last executing test programs: 5.063842002s ago: executing program 2 (id=243): fsopen(0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000740)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x48) read$FUSE(0xffffffffffffffff, 0x0, 0x0) mkdir(&(0x7f0000000400)='./file0\x00', 0x103) shmctl$IPC_STAT(0x0, 0x2, &(0x7f0000000300)=""/108) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) landlock_create_ruleset(&(0x7f00000000c0)={0x4302}, 0x18, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) fsmount(0xffffffffffffffff, 0x1, 0x3) fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0) 4.196589803s ago: executing program 2 (id=252): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r2, 0x4048aec9, &(0x7f0000000080)={0x1, 0x0, @pic={0x1, 0xff, 0x8, 0x7f, 0xf, 0x4, 0x6, 0x6, 0x7b, 0x1, 0x2, 0x0, 0x0, 0x9, 0xc3, 0x3}}) ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x6) sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x840) ioctl$sock_SIOCBRDELBR(r0, 0x89a2, &(0x7f0000000000)='bridge0\x00') syz_emit_ethernet(0x2e, &(0x7f0000000200)={@link_local, @dev, @val={@void, {0x8100, 0x7, 0x0, 0x4}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x4, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1}, @address_request={0x11, 0x0, 0x0, 0x1}}}}}, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r4 = openat$vimc2(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$VIDIOC_G_SELECTION(r4, 0xc040565e, &(0x7f0000000380)={0x1, 0x100, 0x4, {0x4, 0x7, 0x780000, 0xfcad}}) r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r6, 0x0) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/\x00et/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44\x8cm\xa0\x8dN\xd4\xa2\x88\x00\xd1l,'}, 0x30) ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x9, 0x7, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6, 0x1, 0x5], 0x8000000, 0x8340}) ioctl$KVM_RUN(r6, 0xae80, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MASTER={0x8}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0) 3.990257922s ago: executing program 2 (id=253): r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f024}) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94) openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x0, 0x43) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c643c, &(0x7f0000000300)={0x0, 0x3000000}) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) 3.146700418s ago: executing program 3 (id=258): connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x10c4, 0x0, 0x0, 0x180000}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00') pipe(&(0x7f0000000480)) socket$netlink(0x10, 0x3, 0x0) syz_io_uring_submit(r0, r1, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}}) r2 = socket$phonet_pipe(0x23, 0x5, 0x2) setsockopt$PNPIPE_HANDLE(r2, 0x113, 0x3, 0x0, 0xffffffffffffff85) socket$packet(0x11, 0x2, 0x300) symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00') sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000140)=0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r5, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r5, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10) sendmmsg$inet(r5, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee3c0cb001829a8681ed391da1a71d8d", 0x63}], 0x1}}], 0x1, 0x20008000) 3.106121153s ago: executing program 1 (id=259): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYBLOB='\x00'/19, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10) sched_setscheduler(0x0, 0x2, 0x0) r4 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0) ioctl$FIONREAD(r4, 0x7041, 0x0) ptrace$ARCH_SHSTK_ENABLE(0x1e, 0x0, 0x0, 0x5001) socket$can_bcm(0x1d, 0x2, 0x2) r5 = socket(0x10, 0x803, 0x0) sendmsg$SMC_PNETID_GET(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0) getsockname$packet(r5, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14) sendmsg$nl_route(r5, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r6, 0x40c89}}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000) sched_setscheduler(0x0, 0x2, 0x0) setpgid(0x0, 0x0) getrusage(0x0, 0x0) keyctl$session_to_parent(0x12) mknod$loop(0x0, 0xfff, 0x0) 2.81047636s ago: executing program 2 (id=260): r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000240)={0x0, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = socket$inet_icmp(0x2, 0x2, 0x1) connect$inet(r1, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000bc0)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="1e09cb"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.456725675s ago: executing program 0 (id=263): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) 2.28623433s ago: executing program 0 (id=264): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)={0x30, r1, 0x101, 0x70bd2a, 0x80000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_SSID={0x5, 0x34, @random='v'}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x4804) 2.285963828s ago: executing program 0 (id=265): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r1 = socket(0x400000000010, 0x3, 0x0) r2 = socket(0x400000000010, 0x3, 0x0) r3 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x480, 0x2c, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {0xc, 0x2}, {}, {0x7}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x448, 0x2, [@TCA_CGROUP_POLICE={0x444, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0x6, 0xffffffffffffffff, 0xc, 0x3, 0x80000, {0x6, 0x1, 0x2, 0x0, 0x5, 0x5f}, {0x7, 0x1, 0x33db, 0x8, 0x7fff}, 0x3, 0x3da, 0x6}}, @TCA_POLICE_RATE={0x404, 0x2, [0x9, 0xfffffff8, 0x0, 0x0, 0x3, 0x9, 0x8, 0x9, 0x401, 0x7, 0x1, 0x2, 0x7, 0x7fffffff, 0x4000, 0x4, 0xfffff801, 0x7, 0x80000000, 0x8000, 0x80000001, 0x5, 0x2, 0xe2b9, 0x2, 0x11d, 0x10001, 0x0, 0x9, 0x9, 0x2, 0x5, 0x1, 0x6b, 0x4, 0x9, 0x1, 0x2, 0x3, 0x9, 0xa6, 0x8, 0x625, 0x5f00, 0x3, 0x7, 0x2310, 0x80000000, 0x1, 0x1, 0x1ff, 0xc, 0x0, 0xffffff98, 0x2122c0, 0x3, 0x7fffffff, 0x6, 0x8, 0x2, 0x3e946db0, 0x8001, 0x7ff, 0x4, 0x4982d9f5, 0xc27, 0x8a, 0x9, 0x5, 0x5, 0xff, 0xe365, 0x4, 0xf104, 0x4cd, 0xff, 0x3, 0x5, 0x9, 0x7, 0xfd, 0x401, 0x6, 0x7fff, 0x1, 0x1, 0xfffffffc, 0x9, 0x7ff, 0x27c, 0xed5c, 0xffffffff, 0x4, 0x1000, 0x1, 0x52d, 0x7, 0x7, 0x0, 0x4, 0x1, 0xffff0001, 0x800, 0x7, 0x3, 0x6, 0x1, 0x7, 0x4, 0x4, 0xffffffff, 0x207, 0xe, 0x9, 0x2, 0x3, 0x40, 0x1000, 0xc3, 0x2, 0x8, 0x9, 0x7, 0x8, 0x2, 0x7, 0x3, 0x7fffffff, 0xae, 0x7, 0x9, 0x8, 0x401, 0x2, 0x40, 0x0, 0xfff, 0x3, 0xb, 0x2, 0x9, 0xf8000000, 0xc, 0x1, 0x7, 0x0, 0x8, 0x6, 0xc, 0x1, 0x0, 0x5, 0x2, 0x0, 0x19, 0x7, 0x80000000, 0x9, 0x6, 0x5, 0x3, 0xfffffff7, 0x5, 0x3000000, 0x9e3a, 0x401, 0x0, 0x2, 0x0, 0x7, 0x1fc2, 0xe, 0x0, 0xdf, 0xffffffff, 0x1ff, 0x6ba7b42c, 0x4, 0x0, 0x57fb3de3, 0x6e88, 0xfffffe00, 0x8, 0x1ff, 0x0, 0x30001, 0x7, 0x100, 0x0, 0x9, 0x9, 0xb, 0x1, 0x4, 0x1c0, 0x7, 0x1, 0x1000, 0xea7, 0x5, 0xe7c, 0x6, 0x2000, 0x1000, 0x6, 0x3, 0x10000, 0x2, 0x81, 0x2, 0x1, 0x8, 0x101, 0x6, 0x3c83, 0xa2c, 0x9, 0x49f, 0x200, 0x56, 0x7f, 0x200, 0x9736, 0x401, 0x62, 0xb, 0x7fff, 0x6, 0x3, 0x100, 0xffffff48, 0x1, 0x4, 0x0, 0x7, 0xa, 0x0, 0x8, 0x65b6ceae, 0xfffffffa, 0x6, 0x1, 0x2, 0x583, 0x7, 0x400, 0x80000001, 0x49c, 0x10000, 0x3, 0x8, 0xfffffff3, 0x8, 0x400, 0x7, 0x7]}]}]}}, @TCA_RATE={0x6, 0x5, {0x81, 0x6}}]}, 0x480}, 0x1, 0x0, 0x0, 0x4000080}, 0x40) 2.16598928s ago: executing program 0 (id=266): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x5}}}}, @m_ife={0x48, 0x1d, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x2000}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x844}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x1, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil}) r3 = dup(r2) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@arm64={0x7, 0x6, 0x81, '\x00', 0x3c}) ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2.002323107s ago: executing program 3 (id=267): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, 0x0}], 0x1, 0x74, 0x0, 0xfffffcda) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_X86_SETUP_MCE(r5, 0x8140aecc, &(0x7f0000000100)={0x8, 0x3}) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYBLOB="0400000000000000850400000000000005"]) 1.796849701s ago: executing program 1 (id=268): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SPLICE={0x1e, 0x48, 0x0, @fd, 0x3, {}, 0xa6, 0x3}) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0) 1.796511128s ago: executing program 3 (id=269): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, 0x0}, 0x840) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r4, &(0x7f0000000c80)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10) setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f00000000c0)=0x1, 0x4) sendto$inet(r4, 0x0, 0x0, 0x24004813, 0x0, 0x0) r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) openat$vimc1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) pipe2(&(0x7f00000003c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000400d9011c407d798ab9918816c500009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x10) mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='trans=fd,rf', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7, @ANYBLOB="2c63616368653d667363616368652c63616368657461673d14e2c311e2cb86c82d4873c6af6ddc7bde3c511a1315e4f85948a98ae388123b56361ed3cc4c3e5523eb70372d9fb8f341b24358d32f2fdd32382b9d53229b6d19d04b3461e6fbdbf7e44bb5c8945f07e63191e43c40c3372b9cb2e8453d54d5b127c3770c27d497f8bae8a00a8fc4c97fa81d88a317caa5657f596a825ae94ba0545c87758c6f4c077cc8665e0104e48e0ffe16a747d4a1efc5a76b1d45b09d2169995c5e5c5d473f452bcd7df769e2a28d4557abdc8ce959b1c8c49721bcf4efc90376f320b2c5d5f024a04b4435f49ce10dc4a0d127ad43b75a0c5b74d1ad596b90763c69649202169de1726d6b5590993406e5"]) close_range(r5, 0xffffffffffffffff, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, 0x0, 0x0) 1.79638224s ago: executing program 1 (id=270): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004cc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) process_madvise(0xffffffffffffffff, 0x0, 0x59, 0x9, 0x0) 1.756855271s ago: executing program 1 (id=271): r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e21, @local}], 0x10) setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000240)={0x8, 0x8f, 0x206, 0xfffffffd, 0x3, 0xb37, 0xfffffe2f, 0x8}, 0x20) socket(0x10, 0x803, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect) syz_open_dev$video4linux(&(0x7f00000000c0), 0xfc, 0x0) setsockopt$inet_sctp_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000000)={0x209, 0x6, 0x807, 0x2097}, 0x8) sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0) 1.009013372s ago: executing program 2 (id=272): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) syz_emit_vhci(&(0x7f0000001080)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @hci_rp_read_inq_rsp_tx_power={{0x3}, {0x0, 0xf}}}}, 0x8) 846.647667ms ago: executing program 3 (id=273): r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x204, 0x0) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x100000000000000) 845.730454ms ago: executing program 3 (id=274): mkdir(&(0x7f0000000000)='./file0\x00', 0x2) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f00000013c0)={0x50, 0x0, r1, {0x7, 0x2b, 0x1, 0x0, 