540890][ T29] usb 9-1: USB disconnect, device number 3 [ 190.649818][ T9803] chnl_net:caif_netlink_parms(): no params data found [ 190.736498][ T9803] bridge0: port 1(bridge_slave_0) entered blocking state [ 190.739486][ T9803] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.742419][ T9803] bridge_slave_0: entered allmulticast mode [ 190.747881][ T9803] bridge_slave_0: entered promiscuous mode [ 190.752226][ T9803] bridge0: port 2(bridge_slave_1) entered blocking state [ 190.755043][ T9803] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.758074][ T9803] bridge_slave_1: entered allmulticast mode [ 190.762156][ T9803] bridge_slave_1: entered promiscuous mode [ 190.808171][ T9803] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 190.814452][ T9803] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 190.853672][ T9803] team0: Port device team_slave_0 added [ 190.858678][ T9803] team0: Port device team_slave_1 added [ 190.887719][ T9803] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 190.889935][ T9803] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.898322][ T9803] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 190.902632][ T9803] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.904823][ T9803] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.912859][ T9803] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.956175][ T9803] hsr_slave_0: entered promiscuous mode [ 190.958520][ T9803] hsr_slave_1: entered promiscuous mode [ 190.960659][ T9803] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.963927][ T9803] Cannot create hsr debugfs directory [ 191.080797][ T9815] siw: device registration error -23 [ 191.201337][ T9822] xt_hashlimit: size too large, truncated to 1048576 [ 191.286071][ T40] audit: type=1400 audit(191.183:526): avc: denied { setattr } for pid=9831 comm="syz.3.1254" name="file0" dev="9p" ino=36047774 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 191.625456][ T61] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.690107][ T61] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.779146][ T61] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.909200][ T61] bridge_slave_1: left allmulticast mode [ 191.911208][ T61] bridge_slave_1: left promiscuous mode [ 191.914419][ T61] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.920664][ T61] bridge_slave_0: left allmulticast mode [ 191.923044][ T61] bridge_slave_0: left promiscuous mode [ 191.926449][ T61] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.111846][ T9850] overlayfs: failed to clone upperpath [ 192.234851][ T9857] siw: device registration error -23 [ 192.237306][ T61] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.241492][ T61] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.246674][ T61] bond0 (unregistering): Released all slaves [ 192.546776][ T5293] Bluetooth: hci2: command tx timeout [ 192.627367][ T61] hsr_slave_0: left promiscuous mode [ 192.630197][ T61] hsr_slave_1: left promiscuous mode [ 192.633015][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.638004][ T61] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.641811][ T61] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.645297][ T61] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.680624][ T61] veth1_macvtap: left promiscuous mode [ 192.682953][ T61] veth0_macvtap: left promiscuous mode [ 192.685796][ T61] veth1_vlan: left promiscuous mode [ 192.688086][ T61] veth0_vlan: left promiscuous mode [ 192.735123][ T9706] usb 9-1: new high-speed USB device number 4 using dummy_hcd [ 192.799450][ T9880] __nla_validate_parse: 12 callbacks suppressed [ 192.799462][ T9880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1267'. [ 192.859986][ T9881] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1267'. [ 192.869698][ T9881] xt_hashlimit: size too large, truncated to 1048576 [ 192.920623][ T9706] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 192.938294][ T9706] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 192.944994][ T9706] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 192.947583][ T9706] usb 9-1: Product: syz [ 192.948962][ T9706] usb 9-1: Manufacturer: syz [ 192.955103][ T9706] usb 9-1: SerialNumber: syz [ 193.175152][ T9706] usblp 9-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8 [ 193.332725][ T61] team0 (unregistering): Port device team_slave_1 removed [ 