0xffff, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x40}}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xf, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x7, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x3, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0) lseek(r3, 0x8, 0x3) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x924400, 0x0, 0x0, 0x0, 0x0, 0x0) syz_pidfd_open(r4, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0x20002078) pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) 843.347525ms ago: executing program 2 (id=281): sendmsg$GTP_CMD_ECHOREQ(0xffffffffffffffff, 0x0, 0x8004) setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0) r0 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r1 = userfaultfd(0x801) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) syz_io_uring_setup(0x50cf, &(0x7f0000000000)={0x0, 0xfffffffc, 0x40000, 0x2, 0x333}, &(0x7f0000000080), &(0x7f0000ff4000)) 839.76674ms ago: executing program 1 (id=275): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007000000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='syzkaller\x00', 0x7}, 0x94) 785.812227ms ago: executing program 1 (id=276): socket$rds(0x15, 0x5, 0x0) r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x100) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000080)={0x3, 0x0, 0x1, 0x1, 0x10800f61}) 782.149015ms ago: executing program 0 (id=277): bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x18, 0xd, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]}) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0) ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x8031, 0xffffffffffffffff, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 593.576872ms ago: executing program 0 (id=278): mkdirat(0xffffffffffffff9c, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000580)=0xe) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f0000000080)=0x7f) ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f00000000c0)=0x6) getsockname$l2tp6(0xffffffffffffffff, 0x0, &(0x7f00000001c0)) read$dsp(r1, &(0x7f00000011c0)=""/4117, 0x200021d5) 0s ago: executing program 3 (id=279): r0 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$user(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000540)="0706675823b8a37f19b37e0f9f120663b78a6a322f28cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afda3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758992b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2e11cc22555da4ef9035cbfe8dc1e", 0xc0, r0) keyctl$dh_compute(0x17, &(0x7f00000001c0)={0x0, r1}, &(0x7f0000000700)=""/259, 0x103, &(0x7f0000000400)={&(0x7f0000000100)={'streebog256-generic\x00'}}) 0s ago: executing program 2 (id=282): r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0) ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000005c0)={'pcl726\x00', [0x4f27, 0xfffffffc, 0x4, 0x4, 0x3, 0x5, 0x4, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x2, 0x7f, 0x3, 0x40000005, 0x8d, 0xcaa3, 0x0, 0x20001e5b, 0x3, 0xe66, 0x1000003, 0x100008, 0x4086, 0x0, 0xfffffff8]}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:33699' (ED25519) to the list of known hosts. [ 40.834016][ T5959] cgroup: Unknown subsys name 'net' [ 40.957803][ T5959] cgroup: Unknown subsys name 'cpuset' [ 40.962705][ T5959] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.656747][ T5959] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.214664][ T63] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.217321][ T63] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.219470][ T63] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.221703][ T63] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.223940][ T63] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.230230][ T5982] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.230957][ T5984] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.232664][ T5982] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.234753][ T5989] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.235839][ T5985] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.236129][ T5985] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.236296][ T5985] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.237513][ T5982] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 44.239212][ T5989] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.244861][ T5987] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.251272][ T5989] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.256173][ T5987] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.260801][ T5977] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.263995][ T5977] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.267398][ T5977] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.318529][ T5972] chnl_net:caif_netlink_parms(): no params data found [ 44.393096][ T5972] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.395761][ T5972] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.397939][ T5972] bridge_slave_0: entered allmulticast mode [ 44.400226][ T5972] bridge_slave_0: entered promiscuous mode [ 44.411087][ T5972] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.413329][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.416140][ T5972] bridge_slave_1: entered allmulticast mode [ 44.418378][ T5972] bridge_slave_1: entered promiscuous mode [ 44.426763][ T5981] chnl_net:caif_netlink_parms(): no params data found [ 44.461607][ T5972] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.467317][ T5972] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.505042][ T5986] chnl_net:caif_netlink_parms(): no params data found [ 44.512629][ T5972] team0: Port device team_slave_0 added [ 44.516723][ T5972] team0: Port device team_slave_1 added [ 44.530499][ T5973] chnl_net:caif_netlink_parms(): no params data found [ 44.560601][ T5981] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.562932][ T5981] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.565205][ T5981] bridge_slave_0: entered allmulticast mode [ 44.567464][ T5981] bridge_slave_0: entered promiscuous mode [ 44.574250][ T5981] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.577199][ T5981] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.579426][ T5981] bridge_slave_1: entered allmulticast mode [ 44.581636][ T5981] bridge_slave_1: entered promiscuous mode [ 44.624704][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.627653][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.637017][ T5972] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.674829][ T5972] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.677079][ T5972] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.685086][ T5972] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.693042][ T5981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.696211][ T5986] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.698634][ T5986] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.701071][ T5986] bridge_slave_0: entered allmulticast mode [ 44.703404][ T5986] bridge_slave_0: entered promiscuous mode [ 44.707834][ T5986] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.710143][ T5986] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.712406][ T5986] bridge_slave_1: entered allmulticast mode [ 44.714652][ T5986] bridge_slave_1: entered promiscuous mode [ 44.728545][ T5981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.763023][ T5973] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.765382][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.767700][ T5973] bridge_slave_0: entered allmulticast mode [ 44.770150][ T5973] bridge_slave_0: entered promiscuous mode [ 44.790276][ T5986] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.800394][ T5973] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.802656][ T5973] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.804910][ T5973] bridge_slave_1: entered allmulticast mode [ 44.807685][ T5973] bridge_slave_1: entered promiscuous mode [ 44.811180][ T5981] team0: Port device team_slave_0 added [ 44.814536][ T5986] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.819862][ T5972] hsr_slave_0: entered promiscuous mode [ 44.821982][ T5972] hsr_slave_1: entered promiscuous mode [ 44.839725][ T5981] team0: Port device team_slave_1 added [ 44.868727][ T5973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.891197][ T5986] team0: Port device team_slave_0 added [ 44.894052][ T5973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.911443][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.913736][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.923026][ T5981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.927201][ T5986] team0: Port device team_slave_1 added [ 44.937589][ T5973] team0: Port device team_slave_0 added [ 44.939779][ T5981] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.942002][ T5981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.951440][ T5981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.970211][ T5973] team0: Port device team_slave_1 added [ 44.981745][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.983953][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 44.992000][ T5986] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 44.997650][ T5986] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 44.999865][ T5986] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.007844][ T5986] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.026005][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.028239][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.036444][ T5973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.041815][ T5973] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.044101][ T5973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.052446][ T5973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.091611][ T5981] hsr_slave_0: entered promiscuous mode [ 45.094102][ T5981] hsr_slave_1: entered promiscuous mode [ 45.096657][ T5981] debugfs: 'hsr0' already exists in 'hsr' [ 45.098875][ T5981] Cannot create hsr debugfs directory [ 45.145941][ T5986] hsr_slave_0: entered promiscuous mode [ 45.148257][ T5986] hsr_slave_1: entered promiscuous mode [ 45.150274][ T5986] debugfs: 'hsr0' already exists in 'hsr' [ 45.152090][ T5986] Cannot create hsr debugfs directory [ 45.180868][ T5973] hsr_slave_0: entered promiscuous mode [ 45.183364][ T5973] hsr_slave_1: entered promiscuous mode [ 45.186032][ T5973] debugfs: 'hsr0' already exists in 'hsr' [ 45.188419][ T5973] Cannot create hsr debugfs directory [ 45.303932][ T5972] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 45.310238][ T5972] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 45.323785][ T5972] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 45.330343][ T5972] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 45.345074][ T5981] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.348797][ T5981] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.356218][ T5981] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.359426][ T5981] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.376370][ T5973] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.379955][ T5973] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.384006][ T5973] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.388796][ T5973] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.413829][ T5986] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 45.425355][ T5986] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 45.428961][ T5986] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 45.432427][ T5986] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 45.447321][ T5972] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.458330][ T5972] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.465687][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.467967][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.478147][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.480506][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.498233][ T5981] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.513430][ T5973] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.516944][ T5981] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.526676][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.528917][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.534677][ T5986] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.541560][ T5986] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.547226][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.549492][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.552473][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.554672][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.558717][ T5973] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.564521][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.566793][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.576300][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.578581][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.586995][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.589863][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.598930][ T5981] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 45.602262][ T5981] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.622474][ T5986] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 45.626334][ T5986] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.637736][ T5972] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.663268][ T5972] veth0_vlan: entered promiscuous mode [ 45.668168][ T5972] veth1_vlan: entered promiscuous mode [ 45.681209][ T5972] veth0_macvtap: entered promiscuous mode [ 45.684131][ T5981] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.688788][ T5972] veth1_macvtap: entered promiscuous mode [ 45.698507][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.704115][ T5972] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.711242][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.716062][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.719563][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.728371][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.732183][ T5981] veth0_vlan: entered promiscuous mode [ 45.740060][ T5981] veth1_vlan: entered promiscuous mode [ 45.743925][ T5973] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.747902][ T5986] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.771039][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.773527][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.785769][ T5973] veth0_vlan: entered promiscuous mode [ 45.791160][ T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.791454][ T5981] veth0_macvtap: entered promiscuous mode [ 45.793644][ T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.801498][ T5981] veth1_macvtap: entered promiscuous mode [ 45.805368][ T5986] veth0_vlan: entered promiscuous mode [ 45.809336][ T5973] veth1_vlan: entered promiscuous mode [ 45.817961][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.818150][ T5972] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 45.821979][ T5986] veth1_vlan: entered promiscuous mode [ 45.832110][ T5981] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.839595][ T60] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.842564][ T60] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.851007][ T60] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.853388][ T6061] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 45.854470][ T60] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.874257][ T5973] veth0_macvtap: entered promiscuous mode [ 45.882185][ T5986] veth0_macvtap: entered promiscuous mode [ 45.886826][ T1158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.887150][ T5973] veth1_macvtap: entered promiscuous mode [ 45.889382][ T1158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.896974][ T5986] veth1_macvtap: entered promiscuous mode [ 45.906658][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.909158][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.909281][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.922048][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.926732][ T5973] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.931426][ T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.936262][ T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.941372][ T1158] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.944761][ T5986] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.948821][ T1158] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.949043][ T6067] program syz.3.5 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 45.957493][ T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.960613][ T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.965382][ T13] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.968491][ T13] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.988689][ T1151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.991438][ T1151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.996440][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.998833][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.016565][ T1151] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.017192][ T1158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.019311][ T1151] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.022399][ T1158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.186052][ T34] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 46.208689][ T6077] binder: BINDER_SET_CONTEXT_MGR already set [ 46.211382][ T6077] binder: 6076:6077 ioctl 4018620d 800002c0 returned -16 [ 46.216194][ T6077] binder: 6076:6077 ioctl 80489439 80000100 returned -22 [ 46.221941][ T6077] binder: 6076:6077 ioctl c0306201 80000240 returned -11 [ 46.265388][ T5977] Bluetooth: hci2: command tx timeout [ 46.267181][ T5977] Bluetooth: hci0: command tx timeout [ 46.269168][ T5977] Bluetooth: hci1: command tx timeout [ 46.271610][ T6082] usb usb8: usbfs: process 6082 (syz.1.2) did not claim interface 0 before use [ 46.291072][ T40] audit: type=1326 audit(1755567001.417:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.298167][ T40] audit: type=1326 audit(1755567001.417:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.345144][ T34] usb 5-1: Using ep0 maxpacket: 8 [ 46.349552][ T34] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 46.354302][ T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 46.359518][ T34] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 46.365037][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 46.367399][ T34] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 46.369151][ T63] Bluetooth: hci3: command tx timeout [ 46.374720][ T34] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 46.387030][ T34] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 46.418449][ T40] audit: type=1326 audit(1755567001.547:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.424917][ T40] audit: type=1326 audit(1755567001.547:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.442254][ T40] audit: type=1326 audit(1755567001.547:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.451731][ T40] audit: type=1326 audit(1755567001.557:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.463817][ T40] audit: type=1326 audit(1755567001.557:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.475710][ T40] audit: type=1326 audit(1755567001.557:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.520017][ T40] audit: type=1326 audit(1755567001.567:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.526948][ T40] audit: type=1326 audit(1755567001.567:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6071 comm="syz.1.2" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 46.659208][ T34] usb 5-1: GET_CAPABILITIES returned 0 [ 46.661008][ T34] usbtmc 5-1:16.0: can't read capabilities [ 47.160187][ T6094] 9pnet_virtio: no channels available for device syz [ 47.598079][ T6099] usb usb8: usbfs: process 6099 (syz.3.10) did not claim interface 0 before use [ 47.690386][ T6102] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10'. [ 47.706486][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.770557][ T6103] 9pnet_virtio: no channels available for device syz [ 48.310464][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.355092][ T63] Bluetooth: hci1: command tx timeout [ 48.355134][ T5977] Bluetooth: hci0: command tx timeout [ 48.357063][ T63] Bluetooth: hci2: command tx timeout [ 48.425070][ T5987] Bluetooth: hci3: command tx timeout [ 48.537041][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.540447][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.543694][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.547180][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.550733][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.554220][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.558083][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.624597][ T6112] usb usb8: usbfs: process 6112 (syz.3.13) did not claim interface 0 before use [ 48.911442][ T6119] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 49.116325][ T1456] usb 5-1: USB disconnect, device number 2 [ 49.407118][ T6124] binder: BINDER_SET_CONTEXT_MGR already set [ 49.409011][ T6124] binder: 6123:6124 ioctl 4018620d 800002c0 returned -16 [ 49.414998][ T6124] binder: 6123:6124 ioctl 80489439 80000100 returned -22 [ 49.425153][ T6124] binder: 6123:6124 ioctl c0306201 80000240 returned -11 [ 49.443568][ T6126] binder: BINDER_SET_CONTEXT_MGR already set [ 49.445930][ T6126] binder: 6125:6126 ioctl 4018620d 800002c0 returned -16 [ 49.449173][ T6126] binder: 6125:6126 ioctl 80489439 80000100 returned -22 [ 49.476268][ T6126] binder: 6125:6126 ioctl c0306201 80000240 returned -11 [ 49.660969][ T6143] capability: warning: `syz.2.23' uses 32-bit capabilities (legacy support in use) [ 50.139289][ T6158] 9pnet_virtio: no channels available for device syz [ 50.147928][ T6159] usb usb8: usbfs: process 6159 (syz.0.24) did not claim interface 0 before use [ 50.154474][ T6160] 9pnet_virtio: no channels available for device syz [ 50.227222][ T6161] netlink: 40 bytes leftover after parsing attributes