193.365468][ T40] audit: type=1400 audit(193.263:527): avc: denied { read write } for pid=9874 comm="syz.4.1266" name="lp0" dev="devtmpfs" ino=3245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 193.372693][ T40] audit: type=1400 audit(193.263:528): avc: denied { open } for pid=9874 comm="syz.4.1266" path="/dev/usb/lp0" dev="devtmpfs" ino=3245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 193.414444][ T61] team0 (unregistering): Port device team_slave_0 removed [ 193.538907][ T40] audit: type=1400 audit(193.433:529): avc: denied { ioctl } for pid=9874 comm="syz.4.1266" path="/dev/usb/lp0" dev="devtmpfs" ino=3245 ioctlcmd=0x60b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:printer_device_t tclass=chr_file permissive=1 [ 193.592943][ T29] usb 9-1: USB disconnect, device number 4 [ 193.596427][ T9887] usblp0:failed reading printer status (-71) [ 193.891783][ T9880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1267'. [ 193.901359][ T9874] usblp0: removed [ 193.929491][ T9891] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1268'. [ 193.944266][ T9803] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 193.963638][ T9803] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 193.968353][ T9803] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 193.973317][ T9803] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 193.989838][ T1423] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.991959][ T1423] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.048732][ T9803] 8021q: adding VLAN 0 to HW filter on device bond0 [ 194.059752][ T9803] 8021q: adding VLAN 0 to HW filter on device team0 [ 194.068484][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.070761][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 194.081561][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.083808][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 194.223073][ T9803] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.249867][ T9803] veth0_vlan: entered promiscuous mode [ 194.255223][ T9803] veth1_vlan: entered promiscuous mode [ 194.269988][ T9803] veth0_macvtap: entered promiscuous mode [ 194.273773][ T9803] veth1_macvtap: entered promiscuous mode [ 194.282599][ T9803] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.288513][ T9803] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 194.293047][ T9803] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.296497][ T9803] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.299187][ T9803] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.301923][ T9803] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 194.342902][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.355590][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.368243][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 194.370737][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 194.457757][ T9920] xt_ecn: cannot match TCP bits for non-tcp packets [ 194.460600][ T9920] fuse: Unknown parameter 'vd' [ 194.463036][ T40] audit: type=1400 audit(194.353:530): avc: denied { getopt } for pid=9919 comm="syz.4.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1 [ 194.471642][ T9920] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1270'. [ 194.513261][ T9925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1272'. [ 194.517280][ T9925] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1272'. [ 194.845340][ T9937] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1276'. [ 194.849367][ T9937] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1276'. [ 194.853186][ T9937] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1276'. [ 194.857492][ T9937] xt_hashlimit: size too large, truncated to 1048576 [ 194.953595][ T40] audit: type=1804 audit(194.843:531): pid=9944 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1275" name="/newroot/40/bus/bus" dev="overlay" ino=230 res=1 errno=0 [ 194.961246][ T40] audit: type=1804 audit(194.853:532): pid=9944 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.4.1275" name="/newroot/40/bus/bus" dev="overlay" ino=230 res=1 errno=0 [ 195.198027][ T40] audit: type=1326 audit(195.093:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9949 comm="syz.3.1278" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f026618e969 code=0x0 [ 195.773645][ T40] audit: type=1804 audit(195.663:534): pid=9959 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1281" name="file0" dev="tmpfs" ino=1913 res=1 errno=0 [ 195.858963][ T9966] overlayfs: failed to clone upperpath [ 195.974208][ T40] audit: type=1400 audit(195.863:535): avc: denied { accept } for pid=9971 comm="syz.2.1285" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 196.044196][ T9976] lo speed is unknown, defaulting to 1000 [ 196.049643][ T9978] xt_hashlimit: size too large, truncated to 1048576 [ 196.049819][ T9976] lo speed is unknown, defaulting to 1000 [ 196.120312][ T40] audit: type=1400 audit(196.013:536): avc: denied { create } for pid=9982 comm="syz.2.