in process `syz.0.24'. [ 50.435268][ T5987] Bluetooth: hci2: command tx timeout [ 50.435497][ T63] Bluetooth: hci0: command tx timeout [ 50.437230][ T5977] Bluetooth: hci1: command tx timeout [ 50.505448][ T5977] Bluetooth: hci3: command tx timeout [ 50.987320][ T6165] Cache volume key already in use (9p,syz,) [ 51.602379][ T6179] netlink: 'syz.1.31': attribute type 14 has an invalid length. [ 52.202594][ T6195] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 52.505113][ T5977] Bluetooth: hci2: command tx timeout [ 52.515093][ T5977] Bluetooth: hci1: command tx timeout [ 52.516373][ T5987] Bluetooth: hci0: command tx timeout [ 52.595106][ T5987] Bluetooth: hci3: command tx timeout [ 52.980589][ T6208] usb usb8: usbfs: process 6208 (syz.1.36) did not claim interface 0 before use [ 53.065063][ T40] kauditd_printk_skb: 135 callbacks suppressed [ 53.065076][ T40] audit: type=1326 audit(1755567008.177:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.071584][ T6210] netlink: 40 bytes leftover after parsing attributes in process `syz.1.36'. [ 53.073652][ T40] audit: type=1326 audit(1755567008.177:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.086610][ T40] audit: type=1326 audit(1755567008.187:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.203228][ T40] audit: type=1326 audit(1755567008.187:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.210198][ T40] audit: type=1326 audit(1755567008.187:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.224050][ T40] audit: type=1326 audit(1755567008.187:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.237051][ T40] audit: type=1326 audit(1755567008.187:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.244081][ T40] audit: type=1326 audit(1755567008.187:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.265547][ T40] audit: type=1326 audit(1755567008.187:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.272340][ T40] audit: type=1326 audit(1755567008.187:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6202 comm="syz.1.36" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 53.497411][ T6214] 9pnet_virtio: no channels available for device syz [ 53.907253][ T6219] usb usb8: usbfs: process 6219 (syz.1.39) did not claim interface 0 before use [ 54.262703][ T6225] 9pnet_virtio: no channels available for device syz [ 54.752964][ T6234] netlink: 4 bytes leftover after parsing attributes in process `syz.1.44'. [ 54.762629][ T6234] netlink: 12 bytes leftover after parsing attributes in process `syz.1.44'. [ 55.053391][ T6244] netlink: 'syz.3.45': attribute type 14 has an invalid length. [ 55.476787][ T6247] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 55.705067][ T5976] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 55.835862][ T6258] usb usb8: usbfs: process 6258 (syz.1.48) did not claim interface 0 before use [ 55.865061][ T5976] usb 5-1: Using ep0 maxpacket: 8 [ 55.926377][ T5976] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 55.929579][ T5976] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 55.933692][ T5976] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 55.937157][ T5976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.942037][ T5976] usbtmc 5-1:16.0: bulk endpoints not found [ 56.330987][ T6268] usb usb8: usbfs: process 6268 (syz.3.51) did not claim interface 0 before use [ 56.561703][ T6276] netlink: 12 bytes leftover after parsing attributes in process `syz.1.53'. [ 56.564553][ T6276] netlink: 4 bytes leftover after parsing attributes in process `syz.1.53'. [ 57.088256][ T6282] 9pnet_virtio: no channels available for device syz [ 57.551669][ T6288] 9pnet_virtio: no channels available for device syz [ 58.078940][ T6295] netlink: 20 bytes leftover after parsing attributes in process `syz.3.60'. [ 58.278821][ T6298] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 58.466927][ T6015] usb 5-1: USB disconnect, device number 3 [ 58.946219][ T6309] usb usb8: usbfs: process 6309 (syz.1.63) did not claim interface 0 before use [ 59.012470][ T40] kauditd_printk_skb: 111 callbacks suppressed [ 59.012483][ T40] audit: type=1326 audit(1755567014.137:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.021885][ T40] audit: type=1326 audit(1755567014.137:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.028691][ T40] audit: type=1326 audit(1755567014.137:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.035307][ T40] audit: type=1326 audit(1755567014.137:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.036630][ T6314] netlink: 'syz.3.65': attribute type 1 has an invalid length. [ 59.041979][ T40] audit: type=1326 audit(1755567014.137:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.042002][ T40] audit: type=1326 audit(1755567014.137:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.060306][ T40] audit: type=1326 audit(1755567014.137:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.073090][ T40] audit: type=1326 audit(1755567014.137:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.086357][ T40] audit: type=1326 audit(1755567014.137:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.092781][ T40] audit: type=1326 audit(1755567014.137:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6305 comm="syz.1.63" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 59.608698][ T6333] netlink: 16 bytes leftover after parsing attributes in process `syz.0.72'. [ 59.635081][ T6015] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 59.663400][ T6335] ieee802154 phy0 wpan0: encryption failed: -22 [ 59.673067][ T6335] mmap: syz.1.73 (6335) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 59.785432][ T6015] usb 7-1: Using ep0 maxpacket: 8 [ 59.788601][ T6015] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 59.792587][ T6015] usb 7-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3 [ 59.799260][ T6015] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 59.802378][ T6015] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.807474][ T6015] usbtmc 7-1:16.0: bulk endpoints not found [ 60.387688][ T6346] syz.3.76 uses obsolete (PF_INET,SOCK_PACKET) [ 60.817002][ T6354] netlink: 4 bytes leftover after parsing attributes in process `syz.1.77'. [ 61.249902][ T72] IPVS: starting estimator thread 0... [ 61.253984][ T6361] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 61.336235][ T6362] IPVS: using max 33 ests per chain, 79200 per kthread [ 61.459759][ T6367] usb usb8: usbfs: process 6367 (syz.0.81) did not claim interface 0 before use [ 62.215049][ T6015] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 62.365090][ T6015] usb 8-1: Using ep0 maxpacket: 8 [ 62.368442][ T6015] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 62.372884][ T6015] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 62.376094][ T6015] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 62.380478][ T6015] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 62.386055][ T6015] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 62.391194][ T6015] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 62.405787][ T5976] usb 7-1: USB disconnect, device number 2 [ 62.591676][ T6380] binder: 6379:6380 ioctl 80489439 80000100 returned -22 [ 62.606233][ T6015] usb 8-1: GET_CAPABILITIES returned 0 [ 62.608347][ T6015] usbtmc 8-1:16.0: can't read capabilities [ 62.808392][ T6015] usb 8-1: USB disconnect, device number 2 [ 62.818723][ T6387] binder: 6386:6387 ioctl 80489439 80000100 returned -22 [ 63.155040][ T72] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 63.307642][ T72] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 63.311868][ T72] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 63.315416][ T72] usb 6-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00 [ 63.318953][ T72] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.322273][ T72] usb 6-1: config 0 descriptor?? [ 63.498637][ T6400] usb usb8: usbfs: process 6400 (syz.2.90) did not claim interface 0 before use [ 63.531072][ T72] usb 6-1: string descriptor 0 read error: -71 [ 63.533789][ T72] usb 6-1: USB disconnect, device number 2 [ 63.830274][ T6411] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 63.889336][ T6415] binder: 6414:6415 ioctl 80489439 80000100 returned -22 [ 64.688883][ T6442] FAULT_INJECTION: forcing a failure. [ 64.688883][ T6442] name failslab, interval 1, probability 0, space 0, times 0 [ 64.692969][ T6442] CPU: 2 UID: 0 PID: 6442 Comm: syz.0.105 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 64.692986][ T6442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.692993][ T6442] Call Trace: [ 64.692997][ T6442] [ 64.693001][ T6442] dump_stack_lvl+0x16c/0x1f0 [ 64.693020][ T6442] should_fail_ex+0x512/0x640 [ 64.693037][ T6442] should_failslab+0xc2/0x120 [ 64.693052][ T6442] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 64.693065][ T6442] ? __pfx___might_resched+0x10/0x10 [ 64.693076][ T6442] ? alloc_vmap_area+0xdc8/0x29c0 [ 64.693092][ T6442] alloc_vmap_area+0xdc8/0x29c0 [ 64.693111][ T6442] ? __pfx_alloc_vmap_area+0x10/0x10 [ 64.693127][ T6442] __get_vm_area_node+0x1ca/0x330 [ 64.693145][ T6442] __vmalloc_node_range_noprof+0x271/0x14b0 [ 64.693156][ T6442] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 64.693169][ T6442] ? rcu_is_watching+0x12/0xc0 [ 64.693181][ T6442] ? rcu_is_watching+0x12/0xc0 [ 64.693191][ T6442] ? bpf_ksym_find+0x124/0x1c0 [ 64.693201][ T6442] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 64.693214][ T6442] ? __kernel_text_address+0xd/0x40 [ 64.693224][ T6442] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 64.693237][ T6442] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 64.693249][ T6442] __vmalloc_node_noprof+0xad/0xf0 [ 64.693258][ T6442] ? bpf_prog_alloc_no_stats+0x54/0x5d0 [ 64.693271][ T6442] bpf_prog_alloc_no_stats+0x54/0x5d0 [ 64.693284][ T6442] ? security_capable+0x7e/0x260 [ 64.693295][ T6442] bpf_prog_alloc+0x3b/0x230 [ 64.693306][ T6442] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.693323][ T6442] bpf_prog_load+0x1a04/0x2490 [ 64.693340][ T6442] ? __pfx_bpf_prog_load+0x10/0x10 [ 64.693361][ T6442] __sys_bpf+0x4a3f/0x4de0 [ 64.693376][ T6442] ? lock_release+0x201/0x2f0 [ 64.693391][ T6442] ? __pfx___sys_bpf+0x10/0x10 [ 64.693411][ T6442] ? ksys_write+0x190/0x250 [ 64.693423][ T6442] ? rcu_is_watching+0x12/0xc0 [ 64.693433][ T6442] ? lock_release+0x201/0x2f0 [ 64.693447][ T6442] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.693463][ T6442] ? htab_map_hash+0x18e/0x880 [ 64.693479][ T6442] ? bpf_trace_run2+0x26b/0x590 [ 64.693496][ T6442] ? __might_fault+0xe3/0x190 [ 64.693507][ T6442] ? __might_fault+0x13b/0x190 [ 64.693519][ T6442] ? rcu_is_watching+0x12/0xc0 [ 64.693529][ T6442] ? __might_fault+0xe3/0x190 [ 64.693540][ T6442] ? lock_release+0x201/0x2f0 [ 64.693555][ T6442] __ia32_sys_bpf+0x76/0xe0 [ 64.693572][ T6442] __do_fast_syscall_32+0x7c/0x3a0 [ 64.693588][ T6442] do_fast_syscall_32+0x32/0x80 [ 64.693602][ T6442] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.693617][ T6442] RIP: 0023:0xf705e579 [ 64.693625][ T6442] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.693635][ T6442] RSP: 002b:00000000f544e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 64.693647][ T6442] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000800054c0 [ 64.693653][ T6442] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 64.693660][ T6442] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 64.693666][ T6442] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.693672][ T6442] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.693680][ T6442] [ 64.968364][ T6445] 9pnet_virtio: no channels available for device syz [ 65.123764][ T6447] binder: 6446:6447 ioctl 80489439 80000100 returned -22 [ 65.177012][ T5976] IPVS: starting estimator thread 0... [ 65.183518][ T6450] tipc: Started in network mode [ 65.187143][ T6450] tipc: Node identity ac1414aa, cluster identity 4711 [ 65.195227][ T6450] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 65.200103][ T6450] tipc: Enabled bearer , priority 10 [ 65.265058][ T6451] IPVS: using max 54 ests per chain, 129600 per kthread [ 65.325037][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 65.475021][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 65.605011][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 65.741000][ T40] kauditd_printk_skb: 99 callbacks suppressed [ 65.741012][ T40] audit: type=1326 audit(1755567020.867:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 65.745041][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 65.749958][ T40] audit: type=1326 audit(1755567020.877:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 65.758937][ T40] audit: type=1326 audit(1755567020.877:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 65.766704][ T40] audit: type=1326 audit(1755567020.877:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 65.775062][ T40] audit: type=1326 audit(1755567020.877:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 65.783512][ T40] audit: type=1326 audit(1755567020.877:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 65.792020][ T40] audit: type=1326 audit(1755567020.877:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fe7598 code=0x7ffc0000 [ 65.800332][ T40] audit: type=1326 audit(1755567020.877:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 65.807972][ T40] audit: type=1326 audit(1755567020.877:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 65.814609][ T40] audit: type=1326 audit(1755567020.877:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.1.113" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fe7579 code=0x7ffc0000 [ 65.895010][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 66.045017][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 66.195019][ T5976] tipc: Node number set to 2886997162 [ 66.345025][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 66.411274][ T6478] ieee802154 phy0 wpan0: encryption failed: -22 [ 66.615007][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 66.621623][ T6483] binder: 6482:6483 ioctl 80489439 80000100 returned -22 [ 66.766580][ T6491] 9pnet_virtio: no channels available for device syz [ 66.956625][ T6501] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 67.145038][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 67.197489][ T61] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 67.345021][ T61] usb 8-1: Using ep0 maxpacket: 8 [ 67.348650][ T61] usb 8-1: config 0 has no interfaces? [ 67.352605][ T61] usb 8-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae [ 67.356966][ T61] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.360635][ T61] usb 8-1: Product: syz [ 67.362093][ T61] usb 8-1: Manufacturer: syz [ 67.363843][ T61] usb 8-1: SerialNumber: syz [ 67.366223][ T61] usb 8-1: config 0 descriptor?? [ 67.415064][ T6015] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 67.565244][ T6015] usb 7-1: Using ep0 maxpacket: 8 [ 67.568193][ T6015] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 67.571547][ T6015] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 67.571584][ T1456] usb 8-1: USB disconnect, device number 3 [ 67.575162][ T6015] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 67.580285][ T6015] usb 7-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 67.584319][ T6015] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 67.587480][ T6015] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 67.596291][ T6015] usbtmc 7-1:16.0: bulk endpoints not found [ 67.785162][ T5987] Bluetooth: hci1: command tx timeout [ 68.331309][ T6552] netlink: 4 bytes leftover after parsing attributes in process `syz.3.131'. [ 68.568475][ T6015] hid (null): report_id 2542072531 is invalid [ 68.572463][ T6015] hid-generic 7FFF:0009:0005.0002: report_id 2542072531 is invalid [ 68.575013][ T6015] hid-generic 7FFF:0009:0005.0002: item 0 4 1 8 parsing failed [ 68.577507][ T6015] hid-generic 7FFF:0009:0005.0002: probe with driver hid-generic failed with error -22 [ 69.113149][ T6569] binder: 6568:6569 ioctl 80489439 80000100 returned -22 [ 69.330509][ T6577] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 69.511574][ T6583] FAULT_INJECTION: forcing a failure. [ 69.511574][ T6583] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 69.517672][ T6583] CPU: 2 UID: 0 PID: 6583 Comm: syz.1.139 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 69.517692][ T6583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.517699][ T6583] Call Trace: [ 69.517702][ T6583] [ 69.517707][ T6583] dump_stack_lvl+0x16c/0x1f0 [ 69.517726][ T6583] should_fail_ex+0x512/0x640 [ 69.517744][ T6583] _copy_from_user+0x2e/0xd0 [ 69.517763][ T6583] move_addr_to_kernel+0x65/0x170 [ 69.517776][ T6583] __sys_bind+0x11b/0x260 [ 69.517787][ T6583] ? __pfx___sys_bind+0x10/0x10 [ 69.517797][ T6583] ? __fget_files+0x20e/0x3c0 [ 69.517813][ T6583] ? __pfx_ksys_write+0x10/0x10 [ 69.517828][ T6583] __ia32_sys_bind+0x71/0xb0 [ 69.517839][ T6583] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 69.517855][ T6583] __do_fast_syscall_32+0x7c/0x3a0 [ 69.517871][ T6583] do_fast_syscall_32+0x32/0x80 [ 69.517886][ T6583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.517901][ T6583] RIP: 0023:0xf7fe7579 [ 69.517909][ T6583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 69.517920][ T6583] RSP: 002b:00000000f550655c EFLAGS: 00000296 ORIG_RAX: 0000000000000169 [ 69.517931][ T6583] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080 [ 69.517938][ T6583] RDX: 0000000000000020 RSI: 0000000000000000 RDI: 0000000000000000 [ 69.517945][ T6583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.517951][ T6583] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 69.517958][ T6583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.517967][ T6583] [ 69.823013][ T6594] netlink: 28 bytes leftover after parsing attributes in process `syz.1.143'. [ 70.144849][ T6600] binder: 6598:6600 ioctl 80489439 80000100 returned -22 [ 70.182209][ T6015] usb 7-1: USB disconnect, device number 3 [ 70.192659][ T6607] netlink: 4 bytes leftover after parsing attributes in process `syz.3.149'. [ 70.196308][ T6607] FAULT_INJECTION: forcing a failure. [ 70.196308][ T6607] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.200607][ T6607] CPU: 2 UID: 0 PID: 6607 Comm: syz.3.149 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 70.200626][ T6607] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.200632][ T6607] Call Trace: [ 70.200636][ T6607] [ 70.200641][ T6607] dump_stack_lvl+0x16c/0x1f0 [ 70.200658][ T6607] should_fail_ex+0x512/0x640 [ 70.200675][ T6607] _copy_from_user+0x2e/0xd0 [ 70.200696][ T6607] get_compat_msghdr+0xa7/0x170 [ 70.200713][ T6607] ? __pfx_get_compat_msghdr+0x10/0x10 [ 70.200727][ T6607] ? kstrtouint_from_user+0x13c/0x1d0 [ 70.200741][ T6607] ___sys_sendmsg+0x1ae/0x1d0 [ 70.200754][ T6607] ? get_pid_task+0xfc/0x250 [ 70.200769][ T6607] ? __pfx____sys_sendmsg+0x10/0x10 [ 70.200785][ T6607] ? rcu_is_watching+0x12/0xc0 [ 70.200801][ T6607] __sys_sendmsg+0x16d/0x220 [ 70.200815][ T6607] ? __pfx___sys_sendmsg+0x10/0x10 [ 70.200831][ T6607] ? rcu_is_watching+0x12/0xc0 [ 70.200843][ T6607] __do_fast_syscall_32+0x7c/0x3a0 [ 70.200858][ T6607] do_fast_syscall_32+0x32/0x80 [ 70.200872][ T6607] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 70.200886][ T6607] RIP: 0023:0xf711e579 [ 70.200895][ T6607] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 70.200905][ T6607] RSP: 002b:00000000f550e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 70.200916][ T6607] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000380 [ 70.200922][ T6607] RDX: 0000000000042000 RSI: 0000000000000000 RDI: 0000000000000000 [ 70.200929][ T6607] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 70.200935][ T6607] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 70.200941][ T6607] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 70.200950][ T6607] [ 70.275012][ C1] net_ratelimit: 2 callbacks suppressed [ 70.275024][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 70.292395][ T6614] netlink: 4 bytes leftover after parsing attributes in process `syz.0.145'. [ 70.487020][ T6624] usb usb8: usbfs: process 6624 (syz.1.152) did not claim interface 0 before use [ 70.545722][ T6616] binder: 6615:6616 ioctl 80489439 80000100 returned -22 [ 70.693049][ T6631] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.777404][ T6631] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.839392][ T6631] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.898499][ T6631] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.906699][ T1419] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.909274][ T1419] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.957770][ T12] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.967617][ T12] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.972917][ T12] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.980417][ T13] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.214253][ T6641] binder: 6640:6641 ioctl 80489439 80000100 returned -22 [ 71.305006][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 71.485147][ T841] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 71.528287][ T6652] FAULT_INJECTION: forcing a failure. [ 71.528287][ T6652] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 71.532454][ T6652] CPU: 3 UID: 0 PID: 6652 Comm: syz.3.162 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 71.532471][ T6652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.532478][ T6652] Call Trace: [ 71.532482][ T6652] [ 71.532486][ T6652] dump_stack_lvl+0x16c/0x1f0 [ 71.532504][ T6652] should_fail_ex+0x512/0x640 [ 71.532521][ T6652] _copy_from_iter+0x29f/0x16f0 [ 71.532539][ T6652] ? rcu_is_watching+0x12/0xc0 [ 71.532551][ T6652] ? lock_acquire+0x2cd/0x350 [ 71.532565][ T6652] ? __pfx__copy_from_iter+0x10/0x10 [ 71.532581][ T6652] ? _parse_integer_limit+0x17f/0x1d0 [ 71.532599][ T6652] ? rcu_is_watching+0x12/0xc0 [ 71.532612][ T6652] tun_get_user+0x26d/0x3ce0 [ 71.532626][ T6652] ? __pfx_tun_get_user+0x10/0x10 [ 71.532637][ T6652] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 71.532655][ T6652] ? tun_get+0x191/0x370 [ 71.532670][ T6652] ? rcu_is_watching+0x12/0xc0 [ 71.532681][ T6652] ? lock_release+0x201/0x2f0 [ 71.532696][ T6652] tun_chr_write_iter+0xdc/0x210 [ 71.532706][ T6652] vfs_write+0x7d3/0x11d0 [ 71.532719][ T6652] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 