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1 [ 196.373829][ T9986] syz.4.1290 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 196.380999][ T40] audit: type=1400 audit(196.273:537): avc: denied { ioctl } for pid=9985 comm="syz.4.1290" path="socket:[38186]" dev="sockfs" ino=38186 ioctlcmd=0x89f3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1 [ 196.452338][ T1185] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.960871][ T9989] netlink: 'syz.4.1291': attribute type 21 has an invalid length. [ 197.011803][ T9997] ubi: mtd0 is already attached to ubi0 [ 197.014803][ T9997] ubi0: detaching mtd0 [ 197.019032][ T9997] ubi0: mtd0 is detached [ 197.021340][ T40] audit: type=1400 audit(196.913:538): avc: denied { setattr } for pid=9996 comm="syz.3.1295" path="/dev/ubi_ctrl" dev="devtmpfs" ino=718 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 197.058001][ T9995] FAULT_INJECTION: forcing a failure. [ 197.058001][ T9995] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 197.062316][ T9995] CPU: 1 UID: 0 PID: 9995 Comm: syz.4.1294 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 197.062332][ T9995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 197.062339][ T9995] Call Trace: [ 197.062344][ T9995] [ 197.062348][ T9995] dump_stack_lvl+0x16c/0x1f0 [ 197.062367][ T9995] should_fail_ex+0x512/0x640 [ 197.062386][ T9995] copy_fpstate_to_sigframe+0x854/0xaf0 [ 197.062402][ T9995] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 197.062413][ T9995] ? posixtimer_deliver_signal+0xed/0x6a0 [ 197.062433][ T9995] ? x86_task_fpu+0x5f/0x90 [ 197.062451][ T9995] get_sigframe+0x4a8/0x9c0 [ 197.062470][ T9995] ? __pfx_get_sigframe+0x10/0x10 [ 197.062486][ T9995] ? trace_irq_enable.constprop.0+0x2f/0x120 [ 197.062505][ T9995] ? _raw_spin_unlock_irq+0x29/0x50 [ 197.062518][ T9995] ? siginfo_layout+0x177/0x290 [ 197.062537][ T9995] x64_setup_rt_frame+0x12e/0xcf0 [ 197.062558][ T9995] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 197.062582][ T9995] arch_do_signal_or_restart+0x5e4/0x7d0 [ 197.062600][ T9995] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 197.062617][ T9995] ? _raw_spin_unlock_irq+0x23/0x50 [ 197.062632][ T9995] ? __do_sys_rt_sigreturn+0x16b/0x230 [ 197.062649][ T9995] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 197.062670][ T9995] exit_to_user_mode_loop+0x84/0x110 [ 197.062688][ T9995] do_syscall_64+0x3f6/0x4c0 [ 197.062705][ T9995] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.062717][ T9995] RIP: 0033:0x7f0b0e78e967 [ 197.062727][ T9995] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 [ 197.062739][ T9995] RSP: 002b:00007f0b0f6b3038 EFLAGS: 00000246 [ 197.062748][ T9995] RAX: 000000000000002c RBX: 00007f0b0e9b5fa0 RCX: 00007f0b0e78e969 [ 197.062755][ T9995] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 197.062761][ T9995] RBP: 00007f0b0f6b3090 R08: 0000200000000000 R09: 0000000000000010 [ 197.062768][ T9995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 197.062775][ T9995] R13: 0000000000000000 R14: 00007f0b0e9b5fa0 R15: 00007ffd3fe1a648 [ 197.062789][ T9995] [ 197.156550][ T5937] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 197.163114][ T5937] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 197.170417][ T5937] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 197.178957][ T5937] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 197.182961][ T5937] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 197.213875][T10007] lo speed is unknown, defaulting to 1000 [ 197.216515][T10007] lo speed is unknown, defaulting to 1000 [ 197.294407][T10007] chnl_net:caif_netlink_parms(): no params data found [ 197.371869][T10007] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.374171][T10007] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.378393][T10007] bridge_slave_0: entered allmulticast mode [ 197.381065][T10007] bridge_slave_0: entered promiscuous mode [ 197.384269][T10007] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.387811][T10007] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.390135][T10007] bridge_slave_1: entered allmulticast mode [ 197.392813][T10007] bridge_slave_1: entered promiscuous mode [ 197.426843][T10007] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.431527][T10007] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.468301][T10007] team0: Port device team_slave_0 added [ 197.472766][T10007] team0: Port device team_slave_1 added [ 197.526740][T10007] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 197.529521][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.541348][T10007] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 197.545620][T10007] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 197.547778][T10007] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 197.559319][T10007] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 197.610297][T10007] hsr_slave_0: entered promiscuous mode [ 197.612690][T10007] hsr_slave_1: entered promiscuous mode [ 197.614733][T10007] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 197.618132][T10007] Cannot create hsr debugfs directory [ 198.054392][T10033] trusted_key: encrypted_key: insufficient parameters specified [ 198.106262][ T1185] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.180571][ T1185] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.230036][T10043] FAULT_INJECTION: forcing a failure. [ 198.230036][T10043] name failslab, interval 1, probability 0, space 0, times 0 [ 198.234126][T10043] CPU: 0 UID: 0 PID: 10043 Comm: syz.3.1303 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 198.234142][T10043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.234150][T10043] Call Trace: [ 198.234154][T10043] [ 198.234159][T10043] dump_stack_lvl+0x16c/0x1f0 [ 198.234178][T10043] should_fail_ex+0x512/0x640 [ 198.234197][T10043] should_failslab+0xc2/0x120 [ 198.234213][T10043] __kmalloc_cache_noprof+0x6a/0x3e0 [ 198.234224][T10043] ? do_raw_spin_lock+0x12c/0x2b0 [ 198.234241][T10043] ? find_held_lock+0x2b/0x80 [ 198.234250][T10043] ? async_schedule_node_domain+0x54/0x120 [ 198.234265][T10043] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 198.234280][T10043] async_schedule_node_domain+0x54/0x120 [ 198.234294][T10043] dev_cache_fw_image+0x38e/0x490 [ 198.234309][T10043] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 198.234325][T10043] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 198.234340][T10043] dpm_for_each_dev+0x5d/0xb0 [ 198.234353][T10043] fw_pm_notify+0x81/0x150 [ 198.234366][T10043] notifier_call_chain+0xbc/0x410 [ 198.234378][T10043] ? __pfx_fw_pm_notify+0x10/0x10 [ 198.234393][T10043] blocking_notifier_call_chain_robust+0xc8/0x160 [ 198.234408][T10043] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 198.234428][T10043] pm_notifier_call_chain_robust+0x27/0x60 [ 198.234445][T10043] snapshot_open+0x189/0x2b0 [ 198.234457][T10043] ? __pfx_snapshot_open+0x10/0x10 [ 198.234471][T10043] misc_open+0x35d/0x420 [ 198.234486][T10043] ? __pfx_misc_open+0x10/0x10 [ 198.234499][T10043] chrdev_open+0x231/0x6a0 [ 198.234514][T10043] ? __pfx_chrdev_open+0x10/0x10 [ 198.234529][T10043] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 198.234545][T10043] do_dentry_open+0x741/0x1c10 [ 198.234558][T10043] ? __pfx_chrdev_open+0x10/0x10 [ 198.234579][T10043] vfs_open+0x82/0x3f0 [ 198.234598][T10043] path_openat+0x1de4/0x2cb0 [ 198.234617][T10043] ? __pfx_path_openat+0x10/0x10 [ 198.234631][T10043] ? __lock_acquire+0xb8a/0x1c90 [ 198.234647][T10043] do_filp_open+0x20b/0x470 [ 198.234661][T10043] ? __pfx_do_filp_open+0x10/0x10 [ 198.234685][T10043] ? alloc_fd+0x471/0x7d0 [ 198.234703][T10043] do_sys_openat2+0x11b/0x1d0 [ 198.234719][T10043] ? __pfx_do_sys_openat2+0x10/0x10 [ 198.234737][T10043] ? __fget_files+0x20e/0x3c0 [ 198.234753][T10043] __x64_sys_openat+0x174/0x210 [ 198.234770][T10043] ? __pfx___x64_sys_openat+0x10/0x10 [ 198.234786][T10043] ? ksys_write+0x1ac/0x250 [ 198.234803][T10043] do_syscall_64+0xcd/0x4c0 [ 198.234819][T10043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.234831][T10043] RIP: 0033:0x7f026618e969 [ 