71.532730][ T6652] ? __pfx_vfs_write+0x10/0x10 [ 71.532742][ T6652] ? lock_release+0x201/0x2f0 [ 71.532758][ T6652] ksys_write+0x12a/0x250 [ 71.532770][ T6652] ? __pfx_ksys_write+0x10/0x10 [ 71.532783][ T6652] ? rcu_is_watching+0x12/0xc0 [ 71.532794][ T6652] __do_fast_syscall_32+0x7c/0x3a0 [ 71.532809][ T6652] do_fast_syscall_32+0x32/0x80 [ 71.532823][ T6652] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 71.532838][ T6652] RIP: 0023:0xf711e579 [ 71.532847][ T6652] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 71.532857][ T6652] RSP: 002b:00000000f550e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 71.532868][ T6652] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000240 [ 71.532874][ T6652] RDX: 000000000000007e RSI: 0000000000000000 RDI: 0000000000000000 [ 71.532881][ T6652] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 71.532887][ T6652] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 71.532893][ T6652] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 71.532902][ T6652] [ 71.635131][ T841] usb 6-1: Using ep0 maxpacket: 8 [ 71.638002][ T841] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config [ 71.641815][ T841] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 71.646367][ T841] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 71.650417][ T841] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 71.655707][ T841] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 71.659531][ T841] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.666904][ T841] usbtmc 6-1:16.0: bulk endpoints not found [ 71.803296][ T6659] veth0_to_hsr: entered promiscuous mode [ 71.806179][ T6659] veth0_to_hsr: entered allmulticast mode [ 71.808582][ T6659] veth0_to_hsr: left allmulticast mode [ 71.810382][ T6659] veth0_to_hsr: left promiscuous mode [ 71.925812][ T6667] input: syz0 as /devices/virtual/input/input5 [ 72.002864][ T6665] binder: 6664:6665 ioctl 80489439 80000100 returned -22 [ 72.052005][ T6672] FAULT_INJECTION: forcing a failure. [ 72.052005][ T6672] name failslab, interval 1, probability 0, space 0, times 0 [ 72.057034][ T6672] CPU: 1 UID: 0 PID: 6672 Comm: syz.2.170 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 72.057058][ T6672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.057069][ T6672] Call Trace: [ 72.057075][ T6672] [ 72.057082][ T6672] dump_stack_lvl+0x16c/0x1f0 [ 72.057107][ T6672] should_fail_ex+0x512/0x640 [ 72.057130][ T6672] ? rds_message_alloc+0x42/0x230 [ 72.057167][ T6672] should_failslab+0xc2/0x120 [ 72.057190][ T6672] __kmalloc_noprof+0xd2/0x510 [ 72.057210][ T6672] ? rds_sendmsg+0x747/0x31f0 [ 72.057229][ T6672] ? rcu_is_watching+0x12/0xc0 [ 72.057247][ T6672] ? rds_sendmsg+0x747/0x31f0 [ 72.057268][ T6672] rds_message_alloc+0x42/0x230 [ 72.057293][ T6672] rds_sendmsg+0xb5d/0x31f0 [ 72.057315][ T6672] ? __pfx_kstrtouint+0x10/0x10 [ 72.057339][ T6672] ? __pfx_rds_sendmsg+0x10/0x10 [ 72.057359][ T6672] ? aa_sk_perm+0x2f4/0xb10 [ 72.057382][ T6672] ? __pfx_aa_sk_perm+0x10/0x10 [ 72.057404][ T6672] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 72.057422][ T6672] ? __sys_sendto+0x4a3/0x520 [ 72.057441][ T6672] __sys_sendto+0x4a3/0x520 [ 72.057458][ T6672] ? __pfx___sys_sendto+0x10/0x10 [ 72.057485][ T6672] ? ksys_write+0x1ac/0x250 [ 72.057505][ T6672] ? __pfx_ksys_write+0x10/0x10 [ 72.057523][ T6672] __ia32_sys_sendto+0xdd/0x1b0 [ 72.057542][ T6672] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 72.057566][ T6672] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 72.057589][ T6672] __do_fast_syscall_32+0x7c/0x3a0 [ 72.057612][ T6672] do_fast_syscall_32+0x32/0x80 [ 72.057634][ T6672] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.057653][ T6672] RIP: 0023:0xf706e579 [ 72.057666][ T6672] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 72.057683][ T6672] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000171 [ 72.057699][ T6672] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000000 [ 72.057710][ T6672] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.057719][ T6672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.057727][ T6672] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 72.057738][ T6672] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.057752][ T6672] [ 72.345068][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 72.389799][ T6678] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 72.887718][ T6689] syzkaller0: entered promiscuous mode [ 72.889623][ T6689] syzkaller0: entered allmulticast mode [ 73.045080][ T6015] usb 5-1: new low-speed USB device number 4 using dummy_hcd [ 73.195193][ T6015] usb 5-1: Invalid ep0 maxpacket: 16 [ 73.335168][ T6015] usb 5-1: new low-speed USB device number 5 using dummy_hcd [ 73.385039][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 73.495122][ T6015] usb 5-1: Invalid ep0 maxpacket: 16 [ 73.497306][ T6015] usb usb5-port1: attempt power cycle [ 73.845100][ T6015] usb 5-1: new low-speed USB device number 6 using dummy_hcd [ 73.875932][ T6015] usb 5-1: Invalid ep0 maxpacket: 16 [ 74.015152][ T6015] usb 5-1: new low-speed USB device number 7 using dummy_hcd [ 74.035549][ T6015] usb 5-1: Invalid ep0 maxpacket: 16 [ 74.037684][ T6015] usb usb5-port1: unable to enumerate USB device [ 74.247200][ T1456] usb 6-1: USB disconnect, device number 3 [ 74.425052][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 74.486822][ T6708] 8021q: adding VLAN 0 to HW filter on device bond1 [ 74.517694][ T6711] binder: 6710:6711 ioctl c0306201 800000c0 returned -14 [ 74.544320][ T6713] Zero length message leads to an empty skb [ 74.825152][ T5977] Bluetooth: hci3: command 0x0405 tx timeout [ 75.207874][ T6718] evm: overlay not supported [ 75.423976][ T6720] bridge0: port 3(syz_tun) entered blocking state [ 75.426438][ T6720] bridge0: port 3(syz_tun) entered disabled state [ 75.428589][ T6720] syz_tun: entered allmulticast mode [ 75.430867][ T6720] syz_tun: entered promiscuous mode [ 75.432847][ T6720] bridge0: port 3(syz_tun) entered blocking state [ 75.435231][ T6720] bridge0: port 3(syz_tun) entered forwarding state [ 75.457703][ T6720] syz_tun: left allmulticast mode [ 75.459672][ T6720] syz_tun: left promiscuous mode [ 75.461623][ T6720] bridge0: port 3(syz_tun) entered disabled state [ 75.465062][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 75.467465][ T6720] bridge_slave_0: left allmulticast mode [ 75.469321][ T6720] bridge_slave_0: left promiscuous mode [ 75.471232][ T6720] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.475324][ T6720] bridge_slave_1: left allmulticast mode [ 75.477327][ T6720] bridge_slave_1: left promiscuous mode [ 75.479203][ T6720] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.483356][ T6720] bond0: (slave bond_slave_0): Releasing backup interface [ 75.487728][ T6720] bond0: (slave bond_slave_1): Releasing backup interface [ 75.493549][ T6720] team0: Port device team_slave_0 removed [ 75.497301][ T6720] team0: Port device team_slave_1 removed [ 75.499485][ T6720] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.501881][ T6720] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.504792][ T6720] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.507277][ T6720] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.721137][ T6726] input: syz0 as /devices/virtual/input/input6 [ 75.780647][ T6729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.187'. [ 75.783593][ T6729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.187'. [ 76.039831][ T6739] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.221774][ T6739] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.325804][ T6739] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.439877][ T6739] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 76.504997][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 76.682991][ T12] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.696555][ T12] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.704351][ T12] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.714357][ T1158] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 76.791852][ T6746] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 76.893611][ T6752] netlink: 16 bytes leftover after parsing attributes in process `syz.2.194'. [ 77.505001][ T72] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 77.512172][ T6752] syz.2.194 (6752): drop_caches: 2 [ 77.545001][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 77.675063][ T72] usb 5-1: Using ep0 maxpacket: 32 [ 77.678570][ T72] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 77.681372][ T72] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 77.705482][ T6768] Invalid ELF header magic: != ELF [ 77.760225][ T72] usb 5-1: config 0 descriptor?? [ 77.763805][ T72] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 78.175534][ T6761] netlink: 24 bytes leftover after parsing attributes in process `syz.0.196'. [ 78.463263][ T6785] tmpfs: User quota block hardlimit too large. [ 78.495178][ T841] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 78.505084][ T5987] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 78.507664][ T5987] Bluetooth: hci1: Injecting HCI hardware error event [ 78.509932][ T5987] Bluetooth: hci1: hardware error 0x00 [ 78.585033][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 78.655118][ T841] usb 6-1: Using ep0 maxpacket: 8 [ 78.659048][ T841] usb 6-1: unable to get BOS descriptor or descriptor too short [ 78.663183][ T841] usb 6-1: config 4 has an invalid interface number: 30 but max is 0 [ 78.668340][ T6793] ubi31: attaching mtd0 [ 78.670195][ T6793] ubi31: scanning is finished [ 78.671732][ T6793] ubi31: empty MTD device detected [ 78.673892][ T841] usb 6-1: config 4 has no interface number 0 [ 78.675903][ T841] usb 6-1: config 4 interface 30 has no altsetting 0 [ 78.680456][ T841] usb 6-1: string descriptor 0 read error: -22 [ 78.682479][ T841] usb 6-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88 [ 78.685872][ T841] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 78.693447][ T841] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state. [ 78.699621][ T841] dw2102: su3000_power_ctrl: 1, initialized 0 [ 78.701766][ T841] dvb-usb: bulk message failed: -22 (2/0) [ 78.704230][ T841] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 78.708628][ T841] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2)) [ 78.711307][ T841] usb 6-1: media controller created [ 78.713189][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.715714][ T841] dw2102: i2c transfer failed. [ 78.717493][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.719551][ T841] dw2102: i2c transfer failed. [ 78.721184][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.723393][ T841] dw2102: i2c transfer failed. [ 78.724912][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.727059][ T841] dw2102: i2c transfer failed. [ 78.728735][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.730638][ T841] dw2102: i2c transfer failed. [ 78.732174][ T841] dvb-usb: bulk message failed: -22 (6/0) [ 78.734179][ T841] dw2102: i2c transfer failed. [ 78.736184][ T841] dvb-usb: MAC address: 02:02:02:02:02:02 [ 78.740475][ T6793] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB) [ 78.742398][ T841] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 78.750666][ T6793] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 78.750748][ T841] dvb-usb: bulk message failed: -22 (3/0) [ 78.755038][ T6793] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 78.755621][ T841] dw2102: command 0x0e transfer failed. [ 78.759186][ T841] dvb-usb: bulk message failed: -22 (3/0) [ 78.761066][ T841] dw2102: command 0x0e transfer failed. [ 78.765260][ T6793] ubi31: VID header offset: 64 (aligned 64), data offset: 128 [ 78.767614][ T6793] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 78.770092][ T6793] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 78.772581][ T6793] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2158181592 [ 78.775829][ T6793] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 78.779399][ T6797] ubi31: background thread "ubi_bgt31d" started, PID 6797 [ 78.844712][ T5977] Bluetooth: hci3: unexpected event for opcode 0x0c58 [ 79.095033][ T841] dvb-usb: bulk message failed: -22 (3/0) [ 79.097128][ T841] dw2102: command 0x0e transfer failed. [ 79.098899][ T841] dvb-usb: bulk message failed: -22 (3/0) [ 79.100735][ T841] dw2102: command 0x0e transfer failed. [ 79.102442][ T841] dvb-usb: bulk message failed: -22 (1/0) [ 79.104216][ T841] dw2102: command 0x51 transfer failed. [ 79.183958][ T72] usb 5-1: USB disconnect, device number 8 [ 79.223890][ T841] dvb-usb: bulk message failed: -22 (5/0) [ 79.226102][ T841] dw2102: i2c probe for address 0x68 failed. [ 79.227938][ T841] dvb-usb: bulk message failed: -22 (5/0) [ 79.229954][ T841] dw2102: i2c probe for address 0x69 failed. [ 79.231919][ T841] dvb-usb: bulk message failed: -22 (5/0) [ 79.233726][ T841] dw2102: i2c probe for address 0x6a failed. [ 79.235771][ T841] dw2102: probing for demodulator failed. Is the external power switched on? [ 79.238513][ T841] dvb-usb: no frontend was attached by 'TeVii S482 (tuner 2)' [ 79.285114][ T841] rc_core: IR keymap rc-tt-1500 not found [ 79.287620][ T841] Registered IR keymap rc-empty [ 79.290666][ T841] rc rc0: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0 [ 79.295433][ T841] input: TeVii S482 (tuner 2) as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input7 [ 79.300655][ T841] dvb-usb: schedule remote query interval to 250 msecs. [ 79.302942][ T841] dw2102: su3000_power_ctrl: 0, initialized 1 [ 79.305336][ T841] dvb-usb: TeVii S482 (tuner 2) successfully initialized and connected. [ 79.309022][ T841] usb 6-1: USB disconnect, device number 4 [ 79.322865][ T841] dvb-usb: TeVii S482 (tuner 2) successfully deinitialized and disconnected. [ 79.635029][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 79.732627][ T6814] bridge0: port 3(syz_tun) entered blocking state [ 79.735169][ T6814] bridge0: port 3(syz_tun) entered disabled state [ 79.739530][ T6814] syz_tun: entered allmulticast mode [ 79.743864][ T6814] syz_tun: entered promiscuous mode [ 79.746141][ T6814] bridge0: port 3(syz_tun) entered blocking state [ 79.748168][ T6814] bridge0: port 3(syz_tun) entered forwarding state [ 79.772599][ T6814] syz_tun: left allmulticast mode [ 79.774323][ T6814] syz_tun: left promiscuous mode [ 79.776183][ T6814] bridge0: port 3(syz_tun) entered disabled state [ 79.782283][ T6814] bridge_slave_0: left allmulticast mode [ 79.784164][ T6814] bridge_slave_0: left promiscuous mode [ 79.788118][ T6814] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.791629][ T6814] bridge_slave_1: left allmulticast mode [ 79.793517][ T6814] bridge_slave_1: left promiscuous mode [ 79.794406][ T5977] Bluetooth: hci1: unexpected event for opcode 0x2060 [ 79.796262][ T6814] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.803507][ T6814] bond0: (slave bond_slave_0): Releasing backup interface [ 79.808289][ T6814] bond0: (slave bond_slave_1): Releasing backup interface [ 79.812903][ T6814] team0: Port device team_slave_0 removed [ 79.816517][ T6814] team0: Port device team_slave_1 removed [ 79.818697][ T6814] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.821061][ T6814] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.823987][ T6814] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.828250][ T6814] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.245076][ T1456] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 80.395169][ T1456] usb 5-1: Using ep0 maxpacket: 16 [ 80.401802][ T1456] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping [ 80.406039][ T1456] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 80.409212][ T1456] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 80.414461][ T1456] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 80.417547][ T1456] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.420332][ T1456] usb 5-1: Product: syz [ 80.421707][ T1456] usb 5-1: Manufacturer: syz [ 80.425295][ T1456] usb 5-1: SerialNumber: syz [ 80.585148][ T5987] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 80.665014][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 80.835720][ T1456] usb 5-1: 0:2 : does not exist [ 80.912920][ T6845] warning: `syz.1.225' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 81.155428][ T29] cfg80211: failed to load regulatory.db [ 81.200733][ T6848] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 81.645943][ T1456] usb 5-1: 1:0: failed to get current value for ch 0 (-22) [ 81.657792][ T1456] usb 5-1: USB disconnect, device number 9 [ 81.670273][ T5974] udevd[5974]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory [ 81.705059][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 81.722106][ T6852] gtp0: entered promiscuous mode [ 81.766372][ T6852] netlink: 4 bytes leftover after parsing attributes in process `syz.3.226'. [ 82.205079][ T6068] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 82.341809][ T6862] netlink: 'syz.0.229': attribute type 3 has an invalid length. [ 82.344766][ T6862] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.229'. [ 82.506512][ T6068] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 82.509961][ T6068] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 82.513064][ T6068] usb 6-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00 [ 82.516159][ T6068] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.520217][ T6068] usb 6-1: config 0 descriptor?? [ 82.728163][ T6068] usbhid 6-1:0.0: can't add hid device: -71 [ 82.730165][ T6068] usbhid 6-1:0.0: probe with driver usbhid failed with error -71 [ 82.733582][ T6068] usb 6-1: USB disconnect, device number 5 [ 82.745011][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 82.893400][ T6872] bridge_slave_0: left allmulticast mode [ 82.895268][ T6872] bridge_slave_0: left promiscuous mode [ 82.897111][ T6872] bridge0: port 1(bridge_slave_0) entered disabled state [ 82.900774][ T6872] bridge_slave_1: left allmulticast mode [ 82.902646][ T6872] bridge_slave_1: left promiscuous mode [ 82.904560][ T6872] bridge0: port 2(bridge_slave_1) entered disabled state [ 82.909166][ T6872] bond0: (slave bond_slave_0): Releasing backup interface [ 82.912833][ T6872] bond0: (slave bond_slave_1): Releasing backup interface [ 82.918232][ T6872] team0: Port device team_slave_0 removed [ 82.923402][ T6872] team0: Port device team_slave_1 removed [ 82.926393][ T6872] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 82.929026][ T6872] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 82.932031][ T6872] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 82.934455][ T6872] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 83.057059][ T6879] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 83.075166][ T6877] ALSA: mixer_oss: invalid index 40000 [ 83.117803][ T6881] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.198664][ T6881] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.220311][ T6885] capability: warning: `syz.0.237' uses deprecated v2 capabilities in a way that may be insecure [ 83.294638][ T6881] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.351829][ T6881] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 83.426004][ T1158] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.428566][ T1158] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.431066][ T1158] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.466843][ T46] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 83.525037][ T10] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 83.678417][ T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 83.682117][ T10] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 83.685454][ T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 83.688970][ T10] usb 6-1: config 0 descriptor?? [ 83.694270][ T10] pwc: Askey VC010 type 2 USB webcam detected. [ 83.785135][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 84.102738][ T10] pwc: recv_control_msg error -32 req 02 val 2b00 [ 84.115042][ T10] pwc: recv_control_msg error -32 req 02 val 2700 [ 84.120278][ T10] pwc: recv_control_msg error -32 req 02 val 2c00 [ 84.144451][ T6894] gtp0: entered promiscuous mode [ 84.155950][ T6894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.240'. [ 84.337146][ T10] pwc: recv_control_msg error -32 req 04 val 1300 [ 84.339802][ T10] pwc: recv_control_msg error -32 req 04 val 1400 [ 84.342657][ T10] pwc: recv_control_msg error -32 req 02 val 2000 [ 84.345750][ T10] pwc: recv_control_msg error -32 req 02 val 2100 [ 84.349960][ T10] pwc: recv_control_msg error -32 req 04 val 1500 [ 84.353808][ T10] pwc: recv_control_msg error -32 req 02 val 2500 [ 84.358174][ T10] pwc: recv_control_msg error -32 req 02 val 2400 [ 84.361208][ T10] pwc: recv_control_msg error -32 req 02 val 2600 [ 84.391477][ T6908] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 84.566255][ T10] pwc: recv_control_msg error -71 req 02 val 2800 [ 84.568907][ T10] pwc: recv_control_msg error -71 req 04 val 1100 [ 84.571460][ T10] pwc: recv_control_msg error -71 req 04 val 1200 [ 84.575927][ T10] pwc: Registered as video103. [ 84.580688][ T10] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb6/6-1/input/input8 [ 84.591335][ T10] usb 6-1: USB disconnect, device number 6 [ 84.825039][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 85.098470][ T6922] bridge0: port 3(syz_tun) entered blocking state [ 85.100598][ T6922] bridge0: port 3(syz_tun) entered disabled state [ 85.102834][ T6922] syz_tun: entered allmulticast mode [ 85.105407][ T6922] syz_tun: entered promiscuous mode [ 85.107474][ T6922] bridge0: port 3(syz_tun) entered blocking state [ 85.109542][ T6922] bridge0: port 3(syz_tun) entered forwarding state [ 85.161790][ T6929] ALSA: mixer_oss: invalid index 40000 [ 85.312327][ T6933] bridge0: port 1(syz_tun) entered blocking state [ 85.315788][ T6933] bridge0: port 1(syz_tun) entered disabled state [ 85.318502][ T6933] syz_tun: entered allmulticast mode [ 85.321383][ T6933] syz_tun: entered promiscuous mode [ 85.323720][ T6933] bridge0: port 1(syz_tun) entered blocking state [ 85.325826][ T6933] bridge0: port 1(syz_tun) entered forwarding state [ 85.865021][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 86.735035][ T6068] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 