198.234841][T10043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.234852][T10043] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 198.234875][T10043] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 198.234883][T10043] RDX: 0000000000007600 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 198.234890][T10043] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 198.234896][T10043] R10: 000000000000feff R11: 0000000000000246 R12: 0000000000000001 [ 198.234903][T10043] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 198.234918][T10043] [ 198.342322][T10049] __nla_validate_parse: 11 callbacks suppressed [ 198.342332][T10049] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1305'. [ 198.345258][T10043] [ 198.348030][T10043] ============================================ [ 198.350441][T10043] WARNING: possible recursive locking detected [ 198.352350][T10043] 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 Not tainted [ 198.355386][T10043] -------------------------------------------- SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 198.357564][T10043] syz.3.1303/10043 is trying to acquire lock: [ 198.359399][T10043] ffffffff8f511b68 (fw_lock){+.+.}-{4:4}, at: assign_fw+0x4e/0x640 [ 198.362081][T10043] [ 198.362081][T10043] but task is already holding lock: [ 198.364301][T10043] ffffffff8f511b68 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 198.366788][T10043] [ 198.366788][T10043] other info that might help us debug this: [ 198.369197][T10043] Possible unsafe locking scenario: [ 198.369197][T10043] [ 198.371497][T10043] CPU0 [ 198.372538][T10043] ---- [ 198.373571][T10043] lock(fw_lock); [ 198.374741][T10043] lock(fw_lock); [ 198.375900][T10043] [ 198.375900][T10043] *** DEADLOCK *** [ 198.375900][T10043] [ 198.378488][T10043] May be due to missing lock nesting notation [ 198.378488][T10043] [ 198.381631][T10043] 5 locks held by syz.3.1303/10043: [ 198.383230][T10043] #0: ffffffff8f2ffbc8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 198.385799][T10043] #1: ffffffff8e4881a8 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 198.388919][T10043] #2: ffffffff8e4c8890 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 198.392532][T10043] #3: ffffffff8f511b68 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 198.395149][T10043] #4: ffffffff8f50c568 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 198.397988][T10043] [ 198.397988][T10043] stack backtrace: [ 198.399777][T10043] CPU: 0 UID: 0 PID: 10043 Comm: syz.3.1303 Not tainted 6.15.0-syzkaller-10769-g7d4e49a77d99 #0 PREEMPT(full) [ 198.399792][T10043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 198.399799][T10043] Call Trace: [ 198.399804][T10043] [ 198.399810][T10043] dump_stack_lvl+0x116/0x1f0 [ 198.399834][T10043] print_deadlock_bug+0x1e9/0x240 [ 198.399857][T10043] __lock_acquire+0x1106/0x1c90 [ 198.399881][T10043] ? __kasan_slab_free+0x51/0x70 [ 198.399898][T10043] lock_acquire+0x179/0x350 [ 198.399913][T10043] ? assign_fw+0x4e/0x640 [ 198.399926][T10043] ? __pfx___might_resched+0x10/0x10 [ 198.399937][T10043] ? do_sys_openat2+0x11b/0x1d0 [ 198.399953][T10043] ? __x64_sys_openat+0x174/0x210 [ 198.399968][T10043] ? do_syscall_64+0xcd/0x4c0 [ 198.399982][T10043] __mutex_lock+0x199/0xb90 [ 198.399997][T10043] ? assign_fw+0x4e/0x640 [ 198.400009][T10043] ? assign_fw+0x4e/0x640 [ 198.400022][T10043] ? __pfx___mutex_lock+0x10/0x10 [ 198.400038][T10043] ? kasan_quarantine_put+0x10a/0x240 [ 198.400050][T10043] ? lockdep_hardirqs_on+0x7c/0x110 [ 198.400064][T10043] ? assign_fw+0x4e/0x640 [ 198.400076][T10043] assign_fw+0x4e/0x640 [ 198.400088][T10043] ? _request_firmware+0x957/0x1470 [ 198.400103][T10043] _request_firmware+0x988/0x1470 [ 198.400118][T10043] ? __pfx__request_firmware+0x10/0x10 [ 198.400132][T10043] ? dump_stack_lvl+0x197/0x1f0 [ 198.400145][T10043] ? dump_stack_lvl+0x1a3/0x1f0 [ 198.400159][T10043] __async_dev_cache_fw_image+0xb1/0x340 [ 198.400174][T10043] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 198.400189][T10043] ? mark_held_locks+0x49/0x80 [ 198.400202][T10043] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 198.400215][T10043] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 198.400230][T10043] async_schedule_node_domain+0xd4/0x120 [ 198.400243][T10043] dev_cache_fw_image+0x38e/0x490 [ 198.400256][T10043] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 