86.887251][ T6068] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 86.891581][ T6068] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 86.905183][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 86.905472][ T6068] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.911603][ T6068] usb 7-1: config 0 descriptor?? [ 86.915357][ T6068] pwc: Askey VC010 type 2 USB webcam detected. [ 87.096814][ T6967] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2147484288 (4294968576 ns) > initial count (34 ns). Using initial count to start timer. [ 87.319666][ T6068] pwc: recv_control_msg error -32 req 02 val 2b00 [ 87.322346][ T6068] pwc: recv_control_msg error -32 req 02 val 2700 [ 87.325709][ T6068] pwc: recv_control_msg error -32 req 02 val 2c00 [ 87.529261][ T6068] pwc: recv_control_msg error -32 req 04 val 1300 [ 87.532848][ T6068] pwc: recv_control_msg error -32 req 04 val 1400 [ 87.538036][ T6068] pwc: recv_control_msg error -32 req 02 val 2000 [ 87.540840][ T6068] pwc: recv_control_msg error -32 req 02 val 2100 [ 87.543998][ T6068] pwc: recv_control_msg error -32 req 04 val 1500 [ 87.547111][ T6068] pwc: recv_control_msg error -32 req 02 val 2500 [ 87.549688][ T6068] pwc: recv_control_msg error -32 req 02 val 2400 [ 87.552179][ T6068] pwc: recv_control_msg error -32 req 02 val 2600 [ 87.755729][ T6068] pwc: recv_control_msg error -71 req 02 val 2800 [ 87.758303][ T6068] pwc: recv_control_msg error -71 req 04 val 1100 [ 87.764720][ T6068] pwc: recv_control_msg error -71 req 04 val 1200 [ 87.767886][ T6068] pwc: Registered as video103. [ 87.772997][ T6068] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb7/7-1/input/input9 [ 87.781720][ T6068] usb 7-1: USB disconnect, device number 4 [ 87.897403][ T6988] 9pnet_fd: Insufficient options for proto=fd [ 87.945042][ C1] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 88.346617][ T5987] Bluetooth: hci3: unexpected event for opcode 0x0c58 [ 88.985158][ C2] IPVS: nq: UDP 224.0.0.2:0 - no destination available [ 89.324734][ T7021] ------------[ cut here ]------------ [ 89.327040][ T7021] UBSAN: shift-out-of-bounds in drivers/comedi/drivers/pcl726.c:331:46 [ 89.331088][ T7021] shift exponent -4 is negative [ 89.333646][ T7021] CPU: 3 UID: 0 PID: 7021 Comm: syz.2.282 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 89.333665][ T7021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.333674][ T7021] Call Trace: [ 89.333680][ T7021] [ 89.333684][ T7021] dump_stack_lvl+0x16c/0x1f0 [ 89.333704][ T7021] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 [ 89.333721][ T7021] pcl726_attach.cold+0x19/0x1e [ 89.333736][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.333748][ T7021] ? __might_fault+0xe3/0x190 [ 89.333762][ T7021] comedi_device_attach+0x3b0/0x900 [ 89.333780][ T7021] do_devconfig_ioctl+0x1b1/0x710 [ 89.333790][ T7021] ? __mutex_lock+0x1c5/0x1060 [ 89.333805][ T7021] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 89.333818][ T7021] ? kasan_save_stack+0x42/0x60 [ 89.333831][ T7021] ? kasan_save_stack+0x33/0x60 [ 89.333842][ T7021] ? kasan_save_track+0x14/0x30 [ 89.333854][ T7021] ? kasan_save_free_info+0x3b/0x60 [ 89.333864][ T7021] ? __kasan_slab_free+0x60/0x70 [ 89.333877][ T7021] ? kfree+0x2b4/0x4d0 [ 89.333886][ T7021] ? tomoyo_path_number_perm+0x470/0x580 [ 89.333901][ T7021] comedi_unlocked_ioctl+0x165d/0x2f00 [ 89.333916][ T7021] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 89.333932][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.333943][ T7021] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 89.333961][ T7021] ? tomoyo_path_number_perm+0x295/0x580 [ 89.333974][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.333985][ T7021] ? lock_release+0x201/0x2f0 [ 89.334000][ T7021] ? tomoyo_path_number_perm+0x18d/0x580 [ 89.334013][ T7021] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 89.334028][ T7021] comedi_compat_ioctl+0x1d0/0x990 [ 89.334040][ T7021] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 89.334052][ T7021] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.334069][ T7021] ? do_vfs_ioctl+0x128/0x14f0 [ 89.334087][ T7021] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 89.334105][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.334116][ T7021] ? __fget_files+0x204/0x3c0 [ 89.334129][ T7021] ? hook_file_ioctl_common+0x145/0x410 [ 89.334145][ T7021] ? __fget_files+0x20e/0x3c0 [ 89.334156][ T7021] ? __ia32_compat_sys_openat+0x150/0x210 [ 89.334168][ T7021] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 89.334180][ T7021] __ia32_compat_sys_ioctl+0x242/0x370 [ 89.334199][ T7021] __do_fast_syscall_32+0x7c/0x3a0 [ 89.334215][ T7021] do_fast_syscall_32+0x32/0x80 [ 89.334229][ T7021] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.334244][ T7021] RIP: 0023:0xf706e579 [ 89.334252][ T7021] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 89.334263][ T7021] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 89.334274][ T7021] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 89.334281][ T7021] RDX: 00000000800005c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 89.334287][ T7021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 89.334293][ T7021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.334299][ T7021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 89.334309][ T7021] [ 89.334313][ T7021] ---[ end trace ]--- [ 89.442105][ T7021] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 89.444400][ T7021] CPU: 3 UID: 0 PID: 7021 Comm: syz.2.282 Not tainted 6.17.0-rc2-syzkaller-00028-gbe48bcf004f9 #0 PREEMPT(full) [ 89.448125][ T7021] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.451806][ T7021] Call Trace: [ 89.453006][ T7021] [ 89.454023][ T7021] dump_stack_lvl+0x3d/0x1f0 [ 89.455671][ T7021] vpanic+0x6e8/0x7a0 [ 89.457305][ T7021] ? __pfx_vpanic+0x10/0x10 [ 89.459074][ T7021] ? __pfx_vprintk_emit+0x10/0x10 [ 89.460950][ T7021] panic+0xca/0xd0 [ 89.462159][ T7021] ? __pfx_panic+0x10/0x10 [ 89.463610][ T7021] check_panic_on_warn+0xab/0xb0 [ 89.465175][ T7021] __ubsan_handle_shift_out_of_bounds+0x2a6/0x420 [ 89.467330][ T7021] pcl726_attach.cold+0x19/0x1e [ 89.469132][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.471050][ T7021] ? __might_fault+0xe3/0x190 [ 89.472863][ T7021] comedi_device_attach+0x3b0/0x900 [ 89.474547][ T7021] do_devconfig_ioctl+0x1b1/0x710 [ 89.476182][ T7021] ? __mutex_lock+0x1c5/0x1060 [ 89.477715][ T7021] ? __pfx_do_devconfig_ioctl+0x10/0x10 [ 89.479400][ T7021] ? kasan_save_stack+0x42/0x60 [ 89.480964][ T7021] ? kasan_save_stack+0x33/0x60 [ 89.482532][ T7021] ? kasan_save_track+0x14/0x30 [ 89.484082][ T7021] ? kasan_save_free_info+0x3b/0x60 [ 89.485723][ T7021] ? __kasan_slab_free+0x60/0x70 [ 89.487287][ T7021] ? kfree+0x2b4/0x4d0 [ 89.488587][ T7021] ? tomoyo_path_number_perm+0x470/0x580 [ 89.490394][ T7021] comedi_unlocked_ioctl+0x165d/0x2f00 [ 89.492128][ T7021] ? __pfx_comedi_unlocked_ioctl+0x10/0x10 [ 89.493982][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.495533][ T7021] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 89.497504][ T7021] ? tomoyo_path_number_perm+0x295/0x580 [ 89.499312][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.500835][ T7021] ? lock_release+0x201/0x2f0 [ 89.502360][ T7021] ? tomoyo_path_number_perm+0x18d/0x580 [ 89.504149][ T7021] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 89.506116][ T7021] comedi_compat_ioctl+0x1d0/0x990 [ 89.507743][ T7021] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 89.509697][ T7021] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 89.511602][ T7021] ? do_vfs_ioctl+0x128/0x14f0 [ 89.513185][ T7021] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 89.514762][ T7021] ? rcu_is_watching+0x12/0xc0 [ 89.516501][ T7021] ? __fget_files+0x204/0x3c0 [ 89.518025][ T7021] ? hook_file_ioctl_common+0x145/0x410 [ 89.519806][ T7021] ? __fget_files+0x20e/0x3c0 [ 89.521400][ T7021] ? __ia32_compat_sys_openat+0x150/0x210 [ 89.523578][ T7021] ? __pfx_comedi_compat_ioctl+0x10/0x10 [ 89.525841][ T7021] __ia32_compat_sys_ioctl+0x242/0x370 [ 89.527842][ T7021] __do_fast_syscall_32+0x7c/0x3a0 [ 89.529846][ T7021] do_fast_syscall_32+0x32/0x80 [ 89.531416][ T7021] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.533456][ T7021] RIP: 0023:0xf706e579 [ 89.534950][ T7021] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 89.542475][ T7021] RSP: 002b:00000000f545e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 89.545090][ T7021] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000040946400 [ 89.547578][ T7021] RDX: 00000000800005c0 RSI: 0000000000000000 RDI: 0000000000000000 [ 89.550085][ T7021] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 89.552571][ T7021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.555005][ T7021] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 89.557515][ T7021] [ 89.559453][ T7021] Kernel Offset: disabled [ 89.560875][ T7021] Rebooting in 86400 seconds.. VM DIAGNOSIS: 01:30:44 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffffea0001bb01c0 RCX=ffffffff81f0b7ec RDX=ffff888027974880 RSI=ffffffff81f0a5ba RDI=ffffea0001bb01c0 RBP=ffffea0001bb01c0 RSP=ffffc90006f775f8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=000000000000001e R12=ffffea0001bb01c0 R13=0000000000000000 R14=ffffc90006f778c8 R15=0000000000000015 RIP=ffffffff81f0a5ba RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880974c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f74b6288 CR3=000000000e380000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffffea000196ca80 RCX=ffffffff81f5a8bf RDX=ffff888021460000 RSI=0000000000000000 RDI=0000000000000001 RBP=000000000000000f RSP=ffffc90006f071d8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000000 R11=0000000000007b9c R12=ffffc90006f0734c R13=dffffc0000000000 R14=ffffc90006f073b0 R15=0000000000000000 RIP=ffffffff81f5a8bf RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880975c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000032323ffc CR3=000000004cd2f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f7404ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000113344 RBX=0000000000000002 RCX=ffffffff8b908bf9 RDX=ffffed1005686656 RSI=ffffffff8c162c80 RDI=ffffffff8190cd41 RBP=ffffed1003a5a910 RSP=ffffc9000047fdf8 R8 =0000000000000000 R9 =ffffed1005686655 R10=ffff88802b4332ab R11=0000000000000001 R12=0000000000000002 R13=ffff88801d2d4880 R14=ffffffff90ab7590 R15=0000000000000000 RIP=ffffffff8b90775f RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880976c4000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c31c723 CR3=000000004ba51000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85616c45 RDI=ffffffff9b0f8680 RBP=ffffffff9b0f8640 RSP=ffffc90006fd7250 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=552033203a555043 R12=0000000000000000 R13=0000000000000031 R14=ffffffff9b0f8640 R15=ffffffff85616be0 RIP=ffffffff85616c6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977c4000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080012000 CR3=00000000525fb000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4e4f4954504f5f4e 4153410063657865 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000