198.400270][T10043] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 198.400283][T10043] dpm_for_each_dev+0x5d/0xb0 [ 198.400295][T10043] fw_pm_notify+0x81/0x150 [ 198.400307][T10043] notifier_call_chain+0xbc/0x410 [ 198.400319][T10043] ? __pfx_fw_pm_notify+0x10/0x10 [ 198.400349][T10043] blocking_notifier_call_chain_robust+0xc8/0x160 [ 198.400364][T10043] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 198.400380][T10043] pm_notifier_call_chain_robust+0x27/0x60 [ 198.400395][T10043] snapshot_open+0x189/0x2b0 [ 198.400409][T10043] ? __pfx_snapshot_open+0x10/0x10 [ 198.400422][T10043] misc_open+0x35d/0x420 [ 198.400435][T10043] ? __pfx_misc_open+0x10/0x10 [ 198.400448][T10043] chrdev_open+0x231/0x6a0 [ 198.400462][T10043] ? __pfx_chrdev_open+0x10/0x10 [ 198.400476][T10043] ? file_set_fsnotify_mode_from_watchers+0x163/0x640 [ 198.400490][T10043] do_dentry_open+0x741/0x1c10 [ 198.400502][T10043] ? __pfx_chrdev_open+0x10/0x10 [ 198.400517][T10043] vfs_open+0x82/0x3f0 [ 198.400533][T10043] path_openat+0x1de4/0x2cb0 [ 198.400547][T10043] ? __pfx_path_openat+0x10/0x10 [ 198.400564][T10043] ? __lock_acquire+0xb8a/0x1c90 [ 198.400578][T10043] do_filp_open+0x20b/0x470 [ 198.400590][T10043] ? __pfx_do_filp_open+0x10/0x10 [ 198.400607][T10043] ? alloc_fd+0x471/0x7d0 [ 198.400621][T10043] do_sys_openat2+0x11b/0x1d0 [ 198.400636][T10043] ? __pfx_do_sys_openat2+0x10/0x10 [ 198.400652][T10043] ? __fget_files+0x20e/0x3c0 [ 198.400666][T10043] __x64_sys_openat+0x174/0x210 [ 198.400682][T10043] ? __pfx___x64_sys_openat+0x10/0x10 [ 198.400697][T10043] ? ksys_write+0x1ac/0x250 [ 198.400710][T10043] do_syscall_64+0xcd/0x4c0 [ 198.400725][T10043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.400737][T10043] RIP: 0033:0x7f026618e969 [ 198.400746][T10043] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.400757][T10043] RSP: 002b:00007f0263ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 198.400767][T10043] RAX: ffffffffffffffda RBX: 00007f02663b5fa0 RCX: 00007f026618e969 [ 198.400775][T10043] RDX: 0000000000007600 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 198.400781][T10043] RBP: 00007f0263ff6090 R08: 0000000000000000 R09: 0000000000000000 [ 198.400788][T10043] R10: 000000000000feff R11: 0000000000000246 R12: 0000000000000001 [ 198.400794][T10043] R13: 0000000000000000 R14: 00007f02663b5fa0 R15: 00007ffcf840c928 [ 198.400804][T10043] [ 198.553697][ T1185] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 199.255180][ T5293] Bluetooth: hci2: command tx timeout [ 201.335088][ T5293] Bluetooth: hci2: command tx timeout [ 203.424969][ T5293] Bluetooth: hci2: command tx timeout [ 205.495151][ T5293] Bluetooth: hci2: command tx timeout VM DIAGNOSIS: 15:33:17 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000034 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8559a465 RDI=ffffffff9b0772e0 RBP=ffffffff9b0772a0 RSP=ffffc900035a6d20 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e35312e36 R12=0000000000000000 R13=0000000000000034 R14=ffffffff9b0772a0 R15=ffffffff8559a400 RIP=ffffffff8559a48f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0263ff66c0 ffffffff 00c00000 GS =0000 ffff8880d6765000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f0b0f691f98 CR3=0000000055a9f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000f0400000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000561b412c9600 0000561b412c9600 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb77023f0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 74746120676e6973 7261702072657466 61207265766f7466 656c207365747962 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3834203130203938 2034362038642037 6620666620666620 6666203861203163 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2037632038342033 6320313020333720 6666206666203066 203130206433203e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38343c2035302066 3020383020343220 6334206238206334 2038632039382064 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3420326320393820 6434206163203938 2038342036642039 3820383420376620 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88806a443a00 RCX=ffffffff81afe5ad RDX=ffff888024b70000 RSI=ffffffff81afe589 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900040f7518 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000007c6a R12=dffffc0000000000 R13=0000000000000003 R14=ffffed100d488741 R15=ffff88806a53cf00 RIP=ffffffff81afe58f RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880d6865000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fc507ce7d60 CR3=000000002e9d0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000002020004 Opmask01=0000000000000054 Opmask02=00000000000000ff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc5071836a3 00007fc5071836a3 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff1a266a40 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556c5b144e 000055556c5b08e0 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556c59d4c4 000055556c59d4c0 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055556c5b3428 000055556c5b2af0 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000001df8a ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 474553474953006c 616e676973206e77 6f6e6b6e75000a29 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5355424749530056 4745534749530049 444b424c56054b52 4a4b4e4b50000a0c ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 1be0030010001bd0 030010001bc00302 10001bb00301a010 001a900303000800 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 010010001b800401 000002080606015c 9e20a48a08001be0 030010001bd00300 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 10001bc003021000 1bb00301a010001a 9003030008000000 0000020005000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 f47124166ff1ee4e 0839e3be4a000100 1180500028460801 b803010000040806 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 01b0030003000800 00000b0000000000 70bd2c0801240801 8c03010000000406 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=00007fc05678d000 RCX=ffffffff812c64e8 RDX=ffff88802543a440 RSI=ffffffff812c64f8 RDI=0000000000000007 RBP=0000000000000001 RSP=ffffc900006489c0 R8 =0000000000000007 R9 =ffffffffff600000 R10=00007fc05678d000 R11=0000000000000001 R12=0000000000000000 R13=ffffc90000648ae8 R14=0000000000000000 R15=ffff88802543a440 RIP=ffffffff81bc0148 RFL=00000207 [-----PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555b969500 ffffffff 00c00000 GS =0000 ffff8880d6965000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055555b9845c8 CR3=000000004e117000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080410001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8afef070 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 253d746e61772064 7a253d6461657200 7269646b6d206f74 2064656c69616600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0018514b44520541 5f00184144405700 574c414e48054a51 054140494c444300 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffffffff914c5814 RBX=ffffffff90c35eb4 RCX=dffffc0000000000 RDX=ffffffff8234f941 RSI=0000000000000000 RDI=ffffffff90c35ea4 RBP=ffffffff90c35ea4 RSP=ffffc900049674e8 R8 =ffffffff914c584a R9 =0000000000000000 R10=ffffc90004967598 R11=00000000000134f9 R12=ffffffff90c35ec4 R13=ffffffff8234f99e R14=ffffffff90c35ea4 R15=ffffffff90c35ea4 RIP=ffffffff816aae2d RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 000055555b969500 ffffffff 00c00000 GS =0000 ffff8880d6a65000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000110c39e117 CR3=000000004e117000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000080040001 Opmask01=0000000001000001 Opmask02=00000000ffffffef Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff8afef070 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000001a0000000d0 00000000ffffffff ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a8a ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a97 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811a91 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811aa5 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811b2b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fc056811c09 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0063696e61703d73 726f727265006f72 2d746e756f6d6572 3d73726f72726500 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00464c4b44551856 574a575740004a57 08514b504a484057 1856574a57574000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 0000000000000000 0000000000000000 00000000000000c4 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000524f525245 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00524f5252450040 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00e800a800000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000